mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a18d0161ef
wolfssl/tests/api.c

85945 lines
3.1 MiB
Raw Blame History

/* api.c API unit tests
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* For AES-CBC, input lengths can optionally be validated to be a
* multiple of the block size, by defining WOLFSSL_AES_CBC_LENGTH_CHECKS,
* also available via the configure option --enable-aescbc-length-checks.
*/
/*----------------------------------------------------------------------------*
| Includes
*----------------------------------------------------------------------------*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/hash.h>
#if defined(WOLFSSL_STATIC_MEMORY)
#include <wolfssl/wolfcrypt/memory.h>
#endif
#ifdef WOLFSSL_ASNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h> /* wc_ecc_fp_free */
#ifdef WOLFSSL_SM2
#include <wolfssl/wolfcrypt/sm2.h>
#endif
#endif
#ifndef NO_ASN
#include <wolfssl/wolfcrypt/asn_public.h>
#endif
#include <stdlib.h>
#include <wolfssl/ssl.h> /* compatibility layer */
#include <wolfssl/error-ssl.h>
#include <wolfssl/test.h>
#include <tests/unit.h>
#include <tests/utils.h>
/* for testing compatibility layer callbacks */
#include "examples/server/server.h"
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
#endif
#ifndef NO_SHA
#include <wolfssl/wolfcrypt/sha.h>
#endif
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
#endif
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
#endif
#ifdef WOLFSSL_SHA384
#include <wolfssl/wolfcrypt/sha512.h>
#endif
#ifdef WOLFSSL_SHA3
#include <wolfssl/wolfcrypt/sha3.h>
#endif
#ifdef WOLFSSL_SM3
#include <wolfssl/wolfcrypt/sm3.h>
#endif
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#ifdef HAVE_AES_DECRYPT
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#endif
#endif
#ifdef WOLFSSL_SM4
#include <wolfssl/wolfcrypt/sm4.h>
#endif
#ifdef WOLFSSL_RIPEMD
#include <wolfssl/wolfcrypt/ripemd.h>
#endif
#ifndef NO_DES3
#include <wolfssl/wolfcrypt/des3.h>
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#endif
#ifdef WC_RC2
#include <wolfssl/wolfcrypt/rc2.h>
#endif
#ifndef NO_HMAC
#include <wolfssl/wolfcrypt/hmac.h>
#endif
#ifdef HAVE_CHACHA
#include <wolfssl/wolfcrypt/chacha.h>
#endif
#ifdef HAVE_POLY1305
#include <wolfssl/wolfcrypt/poly1305.h>
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
#endif
#ifdef HAVE_CAMELLIA
#include <wolfssl/wolfcrypt/camellia.h>
#endif
#ifndef NO_RC4
#include <wolfssl/wolfcrypt/arc4.h>
#endif
#ifdef HAVE_BLAKE2
#include <wolfssl/wolfcrypt/blake2.h>
#endif
#ifndef NO_RSA
#include <wolfssl/wolfcrypt/rsa.h>
#endif
#ifndef NO_SIG_WRAPPER
#include <wolfssl/wolfcrypt/signature.h>
#endif
#ifdef HAVE_AESCCM
#include <wolfssl/wolfcrypt/aes.h>
#endif
#ifdef HAVE_PKCS7
#include <wolfssl/wolfcrypt/pkcs7.h>
#include <wolfssl/wolfcrypt/asn.h>
#ifdef HAVE_LIBZ
#include <wolfssl/wolfcrypt/compress.h>
#endif
#endif
#ifdef WOLFSSL_SMALL_CERT_VERIFY
#include <wolfssl/wolfcrypt/asn.h>
#endif
#ifndef NO_DSA
#include <wolfssl/wolfcrypt/dsa.h>
#endif
#ifdef WOLFSSL_CMAC
#include <wolfssl/wolfcrypt/cmac.h>
#endif
#ifdef HAVE_ED25519
#include <wolfssl/wolfcrypt/ed25519.h>
#endif
#ifdef HAVE_CURVE25519
#include <wolfssl/wolfcrypt/curve25519.h>
#endif
#ifdef HAVE_ED448
#include <wolfssl/wolfcrypt/ed448.h>
#endif
#ifdef HAVE_CURVE448
#include <wolfssl/wolfcrypt/curve448.h>
#endif
#ifdef WOLFSSL_HAVE_KYBER
#include <wolfssl/wolfcrypt/kyber.h>
#ifdef WOLFSSL_WC_KYBER
#include <wolfssl/wolfcrypt/wc_kyber.h>
#endif
#endif
#ifdef HAVE_DILITHIUM
#include <wolfssl/wolfcrypt/dilithium.h>
#endif
#ifdef HAVE_PKCS12
#include <wolfssl/wolfcrypt/pkcs12.h>
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(OPENSSL_ALL)
#include <wolfssl/openssl/ssl.h>
#ifndef NO_ASN
/* for ASN_COMMON_NAME DN_tags enum */
#include <wolfssl/wolfcrypt/asn.h>
#endif
#ifdef HAVE_OCSP
#include <wolfssl/openssl/ocsp.h>
#endif
#endif
#ifdef OPENSSL_EXTRA
#include <wolfssl/openssl/cmac.h>
#include <wolfssl/openssl/x509v3.h>
#include <wolfssl/openssl/asn1.h>
#include <wolfssl/openssl/crypto.h>
#include <wolfssl/openssl/pkcs12.h>
#include <wolfssl/openssl/evp.h>
#include <wolfssl/openssl/dh.h>
#include <wolfssl/openssl/bn.h>
#include <wolfssl/openssl/buffer.h>
#include <wolfssl/openssl/pem.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/openssl/ecdh.h>
#include <wolfssl/openssl/engine.h>
#include <wolfssl/openssl/hmac.h>
#include <wolfssl/openssl/objects.h>
#include <wolfssl/openssl/rand.h>
#include <wolfssl/openssl/modes.h>
#include <wolfssl/openssl/fips_rand.h>
#include <wolfssl/openssl/kdf.h>
#ifdef OPENSSL_ALL
#include <wolfssl/openssl/txt_db.h>
#include <wolfssl/openssl/lhash.h>
#endif
#ifndef NO_AES
#include <wolfssl/openssl/aes.h>
#endif
#ifndef NO_DES3
#include <wolfssl/openssl/des.h>
#endif
#ifndef NO_RC4
#include <wolfssl/openssl/rc4.h>
#endif
#ifdef HAVE_ECC
#include <wolfssl/openssl/ecdsa.h>
#endif
#ifdef HAVE_PKCS7
#include <wolfssl/openssl/pkcs7.h>
#endif
#ifdef HAVE_CURVE25519
#include <wolfssl/openssl/ec25519.h>
#endif
#ifdef HAVE_ED25519
#include <wolfssl/openssl/ed25519.h>
#endif
#ifdef HAVE_CURVE448
#include <wolfssl/openssl/ec448.h>
#endif
#ifdef HAVE_ED448
#include <wolfssl/openssl/ed448.h>
#endif
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \
!defined(NO_SHA256) && !defined(RC_NO_RNG)
#include <wolfssl/wolfcrypt/srp.h>
#endif
#if (defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)) || \
defined(HAVE_SESSION_TICKET) || (defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)) || \
defined(WOLFSSL_TEST_STATIC_BUILD) || defined(WOLFSSL_DTLS) || \
defined(HAVE_ECH) || defined(HAVE_EX_DATA) || !defined(NO_SESSION_CACHE) \
|| !defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)
/* for testing SSL_get_peer_cert_chain, or SESSION_TICKET_HINT_DEFAULT,
* for setting authKeyIdSrc in WOLFSSL_X509, or testing DTLS sequence
* number tracking */
#include "wolfssl/internal.h"
#endif
/* force enable test buffers */
#ifndef USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_2048
#endif
#ifndef USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_256
#endif
#include <wolfssl/certs_test.h>
/* include misc.c here regardless of NO_INLINE, because misc.c implementations
* have default (hidden) visibility, and in the absence of visibility, it's
* benign to mask out the library implementation.
*/
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && !defined(SINGLE_THREADED) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
#define HAVE_IO_TESTS_DEPENDENCIES
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(WOLFSSL_TIRTOS)
#define HAVE_SSL_MEMIO_TESTS_DEPENDENCIES
#endif
#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
!defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
!defined(WOLFSSL_NO_CLIENT_AUTH))
#define HAVE_CERT_CHAIN_VALIDATION
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
#if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || defined(SESSION_CERTS)
#ifdef OPENSSL_EXTRA
#define TEST_TLS_STATIC_MEMSZ (400000)
#else
#define TEST_TLS_STATIC_MEMSZ (320000)
#endif
#else
#define TEST_TLS_STATIC_MEMSZ (80000)
#endif
#endif
#ifdef HAVE_ECC
#ifndef ECC_ASN963_MAX_BUF_SZ
#define ECC_ASN963_MAX_BUF_SZ 133
#endif
#ifndef ECC_PRIV_KEY_BUF
#define ECC_PRIV_KEY_BUF 66 /* For non user defined curves. */
#endif
/* ecc key sizes: 14, 16, 20, 24, 28, 30, 32, 40, 48, 64 */
/* logic to choose right key ECC size */
#if (defined(HAVE_ECC112) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 112
#define KEY14 14
#else
#define KEY14 32
#endif
#if (defined(HAVE_ECC128) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 128
#define KEY16 16
#else
#define KEY16 32
#endif
#if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160
#define KEY20 20
#else
#define KEY20 32
#endif
#if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192
#define KEY24 24
#else
#define KEY24 32
#endif
#if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
#define KEY28 28
#else
#define KEY28 32
#endif
#if defined(HAVE_ECC239) || defined(HAVE_ALL_CURVES)
#define KEY30 30
#else
#define KEY30 32
#endif
#define KEY32 32
#if defined(HAVE_ECC320) || defined(HAVE_ALL_CURVES)
#define KEY40 40
#else
#define KEY40 32
#endif
#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
#define KEY48 48
#else
#define KEY48 32
#endif
#if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)
#define KEY64 64
#else
#define KEY64 32
#endif
#if !defined(HAVE_COMP_KEY)
#if !defined(NOCOMP)
#define NOCOMP 0
#endif
#else
#if !defined(COMP)
#define COMP 1
#endif
#endif
#if !defined(DER_SZ)
#define DER_SZ(ks) ((ks) * 2 + 1)
#endif
#endif /* HAVE_ECC */
#ifndef NO_DSA
#ifndef DSA_SIG_SIZE
#define DSA_SIG_SIZE 40
#endif
#ifndef MAX_DSA_PARAM_SIZE
#define MAX_DSA_PARAM_SIZE 256
#endif
#endif
#ifndef NO_RSA
#define GEN_BUF 294
#endif
#ifndef ONEK_BUF
#define ONEK_BUF 1024
#endif
#ifndef TWOK_BUF
#define TWOK_BUF 2048
#endif
#ifndef FOURK_BUF
#define FOURK_BUF 4096
#endif
#ifndef HEAP_HINT
#define HEAP_HINT NULL
#endif
typedef struct testVector {
const char* input;
const char* output;
size_t inLen;
size_t outLen;
} testVector;
#if defined(HAVE_PKCS7)
typedef struct {
const byte* content;
word32 contentSz;
int contentOID;
int encryptOID;
int keyWrapOID;
int keyAgreeOID;
byte* cert;
size_t certSz;
byte* privateKey;
word32 privateKeySz;
} pkcs7EnvelopedVector;
#ifndef NO_PKCS7_ENCRYPTED_DATA
typedef struct {
const byte* content;
word32 contentSz;
int contentOID;
int encryptOID;
byte* encryptionKey;
word32 encryptionKeySz;
} pkcs7EncryptedVector;
#endif
#endif /* HAVE_PKCS7 */
typedef int (*ctx_cb)(WOLFSSL_CTX* ctx);
typedef int (*ssl_cb)(WOLFSSL* ssl);
typedef int (*test_cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
typedef int (*hs_cb)(WOLFSSL_CTX **ctx, WOLFSSL **ssl);
typedef struct test_ssl_cbf {
method_provider method;
ctx_cb ctx_ready;
ssl_cb ssl_ready;
ssl_cb on_result;
ctx_cb on_ctx_cleanup;
ssl_cb on_cleanup;
hs_cb on_handshake;
WOLFSSL_CTX* ctx;
const char* caPemFile;
const char* certPemFile;
const char* keyPemFile;
const char* crlPemFile;
#ifdef WOLFSSL_STATIC_MEMORY
byte* mem;
word32 memSz;
wolfSSL_method_func method_ex;
#endif
int devId;
int return_code;
int last_err;
unsigned char isSharedCtx:1;
unsigned char loadToSSL:1;
unsigned char ticNoInit:1;
unsigned char doUdp:1;
} test_ssl_cbf;
#define TEST_SSL_MEMIO_BUF_SZ (64 * 1024)
typedef struct test_ssl_memio_ctx {
WOLFSSL_CTX* s_ctx;
WOLFSSL_CTX* c_ctx;
WOLFSSL* s_ssl;
WOLFSSL* c_ssl;
const char* c_ciphers;
const char* s_ciphers;
char* c_msg;
int c_msglen;
char* s_msg;
int s_msglen;
test_ssl_cbf s_cb;
test_ssl_cbf c_cb;
byte c_buff[TEST_SSL_MEMIO_BUF_SZ];
int c_len;
byte s_buff[TEST_SSL_MEMIO_BUF_SZ];
int s_len;
} test_ssl_memio_ctx;
int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
test_ssl_cbf* server_cb, test_cbType client_on_handshake);
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
const char* currentTestName;
char tmpDirName[16];
int tmpDirNameSet = 0;
#endif
/*----------------------------------------------------------------------------*
| Constants
*----------------------------------------------------------------------------*/
/* Test result constants and macros. */
/* Test succeeded. */
#define TEST_SUCCESS (1)
/* Test failed. */
#define TEST_FAIL (0)
/* Test skipped - not run. */
#define TEST_SKIPPED (-7777)
/* Returns the result based on whether check is true.
*
* @param [in] check Condition for success.
* @return When condition is true: TEST_SUCCESS.
* @return When condition is false: TEST_FAIL.
*/
#ifdef DEBUG_WOLFSSL_VERBOSE
#define XSTRINGIFY(s) STRINGIFY(s)
#define STRINGIFY(s) #s
#define TEST_RES_CHECK(check) ({ \
int _ret = (check) ? TEST_SUCCESS : TEST_FAIL; \
if (_ret == TEST_FAIL) { \
fprintf(stderr, " check \"%s\" at %d ", \
XSTRINGIFY(check), __LINE__); \
} \
_ret; })
#else
#define TEST_RES_CHECK(check) \
((check) ? TEST_SUCCESS : TEST_FAIL)
#endif /* DEBUG_WOLFSSL_VERBOSE */
#define TEST_STRING "Everyone gets Friday off."
#define TEST_STRING_SZ 25
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
#define TEST_RSA_BITS 1024
#else
#define TEST_RSA_BITS 2048
#endif
#define TEST_RSA_BYTES (TEST_RSA_BITS/8)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
(!defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT))
static const char* bogusFile =
#ifdef _WIN32
"NUL"
#else
"/dev/null"
#endif
;
#endif /* !NO_FILESYSTEM && !NO_CERTS && (!NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT) */
enum {
TESTING_RSA = 1,
TESTING_ECC = 2
};
#ifdef WOLFSSL_QNX_CAAM
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
static int testDevId = WOLFSSL_CAAM_DEVID;
#else
static int testDevId = INVALID_DEVID;
#endif
/*----------------------------------------------------------------------------*
| BIO with fixed read/write size
*----------------------------------------------------------------------------*/
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
static int wolfssl_bio_s_fixed_mem_write(WOLFSSL_BIO* bio, const char* data,
int len)
{
if ((bio == NULL) || (bio->ptr.mem_buf_data == NULL) || (data == NULL)) {
len = 0;
}
else {
if (bio->wrSz - bio->wrIdx < len) {
len = bio->wrSz - bio->wrIdx;
}
XMEMCPY(bio->ptr.mem_buf_data + bio->wrIdx, data, len);
bio->wrIdx += len;
}
return len;
}
static int wolfssl_bio_s_fixed_mem_read(WOLFSSL_BIO* bio, char* data, int len)
{
if ((bio == NULL) || (bio->ptr.mem_buf_data == NULL) || (data == NULL)) {
len = 0;
}
else {
if (bio->wrSz - bio->rdIdx < len) {
len = bio->wrSz - bio->rdIdx;
}
XMEMCPY(data, bio->ptr.mem_buf_data + bio->rdIdx, len);
bio->rdIdx += len;
}
return len;
}
static WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_fixed_mem(void)
{
static WOLFSSL_BIO_METHOD meth;
meth.type = WOLFSSL_BIO_BIO;
XMEMCPY(meth.name, "Fixed Memory Size", 18);
meth.writeCb = wolfssl_bio_s_fixed_mem_write;
meth.readCb = wolfssl_bio_s_fixed_mem_read;
return &meth;
}
#endif
/*----------------------------------------------------------------------------*
| Setup
*----------------------------------------------------------------------------*/
static int test_wolfSSL_Init(void)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_Init(), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_wolfSSL_Cleanup(void)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_Cleanup(), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
/* Initialize the wolfCrypt state.
* POST: 0 success.
*/
static int test_wolfCrypt_Init(void)
{
EXPECT_DECLS;
ExpectIntEQ(wolfCrypt_Init(), 0);
return EXPECT_RESULT();
} /* END test_wolfCrypt_Init */
static int test_wolfCrypt_Cleanup(void)
{
EXPECT_DECLS;
ExpectIntEQ(wolfCrypt_Cleanup(), 0);
return EXPECT_RESULT();
}
#ifdef WOLFSSL_STATIC_MEMORY
#define TEST_LSM_STATIC_SIZE 440000
/* Create new bucket list, using the default list, adding
* one dang large buffer size. */
#define TEST_LSM_DEF_BUCKETS (WOLFMEM_DEF_BUCKETS+1)
#define TEST_LSM_BUCKETS WOLFMEM_BUCKETS,(LARGEST_MEM_BUCKET*2)
#define TEST_LSM_DIST WOLFMEM_DIST,1
#endif
static int test_wc_LoadStaticMemory_ex(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_STATIC_MEMORY
byte staticMemory[TEST_LSM_STATIC_SIZE];
word32 sizeList[TEST_LSM_DEF_BUCKETS] = { TEST_LSM_BUCKETS };
word32 distList[TEST_LSM_DEF_BUCKETS] = { TEST_LSM_DIST };
WOLFSSL_HEAP_HINT* heap;
/* For this test, the size and dist lists will be the ones configured
* for the build, or default. The value of WOLFMEM_DEF_BUCKETS is 9,
* so these lists are 10 long. For most tests, the value of
* WOLFMEM_DEF_BUCKETS is used. There's a test case where one is added
* to that, to make sure the list size is larger than
* WOLFMEM_MAX_BUCKETS. */
/* Pass in zero everything. */
ExpectIntEQ(wc_LoadStaticMemory_ex(NULL, 0, NULL, NULL, NULL, 0, 0, 0),
BAD_FUNC_ARG);
/* Set the heap pointer to NULL. */
ExpectIntEQ(wc_LoadStaticMemory_ex(NULL,
WOLFMEM_DEF_BUCKETS, sizeList, distList,
staticMemory, (word32)sizeof(staticMemory),
0, 1),
BAD_FUNC_ARG);
/* Set other pointer values to NULL one at a time. */
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, NULL, distList,
staticMemory, (word32)sizeof(staticMemory),
0, 1),
BAD_FUNC_ARG);
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, sizeList, NULL,
staticMemory, (word32)sizeof(staticMemory),
0, 1),
BAD_FUNC_ARG);
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, sizeList, distList,
NULL, (word32)sizeof(staticMemory),
0, 1),
BAD_FUNC_ARG);
/* Set the size of the static buffer to 0. */
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, sizeList, distList,
staticMemory, 0,
0, 1),
BUFFER_E);
/* Set the size of the static buffer to one less than minimum allowed. */
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, sizeList, distList,
staticMemory,
(word32)(sizeof(WOLFSSL_HEAP) + sizeof(WOLFSSL_HEAP_HINT)) - 1,
0, 1),
BUFFER_E);
/* Set the size of the static buffer to exactly the minimum size. */
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, sizeList, distList,
staticMemory,
(word32)(sizeof(WOLFSSL_HEAP) + sizeof(WOLFSSL_HEAP_HINT)),
0, 1),
0);
wc_UnloadStaticMemory(heap);
/* Use more buckets than able. Success case. */
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS*2, sizeList, distList,
staticMemory, (word32)sizeof(staticMemory),
0, 1),
0);
wc_UnloadStaticMemory(heap);
/* Success case. */
heap = NULL;
ExpectIntEQ(wc_LoadStaticMemory_ex(&heap,
WOLFMEM_DEF_BUCKETS, sizeList, distList,
staticMemory, (word32)sizeof(staticMemory),
0, 1),
0);
wc_UnloadStaticMemory(heap);
#endif /* WOLFSSL_STATIC_MEMORY */
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| Platform dependent function test
*----------------------------------------------------------------------------*/
static int test_fileAccess(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_TEST_PLATFORMDEPEND) && !defined(NO_FILESYSTEM)
const char *fname[] = {
svrCertFile, svrKeyFile, caCertFile,
eccCertFile, eccKeyFile, eccRsaCertFile,
cliCertFile, cliCertDerFile, cliKeyFile,
dhParamFile,
cliEccKeyFile, cliEccCertFile, caEccCertFile, edCertFile, edKeyFile,
cliEdCertFile, cliEdKeyFile, caEdCertFile,
NULL
};
const char derfile[] = "./certs/server-cert.der";
XFILE f = XBADFILE;
size_t sz;
byte *buff = NULL;
int i;
ExpectTrue(XFOPEN("badfilename", "rb") == XBADFILE);
for (i=0; EXPECT_SUCCESS() && fname[i] != NULL ; i++) {
ExpectTrue((f = XFOPEN(fname[i], "rb")) != XBADFILE);
XFCLOSE(f);
}
ExpectTrue((f = XFOPEN(derfile, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(f, 0, XSEEK_END) == 0);
ExpectIntGE(sz = (size_t) XFTELL(f), sizeof_server_cert_der_2048);
ExpectTrue(XFSEEK(f, 0, XSEEK_SET) == 0);
ExpectTrue((buff = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE)) != NULL);
ExpectTrue(XFREAD(buff, 1, sz, f) == sz);
ExpectIntEQ(XMEMCMP(server_cert_der_2048, buff, sz), 0);
XFREE(buff, NULL, DYNAMIC_TYPE_FILE);
XFCLOSE(f);
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| Method Allocators
*----------------------------------------------------------------------------*/
static int test_wolfSSL_Method_Allocators(void)
{
EXPECT_DECLS;
#define TEST_METHOD_ALLOCATOR(allocator, condition) \
do { \
WOLFSSL_METHOD *method = NULL; \
condition(method = allocator()); \
XFREE(method, 0, DYNAMIC_TYPE_METHOD); \
} while (0)
#define TEST_VALID_METHOD_ALLOCATOR(a) \
TEST_METHOD_ALLOCATOR(a, ExpectNotNull)
#define TEST_INVALID_METHOD_ALLOCATOR(a) \
TEST_METHOD_ALLOCATOR(a, ExpectNull)
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_client_method);
#endif
#endif
#ifdef WOLFSSL_ALLOW_TLSV10
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_client_method);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_client_method);
#endif
#endif /* !NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method);
#endif
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_TLS13
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_client_method);
#endif
#endif /* WOLFSSL_TLS13 */
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_client_method);
#endif
#ifdef WOLFSSL_DTLS
#ifndef NO_OLD_TLS
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_client_method);
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_client_method);
#endif
#endif
#endif /* WOLFSSL_DTLS */
#if !defined(NO_OLD_TLS) && defined(OPENSSL_EXTRA)
/* Stubs */
#ifndef NO_WOLFSSL_SERVER
TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_client_method);
#endif
#endif
/* Test Either Method (client or server) */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_method);
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_TLSV10
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_method);
#endif
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_method);
#endif /* !NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_method);
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_TLS13
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_method);
#endif /* WOLFSSL_TLS13 */
#ifdef WOLFSSL_DTLS
TEST_VALID_METHOD_ALLOCATOR(wolfDTLS_method);
#ifndef NO_OLD_TLS
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_method);
#endif /* !NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_method);
#endif /* !WOLFSSL_NO_TLS12 */
#endif /* WOLFSSL_DTLS */
#endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */
return EXPECT_RESULT();
}
#if defined(WOLFSSL_DUAL_ALG_CERTS) && !defined(NO_FILESYSTEM)
/*----------------------------------------------------------------------------*
| Dual algorithm Certificate Tests
*----------------------------------------------------------------------------*/
#define LARGE_TEMP_SZ 4096
/* To better understand this, please see the X9.146 example in wolfssl-examples
* repo. */
static int do_dual_alg_root_certgen(byte **out, char *caKeyFile,
char *sapkiFile, char *altPrivFile)
{
EXPECT_DECLS;
FILE* file = NULL;
Cert newCert;
DecodedCert preTBS;
byte caKeyBuf[LARGE_TEMP_SZ];
word32 caKeySz = LARGE_TEMP_SZ;
byte sapkiBuf[LARGE_TEMP_SZ];
word32 sapkiSz = LARGE_TEMP_SZ;
byte altPrivBuf[LARGE_TEMP_SZ];
word32 altPrivSz = LARGE_TEMP_SZ;
byte altSigAlgBuf[LARGE_TEMP_SZ];
word32 altSigAlgSz = LARGE_TEMP_SZ;
byte scratchBuf[LARGE_TEMP_SZ];
word32 scratchSz = LARGE_TEMP_SZ;
byte preTbsBuf[LARGE_TEMP_SZ];
word32 preTbsSz = LARGE_TEMP_SZ;
byte altSigValBuf[LARGE_TEMP_SZ];
word32 altSigValSz = LARGE_TEMP_SZ;
byte *outBuf = NULL;
word32 outSz = LARGE_TEMP_SZ;
WC_RNG rng;
RsaKey caKey;
ecc_key altCaKey;
word32 idx = 0;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&caKey, 0, sizeof(RsaKey));
XMEMSET(&altCaKey, 0, sizeof(ecc_key));
ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRng(&rng), 0);
XMEMSET(caKeyBuf, 0, caKeySz);
ExpectNotNull(file = fopen(caKeyFile, "rb"));
ExpectIntGT(caKeySz = (word32)fread(caKeyBuf, 1, caKeySz, file), 0);
if (file) {
fclose(file);
file = NULL;
}
ExpectIntEQ(wc_InitRsaKey_ex(&caKey, NULL, INVALID_DEVID), 0);
idx = 0;
ExpectIntEQ(wc_RsaPrivateKeyDecode(caKeyBuf, &idx, &caKey, caKeySz),
0);
XMEMSET(sapkiBuf, 0, sapkiSz);
ExpectNotNull(file = fopen(sapkiFile, "rb"));
ExpectIntGT(sapkiSz = (word32)fread(sapkiBuf, 1, sapkiSz, file), 0);
if (file) {
fclose(file);
file = NULL;
}
XMEMSET(altPrivBuf, 0, altPrivSz);
ExpectNotNull(file = fopen(altPrivFile, "rb"));
ExpectIntGT(altPrivSz = (word32)fread(altPrivBuf, 1, altPrivSz, file), 0);
if (file) {
fclose(file);
file = NULL;
}
wc_ecc_init(&altCaKey);
idx = 0;
ExpectIntEQ(wc_EccPrivateKeyDecode(altPrivBuf, &idx, &altCaKey,
(word32)altPrivSz), 0);
XMEMSET(altSigAlgBuf, 0, altSigAlgSz);
ExpectIntGT(altSigAlgSz = SetAlgoID(CTC_SHA256wECDSA, altSigAlgBuf,
oidSigType, 0), 0);
wc_InitCert(&newCert);
strncpy(newCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(newCert.subject.state, "MT", CTC_NAME_SIZE);
strncpy(newCert.subject.locality, "Bozeman", CTC_NAME_SIZE);
strncpy(newCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
strncpy(newCert.subject.unit, "Engineering", CTC_NAME_SIZE);
strncpy(newCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
strncpy(newCert.subject.email, "root@wolfssl.com", CTC_NAME_SIZE);
newCert.sigType = CTC_SHA256wRSA;
newCert.isCA = 1;
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "1.2.3.4.5",
(const byte *)"This is NOT a critical extension", 32), 0);
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.72", sapkiBuf,
sapkiSz), 0);
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.73", altSigAlgBuf,
altSigAlgSz), 0);
XMEMSET(scratchBuf, 0, scratchSz);
ExpectIntGT(scratchSz = wc_MakeSelfCert(&newCert, scratchBuf, scratchSz,
&caKey, &rng), 0);
wc_InitDecodedCert(&preTBS, scratchBuf, scratchSz, 0);
ExpectIntEQ(wc_ParseCert(&preTBS, CERT_TYPE, NO_VERIFY, NULL), 0);
XMEMSET(preTbsBuf, 0, preTbsSz);
ExpectIntGT(preTbsSz = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz), 0);
XMEMSET(altSigValBuf, 0, altSigValSz);
ExpectIntGT(altSigValSz = wc_MakeSigWithBitStr(altSigValBuf, altSigValSz,
CTC_SHA256wECDSA, preTbsBuf, preTbsSz, ECC_TYPE, &altCaKey,
&rng), 0);
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.74", altSigValBuf,
altSigValSz), 0);
/* Finally, generate the new certificate. */
if (outBuf != NULL) {
XMEMSET(outBuf, 0, outSz);
}
ExpectIntGT(outSz = wc_MakeSelfCert(&newCert, outBuf, outSz, &caKey, &rng),
0);
*out = outBuf;
wc_FreeRsaKey(&caKey);
wc_FreeRng(&rng);
wc_FreeDecodedCert(&preTBS);
return outSz;
}
static int do_dual_alg_server_certgen(byte **out, char *caKeyFile,
char *sapkiFile, char *altPrivFile,
char *serverKeyFile,
byte *caCertBuf, int caCertSz)
{
EXPECT_DECLS;
FILE* file = NULL;
Cert newCert;
DecodedCert preTBS;
byte serverKeyBuf[LARGE_TEMP_SZ];
word32 serverKeySz = LARGE_TEMP_SZ;
byte caKeyBuf[LARGE_TEMP_SZ];
word32 caKeySz = LARGE_TEMP_SZ;
byte sapkiBuf[LARGE_TEMP_SZ];
word32 sapkiSz = LARGE_TEMP_SZ;
byte altPrivBuf[LARGE_TEMP_SZ];
word32 altPrivSz = LARGE_TEMP_SZ;
byte altSigAlgBuf[LARGE_TEMP_SZ];
word32 altSigAlgSz = LARGE_TEMP_SZ;
byte scratchBuf[LARGE_TEMP_SZ];
word32 scratchSz = LARGE_TEMP_SZ;
byte preTbsBuf[LARGE_TEMP_SZ];
word32 preTbsSz = LARGE_TEMP_SZ;
byte altSigValBuf[LARGE_TEMP_SZ];
word32 altSigValSz = LARGE_TEMP_SZ;
byte *outBuf = NULL;
word32 outSz = LARGE_TEMP_SZ;
WC_RNG rng;
RsaKey caKey;
RsaKey serverKey;
ecc_key altCaKey;
word32 idx = 0;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&caKey, 0, sizeof(RsaKey));
XMEMSET(&serverKey, 0, sizeof(RsaKey));
XMEMSET(&altCaKey, 0, sizeof(ecc_key));
ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRng(&rng), 0);
XMEMSET(serverKeyBuf, 0, serverKeySz);
ExpectNotNull(file = fopen(serverKeyFile, "rb"));
ExpectIntGT(serverKeySz = (word32)fread(serverKeyBuf, 1, serverKeySz, file),
0);
if (file) {
fclose(file);
file = NULL;
}
ExpectIntEQ(wc_InitRsaKey_ex(&serverKey, NULL, INVALID_DEVID), 0);
idx = 0;
ExpectIntEQ(wc_RsaPrivateKeyDecode(serverKeyBuf, &idx, &serverKey,
(word32)serverKeySz), 0);
XMEMSET(caKeyBuf, 0, caKeySz);
ExpectNotNull(file = fopen(caKeyFile, "rb"));
ExpectIntGT(caKeySz = (word32)fread(caKeyBuf, 1, caKeySz, file), 0);
if (file) {
fclose(file);
file = NULL;
}
ExpectIntEQ(wc_InitRsaKey_ex(&caKey, NULL, INVALID_DEVID), 0);
idx = 0;
ExpectIntEQ(wc_RsaPrivateKeyDecode(caKeyBuf, &idx, &caKey,
(word32)caKeySz), 0);
XMEMSET(sapkiBuf, 0, sapkiSz);
ExpectNotNull(file = fopen(sapkiFile, "rb"));
ExpectIntGT(sapkiSz = (word32)fread(sapkiBuf, 1, sapkiSz, file), 0);
if (file) {
fclose(file);
file = NULL;
}
XMEMSET(altPrivBuf, 0, altPrivSz);
ExpectNotNull(file = fopen(altPrivFile, "rb"));
ExpectIntGT(altPrivSz = (word32)fread(altPrivBuf, 1, altPrivSz, file), 0);
if (file) {
fclose(file);
file = NULL;
}
wc_ecc_init(&altCaKey);
idx = 0;
ExpectIntEQ(wc_EccPrivateKeyDecode(altPrivBuf, &idx, &altCaKey,
(word32)altPrivSz), 0);
XMEMSET(altSigAlgBuf, 0, altSigAlgSz);
ExpectIntGT(altSigAlgSz = SetAlgoID(CTC_SHA256wECDSA, altSigAlgBuf,
oidSigType, 0), 0);
wc_InitCert(&newCert);
strncpy(newCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(newCert.subject.state, "MT", CTC_NAME_SIZE);
strncpy(newCert.subject.locality, "Bozeman", CTC_NAME_SIZE);
strncpy(newCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
strncpy(newCert.subject.unit, "Engineering", CTC_NAME_SIZE);
strncpy(newCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
strncpy(newCert.subject.email, "server@wolfssl.com", CTC_NAME_SIZE);
newCert.sigType = CTC_SHA256wRSA;
newCert.isCA = 0;
ExpectIntEQ(wc_SetIssuerBuffer(&newCert, caCertBuf, caCertSz), 0);
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.72", sapkiBuf,
sapkiSz), 0);
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.73", altSigAlgBuf,
altSigAlgSz), 0);
XMEMSET(scratchBuf, 0, scratchSz);
ExpectIntGT(wc_MakeCert(&newCert, scratchBuf, scratchSz, &serverKey, NULL,
&rng), 0);
ExpectIntGT(scratchSz = wc_SignCert(newCert.bodySz, newCert.sigType,
scratchBuf, scratchSz, &caKey, NULL, &rng), 0);
wc_InitDecodedCert(&preTBS, scratchBuf, scratchSz, 0);
ExpectIntEQ(wc_ParseCert(&preTBS, CERT_TYPE, NO_VERIFY, NULL), 0);
XMEMSET(preTbsBuf, 0, preTbsSz);
ExpectIntGT(preTbsSz = wc_GeneratePreTBS(&preTBS, preTbsBuf, preTbsSz), 0);
XMEMSET(altSigValBuf, 0, altSigValSz);
ExpectIntGT(altSigValSz = wc_MakeSigWithBitStr(altSigValBuf, altSigValSz,
CTC_SHA256wECDSA, preTbsBuf, preTbsSz, ECC_TYPE, &altCaKey,
&rng), 0);
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.74",
altSigValBuf, altSigValSz), 0);
/* Finally, generate the new certificate. */
if (outBuf != NULL) {
XMEMSET(outBuf, 0, outSz);
}
ExpectIntGT(wc_MakeCert(&newCert, outBuf, outSz, &serverKey, NULL, &rng),
0);
ExpectIntGT(outSz = wc_SignCert(newCert.bodySz, newCert.sigType, outBuf,
outSz, &caKey, NULL, &rng), 0);
*out = outBuf;
wc_FreeRsaKey(&caKey);
wc_FreeRsaKey(&serverKey);
wc_FreeRng(&rng);
wc_FreeDecodedCert(&preTBS);
return outSz;
}
static int do_dual_alg_tls13_connection(byte *caCert, word32 caCertSz,
byte *serverCert, word32 serverCertSz,
byte *serverKey, word32 serverKeySz,
int negative_test)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup_ex(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
caCert, caCertSz, serverCert, serverCertSz,
serverKey, serverKeySz), 0);
if (negative_test) {
ExpectTrue(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0);
}
else {
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
}
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
static int test_dual_alg_support(void)
{
EXPECT_DECLS;
/* Root CA and server keys will be the same. This is only appropriate for
* testing. */
char keyFile[] = "./certs/ca-key.der";
char sapkiFile[] = "./certs/ecc-keyPub.der";
char altPrivFile[] = "./certs/ecc-key.der";
char wrongPrivFile[] = "./certs/ecc-client-key.der";
byte *serverKey = NULL;
size_t serverKeySz = 0;
byte *root = NULL;
int rootSz = 0;
byte *server = NULL;
int serverSz = 0;
ExpectIntEQ(load_file(keyFile, &serverKey, &serverKeySz), 0);
/* Base normal case. */
if (EXPECT_SUCCESS()) {
rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile,
altPrivFile);
}
ExpectNotNull(root);
ExpectIntGT(rootSz, 0);
if (EXPECT_SUCCESS()) {
serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile,
altPrivFile, keyFile, root, rootSz);
}
ExpectNotNull(server);
ExpectIntGT(serverSz, 0);
ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz,
server, serverSz, serverKey, (word32)serverKeySz, 0),
TEST_SUCCESS);
XFREE(root, NULL, DYNAMIC_TYPE_TMP_BUFFER);
root = NULL;
XFREE(server, NULL, DYNAMIC_TYPE_TMP_BUFFER);
server = NULL;
/* Now we try a negative case. Note that we use wrongPrivFile to generate
* the alternative signature and then set negative_test to true for the
* call to do_dual_alg_tls13_connection(). Its expecting a failed connection
* because the signature won't verify. The exception is if
* WOLFSSL_TRUST_PEER_CERT is defined. In that case, no verification happens
* and this is no longer a negative test. */
if (EXPECT_SUCCESS()) {
rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile,
wrongPrivFile);
}
ExpectNotNull(root);
ExpectIntGT(rootSz, 0);
if (EXPECT_SUCCESS()) {
serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile,
wrongPrivFile, keyFile, root, rootSz);
}
ExpectNotNull(server);
ExpectIntGT(serverSz, 0);
#ifdef WOLFSSL_TRUST_PEER_CERT
ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz,
server, serverSz, serverKey, (word32)serverKeySz, 0),
TEST_SUCCESS);
#else
ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz,
server, serverSz, serverKey, (word32)serverKeySz, 1),
TEST_SUCCESS);
#endif
XFREE(root, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(server, NULL, DYNAMIC_TYPE_TMP_BUFFER);
free(serverKey);
return EXPECT_RESULT();
}
#else
static int test_dual_alg_support(void)
{
return TEST_SKIPPED;
}
#endif /* WOLFSSL_DUAL_ALG_CERTS && !NO_FILESYSTEM */
/*----------------------------------------------------------------------------*
| Context
*----------------------------------------------------------------------------*/
#ifndef NO_WOLFSSL_SERVER
static int test_wolfSSL_CTX_new(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx;
WOLFSSL_METHOD* method;
ExpectNull(ctx = wolfSSL_CTX_new(NULL));
ExpectNotNull(method = wolfSSLv23_server_method());
ExpectNotNull(ctx = wolfSSL_CTX_new(method));
wolfSSL_CTX_free(ctx);
return EXPECT_RESULT();
}
#endif
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
static int test_for_double_Free(void)
{
EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
int skipTest = 0;
const char* testCertFile;
const char* testKeyFile;
char optionsCiphers[] = "RC4-SHA:RC4-MD5:DES-CBC3-SHA:AES128-SHA:AES256-SHA"
":NULL-SHA:NULL-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-PSK-AES256-GCM"
"-SHA384:DHE-PSK-AES128-GCM-SHA256:PSK-AES256-GCM-SHA384:PSK-AES128-GCM-SHA256:"
"DHE-PSK-AES256-CBC-SHA384:DHE-PSK-AES128-CBC-SHA256:PSK-AES256-CBC-SHA384:PSK-"
"AES128-CBC-SHA256:PSK-AES128-CBC-SHA:PSK-AES256-CBC-SHA:DHE-PSK-AES128-CCM:DHE"
"-PSK-AES256-CCM:PSK-AES128-CCM:PSK-AES256-CCM:PSK-AES128-CCM-8:PSK-AES256-CCM-"
"8:DHE-PSK-NULL-SHA384:DHE-PSK-NULL-SHA256:PSK-NULL-SHA384:PSK-NULL-SHA256:PSK-"
"NULL-SHA:AES128-CCM-8:AES256-CCM-8:ECDHE-ECDSA-"
"AES128-CCM:ECDHE-ECDSA-AES128-CCM-8:ECDHE-ECDSA-AES256-CCM-8:ECDHE-RSA-AES128-"
"SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-R"
"SA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA"
":AES128-SHA256:AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:ECDH-"
"RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA"
":ECDH-RSA-RC4-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-DES-CBC3"
"-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES"
"256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-E"
"CDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES128-GCM-SHA25"
"6:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-ECDSA-AES256-GC"
"M-SHA384:CAMELLIA128-SHA:DHE-RSA-CAMELLIA128-SHA:CAMELLIA256-SHA:DHE-RSA-CAMEL"
"LIA256-SHA:CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA256:CAMELLIA256-SHA256:DH"
"E-RSA-CAMELLIA256-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECD"
"H-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-ECD"
"SA-AES256-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDHE-RSA-CHA"
"CHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-R"
"SA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-PO"
"LY1305-OLD:ECDHE-ECDSA-NULL-SHA:ECDHE-PSK-NULL-SHA256:ECDHE-PSK-A"
"ES128-CBC-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:DHE-PSK-CHA"
"CHA20-POLY1305:EDH-RSA-DES-CBC3-SHA:TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-S"
"HA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-"
"8-SHA256:TLS13-SHA256-SHA256:TLS13-SHA384-SHA384";
/* OpenVPN uses a "blacklist" method to specify which ciphers NOT to use */
#ifdef OPENSSL_EXTRA
char openvpnCiphers[] = "DEFAULT:!EXP:!LOW:!MEDIUM:!kDH:!kECDH:!DSS:!PSK:"
"!SRP:!kRSA:!aNULL:!eNULL";
#endif
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#else
skipTest = 1;
#endif
if (skipTest != 1) {
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* First test freeing SSL, then CTX */
wolfSSL_free(ssl);
ssl = NULL;
wolfSSL_CTX_free(ctx);
ctx = NULL;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* Next test freeing CTX then SSL */
wolfSSL_CTX_free(ctx);
ctx = NULL;
wolfSSL_free(ssl);
ssl = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
/* Test setting ciphers at ctx level */
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, optionsCiphers));
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TLS13) && defined(HAVE_AESGCM) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
/* only update TLSv13 suites */
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "TLS13-AES256-GCM-SHA384"));
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(HAVE_AESGCM) && \
!defined(NO_SHA256) && !defined(WOLFSSL_NO_TLS12) && \
defined(WOLFSSL_AES_128) && !defined(NO_RSA)
/* only update pre-TLSv13 suites */
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx,
"ECDHE-RSA-AES128-GCM-SHA256"));
#endif
#ifdef OPENSSL_EXTRA
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, openvpnCiphers));
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
wolfSSL_CTX_free(ctx);
ctx = NULL;
wolfSSL_free(ssl);
ssl = NULL;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* test setting ciphers at SSL level */
ExpectTrue(wolfSSL_set_cipher_list(ssl, optionsCiphers));
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TLS13) && defined(HAVE_AESGCM) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
/* only update TLSv13 suites */
ExpectTrue(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384"));
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(HAVE_AESGCM) && \
!defined(NO_SHA256) && !defined(WOLFSSL_NO_TLS12) && \
defined(WOLFSSL_AES_128) && !defined(NO_RSA)
/* only update pre-TLSv13 suites */
ExpectTrue(wolfSSL_set_cipher_list(ssl, "ECDHE-RSA-AES128-GCM-SHA256"));
#endif
wolfSSL_CTX_free(ctx);
ctx = NULL;
wolfSSL_free(ssl);
ssl = NULL;
}
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_CTX_set_cipher_list_bytes(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
const char* testCertFile;
const char* testKeyFile;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const byte cipherList[] =
{
/* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */ 0x00, 0x16,
/* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */ 0x00, 0x39,
/* TLS_DHE_RSA_WITH_AES_128_CBC_SHA */ 0x00, 0x33,
/* TLS_DH_anon_WITH_AES_128_CBC_SHA */ 0x00, 0x34,
/* TLS_RSA_WITH_AES_256_CBC_SHA */ 0x00, 0x35,
/* TLS_RSA_WITH_AES_128_CBC_SHA */ 0x00, 0x2F,
/* TLS_RSA_WITH_NULL_MD5 */ 0x00, 0x01,
/* TLS_RSA_WITH_NULL_SHA */ 0x00, 0x02,
/* TLS_PSK_WITH_AES_256_CBC_SHA */ 0x00, 0x8d,
/* TLS_PSK_WITH_AES_128_CBC_SHA256 */ 0x00, 0xae,
/* TLS_PSK_WITH_AES_256_CBC_SHA384 */ 0x00, 0xaf,
/* TLS_PSK_WITH_AES_128_CBC_SHA */ 0x00, 0x8c,
/* TLS_PSK_WITH_NULL_SHA256 */ 0x00, 0xb0,
/* TLS_PSK_WITH_NULL_SHA384 */ 0x00, 0xb1,
/* TLS_PSK_WITH_NULL_SHA */ 0x00, 0x2c,
/* SSL_RSA_WITH_RC4_128_SHA */ 0x00, 0x05,
/* SSL_RSA_WITH_RC4_128_MD5 */ 0x00, 0x04,
/* SSL_RSA_WITH_3DES_EDE_CBC_SHA */ 0x00, 0x0A,
/* ECC suites, first byte is 0xC0 (ECC_BYTE) */
/* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x14,
/* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x13,
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x0A,
/* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x09,
/* TLS_ECDHE_RSA_WITH_RC4_128_SHA */ 0xC0, 0x11,
/* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */ 0xC0, 0x07,
/* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x12,
/* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x08,
/* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x27,
/* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256*/ 0xC0, 0x23,
/* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */ 0xC0, 0x28,
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384*/ 0xC0, 0x24,
/* TLS_ECDHE_ECDSA_WITH_NULL_SHA */ 0xC0, 0x06,
/* TLS_ECDHE_PSK_WITH_NULL_SHA256 */ 0xC0, 0x3a,
/* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x37,
/* static ECDH, first byte is 0xC0 (ECC_BYTE) */
/* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x0F,
/* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x0E,
/* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */ 0xC0, 0x05,
/* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */ 0xC0, 0x04,
/* TLS_ECDH_RSA_WITH_RC4_128_SHA */ 0xC0, 0x0C,
/* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */ 0xC0, 0x02,
/* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x0D,
/* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */ 0xC0, 0x03,
/* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x29,
/* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */ 0xC0, 0x25,
/* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */ 0xC0, 0x2A,
/* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */ 0xC0, 0x26,
/* WDM_WITH_NULL_SHA256 */ 0x00, 0xFE, /* wolfSSL DTLS Multicast */
/* SHA256 */
/* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */ 0x00, 0x6b,
/* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */ 0x00, 0x67,
/* TLS_RSA_WITH_AES_256_CBC_SHA256 */ 0x00, 0x3d,
/* TLS_RSA_WITH_AES_128_CBC_SHA256 */ 0x00, 0x3c,
/* TLS_RSA_WITH_NULL_SHA256 */ 0x00, 0x3b,
/* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 */ 0x00, 0xb2,
/* TLS_DHE_PSK_WITH_NULL_SHA256 */ 0x00, 0xb4,
/* SHA384 */
/* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 */ 0x00, 0xb3,
/* TLS_DHE_PSK_WITH_NULL_SHA384 */ 0x00, 0xb5,
/* AES-GCM */
/* TLS_RSA_WITH_AES_128_GCM_SHA256 */ 0x00, 0x9c,
/* TLS_RSA_WITH_AES_256_GCM_SHA384 */ 0x00, 0x9d,
/* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */ 0x00, 0x9e,
/* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */ 0x00, 0x9f,
/* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */ 0x00, 0xa7,
/* TLS_PSK_WITH_AES_128_GCM_SHA256 */ 0x00, 0xa8,
/* TLS_PSK_WITH_AES_256_GCM_SHA384 */ 0x00, 0xa9,
/* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 */ 0x00, 0xaa,
/* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 */ 0x00, 0xab,
/* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */
/* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x2b,
/* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x2c,
/* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x2d,
/* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x2e,
/* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x2f,
/* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x30,
/* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */ 0xC0, 0x31,
/* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */ 0xC0, 0x32,
/* AES-CCM, first byte is 0xC0 but isn't ECC,
* also, in some of the other AES-CCM suites
* there will be second byte number conflicts
* with non-ECC AES-GCM */
/* TLS_RSA_WITH_AES_128_CCM_8 */ 0xC0, 0xa0,
/* TLS_RSA_WITH_AES_256_CCM_8 */ 0xC0, 0xa1,
/* TLS_ECDHE_ECDSA_WITH_AES_128_CCM */ 0xC0, 0xac,
/* TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 */ 0xC0, 0xae,
/* TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 */ 0xC0, 0xaf,
/* TLS_PSK_WITH_AES_128_CCM */ 0xC0, 0xa4,
/* TLS_PSK_WITH_AES_256_CCM */ 0xC0, 0xa5,
/* TLS_PSK_WITH_AES_128_CCM_8 */ 0xC0, 0xa8,
/* TLS_PSK_WITH_AES_256_CCM_8 */ 0xC0, 0xa9,
/* TLS_DHE_PSK_WITH_AES_128_CCM */ 0xC0, 0xa6,
/* TLS_DHE_PSK_WITH_AES_256_CCM */ 0xC0, 0xa7,
/* Camellia */
/* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */ 0x00, 0x41,
/* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */ 0x00, 0x84,
/* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */ 0x00, 0xba,
/* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 */ 0x00, 0xc0,
/* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA */ 0x00, 0x45,
/* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA */ 0x00, 0x88,
/* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */ 0x00, 0xbe,
/* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */ 0x00, 0xc4,
/* chacha20-poly1305 suites first byte is 0xCC (CHACHA_BYTE) */
/* TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xa8,
/* TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xa9,
/* TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xaa,
/* TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xac,
/* TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xab,
/* TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 */ 0xCC, 0xad,
/* chacha20-poly1305 earlier version of nonce and padding (CHACHA_BYTE) */
/* TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 */ 0xCC, 0x13,
/* TLS_ECDHE_ECDSA_WITH_CHACHA20_OLD_POLY1305_SHA256 */ 0xCC, 0x14,
/* TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256 */ 0xCC, 0x15,
/* ECDHE_PSK RFC8442, first byte is 0xD0 (ECDHE_PSK_BYTE) */
/* TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 */ 0xD0, 0x01,
/* TLS v1.3 cipher suites */
/* TLS_AES_128_GCM_SHA256 */ 0x13, 0x01,
/* TLS_AES_256_GCM_SHA384 */ 0x13, 0x02,
/* TLS_CHACHA20_POLY1305_SHA256 */ 0x13, 0x03,
/* TLS_AES_128_CCM_SHA256 */ 0x13, 0x04,
/* TLS_AES_128_CCM_8_SHA256 */ 0x13, 0x05,
/* TLS v1.3 Integrity only cipher suites - 0xC0 (ECC) first byte */
/* TLS_SHA256_SHA256 */ 0xC0, 0xB4,
/* TLS_SHA384_SHA384 */ 0xC0, 0xB5
};
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(wolfSSL_CTX_set_cipher_list_bytes(ctx, &cipherList[0U],
sizeof(cipherList)));
wolfSSL_CTX_free(ctx);
ctx = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectTrue(wolfSSL_set_cipher_list_bytes(ssl, &cipherList[0U],
sizeof(cipherList)));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* (OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES) &&
(!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) && (!NO_RSA || HAVE_ECC) */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_certificate(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
defined(WOLFSSL_HAPROXY)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX* ctx = NULL;
X509* x509 = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectNotNull(x509 = wolfSSL_X509_new());
/* Negative tests. */
ExpectIntEQ(SSL_CTX_use_certificate(NULL, NULL), 0);
ExpectIntEQ(SSL_CTX_use_certificate(ctx, NULL), 0);
ExpectIntEQ(SSL_CTX_use_certificate(NULL, x509), 0);
/* Empty certificate */
ExpectIntEQ(SSL_CTX_use_certificate(ctx, x509), 0);
wolfSSL_X509_free(x509);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_certificate_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
/* invalid context */
ExpectFalse(wolfSSL_CTX_use_certificate_file(NULL, svrCertFile,
WOLFSSL_FILETYPE_PEM));
/* invalid cert file */
ExpectFalse(wolfSSL_CTX_use_certificate_file(ctx, bogusFile,
WOLFSSL_FILETYPE_PEM));
/* invalid cert type */
ExpectFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, 9999));
#ifdef NO_RSA
/* rsa needed */
ExpectFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
#else
/* success */
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
static int test_wolfSSL_CTX_use_certificate_ASN1(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN)
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
/* Failure cases. */
ExpectIntEQ(SSL_CTX_use_certificate_ASN1(NULL, 0, NULL ),
WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_certificate_ASN1(ctx , 0, NULL ),
WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_certificate_ASN1(NULL, 0, server_cert_der_2048),
WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_certificate_ASN1(ctx , 0, server_cert_der_2048),
WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048,
server_cert_der_2048), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */
/* Test function for wolfSSL_CTX_use_certificate_buffer. Load cert into
* context using buffer.
* PRE: NO_CERTS not defined; USE_CERT_BUFFERS_2048 defined; compile with
* --enable-testcert flag.
*/
static int test_wolfSSL_CTX_use_certificate_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
/* Invalid parameters. */
ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(NULL, NULL, 0,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(ctx, NULL, 0,
WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E);
ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(NULL, server_cert_der_2048,
0, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048, 0,
WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E);
ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
} /* END test_wolfSSL_CTX_use_certificate_buffer */
static int test_wolfSSL_use_certificate_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* Invalid parameters. */
ExpectIntEQ(wolfSSL_use_certificate_buffer(NULL, NULL, 0,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_buffer(ssl, NULL, 0,
WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E);
ExpectIntEQ(wolfSSL_use_certificate_buffer(NULL, client_cert_der_2048, 0,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_buffer(ssl, client_cert_der_2048, 0,
WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E);
ExpectIntEQ(wolfSSL_use_certificate_buffer(ssl,
client_cert_der_2048, sizeof_client_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_PrivateKey_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
/* invalid context */
ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(NULL, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
/* invalid key file */
ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, bogusFile,
WOLFSSL_FILETYPE_PEM));
/* invalid key type */
ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, 9999));
/* success */
#ifdef NO_RSA
/* rsa needed */
ExpectFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
#else
/* success */
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_RSAPrivateKey_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_SERVER) && defined(OPENSSL_EXTRA)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
/* invalid context */
ExpectIntEQ(wolfSSL_CTX_use_RSAPrivateKey_file(NULL, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE);
/* invalid key file */
ExpectIntEQ(wolfSSL_CTX_use_RSAPrivateKey_file(ctx, bogusFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE);
/* invalid key type */
ExpectIntEQ(wolfSSL_CTX_use_RSAPrivateKey_file(ctx, svrKeyFile, 9999),
WOLFSSL_FAILURE);
/* success */
#ifdef NO_RSA
/* rsa needed */
ExpectIntEQ(wolfSSL_CTX_use_RSAPrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE);
#else
/* success */
ExpectIntEQ(wolfSSL_CTX_use_RSAPrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_use_RSAPrivateKey_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CLIENT) && defined(OPENSSL_EXTRA)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = SSL_new(ctx));
/* invalid context */
ExpectIntEQ(wolfSSL_use_RSAPrivateKey_file(NULL, svrKeyFile,
WOLFSSL_FILETYPE_PEM), BAD_FUNC_ARG);
/* invalid key file */
ExpectIntEQ(wolfSSL_use_RSAPrivateKey_file(ssl, bogusFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE);
/* invalid key type */
ExpectIntEQ(wolfSSL_use_RSAPrivateKey_file(ssl, svrKeyFile, 9999),
WOLFSSL_FAILURE);
/* success */
#ifdef NO_RSA
/* rsa needed */
ExpectIntEQ(wolfSSL_use_RSAPrivateKey_file(ssl, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE);
#else
/* success */
ExpectIntEQ(wolfSSL_use_RSAPrivateKey_file(ssl, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_PrivateKey(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_SERVER) && defined(OPENSSL_EXTRA)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
const unsigned char* p;
(void)p;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(NULL, pkey), WOLFSSL_FAILURE);
/* No data. */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_FAILURE);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#if defined(USE_CERT_BUFFERS_2048)
#if !defined(NO_RSA)
p = client_key_der_2048;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &p,
sizeof_client_key_der_2048));
#if defined(WOLFSSL_KEY_GEN)
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_FAILURE);
#endif
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)
#ifndef NO_DSA
p = dsa_key_der_2048;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_DSA, NULL, &p,
sizeof_dsa_key_der_2048));
#if !defined(HAVE_SELFTEST) && (defined(WOLFSSL_KEY_GEN) || \
defined(WOLFSSL_CERT_GEN))
/* Not supported in ProcessBuffer. */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_BAD_FILE);
#else
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_FAILURE);
#endif
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#endif /* WOLFSSL_QT || OPENSSL_ALL || WOLFSSL_OPENSSH */
#if !defined(NO_DH) && defined(OPENSSL_ALL) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
p = dh_ffdhe_statickey_der_2048;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &p,
sizeof_dh_ffdhe_statickey_der_2048));
/* Not supported. */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_FAILURE);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#endif /* USE_CERT_BUFFERS_2048 */
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
p = ecc_clikey_der_256;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &p,
sizeof_ecc_clikey_der_256));
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_SUCCESS);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
(unsigned char*)"01234567012345670123456701234567", 32));
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_FAILURE);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
/* test both file and buffer versions along with unloading trusted peer certs */
static int test_wolfSSL_CTX_trust_peer_cert(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(WOLFSSL_TRUST_PEER_CERT) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL* ssl = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
#if !defined(NO_FILESYSTEM)
/* invalid file */
ExpectIntNE(wolfSSL_CTX_trust_peer_cert(ctx, NULL,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CTX_trust_peer_cert(ctx, bogusFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_CTX_trust_peer_cert(ctx, cliCertFile,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* success */
ExpectIntEQ(wolfSSL_CTX_trust_peer_cert(ctx, cliCertFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
/* unload cert */
ExpectIntNE(wolfSSL_CTX_Unload_trust_peers(NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_Unload_trust_peers(ctx), WOLFSSL_SUCCESS);
/* invalid file */
ExpectIntNE(wolfSSL_trust_peer_cert(ssl, NULL,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_trust_peer_cert(ssl, bogusFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_trust_peer_cert(ssl, cliCertFile,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* success */
ExpectIntEQ(wolfSSL_trust_peer_cert(ssl, cliCertFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_LOCAL_X509_STORE
/* unload cert */
ExpectIntNE(wolfSSL_Unload_trust_peers(NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_Unload_trust_peers(ssl), WOLFSSL_SUCCESS);
#endif
#endif
/* Test of loading certs from buffers */
/* invalid buffer */
ExpectIntNE(wolfSSL_CTX_trust_peer_buffer(ctx, NULL, -1,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* success */
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(wolfSSL_CTX_trust_peer_buffer(ctx, client_cert_der_1024,
sizeof_client_cert_der_1024, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
#ifdef USE_CERT_BUFFERS_2048
ExpectIntEQ(wolfSSL_CTX_trust_peer_buffer(ctx, client_cert_der_2048,
sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
/* unload cert */
ExpectIntNE(wolfSSL_CTX_Unload_trust_peers(NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_Unload_trust_peers(ctx), WOLFSSL_SUCCESS);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_verify_locations(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = NULL;
#ifndef NO_RSA
WOLFSSL_CERT_MANAGER* cm = NULL;
#ifdef PERSIST_CERT_CACHE
int cacheSz = 0;
unsigned char* cache = NULL;
int used = 0;
#ifndef NO_FILESYSTEM
const char* cacheFile = "./tests/cert_cache.tmp";
#endif
int i;
int t;
int* p;
#endif
#endif
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS)
const char* load_certs_path = "./certs/external";
const char* load_no_certs_path = "./examples";
const char* load_expired_path = "./certs/test/expired";
#endif
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
/* invalid arguments */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(NULL, caCertFile, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, NULL),
WOLFSSL_FAILURE);
/* invalid ca file */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, bogusFile, NULL),
WS_RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE));
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) && \
((defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)) && \
!(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR))
/* invalid path */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile),
WS_RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE));
#endif
#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
/* test ignoring the invalid path */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, bogusFile,
WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR), WOLFSSL_SUCCESS);
#endif
/* load ca cert */
#ifdef NO_RSA
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL),
WS_RETURN_CODE(ASN_UNKNOWN_OID_E,WOLFSSL_FAILURE));
#else /* Skip the following test without RSA certs. */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL),
WOLFSSL_SUCCESS);
#ifdef PERSIST_CERT_CACHE
/* Get cert cache size */
ExpectIntGT(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), 0);
ExpectNotNull(cache = (byte*)XMALLOC(cacheSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, -1, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, -1, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, cacheSz, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, &used),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, cacheSz, &used),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, cacheSz, &used),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, -1, &used),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz - 10, &used),
BUFFER_E);
ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, &used), 1);
ExpectIntEQ(cacheSz, used);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, -1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, -1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, -1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, cacheSz),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, cacheSz),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, cacheSz),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, -1),
BAD_FUNC_ARG);
/* Smaller than header. */
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, 1), BUFFER_E);
for (i = 1; i < cacheSz; i++) {
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz - i),
BUFFER_E);
}
if (EXPECT_SUCCESS()) {
/* Modify header for bad results! */
p = (int*)cache;
/* version */
t = p[0]; p[0] = 0xff;
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
CACHE_MATCH_ERROR);
p[0] = t; p++;
/* rows */
t = p[0]; p[0] = 0xff;
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
CACHE_MATCH_ERROR);
p[0] = t; p++;
/* columns[0] */
t = p[0]; p[0] = -1;
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
PARSE_ERROR);
p[0] = t; p += CA_TABLE_SIZE;
/* signerSz*/
t = p[0]; p[0] = 0xff;
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
CACHE_MATCH_ERROR);
p[0] = t;
}
ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), 1);
ExpectIntEQ(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), used);
#ifndef NO_FILESYSTEM
ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, cacheFile), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, cacheFile), 1);
ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, cacheFile), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "no-file"),
WOLFSSL_BAD_FILE);
ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, cacheFile), 1);
/* File contents is not a cache. */
ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "./certs/ca-cert.pem"),
CACHE_MATCH_ERROR);
#endif
XFREE(cache, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
/* Test unloading CA's */
ExpectIntEQ(wolfSSL_CTX_UnloadCAs(ctx), WOLFSSL_SUCCESS);
#ifdef PERSIST_CERT_CACHE
/* Verify no certs (result is less than cacheSz) */
ExpectIntGT(cacheSz, wolfSSL_CTX_get_cert_cache_memsize(ctx));
#endif
/* load ca cert again */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL),
WOLFSSL_SUCCESS);
/* Test getting CERT_MANAGER */
ExpectNotNull(cm = wolfSSL_CTX_GetCertManager(ctx));
/* Test unloading CA's using CM */
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
#ifdef PERSIST_CERT_CACHE
/* Verify no certs (result is less than cacheSz) */
ExpectIntGT(cacheSz, wolfSSL_CTX_get_cert_cache_memsize(ctx));
#endif
#endif
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS)
/* Test loading CA certificates using a path */
#ifdef NO_RSA
/* failure here okay since certs in external directory are RSA */
ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path,
WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path,
WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_SUCCESS);
#endif
/* Test loading path with no files */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL,
load_no_certs_path, WOLFSSL_LOAD_FLAG_PEM_CA_ONLY), WOLFSSL_FAILURE);
/* Test loading expired CA certificates */
#ifdef NO_RSA
ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL,
load_expired_path,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY | WOLFSSL_LOAD_FLAG_PEM_CA_ONLY),
WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL,
load_expired_path,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY | WOLFSSL_LOAD_FLAG_PEM_CA_ONLY),
WOLFSSL_SUCCESS);
#endif
/* Test loading CA certificates and ignoring all errors */
#ifdef NO_RSA
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path,
WOLFSSL_LOAD_FLAG_IGNORE_ERR), WOLFSSL_FAILURE);
#else
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, load_certs_path,
WOLFSSL_LOAD_FLAG_IGNORE_ERR), WOLFSSL_SUCCESS);
#endif
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_system_CA_certs(void)
{
int res = TEST_SKIPPED;
#if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) && \
(!defined(NO_RSA) || defined(HAVE_ECC))
WOLFSSL_CTX* ctx;
byte dirValid = 0;
int ret = 0;
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
if (ctx == NULL) {
fprintf(stderr, "wolfSSL_CTX_new failed.\n");
ret = -1;
}
if (ret == 0) {
#if defined(USE_WINDOWS_API) || defined(__APPLE__)
dirValid = 1;
#else
word32 numDirs;
const char** caDirs = wolfSSL_get_system_CA_dirs(&numDirs);
if (caDirs == NULL || numDirs == 0) {
fprintf(stderr, "wolfSSL_get_system_CA_dirs failed.\n");
ret = -1;
}
else {
ReadDirCtx dirCtx;
word32 i;
for (i = 0; i < numDirs; ++i) {
if (wc_ReadDirFirst(&dirCtx, caDirs[i], NULL) == 0) {
/* Directory isn't empty. */
dirValid = 1;
wc_ReadDirClose(&dirCtx);
break;
}
}
}
#endif
}
/*
* If the directory isn't empty, we should be able to load CA
* certs from it. On Windows/Mac, we assume the CA cert stores are
* usable.
*/
if (ret == 0 && dirValid && wolfSSL_CTX_load_system_CA_certs(ctx) !=
WOLFSSL_SUCCESS) {
fprintf(stderr, "wolfSSL_CTX_load_system_CA_certs failed.\n");
ret = -1;
}
#ifdef OPENSSL_EXTRA
if (ret == 0 &&
wolfSSL_CTX_set_default_verify_paths(ctx) != WOLFSSL_SUCCESS) {
fprintf(stderr, "wolfSSL_CTX_set_default_verify_paths failed.\n");
ret = -1;
}
#endif /* OPENSSL_EXTRA */
wolfSSL_CTX_free(ctx);
res = TEST_RES_CHECK(ret == 0);
#endif /* WOLFSSL_SYS_CA_CERTS && !NO_WOLFSSL_CLIENT */
return res;
}
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz,
int file_type)
{
int ret;
WOLFSSL_CERT_MANAGER* cm;
cm = wolfSSL_CertManagerNew();
if (cm == NULL) {
fprintf(stderr, "test_cm_load_ca failed\n");
return -1;
}
ret = wolfSSL_CertManagerLoadCABuffer(cm, cert_buf, cert_sz, file_type);
wolfSSL_CertManagerFree(cm);
return ret;
}
static int test_cm_load_ca_file(const char* ca_cert_file)
{
int ret = 0;
byte* cert_buf = NULL;
size_t cert_sz = 0;
#if defined(WOLFSSL_PEM_TO_DER)
DerBuffer* pDer = NULL;
#endif
ret = load_file(ca_cert_file, &cert_buf, &cert_sz);
if (ret == 0) {
/* normal test */
ret = test_cm_load_ca_buffer(cert_buf, cert_sz, WOLFSSL_FILETYPE_PEM);
if (ret == WOLFSSL_SUCCESS) {
/* test including null terminator in length */
byte* tmp = (byte*)realloc(cert_buf, cert_sz+1);
if (tmp == NULL) {
ret = MEMORY_E;
}
else {
cert_buf = tmp;
cert_buf[cert_sz] = '\0';
ret = test_cm_load_ca_buffer(cert_buf, cert_sz+1,
WOLFSSL_FILETYPE_PEM);
}
}
#if defined(WOLFSSL_PEM_TO_DER)
if (ret == WOLFSSL_SUCCESS) {
/* test loading DER */
ret = wc_PemToDer(cert_buf, cert_sz, CA_TYPE, &pDer, NULL, NULL, NULL);
if (ret == 0 && pDer != NULL) {
ret = test_cm_load_ca_buffer(pDer->buffer, pDer->length,
WOLFSSL_FILETYPE_ASN1);
wc_FreeDer(&pDer);
}
}
#endif
}
free(cert_buf);
return ret;
}
static int test_cm_load_ca_buffer_ex(const byte* cert_buf, size_t cert_sz,
int file_type, word32 flags)
{
int ret;
WOLFSSL_CERT_MANAGER* cm;
cm = wolfSSL_CertManagerNew();
if (cm == NULL) {
fprintf(stderr, "test_cm_load_ca failed\n");
return -1;
}
ret = wolfSSL_CertManagerLoadCABuffer_ex(cm, cert_buf, cert_sz, file_type,
0, flags);
wolfSSL_CertManagerFree(cm);
return ret;
}
static int test_cm_load_ca_file_ex(const char* ca_cert_file, word32 flags)
{
int ret = 0;
byte* cert_buf = NULL;
size_t cert_sz = 0;
#if defined(WOLFSSL_PEM_TO_DER)
DerBuffer* pDer = NULL;
#endif
ret = load_file(ca_cert_file, &cert_buf, &cert_sz);
if (ret == 0) {
/* normal test */
ret = test_cm_load_ca_buffer_ex(cert_buf, cert_sz,
WOLFSSL_FILETYPE_PEM, flags);
if (ret == WOLFSSL_SUCCESS) {
/* test including null terminator in length */
byte* tmp = (byte*)realloc(cert_buf, cert_sz+1);
if (tmp == NULL) {
ret = MEMORY_E;
}
else {
cert_buf = tmp;
cert_buf[cert_sz] = '\0';
ret = test_cm_load_ca_buffer_ex(cert_buf, cert_sz+1,
WOLFSSL_FILETYPE_PEM, flags);
}
}
#if defined(WOLFSSL_PEM_TO_DER)
if (ret == WOLFSSL_SUCCESS) {
/* test loading DER */
ret = wc_PemToDer(cert_buf, cert_sz, CA_TYPE, &pDer, NULL, NULL, NULL);
if (ret == 0 && pDer != NULL) {
ret = test_cm_load_ca_buffer_ex(pDer->buffer, pDer->length,
WOLFSSL_FILETYPE_ASN1, flags);
wc_FreeDer(&pDer);
}
}
#endif
}
free(cert_buf);
return ret;
}
#endif /* !NO_FILESYSTEM && !NO_CERTS */
static int test_wolfSSL_CertManagerAPI(void)
{
EXPECT_DECLS;
#ifndef NO_CERTS
WOLFSSL_CERT_MANAGER* cm = NULL;
unsigned char c;
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
wolfSSL_CertManagerFree(NULL);
ExpectIntEQ(wolfSSL_CertManager_up_ref(NULL), 0);
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(NULL), BAD_FUNC_ARG);
#ifdef WOLFSSL_TRUST_PEER_CERT
ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(NULL), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer_ex(NULL, &c, 1,
WOLFSSL_FILETYPE_ASN1, 0, 0), WOLFSSL_FATAL_ERROR);
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, 1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, 1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, 1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, 1, -1),
WOLFSSL_BAD_FILETYPE);
#endif
#if !defined(NO_FILESYSTEM)
{
const char* ca_cert = "./certs/ca-cert.pem";
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
const char* ca_cert_der = "./certs/ca-cert.der";
#endif
const char* ca_path = "./certs";
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, NULL, -1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerify(cm, NULL, WOLFSSL_FILETYPE_ASN1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, ca_cert,
WOLFSSL_FILETYPE_PEM), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert, -1),
WOLFSSL_BAD_FILETYPE);
ExpectIntEQ(wolfSSL_CertManagerVerify(cm, "no-file",
WOLFSSL_FILETYPE_ASN1), WOLFSSL_BAD_FILE);
ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert_der,
WOLFSSL_FILETYPE_PEM), ASN_NO_PEM_HEADER);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, NULL),
WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, NULL),
WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, ca_path),
WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, ca_path),
WOLFSSL_FATAL_ERROR);
}
#endif
#ifdef OPENSSL_COMPATIBLE_DEFAULTS
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), 1);
#elif !defined(HAVE_CRL)
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), NOT_COMPILED_IN);
#endif
ExpectIntEQ(wolfSSL_CertManagerDisableCRL(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerDisableCRL(cm), 1);
#ifdef HAVE_CRL
/* Test APIs when CRL is disabled. */
#ifdef HAVE_CRL_IO
ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1);
#endif
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
sizeof_server_cert_der_2048), 1);
ExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1);
#endif
/* OCSP */
ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(NULL), BAD_FUNC_ARG);
#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
!defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), NOT_COMPILED_IN);
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), NOT_COMPILED_IN);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), NOT_COMPILED_IN);
#endif
#ifdef HAVE_OCSP
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, -1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, -1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, -1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, -1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, NULL, 0,
NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, NULL, 1,
NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, &c, 1,
NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, ""),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, NULL), 1);
ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(NULL, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(cm, NULL, NULL, NULL), 1);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(cm), 1);
/* Test APIs when OCSP is disabled. */
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, &c, 1,
NULL, NULL, NULL, NULL), 1);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, 1), 1);
#endif
ExpectIntEQ(wolfSSL_CertManager_up_ref(cm), 1);
if (EXPECT_SUCCESS()) {
wolfSSL_CertManagerFree(cm);
}
wolfSSL_CertManagerFree(cm);
cm = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
#ifdef HAVE_OCSP
ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, WOLFSSL_OCSP_URL_OVERRIDE |
WOLFSSL_OCSP_CHECKALL), 1);
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), 1);
ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), 1);
#endif
ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1);
ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1);
#endif
#ifdef WOLFSSL_TRUST_PEER_CERT
ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(cm), 1);
#endif
wolfSSL_CertManagerFree(cm);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerLoadCABuffer(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
int ret;
ExpectIntLE(ret = test_cm_load_ca_file(ca_cert), 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
#else
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
ExpectIntLE(ret = test_cm_load_ca_file(ca_expired_cert), 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
#elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \
!defined(NO_ASN_TIME)
ExpectIntEQ(ret, ASN_AFTER_DATE_E);
#else
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerLoadCABuffer_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
int ret;
ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_cert, WOLFSSL_LOAD_FLAG_NONE),
1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
#else
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_expired_cert,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
#elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \
!defined(NO_ASN_TIME) && defined(WOLFSSL_TRUST_PEER_CERT) && \
defined(OPENSSL_COMPATIBLE_DEFAULTS)
ExpectIntEQ(ret, ASN_AFTER_DATE_E);
#else
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerGetCerts(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
defined(WOLFSSL_SIGNER_DER_CERT)
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_STACK* sk = NULL;
X509* x509 = NULL;
X509* cert1 = NULL;
FILE* file1 = NULL;
#ifdef DEBUG_WOLFSSL_VERBOSE
WOLFSSL_BIO* bio = NULL;
#endif
int i = 0;
int ret = 0;
const byte* der = NULL;
int derSz = 0;
ExpectNotNull(file1 = fopen("./certs/ca-cert.pem", "rb"));
ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
if (file1 != NULL) {
fclose(file1);
}
ExpectNull(sk = wolfSSL_CertManagerGetCerts(NULL));
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
ExpectNull(sk = wolfSSL_CertManagerGetCerts(cm));
ExpectNotNull(der = wolfSSL_X509_get_der(cert1, &derSz));
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
/* Check that ASN_SELF_SIGNED_E is returned for a self-signed cert for QT
* and full OpenSSL compatibility */
ExpectIntEQ(ret = wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_SELF_SIGNED_E);
#else
ExpectIntEQ(ret = wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NO_SIGNER_E);
#endif
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
"./certs/ca-cert.pem", NULL));
ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(cm));
for (i = 0; EXPECT_SUCCESS() && i < sk_X509_num(sk); i++) {
ExpectNotNull(x509 = sk_X509_value(sk, i));
ExpectIntEQ(0, wolfSSL_X509_cmp(x509, cert1));
#ifdef DEBUG_WOLFSSL_VERBOSE
bio = BIO_new(wolfSSL_BIO_s_file());
if (bio != NULL) {
BIO_set_fp(bio, stderr, BIO_NOCLOSE);
X509_print(bio, x509);
BIO_free(bio);
}
#endif /* DEBUG_WOLFSSL_VERBOSE */
}
wolfSSL_X509_free(cert1);
sk_X509_pop_free(sk, NULL);
wolfSSL_CertManagerFree(cm);
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
defined(WOLFSSL_SIGNER_DER_CERT) */
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerSetVerify(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
WOLFSSL_CERT_MANAGER* cm = NULL;
int tmp = myVerifyAction;
const char* ca_cert = "./certs/ca-cert.pem";
const char* expiredCert = "./certs/test/expired/expired-cert.pem";
wolfSSL_CertManagerSetVerify(NULL, NULL);
wolfSSL_CertManagerSetVerify(NULL, myVerify);
ExpectNotNull(cm = wolfSSL_CertManagerNew());
wolfSSL_CertManagerSetVerify(cm, myVerify);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), -1);
#else
ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL),
WOLFSSL_SUCCESS);
#endif
/* Use the test CB that always accepts certs */
myVerifyAction = VERIFY_OVERRIDE_ERROR;
ExpectIntEQ(wolfSSL_CertManagerVerify(cm, expiredCert,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ALWAYS_VERIFY_CB
{
const char* verifyCert = "./certs/server-cert.der";
/* Use the test CB that always fails certs */
myVerifyAction = VERIFY_FORCE_FAIL;
ExpectIntEQ(wolfSSL_CertManagerVerify(cm, verifyCert,
WOLFSSL_FILETYPE_ASN1), VERIFY_CERT_ERROR);
}
#endif
wolfSSL_CertManagerFree(cm);
myVerifyAction = tmp;
#endif
return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_UNIT_TEST_CERTS)
/* Used when debugging name constraint tests. Not static to allow use in
* multiple locations with complex define guards. */
void DEBUG_WRITE_CERT_X509(WOLFSSL_X509* x509, const char* fileName)
{
BIO* out = BIO_new_file(fileName, "wb");
if (out != NULL) {
PEM_write_bio_X509(out, x509);
BIO_free(out);
}
}
void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName)
{
BIO* out = BIO_new_file(fileName, "wb");
if (out != NULL) {
BIO_write(out, der, derSz);
BIO_free(out);
}
}
#else
#define DEBUG_WRITE_CERT_X509(x509, fileName) WC_DO_NOTHING
#define DEBUG_WRITE_DER(der, derSz, fileName) WC_DO_NOTHING
#endif
static int test_wolfSSL_CertManagerNameConstraint(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
const char* ca_cert = "./certs/test/cert-ext-nc.der";
const char* server_cert = "./certs/test/server-goodcn.pem";
int i = 0;
static const byte extNameConsOid[] = {85, 29, 30};
RsaKey key;
WC_RNG rng;
byte *der = NULL;
int derSz = 0;
word32 idx = 0;
byte *pt;
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
wc_InitRng(&rng);
/* load in CA private key for signing */
ExpectIntEQ(wc_InitRsaKey_ex(&key, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key,
sizeof_server_key_der_2048), 0);
/* get ca certificate then alter it */
ExpectNotNull(der =
(byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(ca_cert,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(pt = (byte*)wolfSSL_X509_get_tbs(x509, &derSz));
if (EXPECT_SUCCESS() && (der != NULL)) {
XMEMCPY(der, pt, derSz);
/* find the name constraint extension and alter it */
pt = der;
for (i = 0; i < derSz - 3; i++) {
if (XMEMCMP(pt, extNameConsOid, 3) == 0) {
pt += 3;
break;
}
pt++;
}
ExpectIntNE(i, derSz - 3); /* did not find OID if this case is hit */
/* go to the length value and set it to 0 */
while (i < derSz && *pt != 0x81) {
pt++;
i++;
}
ExpectIntNE(i, derSz); /* did not place to alter */
pt++;
*pt = 0x00;
}
/* resign the altered certificate */
ExpectIntGT((derSz = wc_SignCert(derSz, CTC_SHA256wRSA, der,
FOURK_BUF, &key, NULL, &rng)), 0);
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E);
wolfSSL_CertManagerFree(cm);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_X509_free(x509);
wc_FreeRsaKey(&key);
wc_FreeRng(&rng);
/* add email alt name to satisfy constraint */
pt = (byte*)server_key_der_2048;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, sizeof_server_key_der_2048));
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz)));
DEBUG_WRITE_DER(der, derSz, "ca.der");
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* Good cert test with proper alt email name */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* Cert with bad alt name list */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
wolfSSL_X509_add_altname(x509, "wolfssl@info.com", ASN_RFC822_TYPE);
wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint2(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES)
const char* ca_cert = "./certs/test/cert-ext-ndir.der";
const char* ca_cert2 = "./certs/test/cert-ext-ndir-exc.der";
const char* server_cert = "./certs/server-cert.pem";
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
const unsigned char *der = NULL;
const unsigned char *pt;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
int derSz = 0;
/* C=US*/
char altName[] = {
0x30, 0x0D, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53
};
/* C=ID */
char altNameFail[] = {
0x30, 0x0D, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x49, 0x44
};
/* C=US ST=California*/
char altNameExc[] = {
0x30, 0x22,
0x31, 0x0B,
0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x13,
0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A,
0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61
};
/* load in CA private key for signing */
pt = ca_key_der_2048;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &pt,
sizeof_ca_key_der_2048));
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull((der = wolfSSL_X509_get_der(ca, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wolfSSL_X509_sign(x509, priv, EVP_sha3_256());
#else
wolfSSL_X509_sign(x509, priv, EVP_sha256());
#endif
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* add in matching DIR alt name and resign */
wolfSSL_X509_add_altname_ex(x509, altName, sizeof(altName), ASN_DIR_TYPE);
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wolfSSL_X509_sign(x509, priv, EVP_sha3_256());
#else
wolfSSL_X509_sign(x509, priv, EVP_sha256());
#endif
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check verify fail */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
/* add in miss matching DIR alt name and resign */
wolfSSL_X509_add_altname_ex(x509, altNameFail, sizeof(altNameFail),
ASN_DIR_TYPE);
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wolfSSL_X509_sign(x509, priv, EVP_sha3_256());
#else
wolfSSL_X509_sign(x509, priv, EVP_sha256());
#endif
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
#ifndef WOLFSSL_NO_ASN_STRICT
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
#else
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
/* check that it still fails if one bad altname and one good altname is in
* the certificate */
wolfSSL_X509_free(x509);
x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
wolfSSL_X509_add_altname_ex(x509, altName, sizeof(altName), ASN_DIR_TYPE);
wolfSSL_X509_add_altname_ex(x509, altNameFail, sizeof(altNameFail),
ASN_DIR_TYPE);
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wolfSSL_X509_sign(x509, priv, EVP_sha3_256());
#else
wolfSSL_X509_sign(x509, priv, EVP_sha256());
#endif
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
#ifndef WOLFSSL_NO_ASN_STRICT
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
#else
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
/* check it fails with switching position of bad altname */
wolfSSL_X509_free(x509);
x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
wolfSSL_X509_add_altname_ex(x509, altNameFail, sizeof(altNameFail),
ASN_DIR_TYPE);
wolfSSL_X509_add_altname_ex(x509, altName, sizeof(altName), ASN_DIR_TYPE);
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wolfSSL_X509_sign(x509, priv, EVP_sha3_256());
#else
wolfSSL_X509_sign(x509, priv, EVP_sha256());
#endif
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
#ifndef WOLFSSL_NO_ASN_STRICT
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
#else
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(x509);
x509 = NULL;
wolfSSL_X509_free(ca);
ca = NULL;
/* now test with excluded name constraint */
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert2,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull((der = wolfSSL_X509_get_der(ca, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
wolfSSL_X509_add_altname_ex(x509, altNameExc, sizeof(altNameExc),
ASN_DIR_TYPE);
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wolfSSL_X509_sign(x509, priv, EVP_sha3_256());
#else
wolfSSL_X509_sign(x509, priv, EVP_sha256());
#endif
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
#ifndef WOLFSSL_NO_ASN_STRICT
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
#else
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint3(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
const char* ca_cert = "./certs/test/cert-ext-mnc.der";
const char* server_cert = "./certs/test/server-goodcn.pem";
byte *der = NULL;
int derSz = 0;
byte *pt;
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
pt = (byte*)server_key_der_2048;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, sizeof_server_key_der_2048));
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz)));
DEBUG_WRITE_DER(der, derSz, "ca.der");
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* check satisfying .wolfssl.com constraint passes */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@info.wolfssl.com", 24, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "wolfssl@info.wolfssl.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-1st-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check satisfying .random.com constraint passes */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@info.example.com", 24, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "wolfssl@info.example.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-2nd-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check fail case when neither constraint is matched */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@info.com", 16, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
wolfSSL_X509_add_altname(x509, "wolfssl@info.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint4(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
const char* ca_cert = "./certs/test/cert-ext-ncdns.der";
const char* server_cert = "./certs/test/server-goodcn.pem";
byte *der = NULL;
int derSz;
byte *pt;
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
pt = (byte*)server_key_der_2048;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, sizeof_server_key_der_2048));
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz)));
DEBUG_WRITE_DER(der, derSz, "ca.der");
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* check satisfying wolfssl.com constraint passes */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "www.wolfssl.com", ASN_DNS_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-1st-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check satisfying example.com constraint passes */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"example.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "www.example.com", ASN_DNS_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-2nd-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check satisfying wolfssl.com constraint passes with list of DNS's */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "www.wolfssl.com", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "www.info.wolfssl.com", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "extra.wolfssl.com", ASN_DNS_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-multiple-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check fail when one DNS in the list is bad */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "www.wolfssl.com", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "www.nomatch.com", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "www.info.wolfssl.com", ASN_DNS_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-multiple-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_X509_free(x509);
x509 = NULL;
/* check fail case when neither constraint is matched */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"common", 6, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
wolfSSL_X509_add_altname(x509, "www.random.com", ASN_DNS_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint5(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
const char* ca_cert = "./certs/test/cert-ext-ncmixed.der";
const char* server_cert = "./certs/test/server-goodcn.pem";
byte *der = NULL;
int derSz;
byte *pt;
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
pt = (byte*)server_key_der_2048;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, sizeof_server_key_der_2048));
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz)));
DEBUG_WRITE_DER(der, derSz, "ca.der");
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* check satisfying wolfssl.com constraint passes */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"example", 7, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "good.example", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "facts@into.wolfssl.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
x509 = NULL;
/* fail with DNS check because of common name */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "example", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "facts@wolfssl.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-cn-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_X509_free(x509);
x509 = NULL;
/* fail on permitted DNS name constraint */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "www.example", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "www.wolfssl", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "info@wolfssl.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-1st-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_X509_free(x509);
x509 = NULL;
/* fail on permitted email name constraint */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
wolfSSL_X509_add_altname(x509, "example", ASN_DNS_TYPE);
wolfSSL_X509_add_altname(x509, "info@wolfssl.com", ASN_RFC822_TYPE);
wolfSSL_X509_add_altname(x509, "info@example.com", ASN_RFC822_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "bad-2nd-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), ASN_NAME_INVALID_E);
wolfSSL_X509_free(x509);
x509 = NULL;
/* success with empty email name */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(server_cert,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
X509_NAME_free(name);
wolfSSL_X509_add_altname(x509, "example", ASN_DNS_TYPE);
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
DEBUG_WRITE_CERT_X509(x509, "good-missing-constraint-cert.pem");
ExpectNotNull((der = (byte*)wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerCRL(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \
!defined(NO_RSA)
const char* ca_cert = "./certs/ca-cert.pem";
const char* crl1 = "./certs/crl/crl.pem";
const char* crl2 = "./certs/crl/crl2.pem";
#ifdef WC_RSA_PSS
const char* crl_rsapss = "./certs/crl/crl_rsapss.pem";
const char* ca_rsapss = "./certs/rsapss/ca-rsapss.pem";
#endif
const unsigned char crl_buff[] = {
0x30, 0x82, 0x02, 0x04, 0x30, 0x81, 0xed, 0x02,
0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74,
0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06,
0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f,
0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30,
0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08,
0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, 0x74, 0x68,
0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
0x0b, 0x0c, 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75,
0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30,
0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66,
0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31,
0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10,
0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c,
0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x17,
0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32,
0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, 0x14,
0x30, 0x12, 0x02, 0x01, 0x02, 0x17, 0x0d, 0x32,
0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31,
0x37, 0x35, 0x30, 0x5a, 0xa0, 0x0e, 0x30, 0x0c,
0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x14, 0x04,
0x03, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00,
0x39, 0x44, 0xff, 0x39, 0xf4, 0x04, 0x45, 0x79,
0x7e, 0x73, 0xe2, 0x42, 0x48, 0xdb, 0x85, 0x66,
0xfd, 0x99, 0x76, 0x94, 0x7c, 0xb5, 0x79, 0x5d,
0x15, 0x71, 0x36, 0xa9, 0x87, 0xf0, 0x73, 0x05,
0x50, 0x08, 0x6b, 0x1c, 0x6e, 0xde, 0x96, 0x45,
0x31, 0xc3, 0xc0, 0xba, 0xba, 0xf5, 0x08, 0x1d,
0x05, 0x4a, 0x52, 0x39, 0xe9, 0x03, 0xef, 0x59,
0xc8, 0x1d, 0x4a, 0xf2, 0x86, 0x05, 0x99, 0x7b,
0x4b, 0x74, 0xf6, 0xd3, 0x75, 0x8d, 0xb2, 0x57,
0xba, 0xac, 0xa7, 0x11, 0x14, 0xd6, 0x6c, 0x71,
0xc4, 0x4c, 0x1c, 0x68, 0xbc, 0x49, 0x78, 0xf0,
0xc9, 0x52, 0x8a, 0xe7, 0x8b, 0x54, 0xe6, 0x20,
0x58, 0x20, 0x60, 0x66, 0xf5, 0x14, 0xd8, 0xcb,
0xff, 0xe0, 0xa0, 0x45, 0xbc, 0xb4, 0x81, 0xad,
0x1d, 0xbc, 0xcf, 0xf8, 0x8e, 0xa8, 0x87, 0x24,
0x55, 0x99, 0xd9, 0xce, 0x47, 0xf7, 0x5b, 0x4a,
0x33, 0x6d, 0xdb, 0xbf, 0x93, 0x64, 0x1a, 0xa6,
0x46, 0x5f, 0x27, 0xdc, 0xd8, 0xd4, 0xf9, 0xc2,
0x42, 0x2a, 0x7e, 0xb2, 0x7c, 0xdd, 0x98, 0x77,
0xf5, 0x88, 0x7d, 0x15, 0x25, 0x08, 0xbc, 0xe0,
0xd0, 0x8d, 0xf4, 0xc3, 0xc3, 0x04, 0x41, 0xa4,
0xd1, 0xb1, 0x39, 0x4a, 0x6b, 0x2c, 0xb5, 0x2e,
0x9a, 0x65, 0x43, 0x0d, 0x0e, 0x73, 0xf4, 0x06,
0xe1, 0xb3, 0x49, 0x34, 0x94, 0xb0, 0xb7, 0xff,
0xc0, 0x27, 0xc1, 0xb5, 0xea, 0x06, 0xf7, 0x71,
0x71, 0x97, 0xbb, 0xbc, 0xc7, 0x1a, 0x9f, 0xeb,
0xf6, 0x3d, 0xa5, 0x7b, 0x55, 0xa7, 0xbf, 0xdd,
0xd7, 0xee, 0x97, 0xb8, 0x9d, 0xdc, 0xcd, 0xe3,
0x06, 0xdb, 0x9a, 0x2c, 0x60, 0xbf, 0x70, 0x84,
0xfa, 0x6b, 0x8d, 0x70, 0x7d, 0xde, 0xe8, 0xb7,
0xab, 0xb0, 0x38, 0x68, 0x6c, 0xc0, 0xb1, 0xe1,
0xba, 0x45, 0xe0, 0xd7, 0x12, 0x3d, 0x71, 0x5b
};
WOLFSSL_CERT_MANAGER* cm = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm,
WOLFSSL_CRL_CHECK | WOLFSSL_CRL_CHECKALL), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 16), 1);
ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, -1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, -1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, -1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, 1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, -1),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
sizeof_server_cert_der_2048), ASN_NO_SIGNER_E);
ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(cm, NULL), 1);
#ifdef HAVE_CRL_IO
ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1);
#endif
#ifndef NO_FILESYSTEM
ExpectIntEQ(wolfSSL_CertManagerLoadCRL(NULL, NULL, WOLFSSL_FILETYPE_ASN1,
0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, NULL, WOLFSSL_FILETYPE_ASN1,
0), BAD_FUNC_ARG);
/* -1 seen as !WOLFSSL_FILETYPE_PEM */
ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, "./certs/crl", -1, 0), 1);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(NULL, NULL,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, NULL, WOLFSSL_FILETYPE_ASN1),
BAD_FUNC_ARG);
/* -1 seen as !WOLFSSL_FILETYPE_PEM */
ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, "./certs/crl/crl.pem", -1),
ASN_PARSE_E);
#endif
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, 1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, 1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, 1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, -1,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CertManagerFreeCRL(NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1);
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0));
wolfSSL_CertManagerFreeCRL(cm);
#ifndef WOLFSSL_CRL_ALLOW_MISSING_CDP
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
sizeof_server_cert_der_2048), CRL_MISSING);
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1), CRL_MISSING);
#endif /* !WOLFSSL_CRL_ALLOW_MISSING_CDP */
ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, sizeof(crl_buff),
WOLFSSL_FILETYPE_ASN1), 1);
#if !defined(NO_FILESYSTEM) && defined(WC_RSA_PSS)
/* loading should fail without the CA set */
ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, crl_rsapss,
WOLFSSL_FILETYPE_PEM), ASN_CRL_NO_SIGNER_E);
/* now successfully load the RSA-PSS crl once loading in it's CA */
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCA(cm, ca_rsapss, NULL));
ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, crl_rsapss,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#endif
wolfSSL_CertManagerFree(cm);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
{
EXPECT_DECLS;
#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA)
/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
defined(HAVE_LIGHTY)
WOLFSSL_CERT_MANAGER* cm = NULL;
/* Raw OCSP response bytes captured using the following setup:
* - Run responder with
* openssl ocsp -port 9999 -ndays 9999
* -index certs/ocsp/index-intermediate1-ca-issued-certs.txt
* -rsigner certs/ocsp/ocsp-responder-cert.pem
* -rkey certs/ocsp/ocsp-responder-key.pem
* -CA certs/ocsp/intermediate1-ca-cert.pem
* - Run client with
* openssl ocsp -host 127.0.0.1:9999 -respout resp.out
* -issuer certs/ocsp/intermediate1-ca-cert.pem
* -cert certs/ocsp/server1-cert.pem
* -CAfile certs/ocsp/root-ca-cert.pem -noverify
* - Select the response packet in Wireshark, and export it using
* "File->Export Packet Dissection->As "C" Arrays". Select "Selected
* packets only". After importing into the editor, remove the initial
* ~148 bytes of header, ending with the Content-Length and the \r\n\r\n.
*/
static const byte response[] = {
0x30, 0x82, 0x07, 0x40, /* ....0..@ */
0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, /* ......90 */
0x82, 0x07, 0x35, 0x06, 0x09, 0x2b, 0x06, 0x01, /* ..5..+.. */
0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, /* ...0.... */
0x07, 0x26, 0x30, 0x82, 0x07, 0x22, 0x30, 0x82, /* .&0.."0. */
0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, /* .@...0.. */
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, /* ring1.0. */
0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, /* olfSSL O */
0x43, 0x53, 0x50, 0x20, 0x52, 0x65, 0x73, 0x70, /* CSP Resp */
0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, /* onder1.0 */
0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, /* ...*.H.. */
0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, /* ......in */
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, /* sl.com.. */
0x32, 0x30, 0x32, 0x33, 0x31, 0x31, 0x30, 0x38, /* 20231108 */
0x30, 0x30, 0x32, 0x36, 0x33, 0x37, 0x5a, 0x30, /* 002637Z0 */
0x64, 0x30, 0x62, 0x30, 0x3a, 0x30, 0x09, 0x06, /* d0b0:0.. */
0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, /* .+...... */
0x04, 0x14, 0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, /* ..qM.#@Y */
0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, /* ...7C.1. */
0xba, 0xb1, 0x43, 0x18, 0xda, 0x04, 0x04, 0x14, /* ..C..... */
0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, /* ..:.,... */
0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, /* ..L.*.q. */
0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, /* dD...... */
0x00, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x33, 0x31, /* ...20231 */
0x31, 0x30, 0x38, 0x30, 0x30, 0x32, 0x36, 0x33, /* 10800263 */
0x37, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30, /* 7Z....20 */
0x35, 0x31, 0x30, 0x33, 0x32, 0x35, 0x30, 0x30, /* 51032500 */
0x32, 0x36, 0x33, 0x37, 0x5a, 0xa1, 0x23, 0x30, /* 2637Z.#0 */
0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, /* !0...+.. */
0x05, 0x05, 0x07, 0x30, 0x01, 0x02, 0x04, 0x12, /* ...0.... */
0x04, 0x10, 0xdb, 0xbc, 0x2a, 0x76, 0xa0, 0xb4, /* ....*v.. */
0x1e, 0x5d, 0xf6, 0x2b, 0x8e, 0x38, 0x62, 0xdb, /* .].+.8b. */
0x90, 0xed, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, /* ..0...*. */
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, /* H....... */
0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x87, 0xde, /* ........ */
0xfb, 0xf9, 0x3a, 0x90, 0x1f, 0x90, 0xde, 0xcf, /* ..:..... */
0xfe, 0xad, 0x64, 0x19, 0x34, 0x17, 0xf8, 0x15, /* ..d.4... */
0x01, 0x22, 0x5f, 0x67, 0x41, 0xa4, 0x18, 0xf7, /* ."_gA... */
0x16, 0xb7, 0xc9, 0xf3, 0xe1, 0x9f, 0xcd, 0x40, /* .......@ */
0x56, 0x77, 0x6e, 0x6a, 0xfb, 0x92, 0x6a, 0x6f, /* Vwnj..jo */
0x28, 0x3e, 0x22, 0x48, 0xa1, 0xc2, 0xd8, 0x1d, /* (>"H.... */
0xc7, 0xe6, 0x78, 0x7f, 0xb6, 0x09, 0xfe, 0x2c, /* ..x...., */
0xb5, 0xef, 0x29, 0x7c, 0xc5, 0x51, 0x16, 0x7b, /* ..)|.Q.{ */
0x8f, 0xfb, 0x44, 0xa8, 0xcd, 0xf5, 0x5c, 0x0f, /* ..D...\. */
0x46, 0x0e, 0xb1, 0xa4, 0xeb, 0x5b, 0xf5, 0x86, /* F....[.. */
0x11, 0x0f, 0xcd, 0xe2, 0xe5, 0x3c, 0x91, 0x72, /* .....<.r */
0x0d, 0x6a, 0xcb, 0x95, 0x99, 0x39, 0x91, 0x48, /* .j...9.H */
0x65, 0x97, 0xb9, 0x78, 0xb5, 0x88, 0x7f, 0x76, /* e..x...v */
0xa1, 0x43, 0x2f, 0xf6, 0x1f, 0x49, 0xb7, 0x08, /* .C/..I.. */
0x36, 0xe4, 0x2e, 0x34, 0x25, 0xda, 0x16, 0x74, /* 6..4%..t */
0x47, 0x62, 0x56, 0xff, 0x2f, 0x02, 0x03, 0x44, /* GbV./..D */
0x89, 0x04, 0xe7, 0xb8, 0xde, 0x0a, 0x35, 0x43, /* ......5C */
0xae, 0xd7, 0x54, 0xbe, 0xc3, 0x7c, 0x95, 0xa5, /* ..T..|.. */
0xc8, 0xe0, 0x2e, 0x52, 0xb6, 0xea, 0x99, 0x45, /* ...R...E */
0xfd, 0xda, 0x4b, 0xd5, 0x79, 0x07, 0x64, 0xca, /* ..K.y.d. */
0x64, 0xba, 0x52, 0x12, 0x62, 0x8c, 0x08, 0x9a, /* d.R.b... */
0x32, 0xeb, 0x85, 0x65, 0x05, 0x39, 0x07, 0x5d, /* 2..e.9.] */
0x39, 0x4a, 0xcf, 0xa5, 0x30, 0xf6, 0xd1, 0xf7, /* 9J..0... */
0x29, 0xaa, 0x23, 0x42, 0xc6, 0x85, 0x16, 0x7f, /* ).#B.... */
0x64, 0x16, 0xb1, 0xb0, 0x5d, 0xcd, 0x88, 0x2d, /* d...]..- */
0x06, 0xb0, 0xa9, 0xdf, 0xa3, 0x9f, 0x25, 0x41, /* ......%A */
0x89, 0x9a, 0x19, 0xe1, 0xaa, 0xcd, 0xdf, 0x51, /* .......Q */
0xcb, 0xa9, 0xc3, 0x7e, 0x27, 0xbc, 0x7d, 0x9b, /* ...~'.}. */
0x6f, 0x4d, 0x79, 0x87, 0x09, 0x3f, 0xac, 0xd2, /* oMy..?.. */
0x4a, 0x3b, 0xbe, 0xf8, 0x7a, 0xa4, 0x93, 0x45, /* J;..z..E */
0x11, 0x64, 0x40, 0xc5, 0x03, 0xc9, 0x24, 0x5b, /* .d@...$[ */
0xe9, 0x6d, 0xfc, 0x94, 0x08, 0xbe, 0xa0, 0x82, /* .m...... */
0x04, 0xc6, 0x30, 0x82, 0x04, 0xc2, 0x30, 0x82, /* ..0...0. */
0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, /* ..0..... */
0x02, 0x01, 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, /* ......0. */
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* ..*.H... */
0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x97, /* .....0.. */
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, /* ring1.0. */
0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, /* olfSSL r */
0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, /* oot CA1. */
0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, /* 0...*.H. */
0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, /* .......i */
0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, /* nfo@wolf */
0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, /* ssl.com0 */
0x1e, 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, /* ...22121 */
0x36, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, /* 6211750Z */
0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, /* ..250911 */
0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, /* 211750Z0 */
0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, /* ..1.0... */
0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, /* U....US1 */
0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, /* .0...U.. */
0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, /* ..Washin */
0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, /* gton1.0. */
0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, /* ..U....S */
0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, /* eattle1. */
0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, /* 0...U... */
0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, /* ...Engin */
0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, /* eering1. */
0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, /* 0...U... */
0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
0x20, 0x4f, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, /* OCSP Re */
0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, /* sponder1 */
0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, /* .0...*.H */
0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, /* ........ */
0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, /* info@wol */
0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, /* fssl.com */
0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, /* 0.."0... */
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, /* ........ */
0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, /* 0....... */
0x00, 0xb8, 0xba, 0x23, 0xb4, 0xf6, 0xc3, 0x7b, /* ...#...{ */
0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, /* .....a.. */
0x1e, 0x63, 0xb9, 0x85, 0x23, 0x34, 0x50, 0x6d, /* .c..#4Pm */
0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, /* .|.....u */
0x5c, 0x2d, 0xf7, 0x63, 0x88, 0xd1, 0x07, 0x7a, /* \-.c...z */
0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, /* ..E5+... */
0x22, 0xb4, 0x94, 0x41, 0x38, 0xe2, 0x9d, 0x74, /* "..A8..t */
0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, /* ..0".Q.. */
0xca, 0x3f, 0x46, 0x2b, 0xfe, 0xe5, 0x5a, 0x3f, /* .?F+..Z? */
0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, /* Atgu.... */
0xc3, 0xee, 0x42, 0xf8, 0x8d, 0xeb, 0x92, 0x95, /* ..B..... */
0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, /* ..e.C... */
0x16, 0x80, 0x90, 0xce, 0x24, 0x35, 0x21, 0xc4, /* ....$5!. */
0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, /* U.ZQ..-. */
0x0a, 0x5a, 0x4f, 0x4a, 0x73, 0x31, 0x50, 0xee, /* .ZOJs1P. */
0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, /* J..9...H */
0x87, 0xb1, 0x99, 0xe2, 0x10, 0xa7, 0x06, 0x72, /* .......r */
0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, /* g.\..... */
0x76, 0xf8, 0xe0, 0x4a, 0xec, 0xbc, 0x93, 0xf4, /* v..J.... */
0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, /* fL(q..f. */
0xb4, 0x90, 0x30, 0xbb, 0x17, 0xb0, 0xfe, 0x97, /* ..0..... */
0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, /* ....]... */
0x19, 0x12, 0x3c, 0xab, 0x82, 0x71, 0x78, 0xff, /* ..<..qx. */
0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, /* .?2..q.. */
0x8c, 0x27, 0xac, 0x11, 0xb8, 0xd8, 0x43, 0x49, /* .'....CI */
0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, /* ..p..... */
0x24, 0x87, 0x17, 0x3b, 0xd8, 0x04, 0x65, 0x6c, /* $..;..el */
0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, /* .vP..... */
0x73, 0x68, 0x26, 0x14, 0x87, 0x95, 0xc3, 0x5f, /* sh&...._ */
0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, /* na...... */
0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, /* .et|qTe. */
0x39, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, /* 9....... */
0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, /* ..0...0. */
0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, /* ..U....0 */
0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, /* .0...U.. */
0x04, 0x16, 0x04, 0x14, 0x32, 0x67, 0xe1, 0xb1, /* ....2g.. */
0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, /* y....#.p */
0x40, 0x50, 0xb5, 0x46, 0x56, 0xb8, 0x30, 0x36, /* @P.FV.06 */
0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, /* 0....U.# */
0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14, /* ...0.... */
0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, /* s.../... */
0x47, 0xa5, 0x38, 0xd7, 0xb0, 0x04, 0x82, 0x3a, /* G.8....: */
0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, /* ~r.!.... */
0x81, 0x9a, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, /* ..0..1.0 */
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, /* ...U.... */
0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, /* US1.0... */
0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, /* U....Was */
0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, /* hington1 */
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, /* .0...U.. */
0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, /* ..Seattl */
0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, /* e1.0...U */
0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, /* SSL1.0.. */
0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, /* .U....En */
0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, /* gineerin */
0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, /* g1.0...U */
0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, /* SSL root */
0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, /* CA1.0.. */
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* .*.H.... */
0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, /* ....info */
0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, /* @wolfssl */
0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, /* .com..c0 */
0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, /* ...U.%.. */
0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, /* 0...+... */
0x05, 0x07, 0x03, 0x09, 0x30, 0x0d, 0x06, 0x09, /* ....0... */
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, /* ........ */
0x2f, 0xb7, 0x6b, 0xec, 0xb7, 0x12, 0x63, 0xb9, /* /.k...c. */
0x57, 0xdc, 0x04, 0x4d, 0x9c, 0x67, 0x74, 0x98, /* W..M.gt. */
0x06, 0x28, 0x68, 0x37, 0x34, 0xc2, 0x50, 0xe9, /* .(h74.P. */
0x2a, 0xd4, 0x1a, 0xb2, 0x32, 0x1a, 0x9d, 0x2b, /* *...2..+ */
0x4f, 0x23, 0x50, 0xea, 0xb4, 0x95, 0x86, 0xc3, /* O#P..... */
0xb9, 0x5f, 0x34, 0x3e, 0x99, 0x91, 0xa7, 0x80, /* ._4>.... */
0x5f, 0x6e, 0x1b, 0x6e, 0xdb, 0xe9, 0x02, 0x38, /* _n.n...8 */
0x6f, 0xdf, 0xc5, 0x9b, 0x0d, 0xa3, 0x1c, 0xa9, /* o....... */
0x15, 0x76, 0x16, 0x66, 0xa8, 0x4e, 0xfb, 0xd3, /* .v.f.N.. */
0x43, 0x76, 0xf1, 0x72, 0xb7, 0xd1, 0xfa, 0xee, /* Cv.r.... */
0x39, 0xa6, 0x96, 0xc1, 0xa2, 0x93, 0xa4, 0x9b, /* 9....... */
0x1e, 0x9f, 0xba, 0x71, 0x8f, 0xba, 0xbd, 0x67, /* ...q...g */
0x6a, 0xf2, 0x15, 0x5f, 0xf1, 0x64, 0xe7, 0xcf, /* j.._.d.. */
0x26, 0xb8, 0x4c, 0xc0, 0xeb, 0x85, 0x04, 0x58, /* &.L....X */
0xd9, 0x4a, 0x6b, 0xd9, 0x86, 0xf5, 0x80, 0x21, /* .Jk....! */
0xbf, 0x91, 0xc8, 0x4b, 0x9f, 0x04, 0xed, 0x57, /* ...K...W */
0x7a, 0xd2, 0x58, 0xac, 0x5b, 0x47, 0xaf, 0x4d, /* z.X.[G.M */
0x7f, 0x5b, 0x1d, 0x6d, 0x68, 0x9b, 0x84, 0x98, /* .[.mh... */
0x2a, 0x31, 0x02, 0x2c, 0xe9, 0x1b, 0xaf, 0x11, /* *1.,.... */
0x0b, 0x78, 0x49, 0xbe, 0x68, 0x68, 0xcb, 0x9c, /* .xI.hh.. */
0x41, 0x56, 0xe8, 0xb5, 0x59, 0xda, 0xff, 0xca, /* AV..Y... */
0x59, 0x99, 0x17, 0x3e, 0x11, 0x0a, 0x8f, 0x49, /* Y..>...I */
0x24, 0x0b, 0x81, 0x42, 0x63, 0xcd, 0x4f, 0xf6, /* $..Bc.O. */
0x2b, 0x9d, 0xd1, 0x79, 0x75, 0xd7, 0x4a, 0xcc, /* +..yu.J. */
0x4c, 0xb7, 0x2b, 0xd7, 0xe8, 0xe7, 0xd4, 0x48, /* L.+....H */
0x3c, 0x14, 0x3b, 0x1c, 0x28, 0xe8, 0x46, 0x7a, /* <.;.(.Fz */
0xdc, 0x11, 0x9d, 0x7f, 0x1c, 0xab, 0x10, 0x95, /* ........ */
0x17, 0xb2, 0xc7, 0x7a, 0xbb, 0x17, 0x44, 0x59, /* ...z..DY */
0x69, 0x8e, 0x16, 0x05, 0x94, 0x8c, 0x88, 0xd9, /* i....... */
0xdc, 0x9a, 0xfd, 0xf2, 0x93, 0xbe, 0x68, 0xba, /* ......h. */
0x3c, 0xd6, 0x2b, 0x61, 0x3a, 0x8b, 0xf7, 0x66, /* <.+a:..f */
0xcb, 0x54, 0xe8, 0xe4, 0xdb, 0x9f, 0xcc, 0x9e /* .T...... */
};
OcspEntry entry[1];
CertStatus status[1];
OcspRequest* request = NULL;
#ifndef NO_FILESYSTEM
const char* ca_cert = "./certs/ca-cert.pem";
#endif
byte serial[] = {0x05};
byte issuerHash[] = {0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04};
byte issuerKeyHash[] = {0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e};
XMEMSET(entry, 0, sizeof(OcspEntry));
XMEMSET(status, 0, sizeof(CertStatus));
ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
DYNAMIC_TYPE_OCSP_REQUEST));
if ((request != NULL) && (request->serial != NULL)) {
request->serialSz = sizeof(serial);
XMEMCPY(request->serial, serial, sizeof(serial));
XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash));
}
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm,
"./certs/ocsp/intermediate1-ca-cert.pem", NULL), WOLFSSL_SUCCESS);
/* Response should be valid. */
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
/* Flip a byte in the request serial number, response should be invalid
* now. */
if ((request != NULL) && (request->serial != NULL))
request->serial[0] ^= request->serial[0];
ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
#ifndef NO_FILESYSTEM
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048,
sizeof(server_cert_der_2048)), ASN_NO_SIGNER_E);
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048,
sizeof(server_cert_der_2048)), 1);
#endif
wolfSSL_OCSP_REQUEST_free(request);
wolfSSL_CertManagerFree(cm);
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
* WOLFSSL_APACHE_HTTPD || HAVE_LIGHTY */
#endif /* HAVE_OCSP */
return EXPECT_RESULT();
}
static int test_wolfSSL_CheckOCSPResponse(void)
{
EXPECT_DECLS;
#if defined(HAVE_OCSP) && defined(OPENSSL_EXTRA) && \
!defined(NO_RSA) && !defined(NO_SHA)
const char* responseFile = "./certs/ocsp/test-response.der";
const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
const char* responseNoInternFile =
"./certs/ocsp/test-response-nointern.der";
const char* caFile = "./certs/ocsp/root-ca-cert.pem";
OcspResponse* res = NULL;
byte data[4096];
const unsigned char* pt;
int dataSz = 0; /* initialize to mitigate spurious maybe-uninitialized from
* gcc sanitizer with --enable-heapmath.
*/
XFILE f = XBADFILE;
WOLFSSL_OCSP_BASICRESP* bs = NULL;
WOLFSSL_X509_STORE* st = NULL;
WOLFSSL_X509* issuer = NULL;
ExpectTrue((f = XFOPEN(responseFile, "rb")) != XBADFILE);
ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
pt = data;
ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
SSL_FILETYPE_PEM));
ExpectNotNull(st = wolfSSL_X509_STORE_new());
ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS);
wolfSSL_OCSP_BASICRESP_free(bs);
bs = NULL;
wolfSSL_OCSP_RESPONSE_free(res);
res = NULL;
wolfSSL_X509_STORE_free(st);
st = NULL;
wolfSSL_X509_free(issuer);
issuer = NULL;
/* check loading a response with optional certs */
ExpectTrue((f = XFOPEN(responseNoInternFile, "rb")) != XBADFILE);
ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
f = XBADFILE;
pt = data;
ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
wolfSSL_OCSP_RESPONSE_free(res);
res = NULL;
/* check loading a response with multiple certs */
{
WOLFSSL_CERT_MANAGER* cm = NULL;
OcspEntry *entry = NULL;
CertStatus* status = NULL;
OcspRequest* request = NULL;
byte serial1[] = {0x01};
byte serial[] = {0x02};
byte issuerHash[] = {
0x44, 0xA8, 0xDB, 0xD1, 0xBC, 0x97, 0x0A, 0x83,
0x3B, 0x5B, 0x31, 0x9A, 0x4C, 0xB8, 0xD2, 0x52,
0x37, 0x15, 0x8A, 0x88
};
byte issuerKeyHash[] = {
0x73, 0xB0, 0x1C, 0xA4, 0x2F, 0x82, 0xCB, 0xCF,
0x47, 0xA5, 0x38, 0xD7, 0xB0, 0x04, 0x82, 0x3A,
0x7E, 0x72, 0x15, 0x21
};
ExpectNotNull(entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
DYNAMIC_TYPE_OPENSSL));
ExpectNotNull(status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_OPENSSL));
if (entry != NULL)
XMEMSET(entry, 0, sizeof(OcspEntry));
if (status != NULL)
XMEMSET(status, 0, sizeof(CertStatus));
ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
DYNAMIC_TYPE_OCSP_REQUEST));
if (request != NULL && request->serial != NULL) {
request->serialSz = sizeof(serial);
XMEMCPY(request->serial, serial, sizeof(serial));
XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
XMEMCPY(request->issuerKeyHash, issuerKeyHash,
sizeof(issuerKeyHash));
}
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, caFile, NULL),
WOLFSSL_SUCCESS);
ExpectTrue((f = XFOPEN(responseMultiFile, "rb")) != XBADFILE);
ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
f = XBADFILE;
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
ExpectNotNull(entry->status);
if (request != NULL && request->serial != NULL)
XMEMCPY(request->serial, serial1, sizeof(serial1));
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
/* store both status's in the entry to check that "next" is not
* overwritten */
if (EXPECT_SUCCESS() && status != NULL && entry != NULL) {
status->next = entry->status;
entry->status = status;
}
if (request != NULL && request->serial != NULL)
XMEMCPY(request->serial, serial, sizeof(serial));
ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
ExpectNotNull(entry->status->next);
/* compare the status found */
ExpectIntEQ(status->serialSz, entry->status->serialSz);
ExpectIntEQ(XMEMCMP(status->serial, entry->status->serial,
status->serialSz), 0);
if (status != NULL && entry != NULL && entry->status != status) {
XFREE(status, NULL, DYNAMIC_TYPE_OPENSSL);
}
wolfSSL_OCSP_CERTID_free(entry);
wolfSSL_OCSP_REQUEST_free(request);
wolfSSL_CertManagerFree(cm);
}
#if defined(WC_RSA_PSS)
{
const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der";
/* check loading a response with RSA-PSS signature */
ExpectTrue((f = XFOPEN(responsePssFile, "rb")) != XBADFILE);
ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
pt = data;
ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
/* try to verify the response */
ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
SSL_FILETYPE_PEM));
ExpectNotNull(st = wolfSSL_X509_STORE_new());
ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0),
WOLFSSL_SUCCESS);
wolfSSL_OCSP_BASICRESP_free(bs);
wolfSSL_OCSP_RESPONSE_free(res);
wolfSSL_X509_STORE_free(st);
wolfSSL_X509_free(issuer);
}
#endif
#endif /* HAVE_OCSP */
return EXPECT_RESULT();
}
static int test_wolfSSL_FPKI(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_FPKI) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
const char* fpkiCert = "./certs/fpki-cert.der";
DecodedCert cert;
byte buf[4096];
byte* uuid = NULL;
byte* fascn = NULL;
word32 fascnSz;
word32 uuidSz;
int bytes = 0;
ExpectTrue((f = XFOPEN(fpkiCert, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
wc_InitDecodedCert(&cert, buf, (word32)bytes, NULL);
ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, 0, NULL), 0);
ExpectIntEQ(wc_GetFASCNFromCert(&cert, NULL, &fascnSz), LENGTH_ONLY_E) ;
ExpectNotNull(fascn = (byte*)XMALLOC(fascnSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_GetFASCNFromCert(&cert, fascn, &fascnSz), 0);
XFREE(fascn, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectIntEQ(wc_GetUUIDFromCert(&cert, NULL, &uuidSz), LENGTH_ONLY_E);
ExpectNotNull(uuid = (byte*)XMALLOC(uuidSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_GetUUIDFromCert(&cert, uuid, &uuidSz), 0);
XFREE(uuid, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeDecodedCert(&cert);
#endif
return EXPECT_RESULT();
}
/* use RID in confuncture with other names to test parsing of unknown other
* names */
static int test_wolfSSL_OtherName(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
const char* ridCert = "./certs/rid-cert.der";
DecodedCert cert;
byte buf[4096];
int bytes = 0;
ExpectTrue((f = XFOPEN(ridCert, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
wc_InitDecodedCert(&cert, buf, (word32)bytes, NULL);
ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, 0, NULL), 0);
wc_FreeDecodedCert(&cert);
#endif
return EXPECT_RESULT();
}
#ifdef HAVE_CERT_CHAIN_VALIDATION
static int test_wolfSSL_CertRsaPss(void)
{
EXPECT_DECLS;
/* FIPS v2 and below don't support long salts. */
#if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION > 2))) && (!defined(HAVE_SELFTEST) || \
(defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION > 2)))
XFILE f = XBADFILE;
const char* rsaPssSha256Cert = "./certs/rsapss/ca-rsapss.der";
const char* rsaPssRootSha256Cert = "./certs/rsapss/root-rsapss.pem";
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_PSS_LONG_SALT) && \
RSA_MAX_SIZE >= 3072
const char* rsaPssSha384Cert = "./certs/rsapss/ca-3072-rsapss.der";
#endif
#if defined(WOLFSSL_SHA384) && RSA_MAX_SIZE >= 3072
const char* rsaPssRootSha384Cert = "./certs/rsapss/root-3072-rsapss.pem";
#endif
DecodedCert cert;
byte buf[4096];
int bytes = 0;
WOLFSSL_CERT_MANAGER* cm = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCA(cm, rsaPssRootSha256Cert, NULL));
#if defined(WOLFSSL_SHA384) && RSA_MAX_SIZE >= 3072
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CertManagerLoadCA(cm, rsaPssRootSha384Cert, NULL));
#endif
ExpectTrue((f = XFOPEN(rsaPssSha256Cert, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
wc_InitDecodedCert(&cert, buf, (word32)bytes, NULL);
ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, VERIFY, cm), 0);
wc_FreeDecodedCert(&cert);
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_PSS_LONG_SALT) && \
RSA_MAX_SIZE >= 3072
ExpectTrue((f = XFOPEN(rsaPssSha384Cert, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
wc_InitDecodedCert(&cert, buf, (word32)bytes, NULL);
ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, VERIFY, cm), 0);
wc_FreeDecodedCert(&cert);
#endif
wolfSSL_CertManagerFree(cm);
#endif
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_CTX_load_verify_locations_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
/* test good CA */
ExpectTrue(WOLFSSL_SUCCESS ==
wolfSSL_CTX_load_verify_locations_ex(ctx, ca_cert, NULL,
WOLFSSL_LOAD_FLAG_NONE));
/* test expired CA */
#if !defined(OPENSSL_COMPATIBLE_DEFAULTS) && !defined(NO_ASN_TIME)
ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, ca_expired_cert, NULL,
WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, ca_expired_cert, NULL,
WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, ca_expired_cert, NULL,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX* ctx;
const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der";
byte ca_expired_cert[TWOK_BUF];
word32 sizeof_ca_expired_cert = 0;
XFILE fp = XBADFILE;
#ifndef NO_WOLFSSL_CLIENT
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
#else
ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#endif
ExpectNotNull(ctx);
#if defined(USE_CERT_BUFFERS_2048)
/* test good CA */
ExpectTrue(WOLFSSL_SUCCESS ==
wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1, 0,
WOLFSSL_LOAD_FLAG_NONE));
#endif
/* load expired CA */
XMEMSET(ca_expired_cert, 0, sizeof(ca_expired_cert));
ExpectTrue((fp = XFOPEN(ca_expired_cert_file, "rb")) != XBADFILE);
ExpectIntGT(sizeof_ca_expired_cert = (word32)XFREAD(ca_expired_cert, 1,
sizeof(ca_expired_cert), fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
/* test expired CA failure */
#if !defined(OPENSSL_COMPATIBLE_DEFAULTS) && !defined(NO_ASN_TIME)
ExpectIntNE(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert,
sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0,
WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert,
sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0,
WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS);
#endif
/* test expired CA success */
ExpectIntEQ(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert,
sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WOLFSSL_SUCCESS);
/* Fail when ctx is NULL. */
ExpectIntEQ(wolfSSL_CTX_load_verify_buffer_ex(NULL, ca_expired_cert,
sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 0,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), BAD_FUNC_ARG);
/* Load as modified cert - bad initial length. */
ca_expired_cert[2] = 0x7f;
ExpectIntEQ(wolfSSL_CTX_load_verify_buffer_ex(ctx, ca_expired_cert,
sizeof_ca_expired_cert, WOLFSSL_FILETYPE_ASN1, 1,
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), ASN_PARSE_E);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) && \
defined(USE_CERT_BUFFERS_2048) && (WOLFSSL_MIN_RSA_BITS <= 1024) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx = NULL;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
/* Public key 140 bytes??? */
ExpectIntEQ(wolfSSL_CTX_load_verify_chain_buffer_format(ctx,
ca_cert_chain_der, sizeof_ca_cert_chain_der, WOLFSSL_FILETYPE_ASN1),
WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add1_chain_cert(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(OPENSSL_EXTRA) && \
defined(KEEP_OUR_CERT) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx;
WOLFSSL* ssl = NULL;
const char *certChain[] = {
"./certs/intermediate/client-int-cert.pem",
"./certs/intermediate/ca-int2-cert.pem",
"./certs/intermediate/ca-int-cert.pem",
"./certs/ca-cert.pem",
NULL
};
const char** cert;
WOLFSSL_X509* x509 = NULL;
WOLF_STACK_OF(X509)* chain = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectNotNull(x509 = wolfSSL_X509_new());
ExpectIntEQ(SSL_CTX_add1_chain_cert(ctx, x509), 0);
ExpectIntEQ(SSL_CTX_add0_chain_cert(ctx, x509), 0);
ExpectIntEQ(SSL_add1_chain_cert(ssl, x509), 0);
ExpectIntEQ(SSL_add0_chain_cert(ssl, x509), 0);
wolfSSL_X509_free(x509);
x509 = NULL;
for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) {
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert,
WOLFSSL_FILETYPE_PEM));
/* Do negative tests once */
if (cert == certChain) {
/* Negative tests. */
ExpectIntEQ(SSL_CTX_add1_chain_cert(NULL, NULL), 0);
ExpectIntEQ(SSL_CTX_add1_chain_cert(ctx, NULL), 0);
ExpectIntEQ(SSL_CTX_add1_chain_cert(NULL, x509), 0);
ExpectIntEQ(SSL_CTX_add0_chain_cert(NULL, NULL), 0);
ExpectIntEQ(SSL_CTX_add0_chain_cert(ctx, NULL), 0);
ExpectIntEQ(SSL_CTX_add0_chain_cert(NULL, x509), 0);
}
ExpectIntEQ(SSL_CTX_add1_chain_cert(ctx, x509), 1);
X509_free(x509);
x509 = NULL;
}
for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) {
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert,
WOLFSSL_FILETYPE_PEM));
/* Do negative tests once */
if (cert == certChain) {
/* Negative tests. */
ExpectIntEQ(SSL_add1_chain_cert(NULL, NULL), 0);
ExpectIntEQ(SSL_add1_chain_cert(ssl, NULL), 0);
ExpectIntEQ(SSL_add1_chain_cert(NULL, x509), 0);
ExpectIntEQ(SSL_add0_chain_cert(NULL, NULL), 0);
ExpectIntEQ(SSL_add0_chain_cert(ssl, NULL), 0);
ExpectIntEQ(SSL_add0_chain_cert(NULL, x509), 0);
}
ExpectIntEQ(SSL_add1_chain_cert(ssl, x509), 1);
X509_free(x509);
x509 = NULL;
}
ExpectIntEQ(SSL_CTX_get0_chain_certs(ctx, &chain), 1);
ExpectIntEQ(sk_X509_num(chain), 3);
ExpectIntEQ(SSL_get0_chain_certs(ssl, &chain), 1);
ExpectIntEQ(sk_X509_num(chain), 3);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT) && defined(USE_CERT_BUFFERS_2048)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* cert = "./certs/server-cert.pem";
unsigned char* buf = NULL;
size_t len;
ExpectIntEQ(load_file(cert, &buf, &len), 0);
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* Invalid parameters. */
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL,
NULL, 0, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
NULL, 0, WOLFSSL_FILETYPE_ASN1), ASN_PARSE_E);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, NULL, 0),
ASN_NO_PEM_HEADER);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf, (long)len),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, NULL, 0),
ASN_NO_PEM_HEADER);
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, buf, (long)len),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buf,
(long)len, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, buf, (long)len),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048), ASN_NO_PEM_HEADER);
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, buf, (long)len),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, server_cert_der_2048,
sizeof_server_cert_der_2048), ASN_NO_PEM_HEADER);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
if (buf != NULL) {
free(buf);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
const char* server_chain_der = "./certs/server-cert-chain.der";
const char* client_single_pem = "./certs/client-cert.pem";
WOLFSSL_CTX* ctx = NULL;
(void)server_chain_der;
(void)client_single_pem;
(void)ctx;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file_format(ctx,
server_chain_der, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file_format(ctx,
client_single_pem, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_use_certificate_chain_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
const char* server_chain_der = "./certs/server-cert-chain.der";
const char* client_single_pem = "./certs/client-cert.pem";
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
(void)server_chain_der;
(void)client_single_pem;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* Invalid parameters. */
ExpectIntEQ(wolfSSL_use_certificate_chain_file_format(NULL, NULL,
WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_chain_file_format(ssl, NULL,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_use_certificate_chain_file_format(NULL,
server_chain_der, WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_chain_file(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_chain_file(ssl, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_use_certificate_chain_file(NULL, client_single_pem),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_use_certificate_chain_file(ssl, server_chain_der),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_use_certificate_chain_file_format(ssl,
server_chain_der, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_certificate_chain_file_format(ssl,
client_single_pem, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_certificate_chain_file(ssl, client_single_pem),
WOLFSSL_SUCCESS);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_SetTmpDH_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX *ctx = NULL;
#if defined(WOLFSSL_WPAS) && !defined(NO_DSA)
const char* dsaParamFile = "./certs/dsaparams.pem";
#endif
(void)ctx;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
/* invalid context */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(NULL,
dhParamFile, WOLFSSL_FILETYPE_PEM));
/* invalid dhParamFile file */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx,
NULL, WOLFSSL_FILETYPE_PEM));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx,
bogusFile, WOLFSSL_FILETYPE_PEM));
/* success */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
WOLFSSL_FILETYPE_PEM));
#if defined(WOLFSSL_WPAS) && !defined(NO_DSA)
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, dsaParamFile,
WOLFSSL_FILETYPE_PEM));
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX *ctx = NULL;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
/* invalid context */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(NULL,
dh_key_der_2048, sizeof_dh_key_der_2048,
WOLFSSL_FILETYPE_ASN1));
/* invalid dhParamFile file */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(NULL, NULL,
0, WOLFSSL_FILETYPE_ASN1));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, NULL,
0, WOLFSSL_FILETYPE_ASN1));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx,
dsa_key_der_2048, sizeof_dsa_key_der_2048,
WOLFSSL_FILETYPE_ASN1));
/* invalid file format */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx,
dh_key_der_2048, sizeof_dh_key_der_2048, -1));
/* success */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx,
dh_key_der_2048, sizeof_dh_key_der_2048,
WOLFSSL_FILETYPE_ASN1));
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX *ctx;
(void)ctx;
#ifndef NO_WOLFSSL_CLIENT
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
#else
ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#endif
ExpectNotNull(ctx);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 3072));
ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 2048));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx,
dh_key_der_2048, sizeof_dh_key_der_2048,
WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 1024));
ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_CTX_SetTmpDH_buffer(ctx,
dh_key_der_2048, sizeof_dh_key_der_2048,
WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 2048));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx,
dh_key_der_2048, sizeof_dh_key_der_2048,
WOLFSSL_FILETYPE_ASN1));
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_der_load_verify_locations(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_DER_LOAD) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx = NULL;
const char* derCert = "./certs/server-cert.der";
const char* nullPath = NULL;
const char* invalidPath = "./certs/this-cert-does-not-exist.der";
const char* emptyPath = "";
/* der load Case 1 ctx NULL */
ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, derCert,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
/* Case 2 filePath NULL */
ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, nullPath,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE);
/* Case 3 invalid format */
ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, derCert,
WOLFSSL_FILETYPE_PEM), WOLFSSL_FAILURE);
/* Case 4 filePath not valid */
ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, invalidPath,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE);
/* Case 5 filePath empty */
ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, emptyPath,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_FAILURE);
#ifndef NO_RSA
/* Case 6 success case */
ExpectIntEQ(wolfSSL_CTX_der_load_verify_locations(ctx, derCert,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_enable_disable(void)
{
EXPECT_DECLS;
#ifndef NO_CERTS
WOLFSSL_CTX* ctx = NULL;
#ifdef HAVE_CRL
ExpectIntEQ(wolfSSL_CTX_DisableCRL(ctx), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, 0), BAD_FUNC_ARG);
#endif
#ifdef HAVE_OCSP
ExpectIntEQ(wolfSSL_CTX_DisableOCSP(ctx), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, 0), BAD_FUNC_ARG);
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
ExpectIntEQ(wolfSSL_CTX_DisableOCSPStapling(ctx), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_DisableOCSPMustStaple(ctx), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_EnableOCSPMustStaple(ctx), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifdef HAVE_EXTENDED_MASTER
ExpectIntEQ(wolfSSL_CTX_DisableExtendedMasterSecret(ctx), BAD_FUNC_ARG);
#endif
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#ifdef HAVE_EXTENDED_MASTER
ExpectIntEQ(wolfSSL_CTX_DisableExtendedMasterSecret(ctx), WOLFSSL_SUCCESS);
#endif
#elif !defined(NO_WOLFSSL_SERVER)
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#ifdef HAVE_CRL
ExpectIntEQ(wolfSSL_CTX_DisableCRL(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, 0), WOLFSSL_SUCCESS);
#endif
#ifdef HAVE_OCSP
ExpectIntEQ(wolfSSL_CTX_DisableOCSP(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_URL_OVERRIDE),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL),
WOLFSSL_SUCCESS);
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
ExpectIntEQ(wolfSSL_CTX_DisableOCSPStapling(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_DisableOCSPMustStaple(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_DisableOCSPMustStaple(ctx), WOLFSSL_SUCCESS);
#endif
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* NO_CERTS */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_ticket_API(void)
{
EXPECT_DECLS;
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX* ctx = NULL;
void *userCtx = (void*)"this is my ctx";
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(ctx, userCtx));
ExpectTrue(userCtx == wolfSSL_CTX_get_TicketEncCtx(ctx));
wolfSSL_CTX_free(ctx);
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(NULL, userCtx));
ExpectNull(wolfSSL_CTX_get_TicketEncCtx(NULL));
#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */
return EXPECT_RESULT();
}
static int test_wolfSSL_set_minmax_proto_version(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
(void)ssl;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(NULL, 0), SSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(NULL, 0), SSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_min_proto_version(NULL, 0), SSL_FAILURE);
ExpectIntEQ(wolfSSL_set_min_proto_version(ssl, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_max_proto_version(NULL, 0), SSL_FAILURE);
ExpectIntEQ(wolfSSL_set_max_proto_version(ssl, 0), SSL_SUCCESS);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
ctx = NULL;
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(NULL, 0), SSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(NULL, 0), SSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, 0), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx, 0), SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
#endif
return EXPECT_RESULT();
}
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) && \
defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_CTX_set_max_proto_version_on_result(WOLFSSL* ssl)
{
EXPECT_DECLS;
ExpectStrEQ(wolfSSL_get_version(ssl), "TLSv1.2");
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_max_proto_version_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
/* Set TLS 1.2 */
ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION),
WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
/* Test using wolfSSL_CTX_set_max_proto_version to limit the version below
* what was set at ctx creation. */
static int test_wolfSSL_CTX_set_max_proto_version(void)
{
EXPECT_DECLS;
test_ssl_cbf client_cbs;
test_ssl_cbf server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.method = wolfTLS_client_method;
server_cbs.method = wolfTLS_server_method;
server_cbs.ctx_ready = test_wolfSSL_CTX_set_max_proto_version_ctx_ready;
client_cbs.on_result = test_wolfSSL_CTX_set_max_proto_version_on_result;
server_cbs.on_result = test_wolfSSL_CTX_set_max_proto_version_on_result;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_wolfSSL_CTX_set_max_proto_version(void)
{
return TEST_SKIPPED;
}
#endif
/*----------------------------------------------------------------------------*
| SSL
*----------------------------------------------------------------------------*/
static int test_server_wolfSSL_new(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx_nocert = NULL;
WOLFSSL *ssl = NULL;
ExpectNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
/* invalid context */
ExpectNull(ssl = wolfSSL_new(NULL));
#if !defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_QT) && \
!defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_INIT_CTX_KEY)
ExpectNull(ssl = wolfSSL_new(ctx_nocert));
#endif
/* success */
ExpectNotNull(ssl = wolfSSL_new(ctx));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_CTX_free(ctx_nocert);
#endif
return EXPECT_RESULT();
}
static int test_client_wolfSSL_new(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx_nocert = NULL;
WOLFSSL *ssl = NULL;
ExpectNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectTrue(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
/* invalid context */
ExpectNull(ssl = wolfSSL_new(NULL));
/* success */
ExpectNotNull(ssl = wolfSSL_new(ctx_nocert));
wolfSSL_free(ssl);
ssl = NULL;
/* success */
ExpectNotNull(ssl = wolfSSL_new(ctx));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_CTX_free(ctx_nocert);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SetTmpDH_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
!defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
const char* dhX942ParamFile = "./certs/x942dh2048.pem";
#if defined(WOLFSSL_WPAS) && !defined(NO_DSA)
const char* dsaParamFile = "./certs/dsaparams.pem";
#endif
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#ifndef NO_RSA
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
#elif defined(HAVE_ECC)
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
WOLFSSL_FILETYPE_PEM));
#elif defined(HAVE_ED25519)
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, edCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile,
WOLFSSL_FILETYPE_PEM));
#elif defined(HAVE_ED448)
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, ed448CertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
WOLFSSL_FILETYPE_PEM));
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* invalid ssl */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(NULL,
dhParamFile, WOLFSSL_FILETYPE_PEM));
/* invalid dhParamFile file */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl,
NULL, WOLFSSL_FILETYPE_PEM));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl,
bogusFile, WOLFSSL_FILETYPE_PEM));
/* success */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl, dhParamFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_file(ssl, dhX942ParamFile,
WOLFSSL_FILETYPE_PEM));
#if defined(WOLFSSL_WPAS) && !defined(NO_DSA)
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_file(ctx, dsaParamFile,
WOLFSSL_FILETYPE_PEM));
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SetTmpDH_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* invalid ssl */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(NULL, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
/* invalid dhParamFile file */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(NULL, NULL,
0, WOLFSSL_FILETYPE_ASN1));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, NULL, 0,
WOLFSSL_FILETYPE_ASN1));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dsa_key_der_2048,
sizeof_dsa_key_der_2048, WOLFSSL_FILETYPE_ASN1));
/* success */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx2 = NULL;
WOLFSSL *ssl = NULL;
WOLFSSL *ssl2 = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 3072));
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectNotNull(ctx2 = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_buffer(ctx2, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx2, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 1024));
ExpectNotNull(ssl2 = wolfSSL_new(ctx2));
ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMinDhKey_Sz(ssl, 2048));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMinDhKey_Sz(ssl, 3072));
ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl2, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMaxDhKey_Sz(ssl2, 2048));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl2, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMaxDhKey_Sz(ssl2, 1024));
ExpectIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
wolfSSL_free(ssl2);
wolfSSL_CTX_free(ctx2);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
/* Test function for wolfSSL_SetMinVersion. Sets the minimum downgrade version
* allowed.
* POST: return 1 on success.
*/
static int test_wolfSSL_SetMinVersion(void)
{
int res = TEST_SKIPPED;
#ifndef NO_WOLFSSL_CLIENT
int failFlag = WOLFSSL_SUCCESS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
int itr;
#ifndef NO_OLD_TLS
const int versions[] = {
#ifdef WOLFSSL_ALLOW_TLSV10
WOLFSSL_TLSV1,
#endif
WOLFSSL_TLSV1_1,
WOLFSSL_TLSV1_2};
#elif !defined(WOLFSSL_NO_TLS12)
const int versions[] = { WOLFSSL_TLSV1_2 };
#else
const int versions[] = { WOLFSSL_TLSV1_3 };
#endif
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
ssl = wolfSSL_new(ctx);
for (itr = 0; itr < (int)(sizeof(versions)/sizeof(int)); itr++) {
if (wolfSSL_SetMinVersion(ssl, *(versions + itr)) != WOLFSSL_SUCCESS) {
failFlag = WOLFSSL_FAILURE;
}
}
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
res = TEST_RES_CHECK(failFlag == WOLFSSL_SUCCESS);
#endif
return res;
} /* END test_wolfSSL_SetMinVersion */
#ifdef OPENSSL_EXTRA
static int test_EC25519(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519) && defined(WOLFSSL_KEY_GEN)
byte priv[CURVE25519_KEYSIZE];
unsigned int privSz = CURVE25519_KEYSIZE;
byte pub[CURVE25519_KEYSIZE];
unsigned int pubSz = CURVE25519_KEYSIZE;
byte priv2[CURVE25519_KEYSIZE];
unsigned int priv2Sz = CURVE25519_KEYSIZE;
byte pub2[CURVE25519_KEYSIZE];
unsigned int pub2Sz = CURVE25519_KEYSIZE;
byte shared[CURVE25519_KEYSIZE];
unsigned int sharedSz = CURVE25519_KEYSIZE;
byte shared2[CURVE25519_KEYSIZE];
unsigned int shared2Sz = CURVE25519_KEYSIZE;
/* Bad parameter testing of key generation. */
ExpectIntEQ(wolfSSL_EC25519_generate_key(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC25519_generate_key(NULL, &privSz, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_generate_key(NULL, &privSz, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv, NULL, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv, &privSz, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv, &privSz, pub, NULL), 0);
/* Bad length */
privSz = 1;
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv, &privSz, pub, &pubSz), 0);
privSz = CURVE25519_KEYSIZE;
pubSz = 1;
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv, &privSz, pub, &pubSz), 0);
pubSz = CURVE25519_KEYSIZE;
/* Good case of generating key. */
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv, &privSz, pub, &pubSz), 1);
ExpectIntEQ(wolfSSL_EC25519_generate_key(priv2, &priv2Sz, pub2, &pub2Sz),
1);
ExpectIntEQ(privSz, CURVE25519_KEYSIZE);
ExpectIntEQ(pubSz, CURVE25519_KEYSIZE);
/* Bad parameter testing of shared key. */
ExpectIntEQ(wolfSSL_EC25519_shared_key( NULL, NULL, NULL, privSz,
NULL, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key( NULL, &sharedSz, NULL, privSz,
NULL, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key( NULL, &sharedSz, priv, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, NULL, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, priv, privSz,
NULL, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key( NULL, &sharedSz, priv, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, NULL, priv, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, NULL, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, priv, privSz,
NULL, pubSz), 0);
/* Bad length. */
sharedSz = 1;
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, priv, privSz,
pub, pubSz), 0);
sharedSz = CURVE25519_KEYSIZE;
privSz = 1;
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, priv, privSz,
pub, pubSz), 0);
privSz = CURVE25519_KEYSIZE;
pubSz = 1;
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, priv, privSz,
pub, pubSz), 0);
pubSz = CURVE25519_KEYSIZE;
/* Good case of shared key. */
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared, &sharedSz, priv, privSz,
pub2, pub2Sz), 1);
ExpectIntEQ(wolfSSL_EC25519_shared_key(shared2, &shared2Sz, priv2, priv2Sz,
pub, pubSz), 1);
ExpectIntEQ(sharedSz, CURVE25519_KEYSIZE);
ExpectIntEQ(shared2Sz, CURVE25519_KEYSIZE);
ExpectIntEQ(XMEMCMP(shared, shared2, sharedSz), 0);
#endif /* HAVE_CURVE25519 && WOLFSSL_KEY_GEN */
return EXPECT_RESULT();
}
static int test_ED25519(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
defined(WOLFSSL_KEY_GEN)
byte priv[ED25519_PRV_KEY_SIZE];
unsigned int privSz = (unsigned int)sizeof(priv);
byte pub[ED25519_PUB_KEY_SIZE];
unsigned int pubSz = (unsigned int)sizeof(pub);
#if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_IMPORT)
const char* msg = TEST_STRING;
unsigned int msglen = (unsigned int)TEST_STRING_SZ;
byte sig[ED25519_SIG_SIZE];
unsigned int sigSz = (unsigned int)sizeof(sig);
#endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */
/* Bad parameter testing of key generation. */
ExpectIntEQ(wolfSSL_ED25519_generate_key(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(NULL, &privSz, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(NULL, NULL, pub, NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(NULL, NULL, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(NULL, &privSz, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, NULL, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, NULL), 0);
/* Bad length. */
privSz = 1;
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz), 0);
privSz = ED25519_PRV_KEY_SIZE;
pubSz = 1;
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz), 0);
pubSz = ED25519_PUB_KEY_SIZE;
/* Good case of generating key. */
ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz),
1);
ExpectIntEQ(privSz, ED25519_PRV_KEY_SIZE);
ExpectIntEQ(pubSz, ED25519_PUB_KEY_SIZE);
#if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_IMPORT)
/* Bad parameter testing of signing. */
ExpectIntEQ(wolfSSL_ED25519_sign( NULL, msglen, NULL, privSz, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, NULL, privSz, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_sign( NULL, msglen, priv, privSz, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_sign( NULL, msglen, NULL, privSz, sig,
NULL), 0);
ExpectIntEQ(wolfSSL_ED25519_sign( NULL, msglen, NULL, privSz, NULL,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_sign( NULL, msglen, priv, privSz, sig,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, NULL, privSz, sig,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, NULL,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
NULL), 0);
/* Bad length. */
privSz = 1;
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
&sigSz), 0);
privSz = ED25519_PRV_KEY_SIZE;
sigSz = 1;
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
&sigSz), 0);
sigSz = ED25519_SIG_SIZE;
/* Good case of signing. */
ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
&sigSz), 1);
ExpectIntEQ(sigSz, ED25519_SIG_SIZE);
#ifdef HAVE_ED25519_VERIFY
/* Bad parameter testing of verification. */
ExpectIntEQ(wolfSSL_ED25519_verify( NULL, msglen, NULL, pubSz, NULL,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, NULL, pubSz, NULL,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_verify( NULL, msglen, pub, pubSz, NULL,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_verify( NULL, msglen, NULL, pubSz, sig,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_verify( NULL, msglen, pub, pubSz, sig,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, NULL, pubSz, sig,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, NULL,
sigSz), 0);
/* Bad length. */
pubSz = 1;
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 0);
pubSz = ED25519_PUB_KEY_SIZE;
sigSz = 1;
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 0);
sigSz = ED25519_SIG_SIZE;
/* Good case of verification. */
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 1);
/* Bad signature. */
if (EXPECT_SUCCESS()) {
sig[1] ^= 0x80;
}
ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 0);
#endif /* HAVE_ED25519_VERIFY */
#endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */
#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT && WOLFSSL_KEY_GEN */
return EXPECT_RESULT();
}
static int test_EC448(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448) && defined(WOLFSSL_KEY_GEN)
byte priv[CURVE448_KEY_SIZE];
unsigned int privSz = CURVE448_KEY_SIZE;
byte pub[CURVE448_KEY_SIZE];
unsigned int pubSz = CURVE448_KEY_SIZE;
byte priv2[CURVE448_KEY_SIZE];
unsigned int priv2Sz = CURVE448_KEY_SIZE;
byte pub2[CURVE448_KEY_SIZE];
unsigned int pub2Sz = CURVE448_KEY_SIZE;
byte shared[CURVE448_KEY_SIZE];
unsigned int sharedSz = CURVE448_KEY_SIZE;
byte shared2[CURVE448_KEY_SIZE];
unsigned int shared2Sz = CURVE448_KEY_SIZE;
/* Bad parameter testing of key generation. */
ExpectIntEQ(wolfSSL_EC448_generate_key(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC448_generate_key(NULL, &privSz, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_generate_key(NULL, &privSz, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_generate_key(priv, NULL, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_generate_key(priv, &privSz, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_generate_key(priv, &privSz, pub, NULL), 0);
/* Bad length. */
privSz = 1;
ExpectIntEQ(wolfSSL_EC448_generate_key(priv, &privSz, pub, &pubSz), 0);
privSz = CURVE448_KEY_SIZE;
pubSz = 1;
ExpectIntEQ(wolfSSL_EC448_generate_key(priv, &privSz, pub, &pubSz), 0);
pubSz = CURVE448_KEY_SIZE;
/* Good case of generating key. */
ExpectIntEQ(wolfSSL_EC448_generate_key(priv, &privSz, pub, &pubSz), 1);
ExpectIntEQ(wolfSSL_EC448_generate_key(priv2, &priv2Sz, pub2, &pub2Sz), 1);
ExpectIntEQ(privSz, CURVE448_KEY_SIZE);
ExpectIntEQ(pubSz, CURVE448_KEY_SIZE);
/* Bad parameter testing of shared key. */
ExpectIntEQ(wolfSSL_EC448_shared_key( NULL, NULL, NULL, privSz,
NULL, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key( NULL, &sharedSz, NULL, privSz,
NULL, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key( NULL, &sharedSz, priv, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, NULL, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, priv, privSz,
NULL, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key( NULL, &sharedSz, priv, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, NULL, priv, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, NULL, privSz,
pub, pubSz), 0);
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, priv, privSz,
NULL, pubSz), 0);
/* Bad length. */
sharedSz = 1;
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, priv, privSz,
pub, pubSz), 0);
sharedSz = CURVE448_KEY_SIZE;
privSz = 1;
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, priv, privSz,
pub, pubSz), 0);
privSz = CURVE448_KEY_SIZE;
pubSz = 1;
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, priv, privSz,
pub, pubSz), 0);
pubSz = CURVE448_KEY_SIZE;
/* Good case of shared key. */
ExpectIntEQ(wolfSSL_EC448_shared_key(shared, &sharedSz, priv, privSz,
pub2, pub2Sz), 1);
ExpectIntEQ(wolfSSL_EC448_shared_key(shared2, &shared2Sz, priv2, priv2Sz,
pub, pubSz), 1);
ExpectIntEQ(sharedSz, CURVE448_KEY_SIZE);
ExpectIntEQ(shared2Sz, CURVE448_KEY_SIZE);
ExpectIntEQ(XMEMCMP(shared, shared2, sharedSz), 0);
#endif /* HAVE_CURVE448 && WOLFSSL_KEY_GEN */
return EXPECT_RESULT();
}
static int test_ED448(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
defined(WOLFSSL_KEY_GEN)
byte priv[ED448_PRV_KEY_SIZE];
unsigned int privSz = (unsigned int)sizeof(priv);
byte pub[ED448_PUB_KEY_SIZE];
unsigned int pubSz = (unsigned int)sizeof(pub);
#if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT)
const char* msg = TEST_STRING;
unsigned int msglen = (unsigned int)TEST_STRING_SZ;
byte sig[ED448_SIG_SIZE];
unsigned int sigSz = (unsigned int)sizeof(sig);
#endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
/* Bad parameter testing of key generation. */
ExpectIntEQ(wolfSSL_ED448_generate_key(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(NULL, &privSz, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(NULL, NULL, pub, NULL), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(NULL, NULL, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(NULL, &privSz, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, NULL, pub, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, NULL, &pubSz), 0);
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, NULL), 0);
/* Bad length. */
privSz = 1;
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz), 0);
privSz = ED448_PRV_KEY_SIZE;
pubSz = 1;
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz), 0);
pubSz = ED448_PUB_KEY_SIZE;
/* Good case of generating key. */
ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz), 1);
ExpectIntEQ(privSz, ED448_PRV_KEY_SIZE);
ExpectIntEQ(pubSz, ED448_PUB_KEY_SIZE);
#if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT)
/* Bad parameter testing of signing. */
ExpectIntEQ(wolfSSL_ED448_sign( NULL, msglen, NULL, privSz, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, NULL, privSz, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_ED448_sign( NULL, msglen, priv, privSz, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_ED448_sign( NULL, msglen, NULL, privSz, sig,
NULL), 0);
ExpectIntEQ(wolfSSL_ED448_sign( NULL, msglen, NULL, privSz, NULL,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_sign( NULL, msglen, priv, privSz, sig,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, NULL, privSz, sig,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, NULL,
&sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
NULL), 0);
/* Bad length. */
privSz = 1;
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
&sigSz), 0);
privSz = ED448_PRV_KEY_SIZE;
sigSz = 1;
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
&sigSz), 0);
sigSz = ED448_SIG_SIZE;
/* Good case of signing. */
ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
&sigSz), 1);
ExpectIntEQ(sigSz, ED448_SIG_SIZE);
#ifdef HAVE_ED448_VERIFY
/* Bad parameter testing of verification. */
ExpectIntEQ(wolfSSL_ED448_verify( NULL, msglen, NULL, pubSz, NULL,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, NULL, pubSz, NULL,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_verify( NULL, msglen, pub, pubSz, NULL,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_verify( NULL, msglen, NULL, pubSz, sig,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_verify( NULL, msglen, pub, pubSz, sig,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, NULL, pubSz, sig,
sigSz), 0);
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, NULL,
sigSz), 0);
/* Bad length. */
pubSz = 1;
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 0);
pubSz = ED448_PUB_KEY_SIZE;
sigSz = 1;
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 0);
sigSz = ED448_SIG_SIZE;
/* Good case of verification. */
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 1);
/* Bad signature. */
if (EXPECT_SUCCESS()) {
sig[1] ^= 0x80;
}
ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
sigSz), 0);
#endif /* HAVE_ED448_VERIFY */
#endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT && WOLFSSL_KEY_GEN */
return EXPECT_RESULT();
}
#endif /* OPENSSL_EXTRA */
#include <wolfssl/openssl/pem.h>
/*----------------------------------------------------------------------------*
| EVP
*----------------------------------------------------------------------------*/
static int test_wolfSSL_EVP_PKEY_print_public(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
WOLFSSL_BIO* rbio = NULL;
WOLFSSL_BIO* wbio = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
char line[256] = { 0 };
char line1[256] = { 0 };
int i = 0;
/* test error cases */
ExpectIntEQ( EVP_PKEY_print_public(NULL,NULL,0,NULL),0L);
/*
* test RSA public key print
* in this test, pass '3' for indent
*/
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_1024)
ExpectNotNull(rbio = BIO_new_mem_buf( client_keypub_der_1024,
sizeof_client_keypub_der_1024));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,3,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " RSA Public-Key: (1024 bit)\n");
ExpectIntEQ(XSTRNCMP(line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " Modulus:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of modulus element*/
for (i = 0; i < 8 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " Exponent: 65537 (0x010001)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* should reach EOF */
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif /* !NO_RSA && USE_CERT_BUFFERS_1024*/
/*
* test DSA public key print
*/
#if !defined(NO_DSA) && defined(USE_CERT_BUFFERS_2048)
ExpectNotNull(rbio = BIO_new_mem_buf( dsa_pub_key_der_2048,
sizeof_dsa_pub_key_der_2048));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "DSA Public-Key: (2048 bit)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "pub:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 00:C2:35:2D:EC:83:83:6C:73:13:9E:52:7C:74:C8:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of pub element*/
for (i = 0; i < 17 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "P:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of P element*/
for (i = 0; i < 18 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "Q:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of Q element*/
for (i = 0; i < 3 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "G:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of G element*/
for (i = 0; i < 18 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
/* should reach EOF */
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif /* !NO_DSA && USE_CERT_BUFFERS_2048 */
/*
* test ECC public key print
*/
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
ExpectNotNull(rbio = BIO_new_mem_buf( ecc_clikeypub_der_256,
sizeof_ecc_clikeypub_der_256));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "Public-Key: (256 bit)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "pub:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 04:55:BF:F4:0F:44:50:9A:3D:CE:9B:B7:F0:C5:4D:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of pub element*/
for (i = 0; i < 4 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "ASN1 OID: prime256v1\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "NIST CURVE: P-256\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* should reach EOF */
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */
/*
* test DH public key print
*/
#if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048)
ExpectNotNull(rbio = BIO_new_mem_buf( dh_pub_key_der_2048,
sizeof_dh_pub_key_der_2048));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL), 1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "DH Public-Key: (2048 bit)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "public-key:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 34:41:BF:E9:F2:11:BF:05:DB:B2:72:A8:29:CC:BD:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of public-key element*/
for (i = 0; i < 17 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "prime:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 00:D3:B2:99:84:5C:0A:4C:E7:37:CC:FC:18:37:01:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* skip to the end of prime element*/
for (i = 0; i < 17 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "generator: 2 (0x02)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
/* should reach EOF */
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif /* WOLFSSL_DH_EXTRA && USE_CERT_BUFFERS_2048 */
/* to prevent "unused variable" warning */
(void)pkey;
(void)wbio;
(void)rbio;
(void)line;
(void)line1;
(void)i;
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
/* Test functions for base64 encode/decode */
static int test_wolfSSL_EVP_ENCODE_CTX_new(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && \
( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE))
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
ExpectIntEQ(ctx->remaining,0);
ExpectIntEQ(ctx->data[0],0);
ExpectIntEQ(ctx->data[sizeof(ctx->data) -1],0);
EVP_ENCODE_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_ENCODE_CTX_free(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && \
( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE))
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
EVP_ENCODE_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_EncodeInit(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
ExpectIntEQ(ctx->remaining, 0);
ExpectIntEQ(ctx->data[0], 0);
ExpectIntEQ(ctx->data[sizeof(ctx->data) -1], 0);
if (ctx != NULL) {
/* make ctx dirty */
ctx->remaining = 10;
XMEMSET(ctx->data, 0x77, sizeof(ctx->data));
}
EVP_EncodeInit(ctx);
ExpectIntEQ(ctx->remaining, 0);
ExpectIntEQ(ctx->data[0], 0);
ExpectIntEQ(ctx->data[sizeof(ctx->data) -1], 0);
EVP_ENCODE_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_EncodeUpdate(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
int outl;
int total;
const unsigned char plain0[] = {"Th"};
const unsigned char plain1[] = {"This is a base64 encodeing test."};
const unsigned char plain2[] = {"This is additional data."};
const unsigned char encBlock0[] = {"VGg="};
const unsigned char enc0[] = {"VGg=\n"};
/* expected encoded result for the first output 64 chars plus trailing LF*/
const unsigned char enc1[] = {"VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVpbmcgdGVzdC5UaGlzIGlzIGFkZGl0aW9u\n"};
const unsigned char enc2[] =
{"VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVpbmcgdGVzdC5UaGlzIGlzIGFkZGl0aW9u\nYWwgZGF0YS4=\n"};
unsigned char encOutBuff[300];
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
EVP_EncodeInit(ctx);
/* illegal parameter test */
ExpectIntEQ(
EVP_EncodeUpdate(
NULL, /* pass NULL as ctx */
encOutBuff,
&outl,
plain1,
sizeof(plain1)-1),
0 /* expected result code 0: fail */
);
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
NULL, /* pass NULL as out buff */
&outl,
plain1,
sizeof(plain1)-1),
0 /* expected result code 0: fail */
);
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
encOutBuff,
NULL, /* pass NULL as outl */
plain1,
sizeof(plain1)-1),
0 /* expected result code 0: fail */
);
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
encOutBuff,
&outl,
NULL, /* pass NULL as in */
sizeof(plain1)-1),
0 /* expected result code 0: fail */
);
ExpectIntEQ(EVP_EncodeBlock(NULL, NULL, 0), -1);
/* meaningless parameter test */
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
encOutBuff,
&outl,
plain1,
0), /* pass zero input */
1 /* expected result code 1: success */
);
/* very small data encoding test */
EVP_EncodeInit(ctx);
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
encOutBuff,
&outl,
plain0,
sizeof(plain0)-1),
1 /* expected result code 1: success */
);
ExpectIntEQ(outl,0);
if (EXPECT_SUCCESS()) {
EVP_EncodeFinal(
ctx,
encOutBuff + outl,
&outl);
}
ExpectIntEQ( outl, sizeof(enc0)-1);
ExpectIntEQ(
XSTRNCMP(
(const char*)encOutBuff,
(const char*)enc0,sizeof(enc0) ),
0);
XMEMSET( encOutBuff,0, sizeof(encOutBuff));
ExpectIntEQ(EVP_EncodeBlock(encOutBuff, plain0, sizeof(plain0)-1),
sizeof(encBlock0)-1);
ExpectStrEQ(encOutBuff, encBlock0);
/* pass small size( < 48bytes ) input, then make sure they are not
* encoded and just stored in ctx
*/
EVP_EncodeInit(ctx);
total = 0;
outl = 0;
XMEMSET( encOutBuff,0, sizeof(encOutBuff));
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
encOutBuff, /* buffer for output */
&outl, /* size of output */
plain1, /* input */
sizeof(plain1)-1), /* size of input */
1); /* expected result code 1:success */
total += outl;
ExpectIntEQ(outl, 0); /* no output expected */
ExpectIntEQ(ctx->remaining, sizeof(plain1) -1);
ExpectTrue(
XSTRNCMP((const char*)(ctx->data),
(const char*)plain1,
ctx->remaining) ==0 );
ExpectTrue(encOutBuff[0] == 0);
/* call wolfSSL_EVP_EncodeUpdate again to make it encode
* the stored data and the new input together
*/
ExpectIntEQ(
EVP_EncodeUpdate(
ctx,
encOutBuff + outl, /* buffer for output */
&outl, /* size of output */
plain2, /* additional input */
sizeof(plain2) -1), /* size of additional input */
1); /* expected result code 1:success */
total += outl;
ExpectIntNE(outl, 0); /* some output is expected this time*/
ExpectIntEQ(outl, BASE64_ENCODE_RESULT_BLOCK_SIZE +1); /* 64 bytes and LF */
ExpectIntEQ(
XSTRNCMP((const char*)encOutBuff,(const char*)enc1,sizeof(enc1) ),0);
/* call wolfSSL_EVP_EncodeFinal to flush all the unprocessed input */
EVP_EncodeFinal(
ctx,
encOutBuff + outl,
&outl);
total += outl;
ExpectIntNE(total,0);
ExpectIntNE(outl,0);
ExpectIntEQ(XSTRNCMP(
(const char*)encOutBuff,(const char*)enc2,sizeof(enc2) ),0);
/* test with illeagal parameters */
outl = 1;
EVP_EncodeFinal(NULL, encOutBuff + outl, &outl);
ExpectIntEQ(outl, 0);
outl = 1;
EVP_EncodeFinal(ctx, NULL, &outl);
ExpectIntEQ(outl, 0);
EVP_EncodeFinal(ctx, encOutBuff + outl, NULL);
EVP_EncodeFinal(NULL, NULL, NULL);
EVP_ENCODE_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_EncodeFinal(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
/* tests for wolfSSL_EVP_EncodeFinal are included in
* test_wolfSSL_EVP_EncodeUpdate
*/
res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
return res;
}
static int test_wolfSSL_EVP_DecodeInit(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull( ctx = EVP_ENCODE_CTX_new());
ExpectIntEQ( ctx->remaining,0);
ExpectIntEQ( ctx->data[0],0);
ExpectIntEQ( ctx->data[sizeof(ctx->data) -1],0);
if (ctx != NULL) {
/* make ctx dirty */
ctx->remaining = 10;
XMEMSET( ctx->data, 0x77, sizeof(ctx->data));
}
EVP_DecodeInit(ctx);
ExpectIntEQ( ctx->remaining,0);
ExpectIntEQ( ctx->data[0],0);
ExpectIntEQ( ctx->data[sizeof(ctx->data) -1],0);
EVP_ENCODE_CTX_free(ctx);
#endif /* OPENSSL && WOLFSSL_BASE_DECODE */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_DecodeUpdate(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
int outl;
unsigned char decOutBuff[300];
EVP_ENCODE_CTX* ctx = NULL;
static const unsigned char enc1[] =
{"VGhpcyBpcyBhIGJhc2U2NCBkZWNvZGluZyB0ZXN0Lg==\n"};
/* const unsigned char plain1[] =
{"This is a base64 decoding test."} */
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
EVP_DecodeInit(ctx);
/* illegal parameter tests */
/* pass NULL as ctx */
ExpectIntEQ(
EVP_DecodeUpdate(
NULL, /* pass NULL as ctx */
decOutBuff,
&outl,
enc1,
sizeof(enc1)-1),
-1 /* expected result code -1: fail */
);
ExpectIntEQ( outl, 0);
/* pass NULL as output */
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
NULL, /* pass NULL as out buff */
&outl,
enc1,
sizeof(enc1)-1),
-1 /* expected result code -1: fail */
);
ExpectIntEQ( outl, 0);
/* pass NULL as outl */
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
NULL, /* pass NULL as outl */
enc1,
sizeof(enc1)-1),
-1 /* expected result code -1: fail */
);
/* pass NULL as input */
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
&outl,
NULL, /* pass NULL as in */
sizeof(enc1)-1),
-1 /* expected result code -1: fail */
);
ExpectIntEQ( outl, 0);
ExpectIntEQ(EVP_DecodeBlock(NULL, NULL, 0), -1);
/* pass zero length input */
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
&outl,
enc1,
0), /* pass zero as input len */
1 /* expected result code 1: success */
);
/* decode correct base64 string */
{
static const unsigned char enc2[] =
{"VGhpcyBpcyBhIGJhc2U2NCBkZWNvZGluZyB0ZXN0Lg==\n"};
static const unsigned char plain2[] =
{"This is a base64 decoding test."};
EVP_EncodeInit(ctx);
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
&outl,
enc2,
sizeof(enc2)-1),
0 /* expected result code 0: success */
);
ExpectIntEQ(outl,sizeof(plain2) -1);
ExpectIntEQ(
EVP_DecodeFinal(
ctx,
decOutBuff + outl,
&outl),
1 /* expected result code 1: success */
);
ExpectIntEQ(outl, 0); /* expected DecodeFinal output no data */
ExpectIntEQ(XSTRNCMP( (const char*)plain2,(const char*)decOutBuff,
sizeof(plain2) -1 ),0);
ExpectIntEQ(EVP_DecodeBlock(decOutBuff, enc2, sizeof(enc2)),
sizeof(plain2)-1);
ExpectIntEQ(XSTRNCMP( (const char*)plain2,(const char*)decOutBuff,
sizeof(plain2) -1 ),0);
}
/* decode correct base64 string which does not have '\n' in its last*/
{
static const unsigned char enc3[] =
{"VGhpcyBpcyBhIGJhc2U2NCBkZWNvZGluZyB0ZXN0Lg=="}; /* 44 chars */
static const unsigned char plain3[] =
{"This is a base64 decoding test."}; /* 31 chars */
EVP_EncodeInit(ctx);
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
&outl,
enc3,
sizeof(enc3)-1),
0 /* expected result code 0: success */
);
ExpectIntEQ(outl,sizeof(plain3)-1); /* 31 chars should be output */
ExpectIntEQ(XSTRNCMP( (const char*)plain3,(const char*)decOutBuff,
sizeof(plain3) -1 ),0);
ExpectIntEQ(
EVP_DecodeFinal(
ctx,
decOutBuff + outl,
&outl),
1 /* expected result code 1: success */
);
ExpectIntEQ(outl,0 );
ExpectIntEQ(EVP_DecodeBlock(decOutBuff, enc3, sizeof(enc3)-1),
sizeof(plain3)-1);
ExpectIntEQ(XSTRNCMP( (const char*)plain3,(const char*)decOutBuff,
sizeof(plain3) -1 ),0);
}
/* decode string which has a padding char ('=') in the illegal position*/
{
static const unsigned char enc4[] =
{"VGhpcyBpcyBhIGJhc2U2N=CBkZWNvZGluZyB0ZXN0Lg==\n"};
EVP_EncodeInit(ctx);
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
&outl,
enc4,
sizeof(enc4)-1),
-1 /* expected result code -1: error */
);
ExpectIntEQ(outl,0);
ExpectIntEQ(EVP_DecodeBlock(decOutBuff, enc4, sizeof(enc4)-1), -1);
}
/* small data decode test */
{
static const unsigned char enc00[] = {"VG"};
static const unsigned char enc01[] = {"g=\n"};
static const unsigned char plain4[] = {"Th"};
EVP_EncodeInit(ctx);
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff,
&outl,
enc00,
sizeof(enc00)-1),
1 /* expected result code 1: success */
);
ExpectIntEQ(outl,0);
ExpectIntEQ(
EVP_DecodeUpdate(
ctx,
decOutBuff + outl,
&outl,
enc01,
sizeof(enc01)-1),
0 /* expected result code 0: success */
);
ExpectIntEQ(outl,sizeof(plain4)-1);
/* test with illegal parameters */
ExpectIntEQ(EVP_DecodeFinal(NULL,decOutBuff + outl,&outl), -1);
ExpectIntEQ(EVP_DecodeFinal(ctx,NULL,&outl), -1);
ExpectIntEQ(EVP_DecodeFinal(ctx,decOutBuff + outl, NULL), -1);
ExpectIntEQ(EVP_DecodeFinal(NULL,NULL, NULL), -1);
if (EXPECT_SUCCESS()) {
EVP_DecodeFinal(
ctx,
decOutBuff + outl,
&outl);
}
ExpectIntEQ( outl, 0);
ExpectIntEQ(
XSTRNCMP(
(const char*)decOutBuff,
(const char*)plain4,sizeof(plain4)-1 ),
0);
}
EVP_ENCODE_CTX_free(ctx);
#endif /* OPENSSL && WOLFSSL_BASE_DECODE */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_DecodeFinal(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
/* tests for wolfSSL_EVP_DecodeFinal are included in
* test_wolfSSL_EVP_DecodeUpdate
*/
res = TEST_SUCCESS;
#endif /* OPENSSL && WOLFSSL_BASE_DECODE */
return res;
}
/* Test function for wolfSSL_EVP_get_cipherbynid.
*/
#ifdef OPENSSL_EXTRA
static int test_wolfSSL_EVP_get_cipherbynid(void)
{
EXPECT_DECLS;
#ifndef NO_AES
const WOLFSSL_EVP_CIPHER* c;
c = wolfSSL_EVP_get_cipherbynid(419);
#if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
defined(WOLFSSL_AES_128)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_128_CBC", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(423);
#if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
defined(WOLFSSL_AES_192)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_192_CBC", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(427);
#if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
defined(WOLFSSL_AES_256)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_256_CBC", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(904);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_128_CTR", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(905);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_192_CTR", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(906);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_256_CTR", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(418);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_128_ECB", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(422);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_192_ECB", c));
#else
ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(426);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
ExpectNotNull(c);
ExpectNotNull(XSTRCMP("EVP_AES_256_ECB", c));
#else
ExpectNull(c);
#endif
#endif /* !NO_AES */
#ifndef NO_DES3
ExpectNotNull(XSTRCMP("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
#ifdef WOLFSSL_DES_ECB
ExpectNotNull(XSTRCMP("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29)));
#endif
ExpectNotNull(XSTRCMP("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44)));
#ifdef WOLFSSL_DES_ECB
ExpectNotNull(XSTRCMP("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
#endif
#endif /* !NO_DES3 */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ExpectNotNull(XSTRCMP("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018)));
#endif
/* test for nid is out of range */
ExpectNull(wolfSSL_EVP_get_cipherbynid(1));
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
const EVP_CIPHER *init = EVP_aes_128_cbc();
const EVP_CIPHER *test;
byte key[AES_BLOCK_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
ExpectNotNull(ctx);
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
test = EVP_CIPHER_CTX_cipher(ctx);
ExpectTrue(init == test);
ExpectIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc);
ExpectIntEQ(EVP_CIPHER_CTX_reset(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_CIPHER_CTX_reset(NULL), WOLFSSL_FAILURE);
EVP_CIPHER_CTX_free(ctx);
/* test EVP_CIPHER_CTX_cleanup with NULL */
ExpectIntEQ(EVP_CIPHER_CTX_cleanup(NULL), WOLFSSL_SUCCESS);
#endif /* !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_128 */
return EXPECT_RESULT();
}
#endif /* OPENSSL_EXTRA */
/*----------------------------------------------------------------------------*
| IO
*----------------------------------------------------------------------------*/
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) || \
defined(HAVE_IO_TESTS_DEPENDENCIES)
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
#ifdef WC_SHA512_DIGEST_SIZE
#define MD_MAX_SIZE WC_SHA512_DIGEST_SIZE
#else
#define MD_MAX_SIZE WC_SHA256_DIGEST_SIZE
#endif
byte server_side_msg1[MD_MAX_SIZE] = {0};/* msg sent by server */
byte server_side_msg2[MD_MAX_SIZE] = {0};/* msg received from client */
byte client_side_msg1[MD_MAX_SIZE] = {0};/* msg sent by client */
byte client_side_msg2[MD_MAX_SIZE] = {0};/* msg received from server */
#endif /* WOLFSSL_HAVE_TLS_UNIQUE */
/* TODO: Expand and enable this when EVP_chacha20_poly1305 is supported */
#if defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \
defined(HAVE_AES_CBC)
typedef struct openssl_key_ctx {
byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */
byte key[WOLFSSL_TICKET_KEY_SZ]; /* cipher key */
byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */
byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */
} openssl_key_ctx;
static THREAD_LS_T openssl_key_ctx myOpenSSLKey_ctx;
static THREAD_LS_T WC_RNG myOpenSSLKey_rng;
static WC_INLINE int OpenSSLTicketInit(void)
{
int ret = wc_InitRng(&myOpenSSLKey_rng);
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.name,
sizeof(myOpenSSLKey_ctx.name));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.key,
sizeof(myOpenSSLKey_ctx.key));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.hmacKey,
sizeof(myOpenSSLKey_ctx.hmacKey));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.iv,
sizeof(myOpenSSLKey_ctx.iv));
if (ret != 0) return ret;
return 0;
}
static int myTicketEncCbOpenSSL(WOLFSSL* ssl,
byte name[WOLFSSL_TICKET_NAME_SZ],
byte iv[WOLFSSL_TICKET_IV_SZ],
WOLFSSL_EVP_CIPHER_CTX *ectx,
WOLFSSL_HMAC_CTX *hctx, int enc) {
(void)ssl;
if (enc) {
XMEMCPY(name, myOpenSSLKey_ctx.name, sizeof(myOpenSSLKey_ctx.name));
XMEMCPY(iv, myOpenSSLKey_ctx.iv, sizeof(myOpenSSLKey_ctx.iv));
}
else if (XMEMCMP(name, myOpenSSLKey_ctx.name,
sizeof(myOpenSSLKey_ctx.name)) != 0 ||
XMEMCMP(iv, myOpenSSLKey_ctx.iv,
sizeof(myOpenSSLKey_ctx.iv)) != 0) {
return 0;
}
HMAC_Init_ex(hctx, myOpenSSLKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL);
if (enc)
EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv);
else
EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv);
return 1;
}
static WC_INLINE void OpenSSLTicketCleanup(void)
{
wc_FreeRng(&myOpenSSLKey_rng);
}
#endif
#endif
/* helper functions */
#ifdef HAVE_SSL_MEMIO_TESTS_DEPENDENCIES
static WC_INLINE int test_ssl_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
void *ctx)
{
struct test_ssl_memio_ctx *test_ctx;
byte *buf;
int *len;
test_ctx = (struct test_ssl_memio_ctx*)ctx;
if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
buf = test_ctx->c_buff;
len = &test_ctx->c_len;
}
else {
buf = test_ctx->s_buff;
len = &test_ctx->s_len;
}
if ((unsigned)(*len + sz) > TEST_SSL_MEMIO_BUF_SZ)
return WOLFSSL_CBIO_ERR_WANT_WRITE;
XMEMCPY(buf + *len, data, sz);
*len += sz;
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
{
/* This can be imported into Wireshark by transforming the file with
* od -Ax -tx1 -v test_output.dump > test_output.dump.hex
* And then loading test_output.dump.hex into Wireshark using the
* "Import from Hex Dump..." option ion and selecting the TCP
* encapsulation option. */
char dump_file_name[64];
WOLFSSL_BIO *dump_file;
sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName);
dump_file = wolfSSL_BIO_new_file(dump_file_name, "a");
if (dump_file != NULL) {
(void)wolfSSL_BIO_write(dump_file, data, sz);
wolfSSL_BIO_free(dump_file);
}
}
#endif
return sz;
}
static WC_INLINE int test_ssl_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
void *ctx)
{
struct test_ssl_memio_ctx *test_ctx;
int read_sz;
byte *buf;
int *len;
test_ctx = (struct test_ssl_memio_ctx*)ctx;
if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
buf = test_ctx->s_buff;
len = &test_ctx->s_len;
}
else {
buf = test_ctx->c_buff;
len = &test_ctx->c_len;
}
if (*len == 0)
return WOLFSSL_CBIO_ERR_WANT_READ;
read_sz = sz < *len ? sz : *len;
XMEMCPY(data, buf, read_sz);
XMEMMOVE(buf, buf + read_sz, *len - read_sz);
*len -= read_sz;
return read_sz;
}
static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
int c_sharedCtx = 0;
int s_sharedCtx = 0;
#endif
const char* clientCertFile = cliCertFile;
const char* clientKeyFile = cliKeyFile;
const char* serverCertFile = svrCertFile;
const char* serverKeyFile = svrKeyFile;
/********************************
* Create WOLFSSL_CTX for client.
********************************/
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (ctx->c_ctx != NULL) {
c_sharedCtx = ctx->c_cb.isSharedCtx;
}
else
#endif
{
WOLFSSL_METHOD* method = NULL;
if (ctx->c_cb.method != NULL) {
method = ctx->c_cb.method();
}
else {
method = wolfSSLv23_client_method();
}
ExpectNotNull(ctx->c_ctx = wolfSSL_CTX_new(method));
}
wolfSSL_SetIORecv(ctx->c_ctx, test_ssl_memio_read_cb);
wolfSSL_SetIOSend(ctx->c_ctx, test_ssl_memio_write_cb);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx->c_ctx, PasswordCallBack);
#endif
if (ctx->c_cb.caPemFile != NULL)
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx,
ctx->c_cb.caPemFile, 0), WOLFSSL_SUCCESS);
else
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx,
caCertFile, 0), WOLFSSL_SUCCESS);
if (ctx->c_cb.certPemFile != NULL) {
clientCertFile = ctx->c_cb.certPemFile;
}
if (ctx->c_cb.keyPemFile != NULL) {
clientKeyFile = ctx->c_cb.keyPemFile;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!c_sharedCtx)
#endif
{
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->c_ctx,
clientCertFile), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx->c_ctx, clientKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
#ifdef HAVE_CRL
if (ctx->c_cb.crlPemFile != NULL) {
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx->c_ctx, WOLFSSL_CRL_CHECKALL),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx->c_ctx, ctx->c_cb.crlPemFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
#endif
if (ctx->c_ciphers != NULL) {
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx->c_ctx, ctx->c_ciphers),
WOLFSSL_SUCCESS);
}
if (ctx->c_cb.ctx_ready != NULL) {
ExpectIntEQ(ctx->c_cb.ctx_ready(ctx->c_ctx), TEST_SUCCESS);
}
/********************************
* Create WOLFSSL_CTX for server.
********************************/
if (ctx->s_ctx != NULL) {
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
s_sharedCtx = 1;
#endif
ctx->s_cb.isSharedCtx = 1;
}
else
{
WOLFSSL_METHOD* method = NULL;
if (ctx->s_cb.method != NULL) {
method = ctx->s_cb.method();
}
else {
method = wolfSSLv23_server_method();
}
ExpectNotNull(ctx->s_ctx = wolfSSL_CTX_new(method));
ctx->s_cb.isSharedCtx = 0;
}
if (!ctx->s_cb.ticNoInit && (ctx->s_ctx != NULL)) {
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
OpenSSLTicketInit();
wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx->s_ctx, myTicketEncCbOpenSSL);
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketInit();
wolfSSL_CTX_set_TicketEncCb(ctx->s_ctx, myTicketEncCb);
#endif
#endif
}
wolfSSL_SetIORecv(ctx->s_ctx, test_ssl_memio_read_cb);
wolfSSL_SetIOSend(ctx->s_ctx, test_ssl_memio_write_cb);
wolfSSL_CTX_set_verify(ctx->s_ctx, WOLFSSL_VERIFY_PEER |
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
if (ctx->s_cb.caPemFile != NULL)
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx,
ctx->s_cb.caPemFile, 0), WOLFSSL_SUCCESS);
else
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx,
cliCertFile, 0), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx->s_ctx, PasswordCallBack);
#endif
if (ctx->s_cb.certPemFile != NULL) {
serverCertFile = ctx->s_cb.certPemFile;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!s_sharedCtx)
#endif
{
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->s_ctx,
serverCertFile), WOLFSSL_SUCCESS);
}
if (ctx->s_cb.keyPemFile != NULL) {
serverKeyFile = ctx->s_cb.keyPemFile;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!s_sharedCtx)
#endif
{
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx->s_ctx, serverKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
if (ctx->s_ciphers != NULL) {
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx->s_ctx, ctx->s_ciphers),
WOLFSSL_SUCCESS);
}
if (ctx->s_cb.ctx_ready != NULL) {
ExpectIntEQ(ctx->s_cb.ctx_ready(ctx->s_ctx), TEST_SUCCESS);
}
/****************************
* Create WOLFSSL for client.
****************************/
ExpectNotNull(ctx->c_ssl = wolfSSL_new(ctx->c_ctx));
wolfSSL_SetIOWriteCtx(ctx->c_ssl, ctx);
wolfSSL_SetIOReadCtx(ctx->c_ssl, ctx);
if (0
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
|| c_sharedCtx
#endif
)
{
ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->c_ssl,
clientCertFile), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->c_ssl, clientKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
if (ctx->c_cb.ssl_ready != NULL) {
ExpectIntEQ(ctx->c_cb.ssl_ready(ctx->c_ssl), TEST_SUCCESS);
}
/****************************
* Create WOLFSSL for server.
****************************/
ExpectNotNull(ctx->s_ssl = wolfSSL_new(ctx->s_ctx));
wolfSSL_SetIOWriteCtx(ctx->s_ssl, ctx);
wolfSSL_SetIOReadCtx(ctx->s_ssl, ctx);
if (0
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
|| s_sharedCtx
#endif
)
{
ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->s_ssl,
serverCertFile), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->s_ssl, serverKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
wolfSSL_SetTmpDH_file(ctx->s_ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
#elif !defined(NO_DH)
/* will repick suites with DHE, higher priority than PSK */
SetDH(ctx->s_ssl);
#endif
if (ctx->s_cb.ssl_ready != NULL) {
ExpectIntEQ(ctx->s_cb.ssl_ready(ctx->s_ssl), TEST_SUCCESS);
}
return EXPECT_RESULT();
}
static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds,
int* rounds)
{
int handshake_complete = 0;
int hs_c = 0;
int hs_s = 0;
int failing_s = 0;
int failing_c = 0;
int ret;
int err;
if (rounds != NULL) {
*rounds = 0;
}
while ((!handshake_complete) && (max_rounds > 0)) {
if (!hs_c) {
wolfSSL_SetLoggingPrefix("client");
ret = wolfSSL_connect(ctx->c_ssl);
wolfSSL_SetLoggingPrefix(NULL);
if (ret == WOLFSSL_SUCCESS) {
hs_c = 1;
}
else {
err = wolfSSL_get_error(ctx->c_ssl, ret);
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
failing_c = 1;
hs_c = 1;
if (failing_c && failing_s) {
break;
}
}
}
}
if (!hs_s) {
wolfSSL_SetLoggingPrefix("server");
ret = wolfSSL_accept(ctx->s_ssl);
wolfSSL_SetLoggingPrefix(NULL);
if (ret == WOLFSSL_SUCCESS) {
hs_s = 1;
}
else {
err = wolfSSL_get_error(ctx->s_ssl, ret);
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
failing_s = 1;
hs_s = 1;
if (failing_c && failing_s) {
break;
}
}
}
}
handshake_complete = hs_c && hs_s;
max_rounds--;
if (rounds != NULL) {
*rounds += 1;
}
}
if (!handshake_complete || failing_c || failing_s) {
return TEST_FAIL;
}
return TEST_SUCCESS;
}
static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx)
{
EXPECT_DECLS;
char input[1024];
int idx = 0;
const char* msg_c = "hello wolfssl!";
int msglen_c = (int)XSTRLEN(msg_c);
const char* msg_s = "I hear you fa shizzle!";
int msglen_s = (int)XSTRLEN(msg_s);
if (ctx->c_msg != NULL) {
msg_c = ctx->c_msg;
msglen_c = ctx->c_msglen;
}
if (ctx->s_msg != NULL) {
msg_s = ctx->s_msg;
msglen_s = ctx->s_msglen;
}
wolfSSL_SetLoggingPrefix("client");
ExpectIntEQ(wolfSSL_write(ctx->c_ssl, msg_c, msglen_c), msglen_c);
wolfSSL_SetLoggingPrefix("server");
ExpectIntGT(idx = wolfSSL_read(ctx->s_ssl, input, sizeof(input) - 1), 0);
if (idx >= 0) {
input[idx] = '\0';
}
ExpectIntGT(fprintf(stderr, "Client message: %s\n", input), 0);
ExpectIntEQ(wolfSSL_write(ctx->s_ssl, msg_s, msglen_s), msglen_s);
ctx->s_cb.return_code = EXPECT_RESULT();
wolfSSL_SetLoggingPrefix("client");
ExpectIntGT(idx = wolfSSL_read(ctx->c_ssl, input, sizeof(input) - 1), 0);
wolfSSL_SetLoggingPrefix(NULL);
if (idx >= 0) {
input[idx] = '\0';
}
ExpectIntGT(fprintf(stderr, "Server response: %s\n", input), 0);
ctx->c_cb.return_code = EXPECT_RESULT();
if (ctx->c_cb.on_result != NULL) {
ExpectIntEQ(ctx->c_cb.on_result(ctx->c_ssl), TEST_SUCCESS);
}
if (ctx->s_cb.on_result != NULL) {
ExpectIntEQ(ctx->s_cb.on_result(ctx->s_ssl), TEST_SUCCESS);
}
return EXPECT_RESULT();
}
static void test_ssl_memio_cleanup(test_ssl_memio_ctx* ctx)
{
ctx->c_cb.last_err = wolfSSL_get_error(ctx->c_ssl, 0);
ctx->s_cb.last_err = wolfSSL_get_error(ctx->s_ssl, 0);
if (ctx->c_cb.on_cleanup != NULL) {
ctx->c_cb.on_cleanup(ctx->c_ssl);
}
if (ctx->s_cb.on_cleanup != NULL) {
ctx->s_cb.on_cleanup(ctx->s_ssl);
}
wolfSSL_shutdown(ctx->s_ssl);
wolfSSL_shutdown(ctx->c_ssl);
wolfSSL_free(ctx->s_ssl);
wolfSSL_free(ctx->c_ssl);
if (ctx->c_cb.on_ctx_cleanup != NULL) {
ctx->c_cb.on_ctx_cleanup(ctx->c_ctx);
}
if (!ctx->c_cb.isSharedCtx) {
wolfSSL_CTX_free(ctx->c_ctx);
ctx->c_ctx = NULL;
}
if (ctx->s_cb.on_ctx_cleanup != NULL) {
ctx->s_cb.on_ctx_cleanup(ctx->s_ctx);
}
if (!ctx->s_cb.isSharedCtx) {
wolfSSL_CTX_free(ctx->s_ctx);
ctx->s_ctx = NULL;
}
if (!ctx->s_cb.ticNoInit) {
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
OpenSSLTicketCleanup();
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketCleanup();
#endif
#endif
}
}
int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
test_ssl_cbf* server_cb, cbType client_on_handshake)
{
EXPECT_DECLS;
struct test_ssl_memio_ctx test_ctx;
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
size_t msg_len;
#endif /* WOLFSSL_HAVE_TLS_UNIQUE */
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
XMEMCPY(&test_ctx.c_cb, client_cb, sizeof(test_ssl_cbf));
XMEMCPY(&test_ctx.s_cb, server_cb, sizeof(test_ssl_cbf));
test_ctx.c_ctx = client_cb->ctx;
test_ctx.s_ctx = server_cb->ctx;
test_ctx.c_cb.return_code = TEST_FAIL;
test_ctx.s_cb.return_code = TEST_FAIL;
ExpectIntEQ(test_ssl_memio_setup(&test_ctx), TEST_SUCCESS);
ExpectIntEQ(test_ssl_memio_do_handshake(&test_ctx, 10, NULL), TEST_SUCCESS);
if (client_on_handshake != NULL) {
ExpectIntEQ(client_on_handshake(test_ctx.c_ctx, test_ctx.c_ssl),
TEST_SUCCESS);
}
if (client_cb->on_handshake != NULL) {
ExpectIntEQ(client_cb->on_handshake(&test_ctx.c_ctx, &test_ctx.c_ssl),
TEST_SUCCESS);
}
if (server_cb->on_handshake != NULL) {
ExpectIntEQ(server_cb->on_handshake(&test_ctx.s_ctx, &test_ctx.s_ssl),
TEST_SUCCESS);
}
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
XMEMSET(server_side_msg2, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_peer_finished(test_ctx.s_ssl, server_side_msg2,
MD_MAX_SIZE);
ExpectIntGE(msg_len, 0);
XMEMSET(server_side_msg1, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_finished(test_ctx.s_ssl, server_side_msg1,
MD_MAX_SIZE);
ExpectIntGE(msg_len, 0);
#endif /* WOLFSSL_HAVE_TLS_UNIQUE */
ExpectIntEQ(test_ssl_memio_read_write(&test_ctx), TEST_SUCCESS);
test_ssl_memio_cleanup(&test_ctx);
client_cb->return_code = test_ctx.c_cb.return_code;
client_cb->last_err = test_ctx.c_cb.last_err;
server_cb->return_code = test_ctx.s_cb.return_code;
server_cb->last_err = test_ctx.s_cb.last_err;
return EXPECT_RESULT();
}
#endif
#ifdef HAVE_IO_TESTS_DEPENDENCIES
#ifdef WOLFSSL_SESSION_EXPORT
#ifdef WOLFSSL_DTLS
/* set up function for sending session information */
static int test_export(WOLFSSL* inSsl, byte* buf, word32 sz, void* userCtx)
{
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
AssertNotNull(inSsl);
AssertNotNull(buf);
AssertIntNE(0, sz);
/* Set ctx to DTLS 1.2 */
ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
AssertNotNull(ctx);
ssl = wolfSSL_new(ctx);
AssertNotNull(ssl);
AssertIntGE(wolfSSL_dtls_import(ssl, buf, sz), 0);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
(void)userCtx;
return 0;
}
#endif
/* returns negative value on fail and positive (including 0) on success */
static int nonblocking_accept_read(void* args, WOLFSSL* ssl, SOCKET_T* sockfd)
{
int ret, err, loop_count, count, timeout = 10;
char msg[] = "I hear you fa shizzle!";
char input[1024];
loop_count = ((func_args*)args)->argc;
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_accept(ssl);
err = wolfSSL_get_error(ssl, 0);
if (err == WOLFSSL_ERROR_WANT_READ ||
err == WOLFSSL_ERROR_WANT_WRITE) {
int select_ret;
err = WC_PENDING_E;
select_ret = tcp_select(*sockfd, timeout);
if (select_ret == TEST_TIMEOUT) {
return WOLFSSL_FATAL_ERROR;
}
}
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
return ret;
}
for (count = 0; count < loop_count; count++) {
int select_ret;
select_ret = tcp_select(*sockfd, timeout);
if (select_ret == TEST_TIMEOUT) {
ret = WOLFSSL_FATAL_ERROR;
break;
}
do {
ret = wolfSSL_read(ssl, input, sizeof(input)-1);
if (ret > 0) {
input[ret] = '\0';
fprintf(stderr, "Client message: %s\n", input);
}
} while (err == WOLFSSL_ERROR_WANT_READ && ret != WOLFSSL_SUCCESS);
do {
if ((ret = wolfSSL_write(ssl, msg, sizeof(msg))) != sizeof(msg)) {
return WOLFSSL_FATAL_ERROR;
}
err = wolfSSL_get_error(ssl, ret);
} while (err == WOLFSSL_ERROR_WANT_READ && ret != WOLFSSL_SUCCESS);
}
return ret;
}
#endif /* WOLFSSL_SESSION_EXPORT */
static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
{
SOCKET_T sockfd = 0;
SOCKET_T clientfd = 0;
word16 port;
callback_functions* cbf;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
func_args* opts = (func_args*)args;
char msg[] = "I hear you fa shizzle!";
char input[1024];
int idx;
int ret, err = 0;
int sharedCtx = 0;
int doUdp = 0;
SOCKADDR_IN_T cliAddr;
socklen_t cliLen;
const char* certFile = svrCertFile;
const char* keyFile = svrKeyFile;
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
size_t msg_len = 0;
#endif
wolfSSL_SetLoggingPrefix("server");
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
opts->return_code = TEST_FAIL;
cbf = opts->callbacks;
if (cbf != NULL && cbf->ctx) {
ctx = cbf->ctx;
sharedCtx = 1;
}
else
{
WOLFSSL_METHOD* method = NULL;
if (cbf != NULL && cbf->method != NULL) {
method = cbf->method();
}
else {
method = wolfSSLv23_server_method();
}
ctx = wolfSSL_CTX_new(method);
}
if (ctx == NULL) {
/* Release the wait for TCP ready. */
signal_ready(opts->signal);
goto done;
}
if (cbf == NULL || !cbf->ticNoInit) {
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
OpenSSLTicketInit();
wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbOpenSSL);
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketInit();
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
#endif
#endif
}
#if defined(USE_WINDOWS_API)
port = opts->signal->port;
#elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
!defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
/* Let tcp_listen assign port */
port = 0;
#else
/* Use default port */
port = wolfSSLPort;
#endif
if (cbf != NULL)
doUdp = cbf->doUdp;
/* do it here to detect failure */
tcp_accept(
&sockfd, &clientfd, opts, port, 0, doUdp, 0, 0, 1, 0, 0);
if (doUdp) {
cliLen = sizeof(cliAddr);
idx = (int)recvfrom(sockfd, input, sizeof(input), MSG_PEEK,
(struct sockaddr*)&cliAddr, &cliLen);
AssertIntGT(idx, 0);
}
else {
CloseSocket(sockfd);
}
wolfSSL_CTX_set_verify(ctx,
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0)
!= WOLFSSL_SUCCESS) {
/*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
goto done;
}
if (cbf != NULL && cbf->certPemFile != NULL)
certFile = cbf->certPemFile;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, certFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_CTX_use_certificate_file(ctx, certFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (cbf != NULL && cbf->keyPemFile != NULL)
keyFile = cbf->keyPemFile;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, keyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_CTX_use_PrivateKey_file(ctx, keyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
#ifdef HAVE_CRL
if (cbf != NULL && cbf->crlPemFile != NULL) {
if (wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL) != WOLFSSL_SUCCESS)
goto done;
if (wolfSSL_CTX_LoadCRLFile(ctx, cbf->crlPemFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
goto done;
}
#endif
/* call ctx setup callback */
if (cbf != NULL && cbf->ctx_ready != NULL) {
cbf->ctx_ready(ctx);
}
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
goto done;
}
if (doUdp) {
err = wolfSSL_dtls_set_peer(ssl, &cliAddr, cliLen);
if (err != WOLFSSL_SUCCESS)
goto done;
}
#ifdef WOLFSSL_SESSION_EXPORT
/* only add in more complex nonblocking case with session export tests */
if (args && opts->argc > 0) {
/* set as nonblock and time out for waiting on read/write */
tcp_set_nonblocking(&clientfd);
wolfSSL_dtls_set_using_nonblock(ssl, 1);
}
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (sharedCtx && wolfSSL_use_certificate_file(ssl, certFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_use_certificate_file(ssl, certFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
goto done;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, keyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_use_PrivateKey_file(ssl, keyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
goto done;
}
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
/* call ssl setup callback */
if (cbf != NULL && cbf->ssl_ready != NULL) {
cbf->ssl_ready(ssl);
}
#ifdef WOLFSSL_SESSION_EXPORT
/* only add in more complex nonblocking case with session export tests */
if (opts->argc > 0) {
ret = nonblocking_accept_read(args, ssl, &clientfd);
if (ret >= 0) {
opts->return_code = TEST_SUCCESS;
}
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
goto done;
}
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_negotiate(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_accept failed");*/
goto done;
}
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
XMEMSET(server_side_msg2, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_peer_finished(ssl, server_side_msg2, MD_MAX_SIZE);
AssertIntGE(msg_len, 0);
XMEMSET(server_side_msg1, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_finished(ssl, server_side_msg1, MD_MAX_SIZE);
AssertIntGE(msg_len, 0);
#endif /* WOLFSSL_HAVE_TLS_UNIQUE */
idx = wolfSSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) {
input[idx] = '\0';
fprintf(stderr, "Client message: %s\n", input);
}
else if (idx < 0) {
goto done;
}
if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) {
/*err_sys("SSL_write failed");*/
goto done;
}
if (cbf != NULL && cbf->on_result != NULL)
cbf->on_result(ssl);
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
opts->return_code = TEST_SUCCESS;
done:
if (cbf != NULL)
cbf->last_err = err;
if (cbf != NULL && cbf->on_cleanup != NULL)
cbf->on_cleanup(ssl);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
if (!sharedCtx)
wolfSSL_CTX_free(ctx);
CloseSocket(clientfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
if (cbf == NULL || !cbf->ticNoInit) {
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
#if defined(OPENSSL_EXTRA) && defined(HAVE_AES_CBC)
OpenSSLTicketCleanup();
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketCleanup();
#endif
#endif
}
wolfSSL_SetLoggingPrefix(NULL);
WOLFSSL_RETURN_FROM_THREAD(0);
}
#if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
!defined(WOLFSSL_NO_TLS12)
static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
{
SOCKET_T sockfd;
SOCKET_T clientfd = -1;
word16 port;
callback_functions* cbf;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
char msg[] = "I hear you fa shizzle!";
char input[1024];
int idx;
int ret, err = 0;
int sharedCtx = 0;
func_args* opts = (func_args*)args;
int loop_count = opts->argc;
int count = 0;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
opts->return_code = TEST_FAIL;
cbf = opts->callbacks;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (cbf != NULL && cbf->ctx) {
ctx = cbf->ctx;
sharedCtx = 1;
}
else
#endif
{
WOLFSSL_METHOD* method = NULL;
if (cbf != NULL && cbf->method != NULL) {
method = cbf->method();
}
else {
method = wolfSSLv23_server_method();
}
ctx = wolfSSL_CTX_new(method);
}
#if defined(USE_WINDOWS_API)
port = opts->signal->port;
#elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
!defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
/* Let tcp_listen assign port */
port = 0;
#else
/* Use default port */
port = wolfSSLPort;
#endif
wolfSSL_CTX_set_verify(ctx,
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0)
!= WOLFSSL_SUCCESS) {
/*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
signal_ready(opts->signal);
goto done;
}
if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
signal_ready(opts->signal);
goto done;
}
if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
signal_ready(opts->signal);
goto done;
}
/* call ctx setup callback */
if (cbf != NULL && cbf->ctx_ready != NULL) {
cbf->ctx_ready(ctx);
}
while (count != loop_count) {
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
signal_ready(opts->signal);
goto done;
}
if (sharedCtx && wolfSSL_use_certificate_file(ssl, svrCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
signal_ready(opts->signal);
goto done;
}
if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
signal_ready(opts->signal);
goto done;
}
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
/* call ssl setup callback */
if (cbf != NULL && cbf->ssl_ready != NULL) {
cbf->ssl_ready(ssl);
}
/* do it here to detect failure */
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0,
0);
CloseSocket(sockfd);
if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
goto done;
}
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_accept(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_accept failed");*/
goto done;
}
idx = wolfSSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) {
input[idx] = '\0';
fprintf(stderr, "Client message: %s\n", input);
}
if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) {
/*err_sys("SSL_write failed");*/
goto done;
}
/* free ssl for this connection */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl); ssl = NULL;
CloseSocket(clientfd);
clientfd = -1;
count++;
}
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
opts->return_code = TEST_SUCCESS;
done:
if (ssl != NULL) {
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
}
if (!sharedCtx)
wolfSSL_CTX_free(ctx);
if (clientfd >= 0)
CloseSocket(clientfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */
static int test_client_nofail(void* args, cbType cb)
{
#if !defined(NO_WOLFSSL_CLIENT)
SOCKET_T sockfd = 0;
callback_functions* cbf;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
WOLFSSL_CIPHER* cipher;
char msg[64] = "hello wolfssl!";
char reply[1024];
int input;
int msgSz = (int)XSTRLEN(msg);
int ret, err = 0;
int cipherSuite;
int sharedCtx = 0;
int doUdp = 0;
const char* cipherName1, *cipherName2;
wolfSSL_SetLoggingPrefix("client");
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
cbf = ((func_args*)args)->callbacks;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (cbf != NULL && cbf->ctx) {
ctx = cbf->ctx;
sharedCtx = cbf->isSharedCtx;
}
else
#endif
{
WOLFSSL_METHOD* method = NULL;
if (cbf != NULL && cbf->method != NULL) {
method = cbf->method();
}
else {
method = wolfSSLv23_client_method();
}
ctx = wolfSSL_CTX_new(method);
}
if (cbf != NULL)
doUdp = cbf->doUdp;
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
/* Do connect here so server detects failures */
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port,
doUdp, 0, NULL);
/* Connect the socket so that we don't have to set the peer later on */
if (doUdp)
udp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port);
if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS)
{
/* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
goto done;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load client cert file, "
"Please run from wolfSSL home dir");*/
goto done;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load client key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
#ifdef HAVE_CRL
if (cbf != NULL && cbf->crlPemFile != NULL) {
if (wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL) != WOLFSSL_SUCCESS)
goto done;
if (wolfSSL_CTX_LoadCRLFile(ctx, cbf->crlPemFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
goto done;
}
#endif
/* call ctx setup callback */
if (cbf != NULL && cbf->ctx_ready != NULL) {
cbf->ctx_ready(ctx);
}
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
goto done;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (sharedCtx && wolfSSL_use_certificate_file(ssl, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_use_certificate_file(ssl, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load client cert file, "
"Please run from wolfSSL home dir");*/
goto done;
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#else
if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
#endif
/*err_sys("can't load client key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (!doUdp) {
if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
goto done;
}
}
else {
#ifdef WOLFSSL_DTLS
if (wolfSSL_set_dtls_fd_connected(ssl, sockfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
goto done;
}
#else
goto done;
#endif
}
/* call ssl setup callback */
if (cbf != NULL && cbf->ssl_ready != NULL) {
cbf->ssl_ready(ssl);
}
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_negotiate(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_connect failed");*/
goto done;
}
/* test the various get cipher methods */
/* Internal cipher suite names */
cipherSuite = wolfSSL_get_current_cipher_suite(ssl);
cipherName1 = wolfSSL_get_cipher_name(ssl);
cipherName2 = wolfSSL_get_cipher_name_from_suite(
(cipherSuite >> 8), cipherSuite & 0xFF);
AssertStrEQ(cipherName1, cipherName2);
/* IANA Cipher Suites Names */
/* Unless WOLFSSL_CIPHER_INTERNALNAME or NO_ERROR_STRINGS,
then it's the internal cipher suite name */
cipher = wolfSSL_get_current_cipher(ssl);
cipherName1 = wolfSSL_CIPHER_get_name(cipher);
cipherName2 = wolfSSL_get_cipher(ssl);
AssertStrEQ(cipherName1, cipherName2);
#if !defined(WOLFSSL_CIPHER_INTERNALNAME) && !defined(NO_ERROR_STRINGS) && \
!defined(WOLFSSL_QT)
cipherName1 = wolfSSL_get_cipher_name_iana_from_suite(
(cipherSuite >> 8), cipherSuite & 0xFF);
AssertStrEQ(cipherName1, cipherName2);
#endif
if (cb != NULL)
(cb)(ctx, ssl);
if (wolfSSL_write(ssl, msg, msgSz) != msgSz) {
/*err_sys("SSL_write failed");*/
goto done;
}
input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = '\0';
fprintf(stderr, "Server response: %s\n", reply);
}
if (cbf != NULL && cbf->on_result != NULL)
cbf->on_result(ssl);
((func_args*)args)->return_code = TEST_SUCCESS;
done:
if (cbf != NULL)
cbf->last_err = err;
if (cbf != NULL && cbf->on_cleanup != NULL)
cbf->on_cleanup(ssl);
wolfSSL_free(ssl);
if (!sharedCtx)
wolfSSL_CTX_free(ctx);
CloseSocket(sockfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
#else
(void)args;
(void)cb;
#endif /* !NO_WOLFSSL_CLIENT */
wolfSSL_SetLoggingPrefix(NULL);
return 0;
}
void test_wolfSSL_client_server_nofail_ex(callback_functions* client_cb,
callback_functions* server_cb, cbType client_on_handshake)
{
func_args client_args;
func_args server_args;
tcp_ready ready;
THREAD_TYPE serverThread;
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
server_args.callbacks = server_cb;
client_args.signal = &ready;
client_args.callbacks = client_cb;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_nofail(&client_args, client_on_handshake);
join_thread(serverThread);
client_cb->return_code = client_args.return_code;
server_cb->return_code = server_args.return_code;
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
}
void test_wolfSSL_client_server_nofail(callback_functions* client_cb,
callback_functions* server_cb)
{
test_wolfSSL_client_server_nofail_ex(client_cb, server_cb, NULL);
}
#if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
!defined(WOLFSSL_NO_TLS12) && !defined(NO_WOLFSSL_CLIENT)
static void test_client_reuse_WOLFSSLobj(void* args, cbType cb,
void* server_args)
{
SOCKET_T sockfd = 0;
callback_functions* cbf;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
WOLFSSL_SESSION* session = NULL;
char msg[64] = "hello wolfssl!";
char reply[1024];
int input;
int msgSz = (int)XSTRLEN(msg);
int ret, err = 0;
int sharedCtx = 0;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
cbf = ((func_args*)args)->callbacks;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (cbf != NULL && cbf->ctx) {
ctx = cbf->ctx;
sharedCtx = 1;
}
else
#endif
{
WOLFSSL_METHOD* method = NULL;
if (cbf != NULL && cbf->method != NULL) {
method = cbf->method();
}
else {
method = wolfSSLv23_client_method();
}
ctx = wolfSSL_CTX_new(method);
}
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
/* Do connect here so server detects failures */
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port,
0, 0, NULL);
if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) !=
WOLFSSL_SUCCESS) {
/* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
goto done;
}
if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load client cert file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load client key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
/* call ctx setup callback */
if (cbf != NULL && cbf->ctx_ready != NULL) {
cbf->ctx_ready(ctx);
}
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
goto done;
}
/* keep handshake resources for re-using WOLFSSL obj */
wolfSSL_KeepArrays(ssl);
if (wolfSSL_KeepHandshakeResources(ssl)) {
/* err_sys("SSL_KeepHandshakeResources failed"); */
goto done;
}
if (sharedCtx && wolfSSL_use_certificate_file(ssl, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load client cert file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load client key file, "
"Please run from wolfSSL home dir");*/
goto done;
}
if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
goto done;
}
/* call ssl setup callback */
if (cbf != NULL && cbf->ssl_ready != NULL) {
cbf->ssl_ready(ssl);
}
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_connect(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_connect failed");*/
goto done;
}
/* Build first session */
if (cb != NULL)
cb(ctx, ssl);
if (wolfSSL_write(ssl, msg, msgSz) != msgSz) {
/*err_sys("SSL_write failed");*/
goto done;
}
input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = '\0';
fprintf(stderr, "Server response: %s\n", reply);
}
/* Session Resumption by re-using WOLFSSL object */
wolfSSL_set_quiet_shutdown(ssl, 1);
if (wolfSSL_shutdown(ssl) != WOLFSSL_SUCCESS) {
/* err_sys ("SSL shutdown failed"); */
goto done;
}
session = wolfSSL_get1_session(ssl);
if (wolfSSL_clear(ssl) != WOLFSSL_SUCCESS) {
wolfSSL_SESSION_free(session);
/* err_sys ("SSL_clear failed"); */
goto done;
}
wolfSSL_set_session(ssl, session);
wolfSSL_SESSION_free(session);
session = NULL;
/* close socket once */
CloseSocket(sockfd);
sockfd = 0;
/* wait until server ready */
wait_tcp_ready((func_args*)server_args);
fprintf(stderr, "session resumption\n");
/* Do re-connect */
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port,
0, 0, NULL);
if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
goto done;
}
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_connect(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_connect failed");*/
goto done;
}
/* Build first session */
if (cb != NULL)
cb(ctx, ssl);
if (wolfSSL_write(ssl, msg, msgSz) != msgSz) {
/*err_sys("SSL_write failed");*/
goto done;
}
input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = '\0';
fprintf(stderr, "Server response: %s\n", reply);
}
((func_args*)args)->return_code = TEST_SUCCESS;
done:
wolfSSL_free(ssl);
if (!sharedCtx)
wolfSSL_CTX_free(ctx);
CloseSocket(sockfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
return;
}
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) &&
!defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_CLIENT) */
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)) && \
defined(HAVE_ALPN) && defined(HAVE_SNI) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_BIO)
#define HAVE_ALPN_PROTOS_SUPPORT
#endif
/* Generic TLS client / server with callbacks for API unit tests
* Used by SNI / ALPN / crypto callback helper functions */
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && \
(defined(HAVE_SNI) || defined(HAVE_ALPN) || defined(WOLF_CRYPTO_CB) || \
defined(HAVE_ALPN_PROTOS_SUPPORT)) || defined(WOLFSSL_STATIC_MEMORY)
#define ENABLE_TLS_CALLBACK_TEST
#endif
#if defined(ENABLE_TLS_CALLBACK_TEST) || \
(defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT))
/* TLS server for API unit testing - generic */
static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
{
callback_functions* callbacks = ((func_args*)args)->callbacks;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
SOCKET_T sfd = 0;
SOCKET_T cfd = 0;
word16 port;
char msg[] = "I hear you fa shizzle!";
int len = (int) XSTRLEN(msg);
char input[1024];
int idx;
int ret, err = 0;
((func_args*)args)->return_code = TEST_FAIL;
#if defined(USE_WINDOWS_API)
port = ((func_args*)args)->signal->port;
#elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
!defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
/* Let tcp_listen assign port */
port = 0;
#else
/* Use default port */
port = wolfSSLPort;
#endif
#ifdef WOLFSSL_DTLS
if (callbacks->method == wolfDTLS_server_method
#ifdef WOLFSSL_STATIC_MEMORY
|| callbacks->method_ex == wolfDTLS_server_method_ex
#endif
#ifndef NO_OLD_TLS
|| callbacks->method == wolfDTLSv1_server_method
#ifdef WOLFSSL_STATIC_MEMORY
|| callbacks->method_ex == wolfDTLSv1_server_method_ex
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
|| callbacks->method == wolfDTLSv1_2_server_method
#ifdef WOLFSSL_STATIC_MEMORY
|| callbacks->method_ex == wolfDTLSv1_2_server_method_ex
#endif
#endif
#ifdef WOLFSSL_DTLS13
|| callbacks->method == wolfDTLSv1_3_server_method
#ifdef WOLFSSL_STATIC_MEMORY
|| callbacks->method_ex == wolfDTLSv1_3_server_method_ex
#endif
#endif
) {
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 1, 0, 0, 0, 0, 0);
}
else
#endif
{
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
}
#ifdef WOLFSSL_STATIC_MEMORY
if (callbacks->method_ex != NULL && callbacks->mem != NULL &&
callbacks->memSz > 0) {
ret = wolfSSL_CTX_load_static_memory(&ctx, callbacks->method_ex,
callbacks->mem, callbacks->memSz, 0, 1);
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr, "CTX static new failed %d\n", ret);
goto cleanup;
}
}
#else
ctx = wolfSSL_CTX_new(callbacks->method());
#endif
if (ctx == NULL) {
fprintf(stderr, "CTX new failed\n");
goto cleanup;
}
/* set defaults */
if (callbacks->caPemFile == NULL)
callbacks->caPemFile = cliCertFile;
if (callbacks->certPemFile == NULL)
callbacks->certPemFile = svrCertFile;
if (callbacks->keyPemFile == NULL)
callbacks->keyPemFile = svrKeyFile;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
wolfSSL_CTX_SetDevId(ctx, callbacks->devId);
wolfSSL_CTX_set_verify(ctx,
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(WOLFSSL_SESSION_EXPORT) && defined(WOLFSSL_DTLS)
if (callbacks->method == wolfDTLSv1_2_server_method) {
if (wolfSSL_CTX_dtls_set_export(ctx, test_export) != WOLFSSL_SUCCESS)
goto cleanup;
}
#endif
if (wolfSSL_CTX_load_verify_locations(ctx, callbacks->caPemFile, 0) !=
WOLFSSL_SUCCESS) {
goto cleanup;
}
if (wolfSSL_CTX_use_certificate_file(ctx, callbacks->certPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
if (wolfSSL_CTX_use_PrivateKey_file(ctx, callbacks->keyPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
#ifdef HAVE_CRL
if (callbacks->crlPemFile != NULL) {
if (wolfSSL_CTX_LoadCRLFile(ctx, callbacks->crlPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
}
#endif
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
fprintf(stderr, "SSL new failed\n");
goto cleanup;
}
if (wolfSSL_dtls(ssl)) {
SOCKADDR_IN_T cliAddr;
socklen_t cliLen;
cliLen = sizeof(cliAddr);
idx = (int)recvfrom(sfd, input, sizeof(input), MSG_PEEK,
(struct sockaddr*)&cliAddr, &cliLen);
if (idx <= 0) {
goto cleanup;
}
wolfSSL_dtls_set_peer(ssl, &cliAddr, cliLen);
}
else {
CloseSocket(sfd);
}
if (wolfSSL_set_fd(ssl, cfd) != WOLFSSL_SUCCESS) {
goto cleanup;
}
if (callbacks->loadToSSL) {
wolfSSL_SetDevId(ssl, callbacks->devId);
if (wolfSSL_use_certificate_file(ssl, callbacks->certPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
if (wolfSSL_use_PrivateKey_file(ssl, callbacks->keyPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
}
#ifdef NO_PSK
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
#endif
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_accept(ssl);
err = wolfSSL_get_error(ssl, ret);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "accept error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_accept failed");*/
}
else {
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
idx = wolfSSL_read(ssl, input, sizeof(input)-1);
err = wolfSSL_get_error(ssl, idx);
} while (err == WC_PENDING_E);
if (idx > 0) {
input[idx] = 0;
fprintf(stderr, "Client message: %s\n", input);
}
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_write(ssl, msg, len);
err = wolfSSL_get_error(ssl, ret);
} while (err == WC_PENDING_E);
if (len != ret) {
goto cleanup;
}
#if defined(WOLFSSL_SESSION_EXPORT) && !defined(HAVE_IO_POOL) && \
defined(WOLFSSL_DTLS)
if (wolfSSL_dtls(ssl)) {
byte* import;
word32 sz;
wolfSSL_dtls_export(ssl, NULL, &sz);
import = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (import == NULL) {
goto cleanup;
}
idx = wolfSSL_dtls_export(ssl, import, &sz);
if (idx < 0) {
goto cleanup;
}
if (wolfSSL_dtls_import(ssl, import, idx) < 0) {
goto cleanup;
}
XFREE(import, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
((func_args*)args)->return_code = TEST_SUCCESS;
}
if (callbacks->on_result)
callbacks->on_result(ssl);
wolfSSL_shutdown(ssl);
cleanup:
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(cfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
/* TLS Client for API unit testing - generic */
static void run_wolfssl_client(void* args)
{
callback_functions* callbacks = ((func_args*)args)->callbacks;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
SOCKET_T sfd = 0;
char msg[] = "hello wolfssl server!";
int len = (int) XSTRLEN(msg);
char input[1024];
int ret, err = 0;
((func_args*)args)->return_code = TEST_FAIL;
/* set defaults */
if (callbacks->caPemFile == NULL)
callbacks->caPemFile = caCertFile;
if (callbacks->certPemFile == NULL)
callbacks->certPemFile = cliCertFile;
if (callbacks->keyPemFile == NULL)
callbacks->keyPemFile = cliKeyFile;
#ifdef WOLFSSL_STATIC_MEMORY
if (callbacks->method_ex != NULL && callbacks->mem != NULL &&
callbacks->memSz > 0) {
ret = wolfSSL_CTX_load_static_memory(&ctx, callbacks->method_ex,
callbacks->mem, callbacks->memSz, 0, 1);
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr, "CTX static new failed %d\n", ret);
goto cleanup;
}
}
#else
ctx = wolfSSL_CTX_new(callbacks->method());
#endif
if (ctx == NULL) {
fprintf(stderr, "CTX new failed\n");
goto cleanup;
}
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
if (!callbacks->loadToSSL) {
wolfSSL_CTX_SetDevId(ctx, callbacks->devId);
}
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
if (wolfSSL_CTX_load_verify_locations(ctx, callbacks->caPemFile, 0) !=
WOLFSSL_SUCCESS) {
goto cleanup;
}
if (!callbacks->loadToSSL) {
if (wolfSSL_CTX_use_certificate_file(ctx, callbacks->certPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
if (wolfSSL_CTX_use_PrivateKey_file(ctx, callbacks->keyPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
}
#ifdef HAVE_CRL
if (callbacks->crlPemFile != NULL) {
if (wolfSSL_CTX_LoadCRLFile(ctx, callbacks->crlPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
}
#endif
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
ssl = wolfSSL_new(ctx);
if (wolfSSL_dtls(ssl)) {
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port,
1, 0, ssl);
}
else {
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port,
0, 0, ssl);
}
if (wolfSSL_set_fd(ssl, sfd) != WOLFSSL_SUCCESS) {
goto cleanup;
}
if (callbacks->loadToSSL) {
wolfSSL_SetDevId(ssl, callbacks->devId);
if (wolfSSL_use_certificate_file(ssl, callbacks->certPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
if (wolfSSL_use_PrivateKey_file(ssl, callbacks->keyPemFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
goto cleanup;
}
}
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_connect(ssl);
err = wolfSSL_get_error(ssl, ret);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buff));
/*err_sys("SSL_connect failed");*/
}
else {
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_write(ssl, msg, len);
err = wolfSSL_get_error(ssl, ret);
} while (err == WC_PENDING_E);
if (len != ret)
goto cleanup;
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_read(ssl, input, sizeof(input)-1);
err = wolfSSL_get_error(ssl, ret);
} while (err == WC_PENDING_E);
if (ret > 0) {
input[ret] = '\0'; /* null term */
fprintf(stderr, "Server response: %s\n", input);
}
((func_args*)args)->return_code = TEST_SUCCESS;
}
if (callbacks->on_result)
callbacks->on_result(ssl);
cleanup:
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(sfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
}
#endif /* ENABLE_TLS_CALLBACK_TEST */
static int test_wolfSSL_read_write(void)
{
/* The unit testing for read and write shall happen simultaneously, since
* one can't do anything with one without the other. (Except for a failure
* test case.) This function will call all the others that will set up,
* execute, and report their test findings.
*
* Set up the success case first. This function will become the template
* for the other tests. This should eventually be renamed
*
* The success case isn't interesting, how can this fail?
* - Do not give the client context a CA certificate. The connect should
* fail. Do not need server for this?
* - Using NULL for the ssl object on server. Do not need client for this.
* - Using NULL for the ssl object on client. Do not need server for this.
* - Good ssl objects for client and server. Client write() without server
* read().
* - Good ssl objects for client and server. Server write() without client
* read().
* - Forgetting the password callback?
*/
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
EXPECT_DECLS;
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_nofail(&client_args, NULL);
join_thread(serverThread);
ExpectTrue(client_args.return_code);
ExpectTrue(server_args.return_code);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_reuse_WOLFSSLobj(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
!defined(WOLFSSL_NO_TLS12)
/* The unit test for session resumption by re-using WOLFSSL object.
* WOLFSSL object is not cleared after first session. It reuse the object
* for second connection.
*/
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
callback_functions client_cbf;
callback_functions server_cbf;
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
client_cbf.method = wolfTLSv1_2_client_method;
server_cbf.method = wolfTLSv1_2_server_method;
client_args.callbacks = &client_cbf;
server_args.callbacks = &server_cbf;
server_args.signal = &ready;
client_args.signal = &ready;
/* the var is used for loop number */
server_args.argc = 2;
start_thread(test_server_loop, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_reuse_WOLFSSLobj(&client_args, NULL, &server_args);
join_thread(serverThread);
ExpectTrue(client_args.return_code);
ExpectTrue(server_args.return_code);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) &&
* !defined(WOLFSSL_TLS13) */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_CTX_verifyDepth_ServerClient_1_ctx_ready(
WOLFSSL_CTX* ctx)
{
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
myVerifyAction = VERIFY_USE_PREVERFIY;
wolfSSL_CTX_set_verify_depth(ctx, 2);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_CTX_verifyDepth_ServerClient_1(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
#ifdef WOLFSSL_TLS13
client_cbf.method = wolfTLSv1_3_client_method;
#endif /* WOLFSSL_TLS13 */
client_cbf.ctx_ready =
test_wolfSSL_CTX_verifyDepth_ServerClient_1_ctx_ready;
/* test case 1 verify depth is equal to peer chain */
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
#endif /* OPENSSL_EXTRA && HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_CTX_verifyDepth_ServerClient_2_ctx_ready(
WOLFSSL_CTX* ctx)
{
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
myVerifyAction = VERIFY_OVERRIDE_ERROR;
wolfSSL_CTX_set_verify_depth(ctx, 0);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_CTX_verifyDepth_ServerClient_2(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
#ifdef WOLFSSL_TLS13
client_cbf.method = wolfTLSv1_3_client_method;
#endif /* WOLFSSL_TLS13 */
client_cbf.ctx_ready =
test_wolfSSL_CTX_verifyDepth_ServerClient_2_ctx_ready;
/* test case 2
* verify depth is zero, number of peer's chain is 2.
* verify result becomes MAX_CHAIN_ERROR, but it is overridden in
* callback.
*/
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
#endif /* OPENSSL_EXTRA && HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_CTX_verifyDepth_ServerClient_3_ctx_ready(
WOLFSSL_CTX* ctx)
{
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
myVerifyAction = VERIFY_USE_PREVERFIY;
wolfSSL_CTX_set_verify_depth(ctx, 0);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
#ifdef WOLFSSL_TLS13
client_cbf.method = wolfTLSv1_3_client_method;
#endif /* WOLFSSL_TLS13 */
client_cbf.ctx_ready =
test_wolfSSL_CTX_verifyDepth_ServerClient_3_ctx_ready;
/* test case 3
* verify depth is zero, number of peer's chain is 2
* verify result becomes MAX_CHAIN_ERRO. call-back returns failure.
* therefore, handshake becomes failure.
*/
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_FAIL);
ExpectIntEQ(client_cbf.return_code, TEST_FAIL);
ExpectIntEQ(server_cbf.return_code, TEST_FAIL);
ExpectIntEQ(client_cbf.last_err, MAX_CHAIN_ERROR);
ExpectIntEQ(server_cbf.last_err, FATAL_ERROR);
#endif /* OPENSSL_EXTRA && HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_ECC) && !defined(NO_AES) && !defined(NO_SHA256)
static int test_wolfSSL_CTX_set_cipher_list_server_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "DEFAULT:!NULL"));
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_cipher_list_client_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-SHA256"));
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_CTX_set_cipher_list(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(HAVE_ECC) && !defined(NO_AES) && !defined(NO_SHA256)
#if !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX* ctxClient = NULL;
WOLFSSL* sslClient = NULL;
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
server_cbf.method = wolfTLSv1_2_server_method;
server_cbf.ctx_ready = test_wolfSSL_CTX_set_cipher_list_server_ctx_ready;
client_cbf.method = wolfTLSv1_2_client_method;
client_cbf.ctx_ready = test_wolfSSL_CTX_set_cipher_list_client_ctx_ready;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
/* check with cipher string that has '+' */
ExpectNotNull((ctxClient = wolfSSL_CTX_new(wolfTLSv1_2_client_method())));
/* Use trailing : with nothing to test for ASAN */
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctxClient, "ECDHE+AESGCM:"));
ExpectNotNull((sslClient = wolfSSL_new(ctxClient)));
/* check for the existence of an ECDHE ECDSA cipher suite */
if (EXPECT_SUCCESS()) {
int i = 0;
int found = 0;
const char* suite;
WOLF_STACK_OF(WOLFSSL_CIPHER)* sk = NULL;
WOLFSSL_CIPHER* current;
ExpectNotNull((sk = wolfSSL_get_ciphers_compat(sslClient)));
do {
current = wolfSSL_sk_SSL_CIPHER_value(sk, i++);
if (current) {
suite = wolfSSL_CIPHER_get_name(current);
if (suite && XSTRSTR(suite, "ECDSA")) {
found = 1;
break;
}
}
} while (current);
ExpectIntEQ(found, 1);
}
wolfSSL_free(sslClient);
wolfSSL_CTX_free(ctxClient);
#endif /* !WOLFSSL_NO_TLS12 */
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(WOLFSSL_HAVE_TLS_UNIQUE)
static int test_wolfSSL_get_finished_client_on_handshake(WOLFSSL_CTX* ctx,
WOLFSSL* ssl)
{
EXPECT_DECLS;
size_t msg_len;
(void)ctx;
/* get_finished test */
/* 1. get own sent message */
XMEMSET(client_side_msg1, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_finished(ssl, client_side_msg1, MD_MAX_SIZE);
ExpectIntGE(msg_len, 0);
/* 2. get peer message */
XMEMSET(client_side_msg2, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_peer_finished(ssl, client_side_msg2, MD_MAX_SIZE);
ExpectIntGE(msg_len, 0);
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_get_finished(void)
{
EXPECT_DECLS;
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(WOLFSSL_HAVE_TLS_UNIQUE)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, test_wolfSSL_get_finished_client_on_handshake),
TEST_SUCCESS);
/* test received msg vs sent msg */
ExpectIntEQ(0, XMEMCMP(client_side_msg1, server_side_msg2, MD_MAX_SIZE));
ExpectIntEQ(0, XMEMCMP(client_side_msg2, server_side_msg1, MD_MAX_SIZE));
#endif /* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES && WOLFSSL_HAVE_TLS_UNIQUE */
return EXPECT_RESULT();
}
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
!defined(SINGLE_THREADED) && defined(WOLFSSL_TLS13) && \
!defined(NO_SESSION_CACHE)
/* Sessions to restore/store */
static WOLFSSL_SESSION* test_wolfSSL_CTX_add_session_client_sess;
static WOLFSSL_SESSION* test_wolfSSL_CTX_add_session_server_sess;
static WOLFSSL_CTX* test_wolfSSL_CTX_add_session_server_ctx;
static void test_wolfSSL_CTX_add_session_ctx_ready(WOLFSSL_CTX* ctx)
{
/* Don't store sessions. Lookup is still enabled. */
AssertIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS);
#ifdef OPENSSL_EXTRA
AssertIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) &
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
}
static void test_wolfSSL_CTX_add_session_on_result(WOLFSSL* ssl)
{
WOLFSSL_SESSION** sess;
if (wolfSSL_is_server(ssl))
sess = &test_wolfSSL_CTX_add_session_server_sess;
else
sess = &test_wolfSSL_CTX_add_session_client_sess;
if (*sess == NULL) {
#ifdef NO_SESSION_CACHE_REF
AssertNotNull(*sess = wolfSSL_get1_session(ssl));
#else
/* Test for backwards compatibility */
if (wolfSSL_is_server(ssl)) {
AssertNotNull(*sess = wolfSSL_get1_session(ssl));
}
else {
AssertNotNull(*sess = wolfSSL_get_session(ssl));
}
#endif
/* Now save the session in the internal store to make it available
* for lookup. For TLS 1.3, we can't save the session without
* WOLFSSL_TICKET_HAVE_ID because there is no way to retrieve the
* session from cache. */
if (wolfSSL_is_server(ssl)
#ifndef WOLFSSL_TICKET_HAVE_ID
&& wolfSSL_version(ssl) != TLS1_3_VERSION
#endif
)
AssertIntEQ(wolfSSL_CTX_add_session(wolfSSL_get_SSL_CTX(ssl),
*sess), WOLFSSL_SUCCESS);
}
else {
/* If we have a session retrieved then remaining connections should be
* resuming on that session */
AssertIntEQ(wolfSSL_session_reused(ssl), 1);
}
/* Save CTX to be able to decrypt tickets */
if (wolfSSL_is_server(ssl) &&
test_wolfSSL_CTX_add_session_server_ctx == NULL) {
AssertNotNull(test_wolfSSL_CTX_add_session_server_ctx
= wolfSSL_get_SSL_CTX(ssl));
AssertIntEQ(wolfSSL_CTX_up_ref(wolfSSL_get_SSL_CTX(ssl)),
WOLFSSL_SUCCESS);
}
#ifdef SESSION_CERTS
#ifndef WOLFSSL_TICKET_HAVE_ID
if (wolfSSL_version(ssl) != TLS1_3_VERSION &&
wolfSSL_session_reused(ssl))
#endif
{
/* With WOLFSSL_TICKET_HAVE_ID the peer certs should be available
* for all connections. TLS 1.3 only has tickets so if we don't
* include the session id in the ticket then the certificates
* will not be available on resumption. */
WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl);
AssertNotNull(peer);
wolfSSL_X509_free(peer);
AssertNotNull(wolfSSL_SESSION_get_peer_chain(*sess));
#ifdef OPENSSL_EXTRA
AssertNotNull(SSL_SESSION_get0_peer(*sess));
#endif
}
#endif /* SESSION_CERTS */
}
static void test_wolfSSL_CTX_add_session_ssl_ready(WOLFSSL* ssl)
{
/* Set the session to reuse for the client */
AssertIntEQ(wolfSSL_set_session(ssl,
test_wolfSSL_CTX_add_session_client_sess), WOLFSSL_SUCCESS);
}
#endif
static int test_wolfSSL_CTX_add_session(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
!defined(SINGLE_THREADED) && defined(WOLFSSL_TLS13) && \
!defined(NO_SESSION_CACHE)
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
callback_functions client_cb;
callback_functions server_cb;
method_provider methods[][2] = {
#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
!defined(NO_DES3))
/* Without AES there are almost no ciphersuites available. This leads
* to no ciphersuites being available and an error. */
{ wolfTLSv1_1_client_method, wolfTLSv1_1_server_method },
#endif
#ifndef WOLFSSL_NO_TLS12
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method },
#endif
/* Needs the default ticket callback since it is tied to the
* connection context and this makes it easy to carry over the ticket
* crypto context between connections */
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
defined(HAVE_SESSION_TICKET)
{ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method },
#endif
};
const size_t methodsLen = sizeof(methods)/sizeof(*methods);
size_t i, j;
for (i = 0; i < methodsLen; i++) {
/* First run creates a connection while the second+ run will attempt
* to resume the connection. The trick is that the internal cache
* is turned off. wolfSSL_CTX_add_session should put the session in
* the cache anyway. */
test_wolfSSL_CTX_add_session_client_sess = NULL;
test_wolfSSL_CTX_add_session_server_sess = NULL;
test_wolfSSL_CTX_add_session_server_ctx = NULL;
#ifdef NO_SESSION_CACHE_REF
for (j = 0; j < 4; j++) {
#else
/* The session may be overwritten in this case. Do only one resumption
* to stop this test from failing intermittently. */
for (j = 0; j < 2; j++) {
#endif
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
client_cb.method = methods[i][0];
server_cb.method = methods[i][1];
server_args.signal = &ready;
server_args.callbacks = &server_cb;
client_args.signal = &ready;
client_args.callbacks = &client_cb;
if (test_wolfSSL_CTX_add_session_server_ctx != NULL) {
server_cb.ctx = test_wolfSSL_CTX_add_session_server_ctx;
server_cb.isSharedCtx = 1;
}
server_cb.ctx_ready = test_wolfSSL_CTX_add_session_ctx_ready;
client_cb.ctx_ready = test_wolfSSL_CTX_add_session_ctx_ready;
if (j != 0)
client_cb.ssl_ready = test_wolfSSL_CTX_add_session_ssl_ready;
server_cb.on_result = test_wolfSSL_CTX_add_session_on_result;
client_cb.on_result = test_wolfSSL_CTX_add_session_on_result;
server_cb.ticNoInit = 1; /* Use default builtin */
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_nofail(&client_args, NULL);
join_thread(serverThread);
ExpectTrue(client_args.return_code);
ExpectTrue(server_args.return_code);
FreeTcpReady(&ready);
if (EXPECT_FAIL())
break;
}
wolfSSL_SESSION_free(test_wolfSSL_CTX_add_session_client_sess);
wolfSSL_SESSION_free(test_wolfSSL_CTX_add_session_server_sess);
wolfSSL_CTX_free(test_wolfSSL_CTX_add_session_server_ctx);
if (EXPECT_FAIL())
break;
}
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
/* twcase - prefix for test_wolfSSL_CTX_add_session_ext */
/* Sessions to restore/store */
static WOLFSSL_SESSION* twcase_server_first_session_ptr;
static WOLFSSL_SESSION* twcase_client_first_session_ptr;
static WOLFSSL_CTX* twcase_server_current_ctx_ptr;
static int twcase_new_session_called = 0;
static int twcase_remove_session_called = 0;
static int twcase_get_session_called = 0;
/* Test default, SESSIONS_PER_ROW*SESSION_ROWS = 3*11, see ssl.c */
#define SESSION_CACHE_SIZE 33
typedef struct {
const byte* key; /* key, altSessionID, session ID, NULL if empty */
WOLFSSL_SESSION* value;
} hashTable_entry;
typedef struct {
hashTable_entry entries[SESSION_CACHE_SIZE]; /* hash slots */
size_t capacity; /* size of entries */
size_t length; /* number of items in the hash table */
wolfSSL_Mutex htLock; /* lock */
}hashTable;
static hashTable server_sessionCache;
static int twcase_new_sessionCb(WOLFSSL *ssl, WOLFSSL_SESSION *sess)
{
int i;
unsigned int len;
(void)ssl;
/*
* This example uses a hash table.
* Steps you should take for a non-demo code:
* - acquire a lock for the file named according to the session id
* - open the file
* - encrypt and write the SSL_SESSION object to the file
* - release the lock
*
* Return:
* 0: The callback does not wish to hold a reference of the sess
* 1: The callback wants to hold a reference of the sess. The callback is
* now also responsible for calling wolfSSL_SESSION_free() on sess.
*/
if (sess == NULL)
return 0;
if (wc_LockMutex(&server_sessionCache.htLock) != 0) {
return 0;
}
for (i = 0; i < SESSION_CACHE_SIZE; i++) {
if (server_sessionCache.entries[i].value == NULL) {
server_sessionCache.entries[i].key = SSL_SESSION_get_id(sess, &len);
server_sessionCache.entries[i].value = sess;
server_sessionCache.length++;
break;
}
}
++twcase_new_session_called;
wc_UnLockMutex(&server_sessionCache.htLock);
fprintf(stderr, "\t\ttwcase_new_session_called %d\n",
twcase_new_session_called);
return 1;
}
static void twcase_remove_sessionCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
{
int i;
(void)ctx;
(void)sess;
if (sess == NULL)
return;
/*
* This example uses a hash table.
* Steps you should take for a non-demo code:
* - acquire a lock for the file named according to the session id
* - remove the file
* - release the lock
*/
if (wc_LockMutex(&server_sessionCache.htLock) != 0) {
return;
}
for (i = 0; i < SESSION_CACHE_SIZE; i++) {
if (server_sessionCache.entries[i].key != NULL &&
XMEMCMP(server_sessionCache.entries[i].key,
sess->sessionID, SSL_MAX_SSL_SESSION_ID_LENGTH) == 0) {
wolfSSL_SESSION_free(server_sessionCache.entries[i].value);
server_sessionCache.entries[i].value = NULL;
server_sessionCache.entries[i].key = NULL;
server_sessionCache.length--;
break;
}
}
++twcase_remove_session_called;
wc_UnLockMutex(&server_sessionCache.htLock);
fprintf(stderr, "\t\ttwcase_remove_session_called %d\n",
twcase_remove_session_called);
}
static WOLFSSL_SESSION *twcase_get_sessionCb(WOLFSSL *ssl,
const unsigned char *id, int len, int *ref)
{
int i;
(void)ssl;
(void)id;
(void)len;
/*
* This example uses a hash table.
* Steps you should take for a non-demo code:
* - acquire a lock for the file named according to the session id in the
* 2nd arg
* - read and decrypt contents of file and create a new SSL_SESSION
* - object release the lock
* - return the new session object
*/
fprintf(stderr, "\t\ttwcase_get_session_called %d\n",
++twcase_get_session_called);
/* This callback want to retain a copy of the object. If we want wolfSSL to
* be responsible for the pointer then set to 0. */
*ref = 1;
for (i = 0; i < SESSION_CACHE_SIZE; i++) {
if (server_sessionCache.entries[i].key != NULL &&
XMEMCMP(server_sessionCache.entries[i].key, id,
SSL_MAX_SSL_SESSION_ID_LENGTH) == 0) {
return server_sessionCache.entries[i].value;
}
}
return NULL;
}
static int twcase_get_sessionCb_cleanup(void)
{
int i;
int cnt = 0;
/* If twcase_get_sessionCb sets *ref = 1, the application is responsible
* for freeing sessions */
for (i = 0; i < SESSION_CACHE_SIZE; i++) {
if (server_sessionCache.entries[i].value != NULL) {
wolfSSL_SESSION_free(server_sessionCache.entries[i].value);
cnt++;
}
}
fprintf(stderr, "\t\ttwcase_get_sessionCb_cleanup freed %d sessions\n",
cnt);
return TEST_SUCCESS;
}
static int twcase_cache_intOff_extOff(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
/* off - Disable internal cache */
ExpectIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS);
#ifdef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) &
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
/* off - Do not setup external cache */
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
return EXPECT_RESULT();
}
static int twcase_cache_intOn_extOff(WOLFSSL_CTX* ctx)
{
/* on - internal cache is on by default */
/* off - Do not setup external cache */
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
return TEST_SUCCESS;
}
static int twcase_cache_intOff_extOn(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
/* off - Disable internal cache */
ExpectIntEQ(wolfSSL_CTX_set_session_cache_mode(ctx,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE), WOLFSSL_SUCCESS);
#ifdef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_CTX_get_session_cache_mode(ctx) &
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
/* on - Enable external cache */
wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
wolfSSL_CTX_sess_set_remove_cb(ctx, twcase_remove_sessionCb);
wolfSSL_CTX_sess_set_get_cb(ctx, twcase_get_sessionCb);
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
return EXPECT_RESULT();
}
static int twcase_cache_intOn_extOn(WOLFSSL_CTX* ctx)
{
/* on - internal cache is on by default */
/* on - Enable external cache */
wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
wolfSSL_CTX_sess_set_remove_cb(ctx, twcase_remove_sessionCb);
wolfSSL_CTX_sess_set_get_cb(ctx, twcase_get_sessionCb);
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
return TEST_SUCCESS;
}
static int twcase_cache_intOn_extOn_noTicket(WOLFSSL_CTX* ctx)
{
/* on - internal cache is on by default */
/* on - Enable external cache */
wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
wolfSSL_CTX_sess_set_remove_cb(ctx, twcase_remove_sessionCb);
wolfSSL_CTX_sess_set_get_cb(ctx, twcase_get_sessionCb);
wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TICKET);
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
return TEST_SUCCESS;
}
static int twcase_server_sess_ctx_pre_shutdown(WOLFSSL* ssl)
{
EXPECT_DECLS;
WOLFSSL_SESSION** sess;
if (wolfSSL_is_server(ssl))
sess = &twcase_server_first_session_ptr;
else
return TEST_SUCCESS;
if (*sess == NULL) {
ExpectNotNull(*sess = wolfSSL_get1_session(ssl));
/* Now save the session in the internal store to make it available
* for lookup. For TLS 1.3, we can't save the session without
* WOLFSSL_TICKET_HAVE_ID because there is no way to retrieve the
* session from cache. */
if (wolfSSL_is_server(ssl)
#ifndef WOLFSSL_TICKET_HAVE_ID
&& wolfSSL_version(ssl) != TLS1_3_VERSION
&& wolfSSL_version(ssl) != DTLS1_3_VERSION
#endif
) {
ExpectIntEQ(wolfSSL_CTX_add_session(wolfSSL_get_SSL_CTX(ssl),
*sess), WOLFSSL_SUCCESS);
}
}
/* Save CTX to be able to decrypt tickets */
if (twcase_server_current_ctx_ptr == NULL) {
ExpectNotNull(twcase_server_current_ctx_ptr = wolfSSL_get_SSL_CTX(ssl));
ExpectIntEQ(wolfSSL_CTX_up_ref(wolfSSL_get_SSL_CTX(ssl)),
WOLFSSL_SUCCESS);
}
#ifdef SESSION_CERTS
#ifndef WOLFSSL_TICKET_HAVE_ID
if (wolfSSL_version(ssl) != TLS1_3_VERSION &&
wolfSSL_session_reused(ssl))
#endif
{
/* With WOLFSSL_TICKET_HAVE_ID the peer certs should be available
* for all connections. TLS 1.3 only has tickets so if we don't
* include the session id in the ticket then the certificates
* will not be available on resumption. */
WOLFSSL_X509* peer = NULL;
ExpectNotNull(peer = wolfSSL_get_peer_certificate(ssl));
wolfSSL_X509_free(peer);
ExpectNotNull(wolfSSL_SESSION_get_peer_chain(*sess));
}
#endif
return EXPECT_RESULT();
}
static int twcase_client_sess_ctx_pre_shutdown(WOLFSSL* ssl)
{
EXPECT_DECLS;
WOLFSSL_SESSION** sess;
sess = &twcase_client_first_session_ptr;
if (*sess == NULL) {
ExpectNotNull(*sess = wolfSSL_get1_session(ssl));
}
else {
/* If we have a session retrieved then remaining connections should be
* resuming on that session */
ExpectIntEQ(wolfSSL_session_reused(ssl), 1);
}
#ifdef SESSION_CERTS
#ifndef WOLFSSL_TICKET_HAVE_ID
if (wolfSSL_version(ssl) != TLS1_3_VERSION &&
wolfSSL_session_reused(ssl))
#endif
{
WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl);
ExpectNotNull(peer);
wolfSSL_X509_free(peer);
ExpectNotNull(wolfSSL_SESSION_get_peer_chain(*sess));
#ifdef OPENSSL_EXTRA
ExpectNotNull(wolfSSL_SESSION_get0_peer(*sess));
#endif
}
#endif
return EXPECT_RESULT();
}
static int twcase_client_set_sess_ssl_ready(WOLFSSL* ssl)
{
EXPECT_DECLS;
/* Set the session to reuse for the client */
ExpectNotNull(ssl);
ExpectNotNull(twcase_client_first_session_ptr);
ExpectIntEQ(wolfSSL_set_session(ssl,twcase_client_first_session_ptr),
WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
struct test_add_session_ext_params {
method_provider client_meth;
method_provider server_meth;
const char* tls_version;
};
static int test_wolfSSL_CTX_add_session_ext(
struct test_add_session_ext_params* param)
{
EXPECT_DECLS;
/* Test the default 33 sessions */
int j;
/* Clear cache before starting */
wolfSSL_CTX_flush_sessions(NULL, -1);
XMEMSET(&server_sessionCache, 0, sizeof(hashTable));
if (wc_InitMutex(&server_sessionCache.htLock) != 0)
return BAD_MUTEX_E;
server_sessionCache.capacity = SESSION_CACHE_SIZE;
fprintf(stderr, "\tBegin %s\n", param->tls_version);
for (j = 0; j < 5; j++) {
int tls13 = XSTRSTR(param->tls_version, "TLSv1_3") != NULL;
int dtls = XSTRSTR(param->tls_version, "DTLS") != NULL;
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
(void)dtls;
/* Test five cache configurations */
twcase_client_first_session_ptr = NULL;
twcase_server_first_session_ptr = NULL;
twcase_server_current_ctx_ptr = NULL;
twcase_new_session_called = 0;
twcase_remove_session_called = 0;
twcase_get_session_called = 0;
/* connection 1 - first connection */
fprintf(stderr, "\tconnect: %s: j=%d\n", param->tls_version, j);
XMEMSET(&client_cb, 0, sizeof(client_cb));
XMEMSET(&server_cb, 0, sizeof(server_cb));
client_cb.method = param->client_meth;
server_cb.method = param->server_meth;
if (dtls)
client_cb.doUdp = server_cb.doUdp = 1;
/* Setup internal and external cache */
switch (j) {
case 0:
/* SSL_OP_NO_TICKET stateful ticket case */
server_cb.ctx_ready = twcase_cache_intOn_extOn_noTicket;
break;
case 1:
server_cb.ctx_ready = twcase_cache_intOn_extOn;
break;
case 2:
server_cb.ctx_ready = twcase_cache_intOff_extOn;
break;
case 3:
server_cb.ctx_ready = twcase_cache_intOn_extOff;
break;
case 4:
server_cb.ctx_ready = twcase_cache_intOff_extOff;
break;
}
client_cb.ctx_ready = twcase_cache_intOff_extOff;
/* Add session to internal cache and save SSL session for testing */
server_cb.on_result = twcase_server_sess_ctx_pre_shutdown;
/* Save client SSL session for testing */
client_cb.on_result = twcase_client_sess_ctx_pre_shutdown;
server_cb.ticNoInit = 1; /* Use default builtin */
/* Don't free/release ctx */
server_cb.ctx = twcase_server_current_ctx_ptr;
server_cb.isSharedCtx = 1;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
&server_cb, NULL), TEST_SUCCESS);
ExpectIntEQ(twcase_get_session_called, 0);
if (EXPECT_FAIL()) {
wolfSSL_SESSION_free(twcase_client_first_session_ptr);
wolfSSL_SESSION_free(twcase_server_first_session_ptr);
wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
break;
}
switch (j) {
case 0:
case 1:
case 2:
/* cache cannot be searched with out a connection */
/* Add a new session */
ExpectIntEQ(twcase_new_session_called, 1);
/* In twcase_server_sess_ctx_pre_shutdown
* wolfSSL_CTX_add_session which evicts the existing session
* in cache and adds it back in */
ExpectIntLE(twcase_remove_session_called, 1);
break;
case 3:
case 4:
/* no external cache */
ExpectIntEQ(twcase_new_session_called, 0);
ExpectIntEQ(twcase_remove_session_called, 0);
break;
}
/* connection 2 - session resume */
fprintf(stderr, "\tresume: %s: j=%d\n", param->tls_version, j);
twcase_new_session_called = 0;
twcase_remove_session_called = 0;
twcase_get_session_called = 0;
server_cb.on_result = 0;
client_cb.on_result = 0;
server_cb.ticNoInit = 1; /* Use default builtin */
server_cb.ctx = twcase_server_current_ctx_ptr;
/* try session resumption */
client_cb.ssl_ready = twcase_client_set_sess_ssl_ready;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
&server_cb, NULL), TEST_SUCCESS);
/* Clear cache before checking */
wolfSSL_CTX_flush_sessions(NULL, -1);
switch (j) {
case 0:
if (tls13) {
/* (D)TLSv1.3 stateful case */
/* cache hit */
/* DTLS accesses cache once for stateless parsing and
* once for stateful parsing */
ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
/* (D)TLSv1.3 creates a new ticket,
* updates both internal and external cache */
ExpectIntEQ(twcase_new_session_called, 1);
/* A new session ID is created for a new ticket */
ExpectIntEQ(twcase_remove_session_called, 2);
}
else {
/* non (D)TLSv1.3 case, no update */
/* DTLS accesses cache once for stateless parsing and
* once for stateful parsing */
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
#else
ExpectIntEQ(twcase_get_session_called, 1);
#endif
ExpectIntEQ(twcase_new_session_called, 0);
/* Called on session added in
* twcase_server_sess_ctx_pre_shutdown */
ExpectIntEQ(twcase_remove_session_called, 1);
}
break;
case 1:
if (tls13) {
/* (D)TLSv1.3 case */
/* cache hit */
ExpectIntEQ(twcase_get_session_called, 1);
/* (D)TLSv1.3 creates a new ticket,
* updates both internal and external cache */
ExpectIntEQ(twcase_new_session_called, 1);
/* Called on session added in
* twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
ExpectIntEQ(twcase_remove_session_called, 1);
}
else {
/* non (D)TLSv1.3 case */
/* cache hit */
/* DTLS accesses cache once for stateless parsing and
* once for stateful parsing */
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
#else
ExpectIntEQ(twcase_get_session_called, 1);
#endif
ExpectIntEQ(twcase_new_session_called, 0);
/* Called on session added in
* twcase_server_sess_ctx_pre_shutdown */
ExpectIntEQ(twcase_remove_session_called, 1);
}
break;
case 2:
if (tls13) {
/* (D)TLSv1.3 case */
/* cache hit */
ExpectIntEQ(twcase_get_session_called, 1);
/* (D)TLSv1.3 creates a new ticket,
* updates both internal and external cache */
ExpectIntEQ(twcase_new_session_called, 1);
/* Called on session added in
* twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
ExpectIntEQ(twcase_remove_session_called, 1);
}
else {
/* non (D)TLSv1.3 case */
/* cache hit */
/* DTLS accesses cache once for stateless parsing and
* once for stateful parsing */
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
#else
ExpectIntEQ(twcase_get_session_called, 1);
#endif
ExpectIntEQ(twcase_new_session_called, 0);
/* Called on session added in
* twcase_server_sess_ctx_pre_shutdown */
ExpectIntEQ(twcase_remove_session_called, 1);
}
break;
case 3:
case 4:
/* no external cache */
ExpectIntEQ(twcase_get_session_called, 0);
ExpectIntEQ(twcase_new_session_called, 0);
ExpectIntEQ(twcase_remove_session_called, 0);
break;
}
wolfSSL_SESSION_free(twcase_client_first_session_ptr);
wolfSSL_SESSION_free(twcase_server_first_session_ptr);
wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
if (EXPECT_FAIL())
break;
}
twcase_get_sessionCb_cleanup();
XMEMSET(&server_sessionCache.entries, 0,
sizeof(server_sessionCache.entries));
fprintf(stderr, "\tEnd %s\n", param->tls_version);
wc_FreeMutex(&server_sessionCache.htLock);
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_CTX_add_session_ext_tls13(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
struct test_add_session_ext_params param[1] = {
{ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" }
};
ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_session_ext_dtls13(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
#ifdef WOLFSSL_DTLS13
struct test_add_session_ext_params param[1] = {
{ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" }
};
ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
#endif
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_session_ext_tls12(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
#ifndef WOLFSSL_NO_TLS12
struct test_add_session_ext_params param[1] = {
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" }
};
ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_session_ext_dtls12(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
#ifndef WOLFSSL_NO_TLS12
#ifdef WOLFSSL_DTLS
struct test_add_session_ext_params param[1] = {
{ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" }
};
ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
#endif
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_session_ext_tls11(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
!defined(NO_DES3))
struct test_add_session_ext_params param[1] = {
{ wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" }
};
ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_session_ext_dtls1(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
defined(HAVE_SESSION_TICKET) && \
!defined(TITAN_SESSION_CACHE) && \
!defined(HUGE_SESSION_CACHE) && \
!defined(BIG_SESSION_CACHE) && \
!defined(MEDIUM_SESSION_CACHE)
#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
!defined(NO_DES3))
#ifdef WOLFSSL_DTLS
struct test_add_session_ext_params param[1] = {
{ wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" }
};
ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
#endif
#endif
#endif
return EXPECT_RESULT();
}
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
/* canned export of a session using older version 3 */
static unsigned char version_3[] = {
0xA5, 0xA3, 0x01, 0x88, 0x00, 0x3c, 0x00, 0x01,
0x00, 0x00, 0x00, 0x80, 0x0C, 0x00, 0x00, 0x00,
0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x00,
0x00, 0x01, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0x30,
0x05, 0x09, 0x0A, 0x01, 0x01, 0x00, 0x0D, 0x05,
0xFE, 0xFD, 0x01, 0x25, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x06, 0x00, 0x05, 0x00, 0x06, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
0x00, 0x06, 0x00, 0x01, 0x00, 0x07, 0x00, 0x00,
0x00, 0x30, 0x00, 0x00, 0x00, 0x10, 0x01, 0x01,
0x00, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x3F,
0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x05,
0x12, 0xCF, 0x22, 0xA1, 0x9F, 0x1C, 0x39, 0x1D,
0x31, 0x11, 0x12, 0x1D, 0x11, 0x18, 0x0D, 0x0B,
0xF3, 0xE1, 0x4D, 0xDC, 0xB1, 0xF1, 0x39, 0x98,
0x91, 0x6C, 0x48, 0xE5, 0xED, 0x11, 0x12, 0xA0,
0x00, 0xF2, 0x25, 0x4C, 0x09, 0x26, 0xD1, 0x74,
0xDF, 0x23, 0x40, 0x15, 0x6A, 0x42, 0x2A, 0x26,
0xA5, 0xAC, 0x56, 0xD5, 0x4A, 0x20, 0xB7, 0xE9,
0xEF, 0xEB, 0xAF, 0xA8, 0x1E, 0x23, 0x7C, 0x04,
0xAA, 0xA1, 0x6D, 0x92, 0x79, 0x7B, 0xFA, 0x80,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x0C, 0x79, 0x7B, 0xFA, 0x80, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xAA, 0xA1, 0x6D,
0x92, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x10, 0x00, 0x20, 0x00, 0x04, 0x00,
0x10, 0x00, 0x10, 0x08, 0x02, 0x05, 0x08, 0x01,
0x30, 0x28, 0x00, 0x00, 0x0F, 0x00, 0x02, 0x00,
0x09, 0x31, 0x32, 0x37, 0x2E, 0x30, 0x2E, 0x30,
0x2E, 0x31, 0xED, 0x4F
};
#endif /* defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) */
static int test_wolfSSL_dtls_export(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
callback_functions server_cbf;
callback_functions client_cbf;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
/* set using dtls */
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
server_cbf.method = wolfDTLSv1_2_server_method;
client_cbf.method = wolfDTLSv1_2_client_method;
server_args.callbacks = &server_cbf;
client_args.callbacks = &client_cbf;
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(run_wolfssl_server, &server_args, &serverThread);
wait_tcp_ready(&server_args);
run_wolfssl_client(&client_args);
join_thread(serverThread);
ExpectTrue(client_args.return_code);
ExpectTrue(server_args.return_code);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
if (EXPECT_SUCCESS()) {
SOCKET_T sockfd = 0;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
char msg[64] = "hello wolfssl!";
char reply[1024];
int msgSz = (int)XSTRLEN(msg);
byte *session, *window;
unsigned int sessionSz = 0;
unsigned int windowSz = 0;
#ifndef TEST_IPV6
struct sockaddr_in peerAddr;
#else
struct sockaddr_in6 peerAddr;
#endif /* TEST_IPV6 */
int i;
/* Set ctx to DTLS 1.2 */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* test importing version 3 */
ExpectIntGE(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0);
/* test importing bad length and bad version */
version_3[2] += 1;
ExpectIntLT(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0);
version_3[2] -= 1; version_3[1] = 0XA0;
ExpectIntLT(wolfSSL_dtls_import(ssl, version_3, sizeof(version_3)), 0);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
/* check storing client state after connection and storing window only */
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
/* set using dtls */
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
server_cbf.method = wolfDTLSv1_2_server_method;
server_cbf.doUdp = 1;
server_args.callbacks = &server_cbf;
server_args.argc = 3; /* set loop_count to 3 */
server_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
/* create and connect with client */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method()));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 1, 0, NULL);
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
/* store server information connected too */
XMEMSET(&peerAddr, 0, sizeof(peerAddr));
#ifndef TEST_IPV6
peerAddr.sin_family = AF_INET;
ExpectIntEQ(XINET_PTON(AF_INET, wolfSSLIP, &peerAddr.sin_addr),1);
peerAddr.sin_port = XHTONS(server_args.signal->port);
#else
peerAddr.sin6_family = AF_INET6;
ExpectIntEQ(
XINET_PTON(AF_INET6, wolfSSLIP, &peerAddr.sin6_addr),1);
peerAddr.sin6_port = XHTONS(server_args.signal->port);
#endif
ExpectIntEQ(wolfSSL_dtls_set_peer(ssl, &peerAddr, sizeof(peerAddr)),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_dtls_export(ssl, NULL, &sessionSz), 0);
session = (byte*)XMALLOC(sessionSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ExpectIntGT(wolfSSL_dtls_export(ssl, session, &sessionSz), 0);
ExpectIntEQ(wolfSSL_write(ssl, msg, msgSz), msgSz);
ExpectIntGT(wolfSSL_read(ssl, reply, sizeof(reply)), 0);
ExpectIntEQ(wolfSSL_dtls_export_state_only(ssl, NULL, &windowSz), 0);
window = (byte*)XMALLOC(windowSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ExpectIntGT(wolfSSL_dtls_export_state_only(ssl, window, &windowSz), 0);
wolfSSL_free(ssl);
for (i = 1; EXPECT_SUCCESS() && i < server_args.argc; i++) {
/* restore state */
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntGT(wolfSSL_dtls_import(ssl, session, sessionSz), 0);
ExpectIntGT(wolfSSL_dtls_import(ssl, window, windowSz), 0);
ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_dtls_set_peer(ssl, &peerAddr, sizeof(peerAddr)),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_write(ssl, msg, msgSz), msgSz);
ExpectIntGE(wolfSSL_read(ssl, reply, sizeof(reply)), 0);
ExpectIntGT(wolfSSL_dtls_export_state_only(ssl, window, &windowSz), 0);
wolfSSL_free(ssl);
}
XFREE(session, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(window, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_CTX_free(ctx);
fprintf(stderr, "done and waiting for server\n");
join_thread(serverThread);
ExpectIntEQ(server_args.return_code, TEST_SUCCESS);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
}
#endif
return EXPECT_RESULT();
}
#if defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_NO_TLS12)
#ifdef WOLFSSL_TLS13
static const byte canned_client_tls13_session[] = {
0xA7, 0xA4, 0x01, 0x18, 0x00, 0x41, 0x00, 0x00,
0x01, 0x00, 0x00, 0x80, 0x04, 0x00, 0x00, 0x00,
0x00, 0x80, 0x00, 0x1C, 0x01, 0x00, 0x00, 0x01,
0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01,
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13,
0x01, 0x0A, 0x0F, 0x10, 0x01, 0x02, 0x09, 0x00,
0x05, 0x00, 0x00, 0x00, 0x00, 0x03, 0x04, 0x00,
0xB7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x27, 0x00, 0x00, 0x00,
0x11, 0x01, 0x01, 0x00, 0x20, 0x84, 0x4F, 0x18,
0xD8, 0xC1, 0x24, 0xD8, 0xBB, 0x17, 0x9E, 0x31,
0xA3, 0xF8, 0xA7, 0x3C, 0xBA, 0xEC, 0xFA, 0xB4,
0x7F, 0xC5, 0x78, 0xEB, 0x6D, 0xE3, 0x2B, 0x7B,
0x94, 0xBE, 0x20, 0x11, 0x7E, 0x17, 0x10, 0xA7,
0x10, 0x19, 0xEC, 0x62, 0xCC, 0xBE, 0xF5, 0x01,
0x35, 0x3C, 0xEA, 0xEF, 0x44, 0x3C, 0x40, 0xA2,
0xBC, 0x18, 0x43, 0xA1, 0xA1, 0x65, 0x5C, 0x48,
0xE2, 0xF9, 0x38, 0xEB, 0x11, 0x10, 0x72, 0x7C,
0x78, 0x22, 0x13, 0x3B, 0x19, 0x40, 0xF0, 0x73,
0xBE, 0x96, 0x14, 0x78, 0x26, 0xB9, 0x6B, 0x2E,
0x72, 0x22, 0x0D, 0x90, 0x94, 0xDD, 0x78, 0x77,
0xFC, 0x0C, 0x2E, 0x63, 0x6E, 0xF0, 0x0C, 0x35,
0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0, 0x6F,
0x02, 0x3D, 0xC1, 0xD3, 0xB7, 0xEE, 0x3A, 0xA0,
0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C,
0x35, 0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0,
0x6F, 0x02, 0x3D, 0xC1, 0xD3, 0xB7, 0xEE, 0x3A,
0xA0, 0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06,
0x00, 0x10, 0x00, 0x10, 0x00, 0x0C, 0x00, 0x10,
0x00, 0x10, 0x07, 0x02, 0x04, 0x00, 0x00, 0x20,
0x28, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00,
0x00, 0x03
};
static const byte canned_server_tls13_session[] = {
0xA7, 0xA4, 0x01, 0x18, 0x00, 0x41, 0x01, 0x00,
0x01, 0x00, 0x00, 0x80, 0x04, 0x00, 0x00, 0x00,
0x00, 0x80, 0x00, 0x1C, 0x01, 0x00, 0x00, 0x00,
0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13,
0x01, 0x0A, 0x0F, 0x10, 0x01, 0x02, 0x00, 0x0F,
0x05, 0x00, 0x00, 0x00, 0x00, 0x03, 0x04, 0x00,
0xB7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x17, 0x00, 0x00, 0x00,
0x11, 0x01, 0x01, 0x00, 0x20, 0x84, 0x4F, 0x18,
0xD8, 0xC1, 0x24, 0xD8, 0xBB, 0x17, 0x9E, 0x31,
0xA3, 0xF8, 0xA7, 0x3C, 0xBA, 0xEC, 0xFA, 0xB4,
0x7F, 0xC5, 0x78, 0xEB, 0x6D, 0xE3, 0x2B, 0x7B,
0x94, 0xBE, 0x20, 0x11, 0x7E, 0x17, 0x10, 0xA7,
0x10, 0x19, 0xEC, 0x62, 0xCC, 0xBE, 0xF5, 0x01,
0x35, 0x3C, 0xEA, 0xEF, 0x44, 0x3C, 0x40, 0xA2,
0xBC, 0x18, 0x43, 0xA1, 0xA1, 0x65, 0x5C, 0x48,
0xE2, 0xF9, 0x38, 0xEB, 0x11, 0x10, 0x72, 0x7C,
0x78, 0x22, 0x13, 0x3B, 0x19, 0x40, 0xF0, 0x73,
0xBE, 0x96, 0x14, 0x78, 0x26, 0xB9, 0x6B, 0x2E,
0x72, 0x22, 0x0D, 0x90, 0x94, 0xDD, 0x78, 0x77,
0xFC, 0x0C, 0x2E, 0x63, 0x6E, 0xF0, 0x0C, 0x35,
0x41, 0xCD, 0xF3, 0x49, 0x31, 0x08, 0xD0, 0x6F,
0x02, 0x3D, 0xC1, 0xD3, 0xB7, 0xEE, 0x3A, 0xA0,
0x8E, 0xA1, 0x4D, 0xC3, 0x2E, 0x5E, 0x06, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C,
0xD3, 0xB7, 0xEE, 0x3A, 0xA0, 0x8E, 0xA1, 0x4D,
0xC3, 0x2E, 0x5E, 0x06, 0x35, 0x41, 0xCD, 0xF3,
0x49, 0x31, 0x08, 0xD0, 0x6F, 0x02, 0x3D, 0xC1,
0x00, 0x10, 0x00, 0x10, 0x00, 0x0C, 0x00, 0x10,
0x00, 0x10, 0x07, 0x02, 0x04, 0x00, 0x00, 0x20,
0x28, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00,
0x00, 0x04
};
#endif /* WOLFSSL_TLS13 */
static const byte canned_client_session[] = {
0xA7, 0xA4, 0x01, 0x40, 0x00, 0x41, 0x00, 0x00,
0x00, 0x00, 0x00, 0x80, 0x02, 0x00, 0x00, 0x00,
0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x01,
0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01,
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC0,
0x27, 0x0A, 0x0D, 0x10, 0x01, 0x01, 0x0A, 0x00,
0x05, 0x00, 0x01, 0x01, 0x01, 0x03, 0x03, 0x00,
0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x50, 0x00, 0x00, 0x00,
0x0A, 0x01, 0x01, 0x00, 0x20, 0x69, 0x11, 0x6D,
0x97, 0x15, 0x6E, 0x52, 0x27, 0xD6, 0x1D, 0x1D,
0xF5, 0x0D, 0x59, 0xA5, 0xAC, 0x2E, 0x8C, 0x0E,
0xCB, 0x26, 0x1E, 0xE2, 0xCE, 0xBB, 0xCE, 0xE1,
0x7D, 0xD7, 0xEF, 0xA5, 0x44, 0x80, 0x2A, 0xDE,
0xBB, 0x75, 0xB0, 0x1D, 0x75, 0x17, 0x20, 0x4C,
0x08, 0x05, 0x1B, 0xBA, 0x60, 0x1F, 0x6C, 0x91,
0x8C, 0xAA, 0xBB, 0xE5, 0xA3, 0x0B, 0x12, 0x3E,
0xC0, 0x35, 0x43, 0x1D, 0xE2, 0x10, 0xE2, 0x02,
0x92, 0x4B, 0x8F, 0x05, 0xA9, 0x4B, 0xCC, 0x90,
0xC3, 0x0E, 0xC2, 0x0F, 0xE9, 0x33, 0x85, 0x9B,
0x3C, 0x19, 0x21, 0xD5, 0x62, 0xE5, 0xE1, 0x17,
0x8F, 0x8C, 0x19, 0x52, 0xD8, 0x59, 0x10, 0x2D,
0x20, 0x6F, 0xBA, 0xC1, 0x1C, 0xD1, 0x82, 0xC7,
0x32, 0x1B, 0xBB, 0xCC, 0x30, 0x03, 0xD7, 0x3A,
0xC8, 0x18, 0xED, 0x58, 0xC8, 0x11, 0xFE, 0x71,
0x9C, 0x71, 0xD8, 0x6B, 0xE0, 0x25, 0x64, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10,
0x00, 0x00, 0x06, 0x01, 0x04, 0x08, 0x01, 0x20,
0x28, 0x00, 0x09, 0xE1, 0x50, 0x70, 0x02, 0x2F,
0x7E, 0xDA, 0xBD, 0x40, 0xC5, 0x58, 0x87, 0xCE,
0x43, 0xF3, 0xC5, 0x8F, 0xA1, 0x59, 0x93, 0xEF,
0x7E, 0xD3, 0xD0, 0xB5, 0x87, 0x1D, 0x81, 0x54,
0x14, 0x63, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00,
0x00, 0x03
};
static const byte canned_server_session[] = {
0xA7, 0xA4, 0x01, 0x40, 0x00, 0x41, 0x00, 0x00,
0x00, 0x00, 0x00, 0x80, 0x02, 0x00, 0x00, 0x00,
0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x00,
0x00, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC0,
0x27, 0x08, 0x0F, 0x10, 0x01, 0x01, 0x00, 0x11,
0x05, 0x00, 0x01, 0x01, 0x01, 0x03, 0x03, 0x00,
0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,
0x0A, 0x01, 0x01, 0x00, 0x20, 0x69, 0x11, 0x6D,
0x97, 0x15, 0x6E, 0x52, 0x27, 0xD6, 0x1D, 0x1D,
0xF5, 0x0D, 0x59, 0xA5, 0xAC, 0x2E, 0x8C, 0x0E,
0xCB, 0x26, 0x1E, 0xE2, 0xCE, 0xBB, 0xCE, 0xE1,
0x7D, 0xD7, 0xEF, 0xA5, 0x44, 0x80, 0x2A, 0xDE,
0xBB, 0x75, 0xB0, 0x1D, 0x75, 0x17, 0x20, 0x4C,
0x08, 0x05, 0x1B, 0xBA, 0x60, 0x1F, 0x6C, 0x91,
0x8C, 0xAA, 0xBB, 0xE5, 0xA3, 0x0B, 0x12, 0x3E,
0xC0, 0x35, 0x43, 0x1D, 0xE2, 0x10, 0xE2, 0x02,
0x92, 0x4B, 0x8F, 0x05, 0xA9, 0x4B, 0xCC, 0x90,
0xC3, 0x0E, 0xC2, 0x0F, 0xE9, 0x33, 0x85, 0x9B,
0x3C, 0x19, 0x21, 0xD5, 0x62, 0xE5, 0xE1, 0x17,
0x8F, 0x8C, 0x19, 0x52, 0xD8, 0x59, 0x10, 0x2D,
0x20, 0x6F, 0xBA, 0xC1, 0x1C, 0xD1, 0x82, 0xC7,
0x32, 0x1B, 0xBB, 0xCC, 0x30, 0x03, 0xD7, 0x3A,
0xC8, 0x18, 0xED, 0x58, 0xC8, 0x11, 0xFE, 0x71,
0x9C, 0x71, 0xD8, 0x6B, 0xE0, 0x25, 0x64, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10,
0x00, 0x00, 0x06, 0x01, 0x04, 0x08, 0x01, 0x20,
0x28, 0x00, 0xC5, 0x8F, 0xA1, 0x59, 0x93, 0xEF,
0x7E, 0xD3, 0xD0, 0xB5, 0x87, 0x1D, 0x81, 0x54,
0x14, 0x63, 0x09, 0xE1, 0x50, 0x70, 0x02, 0x2F,
0x7E, 0xDA, 0xBD, 0x40, 0xC5, 0x58, 0x87, 0xCE,
0x43, 0xF3, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00,
0x00, 0x04
};
static THREAD_RETURN WOLFSSL_THREAD tls_export_server(void* args)
{
SOCKET_T sockfd = 0;
SOCKET_T clientfd = 0;
word16 port;
callback_functions* cbf;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
char msg[] = "I hear you fa shizzle!";
char input[1024];
int idx;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
((func_args*)args)->return_code = TEST_FAIL;
cbf = ((func_args*)args)->callbacks;
#if defined(USE_WINDOWS_API)
port = ((func_args*)args)->signal->port;
#elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
!defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
/* Let tcp_listen assign port */
port = 0;
#else
/* Use default port */
port = wolfSSLPort;
#endif
/* do it here to detect failure */
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
CloseSocket(sockfd);
{
WOLFSSL_METHOD* method = NULL;
if (cbf != NULL && cbf->method != NULL) {
method = cbf->method();
}
else {
method = wolfTLSv1_2_server_method();
}
ctx = wolfSSL_CTX_new(method);
}
if (ctx == NULL) {
goto done;
}
wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-SHA256");
/* call ctx setup callback */
if (cbf != NULL && cbf->ctx_ready != NULL) {
cbf->ctx_ready(ctx);
}
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
goto done;
}
wolfSSL_set_fd(ssl, clientfd);
/* call ssl setup callback */
if (cbf != NULL && cbf->ssl_ready != NULL) {
cbf->ssl_ready(ssl);
}
idx = wolfSSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) {
input[idx] = '\0';
fprintf(stderr, "Client message export/import: %s\n", input);
}
else {
fprintf(stderr, "ret = %d error = %d\n", idx,
wolfSSL_get_error(ssl, idx));
goto done;
}
if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) {
/*err_sys("SSL_write failed");*/
WOLFSSL_RETURN_FROM_THREAD(0);
}
#ifdef WOLFSSL_TIRTOS
Task_yield();
#endif
((func_args*)args)->return_code = TEST_SUCCESS;
done:
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(clientfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
#if defined(OPENSSL_EXTRA) && defined(HAVE_AESGCM)
OpenSSLTicketCleanup();
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketCleanup();
#endif
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
static void load_tls12_canned_server(WOLFSSL* ssl)
{
int clientfd = wolfSSL_get_fd(ssl);
AssertIntEQ(wolfSSL_tls_import(ssl, canned_server_session,
sizeof(canned_server_session)), sizeof(canned_server_session));
wolfSSL_set_fd(ssl, clientfd);
}
#ifdef WOLFSSL_TLS13
static void load_tls13_canned_server(WOLFSSL* ssl)
{
int clientfd = wolfSSL_get_fd(ssl);
AssertIntEQ(wolfSSL_tls_import(ssl, canned_server_tls13_session,
sizeof(canned_server_tls13_session)),
sizeof(canned_server_tls13_session));
wolfSSL_set_fd(ssl, clientfd);
}
#endif
/* v is for version WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
static int test_wolfSSL_tls_export_run(int v)
{
EXPECT_DECLS;
SOCKET_T sockfd = 0;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
char msg[64] = "hello wolfssl!";
char reply[1024];
word32 replySz;
int msgSz = (int)XSTRLEN(msg);
const byte* clientSession = NULL;
int clientSessionSz = 0;
tcp_ready ready;
func_args server_args;
THREAD_TYPE serverThread;
callback_functions server_cbf;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
switch (v) {
case WOLFSSL_TLSV1_2:
server_cbf.method = wolfTLSv1_2_server_method;
server_cbf.ssl_ready = load_tls12_canned_server;
/* setup the client side */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-AES128-SHA256");
clientSession = canned_client_session;
clientSessionSz = sizeof(canned_client_session);
break;
#ifdef WOLFSSL_TLS13
case WOLFSSL_TLSV1_3:
server_cbf.method = wolfTLSv1_3_server_method;
server_cbf.ssl_ready = load_tls13_canned_server;
/* setup the client side */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
clientSession = canned_client_tls13_session;
clientSessionSz = sizeof(canned_client_tls13_session);
break;
#endif
}
server_args.callbacks = &server_cbf;
server_args.signal = &ready;
start_thread(tls_export_server, &server_args, &serverThread);
wait_tcp_ready(&server_args);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl);
ExpectIntEQ(wolfSSL_tls_import(ssl, clientSession, clientSessionSz),
clientSessionSz);
replySz = sizeof(reply);
ExpectIntGT(wolfSSL_tls_export(ssl, (byte*)reply, &replySz), 0);
#if !defined(NO_PSK) && defined(HAVE_ANON)
/* index 20 has is setting if PSK was on and 49 is if anon is allowed */
ExpectIntEQ(XMEMCMP(reply, clientSession, replySz), 0);
#endif
wolfSSL_set_fd(ssl, sockfd);
ExpectIntEQ(wolfSSL_write(ssl, msg, msgSz), msgSz);
ExpectIntGT(wolfSSL_read(ssl, reply, sizeof(reply)-1), 0);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(sockfd);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
join_thread(serverThread);
ExpectIntEQ(server_args.return_code, TEST_SUCCESS);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_tls_export(void)
{
int res = TEST_SKIPPED;
#if defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_NO_TLS12)
test_wolfSSL_tls_export_run(WOLFSSL_TLSV1_2);
#ifdef WOLFSSL_TLS13
test_wolfSSL_tls_export_run(WOLFSSL_TLSV1_3);
#endif
res = TEST_RES_CHECK(1);
#endif
return res;
}
/*----------------------------------------------------------------------------*
| TLS extensions tests
*----------------------------------------------------------------------------*/
#ifdef ENABLE_TLS_CALLBACK_TEST
/* Connection test runner - generic */
static void test_wolfSSL_client_server(callback_functions* client_callbacks,
callback_functions* server_callbacks)
{
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
StartTCP();
client_args.callbacks = client_callbacks;
server_args.callbacks = server_callbacks;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
/* RUN Server side */
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(run_wolfssl_server, &server_args, &serverThread);
wait_tcp_ready(&server_args);
/* RUN Client side */
run_wolfssl_client(&client_args);
join_thread(serverThread);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
client_callbacks->return_code = client_args.return_code;
server_callbacks->return_code = server_args.return_code;
}
#endif /* ENABLE_TLS_CALLBACK_TEST */
#ifdef HAVE_SNI
static int test_wolfSSL_UseSNI_params(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* invalid [ctx|ssl] */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(NULL, 0, "ctx", 3));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( NULL, 0, "ssl", 3));
/* invalid type */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, -1, "ctx", 3));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, -1, "ssl", 3));
/* invalid data */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, 0, NULL, 3));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, 0, NULL, 3));
/* success case */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSNI(ctx, 0, "ctx", 3));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI( ssl, 0, "ssl", 3));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
/* BEGIN of connection tests callbacks */
static void use_SNI_at_ctx(WOLFSSL_CTX* ctx)
{
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, "www.wolfssl.com", 15));
}
static void use_SNI_at_ssl(WOLFSSL* ssl)
{
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "www.wolfssl.com", 15));
}
static void different_SNI_at_ssl(WOLFSSL* ssl)
{
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "ww2.wolfssl.com", 15));
}
static void use_SNI_WITH_CONTINUE_at_ssl(WOLFSSL* ssl)
{
use_SNI_at_ssl(ssl);
wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME,
WOLFSSL_SNI_CONTINUE_ON_MISMATCH);
}
static void use_SNI_WITH_FAKE_ANSWER_at_ssl(WOLFSSL* ssl)
{
use_SNI_at_ssl(ssl);
wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME,
WOLFSSL_SNI_ANSWER_ON_MISMATCH);
}
static void use_MANDATORY_SNI_at_ctx(WOLFSSL_CTX* ctx)
{
use_SNI_at_ctx(ctx);
wolfSSL_CTX_SNI_SetOptions(ctx, WOLFSSL_SNI_HOST_NAME,
WOLFSSL_SNI_ABORT_ON_ABSENCE);
}
static void use_MANDATORY_SNI_at_ssl(WOLFSSL* ssl)
{
use_SNI_at_ssl(ssl);
wolfSSL_SNI_SetOptions(ssl, WOLFSSL_SNI_HOST_NAME,
WOLFSSL_SNI_ABORT_ON_ABSENCE);
}
static void use_PSEUDO_MANDATORY_SNI_at_ctx(WOLFSSL_CTX* ctx)
{
use_SNI_at_ctx(ctx);
wolfSSL_CTX_SNI_SetOptions(ctx, WOLFSSL_SNI_HOST_NAME,
WOLFSSL_SNI_ANSWER_ON_MISMATCH | WOLFSSL_SNI_ABORT_ON_ABSENCE);
}
static void verify_UNKNOWN_SNI_on_server(WOLFSSL* ssl)
{
AssertIntEQ(UNKNOWN_SNI_HOST_NAME_E, wolfSSL_get_error(ssl, 0));
}
static void verify_SNI_ABSENT_on_server(WOLFSSL* ssl)
{
AssertIntEQ(SNI_ABSENT_ERROR, wolfSSL_get_error(ssl, 0));
}
static void verify_SNI_no_matching(WOLFSSL* ssl)
{
byte type = WOLFSSL_SNI_HOST_NAME;
void* request = (void*) &type; /* to be overwritten */
AssertIntEQ(WOLFSSL_SNI_NO_MATCH, wolfSSL_SNI_Status(ssl, type));
AssertNotNull(request);
AssertIntEQ(0, wolfSSL_SNI_GetRequest(ssl, type, &request));
AssertNull(request);
}
static void verify_SNI_real_matching(WOLFSSL* ssl)
{
byte type = WOLFSSL_SNI_HOST_NAME;
void* request = NULL;
AssertIntEQ(WOLFSSL_SNI_REAL_MATCH, wolfSSL_SNI_Status(ssl, type));
AssertIntEQ(15, wolfSSL_SNI_GetRequest(ssl, type, &request));
AssertNotNull(request);
AssertStrEQ("www.wolfssl.com", (char*)request);
}
static void verify_SNI_fake_matching(WOLFSSL* ssl)
{
byte type = WOLFSSL_SNI_HOST_NAME;
void* request = NULL;
AssertIntEQ(WOLFSSL_SNI_FAKE_MATCH, wolfSSL_SNI_Status(ssl, type));
AssertIntEQ(15, wolfSSL_SNI_GetRequest(ssl, type, &request));
AssertNotNull(request);
AssertStrEQ("ww2.wolfssl.com", (char*)request);
}
static void verify_FATAL_ERROR_on_client(WOLFSSL* ssl)
{
AssertIntEQ(FATAL_ERROR, wolfSSL_get_error(ssl, 0));
}
/* END of connection tests callbacks */
static int test_wolfSSL_UseSNI_connection(void)
{
int res = TEST_SKIPPED;
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
callback_functions client_cb;
callback_functions server_cb;
size_t i;
#ifdef WOLFSSL_STATIC_MEMORY
byte cliMem[TEST_TLS_STATIC_MEMSZ];
byte svrMem[TEST_TLS_STATIC_MEMSZ];
#endif
struct {
method_provider client_meth;
method_provider server_meth;
#ifdef WOLFSSL_STATIC_MEMORY
wolfSSL_method_func client_meth_ex;
wolfSSL_method_func server_meth_ex;
#endif
} methods[] = {
#if defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_TLS13)
{wolfSSLv23_client_method, wolfSSLv23_server_method
#ifdef WOLFSSL_STATIC_MEMORY
,wolfSSLv23_client_method_ex, wolfSSLv23_server_method_ex
#endif
},
#endif
#ifndef WOLFSSL_NO_TLS12
{wolfTLSv1_2_client_method, wolfTLSv1_2_server_method
#ifdef WOLFSSL_STATIC_MEMORY
,wolfTLSv1_2_client_method_ex, wolfTLSv1_2_server_method_ex
#endif
},
#endif
#ifdef WOLFSSL_TLS13
{wolfTLSv1_3_client_method, wolfTLSv1_3_server_method
#ifdef WOLFSSL_STATIC_MEMORY
,wolfTLSv1_3_client_method_ex, wolfTLSv1_3_server_method_ex
#endif
},
#endif
};
size_t methodsSz = sizeof(methods) / sizeof(*methods);
for (i = 0; i < methodsSz; i++) {
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
client_cb.method = methods[i].client_meth;
server_cb.method = methods[i].server_meth;
client_cb.devId = testDevId;
server_cb.devId = testDevId;
#ifdef WOLFSSL_STATIC_MEMORY
client_cb.method_ex = methods[i].client_meth_ex;
server_cb.method_ex = methods[i].server_meth_ex;
client_cb.mem = cliMem;
client_cb.memSz = (word32)sizeof(cliMem);
server_cb.mem = svrMem;
server_cb.memSz = (word32)sizeof(svrMem);;
#endif
/* success case at ctx */
fprintf(stderr, "\n\tsuccess case at ctx\n");
client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
server_cb.ctx_ready = use_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* success case at ssl */
fprintf(stderr, "\tsuccess case at ssl\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_SNI_at_ssl; client_cb.on_result = verify_SNI_real_matching;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_real_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* default mismatch behavior */
fprintf(stderr, "\tdefault mismatch behavior\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = verify_FATAL_ERROR_on_client;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_UNKNOWN_SNI_on_server;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* continue on mismatch */
fprintf(stderr, "\tcontinue on mismatch\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_cb.on_result = verify_SNI_no_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* fake answer on mismatch */
fprintf(stderr, "\tfake answer on mismatch\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_cb.on_result = verify_SNI_fake_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* sni abort - success */
fprintf(stderr, "\tsni abort - success\n");
client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* sni abort - abort when absent (ctx) */
fprintf(stderr, "\tsni abort - abort when absent (ctx)\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* sni abort - abort when absent (ssl) */
fprintf(stderr, "\tsni abort - abort when absent (ssl)\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_MANDATORY_SNI_at_ssl; server_cb.on_result = verify_SNI_ABSENT_on_server;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* sni abort - success when overwritten */
fprintf(stderr, "\tsni abort - success when overwritten\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_no_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* sni abort - success when allowing mismatches */
fprintf(stderr, "\tsni abort - success when allowing mismatches\n");
client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
server_cb.ctx_ready = use_PSEUDO_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_fake_matching;
test_wolfSSL_client_server(&client_cb, &server_cb);
}
res = TEST_RES_CHECK(1);
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
return res;
}
static int test_wolfSSL_SNI_GetFromBuffer(void)
{
EXPECT_DECLS;
byte buff[] = { /* www.paypal.com */
0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c,
0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca,
0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5,
0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b,
0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21,
0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77,
0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00,
0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
};
byte buff2[] = { /* api.textmate.org */
0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52,
0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b,
0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f,
0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff,
0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08,
0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12,
0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04,
0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d,
0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35,
0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16,
0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b,
0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b,
0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72,
0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00,
0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00,
0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03
};
byte buff3[] = { /* no sni extension */
0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea,
0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c,
0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4,
0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b,
0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a,
0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
};
byte buff4[] = { /* last extension has zero size */
0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00,
0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
0x00, 0x28, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e,
0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0xc0, 0x07, 0xc0, 0x11,
0x00, 0x33, 0x00, 0x32, 0x00, 0x39, 0x00, 0x9c, 0x00, 0x2f, 0x00, 0x35,
0x00, 0x0a, 0x00, 0x05, 0x00, 0x04, 0x01, 0x00, 0x00, 0x65, 0xff, 0x01,
0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00,
0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00,
0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, 0x1b, 0x00, 0x19, 0x06,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f,
0x33, 0x2e, 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
0x75, 0x50, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x01, 0x05, 0x01, 0x02,
0x01, 0x04, 0x03, 0x05, 0x03, 0x02, 0x03, 0x04, 0x02, 0x02, 0x02, 0x00,
0x12, 0x00, 0x00
};
byte buff5[] = { /* SSL v2.0 client hello */
0x00, 0x2b, 0x01, 0x03, 0x01, 0x00, 0x09, 0x00, 0x00,
/* dummy bytes below, just to pass size check */
0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
};
byte result[32] = {0};
word32 length = 32;
ExpectIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff4, sizeof(buff4),
0, result, &length));
ExpectIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff3, sizeof(buff3),
0, result, &length));
ExpectIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff2, sizeof(buff2),
1, result, &length));
ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff),
0, result, &length));
buff[0] = 0x16;
ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff),
0, result, &length));
buff[1] = 0x03;
ExpectIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buff,
sizeof(buff), 0, result, &length));
buff[2] = 0x03;
ExpectIntEQ(INCOMPLETE_DATA, wolfSSL_SNI_GetFromBuffer(buff,
sizeof(buff), 0, result, &length));
buff[4] = 0x64;
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff),
0, result, &length));
if (EXPECT_SUCCESS())
result[length] = 0;
ExpectStrEQ("www.paypal.com", (const char*) result);
length = 32;
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buff2, sizeof(buff2),
0, result, &length));
if (EXPECT_SUCCESS())
result[length] = 0;
ExpectStrEQ("api.textmate.org", (const char*) result);
/* SSL v2.0 tests */
ExpectIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buff5,
sizeof(buff5), 0, result, &length));
buff5[2] = 0x02;
ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5,
sizeof(buff5), 0, result, &length));
buff5[2] = 0x01; buff5[6] = 0x08;
ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5,
sizeof(buff5), 0, result, &length));
buff5[6] = 0x09; buff5[8] = 0x01;
ExpectIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5,
sizeof(buff5), 0, result, &length));
return EXPECT_RESULT();
}
#endif /* HAVE_SNI */
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
/* Dummy peer functions to satisfy the exporter/importer */
static int test_wolfSSL_dtls_export_peers_get_peer(WOLFSSL* ssl, char* ip,
int* ipSz, unsigned short* port, int* fam)
{
(void)ssl;
ip[0] = -1;
*ipSz = 1;
*port = 1;
*fam = 2;
return 1;
}
static int test_wolfSSL_dtls_export_peers_set_peer(WOLFSSL* ssl, char* ip,
int ipSz, unsigned short port, int fam)
{
(void)ssl;
if (ip[0] != -1 || ipSz != 1 || port != 1 || fam != 2)
return 0;
return 1;
}
static int test_wolfSSL_dtls_export_peers_on_handshake(WOLFSSL_CTX **ctx,
WOLFSSL **ssl)
{
EXPECT_DECLS;
unsigned char* sessionBuf = NULL;
unsigned int sessionSz = 0;
void* ioWriteCtx = wolfSSL_GetIOWriteCtx(*ssl);
void* ioReadCtx = wolfSSL_GetIOReadCtx(*ssl);
wolfSSL_CTX_SetIOGetPeer(*ctx, test_wolfSSL_dtls_export_peers_get_peer);
wolfSSL_CTX_SetIOSetPeer(*ctx, test_wolfSSL_dtls_export_peers_set_peer);
ExpectIntGE(wolfSSL_dtls_export(*ssl, NULL, &sessionSz), 0);
ExpectNotNull(sessionBuf =
(unsigned char*)XMALLOC(sessionSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntGE(wolfSSL_dtls_export(*ssl, sessionBuf, &sessionSz), 0);
wolfSSL_free(*ssl);
*ssl = NULL;
ExpectNotNull(*ssl = wolfSSL_new(*ctx));
ExpectIntGE(wolfSSL_dtls_import(*ssl, sessionBuf, sessionSz), 0);
wolfSSL_SetIOWriteCtx(*ssl, ioWriteCtx);
wolfSSL_SetIOReadCtx(*ssl, ioReadCtx);
XFREE(sessionBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_dtls_export_peers(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
size_t i, j;
struct test_params {
method_provider client_meth;
method_provider server_meth;
const char* dtls_version;
} params[] = {
#ifndef NO_OLD_TLS
{wolfDTLSv1_client_method, wolfDTLSv1_server_method, "1.0"},
#endif
{wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "1.2"},
/* TODO DTLS 1.3 exporting not supported
#ifdef WOLFSSL_DTLS13
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "1.3"},
#endif
*/
};
for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
for (j = 0; j <= 0b11; j++) {
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
printf("\n\tTesting DTLS %s connection;", params[i].dtls_version);
client_cbf.method = params[i].client_meth;
server_cbf.method = params[i].server_meth;
if (j & 0b01) {
client_cbf.on_handshake =
test_wolfSSL_dtls_export_peers_on_handshake;
printf(" With client export;");
}
if (j & 0b10) {
server_cbf.on_handshake =
test_wolfSSL_dtls_export_peers_on_handshake;
printf(" With server export;");
}
printf("\n");
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
if (!EXPECT_SUCCESS())
break;
}
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_UseTrustedCA(void)
{
EXPECT_DECLS;
#if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
&& !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
byte id[20];
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
#else
ExpectNotNull((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())));
#endif
ExpectNotNull((ssl = wolfSSL_new(ctx)));
XMEMSET(id, 0, sizeof(id));
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(NULL, 0, NULL, 0));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_CERT_SHA1+1, NULL, 0));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_CERT_SHA1, NULL, 0));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_CERT_SHA1, id, 5));
#ifdef NO_SHA
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_KEY_SHA1, id, sizeof(id)));
#endif
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_X509_NAME, id, 0));
/* success cases */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_PRE_AGREED, NULL, 0));
#ifndef NO_SHA
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_KEY_SHA1, id, sizeof(id)));
#endif
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTrustedCA(ssl,
WOLFSSL_TRUSTED_CA_X509_NAME, id, 5));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* HAVE_TRUSTED_CA */
return EXPECT_RESULT();
}
static int test_wolfSSL_UseMaxFragment(void)
{
EXPECT_DECLS;
#if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#else
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
#endif
WOLFSSL *ssl = NULL;
#ifdef OPENSSL_EXTRA
int (*UseMaxFragment)(SSL *s, unsigned char mode);
int (*CTX_UseMaxFragment)(SSL_CTX *c, unsigned char mode);
#else
int (*UseMaxFragment)(WOLFSSL *s, unsigned char mode);
int (*CTX_UseMaxFragment)(WOLFSSL_CTX *c, unsigned char mode);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
#endif
ExpectNotNull(ctx);
ExpectNotNull(ssl = wolfSSL_new(ctx));
#ifdef OPENSSL_EXTRA
CTX_UseMaxFragment = SSL_CTX_set_tlsext_max_fragment_length;
UseMaxFragment = SSL_set_tlsext_max_fragment_length;
#else
UseMaxFragment = wolfSSL_UseMaxFragment;
CTX_UseMaxFragment = wolfSSL_CTX_UseMaxFragment;
#endif
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(NULL, WOLFSSL_MFL_2_9));
ExpectIntNE(WOLFSSL_SUCCESS, UseMaxFragment( NULL, WOLFSSL_MFL_2_9));
ExpectIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MIN-1));
ExpectIntNE(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_MAX+1));
ExpectIntNE(WOLFSSL_SUCCESS, UseMaxFragment(ssl, WOLFSSL_MFL_MIN-1));
ExpectIntNE(WOLFSSL_SUCCESS, UseMaxFragment(ssl, WOLFSSL_MFL_MAX+1));
/* success case */
#ifdef OPENSSL_EXTRA
ExpectIntEQ(BAD_FUNC_ARG, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8));
#else
ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_8));
#endif
ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_9));
ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_10));
ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_11));
ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_12));
#ifdef OPENSSL_EXTRA
ExpectIntEQ(BAD_FUNC_ARG, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13));
ExpectIntEQ(BAD_FUNC_ARG, UseMaxFragment( ssl, WOLFSSL_MFL_2_8));
#else
ExpectIntEQ(WOLFSSL_SUCCESS, CTX_UseMaxFragment(ctx, WOLFSSL_MFL_2_13));
ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_8));
#endif
ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_9));
ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_10));
ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_11));
ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_12));
#ifdef OPENSSL_EXTRA
ExpectIntEQ(BAD_FUNC_ARG, UseMaxFragment( ssl, WOLFSSL_MFL_2_13));
#else
ExpectIntEQ(WOLFSSL_SUCCESS, UseMaxFragment( ssl, WOLFSSL_MFL_2_13));
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#if defined(OPENSSL_EXTRA) && defined(HAVE_MAX_FRAGMENT) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
/* check negotiated max fragment size */
{
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntEQ(wolfSSL_UseMaxFragment(ssl_c, WOLFSSL_MFL_2_8),
WOLFSSL_SUCCESS);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
#ifndef NO_SESSION_CACHE
ExpectIntEQ(SSL_SESSION_get_max_fragment_length(
wolfSSL_get_session(ssl_c)), WOLFSSL_MFL_2_8);
#endif
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
}
#endif
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_UseTruncatedHMAC(void)
{
EXPECT_DECLS;
#if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#else
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
#endif
WOLFSSL *ssl = NULL;
ExpectNotNull(ctx);
#ifndef NO_WOLFSSL_SERVER
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM));
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(NULL));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(NULL));
/* success case */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseTruncatedHMAC(ssl));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_UseSupportedCurve(void)
{
EXPECT_DECLS;
#if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS,
wolfSSL_CTX_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP256R1));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSupportedCurve(ctx, 0));
ExpectIntNE(WOLFSSL_SUCCESS,
wolfSSL_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP256R1));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSupportedCurve(ssl, 0));
/* success case */
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP256R1));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
static void verify_ALPN_FATAL_ERROR_on_client(WOLFSSL* ssl)
{
AssertIntEQ(UNKNOWN_ALPN_PROTOCOL_NAME_E, wolfSSL_get_error(ssl, 0));
}
static void use_ALPN_all(WOLFSSL* ssl)
{
/* http/1.1,spdy/1,spdy/2,spdy/3 */
char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, alpn_list, sizeof(alpn_list),
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
}
static void use_ALPN_all_continue(WOLFSSL* ssl)
{
/* http/1.1,spdy/1,spdy/2,spdy/3 */
char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, alpn_list, sizeof(alpn_list),
WOLFSSL_ALPN_CONTINUE_ON_MISMATCH));
}
static void use_ALPN_one(WOLFSSL* ssl)
{
/* spdy/2 */
char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto),
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
}
static void use_ALPN_unknown(WOLFSSL* ssl)
{
/* http/2.0 */
char proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x32, 0x2e, 0x30};
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto),
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
}
static void use_ALPN_unknown_continue(WOLFSSL* ssl)
{
/* http/2.0 */
char proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x32, 0x2e, 0x30};
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, proto, sizeof(proto),
WOLFSSL_ALPN_CONTINUE_ON_MISMATCH));
}
static void verify_ALPN_not_matching_spdy3(WOLFSSL* ssl)
{
/* spdy/3 */
char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
char *proto = NULL;
word16 protoSz = 0;
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
/* check value */
AssertIntNE(1, sizeof(nego_proto) == protoSz);
if (proto) {
AssertIntNE(0, XMEMCMP(nego_proto, proto, sizeof(nego_proto)));
}
}
static void verify_ALPN_not_matching_continue(WOLFSSL* ssl)
{
char *proto = NULL;
word16 protoSz = 0;
AssertIntEQ(WOLFSSL_ALPN_NOT_FOUND,
wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
/* check value */
AssertIntEQ(1, (0 == protoSz));
AssertIntEQ(1, (NULL == proto));
}
static void verify_ALPN_matching_http1(WOLFSSL* ssl)
{
/* http/1.1 */
char nego_proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
char *proto;
word16 protoSz = 0;
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
/* check value */
AssertIntEQ(1, sizeof(nego_proto) == protoSz);
AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz));
}
static void verify_ALPN_matching_spdy2(WOLFSSL* ssl)
{
/* spdy/2 */
char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
char *proto;
word16 protoSz = 0;
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
/* check value */
AssertIntEQ(1, sizeof(nego_proto) == protoSz);
AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz));
}
static void verify_ALPN_client_list(WOLFSSL* ssl)
{
/* http/1.1,spdy/1,spdy/2,spdy/3 */
char alpn_list[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x31, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x32, 0x2c,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
char *clist = NULL;
word16 clistSz = 0;
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_GetPeerProtocol(ssl, &clist,
&clistSz));
/* check value */
AssertIntEQ(1, sizeof(alpn_list) == clistSz);
AssertIntEQ(0, XMEMCMP(alpn_list, clist, clistSz));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_FreePeerProtocol(ssl, &clist));
}
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
/* ALPN select callback, success with spdy/2 */
static int select_ALPN_spdy2(WOLFSSL *ssl, const unsigned char **out,
unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg)
{
/* spdy/2 */
const char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
(void)ssl;
(void)arg;
/* adding +1 since LEN byte comes first */
if (inlen < sizeof(proto) + 1) {
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
if (XMEMCMP(in + 1, proto, sizeof(proto)) == 0) {
*out = in + 1;
*outlen = (unsigned char)sizeof(proto);
return SSL_TLSEXT_ERR_OK;
}
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
/* ALPN select callback, force failure */
static int select_ALPN_failure(WOLFSSL *ssl, const unsigned char **out,
unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg)
{
(void)ssl;
(void)out;
(void)outlen;
(void)in;
(void)inlen;
(void)arg;
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
static void use_ALPN_spdy2_callback(WOLFSSL* ssl)
{
wolfSSL_set_alpn_select_cb(ssl, select_ALPN_spdy2, NULL);
}
static void use_ALPN_failure_callback(WOLFSSL* ssl)
{
wolfSSL_set_alpn_select_cb(ssl, select_ALPN_failure, NULL);
}
#endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY | QUIC */
static int test_wolfSSL_UseALPN_connection(void)
{
int res = TEST_SKIPPED;
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
callback_functions client_cb;
callback_functions server_cb;
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
client_cb.method = wolfSSLv23_client_method;
server_cb.method = wolfSSLv23_server_method;
client_cb.devId = testDevId;
server_cb.devId = testDevId;
/* success case same list */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = verify_ALPN_matching_http1;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* success case only one for server */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_one; server_cb.on_result = verify_ALPN_matching_spdy2;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* success case only one for client */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_one; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = verify_ALPN_matching_spdy2;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* success case none for client */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = NULL;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* success case mismatch behavior but option 'continue' set */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all_continue; client_cb.on_result = verify_ALPN_not_matching_continue;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_unknown_continue; server_cb.on_result = NULL;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* success case read protocol send by client */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_one; server_cb.on_result = verify_ALPN_client_list;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* mismatch behavior with same list
* the first and only this one must be taken */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_all; server_cb.on_result = verify_ALPN_not_matching_spdy3;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* default mismatch behavior */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_ALPN_all; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_unknown; server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client;
test_wolfSSL_client_server(&client_cb, &server_cb);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
/* WOLFSSL-level ALPN select callback tests */
/* Callback: success (one protocol, spdy/2) */
client_cb.ctx_ready = NULL;
client_cb.ssl_ready = use_ALPN_one;
client_cb.on_result = verify_ALPN_matching_spdy2;
server_cb.ctx_ready = NULL;
server_cb.ssl_ready = use_ALPN_spdy2_callback;
server_cb.on_result = verify_ALPN_matching_spdy2;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* Callback: failure (one client protocol, spdy/2) */
client_cb.ctx_ready = NULL;
client_cb.ssl_ready = use_ALPN_one;
client_cb.on_result = NULL;
server_cb.ctx_ready = NULL;
server_cb.ssl_ready = use_ALPN_failure_callback;
server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client;
test_wolfSSL_client_server(&client_cb, &server_cb);
#endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY */
res = TEST_RES_CHECK(1);
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
return res;
}
static int test_wolfSSL_UseALPN_params(void)
{
EXPECT_DECLS;
#ifndef NO_WOLFSSL_CLIENT
/* "http/1.1" */
char http1[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
/* "spdy/1" */
char spdy1[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x31};
/* "spdy/2" */
char spdy2[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
/* "spdy/3" */
char spdy3[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
char buff[256];
word32 idx;
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS,
wolfSSL_UseALPN(NULL, http1, sizeof(http1),
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, NULL, 0,
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
/* success case */
/* http1 only */
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_UseALPN(ssl, http1, sizeof(http1),
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
/* http1, spdy1 */
XMEMCPY(buff, http1, sizeof(http1));
idx = sizeof(http1);
buff[idx++] = ',';
XMEMCPY(buff+idx, spdy1, sizeof(spdy1));
idx += sizeof(spdy1);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx,
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
/* http1, spdy2, spdy1 */
XMEMCPY(buff, http1, sizeof(http1));
idx = sizeof(http1);
buff[idx++] = ',';
XMEMCPY(buff+idx, spdy2, sizeof(spdy2));
idx += sizeof(spdy2);
buff[idx++] = ',';
XMEMCPY(buff+idx, spdy1, sizeof(spdy1));
idx += sizeof(spdy1);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx,
WOLFSSL_ALPN_FAILED_ON_MISMATCH));
/* spdy3, http1, spdy2, spdy1 */
XMEMCPY(buff, spdy3, sizeof(spdy3));
idx = sizeof(spdy3);
buff[idx++] = ',';
XMEMCPY(buff+idx, http1, sizeof(http1));
idx += sizeof(http1);
buff[idx++] = ',';
XMEMCPY(buff+idx, spdy2, sizeof(spdy2));
idx += sizeof(spdy2);
buff[idx++] = ',';
XMEMCPY(buff+idx, spdy1, sizeof(spdy1));
idx += sizeof(spdy1);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseALPN(ssl, buff, idx,
WOLFSSL_ALPN_CONTINUE_ON_MISMATCH));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#endif /* HAVE_ALPN */
#ifdef HAVE_ALPN_PROTOS_SUPPORT
static void CTX_set_alpn_protos(SSL_CTX *ctx)
{
unsigned char p[] = {
8, 'h', 't', 't', 'p', '/', '1', '.', '1',
6, 's', 'p', 'd', 'y', '/', '2',
6, 's', 'p', 'd', 'y', '/', '1',
};
unsigned char p_len = sizeof(p);
int ret;
ret = SSL_CTX_set_alpn_protos(ctx, p, p_len);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
AssertIntEQ(ret, 0);
#else
AssertIntEQ(ret, SSL_SUCCESS);
#endif
}
static void set_alpn_protos(SSL* ssl)
{
unsigned char p[] = {
6, 's', 'p', 'd', 'y', '/', '3',
8, 'h', 't', 't', 'p', '/', '1', '.', '1',
6, 's', 'p', 'd', 'y', '/', '2',
6, 's', 'p', 'd', 'y', '/', '1',
};
unsigned char p_len = sizeof(p);
int ret;
ret = SSL_set_alpn_protos(ssl, p, p_len);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
AssertIntEQ(ret, 0);
#else
AssertIntEQ(ret, SSL_SUCCESS);
#endif
}
static void verify_alpn_matching_spdy3(WOLFSSL* ssl)
{
/* "spdy/3" */
char nego_proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x33};
const unsigned char *proto;
unsigned int protoSz = 0;
SSL_get0_alpn_selected(ssl, &proto, &protoSz);
/* check value */
AssertIntEQ(1, sizeof(nego_proto) == protoSz);
AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz));
}
static void verify_alpn_matching_http1(WOLFSSL* ssl)
{
/* "http/1.1" */
char nego_proto[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
const unsigned char *proto;
unsigned int protoSz = 0;
SSL_get0_alpn_selected(ssl, &proto, &protoSz);
/* check value */
AssertIntEQ(1, sizeof(nego_proto) == protoSz);
AssertIntEQ(0, XMEMCMP(nego_proto, proto, protoSz));
}
static int test_wolfSSL_set_alpn_protos(void)
{
int res = TEST_SKIPPED;
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
callback_functions client_cb;
callback_functions server_cb;
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
client_cb.method = wolfSSLv23_client_method;
server_cb.method = wolfSSLv23_server_method;
client_cb.devId = testDevId;
server_cb.devId = testDevId;
/* use CTX_alpn_protos */
client_cb.ctx_ready = CTX_set_alpn_protos; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
server_cb.ctx_ready = CTX_set_alpn_protos; server_cb.ssl_ready = NULL; server_cb.on_result = verify_alpn_matching_http1;
test_wolfSSL_client_server(&client_cb, &server_cb);
/* use set_alpn_protos */
client_cb.ctx_ready = NULL; client_cb.ssl_ready = set_alpn_protos; client_cb.on_result = NULL;
server_cb.ctx_ready = NULL; server_cb.ssl_ready = set_alpn_protos; server_cb.on_result = verify_alpn_matching_spdy3;
test_wolfSSL_client_server(&client_cb, &server_cb);
res = TEST_SUCCESS;
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
return res;
}
#endif /* HAVE_ALPN_PROTOS_SUPPORT */
static int test_wolfSSL_DisableExtendedMasterSecret(void)
{
EXPECT_DECLS;
#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(NULL));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(NULL));
/* success cases */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(ssl));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
{
EXPECT_DECLS;
#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(NULL));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(NULL));
/* success cases */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
/* Test reconnecting with a different ciphersuite after a renegotiation. */
static int test_wolfSSL_SCR_Reconnect(void)
{
EXPECT_DECLS;
#if defined(HAVE_SECURE_RENEGOTIATION) && \
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) && \
defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
byte data;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
test_ctx.c_ciphers = "ECDHE-RSA-AES256-GCM-SHA384";
test_ctx.s_ciphers =
"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305";
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(ctx_c));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_UseSecureRenegotiation(ctx_s));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl_c));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSecureRenegotiation(ssl_s));
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
/* WOLFSSL_FATAL_ERROR since it will block */
ExpectIntEQ(wolfSSL_Rehandshake(ssl_s), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_read(ssl_c, &data, 1), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
ssl_c = NULL;
wolfSSL_free(ssl_s);
ssl_s = NULL;
wolfSSL_CTX_free(ctx_c);
ctx_c = NULL;
test_ctx.c_ciphers = "ECDHE-RSA-CHACHA20-POLY1305";
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_s);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_s);
wolfSSL_CTX_free(ctx_c);
#endif
return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \
(!defined(NO_RSA) || defined(HAVE_ECC))
/* Called when writing. */
static int DummySend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
(void)ssl;
(void)buf;
(void)sz;
(void)ctx;
/* Force error return from wolfSSL_accept_TLSv13(). */
return WANT_WRITE;
}
/* Called when reading. */
static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
WOLFSSL_BUFFER_INFO* msg = (WOLFSSL_BUFFER_INFO*)ctx;
int len = (int)msg->length;
(void)ssl;
(void)sz;
/* Pass back as much of message as will fit in buffer. */
if (len > sz)
len = sz;
XMEMCPY(buf, msg->buffer, len);
/* Move over returned data. */
msg->buffer += len;
msg->length -= len;
/* Amount actually copied. */
return len;
}
#endif
/* Test the detection of duplicate known TLS extensions.
* Specifically in a ClientHello.
*/
static int test_tls_ext_duplicate(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \
!defined(NO_FILESYSTEM)
const unsigned char clientHelloDupTlsExt[] = {
0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00,
0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
0x6e, 0xab, 0x66, 0xdd, 0xcf, 0xe9, 0x65, 0x55,
0xe8, 0xdf, 0xc3, 0x8e, 0x4b, 0x00, 0xbc, 0xf8,
0x23, 0x57, 0x1b, 0xa0, 0xc8, 0xa9, 0xe2, 0x8c,
0x91, 0x6e, 0xf9, 0x20, 0xf7, 0x5c, 0xc5, 0x5b,
0x75, 0x8c, 0x47, 0x0a, 0x0e, 0xc4, 0x1a, 0xda,
0xef, 0x75, 0xe5, 0x21, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x13, 0x01,
0x00, 0x9e, 0x01, 0x00,
/* Extensions - duplicate signature algorithms. */
0x00, 0x19, 0x00, 0x0d,
0x00, 0x04, 0x00, 0x02, 0x04, 0x01, 0x00, 0x0d,
0x00, 0x04, 0x00, 0x02, 0x04, 0x01,
/* Supported Versions extension for TLS 1.3. */
0x00, 0x2b,
0x00, 0x05, 0x04, 0x03, 0x04, 0x03, 0x03
};
WOLFSSL_BUFFER_INFO msg;
const char* testCertFile;
const char* testKeyFile;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#endif
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
/* Read from 'msg'. */
wolfSSL_SetIORecv(ctx, BufferInfoRecv);
/* No where to send to - dummy sender. */
wolfSSL_SetIOSend(ctx, DummySend);
ssl = wolfSSL_new(ctx);
ExpectNotNull(ssl);
msg.buffer = (unsigned char*)clientHelloDupTlsExt;
msg.length = (unsigned int)sizeof(clientHelloDupTlsExt);
wolfSSL_SetIOReadCtx(ssl, &msg);
ExpectIntNE(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
/* can return duplicate ext error or socket error if the peer closed down
* while sending alert */
if (wolfSSL_get_error(ssl, 0) != SOCKET_ERROR_E) {
ExpectIntEQ(wolfSSL_get_error(ssl, 0), DUPLICATE_TLS_EXT_E);
}
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| X509 Tests
*----------------------------------------------------------------------------*/
static int test_wolfSSL_X509_NAME_get_entry(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA)
#if defined(OPENSSL_ALL) || \
(defined(OPENSSL_EXTRA) && \
(defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)))
/* use openssl like name to test mapping */
X509_NAME_ENTRY* ne = NULL;
X509_NAME* name = NULL;
X509* x509 = NULL;
#ifndef NO_FILESYSTEM
ASN1_STRING* asn = NULL;
char* subCN = NULL;
#endif
int idx = 0;
ASN1_OBJECT *object = NULL;
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_NGINX)
#ifndef NO_BIO
BIO* bio = NULL;
#endif
#endif
#ifndef NO_FILESYSTEM
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = X509_get_subject_name(x509));
ExpectIntGE(idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1), 0);
ExpectNotNull(ne = X509_NAME_get_entry(name, idx));
ExpectNotNull(asn = X509_NAME_ENTRY_get_data(ne));
ExpectNotNull(subCN = (char*)ASN1_STRING_data(asn));
wolfSSL_FreeX509(x509);
x509 = NULL;
#endif
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = X509_get_subject_name(x509));
ExpectIntGE(idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1), 0);
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_NGINX)
#ifndef NO_BIO
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(bio, name, 4,
(XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_NAME_print_ex_fp(stderr, name, 4,
(XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS);
BIO_free(bio);
#endif
#endif
ExpectNotNull(ne = X509_NAME_get_entry(name, idx));
ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne));
wolfSSL_FreeX509(x509);
#endif /* OPENSSL_ALL || (OPENSSL_EXTRA && (KEEP_PEER_CERT || SESSION_CERTS) */
#endif /* !NO_CERTS && !NO_RSA */
return EXPECT_RESULT();
}
/* Testing functions dealing with PKCS12 parsing out X509 certs */
static int test_wolfSSL_PKCS12(void)
{
EXPECT_DECLS;
/* .p12 file is encrypted with DES3 */
#ifndef HAVE_FIPS /* Password used in cert "wolfSSL test" is only 12-bytes
* (96-bit) FIPS mode requires Minimum of 14-byte (112-bit)
* Password Key
*/
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
!defined(NO_STDIO_FILESYSTEM) && \
!defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \
!defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO)
byte buf[6000];
char file[] = "./certs/test-servercert.p12";
char order[] = "./certs/ecc-rsa-server.p12";
#ifdef WC_RC2
char rc2p12[] = "./certs/test-servercert-rc2.p12";
#endif
char pass[] = "a password";
const char goodPsw[] = "wolfSSL test";
const char badPsw[] = "bad";
#ifdef HAVE_ECC
WOLFSSL_X509_NAME *subject = NULL;
WOLFSSL_X509 *x509 = NULL;
#endif
XFILE f = XBADFILE;
int bytes = 0, ret = 0, goodPswLen = 0, badPswLen = 0;
WOLFSSL_BIO *bio = NULL;
WOLFSSL_EVP_PKEY *pkey = NULL;
WC_PKCS12 *pkcs12 = NULL;
WC_PKCS12 *pkcs12_2 = NULL;
WOLFSSL_X509 *cert = NULL;
WOLFSSL_X509 *tmp = NULL;
WOLF_STACK_OF(WOLFSSL_X509) *ca = NULL;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \
|| defined(WOLFSSL_NGINX)) && defined(SESSION_CERTS)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
WOLF_STACK_OF(WOLFSSL_X509) *tmp_ca = NULL;
#endif
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
goodPswLen = (int)XSTRLEN(goodPsw);
badPswLen = (int)XSTRLEN(badPsw);
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(BIO_write(bio, buf, bytes), bytes); /* d2i consumes BIO */
ExpectNotNull(d2i_PKCS12_bio(bio, &pkcs12));
ExpectNotNull(pkcs12);
BIO_free(bio);
bio = NULL;
/* check verify MAC directly */
ExpectIntEQ(ret = PKCS12_verify_mac(pkcs12, goodPsw, goodPswLen), 1);
/* check verify MAC fail case directly */
ExpectIntEQ(ret = PKCS12_verify_mac(pkcs12, badPsw, badPswLen), 0);
/* check verify MAC fail case */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL), 0);
ExpectNull(pkey);
ExpectNull(cert);
/* check parse with no extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL),
1);
ExpectNotNull(pkey);
ExpectNotNull(cert);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
wolfSSL_X509_free(cert);
cert = NULL;
/* check parse with extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
1);
ExpectNotNull(pkey);
ExpectNotNull(cert);
ExpectNotNull(ca);
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \
|| defined(WOLFSSL_NGINX)) && defined(SESSION_CERTS)
/* Check that SSL_CTX_set0_chain correctly sets the certChain buffer */
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_WOLFSSL_CLIENT) && defined(SESSION_CERTS)
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
/* Copy stack structure */
ExpectNotNull(tmp_ca = X509_chain_up_ref(ca));
ExpectIntEQ(SSL_CTX_set0_chain(ctx, tmp_ca), 1);
/* CTX now owns the tmp_ca stack structure */
tmp_ca = NULL;
ExpectIntEQ(wolfSSL_CTX_get_extra_chain_certs(ctx, &tmp_ca), 1);
ExpectNotNull(tmp_ca);
ExpectIntEQ(sk_X509_num(tmp_ca), sk_X509_num(ca));
/* Check that the main cert is also set */
ExpectNotNull(SSL_CTX_get0_certificate(ctx));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectNotNull(SSL_get_certificate(ssl));
SSL_free(ssl);
SSL_CTX_free(ctx);
ctx = NULL;
#endif
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
/* should be 2 other certs on stack */
ExpectNotNull(tmp = sk_X509_pop(ca));
X509_free(tmp);
ExpectNotNull(tmp = sk_X509_pop(ca));
X509_free(tmp);
ExpectNull(sk_X509_pop(ca));
EVP_PKEY_free(pkey);
pkey = NULL;
X509_free(cert);
cert = NULL;
sk_X509_pop_free(ca, X509_free);
ca = NULL;
/* check PKCS12_create */
ExpectNull(PKCS12_create(pass, NULL, NULL, NULL, NULL, -1, -1, -1, -1,0));
ExpectIntEQ(PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
SSL_SUCCESS);
ExpectNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, ca,
-1, -1, 100, -1, 0)));
EVP_PKEY_free(pkey);
pkey = NULL;
X509_free(cert);
cert = NULL;
sk_X509_pop_free(ca, NULL);
ca = NULL;
ExpectIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
SSL_SUCCESS);
PKCS12_free(pkcs12_2);
pkcs12_2 = NULL;
ExpectNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, ca,
NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
2000, 1, 0)));
EVP_PKEY_free(pkey);
pkey = NULL;
X509_free(cert);
cert = NULL;
sk_X509_pop_free(ca, NULL);
ca = NULL;
/* convert to DER then back and parse */
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(i2d_PKCS12_bio(bio, pkcs12_2), SSL_SUCCESS);
PKCS12_free(pkcs12_2);
pkcs12_2 = NULL;
ExpectNotNull(pkcs12_2 = d2i_PKCS12_bio(bio, NULL));
BIO_free(bio);
bio = NULL;
ExpectIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
SSL_SUCCESS);
/* should be 2 other certs on stack */
ExpectNotNull(tmp = sk_X509_pop(ca));
X509_free(tmp);
ExpectNotNull(tmp = sk_X509_pop(ca));
X509_free(tmp);
ExpectNull(sk_X509_pop(ca));
#ifndef NO_RC4
PKCS12_free(pkcs12_2);
pkcs12_2 = NULL;
ExpectNotNull((pkcs12_2 = PKCS12_create(pass, NULL, pkey, cert, NULL,
NID_pbe_WithSHA1And128BitRC4,
NID_pbe_WithSHA1And128BitRC4,
2000, 1, 0)));
EVP_PKEY_free(pkey);
pkey = NULL;
X509_free(cert);
cert = NULL;
sk_X509_pop_free(ca, NULL);
ca = NULL;
ExpectIntEQ(PKCS12_parse(pkcs12_2, "a password", &pkey, &cert, &ca),
SSL_SUCCESS);
#endif /* NO_RC4 */
EVP_PKEY_free(pkey);
pkey = NULL;
X509_free(cert);
cert = NULL;
PKCS12_free(pkcs12);
pkcs12 = NULL;
PKCS12_free(pkcs12_2);
pkcs12_2 = NULL;
sk_X509_pop_free(ca, NULL);
ca = NULL;
#ifdef HAVE_ECC
/* test order of parsing */
ExpectTrue((f = XFOPEN(order, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
ExpectNotNull(pkcs12 = d2i_PKCS12_bio(bio, NULL));
ExpectIntEQ((ret = PKCS12_parse(pkcs12, "", &pkey, &cert, &ca)),
WOLFSSL_SUCCESS);
/* check use of pkey after parse */
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) || defined(WOLFSSL_HAPROXY) \
|| defined(WOLFSSL_NGINX)) && defined(SESSION_CERTS)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_WOLFSSL_CLIENT) && defined(SESSION_CERTS)
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
ExpectIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), WOLFSSL_SUCCESS);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
ExpectNotNull(pkey);
ExpectNotNull(cert);
ExpectNotNull(ca);
/* compare subject lines of certificates */
ExpectNotNull(subject = wolfSSL_X509_get_subject_name(cert));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(eccRsaCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
(const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
X509_free(x509);
x509 = NULL;
/* test expected fail case */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(eccCertFile,
SSL_FILETYPE_PEM));
ExpectIntNE(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
(const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
X509_free(x509);
x509 = NULL;
X509_free(cert);
cert = NULL;
/* get subject line from ca stack */
ExpectNotNull(cert = sk_X509_pop(ca));
ExpectNotNull(subject = wolfSSL_X509_get_subject_name(cert));
/* compare subject from certificate in ca to expected */
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(eccCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
(const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
/* modify case and compare subject from certificate in ca to expected.
* The first bit of the name is:
* /C=US/ST=Washington
* So we'll change subject->name[1] to 'c' (lower case) */
if (subject != NULL) {
subject->name[1] = 'c';
ExpectIntEQ(wolfSSL_X509_NAME_cmp((const WOLFSSL_X509_NAME*)subject,
(const WOLFSSL_X509_NAME*)wolfSSL_X509_get_subject_name(x509)), 0);
}
EVP_PKEY_free(pkey);
pkey = NULL;
X509_free(x509);
x509 = NULL;
X509_free(cert);
cert = NULL;
BIO_free(bio);
bio = NULL;
PKCS12_free(pkcs12);
pkcs12 = NULL;
sk_X509_pop_free(ca, NULL); /* TEST d2i_PKCS12_fp */
ca = NULL;
/* test order of parsing */
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectNotNull(pkcs12 = d2i_PKCS12_fp(f, NULL));
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
/* check verify MAC fail case */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL), 0);
ExpectNull(pkey);
ExpectNull(cert);
/* check parse with no extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL),
1);
ExpectNotNull(pkey);
ExpectNotNull(cert);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
wolfSSL_X509_free(cert);
cert = NULL;
/* check parse with extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
1);
ExpectNotNull(pkey);
ExpectNotNull(cert);
ExpectNotNull(ca);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
wolfSSL_X509_free(cert);
cert = NULL;
sk_X509_pop_free(ca, NULL);
ca = NULL;
PKCS12_free(pkcs12);
pkcs12 = NULL;
#endif /* HAVE_ECC */
#ifdef WC_RC2
/* test PKCS#12 with RC2 encryption */
ExpectTrue((f = XFOPEN(rc2p12, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
ExpectNotNull(pkcs12 = d2i_PKCS12_bio(bio, NULL));
/* check verify MAC fail case */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "bad", &pkey, &cert, NULL), 0);
ExpectNull(pkey);
ExpectNull(cert);
/* check parse with not extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL),
WOLFSSL_SUCCESS);
ExpectNotNull(pkey);
ExpectNotNull(cert);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
wolfSSL_X509_free(cert);
cert = NULL;
/* check parse with extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
WOLFSSL_SUCCESS);
ExpectNotNull(pkey);
ExpectNotNull(cert);
ExpectNotNull(ca);
wolfSSL_EVP_PKEY_free(pkey);
wolfSSL_X509_free(cert);
sk_X509_pop_free(ca, NULL);
BIO_free(bio);
bio = NULL;
PKCS12_free(pkcs12);
pkcs12 = NULL;
#endif /* WC_RC2 */
/* Test i2d_PKCS12_bio */
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectNotNull(pkcs12 = d2i_PKCS12_fp(f, NULL));
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(ret = i2d_PKCS12_bio(bio, pkcs12), 1);
ExpectIntEQ(ret = i2d_PKCS12_bio(NULL, pkcs12), 0);
ExpectIntEQ(ret = i2d_PKCS12_bio(bio, NULL), 0);
PKCS12_free(pkcs12);
BIO_free(bio);
(void)order;
#endif /* OPENSSL_EXTRA */
#endif /* HAVE_FIPS */
return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \
defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3) && !defined(NO_PWDBASED) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_MD5)
#define TEST_PKCS8_ENC
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \
&& defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS)
/* used to keep track if FailTestCallback was called */
static int failTestCallbackCalled = 0;
static WC_INLINE int FailTestCallBack(char* passwd, int sz, int rw, void* userdata)
{
(void)passwd;
(void)sz;
(void)rw;
(void)userdata;
/* mark called, test_wolfSSL_no_password_cb() will check and fail if set */
failTestCallbackCalled = 1;
return -1;
}
#endif
static int test_wolfSSL_no_password_cb(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \
&& defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS)
WOLFSSL_CTX* ctx = NULL;
byte buff[FOURK_BUF];
const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der";
const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem";
XFILE f = XBADFILE;
int bytes = 0;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLS_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLS_server_method()));
#endif
wolfSSL_CTX_set_default_passwd_cb(ctx, FailTestCallBack);
ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntLE(bytes, sizeof(buff));
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectIntLE(bytes, sizeof(buff));
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
/* Password callback should not be called by default */
ExpectIntEQ(failTestCallbackCalled, 0);
#endif
return EXPECT_RESULT();
}
#ifdef TEST_PKCS8_ENC
/* for PKCS8 test case */
static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata)
{
int flag = 0;
(void)rw;
if (userdata != NULL) {
flag = *((int*)userdata); /* user set data */
}
switch (flag) {
case 1: /* flag set for specific WOLFSSL_CTX structure, note userdata
* can be anything the user wishes to be passed to the callback
* associated with the WOLFSSL_CTX */
XSTRNCPY(passwd, "yassl123", sz);
return 8;
default:
return BAD_FUNC_ARG;
}
}
#endif /* TEST_PKCS8_ENC */
/* Testing functions dealing with PKCS8 */
static int test_wolfSSL_PKCS8(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \
!defined(WOLFCRYPT_ONLY)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
byte buff[FOURK_BUF];
byte der[FOURK_BUF];
#ifndef NO_RSA
const char serverKeyPkcs8PemFile[] = "./certs/server-keyPkcs8.pem";
const char serverKeyPkcs8DerFile[] = "./certs/server-keyPkcs8.der";
#endif
const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem";
#ifdef HAVE_ECC
const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der";
#endif
XFILE f = XBADFILE;
int bytes = 0;
WOLFSSL_CTX* ctx = NULL;
#if defined(HAVE_ECC) && !defined(NO_CODING) && !defined(WOLFSSL_NO_PEM)
int ret;
ecc_key key;
word32 x = 0;
#endif
#ifdef TEST_PKCS8_ENC
#if !defined(NO_RSA) && !defined(NO_SHA)
const char serverKeyPkcs8EncPemFile[] = "./certs/server-keyPkcs8Enc.pem";
const char serverKeyPkcs8EncDerFile[] = "./certs/server-keyPkcs8Enc.der";
#endif
#if defined(HAVE_ECC) && !defined(NO_SHA)
const char eccPkcs8EncPrivKeyPemFile[] = "./certs/ecc-keyPkcs8Enc.pem";
const char eccPkcs8EncPrivKeyDerFile[] = "./certs/ecc-keyPkcs8Enc.der";
#endif
int flag;
#endif
(void)der;
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#endif
#else
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
#endif
#ifdef TEST_PKCS8_ENC
wolfSSL_CTX_set_default_passwd_cb(ctx, PKCS8TestCallBack);
wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&flag);
flag = 1; /* used by password callback as return code */
#if !defined(NO_RSA) && !defined(NO_SHA)
/* test loading PEM PKCS8 encrypted file */
ExpectTrue((f = XFOPEN(serverKeyPkcs8EncPemFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
/* this next case should fail because of password callback return code */
flag = 0; /* used by password callback as return code */
ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
/* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */
ExpectIntGT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der),
"yassl123"), 0);
/* test that error value is returned with a bad password */
ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der),
"bad"), 0);
/* test loading PEM PKCS8 encrypted file */
ExpectTrue((f = XFOPEN(serverKeyPkcs8EncDerFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
flag = 1; /* used by password callback as return code */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* this next case should fail because of password callback return code */
flag = 0; /* used by password callback as return code */
ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#endif /* !NO_RSA && !NO_SHA */
#if defined(HAVE_ECC) && !defined(NO_SHA)
/* test loading PEM PKCS8 encrypted ECC Key file */
ExpectTrue((f = XFOPEN(eccPkcs8EncPrivKeyPemFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
flag = 1; /* used by password callback as return code */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
/* this next case should fail because of password callback return code */
flag = 0; /* used by password callback as return code */
ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
/* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */
ExpectIntGT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der),
"yassl123"), 0);
/* test that error value is returned with a bad password */
ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der),
"bad"), 0);
/* test loading DER PKCS8 encrypted ECC Key file */
ExpectTrue((f = XFOPEN(eccPkcs8EncPrivKeyDerFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
flag = 1; /* used by password callback as return code */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* this next case should fail because of password callback return code */
flag = 0; /* used by password callback as return code */
ExpectIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* leave flag as "okay" */
flag = 1;
#endif /* HAVE_ECC && !NO_SHA */
#endif /* TEST_PKCS8_ENC */
#ifndef NO_RSA
/* test loading ASN.1 (DER) PKCS8 private key file (not encrypted) */
ExpectTrue((f = XFOPEN(serverKeyPkcs8DerFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* test loading PEM PKCS8 private key file (not encrypted) */
ExpectTrue((f = XFOPEN(serverKeyPkcs8PemFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#endif /* !NO_RSA */
/* Test PKCS8 PEM ECC key no crypt */
ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
#ifdef HAVE_ECC
/* Test PKCS8 PEM ECC key no crypt */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#if !defined(NO_CODING) && !defined(WOLFSSL_NO_PEM)
/* decrypt PKCS8 PEM to key in DER format */
ExpectIntGT((bytes = wc_KeyPemToDer(buff, bytes, der,
(word32)sizeof(der), NULL)), 0);
ret = wc_ecc_init(&key);
if (ret == 0) {
ret = wc_EccPrivateKeyDecode(der, &x, &key, (word32)bytes);
wc_ecc_free(&key);
}
ExpectIntEQ(ret, 0);
#endif
/* Test PKCS8 DER ECC key no crypt */
ExpectTrue((f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
/* Test using a PKCS8 ECC PEM */
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#else
/* if HAVE_ECC is not defined then BEGIN EC PRIVATE KEY is not found */
ExpectIntEQ((bytes = wc_KeyPemToDer(buff, bytes, der,
(word32)sizeof(der), NULL)), ASN_NO_PEM_HEADER);
#endif /* HAVE_ECC */
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* !NO_FILESYSTEM && !NO_ASN && HAVE_PKCS8 */
return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_ED25519(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED25519) && \
defined(HAVE_ED25519_KEY_IMPORT)
const byte encPrivKey[] = \
"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
"MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAheCGLmWGh7+AICCAAw\n"
"DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEC4L5P6GappsTyhOOoQfvh8EQJMX\n"
"OAdlsYKCOcFo4djg6AI1lRdeBRwVFWkha7gBdoCJOzS8wDvTbYcJMPvANu5ft3nl\n"
"2L9W4v7swXkV+X+a1ww=\n"
"-----END ENCRYPTED PRIVATE KEY-----\n";
const char password[] = "abcdefghijklmnopqrstuvwxyz";
byte der[FOURK_BUF];
WOLFSSL_CTX* ctx = NULL;
int bytes;
XMEMSET(der, 0, sizeof(der));
ExpectIntGT((bytes = wc_KeyPemToDer(encPrivKey, sizeof(encPrivKey), der,
(word32)sizeof(der), password)), 0);
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, der, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_ED448(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED448) && \
defined(HAVE_ED448_KEY_IMPORT)
const byte encPrivKey[] = \
"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
"MIGrMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAjSbZKnG4EPggICCAAw\n"
"DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEFvCFWBBHBlJBsYleBJlJWcEUNC7\n"
"Tf5pZviT5Btar4D/MNg6BsQHSDf5KW4ix871EsgDY2Zz+euaoWspiMntz7gU+PQu\n"
"T/JJcbD2Ly8BbE3l5WHMifAQqNLxJBfXrHkfYtAo\n"
"-----END ENCRYPTED PRIVATE KEY-----\n";
const char password[] = "abcdefghijklmnopqrstuvwxyz";
byte der[FOURK_BUF];
WOLFSSL_CTX* ctx = NULL;
int bytes;
XMEMSET(der, 0, sizeof(der));
ExpectIntGT((bytes = wc_KeyPemToDer(encPrivKey, sizeof(encPrivKey), der,
(word32)sizeof(der), password)), 0);
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, der, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
/* Testing functions dealing with PKCS5 */
static int test_wolfSSL_PKCS5(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
#ifdef HAVE_FIPS /* Password minimum length is 14 (112-bit) in FIPS MODE */
const char* passwd = "myfipsPa$$W0rd";
#else
const char *passwd = "pass1234";
#endif
const unsigned char *salt = (unsigned char *)"salt1234";
unsigned char *out = (unsigned char *)XMALLOC(WC_SHA_DIGEST_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
int ret = 0;
ExpectNotNull(out);
ExpectIntEQ(ret = PKCS5_PBKDF2_HMAC_SHA1(passwd,(int)XSTRLEN(passwd), salt,
(int)XSTRLEN((const char *) salt), 10, WC_SHA_DIGEST_SIZE,out),
WOLFSSL_SUCCESS);
#ifdef WOLFSSL_SHA512
ExpectIntEQ(ret = PKCS5_PBKDF2_HMAC(passwd,(int)XSTRLEN(passwd), salt,
(int)XSTRLEN((const char *) salt), 10, wolfSSL_EVP_sha512(),
WC_SHA_DIGEST_SIZE, out), SSL_SUCCESS);
#endif
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SHA) */
return EXPECT_RESULT();
}
/* test parsing URI from certificate */
static int test_wolfSSL_URI(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
&& (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \
defined(OPENSSL_EXTRA))
WOLFSSL_X509* x509 = NULL;
const char uri[] = "./certs/client-uri-cert.pem";
const char urn[] = "./certs/client-absolute-urn.pem";
const char badUri[] = "./certs/client-relative-uri.pem";
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(uri,
WOLFSSL_FILETYPE_PEM));
wolfSSL_FreeX509(x509);
x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(urn,
WOLFSSL_FILETYPE_PEM));
wolfSSL_FreeX509(x509);
x509 = NULL;
#if !defined(IGNORE_NAME_CONSTRAINTS) && !defined(WOLFSSL_NO_ASN_STRICT) \
&& !defined(WOLFSSL_FPKI)
ExpectNull(x509 = wolfSSL_X509_load_certificate_file(badUri,
WOLFSSL_FILETYPE_PEM));
#else
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(badUri,
WOLFSSL_FILETYPE_PEM));
#endif
wolfSSL_FreeX509(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_TBS(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
&& defined(OPENSSL_EXTRA)
WOLFSSL_X509* x509 = NULL;
const unsigned char* tbs;
int tbsSz;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectNull(tbs = wolfSSL_X509_get_tbs(NULL, &tbsSz));
ExpectNull(tbs = wolfSSL_X509_get_tbs(x509, NULL));
ExpectNotNull(tbs = wolfSSL_X509_get_tbs(x509, &tbsSz));
ExpectIntEQ(tbsSz, 1003);
wolfSSL_FreeX509(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_verify(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
defined(OPENSSL_EXTRA)
WOLFSSL_X509* ca = NULL;
WOLFSSL_X509* serv = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
unsigned char buf[2048];
const unsigned char* pt = NULL;
int bufSz;
ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(caCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntNE(wolfSSL_X509_get_pubkey_buffer(NULL, buf, &bufSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, NULL, &bufSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(bufSz, 294);
bufSz = 2048;
ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, buf, &bufSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_get_pubkey_type(NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_X509_get_pubkey_type(ca), RSAk);
ExpectNotNull(serv = wolfSSL_X509_load_certificate_file(svrCertFile,
WOLFSSL_FILETYPE_PEM));
/* success case */
pt = buf;
ExpectNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz));
ExpectIntEQ(i2d_PUBKEY(pkey, NULL), bufSz);
ExpectIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_SUCCESS);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
/* fail case */
bufSz = 2048;
ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(serv, buf, &bufSz),
WOLFSSL_SUCCESS);
pt = buf;
ExpectNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz));
ExpectIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_X509_verify(NULL, pkey), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_X509_verify(serv, NULL), WOLFSSL_FATAL_ERROR);
wolfSSL_EVP_PKEY_free(pkey);
wolfSSL_FreeX509(ca);
wolfSSL_FreeX509(serv);
#endif
return EXPECT_RESULT();
}
#if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
/* create certificate with version 2 */
static int test_set_x509_badversion(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
WOLFSSL_X509 *x509 = NULL, *x509v2 = NULL;
WOLFSSL_EVP_PKEY *priv = NULL, *pub = NULL;
unsigned char *der = NULL, *key = NULL, *pt;
char *header = NULL, *name = NULL;
int derSz;
long keySz;
XFILE fp = XBADFILE;
WOLFSSL_ASN1_TIME *notBefore = NULL, *notAfter = NULL;
time_t t;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue((fp = XFOPEN(cliKeyFile, "rb")) != XBADFILE);
ExpectIntEQ(wolfSSL_PEM_read(fp, &name, &header, &key, &keySz),
WOLFSSL_SUCCESS);
if (fp != XBADFILE)
XFCLOSE(fp);
pt = key;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, keySz));
/* create the version 2 certificate */
ExpectNotNull(x509v2 = X509_new());
ExpectIntEQ(wolfSSL_X509_set_version(x509v2, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_subject_name(x509v2,
wolfSSL_X509_get_subject_name(x509)), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509v2,
wolfSSL_X509_get_issuer_name(x509)), WOLFSSL_SUCCESS);
ExpectNotNull(pub = wolfSSL_X509_get_pubkey(x509));
ExpectIntEQ(X509_set_pubkey(x509v2, pub), WOLFSSL_SUCCESS);
t = time(NULL);
ExpectNotNull(notBefore = wolfSSL_ASN1_TIME_adj(NULL, t, 0, 0));
ExpectNotNull(notAfter = wolfSSL_ASN1_TIME_adj(NULL, t, 365, 0));
ExpectTrue(wolfSSL_X509_set_notBefore(x509v2, notBefore));
ExpectTrue(wolfSSL_X509_set_notAfter(x509v2, notAfter));
ExpectIntGT(wolfSSL_X509_sign(x509v2, priv, EVP_sha256()), 0);
derSz = wolfSSL_i2d_X509(x509v2, &der);
ExpectIntGT(derSz, 0);
ExpectIntEQ(wolfSSL_CTX_use_certificate_buffer(ctx, der, derSz,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
/* TODO: Replace with API call */
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(name, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(header, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_X509_free(x509);
wolfSSL_X509_free(x509v2);
wolfSSL_EVP_PKEY_free(priv);
wolfSSL_EVP_PKEY_free(pub);
wolfSSL_ASN1_TIME_free(notBefore);
wolfSSL_ASN1_TIME_free(notAfter);
return EXPECT_RESULT();
}
/* override certificate version error */
static int test_override_x509(int preverify, WOLFSSL_X509_STORE_CTX* store)
{
EXPECT_DECLS;
#ifndef OPENSSL_COMPATIBLE_DEFAULTS
ExpectIntEQ(store->error, ASN_VERSION_E);
#else
ExpectIntEQ(store->error, 0);
#endif
ExpectIntEQ((int)wolfSSL_X509_get_version(store->current_cert), 1);
(void)preverify;
return EXPECT_RESULT() == TEST_SUCCESS;
}
/* set verify callback that will override bad certificate version */
static int test_set_override_x509(WOLFSSL_CTX* ctx)
{
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, test_override_x509);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_X509_TLS_version_test_1(void)
{
EXPECT_DECLS;
#if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
/* test server rejects a client certificate that is not version 3 */
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ctx_ready = &test_set_x509_badversion;
#ifndef WOLFSSL_NO_TLS12
func_cb_client.method = wolfTLSv1_2_client_method;
#else
func_cb_client.method = wolfTLSv1_3_client_method;
#endif
#ifndef WOLFSSL_NO_TLS12
func_cb_server.method = wolfTLSv1_2_server_method;
#else
func_cb_server.method = wolfTLSv1_3_server_method;
#endif
#ifndef OPENSSL_COMPATIBLE_DEFAULTS
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_FAIL);
#else
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_TLS_version_test_2(void)
{
EXPECT_DECLS;
#if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ctx_ready = &test_set_x509_badversion;
func_cb_server.ctx_ready = &test_set_override_x509;
#ifndef WOLFSSL_NO_TLS12
func_cb_client.method = wolfTLSv1_2_client_method;
#else
func_cb_client.method = wolfTLSv1_3_client_method;
#endif
#ifndef WOLFSSL_NO_TLS12
func_cb_server.method = wolfTLSv1_2_server_method;
#else
func_cb_server.method = wolfTLSv1_3_server_method;
#endif
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
/* Testing function wolfSSL_CTX_SetMinVersion; sets the minimum downgrade
* version allowed.
* POST: 1 on success.
*/
static int test_wolfSSL_CTX_SetMinVersion(void)
{
int res = TEST_SKIPPED;
#ifndef NO_WOLFSSL_CLIENT
int failFlag = WOLFSSL_SUCCESS;
WOLFSSL_CTX* ctx;
int itr;
#ifndef NO_OLD_TLS
const int versions[] = {
#ifdef WOLFSSL_ALLOW_TLSV10
WOLFSSL_TLSV1,
#endif
WOLFSSL_TLSV1_1,
WOLFSSL_TLSV1_2 };
#elif !defined(WOLFSSL_NO_TLS12)
const int versions[] = { WOLFSSL_TLSV1_2 };
#elif defined(WOLFSSL_TLS13)
const int versions[] = { WOLFSSL_TLSV1_3 };
#else
const int versions[0];
#endif
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
for (itr = 0; itr < (int)(sizeof(versions)/sizeof(int)); itr++) {
if (wolfSSL_CTX_SetMinVersion(ctx, *(versions + itr))
!= WOLFSSL_SUCCESS) {
failFlag = WOLFSSL_FAILURE;
}
}
wolfSSL_CTX_free(ctx);
res = TEST_RES_CHECK(failFlag == WOLFSSL_SUCCESS);
#endif
return res;
} /* END test_wolfSSL_CTX_SetMinVersion */
/*----------------------------------------------------------------------------*
| OCSP Stapling
*----------------------------------------------------------------------------*/
/* Testing wolfSSL_UseOCSPStapling function. OCSP stapling eliminates the need
* need to contact the CA, lowering the cost of cert revocation checking.
* PRE: HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST
* POST: 1 returned for success.
*/
static int test_wolfSSL_UseOCSPStapling(void)
{
EXPECT_DECLS;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#endif
#else
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_UseOCSPStapling(NULL, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), 1);
#else
ExpectIntEQ(wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG);
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
} /* END test_wolfSSL_UseOCSPStapling */
/* Testing OCSP stapling version 2, wolfSSL_UseOCSPStaplingV2 function. OCSP
* stapling eliminates the need to contact the CA and lowers cert revocation
* check.
* PRE: HAVE_CERTIFICATE_STATUS_REQUEST_V2 and HAVE_OCSP defined.
*/
static int test_wolfSSL_UseOCSPStaplingV2(void)
{
EXPECT_DECLS;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#endif
#else
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_UseOCSPStaplingV2(NULL, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), 1);
#else
ExpectIntEQ(wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), BAD_FUNC_ARG);
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
} /* END test_wolfSSL_UseOCSPStaplingV2 */
/*----------------------------------------------------------------------------*
| Multicast Tests
*----------------------------------------------------------------------------*/
static int test_wolfSSL_mcast(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST) && \
(defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER))
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
byte preMasterSecret[512];
byte clientRandom[32];
byte serverRandom[32];
byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */
byte buf[256];
word16 newId;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method()));
ExpectIntEQ(wolfSSL_CTX_mcast_set_member_id(ctx, 0), WOLFSSL_SUCCESS);
ExpectNotNull(ssl = wolfSSL_new(ctx));
XMEMSET(preMasterSecret, 0x23, sizeof(preMasterSecret));
XMEMSET(clientRandom, 0xA5, sizeof(clientRandom));
XMEMSET(serverRandom, 0x5A, sizeof(serverRandom));
ExpectIntEQ(wolfSSL_set_secret(ssl, 23, preMasterSecret,
sizeof(preMasterSecret), clientRandom, serverRandom, suite),
WOLFSSL_SUCCESS);
ExpectIntLE(wolfSSL_mcast_read(ssl, &newId, buf, sizeof(buf)), 0);
ExpectIntLE(newId, 100);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST && (WOLFSSL_TLS13 ||
* WOLFSSL_SNIFFER) */
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| Wolfcrypt
*----------------------------------------------------------------------------*/
/*
* Unit test for the wc_InitBlake2b()
*/
static int test_wc_InitBlake2b(void)
{
EXPECT_DECLS;
#ifdef HAVE_BLAKE2
Blake2b blake;
/* Test good arg. */
ExpectIntEQ(wc_InitBlake2b(&blake, 64), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitBlake2b(NULL, 64), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2b(NULL, 128), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2b(&blake, 128), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2b(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2b(&blake, 0), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitBlake2b*/
/*
* Unit test for the wc_InitBlake2b_WithKey()
*/
static int test_wc_InitBlake2b_WithKey(void)
{
EXPECT_DECLS;
#ifdef HAVE_BLAKE2
Blake2b blake;
word32 digestSz = BLAKE2B_KEYBYTES;
byte key[BLAKE2B_KEYBYTES];
word32 keylen = BLAKE2B_KEYBYTES;
XMEMSET(key, 0, sizeof(key));
/* Test good arg. */
ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, keylen), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitBlake2b_WithKey(NULL, digestSz, key, keylen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, 256),
BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, NULL, keylen), 0);
#endif
return EXPECT_RESULT();
} /* END wc_InitBlake2b_WithKey*/
/*
* Unit test for the wc_InitBlake2s_WithKey()
*/
static int test_wc_InitBlake2s_WithKey(void)
{
EXPECT_DECLS;
#ifdef HAVE_BLAKE2S
Blake2s blake;
word32 digestSz = BLAKE2S_KEYBYTES;
byte *key = (byte*)"01234567890123456789012345678901";
word32 keylen = BLAKE2S_KEYBYTES;
/* Test good arg. */
ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, keylen), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitBlake2s_WithKey(NULL, digestSz, key, keylen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, 256),
BAD_FUNC_ARG);
ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, NULL, keylen), 0);
#endif
return EXPECT_RESULT();
} /* END wc_InitBlake2s_WithKey*/
/*
* Unit test for the wc_InitMd5()
*/
static int test_wc_InitMd5(void)
{
EXPECT_DECLS;
#ifndef NO_MD5
wc_Md5 md5;
/* Test good arg. */
ExpectIntEQ(wc_InitMd5(&md5), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitMd5(NULL), BAD_FUNC_ARG);
wc_Md5Free(&md5);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitMd5 */
/*
* Testing wc_UpdateMd5()
*/
static int test_wc_Md5Update(void)
{
EXPECT_DECLS;
#ifndef NO_MD5
wc_Md5 md5;
byte hash[WC_MD5_DIGEST_SIZE];
testVector a, b, c;
ExpectIntEQ(wc_InitMd5(&md5), 0);
/* Input */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Md5Final(&md5, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
"\x72";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen), 0);
ExpectIntEQ(wc_Md5Final(&md5, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0);
/* Pass in bad values. */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = WC_MD5_DIGEST_SIZE;
ExpectIntEQ(wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Md5Free(&md5);
#endif
return EXPECT_RESULT();
} /* END test_wc_Md5Update() */
/*
* Unit test on wc_Md5Final() in wolfcrypt/src/md5.c
*/
static int test_wc_Md5Final(void)
{
EXPECT_DECLS;
#ifndef NO_MD5
/* Instantiate */
wc_Md5 md5;
byte* hash_test[3];
byte hash1[WC_MD5_DIGEST_SIZE];
byte hash2[2*WC_MD5_DIGEST_SIZE];
byte hash3[5*WC_MD5_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitMd5(&md5), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test)/sizeof(byte*);
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Md5Final(&md5, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Md5Final(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Md5Final(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Md5Final(&md5, NULL), BAD_FUNC_ARG);
wc_Md5Free(&md5);
#endif
return EXPECT_RESULT();
}
/*
* Unit test for the wc_InitSha()
*/
static int test_wc_InitSha(void)
{
EXPECT_DECLS;
#ifndef NO_SHA
wc_Sha sha;
/* Test good arg. */
ExpectIntEQ(wc_InitSha(&sha), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha(NULL), BAD_FUNC_ARG);
wc_ShaFree(&sha);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSha */
/*
* Tesing wc_ShaUpdate()
*/
static int test_wc_ShaUpdate(void)
{
EXPECT_DECLS;
#ifndef NO_SHA
wc_Sha sha;
byte hash[WC_SHA_DIGEST_SIZE];
testVector a, b, c;
ExpectIntEQ(wc_InitSha(&sha), 0);
/* Input. */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_ShaUpdate(&sha, NULL, 0), 0);
ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, 0), 0);
ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
"\x6C\x9C\xD0\xD8\x9D";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0);
/* Try passing in bad values. */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = WC_SHA_DIGEST_SIZE;
ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_ShaFree(&sha);
#endif
return EXPECT_RESULT();
} /* END test_wc_ShaUpdate() */
/*
* Unit test on wc_ShaFinal
*/
static int test_wc_ShaFinal(void)
{
EXPECT_DECLS;
#ifndef NO_SHA
wc_Sha sha;
byte* hash_test[3];
byte hash1[WC_SHA_DIGEST_SIZE];
byte hash2[2*WC_SHA_DIGEST_SIZE];
byte hash3[5*WC_SHA_DIGEST_SIZE];
int times, i;
/* Initialize*/
ExpectIntEQ(wc_InitSha(&sha), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test)/sizeof(byte*);
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_ShaFinal(&sha, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_ShaFinal(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ShaFinal(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_ShaFinal(&sha, NULL), BAD_FUNC_ARG);
wc_ShaFree(&sha);
#endif
return EXPECT_RESULT();
} /* END test_wc_ShaFinal */
/*
* Unit test for wc_InitSha256()
*/
static int test_wc_InitSha256(void)
{
EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
/* Test good arg. */
ExpectIntEQ(wc_InitSha256(&sha256), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha256(NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSha256 */
/*
* Unit test for wc_Sha256Update()
*/
static int test_wc_Sha256Update(void)
{
EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
byte hash[WC_SHA256_DIGEST_SIZE];
byte hash_unaligned[WC_SHA256_DIGEST_SIZE+1];
testVector a, b, c;
ExpectIntEQ(wc_InitSha256(&sha256), 0);
/* Input. */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Sha256Update(&sha256, NULL, 0), 0);
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, 0), 0);
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
"\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
"\x15\xAD";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
/* Unaligned check. */
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input+1, (word32)a.inLen-1),
0);
ExpectIntEQ(wc_Sha256Final(&sha256, hash_unaligned + 1), 0);
/* Try passing in bad values */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = WC_SHA256_DIGEST_SIZE;
ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256Update */
/*
* Unit test function for wc_Sha256Final()
*/
static int test_wc_Sha256Final(void)
{
EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
byte* hash_test[3];
byte hash1[WC_SHA256_DIGEST_SIZE];
byte hash2[2*WC_SHA256_DIGEST_SIZE];
byte hash3[5*WC_SHA256_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha256(&sha256), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha256Final(&sha256, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha256Final(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Final(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Final(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256Final */
/*
* Unit test function for wc_Sha256FinalRaw()
*/
static int test_wc_Sha256FinalRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_SHA256) && !defined(HAVE_SELFTEST) && !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \
!defined(WOLFSSL_NO_HASH_RAW)
wc_Sha256 sha256;
byte* hash_test[3];
byte hash1[WC_SHA256_DIGEST_SIZE];
byte hash2[2*WC_SHA256_DIGEST_SIZE];
byte hash3[5*WC_SHA256_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha256(&sha256), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha256FinalRaw(&sha256, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha256FinalRaw(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256FinalRaw(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256FinalRaw(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256FinalRaw */
/*
* Unit test function for wc_Sha256GetFlags()
*/
static int test_wc_Sha256GetFlags(void)
{
EXPECT_DECLS;
#if !defined(NO_SHA256) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha256 sha256;
word32 flags = 0;
/* Initialize */
ExpectIntEQ(wc_InitSha256(&sha256), 0);
ExpectIntEQ(wc_Sha256GetFlags(&sha256, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
wc_Sha256Free(&sha256);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256GetFlags */
/*
* Unit test function for wc_Sha256Free()
*/
static int test_wc_Sha256Free(void)
{
EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256Free(NULL);
/* Set result to SUCCESS. */
ExpectTrue(1);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256Free */
/*
* Unit test function for wc_Sha256GetHash()
*/
static int test_wc_Sha256GetHash(void)
{
EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
byte hash1[WC_SHA256_DIGEST_SIZE];
/* Initialize */
ExpectIntEQ(wc_InitSha256(&sha256), 0);
ExpectIntEQ(wc_Sha256GetHash(&sha256, hash1), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha256GetHash(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256GetHash(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256GetHash(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256GetHash */
/*
* Unit test function for wc_Sha256Copy()
*/
static int test_wc_Sha256Copy(void)
{
EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
wc_Sha256 temp;
XMEMSET(&sha256, 0, sizeof(sha256));
XMEMSET(&temp, 0, sizeof(temp));
/* Initialize */
ExpectIntEQ(wc_InitSha256(&sha256), 0);
ExpectIntEQ(wc_InitSha256(&temp), 0);
ExpectIntEQ(wc_Sha256Copy(&sha256, &temp), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha256Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Copy(NULL, &temp), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Copy(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
wc_Sha256Free(&temp);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256Copy */
/*
* Testing wc_InitSha512()
*/
static int test_wc_InitSha512(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
/* Test good arg. */
ExpectIntEQ(wc_InitSha512(&sha512), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha512(NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSha512 */
/*
* wc_Sha512Update() test.
*/
static int test_wc_Sha512Update(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
byte hash_unaligned[WC_SHA512_DIGEST_SIZE + 1];
testVector a, b, c;
ExpectIntEQ(wc_InitSha512(&sha512), 0);
/* Input. */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Sha512Update(&sha512, NULL, 0), 0);
ExpectIntEQ(wc_Sha512Update(&sha512,(byte*)a.input, 0), 0);
ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
"\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b"
"\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c"
"\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a"
"\x9a\xc9\x4f\xa5\x4c\xa4\x9f";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen), 0);
ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE), 0);
/* Unaligned check. */
ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input+1, (word32)a.inLen-1),
0);
ExpectIntEQ(wc_Sha512Final(&sha512, hash_unaligned+1), 0);
/* Try passing in bad values */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = WC_SHA512_DIGEST_SIZE;
ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512Update */
#ifdef WOLFSSL_SHA512
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
(!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
/* Performs test for
* - wc_Sha512Final/wc_Sha512FinalRaw
* - wc_Sha512_224Final/wc_Sha512_224Final
* - wc_Sha512_256Final/wc_Sha512_256Final
* parameter:
* - type : must be one of WC_HASH_TYPE_SHA512, WC_HASH_TYPE_SHA512_224 or
* WC_HASH_TYPE_SHA512_256
* - isRaw: if is non-zero, xxxFinalRaw function will be tested
*return 0 on success
*/
static int test_Sha512_Family_Final(int type, int isRaw)
{
EXPECT_DECLS;
wc_Sha512 sha512;
byte* hash_test[3];
byte hash1[WC_SHA512_DIGEST_SIZE];
byte hash2[2*WC_SHA512_DIGEST_SIZE];
byte hash3[5*WC_SHA512_DIGEST_SIZE];
int times, i;
int(*initFp)(wc_Sha512*);
int(*finalFp)(wc_Sha512*, byte*);
void(*freeFp)(wc_Sha512*);
if (type == WC_HASH_TYPE_SHA512) {
initFp = wc_InitSha512;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
!defined(WOLFSSL_NO_HASH_RAW)
finalFp = (isRaw)? wc_Sha512FinalRaw : wc_Sha512Final;
#else
finalFp = (isRaw)? NULL : wc_Sha512Final;
#endif
freeFp = wc_Sha512Free;
}
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(WOLFSSL_NOSHA512_224)
else if (type == WC_HASH_TYPE_SHA512_224) {
initFp = wc_InitSha512_224;
#if !defined(WOLFSSL_NO_HASH_RAW)
finalFp = (isRaw)? wc_Sha512_224FinalRaw : wc_Sha512_224Final;
#else
finalFp = (isRaw)? NULL : wc_Sha512_224Final;
#endif
freeFp = wc_Sha512_224Free;
}
#endif
#if !defined(WOLFSSL_NOSHA512_256)
else if (type == WC_HASH_TYPE_SHA512_256) {
initFp = wc_InitSha512_256;
#if !defined(WOLFSSL_NO_HASH_RAW)
finalFp = (isRaw)? wc_Sha512_256FinalRaw : wc_Sha512_256Final;
#else
finalFp = (isRaw)? NULL : wc_Sha512_256Final;
#endif
freeFp = wc_Sha512_256Free;
}
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
else
return TEST_FAIL;
/* Initialize */
ExpectIntEQ(initFp(&sha512), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte *);
/* Good test args. */
for (i = 0; i < times; i++) {
ExpectIntEQ(finalFp(&sha512, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(finalFp(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(finalFp(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(finalFp(&sha512, NULL), BAD_FUNC_ARG);
freeFp(&sha512);
return EXPECT_RESULT();
}
#endif /* !HAVE_FIPS && !HAVE_SELFTEST &&
(!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */
#endif /* WOLFSSL_SHA512 */
/*
* Unit test function for wc_Sha512Final()
*/
static int test_wc_Sha512Final(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte* hash_test[3];
byte hash1[WC_SHA512_DIGEST_SIZE];
byte hash2[2*WC_SHA512_DIGEST_SIZE];
byte hash3[5*WC_SHA512_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha512(&sha512), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte *);
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha512Final(&sha512, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha512Final(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Final(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Final(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512Final */
/*
* Unit test function for wc_Sha512GetFlags()
*/
static int test_wc_Sha512GetFlags(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha512 sha512;
word32 flags = 0;
/* Initialize */
ExpectIntEQ(wc_InitSha512(&sha512), 0);
ExpectIntEQ(wc_Sha512GetFlags(&sha512, &flags), 0);
ExpectIntEQ((flags & WC_HASH_FLAG_ISCOPY), 0);
wc_Sha512Free(&sha512);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512GetFlags */
/*
* Unit test function for wc_Sha512FinalRaw()
*/
static int test_wc_Sha512FinalRaw(void)
{
EXPECT_DECLS;
#if (defined(WOLFSSL_SHA512) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \
!defined(WOLFSSL_NO_HASH_RAW)
wc_Sha512 sha512;
byte* hash_test[3];
byte hash1[WC_SHA512_DIGEST_SIZE];
byte hash2[2*WC_SHA512_DIGEST_SIZE];
byte hash3[5*WC_SHA512_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha512(&sha512), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
/* Good test args. */
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha512FinalRaw(&sha512, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha512FinalRaw(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512FinalRaw(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512FinalRaw(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512FinalRaw */
/*
* Unit test function for wc_Sha512Free()
*/
static int test_wc_Sha512Free(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512Free(NULL);
/* Set result to SUCCESS. */
ExpectTrue(1);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512Free */
#ifdef WOLFSSL_SHA512
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
(!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
static int test_Sha512_Family_GetHash(int type )
{
EXPECT_DECLS;
int(*initFp)(wc_Sha512*);
int(*ghashFp)(wc_Sha512*, byte*);
wc_Sha512 sha512;
byte hash1[WC_SHA512_DIGEST_SIZE];
if (type == WC_HASH_TYPE_SHA512) {
initFp = wc_InitSha512;
ghashFp = wc_Sha512GetHash;
}
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if !defined(WOLFSSL_NOSHA512_224)
else if (type == WC_HASH_TYPE_SHA512_224) {
initFp = wc_InitSha512_224;
ghashFp = wc_Sha512_224GetHash;
}
#endif
#if !defined(WOLFSSL_NOSHA512_256)
else if (type == WC_HASH_TYPE_SHA512_256) {
initFp = wc_InitSha512_256;
ghashFp = wc_Sha512_256GetHash;
}
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
else {
initFp = NULL;
ghashFp = NULL;
}
if (initFp == NULL || ghashFp == NULL)
return TEST_FAIL;
ExpectIntEQ(initFp(&sha512), 0);
ExpectIntEQ(ghashFp(&sha512, hash1), 0);
/* test bad arguments*/
ExpectIntEQ(ghashFp(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(ghashFp(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(ghashFp(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
return EXPECT_RESULT();
}
#endif /* !HAVE_FIPS && !HAVE_SELFTEST &&
(!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */
#endif /* WOLFSSL_SHA512 */
/*
* Unit test function for wc_Sha512GetHash()
*/
static int test_wc_Sha512GetHash(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte hash1[WC_SHA512_DIGEST_SIZE];
/* Initialize */
ExpectIntEQ(wc_InitSha512(&sha512), 0);
ExpectIntEQ(wc_Sha512GetHash(&sha512, hash1), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha512GetHash(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512GetHash(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512GetHash(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512GetHash */
/*
* Unit test function for wc_Sha512Copy()
*/
static int test_wc_Sha512Copy(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
wc_Sha512 temp;
XMEMSET(&sha512, 0, sizeof(wc_Sha512));
XMEMSET(&temp, 0, sizeof(wc_Sha512));
/* Initialize */
ExpectIntEQ(wc_InitSha512(&sha512), 0);
ExpectIntEQ(wc_InitSha512(&temp), 0);
ExpectIntEQ(wc_Sha512Copy(&sha512, &temp), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha512Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Copy(NULL, &temp), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Copy(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
wc_Sha512Free(&temp);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha512Copy */
static int test_wc_InitSha512_224(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512 sha512;
/* Test good arg. */
ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha512_224(NULL), BAD_FUNC_ARG);
wc_Sha512_224Free(&sha512);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_224Update(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
testVector a, c;
ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
/* Input. */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Sha512_224Update(&sha512, NULL, 0), 0);
ExpectIntEQ(wc_Sha512_224Update(&sha512,(byte*)a.input, 0), 0);
ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen),
0);
ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08"
"\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen),
0);
ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE), 0);
c.input = NULL;
c.inLen = WC_SHA512_224_DIGEST_SIZE;
ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Sha512_224Free(&sha512);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_224Final(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0),
TEST_SUCCESS);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_224GetFlags(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha512 sha512;
wc_Sha512 copy;
word32 flags = 0;
XMEMSET(&sha512, 0, sizeof(wc_Sha512));
XMEMSET(&copy, 0, sizeof(wc_Sha512));
/* Initialize */
ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
ExpectIntEQ(wc_InitSha512_224(&copy), 0);
ExpectIntEQ(wc_Sha512_224GetFlags(&sha512, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
ExpectIntEQ(wc_Sha512_224Copy(&sha512, &copy), 0);
ExpectIntEQ(wc_Sha512_224GetFlags(&copy, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY);
wc_Sha512_224Free(&copy);
wc_Sha512_224Free(&sha512);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_224FinalRaw(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && \
!defined(WOLFSSL_NO_HASH_RAW)
ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1),
TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wc_Sha512_224Free(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512_224Free(NULL);
/* Set result to SUCCESS. */
ExpectTrue(1);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_224GetHash(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224),
TEST_SUCCESS);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_224Copy(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512 sha512;
wc_Sha512 temp;
XMEMSET(&sha512, 0, sizeof(wc_Sha512));
XMEMSET(&temp, 0, sizeof(wc_Sha512));
/* Initialize */
ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
ExpectIntEQ(wc_InitSha512_224(&temp), 0);
ExpectIntEQ(wc_Sha512_224Copy(&sha512, &temp), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha512_224Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_224Copy(NULL, &temp), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_224Copy(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512_224Free(&sha512);
wc_Sha512_224Free(&temp);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_InitSha512_256(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512 sha512;
/* Test good arg. */
ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha512_256(NULL), BAD_FUNC_ARG);
wc_Sha512_256Free(&sha512);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_256Update(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
testVector a, c;
ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
/* Input. */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Sha512_256Update(&sha512, NULL, 0), 0);
ExpectIntEQ(wc_Sha512_256Update(&sha512,(byte*)a.input, 0), 0);
ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen),
0);
ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c"
"\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31"
"\x07\xe7\xaf\x23";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen),
0);
ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE), 0);
c.input = NULL;
c.inLen = WC_SHA512_256_DIGEST_SIZE;
ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Sha512_256Free(&sha512);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_256Final(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0),
TEST_SUCCESS);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_256GetFlags(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha512 sha512, copy;
word32 flags = 0;
XMEMSET(&sha512, 0, sizeof(wc_Sha512));
XMEMSET(&copy, 0, sizeof(wc_Sha512));
/* Initialize */
ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
ExpectIntEQ(wc_InitSha512_256(&copy), 0);
ExpectIntEQ(wc_Sha512_256GetFlags(&sha512, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
ExpectIntEQ(wc_Sha512_256Copy(&sha512, &copy), 0);
ExpectIntEQ(wc_Sha512_256GetFlags(&copy, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY);
wc_Sha512_256Free(&sha512);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_256FinalRaw(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && \
!defined(WOLFSSL_NO_HASH_RAW)
ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1),
TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wc_Sha512_256Free(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512_256Free(NULL);
/* Set result to SUCCESS. */
ExpectTrue(1);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_256GetHash(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256),
TEST_SUCCESS);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wc_Sha512_256Copy(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512 sha512;
wc_Sha512 temp;
XMEMSET(&sha512, 0, sizeof(wc_Sha512));
XMEMSET(&temp, 0, sizeof(wc_Sha512));
/* Initialize */
ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
ExpectIntEQ(wc_InitSha512_256(&temp), 0);
ExpectIntEQ(wc_Sha512_256Copy(&sha512, &temp), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha512_256Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_256Copy(NULL, &temp), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_256Copy(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512_256Free(&sha512);
wc_Sha512_256Free(&temp);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
/*
* Testing wc_InitSha384()
*/
static int test_wc_InitSha384(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
/* Test good arg. */
ExpectIntEQ(wc_InitSha384(&sha384), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha384(NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSha384 */
/*
* test wc_Sha384Update()
*/
static int test_wc_Sha384Update(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
byte hash[WC_SHA384_DIGEST_SIZE];
testVector a, b, c;
ExpectIntEQ(wc_InitSha384(&sha384), 0);
/* Input */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Sha384Update(&sha384, NULL, 0), 0);
ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, 0), 0);
ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
"\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
"\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
"\xc8\x25\xa7";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0);
/* Pass in bad values. */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = WC_SHA384_DIGEST_SIZE;
ExpectIntEQ( wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384Update */
/*
* Unit test function for wc_Sha384Final();
*/
static int test_wc_Sha384Final(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
byte* hash_test[3];
byte hash1[WC_SHA384_DIGEST_SIZE];
byte hash2[2*WC_SHA384_DIGEST_SIZE];
byte hash3[5*WC_SHA384_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha384(&sha384), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
/* Good test args. */
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha384Final(&sha384, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha384Final(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384Final(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384Final(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384Final */
/*
* Unit test function for wc_Sha384GetFlags()
*/
static int test_wc_Sha384GetFlags(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha384 sha384;
word32 flags = 0;
/* Initialize */
ExpectIntEQ(wc_InitSha384(&sha384), 0);
ExpectIntEQ(wc_Sha384GetFlags(&sha384, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
wc_Sha384Free(&sha384);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384GetFlags */
/*
* Unit test function for wc_Sha384FinalRaw()
*/
static int test_wc_Sha384FinalRaw(void)
{
EXPECT_DECLS;
#if (defined(WOLFSSL_SHA384) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \
!defined(WOLFSSL_NO_HASH_RAW)
wc_Sha384 sha384;
byte* hash_test[3];
byte hash1[WC_SHA384_DIGEST_SIZE];
byte hash2[2*WC_SHA384_DIGEST_SIZE];
byte hash3[5*WC_SHA384_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha384(&sha384), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
/* Good test args. */
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha384FinalRaw(&sha384, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha384FinalRaw(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384FinalRaw(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384FinalRaw(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384FinalRaw */
/*
* Unit test function for wc_Sha384Free()
*/
static int test_wc_Sha384Free(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384Free(NULL);
/* Set result to SUCCESS. */
ExpectTrue(1);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384Free */
/*
* Unit test function for wc_Sha384GetHash()
*/
static int test_wc_Sha384GetHash(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
byte hash1[WC_SHA384_DIGEST_SIZE];
/* Initialize */
ExpectIntEQ(wc_InitSha384(&sha384), 0);
ExpectIntEQ(wc_Sha384GetHash(&sha384, hash1), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha384GetHash(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384GetHash(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384GetHash(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384GetHash */
/*
* Unit test function for wc_Sha384Copy()
*/
static int test_wc_Sha384Copy(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
wc_Sha384 temp;
XMEMSET(&sha384, 0, sizeof(wc_Sha384));
XMEMSET(&temp, 0, sizeof(wc_Sha384));
/* Initialize */
ExpectIntEQ(wc_InitSha384(&sha384), 0);
ExpectIntEQ(wc_InitSha384(&temp), 0);
ExpectIntEQ(wc_Sha384Copy(&sha384, &temp), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha384Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384Copy(NULL, &temp), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha384Copy(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
wc_Sha384Free(&temp);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384Copy */
/*
* Testing wc_InitSha224();
*/
static int test_wc_InitSha224(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
/* Test good arg. */
ExpectIntEQ(wc_InitSha224(&sha224), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitSha224(NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSha224 */
/*
* Unit test on wc_Sha224Update
*/
static int test_wc_Sha224Update(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
byte hash[WC_SHA224_DIGEST_SIZE];
testVector a, b, c;
ExpectIntEQ(wc_InitSha224(&sha224), 0);
/* Input. */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_Sha224Update(&sha224, NULL, 0), 0);
ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, 0), 0);
ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2"
"\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0);
/* Pass in bad values. */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = WC_SHA224_DIGEST_SIZE;
ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224Update */
/*
* Unit test for wc_Sha224Final();
*/
static int test_wc_Sha224Final(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
byte* hash_test[3];
byte hash1[WC_SHA224_DIGEST_SIZE];
byte hash2[2*WC_SHA224_DIGEST_SIZE];
byte hash3[5*WC_SHA224_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitSha224(&sha224), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
/* Good test args. */
/* Testing oversized buffers. */
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sha224Final(&sha224, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_Sha224Final(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224Final(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224Final(&sha224, NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224Final */
/*
* Unit test function for wc_Sha224SetFlags()
*/
static int test_wc_Sha224SetFlags(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha224 sha224;
word32 flags = WC_HASH_FLAG_WILLCOPY;
/* Initialize */
ExpectIntEQ(wc_InitSha224(&sha224), 0);
ExpectIntEQ(wc_Sha224SetFlags(&sha224, flags), 0);
flags = 0;
ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0);
ExpectTrue(flags == WC_HASH_FLAG_WILLCOPY);
wc_Sha224Free(&sha224);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224SetFlags */
/*
* Unit test function for wc_Sha224GetFlags()
*/
static int test_wc_Sha224GetFlags(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha224 sha224;
word32 flags = 0;
/* Initialize */
ExpectIntEQ(wc_InitSha224(&sha224), 0);
ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
wc_Sha224Free(&sha224);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224GetFlags */
/*
* Unit test function for wc_Sha224Free()
*/
static int test_wc_Sha224Free(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224Free(NULL);
/* Set result to SUCCESS. */
ExpectTrue(1);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224Free */
/*
* Unit test function for wc_Sha224GetHash()
*/
static int test_wc_Sha224GetHash(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
byte hash1[WC_SHA224_DIGEST_SIZE];
/* Initialize */
ExpectIntEQ(wc_InitSha224(&sha224), 0);
ExpectIntEQ(wc_Sha224GetHash(&sha224, hash1), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha224GetHash(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224GetHash(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224GetHash(&sha224, NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224GetHash */
/*
* Unit test function for wc_Sha224Copy()
*/
static int test_wc_Sha224Copy(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
wc_Sha224 temp;
XMEMSET(&sha224, 0, sizeof(wc_Sha224));
XMEMSET(&temp, 0, sizeof(wc_Sha224));
/* Initialize */
ExpectIntEQ(wc_InitSha224(&sha224), 0);
ExpectIntEQ(wc_InitSha224(&temp), 0);
ExpectIntEQ(wc_Sha224Copy(&sha224, &temp), 0);
/* test bad arguments*/
ExpectIntEQ(wc_Sha224Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224Copy(NULL, &temp), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha224Copy(&sha224, NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
wc_Sha224Free(&temp);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224Copy */
/*
* Testing wc_InitRipeMd()
*/
static int test_wc_InitRipeMd(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_RIPEMD
RipeMd ripemd;
/* Test good arg. */
ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
/* Test bad arg. */
ExpectIntEQ(wc_InitRipeMd(NULL), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitRipeMd */
/*
* Testing wc_RipeMdUpdate()
*/
static int test_wc_RipeMdUpdate(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_RIPEMD
RipeMd ripemd;
byte hash[RIPEMD_DIGEST_SIZE];
testVector a, b, c;
ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
/* Input */
a.input = "a";
a.inLen = XSTRLEN(a.input);
ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0);
/* Update input. */
a.input = "abc";
a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
"\xb0\x87\xf1\x5a\x0b\xfc";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE), 0);
/* Pass in bad values. */
b.input = NULL;
b.inLen = 0;
ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen), 0);
c.input = NULL;
c.inLen = RIPEMD_DIGEST_SIZE;
ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_RipeMdUdpate */
/*
* Unit test function for wc_RipeMdFinal()
*/
static int test_wc_RipeMdFinal(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_RIPEMD
RipeMd ripemd;
byte* hash_test[3];
byte hash1[RIPEMD_DIGEST_SIZE];
byte hash2[2*RIPEMD_DIGEST_SIZE];
byte hash3[5*RIPEMD_DIGEST_SIZE];
int times, i;
/* Initialize */
ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
hash_test[0] = hash1;
hash_test[1] = hash2;
hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
/* Testing oversized buffers. */
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash_test[i]), 0);
}
/* Test bad args. */
ExpectIntEQ(wc_RipeMdFinal(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_RipeMdFinal(NULL, hash1), BAD_FUNC_ARG);
ExpectIntEQ(wc_RipeMdFinal(&ripemd, NULL), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_RipeMdFinal */
/*
* Testing wc_InitSha3_224, wc_InitSha3_256, wc_InitSha3_384, and
* wc_InitSha3_512
*/
static int test_wc_InitSha3(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3)
wc_Sha3 sha3;
(void)sha3;
#if !defined(WOLFSSL_NOSHA3_224)
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitSha3_224(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
#endif /* NOSHA3_224 */
#if !defined(WOLFSSL_NOSHA3_256)
ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitSha3_256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
#endif /* NOSHA3_256 */
#if !defined(WOLFSSL_NOSHA3_384)
ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitSha3_384(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
#endif /* NOSHA3_384 */
#if !defined(WOLFSSL_NOSHA3_512)
ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitSha3_512(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
#endif /* NOSHA3_512 */
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSha3 */
/*
* Testing wc_Sha3_Update()
*/
static int testing_wc_Sha3_Update(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
!defined(WOLFSSL_AFALG_XILINX)
wc_Sha3 sha3;
byte msg[] = "Everybody's working for the weekend.";
byte msg2[] = "Everybody gets Friday off.";
byte msgCmp[] = "\x45\x76\x65\x72\x79\x62\x6f\x64\x79\x27\x73\x20"
"\x77\x6f\x72\x6b\x69\x6e\x67\x20\x66\x6f\x72\x20\x74"
"\x68\x65\x20\x77\x65\x65\x6b\x65\x6e\x64\x2e\x45\x76"
"\x65\x72\x79\x62\x6f\x64\x79\x20\x67\x65\x74\x73\x20"
"\x46\x72\x69\x64\x61\x79\x20\x6f\x66\x66\x2e";
word32 msglen = sizeof(msg) - 1;
word32 msg2len = sizeof(msg2);
word32 msgCmplen = sizeof(msgCmp);
#if !defined(WOLFSSL_NOSHA3_224)
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg, msglen), 0);
ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
ExpectTrue(sha3.i == msglen);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
/* Pass bad args. */
ExpectIntEQ(wc_Sha3_224_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 0), 0);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
wc_Sha3_224_Free(&sha3);
#endif /* SHA3_224 */
#if !defined(WOLFSSL_NOSHA3_256)
ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg, msglen), 0);
ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
ExpectTrue(sha3.i == msglen);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
/* Pass bad args. */
ExpectIntEQ(wc_Sha3_256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 0), 0);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
wc_Sha3_256_Free(&sha3);
#endif /* SHA3_256 */
#if !defined(WOLFSSL_NOSHA3_384)
ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg, msglen), 0);
ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
ExpectTrue(sha3.i == msglen);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
/* Pass bad args. */
ExpectIntEQ(wc_Sha3_384_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 0), 0);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
wc_Sha3_384_Free(&sha3);
#endif /* SHA3_384 */
#if !defined(WOLFSSL_NOSHA3_512)
ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg, msglen), 0);
ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
ExpectTrue(sha3.i == msglen);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
/* Pass bad args. */
ExpectIntEQ(wc_Sha3_512_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 0), 0);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
wc_Sha3_512_Free(&sha3);
#endif /* SHA3_512 */
#endif /* WOLFSSL_SHA3 */
return EXPECT_RESULT();
} /* END testing_wc_Sha3_Update */
/*
* Testing wc_Sha3_224_Final()
*/
static int test_wc_Sha3_224_Final(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
"nopnopq";
const char* expOut = "\x8a\x24\x10\x8b\x15\x4a\xda\x21\xc9\xfd\x55"
"\x74\x49\x44\x79\xba\x5c\x7e\x7a\xb7\x6e\xf2"
"\x64\xea\xd0\xfc\xce\x33";
byte hash[WC_SHA3_224_DIGEST_SIZE];
byte hashRet[WC_SHA3_224_DIGEST_SIZE];
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_224_Final(NULL, hash), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_224_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashRet, 0, sizeof(hashRet));
ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, hashRet), 0);
ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_224_GetHash(NULL, hashRet), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_224_Final */
/*
* Testing wc_Sha3_256_Final()
*/
static int test_wc_Sha3_256_Final(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
"nopnopq";
const char* expOut = "\x41\xc0\xdb\xa2\xa9\xd6\x24\x08\x49\x10\x03\x76\xa8"
"\x23\x5e\x2c\x82\xe1\xb9\x99\x8a\x99\x9e\x21\xdb\x32"
"\xdd\x97\x49\x6d\x33\x76";
byte hash[WC_SHA3_256_DIGEST_SIZE];
byte hashRet[WC_SHA3_256_DIGEST_SIZE];
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_256_Final(NULL, hash), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_256_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashRet, 0, sizeof(hashRet));
ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, hashRet), 0);
ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_256_GetHash(NULL, hashRet), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_256_Final */
/*
* Testing wc_Sha3_384_Final()
*/
static int test_wc_Sha3_384_Final(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
"nopnopq";
const char* expOut = "\x99\x1c\x66\x57\x55\xeb\x3a\x4b\x6b\xbd\xfb\x75\xc7"
"\x8a\x49\x2e\x8c\x56\xa2\x2c\x5c\x4d\x7e\x42\x9b\xfd"
"\xbc\x32\xb9\xd4\xad\x5a\xa0\x4a\x1f\x07\x6e\x62\xfe"
"\xa1\x9e\xef\x51\xac\xd0\x65\x7c\x22";
byte hash[WC_SHA3_384_DIGEST_SIZE];
byte hashRet[WC_SHA3_384_DIGEST_SIZE];
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_384_Final(NULL, hash), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_384_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashRet, 0, sizeof(hashRet));
ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, hashRet), 0);
ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_384_GetHash(NULL, hashRet), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_384_Final */
/*
* Testing wc_Sha3_512_Final()
*/
static int test_wc_Sha3_512_Final(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) && \
!defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
"nopnopq";
const char* expOut = "\x04\xa3\x71\xe8\x4e\xcf\xb5\xb8\xb7\x7c\xb4\x86\x10"
"\xfc\xa8\x18\x2d\xd4\x57\xce\x6f\x32\x6a\x0f\xd3\xd7"
"\xec\x2f\x1e\x91\x63\x6d\xee\x69\x1f\xbe\x0c\x98\x53"
"\x02\xba\x1b\x0d\x8d\xc7\x8c\x08\x63\x46\xb5\x33\xb4"
"\x9c\x03\x0d\x99\xa2\x7d\xaf\x11\x39\xd6\xe7\x5e";
byte hash[WC_SHA3_512_DIGEST_SIZE];
byte hashRet[WC_SHA3_512_DIGEST_SIZE];
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_512_Final(NULL, hash), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_512_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashRet, 0, sizeof(hashRet));
ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, hashRet), 0);
ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_512_GetHash(NULL, hashRet), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_512_Final */
/*
* Testing wc_Sha3_224_Copy()
*/
static int test_wc_Sha3_224_Copy(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_224_DIGEST_SIZE];
byte hashCpy[WC_SHA3_224_DIGEST_SIZE];
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
XMEMSET(&sha3, 0, sizeof(wc_Sha3));
XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_InitSha3_224(&sha3Cpy, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, msglen), 0);
ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, &sha3), 0);
ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
ExpectIntEQ(wc_Sha3_224_Final(&sha3Cpy, hashCpy), 0);
ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_224_Copy(NULL, &sha3), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
wc_Sha3_224_Free(&sha3Cpy);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_224_Copy */
/*
* Testing wc_Sha3_256_Copy()
*/
static int test_wc_Sha3_256_Copy(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_256_DIGEST_SIZE];
byte hashCpy[WC_SHA3_256_DIGEST_SIZE];
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
XMEMSET(&sha3, 0, sizeof(wc_Sha3));
XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_InitSha3_256(&sha3Cpy, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, msglen), 0);
ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, &sha3), 0);
ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
ExpectIntEQ(wc_Sha3_256_Final(&sha3Cpy, hashCpy), 0);
ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_256_Copy(NULL, &sha3), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
wc_Sha3_256_Free(&sha3Cpy);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_256_Copy */
/*
* Testing wc_Sha3_384_Copy()
*/
static int test_wc_Sha3_384_Copy(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_384_DIGEST_SIZE];
byte hashCpy[WC_SHA3_384_DIGEST_SIZE];
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
XMEMSET(&sha3, 0, sizeof(wc_Sha3));
XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_InitSha3_384(&sha3Cpy, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, msglen), 0);
ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, &sha3), 0);
ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
ExpectIntEQ(wc_Sha3_384_Final(&sha3Cpy, hashCpy), 0);
ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_384_Copy(NULL, &sha3), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
wc_Sha3_384_Free(&sha3Cpy);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_384_Copy */
/*
* Testing wc_Sha3_512_Copy()
*/
static int test_wc_Sha3_512_Copy(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_512_DIGEST_SIZE];
byte hashCpy[WC_SHA3_512_DIGEST_SIZE];
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
XMEMSET(&sha3, 0, sizeof(wc_Sha3));
XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_InitSha3_512(&sha3Cpy, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, msglen), 0);
ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, &sha3), 0);
ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
ExpectIntEQ(wc_Sha3_512_Final(&sha3Cpy, hashCpy), 0);
ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
/* Test bad args. */
ExpectIntEQ(wc_Sha3_512_Copy(NULL, &sha3), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
wc_Sha3_512_Free(&sha3Cpy);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_512_Copy */
/*
* Unit test function for wc_Sha3_GetFlags()
*/
static int test_wc_Sha3_GetFlags(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha3 sha3;
word32 flags = 0;
/* Initialize */
ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Sha3_GetFlags(&sha3, &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
wc_Sha3_224_Free(&sha3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha3_GetFlags */
static int test_wc_InitShake256(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake;
ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitShake256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
wc_Shake256_Free(&shake);
#endif
return EXPECT_RESULT();
}
static int testing_wc_Shake256_Update(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake;
byte msg[] = "Everybody's working for the weekend.";
byte msg2[] = "Everybody gets Friday off.";
byte msgCmp[] = "\x45\x76\x65\x72\x79\x62\x6f\x64\x79\x27\x73\x20"
"\x77\x6f\x72\x6b\x69\x6e\x67\x20\x66\x6f\x72\x20\x74"
"\x68\x65\x20\x77\x65\x65\x6b\x65\x6e\x64\x2e\x45\x76"
"\x65\x72\x79\x62\x6f\x64\x79\x20\x67\x65\x74\x73\x20"
"\x46\x72\x69\x64\x61\x79\x20\x6f\x66\x66\x2e";
word32 msglen = sizeof(msg) - 1;
word32 msg2len = sizeof(msg2);
word32 msgCmplen = sizeof(msgCmp);
ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Shake256_Update(&shake, msg, msglen), 0);
ExpectIntEQ(XMEMCMP(msg, shake.t, msglen), 0);
ExpectTrue(shake.i == msglen);
ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(shake.t, msgCmp, msgCmplen), 0);
/* Pass bad args. */
ExpectIntEQ(wc_Shake256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 5), BAD_FUNC_ARG);
wc_Shake256_Free(&shake);
ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 0), 0);
ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0);
ExpectIntEQ(XMEMCMP(msg2, shake.t, msg2len), 0);
wc_Shake256_Free(&shake);
#endif /* WOLFSSL_SHAKE256 */
return EXPECT_RESULT();
}
static int test_wc_Shake256_Final(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
"nopnopq";
const char* expOut = "\x4d\x8c\x2d\xd2\x43\x5a\x01\x28\xee\xfb\xb8\xc3\x6f"
"\x6f\x87\x13\x3a\x79\x11\xe1\x8d\x97\x9e\xe1\xae\x6b"
"\xe5\xd4\xfd\x2e\x33\x29\x40\xd8\x68\x8a\x4e\x6a\x59"
"\xaa\x80\x60\xf1\xf9\xbc\x99\x6c\x05\xac\xa3\xc6\x96"
"\xa8\xb6\x62\x79\xdc\x67\x2c\x74\x0b\xb2\x24\xec\x37"
"\xa9\x2b\x65\xdb\x05\x39\xc0\x20\x34\x55\xf5\x1d\x97"
"\xcc\xe4\xcf\xc4\x91\x27\xd7\x26\x0a\xfc\x67\x3a\xf2"
"\x08\xba\xf1\x9b\xe2\x12\x33\xf3\xde\xbe\x78\xd0\x67"
"\x60\xcf\xa5\x51\xee\x1e\x07\x91\x41\xd4";
byte hash[114];
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, (word32)XSTRLEN(msg)),
0);
ExpectIntEQ(wc_Shake256_Final(&shake, hash, (word32)sizeof(hash)), 0);
ExpectIntEQ(XMEMCMP(expOut, hash, (word32)sizeof(hash)), 0);
/* Test bad args. */
ExpectIntEQ(wc_Shake256_Final(NULL, hash, (word32)sizeof(hash)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Shake256_Final(&shake, NULL, (word32)sizeof(hash)),
BAD_FUNC_ARG);
wc_Shake256_Free(&shake);
#endif
return EXPECT_RESULT();
}
/*
* Testing wc_Shake256_Copy()
*/
static int test_wc_Shake256_Copy(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake, shakeCpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[144];
byte hashCpy[144];
word32 hashLen = sizeof(hash);
word32 hashLenCpy = sizeof(hashCpy);
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_InitShake256(&shakeCpy, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, msglen), 0);
ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, &shake), 0);
ExpectIntEQ(wc_Shake256_Final(&shake, hash, hashLen), 0);
ExpectIntEQ(wc_Shake256_Final(&shakeCpy, hashCpy, hashLenCpy), 0);
ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
/* Test bad args. */
ExpectIntEQ(wc_Shake256_Copy(NULL, &shake), BAD_FUNC_ARG);
ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, NULL), BAD_FUNC_ARG);
wc_Shake256_Free(&shake);
wc_Shake256_Free(&shakeCpy);
#endif
return EXPECT_RESULT();
} /* END test_wc_Shake256_Copy */
/*
* Unit test function for wc_Shake256Hash()
*/
static int test_wc_Shake256Hash(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
word32 len = sizeof(data);
byte hash[144];
word32 hashLen = sizeof(hash);
ExpectIntEQ(wc_Shake256Hash(data, len, hash, hashLen), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_Shake256Hash */
/*
* Testing wc_InitSm3(), wc_Sm3Free()
*/
static int test_wc_InitSm3Free(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SM3
wc_Sm3 sm3;
/* Invalid Parameters */
ExpectIntEQ(wc_InitSm3(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
/* Valid Parameters */
ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
wc_Sm3Free(NULL);
wc_Sm3Free(&sm3);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitSm3 */
/*
* Testing wc_Sm3Update(), wc_Sm3Final()
*/
static int test_wc_Sm3UpdateFinal(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SM3
wc_Sm3 sm3;
byte data[WC_SM3_BLOCK_SIZE * 4];
byte hash[WC_SM3_DIGEST_SIZE];
byte calcHash[WC_SM3_DIGEST_SIZE];
byte expHash[WC_SM3_DIGEST_SIZE] = {
0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27,
0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1,
0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b,
0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6
};
word32 chunk;
word32 i;
XMEMSET(data, 0, sizeof(data));
ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
/* Invalid Parameters */
ExpectIntEQ(wc_Sm3Update(NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Update(NULL, data, 1), BAD_FUNC_ARG);
/* Valid Parameters */
ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 0), 0);
ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE), 0);
ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE - 2), 0);
ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE * 2), 0);
/* Ensure too many bytes for lengths. */
ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_PAD_SIZE), 0);
/* Invalid Parameters */
ExpectIntEQ(wc_Sm3Final(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Final(&sm3, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Final(NULL, hash), BAD_FUNC_ARG);
/* Valid Parameters */
ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE);
/* Chunk tests. */
ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0);
ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) {
for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) {
ExpectIntEQ(wc_Sm3Update(&sm3, data + i, chunk), 0);
}
if (i < (word32)sizeof(data)) {
ExpectIntEQ(wc_Sm3Update(&sm3, data + i, (word32)sizeof(data) - i),
0);
}
ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
}
/* Not testing when the low 32-bit length overflows. */
wc_Sm3Free(&sm3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sm3Update */
/*
* Testing wc_Sm3GetHash()
*/
static int test_wc_Sm3GetHash(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_SM3
wc_Sm3 sm3;
byte hash[WC_SM3_DIGEST_SIZE];
byte calcHash[WC_SM3_DIGEST_SIZE];
byte data[WC_SM3_BLOCK_SIZE];
XMEMSET(data, 0, sizeof(data));
ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
/* Invalid Parameters */
ExpectIntEQ(wc_Sm3GetHash(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3GetHash(&sm3, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3GetHash(NULL, hash), BAD_FUNC_ARG);
/* Valid Parameters */
ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0);
ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
/* With update. */
ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0);
ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0);
ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
wc_Sm3Free(&sm3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sm3Update */
/*
* Testing wc_Sm3Copy()
*/
static int test_wc_Sm3Copy(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
wc_Sm3 sm3;
wc_Sm3 sm3Copy;
byte hash[WC_SM3_DIGEST_SIZE];
byte hashCopy[WC_SM3_DIGEST_SIZE];
byte data[WC_SM3_BLOCK_SIZE + 1];
int i;
ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0);
/* Invalid Parameters */
ExpectIntEQ(wc_Sm3Copy(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Copy(&sm3, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Copy(NULL, &sm3Copy), BAD_FUNC_ARG);
/* Valid Parameters */
ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
/* Ensure all parts of data updated during hashing are copied. */
for (i = 0; i < WC_SM3_BLOCK_SIZE + 1; i++) {
ExpectIntEQ(wc_Sm3Update(&sm3, data, i), 0);
ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
ExpectIntEQ(wc_Sm3Update(&sm3Copy, data, 1), 0);
ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
ExpectIntEQ(wc_Sm3Final(&sm3Copy, hashCopy), 0);
ExpectBufEQ(hash, hashCopy, WC_SM3_DIGEST_SIZE);
}
wc_Sm3Free(&sm3Copy);
wc_Sm3Free(&sm3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sm3Copy */
/*
* Testing wc_Sm3FinalRaw()
*/
static int test_wc_Sm3FinalRaw(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SM3) && !defined(HAVE_SELFTEST) && \
!defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \
!defined(WOLFSSL_NO_HASH_RAW)
wc_Sm3 sm3;
byte hash1[WC_SM3_DIGEST_SIZE];
byte hash2[WC_SM3_DIGEST_SIZE];
byte hash3[WC_SM3_DIGEST_SIZE];
byte* hash_test[3] = { hash1, hash2, hash3 };
int times;
int i;
XMEMSET(&sm3, 0, sizeof(sm3));
/* Initialize */
ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
/* Invalid Parameters */
ExpectIntEQ(wc_Sm3FinalRaw(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3FinalRaw(&sm3, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3FinalRaw(NULL, hash1), BAD_FUNC_ARG);
times = sizeof(hash_test) / sizeof(byte*);
for (i = 0; i < times; i++) {
ExpectIntEQ(wc_Sm3FinalRaw(&sm3, hash_test[i]), 0);
}
wc_Sm3Free(&sm3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sm3FinalRaw */
/*
* Testing wc_Sm3GetFlags, wc_Sm3SetFlags()
*/
static int test_wc_Sm3GetSetFlags(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
wc_Sm3 sm3;
wc_Sm3 sm3Copy;
word32 flags = 0;
ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0);
ExpectIntEQ(flags, 0);
ExpectIntEQ(wc_Sm3SetFlags(NULL, WC_HASH_FLAG_WILLCOPY), 0);
ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0);
ExpectIntEQ(flags, 0);
ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0);
ExpectIntEQ(flags, 0);
ExpectIntEQ(wc_Sm3SetFlags(&sm3, WC_HASH_FLAG_WILLCOPY), 0);
ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0);
ExpectIntEQ(flags, WC_HASH_FLAG_WILLCOPY);
ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
ExpectIntEQ(wc_Sm3GetFlags(&sm3Copy, &flags), 0);
ExpectIntEQ(flags, WC_HASH_FLAG_ISCOPY | WC_HASH_FLAG_WILLCOPY);
wc_Sm3Free(&sm3Copy);
wc_Sm3Free(&sm3);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sm3Update */
/*
* Testing wc_Sm3Hash()
*/
static int test_wc_Sm3Hash(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
byte data[WC_SM3_BLOCK_SIZE];
byte hash[WC_SM3_DIGEST_SIZE];
/* Invalid parameters. */
ExpectIntEQ(wc_Sm3Hash(NULL, sizeof(data), hash), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), NULL), BAD_FUNC_ARG);
/* Valid parameters. */
ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), hash), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sm3Hash */
/*
* Test function for wc_HmacSetKey
*/
static int test_wc_Md5HmacSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_MD5)
Hmac hmac;
int ret, times, itr;
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
#ifndef HAVE_FIPS
"Jefe", /* smaller than minimum FIPS key size */
#endif
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
};
times = sizeof(keys) / sizeof(char*);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[itr],
(word32)XSTRLEN(keys[itr]));
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
wc_HmacFree(&hmac);
ExpectIntEQ(ret, BAD_FUNC_ARG);
#else
ExpectIntEQ(ret, 0);
#endif
}
/* Bad args. */
ExpectIntEQ(wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0])),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0);
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
ExpectIntEQ(ret, BAD_FUNC_ARG);
#elif defined(HAVE_FIPS)
ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
ExpectIntEQ(ret, 0);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Md5HmacSetKey */
/*
* testing wc_HmacSetKey() on wc_Sha hash.
*/
static int test_wc_ShaHmacSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA)
Hmac hmac;
int ret, times, itr;
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
#ifndef HAVE_FIPS
"Jefe", /* smaller than minimum FIPS key size */
#endif
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
times = sizeof(keys) / sizeof(char*);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr],
(word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0])),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
ExpectIntEQ(ret, 0);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_ShaHmacSetKey() */
/*
* testing wc_HmacSetKey() on Sha224 hash.
*/
static int test_wc_Sha224HmacSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
Hmac hmac;
int ret, times, itr;
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
#ifndef HAVE_FIPS
"Jefe", /* smaller than minimum FIPS key size */
#endif
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
times = sizeof(keys) / sizeof(char*);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr],
(word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0])),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
ExpectIntEQ(ret, 0);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224HmacSetKey() */
/*
* testing wc_HmacSetKey() on Sha256 hash
*/
static int test_wc_Sha256HmacSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA256)
Hmac hmac;
int ret, times, itr;
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
#ifndef HAVE_FIPS
"Jefe", /* smaller than minimum FIPS key size */
#endif
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
times = sizeof(keys) / sizeof(char*);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr],
(word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0])),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
ExpectIntEQ(ret, 0);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256HmacSetKey() */
/*
* testing wc_HmacSetKey on Sha384 hash.
*/
static int test_wc_Sha384HmacSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
Hmac hmac;
int ret, times, itr;
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
#ifndef HAVE_FIPS
"Jefe", /* smaller than minimum FIPS key size */
#endif
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
times = sizeof(keys) / sizeof(char*);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr],
(word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0])),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
(word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
ExpectIntEQ(ret, 0);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384HmacSetKey() */
/*
* testing wc_HmacUpdate on wc_Md5 hash.
*/
static int test_wc_Md5HmacUpdate(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5))
Hmac hmac;
testVector a, b;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
#else
const char* keys = "Jefe";
#endif
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Md5HmacUpdate */
/*
* testing wc_HmacUpdate on SHA hash.
*/
static int test_wc_ShaHmacUpdate(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA)
Hmac hmac;
testVector a, b;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
#else
const char* keys = "Jefe";
#endif
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_ShaHmacUpdate */
/*
* testing wc_HmacUpdate on SHA224 hash.
*/
static int test_wc_Sha224HmacUpdate(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
Hmac hmac;
testVector a, b;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
#else
const char* keys = "Jefe";
#endif
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224HmacUpdate */
/*
* testing wc_HmacUpdate on SHA256 hash.
*/
static int test_wc_Sha256HmacUpdate(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA256)
Hmac hmac;
testVector a, b;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
#else
const char* keys = "Jefe";
#endif
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256HmacUpdate */
/*
* testing wc_HmacUpdate on SHA384 hash.
*/
static int test_wc_Sha384HmacUpdate(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
Hmac hmac;
testVector a, b;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
#else
const char* keys = "Jefe";
#endif
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384HmacUpdate */
/*
* Testing wc_HmacFinal() with MD5
*/
static int test_wc_Md5HmacFinal(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5))
Hmac hmac;
byte hash[WC_MD5_DIGEST_SIZE];
testVector a;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
a.input = "Hi There";
a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
"\x9d";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key)),
0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0);
/* Try bad parameters. */
ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Md5HmacFinal */
/*
* Testing wc_HmacFinal() with SHA
*/
static int test_wc_ShaHmacFinal(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA)
Hmac hmac;
byte hash[WC_SHA_DIGEST_SIZE];
testVector a;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b";
a.input = "Hi There";
a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
"\x8e\xf1\x46\xbe\x00";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key)),
0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0);
/* Try bad parameters. */
ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_ShaHmacFinal */
/*
* Testing wc_HmacFinal() with SHA224
*/
static int test_wc_Sha224HmacFinal(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
Hmac hmac;
byte hash[WC_SHA224_DIGEST_SIZE];
testVector a;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b";
a.input = "Hi There";
a.output = "\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3"
"\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key,
(word32)XSTRLEN(key)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0);
/* Try bad parameters. */
ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha224HmacFinal */
/*
* Testing wc_HmacFinal() with SHA256
*/
static int test_wc_Sha256HmacFinal(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA256)
Hmac hmac;
byte hash[WC_SHA256_DIGEST_SIZE];
testVector a;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b";
a.input = "Hi There";
a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
"\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
"\xcf\xf7";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key,
(word32)XSTRLEN(key)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
/* Try bad parameters. */
ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha256HmacFinal */
/*
* Testing wc_HmacFinal() with SHA384
*/
static int test_wc_Sha384HmacFinal(void)
{
EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
Hmac hmac;
byte hash[WC_SHA384_DIGEST_SIZE];
testVector a;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b";
a.input = "Hi There";
a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
"\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
"\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
"\xfa\x9c\xb6";
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key,
(word32)XSTRLEN(key)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0);
/* Try bad parameters. */
ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
#endif
return EXPECT_RESULT();
} /* END test_wc_Sha384HmacFinal */
/*
* Testing wc_InitCmac()
*/
static int test_wc_InitCmac(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
Cmac cmac1;
Cmac cmac2;
Cmac cmac3;
/* AES 128 key. */
byte key1[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x10\x11\x12\x13\x14\x15\x16";
/* AES 192 key. */
byte key2[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x01\x11\x12\x13\x14\x15\x16"
"\x01\x02\x03\x04\x05\x06\x07\x08";
/* AES 256 key. */
byte key3[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x01\x11\x12\x13\x14\x15\x16"
"\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x01\x11\x12\x13\x14\x15\x16";
word32 key1Sz = (word32)sizeof(key1) - 1;
word32 key2Sz = (word32)sizeof(key2) - 1;
word32 key3Sz = (word32)sizeof(key3) - 1;
int type = WC_CMAC_AES;
(void)key1;
(void)key1Sz;
(void)key2;
(void)key2Sz;
XMEMSET(&cmac1, 0, sizeof(Cmac));
XMEMSET(&cmac2, 0, sizeof(Cmac));
XMEMSET(&cmac3, 0, sizeof(Cmac));
#ifdef WOLFSSL_AES_128
ExpectIntEQ(wc_InitCmac(&cmac1, key1, key1Sz, type, NULL), 0);
#endif
#ifdef WOLFSSL_AES_192
wc_AesFree(&cmac1.aes);
ExpectIntEQ(wc_InitCmac(&cmac2, key2, key2Sz, type, NULL), 0);
#endif
#ifdef WOLFSSL_AES_256
wc_AesFree(&cmac2.aes);
ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, type, NULL), 0);
#endif
wc_AesFree(&cmac3.aes);
/* Test bad args. */
ExpectIntEQ(wc_InitCmac(NULL, key3, key3Sz, type, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitCmac(&cmac3, key3, 0, type, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitCmac */
/*
* Testing wc_CmacUpdate()
*/
static int test_wc_CmacUpdate(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
byte key[] = {
0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
};
byte in[] = "\xe2\xb4\xb6\xf9\x48\x44\x02\x64"
"\x5c\x47\x80\x9e\xd5\xa8\x3a\x17"
"\xb3\x78\xcf\x85\x22\x41\x74\xd9"
"\xa0\x97\x39\x71\x62\xf1\x8e\x8f"
"\xf4";
word32 inSz = (word32)sizeof(in) - 1;
word32 keySz = (word32)sizeof(key);
int type = WC_CMAC_AES;
XMEMSET(&cmac, 0, sizeof(Cmac));
ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0);
ExpectIntEQ(wc_CmacUpdate(&cmac, in, inSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_CmacUpdate(NULL, in, inSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_CmacUpdate(&cmac, NULL, 30), BAD_FUNC_ARG);
wc_AesFree(&cmac.aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_CmacUpdate */
/*
* Testing wc_CmacFinal()
*/
static int test_wc_CmacFinal(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
byte key[] = {
0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
};
byte msg[] = {
0xe2, 0xb4, 0xb6, 0xf9, 0x48, 0x44, 0x02, 0x64,
0x5c, 0x47, 0x80, 0x9e, 0xd5, 0xa8, 0x3a, 0x17,
0xb3, 0x78, 0xcf, 0x85, 0x22, 0x41, 0x74, 0xd9,
0xa0, 0x97, 0x39, 0x71, 0x62, 0xf1, 0x8e, 0x8f,
0xf4
};
/* Test vectors from CMACGenAES128.rsp from
* http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html#cmac
* Per RFC4493 truncation of lsb is possible.
*/
byte expMac[] = {
0x4e, 0x6e, 0xc5, 0x6f, 0xf9, 0x5d, 0x0e, 0xae,
0x1c, 0xf8, 0x3e, 0xfc, 0xf4, 0x4b, 0xeb
};
byte mac[AES_BLOCK_SIZE];
word32 msgSz = (word32)sizeof(msg);
word32 keySz = (word32)sizeof(key);
word32 macSz = sizeof(mac);
word32 badMacSz = 17;
int expMacSz = sizeof(expMac);
int type = WC_CMAC_AES;
XMEMSET(&cmac, 0, sizeof(Cmac));
XMEMSET(mac, 0, macSz);
ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0);
ExpectIntEQ(wc_CmacUpdate(&cmac, msg, msgSz), 0);
#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
/* Pass in bad args. */
ExpectIntEQ(wc_CmacFinalNoFree(NULL, mac, &macSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_CmacFinalNoFree(&cmac, NULL, &macSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_CmacFinalNoFree(&cmac, mac, &badMacSz), BUFFER_E);
/* For the last call, use the API with implicit wc_CmacFree(). */
ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0);
ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
#else /* !HAVE_FIPS || FIPS>=5.3 */
ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0);
ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_CmacFinal(NULL, mac, &macSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_CmacFinal(&cmac, NULL, &macSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_CmacFinal(&cmac, mac, &badMacSz), BUFFER_E);
#endif /* !HAVE_FIPS || FIPS>=5.3 */
#endif
return EXPECT_RESULT();
} /* END test_wc_CmacFinal */
/*
* Testing wc_AesCmacGenerate() && wc_AesCmacVerify()
*/
static int test_wc_AesCmacGenerate(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
byte key[] = {
0x26, 0xef, 0x8b, 0x40, 0x34, 0x11, 0x7d, 0x9e,
0xbe, 0xc0, 0xc7, 0xfc, 0x31, 0x08, 0x54, 0x69
};
byte msg[] = "\x18\x90\x49\xef\xfd\x7c\xf9\xc8"
"\xf3\x59\x65\xbc\xb0\x97\x8f\xd4";
byte expMac[] = "\x29\x5f\x2f\x71\xfc\x58\xe6\xf6"
"\x3d\x32\x65\x4c\x66\x23\xc5";
byte mac[AES_BLOCK_SIZE];
word32 keySz = sizeof(key);
word32 macSz = sizeof(mac);
word32 msgSz = sizeof(msg) - 1;
word32 expMacSz = sizeof(expMac) - 1;
XMEMSET(mac, 0, macSz);
ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz), 0);
ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz), 0);
/* Test bad args. */
ExpectIntEQ(wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz),
BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesCmacGenerate */
/*
* Testing streaming AES-GCM API.
*/
static int test_wc_AesGcmStream(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(WOLFSSL_AES_128) && defined(HAVE_AESGCM) && \
defined(WOLFSSL_AESGCM_STREAM)
int i;
WC_RNG rng[1];
Aes aesEnc[1];
Aes aesDec[1];
byte tag[AES_BLOCK_SIZE];
byte in[AES_BLOCK_SIZE * 3 + 2] = { 0, };
byte out[AES_BLOCK_SIZE * 3 + 2];
byte plain[AES_BLOCK_SIZE * 3 + 2];
byte aad[AES_BLOCK_SIZE * 3 + 2] = { 0, };
byte key[AES_128_KEY_SIZE] = { 0, };
byte iv[AES_IV_SIZE] = { 1, };
byte ivOut[AES_IV_SIZE];
static const byte expTagAAD1[AES_BLOCK_SIZE] = {
0x6c, 0x35, 0xe6, 0x7f, 0x59, 0x9e, 0xa9, 0x2f,
0x27, 0x2d, 0x5f, 0x8e, 0x7e, 0x42, 0xd3, 0x05
};
static const byte expTagPlain1[AES_BLOCK_SIZE] = {
0x24, 0xba, 0x57, 0x95, 0xd0, 0x27, 0x9e, 0x78,
0x3a, 0x88, 0x4c, 0x0a, 0x5d, 0x50, 0x23, 0xd1
};
static const byte expTag[AES_BLOCK_SIZE] = {
0x22, 0x91, 0x70, 0xad, 0x42, 0xc3, 0xad, 0x96,
0xe0, 0x31, 0x57, 0x60, 0xb7, 0x92, 0xa3, 0x6d
};
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&aesEnc, 0, sizeof(Aes));
XMEMSET(&aesDec, 0, sizeof(Aes));
/* Create a random for generating IV/nonce. */
ExpectIntEQ(wc_InitRng(rng), 0);
/* Initialize data structures. */
ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
/* BadParameters to streaming init. */
ExpectIntEQ(wc_AesGcmEncryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, AES_128_KEY_SIZE, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, 0, NULL, GCM_NONCE_MID_SZ),
BAD_FUNC_ARG);
/* Bad parameters to encrypt update. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 1, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, in, 1, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, NULL, 1, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, NULL, 1),
BAD_FUNC_ARG);
/* Bad parameters to decrypt update. */
ExpectIntEQ(wc_AesGcmDecryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 1, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, in, 1, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, out, NULL, 1, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, NULL, 1),
BAD_FUNC_ARG);
/* Bad parameters to encrypt final. */
ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, AES_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, NULL, AES_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE + 1),
BAD_FUNC_ARG);
/* Bad parameters to decrypt final. */
ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, AES_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, NULL, AES_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE + 1),
BAD_FUNC_ARG);
/* Check calling final before setting key fails. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_KEY);
ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_KEY);
/* Check calling update before setting key else fails. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
MISSING_KEY);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
MISSING_KEY);
/* Set key but not IV. */
ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), NULL, 0), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), NULL, 0), 0);
/* Check calling final before setting IV fails. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_IV);
ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_IV);
/* Check calling update before setting IV else fails. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
MISSING_IV);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
MISSING_IV);
/* Set IV using fixed part IV and external IV APIs. */
ExpectIntEQ(wc_AesGcmSetIV(aesEnc, GCM_NONCE_MID_SZ, iv, AES_IV_FIXED_SZ,
rng), 0);
ExpectIntEQ(wc_AesGcmEncryptInit_ex(aesEnc, NULL, 0, ivOut,
GCM_NONCE_MID_SZ), 0);
ExpectIntEQ(wc_AesGcmSetExtIV(aesDec, ivOut, GCM_NONCE_MID_SZ), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, NULL, 0, NULL, 0), 0);
/* Encrypt and decrypt data. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, aad, 1), 0);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, aad, 1), 0);
ExpectIntEQ(XMEMCMP(plain, in, 1), 0);
/* Finalize and check tag matches. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
wc_AesFree(aesEnc);
wc_AesFree(aesDec);
ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* Encrypt/decrypt one block and AAD of one block. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, AES_BLOCK_SIZE, aad,
AES_BLOCK_SIZE), 0);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, AES_BLOCK_SIZE, aad,
AES_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(plain, in, AES_BLOCK_SIZE), 0);
/* Finalize and check tag matches. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
wc_AesFree(aesEnc);
wc_AesFree(aesDec);
ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* No data to encrypt/decrypt one byte of AAD. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), 0);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), 0);
/* Finalize and check tag matches. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(tag, expTagAAD1, AES_BLOCK_SIZE), 0);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
wc_AesFree(aesEnc);
wc_AesFree(aesDec);
ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* Encrypt/decrypt one byte and no AAD. */
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, NULL, 0), 0);
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, NULL, 0), 0);
ExpectIntEQ(XMEMCMP(plain, in, 1), 0);
/* Finalize and check tag matches. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(tag, expTagPlain1, AES_BLOCK_SIZE), 0);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
wc_AesFree(aesEnc);
wc_AesFree(aesDec);
ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* Encryption AES is one byte at a time */
for (i = 0; i < (int)sizeof(aad); i++) {
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad + i, 1),
0);
}
for (i = 0; i < (int)sizeof(in); i++) {
ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out + i, in + i, 1, NULL, 0),
0);
}
/* Decryption AES is two bytes at a time */
for (i = 0; i < (int)sizeof(aad); i += 2) {
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad + i, 2),
0);
}
for (i = 0; i < (int)sizeof(aad); i += 2) {
ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain + i, out + i, 2, NULL,
0), 0);
}
ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
/* Finalize and check tag matches. */
ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(tag, expTag, AES_BLOCK_SIZE), 0);
ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Check streaming encryption can be decrypted with one shot. */
wc_AesFree(aesDec);
ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
ExpectIntEQ(wc_AesGcmSetKey(aesDec, key, sizeof(key)), 0);
ExpectIntEQ(wc_AesGcmDecrypt(aesDec, plain, out, sizeof(in), iv,
AES_IV_SIZE, tag, AES_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
wc_AesFree(aesEnc);
wc_AesFree(aesDec);
wc_FreeRng(rng);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesGcmStream */
/*
* Testing streaming SM4 API.
*/
static int test_wc_Sm4(void)
{
int res = TEST_SKIPPED;
#ifdef WOLFSSL_SM4
EXPECT_DECLS;
wc_Sm4 sm4;
#if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \
defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM)
unsigned char key[SM4_KEY_SIZE];
#endif
#if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR)
unsigned char iv[SM4_IV_SIZE];
#endif
/* Invalid parameters - wc_Sm4Init */
ExpectIntEQ(wc_Sm4Init(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4Init */
ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
#if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \
defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM)
XMEMSET(key, 0, sizeof(key));
/* Invalid parameters - wc_Sm4SetKey. */
ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(NULL, key, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE-1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE+1), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4SetKey. */
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
#endif
#if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR)
XMEMSET(iv, 0, sizeof(iv));
/* Invalid parameters - wc_Sm4SetIV. */
ExpectIntEQ(wc_Sm4SetIV(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetIV(&sm4, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetIV(NULL, iv), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4SetIV. */
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
#endif
/* Valid cases - wc_Sm4Free */
wc_Sm4Free(NULL);
wc_Sm4Free(&sm4);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_wc_Sm4 */
/*
* Testing block based SM4-ECB API.
*/
static int test_wc_Sm4Ecb(void)
{
int res = TEST_SKIPPED;
#ifdef WOLFSSL_SM4_ECB
EXPECT_DECLS;
wc_Sm4 sm4;
unsigned char key[SM4_KEY_SIZE];
unsigned char in[SM4_BLOCK_SIZE * 2];
unsigned char out[SM4_BLOCK_SIZE * 2];
unsigned char out2[SM4_BLOCK_SIZE];
XMEMSET(key, 0, sizeof(key));
XMEMSET(in, 0, sizeof(in));
ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), MISSING_KEY);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), MISSING_KEY);
/* Tested in test_wc_Sm4. */
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
/* Invalid parameters - wc_Sm4EcbEncrypt. */
ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4EcbEncrypt. */
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), 0);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
/* In and out are same pointer. */
ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
/* Invalid parameters - wc_Sm4EcbDecrypt. */
ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4EcbDecrypt. */
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), 0);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
/* In and out are same pointer. */
ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
wc_Sm4Free(&sm4);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_wc_Sm4Ecb */
/*
* Testing block based SM4-CBC API.
*/
static int test_wc_Sm4Cbc(void)
{
int res = TEST_SKIPPED;
#ifdef WOLFSSL_SM4_CBC
EXPECT_DECLS;
wc_Sm4 sm4;
unsigned char key[SM4_KEY_SIZE];
unsigned char iv[SM4_IV_SIZE];
unsigned char in[SM4_BLOCK_SIZE * 2];
unsigned char out[SM4_BLOCK_SIZE * 2];
unsigned char out2[SM4_BLOCK_SIZE];
XMEMSET(key, 0, sizeof(key));
XMEMSET(iv, 0, sizeof(iv));
XMEMSET(in, 0, sizeof(in));
ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_KEY);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_KEY);
/* Tested in test_wc_Sm4. */
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_IV);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_IV);
/* Tested in test_wc_Sm4. */
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
/* Invalid parameters - wc_Sm4CbcEncrypt. */
ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4CbcEncrypt. */
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), 0);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
/* In and out are same pointer. */
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
/* Invalid parameters - wc_Sm4CbcDecrypt. */
ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
/* Valid cases - wc_Sm4CbcDecrypt. */
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), 0);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
/* In and out are same pointer. */
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
wc_Sm4Free(&sm4);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_wc_Sm4Cbc */
/*
* Testing streaming SM4-CTR API.
*/
static int test_wc_Sm4Ctr(void)
{
int res = TEST_SKIPPED;
#ifdef WOLFSSL_SM4_CTR
EXPECT_DECLS;
wc_Sm4 sm4;
unsigned char key[SM4_KEY_SIZE];
unsigned char iv[SM4_IV_SIZE];
unsigned char in[SM4_BLOCK_SIZE * 4];
unsigned char out[SM4_BLOCK_SIZE * 4];
unsigned char out2[SM4_BLOCK_SIZE * 4];
word32 chunk;
word32 i;
XMEMSET(key, 0, sizeof(key));
XMEMSET(iv, 0, sizeof(iv));
XMEMSET(in, 0, sizeof(in));
ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_KEY);
/* Tested in test_wc_Sm4. */
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_IV);
/* Tested in test_wc_Sm4. */
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
/* Invalid parameters - wc_Sm4CtrEncrypt. */
ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4CtrEncrypt. */
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, 1), 0);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 2), 0);
ExpectIntEQ(XMEMCMP(out, out2, 1), 0);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(out2, out, 2), 0);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
/* In and out are same pointer. Also check encrypt of cipher text produces
* plaintext.
*/
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, out, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
/* Chunking tests. */
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, (word32)sizeof(in)), 0);
for (chunk = 1; chunk <= SM4_BLOCK_SIZE + 1; chunk++) {
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
for (i = 0; i + chunk <= (word32)sizeof(in); i += chunk) {
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i, chunk), 0);
}
if (i < (word32)sizeof(in)) {
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i,
(word32)sizeof(in) - i), 0);
}
ExpectIntEQ(XMEMCMP(out, out2, (word32)sizeof(out)), 0);
}
for (i = 0; i < (word32)sizeof(iv); i++) {
iv[i] = 0xff;
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, out, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(XMEMCMP(out2, in, SM4_BLOCK_SIZE * 2), 0);
}
wc_Sm4Free(&sm4);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_wc_Sm4Ctr */
/*
* Testing stream SM4-GCM API.
*/
static int test_wc_Sm4Gcm(void)
{
int res = TEST_SKIPPED;
#ifdef WOLFSSL_SM4_GCM
EXPECT_DECLS;
wc_Sm4 sm4;
unsigned char key[SM4_KEY_SIZE];
unsigned char nonce[GCM_NONCE_MAX_SZ];
unsigned char in[SM4_BLOCK_SIZE * 2];
unsigned char in2[SM4_BLOCK_SIZE * 2];
unsigned char out[SM4_BLOCK_SIZE * 2];
unsigned char out2[SM4_BLOCK_SIZE * 2];
unsigned char dec[SM4_BLOCK_SIZE * 2];
unsigned char tag[SM4_BLOCK_SIZE];
unsigned char aad[SM4_BLOCK_SIZE * 2];
word32 i;
XMEMSET(key, 0, sizeof(key));
XMEMSET(nonce, 0, sizeof(nonce));
XMEMSET(in, 0, sizeof(in));
XMEMSET(in2, 0, sizeof(in2));
XMEMSET(aad, 0, sizeof(aad));
ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
/* Invalid parameters - wc_Sm4GcmSetKey. */
ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG);
/* Valid parameters - wc_Sm4GcmSetKey. */
ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, SM4_KEY_SIZE), 0);
/* Invalid parameters - wc_Sm4GcmEncrypt. */
ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ,
NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, 0, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ,
NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
/* Invalid parameters - wc_Sm4GcmDecrypt. */
ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ,
NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, 0, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ,
NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0);
/* Check vald values of nonce - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)),
SM4_GCM_AUTH_E);
/* Check valid values of tag size - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
for (i = WOLFSSL_MIN_AUTH_TAG_SZ; i < SM4_BLOCK_SIZE; i++) {
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0);
}
/* Check different in/out sizes. */
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce,
GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) {
XMEMCPY(out2, out, i - 1);
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, i, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, dec, out, i, nonce, GCM_NONCE_MID_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(in, dec, i), 0);
}
/* Force the counter to roll over in first byte. */
{
static unsigned char largeIn[256 * SM4_BLOCK_SIZE];
static unsigned char largeOut[256 * SM4_BLOCK_SIZE];
ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn),
nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn),
nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0);
}
wc_Sm4Free(&sm4);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_wc_Sm4Gcm */
/*
* Testing stream SM4-CCM API.
*/
static int test_wc_Sm4Ccm(void)
{
int res = TEST_SKIPPED;
#ifdef WOLFSSL_SM4_CCM
EXPECT_DECLS;
wc_Sm4 sm4;
unsigned char key[SM4_KEY_SIZE];
unsigned char nonce[CCM_NONCE_MAX_SZ];
unsigned char in[SM4_BLOCK_SIZE * 2];
unsigned char in2[SM4_BLOCK_SIZE * 2];
unsigned char out[SM4_BLOCK_SIZE * 2];
unsigned char out2[SM4_BLOCK_SIZE * 2];
unsigned char dec[SM4_BLOCK_SIZE * 2];
unsigned char tag[SM4_BLOCK_SIZE];
unsigned char aad[SM4_BLOCK_SIZE * 2];
word32 i;
XMEMSET(key, 0, sizeof(key));
XMEMSET(nonce, 0, sizeof(nonce));
XMEMSET(in, 0, sizeof(in));
XMEMSET(in2, 0, sizeof(in2));
XMEMSET(aad, 0, sizeof(aad));
ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
/* Invalid parameters - wc_Sm4CcmEncrypt. */
ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, 0, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ,
NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
/* Invalid parameters - wc_Sm4CcmDecrypt. */
ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, 0, tag,
SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ,
NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
WOLFSSL_MIN_AUTH_TAG_SZ - 1, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
SM4_BLOCK_SIZE + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
/* Valid cases - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0);
/* Check vald values of nonce - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
for (i = CCM_NONCE_MIN_SZ; i <= CCM_NONCE_MAX_SZ; i++) {
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
}
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)),
SM4_CCM_AUTH_E);
/* Check invalid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
for (i = 0; i < 4; i++) {
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
}
/* Odd values in range 4..SM4_BLOCK_SIZE. */
for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) {
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
}
/* Check valid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt.
* Even values in range 4..SM4_BLOCK_SIZE.
*/
for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) {
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0);
}
/* Check different in/out sizes. */
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce,
CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) {
XMEMCPY(out2, out, i - 1);
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, i, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, dec, out, i, nonce, CCM_NONCE_MAX_SZ,
tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(in, dec, i), 0);
}
/* Force the counter to roll over in first byte. */
{
static unsigned char largeIn[256 * SM4_BLOCK_SIZE];
static unsigned char largeOut[256 * SM4_BLOCK_SIZE];
ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn),
nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn),
nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0);
}
wc_Sm4Free(&sm4);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_wc_Sm4Ccm */
/*
* unit test for wc_Des3_SetIV()
*/
static int test_wc_Des3_SetIV(void)
{
EXPECT_DECLS;
#ifndef NO_DES3
Des3 des;
const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
XMEMSET(&des, 0, sizeof(Des3));
ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
/* DES_ENCRYPTION or DES_DECRYPTION */
ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0);
#ifndef HAVE_FIPS /* no sanity checks with FIPS wrapper */
/* Test explicitly wc_Des3_SetIV() */
ExpectIntEQ(wc_Des3_SetIV(NULL, iv), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_SetIV(&des, NULL), 0);
#endif
wc_Des3Free(&des);
#endif
return EXPECT_RESULT();
} /* END test_wc_Des3_SetIV */
/*
* unit test for wc_Des3_SetKey()
*/
static int test_wc_Des3_SetKey(void)
{
EXPECT_DECLS;
#ifndef NO_DES3
Des3 des;
const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
XMEMSET(&des, 0, sizeof(Des3));
ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
/* DES_ENCRYPTION or DES_DECRYPTION */
ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0);
/* Test bad args. */
ExpectIntEQ(wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, -1), BAD_FUNC_ARG);
/* Default case. Should return 0. */
ExpectIntEQ(wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION), 0);
wc_Des3Free(&des);
#endif
return EXPECT_RESULT();
} /* END test_wc_Des3_SetKey */
/*
* Test function for wc_Des3_CbcEncrypt and wc_Des3_CbcDecrypt
*/
static int test_wc_Des3_CbcEncryptDecrypt(void)
{
EXPECT_DECLS;
#ifndef NO_DES3
Des3 des;
byte cipher[24];
byte plain[24];
const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
XMEMSET(&des, 0, sizeof(Des3));
ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, vector, 24), 0);
ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION), 0);
ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, cipher, 24), 0);
ExpectIntEQ(XMEMCMP(plain, vector, 24), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_Des3_CbcEncrypt(NULL, cipher, vector, 24), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcEncrypt(&des, NULL, vector, 24), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcDecrypt(NULL, plain, cipher, 24), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcDecrypt(&des, NULL, cipher, 24), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, NULL, 24), BAD_FUNC_ARG);
wc_Des3Free(&des);
#endif
return EXPECT_RESULT();
} /* END wc_Des3_CbcEncrypt */
/*
* Unit test for wc_Des3_CbcEncryptWithKey and wc_Des3_CbcDecryptWithKey
*/
static int test_wc_Des3_CbcEncryptDecryptWithKey(void)
{
EXPECT_DECLS;
#ifndef NO_DES3
word32 vectorSz, cipherSz;
byte cipher[24];
byte plain[24];
byte vector[] = { /* Now is the time for all w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
vectorSz = sizeof(byte) * 24;
cipherSz = sizeof(byte) * 24;
ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv),
0);
ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv), 0);
ExpectIntEQ(XMEMCMP(plain, vector, 24), 0);
/* pass in bad args. */
ExpectIntEQ(wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, NULL),
0);
ExpectIntEQ(wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL),
0);
#endif
return EXPECT_RESULT();
} /* END test_wc_Des3_CbcEncryptDecryptWithKey */
/*
* Unit test for wc_Des3_EcbEncrypt
*/
static int test_wc_Des3_EcbEncrypt(void)
{
EXPECT_DECLS;
#if !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
Des3 des;
byte cipher[24];
word32 cipherSz = sizeof(cipher);
const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
XMEMSET(&des, 0, sizeof(Des3));
ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
/* Bad Cases */
ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, 0, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, cipher, vector, cipherSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_EcbEncrypt(&des, 0, vector, cipherSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, NULL, cipherSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, 0), 0);
/* Good Cases */
ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, cipherSz), 0);
wc_Des3Free(&des);
#endif
return EXPECT_RESULT();
} /* END test_wc_Des3_EcbEncrypt */
/*
* Testing wc_Chacha_SetKey() and wc_Chacha_SetIV()
*/
static int test_wc_Chacha_SetKey(void)
{
EXPECT_DECLS;
#ifdef HAVE_CHACHA
ChaCha ctx;
const byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
};
word32 keySz = (word32)(sizeof(key)/sizeof(byte));
byte cipher[128];
XMEMSET(cipher, 0, sizeof(cipher));
ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, keySz), 0);
/* Test bad args. */
ExpectIntEQ(wc_Chacha_SetKey(NULL, key, keySz), BAD_FUNC_ARG);
ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, 18), BAD_FUNC_ARG);
ExpectIntEQ(wc_Chacha_SetIV(&ctx, cipher, 0), 0);
/* Test bad args. */
ExpectIntEQ(wc_Chacha_SetIV(NULL, cipher, 0), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_Chacha_SetKey */
/*
* unit test for wc_Poly1305SetKey()
*/
static int test_wc_Poly1305SetKey(void)
{
EXPECT_DECLS;
#ifdef HAVE_POLY1305
Poly1305 ctx;
const byte key[] =
{
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
};
word32 keySz = (word32)(sizeof(key)/sizeof(byte));
ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, keySz), 0);
/* Test bad args. */
ExpectIntEQ(wc_Poly1305SetKey(NULL, key,keySz), BAD_FUNC_ARG);
ExpectIntEQ(wc_Poly1305SetKey(&ctx, NULL, keySz), BAD_FUNC_ARG);
ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, 18), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_Poly1305_SetKey() */
/*
* Testing wc_Chacha_Process()
*/
static int test_wc_Chacha_Process(void)
{
EXPECT_DECLS;
#ifdef HAVE_CHACHA
ChaCha enc, dec;
byte cipher[128];
byte plain[128];
const byte key[] =
{
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
};
const char* input = "Everybody gets Friday off.";
word32 keySz = sizeof(key)/sizeof(byte);
unsigned long int inlen = XSTRLEN(input);
/* Initialize stack variables. */
XMEMSET(cipher, 0, 128);
XMEMSET(plain, 0, 128);
ExpectIntEQ(wc_Chacha_SetKey(&enc, key, keySz), 0);
ExpectIntEQ(wc_Chacha_SetKey(&dec, key, keySz), 0);
ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0);
ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0);
ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen),
0);
ExpectIntEQ(wc_Chacha_Process(&dec, plain, cipher, (word32)inlen), 0);
ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0);
#if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(WOLFSSL_ARMASM)
/* test checking and using leftovers, currently just in C code */
ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0);
ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0);
ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input,
(word32)inlen - 2), 0);
ExpectIntEQ(wc_Chacha_Process(&enc, cipher + (inlen - 2),
(byte*)input + (inlen - 2), 2), 0);
ExpectIntEQ(wc_Chacha_Process(&dec, plain, (byte*)cipher,
(word32)inlen - 2), 0);
ExpectIntEQ(wc_Chacha_Process(&dec, cipher + (inlen - 2),
(byte*)input + (inlen - 2), 2), 0);
ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0);
/* check edge cases with counter increment */
{
/* expected results collected from wolfSSL 4.3.0 encrypted in one call*/
const byte expected[] = {
0x54,0xB1,0xE2,0xD4,0xA2,0x4D,0x52,0x5F,
0x42,0x04,0x89,0x7C,0x6E,0x2D,0xFC,0x2D,
0x10,0x25,0xB6,0x92,0x71,0xD5,0xC3,0x20,
0xE3,0x0E,0xEC,0xF4,0xD8,0x10,0x70,0x29,
0x2D,0x4C,0x2A,0x56,0x21,0xE1,0xC7,0x37,
0x0B,0x86,0xF5,0x02,0x8C,0xB8,0xB8,0x38,
0x41,0xFD,0xDF,0xD9,0xC3,0xE6,0xC8,0x88,
0x06,0x82,0xD4,0x80,0x6A,0x50,0x69,0xD5,
0xB9,0xB0,0x2F,0x44,0x36,0x5D,0xDA,0x5E,
0xDE,0xF6,0xF5,0xFC,0x44,0xDC,0x07,0x51,
0xA7,0x32,0x42,0xDB,0xCC,0xBD,0xE2,0xE5,
0x0B,0xB1,0x14,0xFF,0x12,0x80,0x16,0x43,
0xE7,0x40,0xD5,0xEA,0xC7,0x3F,0x69,0x07,
0x64,0xD4,0x86,0x6C,0xE2,0x1F,0x8F,0x6E,
0x35,0x41,0xE7,0xD3,0xB5,0x5D,0xD6,0xD4,
0x9F,0x00,0xA9,0xAE,0x3D,0x28,0xA5,0x37,
0x80,0x3D,0x11,0x25,0xE2,0xB6,0x99,0xD9,
0x9B,0x98,0xE9,0x37,0xB9,0xF8,0xA0,0x04,
0xDF,0x13,0x49,0x3F,0x19,0x6A,0x45,0x06,
0x21,0xB4,0xC7,0x3B,0x49,0x45,0xB4,0xC8,
0x03,0x5B,0x43,0x89,0xBD,0xB3,0x96,0x4B,
0x17,0x6F,0x85,0xC6,0xCF,0xA6,0x05,0x35,
0x1E,0x25,0x03,0xBB,0x55,0x0A,0xD5,0x54,
0x41,0xEA,0xEB,0x50,0x40,0x1B,0x43,0x19,
0x59,0x1B,0x0E,0x12,0x3E,0xA2,0x71,0xC3,
0x1A,0xA7,0x11,0x50,0x43,0x9D,0x56,0x3B,
0x63,0x2F,0x63,0xF1,0x8D,0xAE,0xF3,0x23,
0xFA,0x1E,0xD8,0x6A,0xE1,0xB2,0x4B,0xF3,
0xB9,0x13,0x7A,0x72,0x2B,0x6D,0xCC,0x41,
0x1C,0x69,0x7C,0xCD,0x43,0x6F,0xE4,0xE2,
0x38,0x99,0xFB,0xC3,0x38,0x92,0x62,0x35,
0xC0,0x1D,0x60,0xE4,0x4B,0xDD,0x0C,0x14
};
const byte iv2[] = {
0x9D,0xED,0xE7,0x0F,0xEC,0x81,0x51,0xD9,
0x77,0x39,0x71,0xA6,0x21,0xDF,0xB8,0x93
};
byte input2[256];
int i;
for (i = 0; i < 256; i++)
input2[i] = i;
ExpectIntEQ(wc_Chacha_SetIV(&enc, iv2, 0), 0);
ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2, 64), 0);
ExpectIntEQ(XMEMCMP(expected, cipher, 64), 0);
ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 64, 128), 0);
ExpectIntEQ(XMEMCMP(expected + 64, cipher, 128), 0);
/* partial */
ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 192, 32), 0);
ExpectIntEQ(XMEMCMP(expected + 192, cipher, 32), 0);
ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 224, 32), 0);
ExpectIntEQ(XMEMCMP(expected + 224, cipher, 32), 0);
}
#endif
/* Test bad args. */
ExpectIntEQ(wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen),
BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_Chacha_Process */
/*
* Testing wc_ChaCha20Poly1305_Encrypt() and wc_ChaCha20Poly1305_Decrypt()
*/
static int test_wc_ChaCha20Poly1305_aead(void)
{
EXPECT_DECLS;
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
const byte key[] = {
0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
};
const byte plaintext[] = {
0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20,
0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73,
0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39,
0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63,
0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66,
0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f,
0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20,
0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20,
0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75,
0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73,
0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f,
0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
0x74, 0x2e
};
const byte iv[] = {
0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43,
0x44, 0x45, 0x46, 0x47
};
const byte aad[] = { /* additional data */
0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
0xc4, 0xc5, 0xc6, 0xc7
};
const byte cipher[] = { /* expected output from operation */
0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb,
0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2,
0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe,
0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6,
0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12,
0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b,
0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29,
0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36,
0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c,
0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58,
0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94,
0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc,
0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d,
0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b,
0x61, 0x16
};
const byte authTag[] = { /* expected output from operation */
0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a,
0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91
};
byte generatedCiphertext[272];
byte generatedPlaintext[272];
byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
/* Initialize stack variables. */
XMEMSET(generatedCiphertext, 0, 272);
XMEMSET(generatedPlaintext, 0, 272);
/* Test Encrypt */
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
0);
ExpectIntEQ(XMEMCMP(generatedCiphertext, cipher,
sizeof(cipher)/sizeof(byte)), 0);
/* Test bad args. */
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad),
plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad),
plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL,
sizeof(plaintext), generatedCiphertext, generatedAuthTag),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
plaintext, sizeof(plaintext), NULL, generatedAuthTag), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
plaintext, sizeof(plaintext), generatedCiphertext, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
sizeof(cipher), authTag, generatedPlaintext), 0);
ExpectIntEQ(XMEMCMP(generatedPlaintext, plaintext,
sizeof(plaintext)/sizeof(byte)), 0);
/* Test bad args. */
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher,
sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad),
cipher, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
sizeof(cipher), NULL, generatedPlaintext), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
sizeof(cipher), authTag, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_ChaCha20Poly1305_aead */
/*
* Testing function for wc_Rc2SetKey().
*/
static int test_wc_Rc2SetKey(void)
{
EXPECT_DECLS;
#ifdef WC_RC2
Rc2 rc2;
byte key40[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
/* valid key and IV */
ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
iv, 40), 0);
/* valid key, no IV */
ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
NULL, 40), 0);
/* bad arguments */
/* null Rc2 struct */
ExpectIntEQ(wc_Rc2SetKey(NULL, key40, (word32) sizeof(key40) / sizeof(byte),
iv, 40), BAD_FUNC_ARG);
/* null key */
ExpectIntEQ(wc_Rc2SetKey(&rc2, NULL, (word32) sizeof(key40) / sizeof(byte),
iv, 40), BAD_FUNC_ARG);
/* key size == 0 */
ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 0, iv, 40), WC_KEY_SIZE_E);
/* key size > 128 */
ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 129, iv, 40), WC_KEY_SIZE_E);
/* effective bits == 0 */
ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
iv, 0), WC_KEY_SIZE_E);
/* effective bits > 1024 */
ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
iv, 1025), WC_KEY_SIZE_E);
#endif
return EXPECT_RESULT();
} /* END test_wc_Rc2SetKey */
/*
* Testing function for wc_Rc2SetIV().
*/
static int test_wc_Rc2SetIV(void)
{
EXPECT_DECLS;
#ifdef WC_RC2
Rc2 rc2;
byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
/* valid IV */
ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0);
/* valid NULL IV */
ExpectIntEQ(wc_Rc2SetIV(&rc2, NULL), 0);
/* bad arguments */
ExpectIntEQ(wc_Rc2SetIV(NULL, iv), BAD_FUNC_ARG);
ExpectIntEQ(wc_Rc2SetIV(NULL, NULL), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_Rc2SetIV */
/*
* Testing function for wc_Rc2EcbEncrypt() and wc_Rc2EcbDecrypt().
*/
static int test_wc_Rc2EcbEncryptDecrypt(void)
{
EXPECT_DECLS;
#ifdef WC_RC2
Rc2 rc2;
int effectiveKeyBits = 63;
byte cipher[RC2_BLOCK_SIZE];
byte plain[RC2_BLOCK_SIZE];
byte key[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte input[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte output[] = { 0xeb, 0xb7, 0x73, 0xf9, 0x93, 0x27, 0x8e, 0xff };
XMEMSET(cipher, 0, sizeof(cipher));
XMEMSET(plain, 0, sizeof(plain));
ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
NULL, effectiveKeyBits), 0);
ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(cipher, output, RC2_BLOCK_SIZE), 0);
ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, cipher, RC2_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(plain, input, RC2_BLOCK_SIZE), 0);
/* Rc2EcbEncrypt bad arguments */
/* null Rc2 struct */
ExpectIntEQ(wc_Rc2EcbEncrypt(NULL, cipher, input, RC2_BLOCK_SIZE),
BAD_FUNC_ARG);
/* null out buffer */
ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, NULL, input, RC2_BLOCK_SIZE),
BAD_FUNC_ARG);
/* null input buffer */
ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, NULL, RC2_BLOCK_SIZE),
BAD_FUNC_ARG);
/* output buffer sz != RC2_BLOCK_SIZE (8) */
ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, 7), BUFFER_E);
/* Rc2EcbDecrypt bad arguments */
/* null Rc2 struct */
ExpectIntEQ(wc_Rc2EcbDecrypt(NULL, plain, output, RC2_BLOCK_SIZE),
BAD_FUNC_ARG);
/* null out buffer */
ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, NULL, output, RC2_BLOCK_SIZE),
BAD_FUNC_ARG);
/* null input buffer */
ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, NULL, RC2_BLOCK_SIZE),
BAD_FUNC_ARG);
/* output buffer sz != RC2_BLOCK_SIZE (8) */
ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, output, 7), BUFFER_E);
#endif
return EXPECT_RESULT();
} /* END test_wc_Rc2EcbEncryptDecrypt */
/*
* Testing function for wc_Rc2CbcEncrypt() and wc_Rc2CbcDecrypt().
*/
static int test_wc_Rc2CbcEncryptDecrypt(void)
{
EXPECT_DECLS;
#ifdef WC_RC2
Rc2 rc2;
int effectiveKeyBits = 63;
byte cipher[RC2_BLOCK_SIZE*2];
byte plain[RC2_BLOCK_SIZE*2];
/* vector taken from test.c */
byte key[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
byte iv[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
byte input[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
byte output[] = {
0xeb, 0xb7, 0x73, 0xf9, 0x93, 0x27, 0x8e, 0xff,
0xf0, 0x51, 0x77, 0x8b, 0x65, 0xdb, 0x13, 0x57
};
XMEMSET(cipher, 0, sizeof(cipher));
XMEMSET(plain, 0, sizeof(plain));
ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
iv, effectiveKeyBits), 0);
ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, input, sizeof(input)), 0);
ExpectIntEQ(XMEMCMP(cipher, output, sizeof(output)), 0);
/* reset IV for decrypt */
ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0);
ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, cipher, sizeof(cipher)), 0);
ExpectIntEQ(XMEMCMP(plain, input, sizeof(input)), 0);
/* Rc2CbcEncrypt bad arguments */
/* null Rc2 struct */
ExpectIntEQ(wc_Rc2CbcEncrypt(NULL, cipher, input, sizeof(input)),
BAD_FUNC_ARG);
/* null out buffer */
ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, NULL, input, sizeof(input)),
BAD_FUNC_ARG);
/* null input buffer */
ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, NULL, sizeof(input)),
BAD_FUNC_ARG);
/* Rc2CbcDecrypt bad arguments */
/* in size is 0 */
ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, output, 0), 0);
/* null Rc2 struct */
ExpectIntEQ(wc_Rc2CbcDecrypt(NULL, plain, output, sizeof(output)),
BAD_FUNC_ARG);
/* null out buffer */
ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, NULL, output, sizeof(output)),
BAD_FUNC_ARG);
/* null input buffer */
ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output)),
BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_Rc2CbcEncryptDecrypt */
/*
* Testing function for wc_AesSetIV
*/
static int test_wc_AesSetIV(void)
{
int res = TEST_SKIPPED;
#if !defined(NO_AES) && defined(WOLFSSL_AES_128)
Aes aes;
int ret = 0;
byte key16[] =
{
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
byte iv1[] = "1234567890abcdef";
byte iv2[] = "0987654321fedcba";
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret != 0)
return ret;
ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
iv1, AES_ENCRYPTION);
if (ret == 0) {
ret = wc_AesSetIV(&aes, iv2);
}
/* Test bad args. */
if (ret == 0) {
ret = wc_AesSetIV(NULL, iv1);
if (ret == BAD_FUNC_ARG) {
/* NULL iv should return 0. */
ret = wc_AesSetIV(&aes, NULL);
}
else {
ret = WOLFSSL_FATAL_ERROR;
}
}
wc_AesFree(&aes);
res = TEST_RES_CHECK(ret == 0);
#endif
return res;
} /* test_wc_AesSetIV */
/*
* Testing function for wc_AesSetKey().
*/
static int test_wc_AesSetKey(void)
{
EXPECT_DECLS;
#ifndef NO_AES
Aes aes;
byte key16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#ifdef WOLFSSL_AES_192
byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
byte badKey16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
};
byte iv[] = "1234567890abcdef";
XMEMSET(&aes, 0, sizeof(Aes));
ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
ExpectIntEQ(wc_AesSetKey(&aes, key16, (word32)sizeof(key16) / sizeof(byte),
iv, AES_ENCRYPTION), 0);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(wc_AesSetKey(&aes, key24, (word32)sizeof(key24) / sizeof(byte),
iv, AES_ENCRYPTION), 0);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(wc_AesSetKey(&aes, key32, (word32)sizeof(key32) / sizeof(byte),
iv, AES_ENCRYPTION), 0);
#endif
/* Pass in bad args. */
ExpectIntEQ(wc_AesSetKey(NULL, key16, (word32)sizeof(key16) / sizeof(byte),
iv, AES_ENCRYPTION), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesSetKey(&aes, badKey16,
(word32)sizeof(badKey16) / sizeof(byte), iv, AES_ENCRYPTION),
BAD_FUNC_ARG);
wc_AesFree(&aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesSetKey */
/*
* test function for wc_AesCbcEncrypt(), wc_AesCbcDecrypt(),
* and wc_AesCbcDecryptWithKey()
*/
static int test_wc_AesCbcEncryptDecrypt(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \
defined(WOLFSSL_AES_256)
Aes aes;
byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
byte vector[] = { /* Now is the time for all good men w/o trailing 0 */
0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20,
0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20,
0x67, 0x6f, 0x6f, 0x64, 0x20, 0x6d, 0x65, 0x6e
};
byte iv[] = "1234567890abcdef";
byte enc[sizeof(vector)];
byte dec[sizeof(vector)];
byte dec2[sizeof(vector)];
/* Init stack variables. */
XMEMSET(&aes, 0, sizeof(Aes));
XMEMSET(enc, 0, sizeof(enc));
XMEMSET(dec, 0, sizeof(vector));
XMEMSET(dec2, 0, sizeof(vector));
ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv,
AES_ENCRYPTION), 0);
ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector)), 0);
/* Re init for decrypt and set flag. */
ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv,
AES_DECRYPTION), 0);
ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector)), 0);
ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE, key32,
sizeof(key32)/sizeof(byte), iv), 0);
ExpectIntEQ(XMEMCMP(vector, dec2, AES_BLOCK_SIZE), 0);
/* Pass in bad args */
ExpectIntEQ(wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector)),
BAD_FUNC_ARG);
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector) - 1),
BAD_LENGTH_E);
#endif
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION == 2) && defined(WOLFSSL_AESNI)
fprintf(stderr, "Zero length inputs not supported with AESNI in FIPS "
"mode (v2), skip test");
#else
/* Test passing in size of 0 */
XMEMSET(enc, 0, sizeof(enc));
ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, 0), 0);
/* Check enc was not modified */
{
int i;
for (i = 0; i < (int)sizeof(enc); i++)
ExpectIntEQ(enc[i], 0);
}
#endif
ExpectIntEQ(wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE),
BAD_FUNC_ARG);
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1),
BAD_LENGTH_E);
#else
ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1),
BAD_FUNC_ARG);
#endif
/* Test passing in size of 0 */
XMEMSET(dec, 0, sizeof(dec));
ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, 0), 0);
/* Check dec was not modified */
{
int i;
for (i = 0; i < (int)sizeof(dec); i++)
ExpectIntEQ(dec[i], 0);
}
ExpectIntEQ(wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE,
key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE,
key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
NULL, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
key32, sizeof(key32)/sizeof(byte), NULL), BAD_FUNC_ARG);
wc_AesFree(&aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesCbcEncryptDecrypt */
/*
* Testing wc_AesCtrEncrypt and wc_AesCtrDecrypt
*/
static int test_wc_AesCtrEncryptDecrypt(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
Aes aesEnc;
Aes aesDec;
byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
byte vector[] = { /* Now is the time for all w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
byte iv[] = "1234567890abcdef";
byte enc[AES_BLOCK_SIZE * 2];
byte dec[AES_BLOCK_SIZE * 2];
/* Init stack variables. */
XMEMSET(&aesEnc, 0, sizeof(Aes));
XMEMSET(&aesDec, 0, sizeof(Aes));
XMEMSET(enc, 0, AES_BLOCK_SIZE * 2);
XMEMSET(dec, 0, AES_BLOCK_SIZE * 2);
ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2, iv,
AES_ENCRYPTION), 0);
ExpectIntEQ(wc_AesCtrEncrypt(&aesEnc, enc, vector,
sizeof(vector)/sizeof(byte)), 0);
/* Decrypt with wc_AesCtrEncrypt() */
ExpectIntEQ(wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2, iv,
AES_ENCRYPTION), 0);
ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte)),
0);
ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
/* Test bad args. */
ExpectIntEQ(wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte)),
BAD_FUNC_ARG);
wc_AesFree(&aesEnc);
wc_AesFree(&aesDec);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesCtrEncryptDecrypt */
/*
* test function for wc_AesGcmSetKey()
*/
static int test_wc_AesGcmSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
Aes aes;
#ifdef WOLFSSL_AES_128
byte key16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
#ifdef WOLFSSL_AES_192
byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
byte badKey16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
};
byte badKey24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36
};
byte badKey32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x37, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
};
ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
ExpectIntEQ(wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0);
#endif
/* Pass in bad args. */
ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte)),
BAD_FUNC_ARG);
wc_AesFree(&aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesGcmSetKey */
/*
* test function for wc_AesGcmEncrypt and wc_AesGcmDecrypt
*/
static int test_wc_AesGcmEncryptDecrypt(void)
{
EXPECT_DECLS;
/* WOLFSSL_AFALG requires 12 byte IV */
#if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) && \
!defined(WOLFSSL_AFALG) && !defined(WOLFSSL_DEVCRYPTO_AES)
Aes aes;
byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
byte vector[] = { /* Now is the time for all w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
const byte a[] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
byte iv[] = "1234567890a";
byte longIV[] = "1234567890abcdefghij";
byte enc[sizeof(vector)];
byte resultT[AES_BLOCK_SIZE];
byte dec[sizeof(vector)];
/* Init stack variables. */
XMEMSET(&aes, 0, sizeof(Aes));
XMEMSET(enc, 0, sizeof(vector));
XMEMSET(dec, 0, sizeof(vector));
XMEMSET(resultT, 0, AES_BLOCK_SIZE);
ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0);
ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0);
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0);
ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
/* Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */
ExpectIntEQ(wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) - 5, a, sizeof(a)),
BAD_FUNC_ARG);
#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST) || \
defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
/* FIPS does not check the lower bound of ivSz */
#else
ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, 0,
resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG);
#endif
/* This case is now considered good. Long IVs are now allowed.
* Except for the original FIPS release, it still has an upper
* bound on the IV length. */
#if (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
!defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
0);
#else
(void)longIV;
#endif /* Old FIPS */
/* END wc_AesGcmEncrypt */
#ifdef HAVE_AES_DECRYPT
ExpectIntEQ(wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), NULL,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
sizeof(iv)/sizeof(byte), NULL, sizeof(resultT), a, sizeof(a)),
BAD_FUNC_ARG);
#if (defined(HAVE_FIPS) && FIPS_VERSION_LE(2,0) && defined(WOLFSSL_ARMASM))
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
AES_GCM_AUTH_E);
#else
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
BAD_FUNC_ARG);
#endif
#if ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST)) && \
!defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
/* FIPS does not check the lower bound of ivSz */
#else
ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
iv, 0, resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG);
#endif
#endif /* HAVE_AES_DECRYPT */
wc_AesFree(&aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesGcmEncryptDecrypt */
/*
* test function for mixed (one-shot encrpytion + stream decryption) AES GCM
* using a long IV (older FIPS does NOT support long IVs). Relates to zd15423
*/
static int test_wc_AesGcmMixedEncDecLongIV(void)
{
EXPECT_DECLS;
#if (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
!defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)
const byte key[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
const byte in[] = {
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
const byte aad[] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
Aes aesEnc;
Aes aesDec;
byte iv[] = "1234567890abcdefghij";
byte out[sizeof(in)];
byte plain[sizeof(in)];
byte tag[AES_BLOCK_SIZE];
XMEMSET(&aesEnc, 0, sizeof(Aes));
XMEMSET(&aesDec, 0, sizeof(Aes));
XMEMSET(out, 0, sizeof(out));
XMEMSET(plain, 0, sizeof(plain));
XMEMSET(tag, 0, sizeof(tag));
/* Perform one-shot encryption using long IV */
ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmSetKey(&aesEnc, key, sizeof(key)), 0);
ExpectIntEQ(wc_AesGcmEncrypt(&aesEnc, out, in, sizeof(in), iv, sizeof(iv),
tag, sizeof(tag), aad, sizeof(aad)), 0);
/* Perform streaming decryption using long IV */
ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesGcmInit(&aesDec, key, sizeof(key), iv, sizeof(iv)), 0);
ExpectIntEQ(wc_AesGcmDecryptUpdate(&aesDec, plain, out, sizeof(out), aad,
sizeof(aad)), 0);
ExpectIntEQ(wc_AesGcmDecryptFinal(&aesDec, tag, sizeof(tag)), 0);
ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
/* Free resources */
wc_AesFree(&aesEnc);
wc_AesFree(&aesDec);
#endif
return EXPECT_RESULT();
} /* END wc_AesGcmMixedEncDecLongIV */
/*
* unit test for wc_GmacSetKey()
*/
static int test_wc_GmacSetKey(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
Gmac gmac;
byte key16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#ifdef WOLFSSL_AES_192
byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
byte badKey16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x66
};
byte badKey24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
byte badKey32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
XMEMSET(&gmac, 0, sizeof(Gmac));
ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0);
#endif
/* Pass in bad args. */
ExpectIntEQ(wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte)),
BAD_FUNC_ARG);
wc_AesFree(&gmac.aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_GmacSetKey */
/*
* unit test for wc_GmacUpdate
*/
static int test_wc_GmacUpdate(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
Gmac gmac;
#ifdef WOLFSSL_AES_128
const byte key16[] = {
0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
};
#endif
#ifdef WOLFSSL_AES_192
byte key24[] = {
0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52,
0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a,
0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0
};
#endif
#ifdef WOLFSSL_AES_256
byte key32[] = {
0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35,
0xc3, 0xc0, 0x1e, 0xea, 0x57, 0x42, 0x8f, 0x00,
0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4,
0x9c, 0x8d, 0xd7, 0x3d, 0x68, 0xc8, 0xe2, 0x23
};
#endif
#ifdef WOLFSSL_AES_128
const byte authIn[] = {
0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
};
#endif
#ifdef WOLFSSL_AES_192
const byte authIn2[] = {
0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f,
0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1
};
#endif
const byte authIn3[] = {
0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71,
0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36
};
#ifdef WOLFSSL_AES_128
const byte tag1[] = { /* Known. */
0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
};
#endif
#ifdef WOLFSSL_AES_192
const byte tag2[] = { /* Known */
0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf,
0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05
};
#endif
const byte tag3[] = { /* Known */
0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22,
0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76
};
#ifdef WOLFSSL_AES_128
const byte iv[] = {
0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
0xe2, 0x8c, 0x8f, 0x16
};
#endif
#ifdef WOLFSSL_AES_192
const byte iv2[] = {
0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66,
0x7e, 0x1a, 0x6f, 0xbc
};
#endif
const byte iv3[] = {
0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93,
0xc3, 0xfb, 0x6c, 0x8a
};
byte tagOut[16];
byte tagOut2[24];
byte tagOut3[32];
/* Init stack variables. */
XMEMSET(&gmac, 0, sizeof(Gmac));
XMEMSET(tagOut, 0, sizeof(tagOut));
XMEMSET(tagOut2, 0, sizeof(tagOut2));
XMEMSET(tagOut3, 0, sizeof(tagOut3));
#ifdef WOLFSSL_AES_128
ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)), 0);
ExpectIntEQ(wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
tagOut, sizeof(tag1)), 0);
ExpectIntEQ(XMEMCMP(tag1, tagOut, sizeof(tag1)), 0);
wc_AesFree(&gmac.aes);
#endif
#ifdef WOLFSSL_AES_192
ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac)));
ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0);
ExpectIntEQ(wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2, sizeof(authIn2),
tagOut2, sizeof(tag2)), 0);
ExpectIntEQ(XMEMCMP(tagOut2, tag2, sizeof(tag2)), 0);
wc_AesFree(&gmac.aes);
#endif
#ifdef WOLFSSL_AES_256
ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac)));
ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0);
ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
tagOut3, sizeof(tag3)), 0);
ExpectIntEQ(XMEMCMP(tag3, tagOut3, sizeof(tag3)), 0);
wc_AesFree(&gmac.aes);
#endif
/* Pass bad args. */
ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
tagOut3, sizeof(tag3)), BAD_FUNC_ARG);
ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
tagOut3, sizeof(tag3) - 5), BAD_FUNC_ARG);
ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
tagOut3, sizeof(tag3) + 1), BAD_FUNC_ARG);
wc_AesFree(&gmac.aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_GmacUpdate */
/*
* testing wc_CamelliaSetKey
*/
static int test_wc_CamelliaSetKey(void)
{
EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
/*128-bit key*/
static const byte key16[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
};
/* 192-bit key */
static const byte key24[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
/* 256-bit key */
static const byte key32[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
};
static const byte iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv),
0);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16),
NULL), 0);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv),
0);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
NULL), 0);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32), iv),
0);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32),
NULL), 0);
/* Bad args. */
ExpectIntEQ(wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv),
BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_CammeliaSetKey */
/*
* Testing wc_CamelliaSetIV()
*/
static int test_wc_CamelliaSetIV(void)
{
EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
static const byte iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
ExpectIntEQ(wc_CamelliaSetIV(&camellia, iv), 0);
ExpectIntEQ(wc_CamelliaSetIV(&camellia, NULL), 0);
/* Bad args. */
ExpectIntEQ(wc_CamelliaSetIV(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaSetIV(NULL, iv), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_CamelliaSetIV*/
/*
* Test wc_CamelliaEncryptDirect and wc_CamelliaDecryptDirect
*/
static int test_wc_CamelliaEncryptDecryptDirect(void)
{
EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
static const byte key24[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
static const byte iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
static const byte plainT[] = {
0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
};
byte enc[sizeof(plainT)];
byte dec[sizeof(enc)];
/* Init stack variables.*/
XMEMSET(enc, 0, 16);
XMEMSET(enc, 0, 16);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv),
0);
ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, plainT), 0);
ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, enc), 0);
ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0);
/* Pass bad args. */
ExpectIntEQ(wc_CamelliaEncryptDirect(NULL, enc, plainT), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, NULL, plainT),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaDecryptDirect(NULL, dec, enc), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, NULL, enc), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, NULL), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test-wc_CamelliaEncryptDecryptDirect */
/*
* Testing wc_CamelliaCbcEncrypt and wc_CamelliaCbcDecrypt
*/
static int test_wc_CamelliaCbcEncryptDecrypt(void)
{
EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
static const byte key24[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
static const byte plainT[] = {
0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
};
byte enc[CAMELLIA_BLOCK_SIZE];
byte dec[CAMELLIA_BLOCK_SIZE];
/* Init stack variables. */
XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
NULL), 0);
ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, plainT,
CAMELLIA_BLOCK_SIZE), 0);
ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
NULL), 0);
ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE),
0);
ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, NULL, plainT,
CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, NULL,
CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, NULL, enc,
CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_CamelliaCbcEncryptDecrypt */
/*
* Testing wc_Arc4SetKey()
*/
static int test_wc_Arc4SetKey(void)
{
EXPECT_DECLS;
#ifndef NO_RC4
Arc4 arc;
const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef";
int keyLen = 8;
ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, (word32)keyLen), 0);
/* Test bad args. */
ExpectIntEQ(wc_Arc4SetKey(NULL, (byte*)key, (word32)keyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Arc4SetKey(&arc, NULL , (word32)keyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, 0 ), BAD_FUNC_ARG);
#endif
return EXPECT_RESULT();
} /* END test_wc_Arc4SetKey */
/*
* Testing wc_Arc4Process for ENC/DEC.
*/
static int test_wc_Arc4Process(void)
{
EXPECT_DECLS;
#ifndef NO_RC4
Arc4 enc;
Arc4 dec;
const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef";
int keyLen = 8;
const char* input = "\x01\x23\x45\x67\x89\xab\xcd\xef";
byte cipher[8];
byte plain[8];
/* Init stack variables */
XMEMSET(&enc, 0, sizeof(Arc4));
XMEMSET(&dec, 0, sizeof(Arc4));
XMEMSET(cipher, 0, sizeof(cipher));
XMEMSET(plain, 0, sizeof(plain));
/* Use for async. */
ExpectIntEQ(wc_Arc4Init(&enc, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Arc4Init(&dec, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_Arc4SetKey(&enc, (byte*)key, (word32)keyLen), 0);
ExpectIntEQ(wc_Arc4SetKey(&dec, (byte*)key, (word32)keyLen), 0);
ExpectIntEQ(wc_Arc4Process(&enc, cipher, (byte*)input, (word32)keyLen), 0);
ExpectIntEQ(wc_Arc4Process(&dec, plain, cipher, (word32)keyLen), 0);
ExpectIntEQ(XMEMCMP(plain, input, keyLen), 0);
/* Bad args. */
ExpectIntEQ(wc_Arc4Process(NULL, plain, cipher, (word32)keyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Arc4Process(&dec, NULL, cipher, (word32)keyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Arc4Process(&dec, plain, NULL, (word32)keyLen), BAD_FUNC_ARG);
wc_Arc4Free(&enc);
wc_Arc4Free(&dec);
#endif
return EXPECT_RESULT();
} /* END test_wc_Arc4Process */
/*
* Testing wc_Init RsaKey()
*/
static int test_wc_InitRsaKey(void)
{
EXPECT_DECLS;
#ifndef NO_RSA
RsaKey key;
XMEMSET(&key, 0, sizeof(RsaKey));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
/* Test bad args. */
ExpectIntEQ(wc_InitRsaKey(NULL, HEAP_HINT), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitRsaKey */
/*
* Testing wc_RsaPrivateKeyDecode()
*/
static int test_wc_RsaPrivateKeyDecode(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
|| defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
RsaKey key;
byte* tmp = NULL;
word32 idx = 0;
int bytes = 0;
XMEMSET(&key, 0, sizeof(RsaKey));
ExpectNotNull(tmp = (byte*)XMALLOC(FOURK_BUF, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
if (tmp != NULL) {
#ifdef USE_CERT_BUFFERS_1024
XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
bytes = sizeof_client_key_der_1024;
#else
XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
bytes = sizeof_client_key_der_2048;
#endif /* Use cert buffers. */
}
ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes), 0);
/* Test bad args. */
ExpectIntEQ(wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes),
BAD_FUNC_ARG);
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPrivateKeyDecode */
/*
* Testing wc_RsaPublicKeyDecode()
*/
static int test_wc_RsaPublicKeyDecode(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
|| defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
RsaKey keyPub;
byte* tmp = NULL;
word32 idx = 0;
int bytes = 0;
word32 keySz = 0;
word32 tstKeySz = 0;
#if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
const char* rsaPssPubKey = "./certs/rsapss/ca-rsapss-key.der";
const char* rsaPssPubKeyNoParams = "./certs/rsapss/ca-3072-rsapss-key.der";
byte buf[4096];
#endif
XMEMSET(&keyPub, 0, sizeof(RsaKey));
ExpectNotNull(tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRsaKey(&keyPub, HEAP_HINT), 0);
if (tmp != NULL) {
#ifdef USE_CERT_BUFFERS_1024
XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024);
bytes = sizeof_client_keypub_der_1024;
keySz = 1024;
#else
XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048);
bytes = sizeof_client_keypub_der_2048;
keySz = 2048;
#endif
}
ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes),
BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRsaKey(&keyPub), 0);
/* Test for getting modulus key size */
idx = 0;
ExpectIntEQ(wc_RsaPublicKeyDecode_ex(tmp, &idx, (word32)bytes, NULL,
&tstKeySz, NULL, NULL), 0);
ExpectIntEQ(tstKeySz, keySz/8);
#if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM)
ExpectTrue((f = XFOPEN(rsaPssPubKey, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
idx = 0;
ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, (word32)bytes, NULL, NULL, NULL,
NULL), 0);
ExpectTrue((f = XFOPEN(rsaPssPubKeyNoParams, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
idx = 0;
ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, (word32)bytes, NULL, NULL, NULL,
NULL), 0);
#endif
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPublicKeyDecode */
/*
* Testing wc_RsaPublicKeyDecodeRaw()
*/
static int test_wc_RsaPublicKeyDecodeRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA)
RsaKey key;
const byte n = 0x23;
const byte e = 0x03;
int nSz = sizeof(n);
int eSz = sizeof(e);
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL),
BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPublicKeyDecodeRaw */
/*
* Testing wc_RsaPrivateKeyDecodeRaw()
*/
static int test_wc_RsaPrivateKeyDecodeRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) \
&& !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
RsaKey key;
const byte n = 33;
const byte e = 3;
const byte d = 7;
const byte u = 2;
const byte p = 3;
const byte q = 11;
const byte dp = 1;
const byte dq = 7;
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), NULL, 0,
NULL, 0, &key), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
NULL, 0, &key), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), NULL, 0,
&dq, sizeof(dq), &key), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(NULL, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, 0,
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
NULL, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, 0, &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), NULL, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, 0, &u, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
NULL, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, 0, &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), NULL, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, sizeof(u),
&p, sizeof(p), &q, 0, &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, 0,
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), NULL, sizeof(u),
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPrivateKeyDecodeRaw(&n, sizeof(n),
&e, sizeof(e), &d, sizeof(d), &u, 0,
&p, sizeof(p), &q, sizeof(q), &dp, sizeof(dp),
&dq, sizeof(dq), &key), BAD_FUNC_ARG);
#endif
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPrivateKeyDecodeRaw */
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
/* In FIPS builds, wc_MakeRsaKey() will return an error if it cannot find
* a probable prime in 5*(modLen/2) attempts. In non-FIPS builds, it keeps
* trying until it gets a probable prime. */
#ifdef HAVE_FIPS
static int MakeRsaKeyRetry(RsaKey* key, int size, long e, WC_RNG* rng)
{
int ret;
for (;;) {
ret = wc_MakeRsaKey(key, size, e, rng);
if (ret != PRIME_GEN_E) break;
fprintf(stderr, "MakeRsaKey couldn't find prime; "
"trying again.\n");
}
return ret;
}
#define MAKE_RSA_KEY(a, b, c, d) MakeRsaKeyRetry(a, b, c, d)
#else
#define MAKE_RSA_KEY(a, b, c, d) wc_MakeRsaKey(a, b, c, d)
#endif
#endif
/*
* Testing wc_MakeRsaKey()
*/
static int test_wc_MakeRsaKey(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey genKey;
WC_RNG rng;
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
int bits = 1024;
#else
int bits = 2048;
#endif
XMEMSET(&genKey, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0);
DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0);
/* Test bad args. */
ExpectIntEQ(MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng), BAD_FUNC_ARG);
ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL),
BAD_FUNC_ARG);
/* e < 3 */
ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 2, &rng), BAD_FUNC_ARG);
/* e & 1 == 0 */
ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 6, &rng), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_MakeRsaKey */
/*
* Test the bounds checking on the cipher text versus the key modulus.
* 1. Make a new RSA key.
* 2. Set c to 1.
* 3. Decrypt c into k. (error)
* 4. Copy the key modulus to c and sub 1 from the copy.
* 5. Decrypt c into k. (error)
* Valid bounds test cases are covered by all the other RSA tests.
*/
static int test_RsaDecryptBoundsCheck(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WC_RSA_NO_PADDING) && \
(defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)) && \
defined(WOLFSSL_PUBLIC_MP) && !defined(NO_RSA_BOUNDS_CHECK)
WC_RNG rng;
RsaKey key;
byte flatC[256];
word32 flatCSz;
byte out[256];
word32 outSz = sizeof(out);
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
if (EXPECT_SUCCESS()) {
const byte* derKey;
word32 derKeySz;
word32 idx = 0;
#ifdef USE_CERT_BUFFERS_1024
derKey = server_key_der_1024;
derKeySz = (word32)sizeof_server_key_der_1024;
flatCSz = 128;
#else
derKey = server_key_der_2048;
derKeySz = (word32)sizeof_server_key_der_2048;
flatCSz = 256;
#endif
ExpectIntEQ(wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz), 0);
}
if (EXPECT_SUCCESS()) {
XMEMSET(flatC, 0, flatCSz);
flatC[flatCSz-1] = 1;
ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
RSA_PRIVATE_DECRYPT, &rng), RSA_OUT_OF_RANGE_E);
if (EXPECT_SUCCESS()) {
mp_int c;
ExpectIntEQ(mp_init_copy(&c, &key.n), 0);
ExpectIntEQ(mp_sub_d(&c, 1, &c), 0);
ExpectIntEQ(mp_to_unsigned_bin(&c, flatC), 0);
ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
RSA_PRIVATE_DECRYPT, NULL), RSA_OUT_OF_RANGE_E);
mp_clear(&c);
}
}
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaDecryptBoundsCheck */
/*
* Testing wc_SetKeyUsage()
*/
static int test_wc_SetKeyUsage(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) && !defined(HAVE_FIPS)
Cert myCert;
ExpectIntEQ(wc_InitCert(&myCert), 0);
ExpectIntEQ(wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement"), 0);
ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation"), 0);
ExpectIntEQ(wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly"), 0);
ExpectIntEQ(wc_SetKeyUsage(&myCert, "decipherOnly"), 0);
ExpectIntEQ(wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign"), 0);
/* Test bad args. */
ExpectIntEQ(wc_SetKeyUsage(NULL, "decipherOnly"), BAD_FUNC_ARG);
ExpectIntEQ(wc_SetKeyUsage(&myCert, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_SetKeyUsage(&myCert, ""), KEYUSAGE_E);
ExpectIntEQ(wc_SetKeyUsage(&myCert, ","), KEYUSAGE_E);
ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign"),
KEYUSAGE_E);
#endif
return EXPECT_RESULT();
} /* END test_wc_SetKeyUsage */
/*
* Testing wc_CheckProbablePrime()
*/
static int test_wc_CheckProbablePrime(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING)
#define CHECK_PROBABLE_PRIME_KEY_BITS 2048
RsaKey key;
WC_RNG rng;
byte e[3];
word32 eSz = (word32)sizeof(e);
byte n[CHECK_PROBABLE_PRIME_KEY_BITS / 8];
word32 nSz = (word32)sizeof(n);
byte d[CHECK_PROBABLE_PRIME_KEY_BITS / 8];
word32 dSz = (word32)sizeof(d);
byte p[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2];
word32 pSz = (word32)sizeof(p);
byte q[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2];
word32 qSz = (word32)sizeof(q);
int nlen = CHECK_PROBABLE_PRIME_KEY_BITS;
int* isPrime;
int test[5];
isPrime = test;
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
ExpectIntEQ(wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS,
WC_RSA_EXPONENT, &rng), 0);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q,
&qSz), 0);
PRIVATE_KEY_LOCK();
/* Bad cases */
ExpectIntEQ(wc_CheckProbablePrime(NULL, pSz, q, qSz, e, eSz, nlen, isPrime),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CheckProbablePrime(p, 0, q, qSz, e, eSz, nlen, isPrime),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CheckProbablePrime(p, pSz, NULL, qSz, e, eSz, nlen, isPrime),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, 0, e, eSz, nlen, isPrime),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, NULL, eSz, nlen, isPrime),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, 0, nlen, isPrime),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CheckProbablePrime(NULL, 0, NULL, 0, NULL, 0, nlen, isPrime),
BAD_FUNC_ARG);
/* Good case */
ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, eSz, nlen, isPrime),
0);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
wc_FreeRng(&rng);
#undef CHECK_PROBABLE_PRIME_KEY_BITS
#endif
return EXPECT_RESULT();
} /* END test_wc_CheckProbablePrime */
/*
* Testing wc_RsaPSS_Verify()
*/
static int test_wc_RsaPSS_Verify(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
RsaKey key;
WC_RNG rng;
int sz = 256;
const char* szMessage = "This is the string to be signed";
unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
unsigned char pDecrypted[2048/8];
byte* pt = pDecrypted;
word32 outLen = sizeof(pDecrypted);
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
ExpectIntGT(sz = wc_RsaPSS_Sign((byte*)szMessage,
(word32)XSTRLEN(szMessage)+1, pSignature, sizeof(pSignature),
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
/* Bad cases */
ExpectIntEQ(wc_RsaPSS_Verify(NULL, (word32)sz, pt, outLen,
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_Verify(pSignature, 0, pt, outLen,
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_Verify(pSignature, (word32)sz, NULL, outLen,
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_Verify(NULL, 0, NULL, outLen,
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
/* Good case */
ExpectIntGT(wc_RsaPSS_Verify(pSignature, (word32)sz, pt, outLen,
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
wc_FreeRng(&rng);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPSS_Verify */
/*
* Testing wc_RsaPSS_VerifyCheck()
*/
static int test_wc_RsaPSS_VerifyCheck(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
RsaKey key;
WC_RNG rng;
int sz = 256; /* 2048/8 */
byte digest[32];
word32 digestSz = sizeof(digest);
unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
word32 pSignatureSz = sizeof(pSignature);
unsigned char pDecrypted[2048/8];
byte* pt = pDecrypted;
word32 outLen = sizeof(pDecrypted);
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(digest, 0, sizeof(digest));
XMEMSET(pSignature, 0, sizeof(pSignature));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
ExpectTrue((digestSz = (word32)wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0);
ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, (word32)sz, digest, digestSz),
0);
ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature, pSignatureSz,
WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
/* Bad cases */
ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, (word32)sz, pt, outLen, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, 0, pt, outLen, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, (word32)sz, NULL, outLen, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, 0, NULL, outLen, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
/* Good case */
ExpectIntGT(wc_RsaPSS_VerifyCheck(pSignature, (word32)sz, pt, outLen, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
ExpectIntEQ(wc_FreeRsaKey(&key), 0);
wc_FreeRng(&rng);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPSS_VerifyCheck */
/*
* Testing wc_RsaPSS_VerifyCheckInline()
*/
static int test_wc_RsaPSS_VerifyCheckInline(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
RsaKey key;
WC_RNG rng;
int sz = 256;
byte digest[32];
word32 digestSz = sizeof(digest);
unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
unsigned char pDecrypted[2048/8];
byte* pt = pDecrypted;
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(digest, 0, sizeof(digest));
XMEMSET(pSignature, 0, sizeof(pSignature));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
ExpectTrue((digestSz = (word32)wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0);
ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, (word32)sz, digest, digestSz),
0);
ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature,
sizeof(pSignature), WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
/* Bad Cases */
ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, (word32)sz, &pt, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, 0, NULL, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, 0, &pt, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, (word32)sz, &pt, digest,
digestSz, WC_HASH_TYPE_SHA, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
/* Good case */
ExpectIntGT(wc_RsaPSS_VerifyCheckInline(pSignature, (word32)sz, &pt, digest,
digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
wc_FreeRng(&rng);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPSS_VerifyCheckInline */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
static void sample_mutex_cb (int flag, int type, const char* file, int line)
{
(void)flag;
(void)type;
(void)file;
(void)line;
}
#endif
/*
* Testing wc_LockMutex_ex
*/
static int test_wc_LockMutex_ex(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
int flag = CRYPTO_LOCK;
int type = 0;
const char* file = "./test-LockMutex_ex.txt";
int line = 0;
/* without SetMutexCb */
ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), BAD_STATE_E);
/* with SetMutexCb */
ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0);
ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), 0);
ExpectIntEQ(wc_SetMutexCb(NULL), 0);
#endif
return EXPECT_RESULT();
} /* End test_wc_LockMutex_ex*/
/*
* Testing wc_SetMutexCb
*/
static int test_wc_SetMutexCb(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0);
ExpectIntEQ(wc_SetMutexCb(NULL), 0);
#endif
return EXPECT_RESULT();
} /* End test_wc_SetMutexCb*/
/*
* Testing wc_RsaKeyToDer()
*/
static int test_wc_RsaKeyToDer(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey genKey;
WC_RNG rng;
byte* der = NULL;
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
int bits = 1024;
word32 derSz = 611;
/* (2 x 128) + 2 (possible leading 00) + (5 x 64) + 5 (possible leading 00)
+ 3 (e) + 8 (ASN tag) + 10 (ASN length) + 4 seqSz + 3 version */
#else
int bits = 2048;
word32 derSz = 1196;
/* (2 x 256) + 2 (possible leading 00) + (5 x 128) + 5 (possible leading 00)
+ 3 (e) + 8 (ASN tag) + 17 (ASN length) + 4 seqSz + 3 version */
#endif
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&genKey, 0, sizeof(genKey));
ExpectNotNull(der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
/* Init structures. */
ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
/* Make key. */
ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0);
ExpectIntGT(wc_RsaKeyToDer(&genKey, der, derSz), 0);
/* Pass good/bad args. */
ExpectIntEQ(wc_RsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
/* Get just the output length */
ExpectIntGT(wc_RsaKeyToDer(&genKey, NULL, 0), 0);
/* Try Public Key. */
genKey.type = 0;
ExpectIntEQ(wc_RsaKeyToDer(&genKey, der, FOURK_BUF), BAD_FUNC_ARG);
#ifdef WOLFSSL_CHECK_MEM_ZERO
/* Put back to Private Key */
genKey.type = 1;
#endif
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaKeyToDer */
/*
* Testing wc_RsaKeyToPublicDer()
*/
static int test_wc_RsaKeyToPublicDer(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey key;
WC_RNG rng;
byte* der = NULL;
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
int bits = 1024;
word32 derLen = 162;
#else
int bits = 2048;
word32 derLen = 294;
#endif
int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
ExpectNotNull(der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
/* test getting size only */
ExpectIntGT(wc_RsaKeyToPublicDer(&key, NULL, derLen), 0);
ExpectIntGT(wc_RsaKeyToPublicDer(&key, der, derLen), 0);
/* test getting size only */
ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0), 0);
ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_RsaKeyToPublicDer(NULL, der, derLen), BAD_FUNC_ARG);
ExpectIntLT(ret = wc_RsaKeyToPublicDer(&key, der, -1), 0);
ExpectTrue((ret == BUFFER_E) || (ret == BAD_FUNC_ARG));
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaKeyToPublicDer */
/*
* Testing wc_RsaPublicEncrypt() and wc_RsaPrivateDecrypt()
*/
static int test_wc_RsaPublicEncryptDecrypt(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey key;
WC_RNG rng;
const char inStr[] = TEST_STRING;
const word32 plainLen = (word32)TEST_STRING_SZ;
const word32 inLen = (word32)TEST_STRING_SZ;
int bits = TEST_RSA_BITS;
const word32 cipherLen = TEST_RSA_BYTES;
word32 cipherLenResult = cipherLen;
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_ALLOC_VAR(plain, byte, TEST_STRING_SZ, NULL);
WC_ALLOC_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
ExpectNotNull(in);
ExpectNotNull(plain);
ExpectNotNull(cipher);
#endif
ExpectNotNull(XMEMCPY(in, inStr, inLen));
/* Initialize stack structures. */
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
/* Encrypt. */
ExpectIntGT(cipherLenResult = (word32)wc_RsaPublicEncrypt(in, inLen, cipher,
cipherLen, &key, &rng), 0);
/* Pass bad args - tested in another testing function.*/
/* Decrypt */
#if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
/* Bind rng */
ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
#endif
ExpectIntGE(wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen,
&key), 0);
ExpectIntEQ(XMEMCMP(plain, inStr, plainLen), 0);
/* Pass bad args - tested in another testing function.*/
WC_FREE_VAR(in, NULL);
WC_FREE_VAR(plain, NULL);
WC_FREE_VAR(cipher, NULL);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPublicEncryptDecrypt */
/*
* Testing wc_RsaPrivateDecrypt_ex() and wc_RsaPrivateDecryptInline_ex()
*/
static int test_wc_RsaPublicEncryptDecrypt_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_FIPS)\
&& !defined(WC_NO_RSA_OAEP) && !defined(NO_SHA256)
RsaKey key;
WC_RNG rng;
const char inStr[] = TEST_STRING;
const word32 inLen = (word32)TEST_STRING_SZ;
const word32 plainSz = (word32)TEST_STRING_SZ;
byte* res = NULL;
int idx = 0;
int bits = TEST_RSA_BITS;
const word32 cipherSz = TEST_RSA_BYTES;
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_ALLOC_VAR(plain, byte, TEST_STRING_SZ, NULL);
WC_ALLOC_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
ExpectNotNull(in);
ExpectNotNull(plain);
ExpectNotNull(cipher);
#endif
ExpectNotNull(XMEMCPY(in, inStr, inLen));
/* Initialize stack structures. */
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
/* Encrypt */
ExpectIntGE(idx = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key,
&rng, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
/* Pass bad args - tested in another testing function.*/
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
/* Decrypt */
#if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
#endif
ExpectIntGE(wc_RsaPrivateDecrypt_ex(cipher, (word32)idx, plain, plainSz,
&key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
ExpectIntEQ(XMEMCMP(plain, inStr, plainSz), 0);
/* Pass bad args - tested in another testing function.*/
ExpectIntGE(wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx, &res, &key,
WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
ExpectIntEQ(XMEMCMP(inStr, res, plainSz), 0);
#endif
WC_FREE_VAR(in, NULL);
WC_FREE_VAR(plain, NULL);
WC_FREE_VAR(cipher, NULL);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaPublicEncryptDecrypt_ex */
/*
* Tesing wc_RsaSSL_Sign() and wc_RsaSSL_Verify()
*/
static int test_wc_RsaSSL_SignVerify(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey key;
WC_RNG rng;
const char inStr[] = TEST_STRING;
const word32 plainSz = (word32)TEST_STRING_SZ;
const word32 inLen = (word32)TEST_STRING_SZ;
word32 idx = 0;
int bits = TEST_RSA_BITS;
const word32 outSz = TEST_RSA_BYTES;
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(out, byte, TEST_RSA_BYTES, NULL);
WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_ALLOC_VAR(out, byte, TEST_RSA_BYTES, NULL);
WC_ALLOC_VAR(plain, byte, TEST_STRING_SZ, NULL);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
ExpectNotNull(in);
ExpectNotNull(out);
ExpectNotNull(plain);
#endif
ExpectNotNull(XMEMCPY(in, inStr, inLen));
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
/* Sign. */
ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng), (int)outSz);
idx = (int)outSz;
/* Test bad args. */
ExpectIntEQ(wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng),
BAD_FUNC_ARG);
/* Verify. */
ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, &key), (int)inLen);
/* Pass bad args. */
ExpectIntEQ(wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaSSL_Verify(out, 0, plain, plainSz, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL),
BAD_FUNC_ARG);
WC_FREE_VAR(in, NULL);
WC_FREE_VAR(out, NULL);
WC_FREE_VAR(plain, NULL);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaSSL_SignVerify */
/*
* Testing wc_RsaEncryptSize()
*/
static int test_wc_RsaEncryptSize(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey key;
WC_RNG rng;
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
ExpectIntEQ(MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng), 0);
ExpectIntEQ(wc_RsaEncryptSize(&key), 128);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
ExpectIntEQ(MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
ExpectIntEQ(wc_RsaEncryptSize(&key), 256);
/* Pass in bad arg. */
ExpectIntEQ(wc_RsaEncryptSize(NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaEncryptSize*/
/*
* Testing wc_RsaFlattenPublicKey()
*/
static int test_wc_RsaFlattenPublicKey(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RsaKey key;
WC_RNG rng;
byte e[256];
byte n[256];
word32 eSz = sizeof(e);
word32 nSz = sizeof(n);
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
int bits = 1024;
#else
int bits = 2048;
#endif
XMEMSET(&key, 0, sizeof(RsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz), 0);
/* Pass bad args. */
ExpectIntEQ(wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL),
BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_RsaFlattenPublicKey */
/*
* unit test for wc_AesCcmSetKey
*/
static int test_wc_AesCcmSetKey(void)
{
EXPECT_DECLS;
#ifdef HAVE_AESCCM
Aes aes;
const byte key16[] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
const byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
const byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
XMEMSET(&aes, 0, sizeof(Aes));
ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24)), 0);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32)), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1), BAD_FUNC_ARG);
wc_AesFree(&aes);
#endif
return EXPECT_RESULT();
} /* END test_wc_AesCcmSetKey */
/*
* Unit test function for wc_AesCcmEncrypt and wc_AesCcmDecrypt
*/
static int test_wc_AesCcmEncryptDecrypt(void)
{
EXPECT_DECLS;
#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
Aes aes;
const byte key16[] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
/* plaintext */
const byte plainT[] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
};
/* nonce */
const byte iv[] = {
0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
0xa1, 0xa2, 0xa3, 0xa4, 0xa5
};
const byte c[] = { /* cipher text. */
0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
};
const byte t[] = { /* Auth tag */
0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
};
const byte authIn[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
byte cipherOut[sizeof(plainT)];
byte authTag[sizeof(t)];
#ifdef HAVE_AES_DECRYPT
byte plainOut[sizeof(cipherOut)];
#endif
XMEMSET(&aes, 0, sizeof(Aes));
ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), 0);
ExpectIntEQ(XMEMCMP(cipherOut, c, sizeof(c)), 0);
ExpectIntEQ(XMEMCMP(t, authTag, sizeof(t)), 0);
#ifdef HAVE_AES_DECRYPT
ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), 0);
ExpectIntEQ(XMEMCMP(plainOut, plainT, sizeof(plainT)), 0);
#endif
/* Pass in bad args. Encrypt*/
ExpectIntEQ(wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
NULL, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
iv, sizeof(iv), NULL, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn , sizeof(authIn)),
BAD_FUNC_ARG);
#ifdef HAVE_AES_DECRYPT
/* Pass in bad args. Decrypt*/
ExpectIntEQ(wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut),
iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
NULL, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
iv, sizeof(iv), NULL, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn, sizeof(authIn)),
BAD_FUNC_ARG);
#endif
wc_AesFree(&aes);
#endif /* HAVE_AESCCM */
return EXPECT_RESULT();
} /* END test_wc_AesCcmEncryptDecrypt */
#if defined(WOLFSSL_AES_EAX) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
/*
* Testing test_wc_AesEaxVectors()
*/
static int test_wc_AesEaxVectors(void)
{
EXPECT_DECLS;
typedef struct {
byte key[AES_256_KEY_SIZE];
int key_length;
byte iv[AES_BLOCK_SIZE];
int iv_length;
byte aad[AES_BLOCK_SIZE * 2];
int aad_length;
byte msg[AES_BLOCK_SIZE * 5];
int msg_length;
byte ct[AES_BLOCK_SIZE * 5];
int ct_length;
byte tag[AES_BLOCK_SIZE];
int tag_length;
int valid;
} AadVector;
/* Test vectors obtained from Google wycheproof project
* https://github.com/google/wycheproof
* from testvectors/aes_eax_test.json
*/
const AadVector vectors[] = {
{
/* key, key length */
{0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f,
0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78}, 16,
/* iv, iv length */
{0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07,
0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3}, 16,
/* aad, aad length */
{0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b}, 8,
/* msg, msg length */
{0x00}, 0,
/* ct, ct length */
{0x00}, 0,
/* tag, tag length */
{0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2, 0x7b,
0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x91, 0x94, 0x5d, 0x3f, 0x4d, 0xcb, 0xee, 0x0b,
0xf4, 0x5e, 0xf5, 0x22, 0x55, 0xf0, 0x95, 0xa4}, 16,
/* iv, iv length */
{0xbe, 0xca, 0xf0, 0x43, 0xb0, 0xa2, 0x3d, 0x84,
0x31, 0x94, 0xba, 0x97, 0x2c, 0x66, 0xde, 0xbd}, 16,
/* aad, aad length */
{0xfa, 0x3b, 0xfd, 0x48, 0x06, 0xeb, 0x53, 0xfa}, 8,
/* msg, msg length */
{0xf7, 0xfb}, 2,
/* ct, ct length */
{0x19, 0xdd}, 2,
/* tag, tag length */
{0x5c, 0x4c, 0x93, 0x31, 0x04, 0x9d, 0x0b, 0xda,
0xb0, 0x27, 0x74, 0x08, 0xf6, 0x79, 0x67, 0xe5}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x01, 0xf7, 0x4a, 0xd6, 0x40, 0x77, 0xf2, 0xe7,
0x04, 0xc0, 0xf6, 0x0a, 0xda, 0x3d, 0xd5, 0x23}, 16,
/* iv, iv length */
{0x70, 0xc3, 0xdb, 0x4f, 0x0d, 0x26, 0x36, 0x84,
0x00, 0xa1, 0x0e, 0xd0, 0x5d, 0x2b, 0xff, 0x5e}, 16,
/* aad, aad length */
{0x23, 0x4a, 0x34, 0x63, 0xc1, 0x26, 0x4a, 0xc6}, 8,
/* msg, msg length */
{0x1a, 0x47, 0xcb, 0x49, 0x33}, 5,
/* ct, ct length */
{0xd8, 0x51, 0xd5, 0xba, 0xe0}, 5,
/* tag, tag length */
{0x3a, 0x59, 0xf2, 0x38, 0xa2, 0x3e, 0x39, 0x19,
0x9d, 0xc9, 0x26, 0x66, 0x26, 0xc4, 0x0f, 0x80}, 16,
/* valid */
1,
},
{
/* key, key length */
{0xd0, 0x7c, 0xf6, 0xcb, 0xb7, 0xf3, 0x13, 0xbd,
0xde, 0x66, 0xb7, 0x27, 0xaf, 0xd3, 0xc5, 0xe8}, 16,
/* iv, iv length */
{0x84, 0x08, 0xdf, 0xff, 0x3c, 0x1a, 0x2b, 0x12,
0x92, 0xdc, 0x19, 0x9e, 0x46, 0xb7, 0xd6, 0x17}, 16,
/* aad, aad length */
{0x33, 0xcc, 0xe2, 0xea, 0xbf, 0xf5, 0xa7, 0x9d}, 8,
/* msg, msg length */
{0x48, 0x1c, 0x9e, 0x39, 0xb1}, 5,
/* ct, ct length */
{0x63, 0x2a, 0x9d, 0x13, 0x1a}, 5,
/* tag, tag length */
{0xd4, 0xc1, 0x68, 0xa4, 0x22, 0x5d, 0x8e, 0x1f,
0xf7, 0x55, 0x93, 0x99, 0x74, 0xa7, 0xbe, 0xde}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x35, 0xb6, 0xd0, 0x58, 0x00, 0x05, 0xbb, 0xc1,
0x2b, 0x05, 0x87, 0x12, 0x45, 0x57, 0xd2, 0xc2}, 16,
/* iv, iv length */
{0xfd, 0xb6, 0xb0, 0x66, 0x76, 0xee, 0xdc, 0x5c,
0x61, 0xd7, 0x42, 0x76, 0xe1, 0xf8, 0xe8, 0x16}, 16,
/* aad, aad length */
{0xae, 0xb9, 0x6e, 0xae, 0xbe, 0x29, 0x70, 0xe9}, 8,
/* msg, msg length */
{0x40, 0xd0, 0xc0, 0x7d, 0xa5, 0xe4}, 6,
/* ct, ct length */
{0x07, 0x1d, 0xfe, 0x16, 0xc6, 0x75}, 6,
/* tag, tag length */
{0xcb, 0x06, 0x77, 0xe5, 0x36, 0xf7, 0x3a, 0xfe,
0x6a, 0x14, 0xb7, 0x4e, 0xe4, 0x98, 0x44, 0xdd}, 16,
/* valid */
1,
},
{
/* key, key length */
{0xbd, 0x8e, 0x6e, 0x11, 0x47, 0x5e, 0x60, 0xb2,
0x68, 0x78, 0x4c, 0x38, 0xc6, 0x2f, 0xeb, 0x22}, 16,
/* iv, iv length */
{0x6e, 0xac, 0x5c, 0x93, 0x07, 0x2d, 0x8e, 0x85,
0x13, 0xf7, 0x50, 0x93, 0x5e, 0x46, 0xda, 0x1b}, 16,
/* aad, aad length */
{0xd4, 0x48, 0x2d, 0x1c, 0xa7, 0x8d, 0xce, 0x0f}, 8,
/* msg, msg length */
{0x4d, 0xe3, 0xb3, 0x5c, 0x3f, 0xc0, 0x39, 0x24,
0x5b, 0xd1, 0xfb, 0x7d}, 12,
/* ct, ct length */
{0x83, 0x5b, 0xb4, 0xf1, 0x5d, 0x74, 0x3e, 0x35,
0x0e, 0x72, 0x84, 0x14}, 12,
/* tag, tag length */
{0xab, 0xb8, 0x64, 0x4f, 0xd6, 0xcc, 0xb8, 0x69,
0x47, 0xc5, 0xe1, 0x05, 0x90, 0x21, 0x0a, 0x4f}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x7c, 0x77, 0xd6, 0xe8, 0x13, 0xbe, 0xd5, 0xac,
0x98, 0xba, 0xa4, 0x17, 0x47, 0x7a, 0x2e, 0x7d}, 16,
/* iv, iv length */
{0x1a, 0x8c, 0x98, 0xdc, 0xd7, 0x3d, 0x38, 0x39,
0x3b, 0x2b, 0xf1, 0x56, 0x9d, 0xee, 0xfc, 0x19}, 16,
/* aad, aad length */
{0x65, 0xd2, 0x01, 0x79, 0x90, 0xd6, 0x25, 0x28}, 8,
/* msg, msg length */
{0x8b, 0x0a, 0x79, 0x30, 0x6c, 0x9c, 0xe7, 0xed,
0x99, 0xda, 0xe4, 0xf8, 0x7f, 0x8d, 0xd6, 0x16,
0x36}, 17,
/* ct, ct length */
{0x02, 0x08, 0x3e, 0x39, 0x79, 0xda, 0x01, 0x48,
0x12, 0xf5, 0x9f, 0x11, 0xd5, 0x26, 0x30, 0xda,
0x30}, 17,
/* tag, tag length */
{0x13, 0x73, 0x27, 0xd1, 0x06, 0x49, 0xb0, 0xaa,
0x6e, 0x1c, 0x18, 0x1d, 0xb6, 0x17, 0xd7, 0xf2}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x5f, 0xff, 0x20, 0xca, 0xfa, 0xb1, 0x19, 0xca,
0x2f, 0xc7, 0x35, 0x49, 0xe2, 0x0f, 0x5b, 0x0d}, 16,
/* iv, iv length */
{0xdd, 0xe5, 0x9b, 0x97, 0xd7, 0x22, 0x15, 0x6d,
0x4d, 0x9a, 0xff, 0x2b, 0xc7, 0x55, 0x98, 0x26}, 16,
/* aad, aad length */
{0x54, 0xb9, 0xf0, 0x4e, 0x6a, 0x09, 0x18, 0x9a}, 8,
/* msg, msg length */
{0x1b, 0xda, 0x12, 0x2b, 0xce, 0x8a, 0x8d, 0xba,
0xf1, 0x87, 0x7d, 0x96, 0x2b, 0x85, 0x92, 0xdd,
0x2d, 0x56}, 18,
/* ct, ct length */
{0x2e, 0xc4, 0x7b, 0x2c, 0x49, 0x54, 0xa4, 0x89,
0xaf, 0xc7, 0xba, 0x48, 0x97, 0xed, 0xcd, 0xae,
0x8c, 0xc3}, 18,
/* tag, tag length */
{0x3b, 0x60, 0x45, 0x05, 0x99, 0xbd, 0x02, 0xc9,
0x63, 0x82, 0x90, 0x2a, 0xef, 0x7f, 0x83, 0x2a}, 16,
/* valid */
1,
},
{
/* key, key length */
{0xa4, 0xa4, 0x78, 0x2b, 0xcf, 0xfd, 0x3e, 0xc5,
0xe7, 0xef, 0x6d, 0x8c, 0x34, 0xa5, 0x61, 0x23}, 16,
/* iv, iv length */
{0xb7, 0x81, 0xfc, 0xf2, 0xf7, 0x5f, 0xa5, 0xa8,
0xde, 0x97, 0xa9, 0xca, 0x48, 0xe5, 0x22, 0xec}, 16,
/* aad, aad length */
{0x89, 0x9a, 0x17, 0x58, 0x97, 0x56, 0x1d, 0x7e}, 8,
/* msg, msg length */
{0x6c, 0xf3, 0x67, 0x20, 0x87, 0x2b, 0x85, 0x13,
0xf6, 0xea, 0xb1, 0xa8, 0xa4, 0x44, 0x38, 0xd5,
0xef, 0x11}, 18,
/* ct, ct length */
{0x0d, 0xe1, 0x8f, 0xd0, 0xfd, 0xd9, 0x1e, 0x7a,
0xf1, 0x9f, 0x1d, 0x8e, 0xe8, 0x73, 0x39, 0x38,
0xb1, 0xe8}, 18,
/* tag, tag length */
{0xe7, 0xf6, 0xd2, 0x23, 0x16, 0x18, 0x10, 0x2f,
0xdb, 0x7f, 0xe5, 0x5f, 0xf1, 0x99, 0x17, 0x00}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x83, 0x95, 0xfc, 0xf1, 0xe9, 0x5b, 0xeb, 0xd6,
0x97, 0xbd, 0x01, 0x0b, 0xc7, 0x66, 0xaa, 0xc3}, 16,
/* iv, iv length */
{0x22, 0xe7, 0xad, 0xd9, 0x3c, 0xfc, 0x63, 0x93,
0xc5, 0x7e, 0xc0, 0xb3, 0xc1, 0x7d, 0x6b, 0x44}, 16,
/* aad, aad length */
{0x12, 0x67, 0x35, 0xfc, 0xc3, 0x20, 0xd2, 0x5a}, 8,
/* msg, msg length */
{0xca, 0x40, 0xd7, 0x44, 0x6e, 0x54, 0x5f, 0xfa,
0xed, 0x3b, 0xd1, 0x2a, 0x74, 0x0a, 0x65, 0x9f,
0xfb, 0xbb, 0x3c, 0xea, 0xb7}, 21,
/* ct, ct length */
{0xcb, 0x89, 0x20, 0xf8, 0x7a, 0x6c, 0x75, 0xcf,
0xf3, 0x96, 0x27, 0xb5, 0x6e, 0x3e, 0xd1, 0x97,
0xc5, 0x52, 0xd2, 0x95, 0xa7}, 21,
/* tag, tag length */
{0xcf, 0xc4, 0x6a, 0xfc, 0x25, 0x3b, 0x46, 0x52,
0xb1, 0xaf, 0x37, 0x95, 0xb1, 0x24, 0xab, 0x6e}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x3c, 0x8c, 0xc2, 0x97, 0x0a, 0x00, 0x8f, 0x75,
0xcc, 0x5b, 0xea, 0xe2, 0x84, 0x72, 0x58, 0xc2}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
/* ct, ct length */
{0x3c, 0x44, 0x1f, 0x32, 0xce, 0x07, 0x82, 0x23,
0x64, 0xd7, 0xa2, 0x99, 0x0e, 0x50, 0xbb, 0x13,
0xd7, 0xb0, 0x2a, 0x26, 0x96, 0x9e, 0x4a, 0x93,
0x7e, 0x5e, 0x90, 0x73, 0xb0, 0xd9, 0xc9, 0x68}, 32,
/* tag, tag length */
{0xdb, 0x90, 0xbd, 0xb3, 0xda, 0x3d, 0x00, 0xaf,
0xd0, 0xfc, 0x6a, 0x83, 0x55, 0x1d, 0xa9, 0x5e}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0xae, 0xf0, 0x3d, 0x00, 0x59, 0x84, 0x94, 0xe9,
0xfb, 0x03, 0xcd, 0x7d, 0x8b, 0x59, 0x08, 0x66}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
/* ct, ct length */
{0xd1, 0x9a, 0xc5, 0x98, 0x49, 0x02, 0x6a, 0x91,
0xaa, 0x1b, 0x9a, 0xec, 0x29, 0xb1, 0x1a, 0x20,
0x2a, 0x4d, 0x73, 0x9f, 0xd8, 0x6c, 0x28, 0xe3,
0xae, 0x3d, 0x58, 0x8e, 0xa2, 0x1d, 0x70, 0xc6}, 32,
/* tag, tag length */
{0xc3, 0x0f, 0x6c, 0xd9, 0x20, 0x20, 0x74, 0xed,
0x6e, 0x2a, 0x2a, 0x36, 0x0e, 0xac, 0x8c, 0x47}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x55, 0xd1, 0x25, 0x11, 0xc6, 0x96, 0xa8, 0x0d,
0x05, 0x14, 0xd1, 0xff, 0xba, 0x49, 0xca, 0xda}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
/* ct, ct length */
{0x21, 0x08, 0x55, 0x8a, 0xc4, 0xb2, 0xc2, 0xd5,
0xcc, 0x66, 0xce, 0xa5, 0x1d, 0x62, 0x10, 0xe0,
0x46, 0x17, 0x7a, 0x67, 0x63, 0x1c, 0xd2, 0xdd,
0x8f, 0x09, 0x46, 0x97, 0x33, 0xac, 0xb5, 0x17}, 32,
/* tag, tag length */
{0xfc, 0x35, 0x5e, 0x87, 0xa2, 0x67, 0xbe, 0x3a,
0xe3, 0xe4, 0x4c, 0x0b, 0xf3, 0xf9, 0x9b, 0x2b}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x79, 0x42, 0x2d, 0xdd, 0x91, 0xc4, 0xee, 0xe2,
0xde, 0xae, 0xf1, 0xf9, 0x68, 0x30, 0x53, 0x04}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
/* ct, ct length */
{0x4d, 0x2c, 0x15, 0x24, 0xca, 0x4b, 0xaa, 0x4e,
0xef, 0xcc, 0xe6, 0xb9, 0x1b, 0x22, 0x7e, 0xe8,
0x3a, 0xba, 0xff, 0x81, 0x05, 0xdc, 0xaf, 0xa2,
0xab, 0x19, 0x1f, 0x5d, 0xf2, 0x57, 0x50, 0x35}, 32,
/* tag, tag length */
{0xe2, 0xc8, 0x65, 0xce, 0x2d, 0x7a, 0xbd, 0xac,
0x02, 0x4c, 0x6f, 0x99, 0x1a, 0x84, 0x83, 0x90}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x0a, 0xf5, 0xaa, 0x7a, 0x76, 0x76, 0xe2, 0x83,
0x06, 0x30, 0x6b, 0xcd, 0x9b, 0xf2, 0x00, 0x3a}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
/* ct, ct length */
{0x8e, 0xb0, 0x1e, 0x62, 0x18, 0x5d, 0x78, 0x2e,
0xb9, 0x28, 0x7a, 0x34, 0x1a, 0x68, 0x62, 0xac,
0x52, 0x57, 0xd6, 0xf9, 0xad, 0xc9, 0x9e, 0xe0,
0xa2, 0x4d, 0x9c, 0x22, 0xb3, 0xe9, 0xb3, 0x8a}, 32,
/* tag, tag length */
{0x39, 0xc3, 0x39, 0xbc, 0x8a, 0x74, 0xc7, 0x5e,
0x2c, 0x65, 0xc6, 0x11, 0x95, 0x44, 0xd6, 0x1e}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0xaf, 0x5a, 0x03, 0xae, 0x7e, 0xdd, 0x73, 0x47,
0x1b, 0xdc, 0xdf, 0xac, 0x5e, 0x19, 0x4a, 0x60}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
/* ct, ct length */
{0x94, 0xc5, 0xd2, 0xac, 0xa6, 0xdb, 0xbc, 0xe8,
0xc2, 0x45, 0x13, 0xa2, 0x5e, 0x09, 0x5c, 0x0e,
0x54, 0xa9, 0x42, 0x86, 0x0d, 0x32, 0x7a, 0x22,
0x2a, 0x81, 0x5c, 0xc7, 0x13, 0xb1, 0x63, 0xb4}, 32,
/* tag, tag length */
{0xf5, 0x0b, 0x30, 0x30, 0x4e, 0x45, 0xc9, 0xd4,
0x11, 0xe8, 0xdf, 0x45, 0x08, 0xa9, 0x86, 0x12}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0xb3, 0x70, 0x87, 0x68, 0x0f, 0x0e, 0xdd, 0x5a,
0x52, 0x22, 0x8b, 0x8c, 0x7a, 0xae, 0xa6, 0x64}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33}, 64,
/* ct, ct length */
{0x3b, 0xb6, 0x17, 0x3e, 0x37, 0x72, 0xd4, 0xb6,
0x2e, 0xef, 0x37, 0xf9, 0xef, 0x07, 0x81, 0xf3,
0x60, 0xb6, 0xc7, 0x4b, 0xe3, 0xbf, 0x6b, 0x37,
0x10, 0x67, 0xbc, 0x1b, 0x09, 0x0d, 0x9d, 0x66,
0x22, 0xa1, 0xfb, 0xec, 0x6a, 0xc4, 0x71, 0xb3,
0x34, 0x9c, 0xd4, 0x27, 0x7a, 0x10, 0x1d, 0x40,
0x89, 0x0f, 0xbf, 0x27, 0xdf, 0xdc, 0xd0, 0xb4,
0xe3, 0x78, 0x1f, 0x98, 0x06, 0xda, 0xab, 0xb6}, 64,
/* tag, tag length */
{0xa0, 0x49, 0x87, 0x45, 0xe5, 0x99, 0x99, 0xdd,
0xc3, 0x2d, 0x5b, 0x14, 0x02, 0x41, 0x12, 0x4e}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x4f, 0x80, 0x2d, 0xa6, 0x2a, 0x38, 0x45, 0x55,
0xa1, 0x9b, 0xc2, 0xb3, 0x82, 0xeb, 0x25, 0xaf}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44}, 80,
/* ct, ct length */
{0xe9, 0xb0, 0xbb, 0x88, 0x57, 0x81, 0x8c, 0xe3,
0x20, 0x1c, 0x36, 0x90, 0xd2, 0x1d, 0xaa, 0x7f,
0x26, 0x4f, 0xb8, 0xee, 0x93, 0xcc, 0x7a, 0x46,
0x74, 0xea, 0x2f, 0xc3, 0x2b, 0xf1, 0x82, 0xfb,
0x2a, 0x7e, 0x8a, 0xd5, 0x15, 0x07, 0xad, 0x4f,
0x31, 0xce, 0xfc, 0x23, 0x56, 0xfe, 0x79, 0x36,
0xa7, 0xf6, 0xe1, 0x9f, 0x95, 0xe8, 0x8f, 0xdb,
0xf1, 0x76, 0x20, 0x91, 0x6d, 0x3a, 0x6f, 0x3d,
0x01, 0xfc, 0x17, 0xd3, 0x58, 0x67, 0x2f, 0x77,
0x7f, 0xd4, 0x09, 0x92, 0x46, 0xe4, 0x36, 0xe1}, 80,
/* tag, tag length */
{0x67, 0x91, 0x0b, 0xe7, 0x44, 0xb8, 0x31, 0x5a,
0xe0, 0xeb, 0x61, 0x24, 0x59, 0x0c, 0x5d, 0x8b}, 16,
/* valid */
1,
},
{
/* key, key length */
{0xb6, 0x7b, 0x1a, 0x6e, 0xfd, 0xd4, 0x0d, 0x37,
0x08, 0x0f, 0xbe, 0x8f, 0x80, 0x47, 0xae, 0xb9}, 16,
/* iv, iv length */
{0xfa, 0x29, 0x4b, 0x12, 0x99, 0x72, 0xf7, 0xfc,
0x5b, 0xbd, 0x5b, 0x96, 0xbb, 0xa8, 0x37, 0xc9}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x00}, 0,
/* ct, ct length */
{0x00}, 0,
/* tag, tag length */
{0xb1, 0x4b, 0x64, 0xfb, 0x58, 0x98, 0x99, 0x69,
0x95, 0x70, 0xcc, 0x91, 0x60, 0xe3, 0x98, 0x96}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x20, 0x9e, 0x6d, 0xbf, 0x2a, 0xd2, 0x6a, 0x10,
0x54, 0x45, 0xfc, 0x02, 0x07, 0xcd, 0x9e, 0x9a}, 16,
/* iv, iv length */
{0x94, 0x77, 0x84, 0x9d, 0x6c, 0xcd, 0xfc, 0xa1,
0x12, 0xd9, 0x2e, 0x53, 0xfa, 0xe4, 0xa7, 0xca}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x01}, 1,
/* ct, ct length */
{0x1d}, 1,
/* tag, tag length */
{0x52, 0xa5, 0xf6, 0x00, 0xfe, 0x53, 0x38, 0x02,
0x6a, 0x7c, 0xb0, 0x9c, 0x11, 0x64, 0x00, 0x82}, 16,
/* valid */
1,
},
{
/* key, key length */
{0xa5, 0x49, 0x44, 0x2e, 0x35, 0x15, 0x40, 0x32,
0xd0, 0x7c, 0x86, 0x66, 0x00, 0x6a, 0xa6, 0xa2}, 16,
/* iv, iv length */
{0x51, 0x71, 0x52, 0x45, 0x68, 0xe8, 0x1d, 0x97,
0xe8, 0xc4, 0xde, 0x4b, 0xa5, 0x6c, 0x10, 0xa0}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x11, 0x82, 0xe9, 0x35, 0x96, 0xca, 0xc5, 0x60,
0x89, 0x46, 0x40, 0x0b, 0xc7, 0x3f, 0x3a}, 15,
/* ct, ct length */
{0xd7, 0xb8, 0xa6, 0xb4, 0x3d, 0x2e, 0x9f, 0x98,
0xc2, 0xb4, 0x4c, 0xe5, 0xe3, 0xcf, 0xdb}, 15,
/* tag, tag length */
{0x1b, 0xdd, 0x52, 0xfc, 0x98, 0x7d, 0xaf, 0x0e,
0xe1, 0x92, 0x34, 0xc9, 0x05, 0xea, 0x64, 0x5f}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x95, 0x8b, 0xcd, 0xb6, 0x6a, 0x39, 0x52, 0xb5,
0x37, 0x01, 0x58, 0x2a, 0x68, 0xa0, 0xe4, 0x74}, 16,
/* iv, iv length */
{0x0e, 0x6e, 0xc8, 0x79, 0xb0, 0x2c, 0x6f, 0x51,
0x69, 0x76, 0xe3, 0x58, 0x98, 0x42, 0x8d, 0xa7}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x14, 0x04, 0x15, 0x82, 0x3e, 0xcc, 0x89, 0x32,
0xa0, 0x58, 0x38, 0x4b, 0x73, 0x8e, 0xa6, 0xea,
0x6d, 0x4d, 0xfe, 0x3b, 0xbe, 0xee}, 22,
/* ct, ct length */
{0x73, 0xe5, 0xc6, 0xf0, 0xe7, 0x03, 0xa5, 0x2d,
0x02, 0xf7, 0xf7, 0xfa, 0xeb, 0x1b, 0x77, 0xfd,
0x4f, 0xd0, 0xcb, 0x42, 0x1e, 0xaf}, 22,
/* tag, tag length */
{0x6c, 0x15, 0x4a, 0x85, 0x96, 0x8e, 0xdd, 0x74,
0x77, 0x65, 0x75, 0xa4, 0x45, 0x0b, 0xd8, 0x97}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x96, 0x5b, 0x75, 0x7b, 0xa5, 0x01, 0x8a, 0x8d,
0x66, 0xed, 0xc7, 0x8e, 0x0c, 0xee, 0xe8, 0x6b}, 16,
/* iv, iv length */
{0x2e, 0x35, 0x90, 0x1a, 0xe7, 0xd4, 0x91, 0xee,
0xcc, 0x88, 0x38, 0xfe, 0xdd, 0x63, 0x14, 0x05}, 16,
/* aad, aad length */
{0xdf, 0x10, 0xd0, 0xd2, 0x12, 0x24, 0x24, 0x50}, 8,
/* msg, msg length */
{0x36, 0xe5, 0x7a, 0x76, 0x39, 0x58, 0xb0, 0x2c,
0xea, 0x9d, 0x6a, 0x67, 0x6e, 0xbc, 0xe8, 0x1f}, 16,
/* ct, ct length */
{0x93, 0x6b, 0x69, 0xb6, 0xc9, 0x55, 0xad, 0xfd,
0x15, 0x53, 0x9b, 0x9b, 0xe4, 0x98, 0x9c, 0xb6}, 16,
/* tag, tag length */
{0xee, 0x15, 0xa1, 0x45, 0x4e, 0x88, 0xfa, 0xad,
0x8e, 0x48, 0xa8, 0xdf, 0x29, 0x83, 0xb4, 0x25}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x88, 0xd0, 0x20, 0x33, 0x78, 0x1c, 0x7b, 0x41,
0x64, 0x71, 0x1a, 0x05, 0x42, 0x0f, 0x25, 0x6e}, 16,
/* iv, iv length */
{0x7f, 0x29, 0x85, 0x29, 0x63, 0x15, 0x50, 0x7a,
0xa4, 0xc0, 0xa9, 0x3d, 0x5c, 0x12, 0xbd, 0x77}, 16,
/* aad, aad length */
{0x7c, 0x57, 0x1d, 0x2f, 0xbb, 0x5f, 0x62, 0x52,
0x3c, 0x0e, 0xb3, 0x38, 0xbe, 0xf9, 0xa9}, 15,
/* msg, msg length */
{0xd9, 0x8a, 0xdc, 0x03, 0xd9, 0xd5, 0x82, 0x73,
0x2e, 0xb0, 0x7d, 0xf2, 0x3d, 0x7b, 0x9f, 0x74}, 16,
/* ct, ct length */
{0x67, 0xca, 0xac, 0x35, 0x44, 0x3a, 0x31, 0x38,
0xd2, 0xcb, 0x81, 0x1f, 0x0c, 0xe0, 0x4d, 0xd2}, 16,
/* tag, tag length */
{0xb7, 0x96, 0x8e, 0x0b, 0x56, 0x40, 0xe3, 0xb2,
0x36, 0x56, 0x96, 0x53, 0x20, 0x8b, 0x9d, 0xeb}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x51, 0x58, 0x40, 0xcf, 0x67, 0xd2, 0xe4, 0x0e,
0xb6, 0x5e, 0x54, 0xa2, 0x4c, 0x72, 0xcb, 0xf2}, 16,
/* iv, iv length */
{0xbf, 0x47, 0xaf, 0xdf, 0xd4, 0x92, 0x13, 0x7a,
0x24, 0x23, 0x6b, 0xc3, 0x67, 0x97, 0xa8, 0x8e}, 16,
/* aad, aad length */
{0x16, 0x84, 0x3c, 0x09, 0x1d, 0x43, 0xb0, 0xa1,
0x91, 0xd0, 0xc7, 0x3d, 0x15, 0x60, 0x1b, 0xe9}, 16,
/* msg, msg length */
{0xc8, 0x34, 0x58, 0x8c, 0xb6, 0xda, 0xf9, 0xf0,
0x6d, 0xd2, 0x35, 0x19, 0xf4, 0xbe, 0x9f, 0x56}, 16,
/* ct, ct length */
{0x20, 0x0a, 0xc4, 0x51, 0xfb, 0xeb, 0x0f, 0x61,
0x51, 0xd6, 0x15, 0x83, 0xa4, 0x3b, 0x73, 0x43}, 16,
/* tag, tag length */
{0x2a, 0xd4, 0x3e, 0x4c, 0xaa, 0x51, 0x98, 0x3a,
0x9d, 0x4d, 0x24, 0x48, 0x1b, 0xf4, 0xc8, 0x39}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x2e, 0x44, 0x92, 0xd4, 0x44, 0xe5, 0xb6, 0xf4,
0xce, 0xc8, 0xc2, 0xd3, 0x61, 0x5a, 0xc8, 0x58}, 16,
/* iv, iv length */
{0xd0, 0x2b, 0xf0, 0x76, 0x3a, 0x9f, 0xef, 0xbf,
0x70, 0xc3, 0x3a, 0xee, 0x1e, 0x9d, 0xa1, 0xd6}, 16,
/* aad, aad length */
{0x90, 0x4d, 0x86, 0xf1, 0x33, 0xce, 0xc1, 0x5a,
0x0c, 0x3c, 0xaf, 0x14, 0xd7, 0xe0, 0x29, 0xc8,
0x2a, 0x07, 0x70, 0x5a, 0x23, 0xf0, 0xd0, 0x80}, 24,
/* msg, msg length */
{0x9e, 0x62, 0xd6, 0x51, 0x1b, 0x0b, 0xda, 0x7d,
0xd7, 0x74, 0x0b, 0x61, 0x4d, 0x97, 0xba, 0xe0}, 16,
/* ct, ct length */
{0x27, 0xc6, 0xe9, 0xa6, 0x53, 0xc5, 0x25, 0x3c,
0xa1, 0xc5, 0x67, 0x3f, 0x97, 0xb9, 0xb3, 0x3e}, 16,
/* tag, tag length */
{0x2d, 0x58, 0x12, 0x71, 0xe1, 0xfa, 0x9e, 0x36,
0x86, 0x13, 0x6c, 0xaa, 0x8f, 0x4d, 0x6c, 0x8e}, 16,
/* valid */
1,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe4, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0x66, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0f, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x12, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x11, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0xd2, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0xb8, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb0, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9a, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x99, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x1b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa6}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa5}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xe7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0x72,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72,
0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0x19, 0xf1, 0x83, 0xaf, 0xec, 0x59, 0x24, 0x0d,
0xad, 0x67, 0x4e, 0x6d, 0x64, 0x3c, 0xa9, 0x58}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0x66, 0x8e, 0xfc, 0xd0, 0x93, 0x26, 0x5b, 0x72,
0xd2, 0x18, 0x31, 0x12, 0x1b, 0x43, 0xd6, 0x27}, 16,
/* valid */
0,
},
{
/* key, key length */
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
/* iv, iv length */
{0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
/* aad, aad length */
{0x00}, 0,
/* msg, msg length */
{0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
/* ct, ct length */
{0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
/* tag, tag length */
{0xe7, 0x0f, 0x7d, 0x51, 0x12, 0xa7, 0xda, 0xf3,
0x53, 0x99, 0xb0, 0x93, 0x9a, 0xc2, 0x57, 0xa6}, 16,
/* valid */
0,
},
};
byte ciphertext[sizeof(vectors[0].ct)];
byte authtag[sizeof(vectors[0].tag)];
int i;
int len;
int ret;
for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) {
XMEMSET(ciphertext, 0, sizeof(ciphertext));
len = sizeof(authtag);
ExpectIntEQ(wc_AesEaxEncryptAuth(vectors[i].key, vectors[i].key_length,
ciphertext,
vectors[i].msg, vectors[i].msg_length,
vectors[i].iv, vectors[i].iv_length,
authtag, len,
vectors[i].aad, vectors[i].aad_length),
0);
/* check ciphertext matches vector */
ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].ct, vectors[i].ct_length),
0);
/* check that computed tag matches vector only for vectors marked as valid */
ret = XMEMCMP(authtag, vectors[i].tag, len);
if (vectors[i].valid) {
ExpectIntEQ(ret, 0);
}
else {
ExpectIntNE(ret, 0);
}
XMEMSET(ciphertext, 0, sizeof(ciphertext));
/* Decrypt, checking that the computed auth tags match */
ExpectIntEQ(wc_AesEaxDecryptAuth(vectors[i].key, vectors[i].key_length,
ciphertext,
vectors[i].ct, vectors[i].ct_length,
vectors[i].iv, vectors[i].iv_length,
authtag, len,
vectors[i].aad, vectors[i].aad_length),
0);
/* check decrypted ciphertext matches vector plaintext */
ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].msg, vectors[i].msg_length),
0);
}
return EXPECT_RESULT();
} /* END test_wc_AesEaxVectors */
/*
* Testing test_wc_AesEaxEncryptAuth()
*/
static int test_wc_AesEaxEncryptAuth(void)
{
EXPECT_DECLS;
const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
const byte iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
const byte msg[] = {0x00, 0x01, 0x02, 0x03, 0x04};
byte ciphertext[sizeof(msg)];
byte authtag[AES_BLOCK_SIZE];
int i;
int len;
len = sizeof(authtag);
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
ciphertext,
msg, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
0);
/* Test null checking */
ExpectIntEQ(wc_AesEaxEncryptAuth(NULL, sizeof(key),
ciphertext,
msg, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
NULL,
msg, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
ciphertext,
NULL, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
ciphertext,
msg, sizeof(msg),
NULL, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
ciphertext,
msg, sizeof(msg),
iv, sizeof(iv),
NULL, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
ciphertext,
msg, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
NULL, sizeof(aad)),
BAD_FUNC_ARG);
/* Test bad key lengths */
for (i = 0; i <= 32; i++) {
int exp_ret;
if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE
|| i == AES_256_KEY_SIZE) {
exp_ret = 0;
}
else {
exp_ret = BAD_FUNC_ARG;
}
ExpectIntEQ(wc_AesEaxEncryptAuth(key, (word32)i,
ciphertext,
msg, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
exp_ret);
}
/* Test auth tag size out of range */
len = AES_BLOCK_SIZE + 1;
ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
ciphertext,
msg, sizeof(msg),
iv, sizeof(iv),
authtag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
return EXPECT_RESULT();
} /* END test_wc_AesEaxEncryptAuth() */
/*
* Testing test_wc_AesEaxDecryptAuth()
*/
static int test_wc_AesEaxDecryptAuth(void)
{
EXPECT_DECLS;
const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
const byte iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
const byte ct[] = {0x00, 0x01, 0x02, 0x03, 0x04};
/* Garbage tag that should always fail for above aad */
const byte tag[] = {0xFE, 0xED, 0xBE, 0xEF, 0xDE, 0xAD, 0xC0, 0xDE,
0xCA, 0xFE, 0xBE, 0xEF, 0xDE, 0xAF, 0xBE, 0xEF};
byte plaintext[sizeof(ct)];
int i;
int len;
len = sizeof(tag);
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
plaintext,
ct, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
AES_EAX_AUTH_E);
/* Test null checking */
ExpectIntEQ(wc_AesEaxDecryptAuth(NULL, sizeof(key),
plaintext,
ct, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
NULL,
ct, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
plaintext,
NULL, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
plaintext,
ct, sizeof(ct),
NULL, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
plaintext,
ct, sizeof(ct),
iv, sizeof(iv),
NULL, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
plaintext,
ct, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
NULL, sizeof(aad)),
BAD_FUNC_ARG);
/* Test bad key lengths */
for (i = 0; i <= 32; i++) {
int exp_ret;
if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE
|| i == AES_256_KEY_SIZE) {
exp_ret = AES_EAX_AUTH_E;
}
else {
exp_ret = BAD_FUNC_ARG;
}
ExpectIntEQ(wc_AesEaxDecryptAuth(key, (word32)i,
plaintext,
ct, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
exp_ret);
}
/* Test auth tag size out of range */
len = AES_BLOCK_SIZE + 1;
ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
plaintext,
ct, sizeof(ct),
iv, sizeof(iv),
tag, (word32)len,
aad, sizeof(aad)),
BAD_FUNC_ARG);
return EXPECT_RESULT();
} /* END test_wc_AesEaxDecryptAuth() */
#endif /* WOLFSSL_AES_EAX &&
* (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) && !HAVE_SELFTEST
*/
/*
* Testing wc_InitDsaKey()
*/
static int test_wc_InitDsaKey(void)
{
EXPECT_DECLS;
#ifndef NO_DSA
DsaKey key;
XMEMSET(&key, 0, sizeof(DsaKey));
ExpectIntEQ(wc_InitDsaKey(&key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_InitDsaKey(NULL), BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_InitDsaKey */
/*
* Testing wc_DsaSign() and wc_DsaVerify()
*/
static int test_wc_DsaSignVerify(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA)
DsaKey key;
WC_RNG rng;
wc_Sha sha;
byte signature[DSA_SIG_SIZE];
byte hash[WC_SHA_DIGEST_SIZE];
word32 idx = 0;
word32 bytes;
int answer;
#ifdef USE_CERT_BUFFERS_1024
byte tmp[ONEK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
byte tmp[TWOK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
byte tmp[TWOK_BUF];
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
ExpectTrue((bytes = (word32)XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
ExpectIntEQ(wc_InitSha(&sha), 0);
ExpectIntEQ(wc_ShaUpdate(&sha, tmp, bytes), 0);
ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
/* Sign. */
ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), 0);
/* Test bad args. */
ExpectIntEQ(wc_DsaSign(NULL, signature, &key, &rng), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaSign(hash, NULL, &key, &rng), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaSign(hash, signature, NULL, &rng), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaSign(hash, signature, &key, NULL), BAD_FUNC_ARG);
/* Verify. */
ExpectIntEQ(wc_DsaVerify(hash, signature, &key, &answer), 0);
ExpectIntEQ(answer, 1);
/* Pass in bad args. */
ExpectIntEQ(wc_DsaVerify(NULL, signature, &key, &answer), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaVerify(hash, NULL, &key, &answer), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaVerify(hash, signature, NULL, &answer), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaVerify(hash, signature, &key, NULL), BAD_FUNC_ARG);
#if !defined(HAVE_FIPS) && defined(WOLFSSL_PUBLIC_MP)
/* hard set q to 0 and test fail case */
mp_free(&key.q);
mp_init(&key.q);
ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
mp_set(&key.q, 1);
ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
#endif
DoExpectIntEQ(wc_FreeRng(&rng),0);
wc_FreeDsaKey(&key);
wc_ShaFree(&sha);
#endif
return EXPECT_RESULT();
} /* END test_wc_DsaSign */
/*
* Testing wc_DsaPrivateKeyDecode() and wc_DsaPublicKeyDecode()
*/
static int test_wc_DsaPublicPrivateKeyDecode(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA)
DsaKey key;
word32 bytes = 0;
word32 idx = 0;
int ret = 0;
#ifdef USE_CERT_BUFFERS_1024
byte tmp[ONEK_BUF];
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
byte tmp[TWOK_BUF];
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
byte tmp[TWOK_BUF];
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
/* Test bad args. */
ExpectIntEQ(wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG);
ExpectIntLT(ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E));
wc_FreeDsaKey(&key);
ExpectIntEQ(wc_InitDsaKey(&key), 0);
idx = 0; /* Reset */
ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0);
/* Test bad args. */
ExpectIntEQ(wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG);
ExpectIntLT(ret = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0);
ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E));
wc_FreeDsaKey(&key);
#endif /* !NO_DSA */
return EXPECT_RESULT();
} /* END test_wc_DsaPublicPrivateKeyDecode */
/*
* Testing wc_MakeDsaKey() and wc_MakeDsaParameters()
*/
static int test_wc_MakeDsaKey(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
DsaKey genKey;
WC_RNG rng;
XMEMSET(&genKey, 0, sizeof(genKey));
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitDsaKey(&genKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey), 0);
/* Test bad args. */
ExpectIntEQ(wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey), BAD_FUNC_ARG);
ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_MakeDsaKey(&rng, &genKey), 0);
/* Test bad args. */
ExpectIntEQ(wc_MakeDsaKey(NULL, &genKey), BAD_FUNC_ARG);
ExpectIntEQ(wc_MakeDsaKey(&rng, NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_FreeDsaKey(&genKey);
#endif
return EXPECT_RESULT();
} /* END test_wc_MakeDsaKey */
/*
* Testing wc_DsaKeyToDer()
*/
static int test_wc_DsaKeyToDer(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
DsaKey key;
word32 bytes;
word32 idx = 0;
#ifdef USE_CERT_BUFFERS_1024
byte tmp[ONEK_BUF];
byte der[ONEK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(der, 0, sizeof(der));
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
byte tmp[TWOK_BUF];
byte der[TWOK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(der, 0, sizeof(der));
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
byte tmp[TWOK_BUF];
byte der[TWOK_BUF];
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(der, 0, sizeof(der));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
XMEMSET(&key, 0, sizeof(DsaKey));
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
ExpectIntGE(wc_DsaKeyToDer(&key, der, bytes), 0);
ExpectIntEQ(XMEMCMP(der, tmp, bytes), 0);
/* Test bad args. */
ExpectIntEQ(wc_DsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaKeyToDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
#endif /* !NO_DSA && WOLFSSL_KEY_GEN */
return EXPECT_RESULT();
} /* END test_wc_DsaKeyToDer */
/*
* Testing wc_DsaKeyToPublicDer()
* (indirectly testing setDsaPublicKey())
*/
static int test_wc_DsaKeyToPublicDer(void)
{
EXPECT_DECLS;
#ifndef HAVE_SELFTEST
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
DsaKey key;
WC_RNG rng;
byte* der = NULL;
word32 sz = 0;
word32 idx = 0;
XMEMSET(&key, 0, sizeof(DsaKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectNotNull(der = (byte*)XMALLOC(ONEK_BUF, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &key), 0);
ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
ExpectIntGE(sz = (word32)wc_DsaKeyToPublicDer(&key, der, ONEK_BUF), 0);
wc_FreeDsaKey(&key);
idx = 0;
ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0);
/* Test without the SubjectPublicKeyInfo header */
ExpectIntGE(sz = (word32)wc_SetDsaPublicKey(der, &key, ONEK_BUF, 0), 0);
wc_FreeDsaKey(&key);
idx = 0;
ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0);
/* Test bad args. */
ExpectIntEQ(wc_DsaKeyToPublicDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
ExpectIntEQ(wc_DsaKeyToPublicDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_FreeDsaKey(&key);
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* !NO_DSA && WOLFSSL_KEY_GEN */
#endif /* !HAVE_SELFTEST */
return EXPECT_RESULT();
} /* END test_wc_DsaKeyToPublicDer */
/*
* Testing wc_DsaImportParamsRaw()
*/
static int test_wc_DsaImportParamsRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA)
DsaKey key;
/* [mod = L=1024, N=160], from CAVP KeyPair */
const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
"4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
"5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6"
"52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71"
"47123188f8dc551054ee162b634d60f097f719076640e209"
"80a0093113a8bd73";
const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281";
const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822"
"138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e"
"b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786"
"07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
"61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
"76341a7e7d9";
/* invalid p and q parameters */
const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
const char* invalidQ = "96c5390a";
XMEMSET(&key, 0, sizeof(DsaKey));
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0);
/* test bad args */
/* null key struct */
ExpectIntEQ(wc_DsaImportParamsRaw(NULL, p, q, g), BAD_FUNC_ARG);
/* null param pointers */
ExpectIntEQ(wc_DsaImportParamsRaw(&key, NULL, NULL, NULL), BAD_FUNC_ARG);
/* illegal p length */
ExpectIntEQ(wc_DsaImportParamsRaw(&key, invalidP, q, g), BAD_FUNC_ARG);
/* illegal q length */
ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, invalidQ, g), BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_DsaImportParamsRaw */
/*
* Testing wc_DsaImportParamsRawCheck()
*/
static int test_wc_DsaImportParamsRawCheck(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
DsaKey key;
int trusted = 0;
/* [mod = L=1024, N=160], from CAVP KeyPair */
const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
"4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
"5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6"
"52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71"
"47123188f8dc551054ee162b634d60f097f719076640e209"
"80a0093113a8bd73";
const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281";
const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822"
"138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e"
"b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786"
"07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
"61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
"76341a7e7d9";
/* invalid p and q parameters */
const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
const char* invalidQ = "96c5390a";
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, q, g, trusted, NULL), 0);
/* test bad args */
/* null key struct */
ExpectIntEQ(wc_DsaImportParamsRawCheck(NULL, p, q, g, trusted, NULL),
BAD_FUNC_ARG);
/* null param pointers */
ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, NULL, NULL, NULL, trusted,
NULL), BAD_FUNC_ARG);
/* illegal p length */
ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, invalidP, q, g, trusted, NULL),
BAD_FUNC_ARG);
/* illegal q length */
ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, invalidQ, g, trusted, NULL),
BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_DsaImportParamsRawCheck */
/*
* Testing wc_DsaExportParamsRaw()
*/
static int test_wc_DsaExportParamsRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA)
DsaKey key;
/* [mod = L=1024, N=160], from CAVP KeyPair */
const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
"4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
"5ce6fc5ae7912102b6b502e59050b5b21ce263dddb2044b6"
"52236f4d42ab4b5d6aa73189cef1ace778d7845a5c1c1c71"
"47123188f8dc551054ee162b634d60f097f719076640e209"
"80a0093113a8bd73";
const char* q = "96c5390a8b612c0e422bb2b0ea194a3ec935a281";
const char* g = "06b7861abbd35cc89e79c52f68d20875389b127361ca66822"
"138ce4991d2b862259d6b4548a6495b195aa0e0b6137ca37e"
"b23b94074d3c3d300042bdf15762812b6333ef7b07ceba786"
"07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
"61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
"76341a7e7d9";
const char* pCompare = "\xd3\x83\x11\xe2\xcd\x38\x8c\x3e\xd6\x98\xe8\x2f"
"\xdf\x88\xeb\x92\xb5\xa9\xa4\x83\xdc\x88\x00\x5d"
"\x4b\x72\x5e\xf3\x41\xea\xbb\x47\xcf\x8a\x7a\x8a"
"\x41\xe7\x92\xa1\x56\xb7\xce\x97\x20\x6c\x4f\x9c"
"\x5c\xe6\xfc\x5a\xe7\x91\x21\x02\xb6\xb5\x02\xe5"
"\x90\x50\xb5\xb2\x1c\xe2\x63\xdd\xdb\x20\x44\xb6"
"\x52\x23\x6f\x4d\x42\xab\x4b\x5d\x6a\xa7\x31\x89"
"\xce\xf1\xac\xe7\x78\xd7\x84\x5a\x5c\x1c\x1c\x71"
"\x47\x12\x31\x88\xf8\xdc\x55\x10\x54\xee\x16\x2b"
"\x63\x4d\x60\xf0\x97\xf7\x19\x07\x66\x40\xe2\x09"
"\x80\xa0\x09\x31\x13\xa8\xbd\x73";
const char* qCompare = "\x96\xc5\x39\x0a\x8b\x61\x2c\x0e\x42\x2b\xb2\xb0"
"\xea\x19\x4a\x3e\xc9\x35\xa2\x81";
const char* gCompare = "\x06\xb7\x86\x1a\xbb\xd3\x5c\xc8\x9e\x79\xc5\x2f"
"\x68\xd2\x08\x75\x38\x9b\x12\x73\x61\xca\x66\x82"
"\x21\x38\xce\x49\x91\xd2\xb8\x62\x25\x9d\x6b\x45"
"\x48\xa6\x49\x5b\x19\x5a\xa0\xe0\xb6\x13\x7c\xa3"
"\x7e\xb2\x3b\x94\x07\x4d\x3c\x3d\x30\x00\x42\xbd"
"\xf1\x57\x62\x81\x2b\x63\x33\xef\x7b\x07\xce\xba"
"\x78\x60\x76\x10\xfc\xc9\xee\x68\x49\x1d\xbc\x1e"
"\x34\xcd\x12\x61\x54\x74\xe5\x2b\x18\xbc\x93\x4f"
"\xb0\x0c\x61\xd3\x9e\x7d\xa8\x90\x22\x91\xc4\x43"
"\x4a\x4e\x22\x24\xc3\xf4\xfd\x9f\x93\xcd\x6f\x4f"
"\x17\xfc\x07\x63\x41\xa7\xe7\xd9";
byte pOut[MAX_DSA_PARAM_SIZE];
byte qOut[MAX_DSA_PARAM_SIZE];
byte gOut[MAX_DSA_PARAM_SIZE];
word32 pOutSz;
word32 qOutSz;
word32 gOutSz;
XMEMSET(&key, 0, sizeof(DsaKey));
ExpectIntEQ(wc_InitDsaKey(&key), 0);
/* first test using imported raw parameters, for expected */
ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0);
pOutSz = sizeof(pOut);
qOutSz = sizeof(qOut);
gOutSz = sizeof(gOut);
ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
&gOutSz), 0);
/* validate exported parameters are correct */
ExpectIntEQ(XMEMCMP(pOut, pCompare, pOutSz), 0);
ExpectIntEQ(XMEMCMP(qOut, qCompare, qOutSz), 0);
ExpectIntEQ(XMEMCMP(gOut, gCompare, gOutSz), 0);
/* test bad args */
/* null key struct */
ExpectIntEQ(wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz, gOut,
&gOutSz), BAD_FUNC_ARG);
/* null output pointers */
ExpectIntEQ(wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz, NULL,
&gOutSz), LENGTH_ONLY_E);
/* null output size pointers */
ExpectIntEQ( wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL, gOut,
NULL), BAD_FUNC_ARG);
/* p output buffer size too small */
pOutSz = 1;
ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
&gOutSz), BUFFER_E);
pOutSz = sizeof(pOut);
/* q output buffer size too small */
qOutSz = 1;
ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
&gOutSz), BUFFER_E);
qOutSz = sizeof(qOut);
/* g output buffer size too small */
gOutSz = 1;
ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
&gOutSz), BUFFER_E);
wc_FreeDsaKey(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_DsaExportParamsRaw */
/*
* Testing wc_DsaExportKeyRaw()
*/
static int test_wc_DsaExportKeyRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
DsaKey key;
WC_RNG rng;
byte xOut[MAX_DSA_PARAM_SIZE];
byte yOut[MAX_DSA_PARAM_SIZE];
word32 xOutSz, yOutSz;
XMEMSET(&key, 0, sizeof(key));
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_MakeDsaParameters(&rng, 1024, &key), 0);
ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
/* try successful export */
xOutSz = sizeof(xOut);
yOutSz = sizeof(yOut);
ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), 0);
/* test bad args */
/* null key struct */
ExpectIntEQ(wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz),
BAD_FUNC_ARG);
/* null output pointers */
ExpectIntEQ(wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz),
LENGTH_ONLY_E);
/* null output size pointers */
ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL),
BAD_FUNC_ARG);
/* x output buffer size too small */
xOutSz = 1;
ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
BUFFER_E);
xOutSz = sizeof(xOut);
/* y output buffer size too small */
yOutSz = 1;
ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
BUFFER_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_FreeDsaKey(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_DsaExportParamsRaw */
/*
* Testing wc_ed25519_make_key().
*/
static int test_wc_ed25519_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
ed25519_key key;
WC_RNG rng;
unsigned char pubkey[ED25519_PUB_KEY_SIZE+1];
int pubkey_sz = ED25519_PUB_KEY_SIZE;
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed25519_make_public(&key, pubkey, (word32)pubkey_sz),
ECC_PRIV_KEY_E);
ExpectIntEQ(wc_ed25519_make_public(&key, pubkey+1, (word32)pubkey_sz),
ECC_PRIV_KEY_E);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key),
BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_make_key */
/*
* Testing wc_ed25519_init()
*/
static int test_wc_ed25519_init(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519)
ed25519_key key;
XMEMSET(&key, 0, sizeof(ed25519_key));
ExpectIntEQ(wc_ed25519_init(&key), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_init(NULL), BAD_FUNC_ARG);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_init */
/*
* Test wc_ed25519_sign_msg() and wc_ed25519_verify_msg()
*/
static int test_wc_ed25519_sign_msg(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN)
WC_RNG rng;
ed25519_key key;
byte msg[] = "Everybody gets Friday off.\n";
byte sig[ED25519_SIG_SIZE+1];
word32 msglen = sizeof(msg);
word32 siglen = ED25519_SIG_SIZE;
word32 badSigLen = ED25519_SIG_SIZE - 1;
#ifdef HAVE_ED25519_VERIFY
int verify_ok = 0; /*1 = Verify success.*/
#endif
/* Initialize stack variables. */
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, sizeof(sig));
/* Initialize key. */
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key), 0);
ExpectIntEQ(siglen, ED25519_SIG_SIZE);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig+1, &siglen, &key), 0);
ExpectIntEQ(siglen, ED25519_SIG_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key),
BUFFER_E);
ExpectIntEQ(badSigLen, ED25519_SIG_SIZE);
badSigLen -= 1;
#ifdef HAVE_ED25519_VERIFY
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
&key), 0);
ExpectIntEQ(verify_ok, 1);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen - 1, msg, msglen,
&verify_ok, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen + 1, msg, msglen,
&verify_ok, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, NULL, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, NULL, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_verify_msg(sig+1, badSigLen, msg, msglen, &verify_ok,
&key), BAD_FUNC_ARG);
#endif /* Verify. */
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_sign_msg */
/*
* Testing wc_ed25519_import_public()
*/
static int test_wc_ed25519_import_public(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
ed25519_key pubKey;
WC_RNG rng;
const byte in[] = "Ed25519PublicKeyUnitTest......\n";
word32 inlen = sizeof(in);
XMEMSET(&pubKey, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&pubKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#ifdef HAVE_ED25519_MAKE_KEY
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey), 0);
#endif
ExpectIntEQ(wc_ed25519_import_public_ex(in, inlen, &pubKey, 1), 0);
ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_public(in, inlen, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&pubKey);
#endif
return EXPECT_RESULT();
} /* END wc_ed25519_import_public */
/*
* Testing wc_ed25519_import_private_key()
*/
static int test_wc_ed25519_import_private_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
ed25519_key key;
WC_RNG rng;
const byte privKey[] = "Ed25519PrivateKeyUnitTest.....\n";
const byte pubKey[] = "Ed25519PublicKeyUnitTest......\n";
word32 privKeySz = sizeof(privKey);
word32 pubKeySz = sizeof(pubKey);
#ifdef HAVE_ED25519_KEY_EXPORT
byte bothKeys[sizeof(privKey) + sizeof(pubKey)];
word32 bothKeysSz = sizeof(bothKeys);
#endif
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#ifdef HAVE_ED25519_MAKE_KEY
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
#endif
ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, privKeySz, pubKey,
pubKeySz, &key, 1), 0);
ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
#ifdef HAVE_ED25519_KEY_EXPORT
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ed25519_export_private(&key, bothKeys, &bothKeysSz), 0);
PRIVATE_KEY_LOCK();
ExpectIntEQ(wc_ed25519_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
&key, 1), 0);
ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL,
pubKeySz, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
pubKeySz, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey,
pubKeySz, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
pubKeySz - 1, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL, 0,
&key), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_import_private_key */
/*
* Testing wc_ed25519_export_public() and wc_ed25519_export_private_only()
*/
static int test_wc_ed25519_export(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
ed25519_key key;
WC_RNG rng;
byte priv[ED25519_PRV_KEY_SIZE];
byte pub[ED25519_PUB_KEY_SIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
#ifndef HAVE_ED25519_MAKE_KEY
const byte privKey[] = {
0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
};
const byte pubKey[] = {
0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
};
#endif
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#ifdef HAVE_ED25519_MAKE_KEY
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
#else
ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
pubKey, sizeof(pubKey), &key, 1), 0);
#endif
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ed25519_export_public(&key, pub, &pubSz), 0);
ExpectIntEQ(pubSz, ED25519_KEY_SIZE);
ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_public(&key, pub, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, &privSz), 0);
ExpectIntEQ(privSz, ED25519_KEY_SIZE);
ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_export_private_only(NULL, priv, &privSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_private_only(&key, NULL, &privSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, NULL),
BAD_FUNC_ARG);
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_export */
/*
* Testing wc_ed25519_size()
*/
static int test_wc_ed25519_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519)
ed25519_key key;
WC_RNG rng;
#ifndef HAVE_ED25519_MAKE_KEY
const byte privKey[] = {
0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
};
const byte pubKey[] = {
0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
};
#endif
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#ifdef HAVE_ED25519_MAKE_KEY
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
#else
ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
pubKey, sizeof(pubKey), &key, 1), 0);
#endif
ExpectIntEQ(wc_ed25519_size(&key), ED25519_KEY_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_size(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_sig_size(&key), ED25519_SIG_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_sig_size(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_pub_size(&key), ED25519_PUB_KEY_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_pub_size(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_priv_size(&key), ED25519_PRV_KEY_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_priv_size(NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_size */
/*
* Testing wc_ed25519_export_private() and wc_ed25519_export_key()
*/
static int test_wc_ed25519_exportKey(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
WC_RNG rng;
ed25519_key key;
byte priv[ED25519_PRV_KEY_SIZE];
byte pub[ED25519_PUB_KEY_SIZE];
byte privOnly[ED25519_PRV_KEY_SIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
word32 privOnlySz = sizeof(privOnly);
#ifndef HAVE_ED25519_MAKE_KEY
const byte privKey[] = {
0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
};
const byte pubKey[] = {
0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
};
#endif
XMEMSET(&key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#ifdef HAVE_ED25519_MAKE_KEY
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
#else
ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
pubKey, sizeof(pubKey), &key, 1), 0);
#endif
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, &privOnlySz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_export_private(NULL, privOnly, &privOnlySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_private(&key, NULL, &privOnlySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, NULL),
BAD_FUNC_ARG);
PRIVATE_KEY_LOCK();
/* Cross check output. */
ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed25519_exportKey */
/*
* Testing wc_Ed25519PublicKeyToDer
*/
static int test_wc_Ed25519PublicKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
ed25519_key key;
byte derBuf[1024];
XMEMSET(&key, 0, sizeof(ed25519_key));
/* Test bad args */
ExpectIntEQ(wc_Ed25519PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E);
wc_ed25519_free(&key);
/* Test good args */
if (EXPECT_SUCCESS()) {
WC_RNG rng;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
/* length only */
ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, NULL, 0, 0), 0);
ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, NULL, 0, 1), 0);
ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, derBuf,
(word32)sizeof(derBuf), 1), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
}
#endif
return EXPECT_RESULT();
} /* END testing wc_Ed25519PublicKeyToDer */
/*
* Testing wc_curve25519_init and wc_curve25519_free.
*/
static int test_wc_curve25519_init(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
ExpectIntEQ(wc_curve25519_init(&key), 0);
/* Test bad args for wc_curve25519_init */
ExpectIntEQ(wc_curve25519_init(NULL), BAD_FUNC_ARG);
/* Test good args for wc_curve_25519_free */
wc_curve25519_free(&key);
/* Test bad args for wc_curve25519 free. */
wc_curve25519_free(NULL);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_init and wc_curve_25519_free*/
/*
* Testing test_wc_curve25519_size.
*/
static int test_wc_curve25519_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
ExpectIntEQ(wc_curve25519_init(&key), 0);
/* Test good args for wc_curve25519_size */
ExpectIntEQ(wc_curve25519_size(&key), CURVE25519_KEYSIZE);
/* Test bad args for wc_curve25519_size */
ExpectIntEQ(wc_curve25519_size(NULL), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_size*/
/*
* Testing test_wc_curve25519_export_key_raw().
*/
static int test_wc_curve25519_export_key_raw(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)
curve25519_key key;
WC_RNG rng;
byte privateKey[CURVE25519_KEYSIZE];
byte publicKey[CURVE25519_KEYSIZE];
word32 prvkSz;
word32 pubkSz;
byte prik[CURVE25519_KEYSIZE];
byte pubk[CURVE25519_KEYSIZE];
word32 prksz;
word32 pbksz;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
/* bad-argument-test cases - target function should return BAD_FUNC_ARG */
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw(NULL, privateKey, &prvkSz,
publicKey, &pubkSz), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw(&key, NULL, &prvkSz, publicKey,
&pubkSz), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, NULL,
publicKey, &pubkSz), BAD_FUNC_ARG);
/* prvkSz = CURVE25519_KEYSIZE; */
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
NULL, &pubkSz), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
publicKey, NULL), BAD_FUNC_ARG);
/* cross-testing */
prksz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_private_raw(&key, prik, &prksz), 0);
pbksz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_public(&key, pubk, &pbksz), 0);
prvkSz = CURVE25519_KEYSIZE;
/* pubkSz = CURVE25519_KEYSIZE; */
ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
publicKey, &pubkSz), 0);
ExpectIntEQ(prksz, CURVE25519_KEYSIZE);
ExpectIntEQ(pbksz, CURVE25519_KEYSIZE);
ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0);
ExpectIntEQ(XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* end of test_wc_curve25519_export_key_raw */
/*
* Testing test_wc_curve25519_export_key_raw_ex().
*/
static int test_wc_curve25519_export_key_raw_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)
curve25519_key key;
WC_RNG rng;
byte privateKey[CURVE25519_KEYSIZE];
byte publicKey[CURVE25519_KEYSIZE];
word32 prvkSz;
word32 pubkSz;
byte prik[CURVE25519_KEYSIZE];
byte pubk[CURVE25519_KEYSIZE];
word32 prksz;
word32 pbksz;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
/* bad-argument-test cases - target function should return BAD_FUNC_ARG */
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey,
&prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL,
&prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
NULL, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
/* prvkSz = CURVE25519_KEYSIZE; */
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
&prvkSz, NULL, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
&prvkSz, publicKey, NULL, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
/* pubkSz = CURVE25519_KEYSIZE; */
ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey,
&prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL,
&prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
NULL, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
/* prvkSz = CURVE25519_KEYSIZE; */
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
&prvkSz, NULL, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
&prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
/* illegal value for endian */
prvkSz = CURVE25519_KEYSIZE;
/* pubkSz = CURVE25519_KEYSIZE; */
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
publicKey, NULL, EC25519_BIG_ENDIAN + 10), BAD_FUNC_ARG);
/* cross-testing */
prksz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_private_raw( &key, prik, &prksz), 0);
pbksz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_public( &key, pubk, &pbksz), 0);
prvkSz = CURVE25519_KEYSIZE;
/* pubkSz = CURVE25519_KEYSIZE; */
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0);
ExpectIntEQ(prksz, CURVE25519_KEYSIZE);
ExpectIntEQ(pbksz, CURVE25519_KEYSIZE);
ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0);
ExpectIntEQ(XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE), 0);
ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), 0);
ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
/* try once with another endian */
prvkSz = CURVE25519_KEYSIZE;
pubkSz = CURVE25519_KEYSIZE;
ExpectIntEQ(wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0);
ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* end of test_wc_curve25519_export_key_raw_ex */
/*
* Testing wc_curve25519_make_key
*/
static int test_wc_curve25519_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
WC_RNG rng;
int keysize;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
ExpectIntEQ(keysize = wc_curve25519_size(&key), CURVE25519_KEYSIZE);
ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, &key), 0);
/* test bad cases*/
ExpectIntEQ(wc_curve25519_make_key(NULL, 0, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_make_key(NULL, keysize, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_make_key(&rng, 0, &key), ECC_BAD_ARG_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_make_key*/
/*
* Testing wc_curve25519_shared_secret_ex
*/
static int test_wc_curve25519_shared_secret_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key private_key;
curve25519_key public_key;
WC_RNG rng;
byte out[CURVE25519_KEYSIZE];
word32 outLen = sizeof(out);
int endian = EC25519_BIG_ENDIAN;
ExpectIntEQ(wc_curve25519_init(&private_key), 0);
ExpectIntEQ(wc_curve25519_init(&public_key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &private_key),
0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &public_key),
0);
ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
&outLen, endian), 0);
/* test bad cases*/
ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, NULL, NULL, 0, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, &public_key, out, &outLen,
endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, NULL, out, &outLen,
endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, NULL,
&outLen, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
NULL, endian), BAD_FUNC_ARG);
/* curve25519.c is checking for public_key size less than or equal to 0x7f,
* increasing to 0x8f checks for error being returned*/
public_key.p.point[CURVE25519_KEYSIZE-1] = 0x8F;
ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
&outLen, endian), ECC_BAD_ARG_E);
outLen = outLen - 2;
ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
&outLen, endian), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&private_key);
wc_curve25519_free(&public_key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_shared_secret_ex*/
/*
* Testing wc_curve25519_make_pub
*/
static int test_wc_curve25519_make_pub(void)
{
EXPECT_DECLS;
#ifdef HAVE_CURVE25519
curve25519_key key;
WC_RNG rng;
byte out[CURVE25519_KEYSIZE];
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(out), out,
(int)sizeof(key.k), key.k), 0);
/* test bad cases*/
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(key.k) - 1, key.k,
(int)sizeof out, out), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
NULL), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out - 1, out,
(int)sizeof(key.k), key.k), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, NULL,
(int)sizeof(key.k), key.k), ECC_BAD_ARG_E);
/* verify clamping test */
key.k[0] |= ~248;
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
key.k), ECC_BAD_ARG_E);
key.k[0] &= 248;
/* repeat the expected-to-succeed test. */
ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
key.k), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_make_pub */
/*
* Testing test_wc_curve25519_export_public_ex
*/
static int test_wc_curve25519_export_public_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
WC_RNG rng;
byte out[CURVE25519_KEYSIZE];
word32 outLen = sizeof(out);
int endian = EC25519_BIG_ENDIAN;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
ExpectIntEQ(wc_curve25519_export_public(&key, out, &outLen), 0);
ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian), 0);
/* test bad cases*/
ExpectIntEQ(wc_curve25519_export_public_ex(NULL, NULL, NULL, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_public_ex(NULL, out, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_public_ex(&key, NULL, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, NULL, endian),
BAD_FUNC_ARG);
outLen = outLen - 2;
ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian),
ECC_BAD_ARG_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_export_public_ex*/
/*
* Testing test_wc_curve25519_import_private_raw_ex
*/
static int test_wc_curve25519_import_private_raw_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
WC_RNG rng;
byte priv[CURVE25519_KEYSIZE];
byte pub[CURVE25519_KEYSIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
int endian = EC25519_BIG_ENDIAN;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, priv, &privSz,
endian), 0);
ExpectIntEQ(wc_curve25519_export_public(&key, pub, &pubSz), 0);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
&key, endian), 0);
/* test bad cases*/
ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, 0, NULL, 0, NULL,
endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, privSz, pub, pubSz,
&key, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, NULL, pubSz,
&key, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
NULL, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, 0, pub, pubSz,
&key, endian), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, 0,
&key, endian), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
&key, EC25519_LITTLE_ENDIAN), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_import_private_raw_ex*/
/*
* Testing test_wc_curve25519_import_private
*/
static int test_wc_curve25519_import_private(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
WC_RNG rng;
byte priv[CURVE25519_KEYSIZE];
word32 privSz = sizeof(priv);
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
ExpectIntEQ(wc_curve25519_export_private_raw(&key, priv, &privSz), 0);
ExpectIntEQ(wc_curve25519_import_private(priv, privSz, &key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_import*/
/*
* Testing test_wc_curve25519_export_private_raw_ex
*/
static int test_wc_curve25519_export_private_raw_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
curve25519_key key;
byte out[CURVE25519_KEYSIZE];
word32 outLen = sizeof(out);
int endian = EC25519_BIG_ENDIAN;
ExpectIntEQ(wc_curve25519_init(&key), 0);
ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian),
0);
/* test bad cases*/
ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, NULL, NULL, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, out, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, NULL, &outLen,
endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, NULL, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen,
EC25519_LITTLE_ENDIAN), 0);
outLen = outLen - 2;
ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian),
ECC_BAD_ARG_E);
wc_curve25519_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve25519_export_private_raw_ex*/
/*
* Testing wc_ed448_make_key().
*/
static int test_wc_ed448_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448)
ed448_key key;
WC_RNG rng;
unsigned char pubkey[ED448_PUB_KEY_SIZE];
XMEMSET(&key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_public(&key, pubkey, sizeof(pubkey)),
ECC_PRIV_KEY_E);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_make_key(NULL, ED448_KEY_SIZE, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE - 1, &key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE + 1, &key),
BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_make_key */
/*
* Testing wc_ed448_init()
*/
static int test_wc_ed448_init(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448)
ed448_key key;
XMEMSET(&key, 0, sizeof(ed448_key));
ExpectIntEQ(wc_ed448_init(&key), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_init(NULL), BAD_FUNC_ARG);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_init */
/*
* Test wc_ed448_sign_msg() and wc_ed448_verify_msg()
*/
static int test_wc_ed448_sign_msg(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_SIGN)
ed448_key key;
WC_RNG rng;
byte msg[] = "Everybody gets Friday off.\n";
byte sig[ED448_SIG_SIZE];
word32 msglen = sizeof(msg);
word32 siglen = sizeof(sig);
word32 badSigLen = sizeof(sig) - 1;
#ifdef HAVE_ED448_VERIFY
int verify_ok = 0; /*1 = Verify success.*/
#endif
/* Initialize stack variables. */
XMEMSET(&key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, siglen);
/* Initialize key. */
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, &key, NULL, 0), 0);
ExpectIntEQ(siglen, ED448_SIG_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed448_sign_msg(NULL, msglen, sig, &siglen, &key, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, NULL, &siglen, &key, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, NULL, &key, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, NULL, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &badSigLen, &key, NULL, 0),
BUFFER_E);
ExpectIntEQ(badSigLen, ED448_SIG_SIZE);
badSigLen -= 1;
#ifdef HAVE_ED448_VERIFY
ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok, &key,
NULL, 0), 0);
ExpectIntEQ(verify_ok, 1);
/* Test bad args. */
ExpectIntEQ(wc_ed448_verify_msg(sig, siglen - 1, msg, msglen, &verify_ok,
&key, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_verify_msg(sig, siglen + 1, msg, msglen, &verify_ok,
&key, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
&key, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, NULL, msglen, &verify_ok,
&key, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, NULL,
&key, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok,
NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_verify_msg(sig, badSigLen, msg, msglen, &verify_ok,
&key, NULL, 0), BAD_FUNC_ARG);
#endif /* Verify. */
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_sign_msg */
/*
* Testing wc_ed448_import_public()
*/
static int test_wc_ed448_import_public(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
ed448_key pubKey;
WC_RNG rng;
const byte in[] =
"Ed448PublicKeyUnitTest.................................\n";
word32 inlen = sizeof(in);
XMEMSET(&pubKey, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&pubKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &pubKey), 0);
ExpectIntEQ(wc_ed448_import_public_ex(in, inlen, &pubKey, 1), 0);
ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_public(in, inlen, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&pubKey);
#endif
return EXPECT_RESULT();
} /* END wc_ed448_import_public */
/*
* Testing wc_ed448_import_private_key()
*/
static int test_wc_ed448_import_private_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
ed448_key key;
WC_RNG rng;
const byte privKey[] =
"Ed448PrivateKeyUnitTest................................\n";
const byte pubKey[] =
"Ed448PublicKeyUnitTest.................................\n";
word32 privKeySz = sizeof(privKey);
word32 pubKeySz = sizeof(pubKey);
#ifdef HAVE_ED448_KEY_EXPORT
byte bothKeys[sizeof(privKey) + sizeof(pubKey)];
word32 bothKeysSz = sizeof(bothKeys);
#endif
XMEMSET(&key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_ed448_import_private_key_ex(privKey, privKeySz, pubKey,
pubKeySz, &key, 1), 0);
ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
#ifdef HAVE_ED448_KEY_EXPORT
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ed448_export_private(&key, bothKeys, &bothKeysSz), 0);
PRIVATE_KEY_LOCK();
ExpectIntEQ(wc_ed448_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
&key, 1), 0);
ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_ed448_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, pubKeySz,
&key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey,
pubKeySz, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz - 1, pubKey,
pubKeySz, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey,
pubKeySz - 1, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, 0, &key),
BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_import_private_key */
/*
* Testing wc_ed448_export_public() and wc_ed448_export_private_only()
*/
static int test_wc_ed448_export(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
ed448_key key;
WC_RNG rng;
byte priv[ED448_PRV_KEY_SIZE];
byte pub[ED448_PUB_KEY_SIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
XMEMSET(&key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_ed448_export_public(&key, pub, &pubSz), 0);
ExpectIntEQ(pubSz, ED448_KEY_SIZE);
ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_public(&key, pub, NULL), BAD_FUNC_ARG);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ed448_export_private_only(&key, priv, &privSz), 0);
ExpectIntEQ(privSz, ED448_KEY_SIZE);
ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_export_private_only(NULL, priv, &privSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_private_only(&key, NULL, &privSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_private_only(&key, priv, NULL), BAD_FUNC_ARG);
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_export */
/*
* Testing wc_ed448_size()
*/
static int test_wc_ed448_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448)
ed448_key key;
WC_RNG rng;
XMEMSET(&key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_ed448_size(&key), ED448_KEY_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed448_size(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_sig_size(&key), ED448_SIG_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed448_sig_size(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_pub_size(&key), ED448_PUB_KEY_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed448_pub_size(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_priv_size(&key), ED448_PRV_KEY_SIZE);
/* Test bad args. */
ExpectIntEQ(wc_ed448_priv_size(NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_size */
/*
* Testing wc_ed448_export_private() and wc_ed448_export_key()
*/
static int test_wc_ed448_exportKey(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
ed448_key key;
WC_RNG rng;
byte priv[ED448_PRV_KEY_SIZE];
byte pub[ED448_PUB_KEY_SIZE];
byte privOnly[ED448_PRV_KEY_SIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
word32 privOnlySz = sizeof(privOnly);
XMEMSET(&key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ed448_export_private(&key, privOnly, &privOnlySz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_export_private(NULL, privOnly, &privOnlySz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_private(&key, NULL, &privOnlySz), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_private(&key, privOnly, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, &pubSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ed448_export_key(NULL, priv, &privSz, pub, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_key(&key, NULL, &privSz, pub, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_key(&key, priv, NULL, pub, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, NULL, &pubSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, NULL),
BAD_FUNC_ARG);
PRIVATE_KEY_LOCK();
/* Cross check output. */
ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ed448_exportKey */
/*
* Testing wc_Ed448PublicKeyToDer
*/
static int test_wc_Ed448PublicKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
ed448_key key;
byte derBuf[1024];
XMEMSET(&key, 0, sizeof(ed448_key));
/* Test bad args */
ExpectIntEQ(wc_Ed448PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_Ed448PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E);
wc_ed448_free(&key);
/* Test good args */
if (EXPECT_SUCCESS()) {
WC_RNG rng;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
/* length only */
ExpectIntGT(wc_Ed448PublicKeyToDer(&key, NULL, 0, 0), 0);
ExpectIntGT(wc_Ed448PublicKeyToDer(&key, NULL, 0, 1), 0);
ExpectIntGT(wc_Ed448PublicKeyToDer(&key, derBuf,
(word32)sizeof(derBuf), 1), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
}
#endif
return EXPECT_RESULT();
} /* END testing wc_Ed448PublicKeyToDer */
/*
* Testing wc_curve448_init and wc_curve448_free.
*/
static int test_wc_curve448_init(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
/* Test bad args for wc_curve448_init */
ExpectIntEQ(wc_curve448_init(&key), 0);
/* Test bad args for wc_curve448_init */
ExpectIntEQ(wc_curve448_init(NULL), BAD_FUNC_ARG);
/* Test good args for wc_curve_448_free */
wc_curve448_free(&key);
/* Test bad args for wc_curve448_free */
wc_curve448_free(NULL);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_init and wc_curve_448_free*/
/*
* Testing wc_curve448_make_key
*/
static int test_wc_curve448_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
WC_RNG rng;
int keysize;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
ExpectIntEQ(keysize = wc_curve448_size(&key), CURVE448_KEY_SIZE);
ExpectIntEQ(wc_curve448_make_key(&rng, keysize, &key), 0);
/* test bad cases */
ExpectIntEQ(wc_curve448_make_key(NULL, 0, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_make_key(&rng, keysize, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_make_key(NULL, keysize, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_make_key(&rng, 0, &key), ECC_BAD_ARG_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_make_key*/
/*
* Testing test_wc_curve448_shared_secret_ex
*/
static int test_wc_curve448_shared_secret_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key private_key;
curve448_key public_key;
WC_RNG rng;
byte out[CURVE448_KEY_SIZE];
word32 outLen = sizeof(out);
int endian = EC448_BIG_ENDIAN;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&private_key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &private_key), 0);
ExpectIntEQ(wc_curve448_init(&public_key), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &public_key), 0);
ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
&outLen, endian), 0);
/* test bad cases */
ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, NULL, NULL, 0, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, &public_key, out, &outLen,
endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, NULL, out, &outLen,
endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, NULL,
&outLen, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
NULL, endian), BAD_FUNC_ARG);
outLen = outLen - 2;
ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
&outLen, endian), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&private_key);
wc_curve448_free(&public_key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_shared_secret_ex*/
/*
* Testing test_wc_curve448_export_public_ex
*/
static int test_wc_curve448_export_public_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
WC_RNG rng;
curve448_key key;
byte out[CURVE448_KEY_SIZE];
word32 outLen = sizeof(out);
int endian = EC448_BIG_ENDIAN;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_curve448_export_public(&key, out, &outLen), 0);
ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian), 0);
/* test bad cases*/
ExpectIntEQ(wc_curve448_export_public_ex(NULL, NULL, NULL, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_public_ex(NULL, out, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_public_ex(&key, NULL, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_public_ex(&key, out, NULL, endian),
BAD_FUNC_ARG);
outLen = outLen - 2;
ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian),
ECC_BAD_ARG_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_export_public_ex*/
/*
* Testing test_wc_curve448_export_private_raw_ex
*/
static int test_wc_curve448_export_private_raw_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
byte out[CURVE448_KEY_SIZE];
word32 outLen = sizeof(out);
int endian = EC448_BIG_ENDIAN;
ExpectIntEQ(wc_curve448_init(&key), 0);
ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian),
0);
/* test bad cases*/
ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, NULL, NULL, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, out, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, NULL, &outLen, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, NULL, endian),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen,
EC448_LITTLE_ENDIAN), 0);
outLen = outLen - 2;
ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian),
ECC_BAD_ARG_E);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_export_private_raw_ex*/
/*
* Testing test_wc_curve448_import_private_raw_ex
*/
static int test_wc_curve448_import_private_raw_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
WC_RNG rng;
byte priv[CURVE448_KEY_SIZE];
byte pub[CURVE448_KEY_SIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
int endian = EC448_BIG_ENDIAN;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0);
ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
&key, endian), 0);
/* test bad cases */
ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, 0, NULL, 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, privSz, pub, pubSz,
&key, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, NULL, pubSz,
&key, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
NULL, endian), BAD_FUNC_ARG);
ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, 0, pub, pubSz,
&key, endian), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, 0,
&key, endian), ECC_BAD_ARG_E);
ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
&key, EC448_LITTLE_ENDIAN), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_import_private_raw_ex*/
/*
* Testing test_curve448_export_key_raw
*/
static int test_wc_curve448_export_key_raw(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
WC_RNG rng;
byte priv[CURVE448_KEY_SIZE];
byte pub[CURVE448_KEY_SIZE];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0);
ExpectIntEQ(wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz),
0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_import_private_raw_ex*/
/*
* Testing test_wc_curve448_import_private
*/
static int test_wc_curve448_import_private(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
WC_RNG rng;
byte priv[CURVE448_KEY_SIZE];
word32 privSz = sizeof(priv);
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
ExpectIntEQ(wc_curve448_import_private(priv, privSz, &key), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_import*/
/*
* Testing test_wc_curve448_size.
*/
static int test_wc_curve448_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448)
curve448_key key;
ExpectIntEQ(wc_curve448_init(&key), 0);
/* Test good args for wc_curve448_size */
ExpectIntEQ(wc_curve448_size(&key), CURVE448_KEY_SIZE);
/* Test bad args for wc_curve448_size */
ExpectIntEQ(wc_curve448_size(NULL), 0);
wc_curve448_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_curve448_size*/
/*
* Testing wc_ecc_make_key.
*/
static int test_wc_ecc_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_make_key(NULL, KEY14, &key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_make_key(&rng, KEY14, NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_make_key */
/*
* Testing wc_ecc_init()
*/
static int test_wc_ecc_init(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
ecc_key key;
XMEMSET(&key, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_init(NULL), BAD_FUNC_ARG);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_init */
/*
* Testing wc_ecc_check_key()
*/
static int test_wc_ecc_check_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_check_key(&key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_check_key(NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_check_key */
/*
* Testing wc_ecc_get_generator()
*/
static int test_wc_ecc_get_generator(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
ecc_point* pt = NULL;
ExpectNotNull(pt = wc_ecc_new_point());
ExpectIntEQ(wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1)),
MP_OKAY);
/* Test bad args. */
/* Returns Zero for bad arg. */
ExpectIntNE(wc_ecc_get_generator(pt, -1), MP_OKAY);
ExpectIntNE(wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1)),
MP_OKAY);
/* If we ever get to 1000 curves increase this number */
ExpectIntNE(wc_ecc_get_generator(pt, 1000), MP_OKAY);
ExpectIntNE(wc_ecc_get_generator(NULL, -1), MP_OKAY);
wc_ecc_del_point(pt);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_get_generator */
/*
* Testing wc_ecc_size()
*/
static int test_wc_ecc_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
WC_RNG rng;
ecc_key key;
int ret;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_size(&key), KEY14);
/* Test bad args. */
/* Returns Zero for bad arg. */
ExpectIntEQ(wc_ecc_size(NULL), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_size */
static int test_wc_ecc_params(void)
{
EXPECT_DECLS;
/* FIPS/CAVP self-test modules do not have `wc_ecc_get_curve_params`.
It was added after certifications */
#if defined(HAVE_ECC) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
const ecc_set_type* ecc_set;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
/* Test for SECP256R1 curve */
int curve_id = ECC_SECP256R1;
int curve_idx;
ExpectIntNE(curve_idx = wc_ecc_get_curve_idx(curve_id), ECC_CURVE_INVALID);
ExpectNotNull(ecc_set = wc_ecc_get_curve_params(curve_idx));
ExpectIntEQ(ecc_set->id, curve_id);
#endif
/* Test case when SECP256R1 is not enabled */
/* Test that we get curve params for index 0 */
ExpectNotNull(ecc_set = wc_ecc_get_curve_params(0));
#endif /* HAVE_ECC && !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
/*
* Testing wc_ecc_sign_hash() and wc_ecc_verify_hash()
*/
static int test_wc_ecc_signVerify_hash(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
#ifdef HAVE_ECC_VERIFY
int verify = 0;
#endif
word32 siglen = ECC_BUFSIZE;
byte sig[ECC_BUFSIZE];
byte adjustedSig[ECC_BUFSIZE+1];
byte digest[] = TEST_STRING;
word32 digestlen = (word32)TEST_STRING_SZ;
/* Init stack var */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, siglen);
XMEMSET(adjustedSig, 0, ECC_BUFSIZE+1);
/* Init structs. */
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key),
0);
/* Check bad args. */
ExpectIntEQ(wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, NULL, &siglen, &rng, &key),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, NULL, &rng, &key),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, NULL, &key),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, NULL),
ECC_BAD_ARG_E);
#ifdef HAVE_ECC_VERIFY
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
&key), 0);
ExpectIntEQ(verify, 1);
/* test check on length of signature passed in */
XMEMCPY(adjustedSig, sig, siglen);
adjustedSig[1] = adjustedSig[1] + 1; /* add 1 to length for extra byte*/
#ifndef NO_STRICT_ECDSA_LEN
ExpectIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
&verify, &key), 0);
#else
/* if NO_STRICT_ECDSA_LEN is set then extra bytes after the signature
* is allowed */
ExpectIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
&verify, &key), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_ecc_verify_hash(NULL, siglen, digest, digestlen, &verify,
&key), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, NULL, digestlen, &verify, &key),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, NULL, &key),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
NULL), ECC_BAD_ARG_E);
#endif /* HAVE_ECC_VERIFY */
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_sign_hash */
/*
* Testing wc_ecc_shared_secret()
*/
static int test_wc_ecc_shared_secret(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG)
ecc_key key;
ecc_key pubKey;
WC_RNG rng;
#if defined(NO_ECC256)
int ret;
#endif
byte out[KEY32];
int keySz = sizeof(out);
word32 outlen = (word32)sizeof(out);
#if defined(HAVE_ECC) && !defined(NO_ECC256)
const char* qx =
"bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
const char* qy =
"02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
const char* d =
"45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
const char* curveName = "SECP256R1";
const byte expected_shared_secret[] =
{
0x65, 0xc0, 0xd4, 0x61, 0x17, 0xe6, 0x09, 0x75,
0xf0, 0x12, 0xa0, 0x4d, 0x0b, 0x41, 0x30, 0x7a,
0x51, 0xf0, 0xb3, 0xaf, 0x23, 0x8f, 0x0f, 0xdf,
0xf1, 0xff, 0x23, 0x64, 0x28, 0xca, 0xf8, 0x06
};
#endif
PRIVATE_KEY_UNLOCK();
/* Initialize variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&pubKey, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, keySz);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_init(&pubKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#if !defined(NO_ECC256)
ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
ExpectIntEQ(wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName), 0);
#else
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
#endif
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
#endif
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen), 0);
#if !defined(NO_ECC256)
ExpectIntEQ(XMEMCMP(out, expected_shared_secret, outlen), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_ecc_shared_secret(NULL, &pubKey, out, &outlen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_shared_secret(&key, NULL, out, &outlen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, NULL),
BAD_FUNC_ARG);
/* Invalid length */
outlen = 1;
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen),
BUFFER_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&pubKey);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
PRIVATE_KEY_LOCK();
#endif
return EXPECT_RESULT();
} /* END tests_wc_ecc_shared_secret */
/*
* testint wc_ecc_export_x963()
*/
static int test_wc_ecc_export_x963(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
byte out[ECC_ASN963_MAX_BUF_SZ];
word32 outlen = sizeof(out);
int ret;
PRIVATE_KEY_UNLOCK();
/* Initialize variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY20, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_export_x963(NULL, out, &outlen), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_export_x963(&key, NULL, &outlen), LENGTH_ONLY_E);
ExpectIntEQ(wc_ecc_export_x963(&key, out, NULL), ECC_BAD_ARG_E);
key.idx = -4;
ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), ECC_BAD_ARG_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
PRIVATE_KEY_LOCK();
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_export_x963 */
/*
* Testing wc_ecc_export_x963_ex()
* compile with --enable-compkey will use compression.
*/
static int test_wc_ecc_export_x963_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
byte out[ECC_ASN963_MAX_BUF_SZ];
word32 outlen = sizeof(out);
#ifdef HAVE_COMP_KEY
word32 badOutLen = 5;
#endif
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY64, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
#ifdef HAVE_COMP_KEY
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), 0);
#else
ExpectIntEQ(ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP), 0);
#endif
/* Test bad args. */
#ifdef HAVE_COMP_KEY
ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, COMP), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, COMP), BAD_FUNC_ARG);
#if defined(HAVE_FIPS) && (!defined(FIPS_VERSION_LT) || FIPS_VERSION_LT(5,3))
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP), BUFFER_E);
#else
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP),
LENGTH_ONLY_E);
#endif
key.idx = -4;
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), ECC_BAD_ARG_E);
#else
ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP),
LENGTH_ONLY_E);
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, 1), NOT_COMPILED_IN);
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP),
ECC_BAD_ARG_E);
key.idx = -4;
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP),
ECC_BAD_ARG_E);
#endif
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_export_x963_ex */
/*
* testing wc_ecc_import_x963()
*/
static int test_wc_ecc_import_x963(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key pubKey;
ecc_key key;
WC_RNG rng;
byte x963[ECC_ASN963_MAX_BUF_SZ];
word32 x963Len = (word32)sizeof(x963);
int ret;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&pubKey, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(x963, 0, x963Len);
ExpectIntEQ(wc_ecc_init(&pubKey), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#if FIPS_VERSION3_GE(6,0,0)
ret = wc_ecc_make_key(&rng, KEY32, &key);
#else
ret = wc_ecc_make_key(&rng, KEY24, &key);
#endif
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_export_x963(&key, x963, &x963Len), 0);
PRIVATE_KEY_LOCK();
ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, &pubKey), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_import_x963(NULL, x963Len, &pubKey), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_x963(x963, x963Len + 1, &pubKey), ECC_BAD_ARG_E);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
wc_ecc_free(&pubKey);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END wc_ecc_import_x963 */
/*
* testing wc_ecc_import_private_key()
*/
static int test_wc_ecc_import_private_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
ecc_key keyImp;
WC_RNG rng;
byte privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/
byte x963Key[ECC_ASN963_MAX_BUF_SZ];
word32 privKeySz = (word32)sizeof(privKey);
word32 x963KeySz = (word32)sizeof(x963Key);
int ret;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&keyImp, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(privKey, 0, privKeySz);
XMEMSET(x963Key, 0, x963KeySz);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_init(&keyImp), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY48, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_export_x963(&key, x963Key, &x963KeySz), 0);
PRIVATE_KEY_LOCK();
ExpectIntEQ(wc_ecc_export_private_only(&key, privKey, &privKeySz), 0);
ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
x963KeySz, &keyImp), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
x963KeySz, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_private_key(NULL, privKeySz, x963Key, x963KeySz,
&keyImp), BAD_FUNC_ARG);
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&keyImp);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_import_private_key */
/*
* Testing wc_ecc_export_private_only()
*/
static int test_wc_ecc_export_private_only(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
byte out[ECC_PRIV_KEY_BUF];
word32 outlen = sizeof(out);
int ret;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_export_private_only(&key, out, &outlen), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_export_private_only(NULL, out, &outlen), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_export_private_only(&key, NULL, &outlen), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_export_private_only(&key, out, NULL), BAD_FUNC_ARG);
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_export_private_only */
/*
* Testing wc_ecc_rs_to_sig()
*/
static int test_wc_ecc_rs_to_sig(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ASN)
/* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */
const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
const char* zeroStr = "0";
byte sig[ECC_MAX_SIG_SIZE];
word32 siglen = (word32)sizeof(sig);
/* R and S max size is the order of curve. 2^192.*/
int keySz = KEY24;
byte r[KEY24];
byte s[KEY24];
word32 rlen = (word32)sizeof(r);
word32 slen = (word32)sizeof(s);
/* Init stack variables. */
XMEMSET(sig, 0, ECC_MAX_SIG_SIZE);
XMEMSET(r, 0, keySz);
XMEMSET(s, 0, keySz);
ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, &siglen), 0);
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_rs_to_sig(NULL, S, sig, &siglen), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_rs_to_sig(R, NULL, sig, &siglen), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, NULL), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_rs_to_sig(R, S, NULL, &siglen), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen), MP_ZERO_E);
ExpectIntEQ(wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen), MP_ZERO_E);
ExpectIntEQ(wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL),
ECC_BAD_ARG_E);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_rs_to_sig */
static int test_wc_ecc_import_raw(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256)
ecc_key key;
const char* qx =
"bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
const char* qy =
"02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
const char* d =
"45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
const char* curveName = "SECP256R1";
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
const char* kNullStr = "";
int ret;
#endif
XMEMSET(&key, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&key), 0);
/* Test good import */
ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_import_raw(NULL, qx, qy, d, curveName), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_raw(&key, NULL, qy, d, curveName), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_raw(&key, qx, NULL, d, curveName), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, NULL), BAD_FUNC_ARG);
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
ExpectIntLT(ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr,
curveName), 0);
ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG));
#endif
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntLT(ret = wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL));
#else
ExpectIntEQ(wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
#endif
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntLT(ret = wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL));
#else
ExpectIntEQ(wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
#endif
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
ExpectIntEQ(wc_ecc_import_raw(&key, "0", "0", d, curveName), ECC_INF_E);
#endif
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_import_raw */
static int test_wc_ecc_import_unsigned(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
HAVE_FIPS_VERSION >= 2))
ecc_key key;
const byte qx[] = {
0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6,
0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36,
0xdb, 0x72, 0x2d, 0xce, 0x94, 0xea, 0x2b, 0xfa,
0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61
};
const byte qy[] = {
0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a,
0x31, 0x5b, 0x97, 0x92, 0x21, 0x7f, 0xf0, 0xcf,
0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8,
0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8
};
const byte d[] = {
0x45, 0xb6, 0x69, 0x02, 0x73, 0x9c, 0x6c, 0x85,
0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac,
0xc4, 0x03, 0x8d, 0x53, 0x35, 0x04, 0xfa, 0x6c,
0x28, 0xdc, 0x34, 0x8d, 0xe1, 0xa8, 0x09, 0x8c
};
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
const byte nullBytes[32] = {0};
int ret;
#endif
int curveId = ECC_SECP256R1;
XMEMSET(&key, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
curveId), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d,
curveId), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d,
curveId), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d,
curveId), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
ECC_CURVE_INVALID), BAD_FUNC_ARG);
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntLT(ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes,
(byte*)nullBytes, (byte*)nullBytes, curveId), 0);
ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG));
#endif
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_import_unsigned */
/*
* Testing wc_ecc_sig_size()
*/
static int test_wc_ecc_sig_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int keySz = KEY16;
int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntLE(wc_ecc_sig_size(&key),
(2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_sig_size */
/*
* Testing wc_ecc_ctx_new()
*/
static int test_wc_ecc_ctx_new(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
WC_RNG rng;
ecEncCtx* cli = NULL;
ecEncCtx* srv = NULL;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectNotNull(srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
wc_ecc_ctx_free(cli);
cli = NULL;
wc_ecc_ctx_free(srv);
/* Test bad args. */
/* wc_ecc_ctx_new_ex() will free if returned NULL. */
ExpectNull(cli = wc_ecc_ctx_new(0, &rng));
ExpectNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_ctx_free(cli);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_new */
/*
* Tesing wc_ecc_reset()
*/
static int test_wc_ecc_ctx_reset(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
ecEncCtx* ctx = NULL;
WC_RNG rng;
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectIntEQ(wc_ecc_ctx_reset(ctx, &rng), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_ctx_reset(NULL, &rng), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_ctx_reset(ctx, NULL), BAD_FUNC_ARG);
wc_ecc_ctx_free(ctx);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_reset */
/*
* Testing wc_ecc_ctx_set_peer_salt() and wc_ecc_ctx_get_own_salt()
*/
static int test_wc_ecc_ctx_set_peer_salt(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
WC_RNG rng;
ecEncCtx* cliCtx = NULL;
ecEncCtx* servCtx = NULL;
const byte* cliSalt = NULL;
const byte* servSalt = NULL;
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectNotNull(servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
/* Test bad args. */
ExpectNull(cliSalt = wc_ecc_ctx_get_own_salt(NULL));
ExpectNotNull(cliSalt = wc_ecc_ctx_get_own_salt(cliCtx));
ExpectNotNull(servSalt = wc_ecc_ctx_get_own_salt(servCtx));
ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, servSalt), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_ctx_set_peer_salt(NULL, servSalt), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, NULL), BAD_FUNC_ARG);
wc_ecc_ctx_free(cliCtx);
wc_ecc_ctx_free(servCtx);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_set_peer_salt */
/*
* Testing wc_ecc_ctx_set_info()
*/
static int test_wc_ecc_ctx_set_info(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
ecEncCtx* ctx = NULL;
WC_RNG rng;
const char* optInfo = "Optional Test Info.";
int optInfoSz = (int)XSTRLEN(optInfo);
const char* badOptInfo = NULL;
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1), BAD_FUNC_ARG);
wc_ecc_ctx_free(ctx);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_set_info */
/*
* Testing wc_ecc_encrypt() and wc_ecc_decrypt()
*/
static int test_wc_ecc_encryptDecrypt(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) && \
defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
ecc_key srvKey;
ecc_key cliKey;
ecc_key tmpKey;
WC_RNG rng;
int ret;
const char* msg = "EccBlock Size 16";
word32 msgSz = (word32)XSTRLEN("EccBlock Size 16");
#ifdef WOLFSSL_ECIES_OLD
byte out[(sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
#elif defined(WOLFSSL_ECIES_GEN_IV)
byte out[KEY20 * 2 + 1 + AES_BLOCK_SIZE +
(sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
#else
byte out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) +
WC_SHA256_DIGEST_SIZE];
#endif
word32 outSz = (word32)sizeof(out);
byte plain[sizeof("EccBlock Size 16")];
word32 plainSz = (word32)sizeof(plain);
int keySz = KEY20;
/* Init stack variables. */
XMEMSET(out, 0, outSz);
XMEMSET(plain, 0, plainSz);
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&srvKey, 0, sizeof(ecc_key));
XMEMSET(&cliKey, 0, sizeof(ecc_key));
XMEMSET(&tmpKey, 0, sizeof(ecc_key));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&cliKey), 0);
ret = wc_ecc_make_key(&rng, keySz, &cliKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_init(&srvKey), 0);
ret = wc_ecc_make_key(&rng, keySz, &srvKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_init(&tmpKey), 0);
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ(wc_ecc_set_rng(&srvKey, &rng), 0);
ExpectIntEQ(wc_ecc_set_rng(&cliKey, &rng), 0);
#endif
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
&outSz, NULL), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out, &outSz,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out, &outSz,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out, &outSz,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
&outSz, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out, NULL,
NULL), BAD_FUNC_ARG);
#ifdef WOLFSSL_ECIES_OLD
tmpKey.dp = cliKey.dp;
ExpectIntEQ(wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey), 0);
#endif
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, &plainSz,
NULL), 0);
ExpectIntEQ(wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain, &plainSz,
NULL), BAD_FUNC_ARG);
#ifdef WOLFSSL_ECIES_OLD
/* NULL parameter allowed in new implementations - public key comes from
* the message. */
ExpectIntEQ(wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain, &plainSz,
NULL), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain, &plainSz,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL, &plainSz,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(XMEMCMP(msg, plain, msgSz), 0);
wc_ecc_free(&tmpKey);
wc_ecc_free(&srvKey);
wc_ecc_free(&cliKey);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_encryptDecrypt */
/*
* Testing wc_ecc_del_point() and wc_ecc_new_point()
*/
static int test_wc_ecc_del_point(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC)
ecc_point* pt = NULL;
ExpectNotNull(pt = wc_ecc_new_point());
wc_ecc_del_point(pt);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_del_point */
/*
* Testing wc_ecc_point_is_at_infinity(), wc_ecc_export_point_der(),
* wc_ecc_import_point_der(), wc_ecc_copy_point(), wc_ecc_point_is_on_curve(),
* and wc_ecc_cmp_point()
*/
static int test_wc_ecc_pointFns(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A)
ecc_key key;
WC_RNG rng;
int ret;
ecc_point* point = NULL;
ecc_point* cpypt = NULL;
int idx = 0;
int keySz = KEY32;
byte der[DER_SZ(KEY32)];
word32 derlenChk = 0;
word32 derSz = DER_SZ(KEY32);
/* Init stack variables. */
XMEMSET(der, 0, derSz);
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectNotNull(point = wc_ecc_new_point());
ExpectNotNull(cpypt = wc_ecc_new_point());
/* Export */
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, NULL,
&derlenChk), LENGTH_ONLY_E);
/* Check length value. */
ExpectIntEQ(derSz, derlenChk);
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
&derSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
NULL), ECC_BAD_ARG_E);
/* Import */
ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, point), 0);
ExpectIntEQ(wc_ecc_cmp_point(&key.pubkey, point), 0);
/* Test bad args. */
ExpectIntEQ( wc_ecc_import_point_der(NULL, derSz, idx, point),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, NULL), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_import_point_der(der, derSz, -1, point), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_import_point_der(der, derSz + 1, idx, point),
ECC_BAD_ARG_E);
/* Copy */
ExpectIntEQ(wc_ecc_copy_point(point, cpypt), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_copy_point(NULL, cpypt), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_copy_point(point, NULL), ECC_BAD_ARG_E);
/* Compare point */
ExpectIntEQ(wc_ecc_cmp_point(point, cpypt), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_cmp_point(NULL, cpypt), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_cmp_point(point, NULL), BAD_FUNC_ARG);
/* At infinity if return == 1, otherwise return == 0. */
ExpectIntEQ(wc_ecc_point_is_at_infinity(point), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_point_is_at_infinity(NULL), BAD_FUNC_ARG);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
#ifdef USE_ECC_B_PARAM
/* On curve if ret == 0 */
ExpectIntEQ(wc_ecc_point_is_on_curve(point, idx), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_point_is_on_curve(NULL, idx), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_point_is_on_curve(point, 1000), ECC_BAD_ARG_E);
#endif /* USE_ECC_B_PARAM */
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
/* Free */
wc_ecc_del_point(point);
wc_ecc_del_point(cpypt);
wc_ecc_free(&key);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_pointFns */
/*
* Testing wc_ecc_shared_secret_ssh()
*/
static int test_wc_ecc_shared_secret_ssh(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && \
!defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(PLUTON_CRYPTO_ECC) && \
!defined(WOLFSSL_CRYPTOCELL)
ecc_key key;
ecc_key key2;
WC_RNG rng;
int ret;
int keySz = KEY32;
#if FIPS_VERSION3_GE(6,0,0)
int key2Sz = KEY28;
#else
int key2Sz = KEY24;
#endif
byte secret[KEY32];
word32 secretLen = (word32)keySz;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&key2, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(secret, 0, secretLen);
PRIVATE_KEY_UNLOCK();
/* Make keys */
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key2), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, key2Sz, &key2);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
#endif
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
&secretLen), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret,
&secretLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL),
BAD_FUNC_ARG);
key.type = ECC_PUBLICKEY;
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
&secretLen), ECC_BAD_ARG_E);
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
wc_ecc_free(&key2);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_shared_secret_ssh */
/*
* Testing wc_ecc_verify_hash_ex() and wc_ecc_verify_hash_ex()
*/
static int test_wc_ecc_verify_hash_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) \
&& !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(WOLFSSL_KCAPI_ECC)
ecc_key key;
WC_RNG rng;
int ret;
mp_int r;
mp_int s;
mp_int z;
unsigned char hash[] = "Everyone gets Friday off.EccSig";
unsigned char iHash[] = "Everyone gets Friday off.......";
unsigned char shortHash[] = TEST_STRING;
word32 hashlen = sizeof(hash);
word32 iHashLen = sizeof(iHash);
word32 shortHashLen = sizeof(shortHash);
int keySz = KEY32;
int verify_ok = 0;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&r, 0, sizeof(mp_int));
XMEMSET(&s, 0, sizeof(mp_int));
XMEMSET(&z, 0, sizeof(mp_int));
/* Initialize r, s and z. */
ExpectIntEQ(mp_init_multi(&r, &s, &z, NULL, NULL, NULL), MP_OKAY);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s), 0);
/* verify_ok should be 1. */
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key),
0);
ExpectIntEQ(verify_ok, 1);
/* verify_ok should be 0 */
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen, &verify_ok,
&key), 0);
ExpectIntEQ(verify_ok, 0);
/* verify_ok should be 0. */
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
&verify_ok, &key), 0);
ExpectIntEQ(verify_ok, 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL),
ECC_BAD_ARG_E);
/* Test bad args. */
ExpectIntEQ(wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen,
&verify_ok, &key), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
&verify_ok, &key), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen,
&verify_ok, &key), MP_ZERO_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen,
&verify_ok, &key), MP_ZERO_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen,
&verify_ok, &key), MP_ZERO_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok,
&key), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, NULL,
&key), ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
&verify_ok, NULL), ECC_BAD_ARG_E);
wc_ecc_free(&key);
mp_free(&r);
mp_free(&s);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_verify_hash_ex */
/*
* Testing wc_ecc_mulmod()
*/
static int test_wc_ecc_mulmod(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
!(defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_VALIDATE_ECC_IMPORT))
ecc_key key1;
ecc_key key2;
ecc_key key3;
WC_RNG rng;
int ret;
XMEMSET(&key1, 0, sizeof(ecc_key));
XMEMSET(&key2, 0, sizeof(ecc_key));
XMEMSET(&key3, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key1), 0);
ExpectIntEQ(wc_ecc_init(&key2), 0);
ExpectIntEQ(wc_ecc_init(&key3), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY32, &key1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
ExpectIntEQ(wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy,
key1.dp->Af, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
key1.dp->prime, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
&key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3),
1), 0);
/* Test bad args. */
ExpectIntEQ(ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
ECC_BAD_ARG_E);
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
&key3.pubkey, wc_ecc_key_get_priv(&key2), NULL, 1), ECC_BAD_ARG_E);
wc_ecc_free(&key1);
wc_ecc_free(&key2);
wc_ecc_free(&key3);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif /* HAVE_ECC && !WOLFSSL_ATECC508A */
return EXPECT_RESULT();
} /* END test_wc_ecc_mulmod */
/*
* Testing wc_ecc_is_valid_idx()
*/
static int test_wc_ecc_is_valid_idx(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
int iVal = -2;
int iVal2 = 3000;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, 32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_is_valid_idx(key.idx), 1);
/* Test bad args. */
ExpectIntEQ(wc_ecc_is_valid_idx(iVal), 0);
ExpectIntEQ(wc_ecc_is_valid_idx(iVal2), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_is_valid_idx */
/*
* Testing wc_ecc_get_curve_id_from_oid()
*/
static int test_wc_ecc_get_curve_id_from_oid(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS)
const byte oid[] = {0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07};
word32 len = sizeof(oid);
/* Bad Cases */
ExpectIntEQ(wc_ecc_get_curve_id_from_oid(NULL, len), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, 0), ECC_CURVE_INVALID);
/* Good Case */
ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, len), ECC_SECP256R1);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_get_curve_id_from_oid */
/*
* Testing wc_ecc_sig_size_calc()
*/
static int test_wc_ecc_sig_size_calc(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST)
ecc_key key;
WC_RNG rng;
int sz = 0;
int ret;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, 16, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
#if FIPS_VERSION3_GE(6,0,0)
ExpectIntEQ(ret, BAD_FUNC_ARG);
#else
ExpectIntEQ(ret, 0);
#endif
#if FIPS_VERSION3_LT(6,0,0)
sz = key.dp->size;
ExpectIntGT(wc_ecc_sig_size_calc(sz), 0);
#else
(void) sz;
#endif
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_sig_size_calc */
/*
* Testing wc_ecc_sm2_make_key()
*/
static int test_wc_ecc_sm2_make_key(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2)
EXPECT_DECLS;
WC_RNG rng[1];
ecc_key key[1];
XMEMSET(rng, 0, sizeof(*rng));
XMEMSET(key, 0, sizeof(*key));
ExpectIntEQ(wc_InitRng(rng), 0);
ExpectIntEQ(wc_ecc_init(key), 0);
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_make_key(NULL, NULL, WC_ECC_FLAG_NONE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_make_key(rng, NULL, WC_ECC_FLAG_NONE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_make_key(NULL, key, WC_ECC_FLAG_NONE),
BAD_FUNC_ARG);
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
ExpectIntEQ(key->dp->id, ECC_SM2P256V1);
wc_ecc_free(key);
wc_FreeRng(rng);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing wc_ecc_sm2_shared_secret()
*/
static int test_wc_ecc_sm2_shared_secret(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2)
EXPECT_DECLS;
WC_RNG rng[1];
ecc_key keyA[1];
ecc_key keyB[1];
byte outA[32];
byte outB[32];
word32 outALen = 32;
word32 outBLen = 32;
XMEMSET(rng, 0, sizeof(*rng));
XMEMSET(keyA, 0, sizeof(*keyA));
XMEMSET(keyB, 0, sizeof(*keyB));
ExpectIntEQ(wc_InitRng(rng), 0);
ExpectIntEQ(wc_ecc_init(keyA), 0);
ExpectIntEQ(wc_ecc_init(keyB), 0);
ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyA, WC_ECC_FLAG_NONE), 0);
ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyB, WC_ECC_FLAG_NONE), 0);
#ifdef ECC_TIMING_RESISTANT
ExpectIntEQ(wc_ecc_set_rng(keyA, rng), 0);
ExpectIntEQ(wc_ecc_set_rng(keyB, rng), 0);
#endif
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, outA, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, &outALen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, outA, &outALen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, outA, &outALen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, NULL, &outALen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, NULL), BAD_FUNC_ARG);
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, &outALen), 0);
ExpectIntLE(outALen, 32);
ExpectIntEQ(wc_ecc_sm2_shared_secret(keyB, keyA, outB, &outBLen), 0);
ExpectIntLE(outBLen, 32);
ExpectIntEQ(outALen, outBLen);
ExpectBufEQ(outA, outB, outALen);
wc_ecc_free(keyB);
wc_ecc_free(keyA);
wc_FreeRng(rng);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing wc_ecc_sm2_create_digest()
*/
static int test_wc_ecc_sm2_create_digest(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && !defined(NO_HASH_WRAPPER) && \
(defined(WOLFSSL_SM3) || !defined(NO_SHA256))
EXPECT_DECLS;
ecc_key key[1];
enum wc_HashType hashType;
unsigned char pub[] = {
0x04,
0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
};
unsigned char id[] = {
0x01, 0x02, 0x03,
};
unsigned char msg[] = {
0x01, 0x02, 0x03,
};
unsigned char hash[32];
#ifdef WOLFSSL_SM3
unsigned char expHash[32] = {
0xc1, 0xdd, 0x92, 0xc5, 0x60, 0xd3, 0x94, 0x28,
0xeb, 0x0f, 0x57, 0x79, 0x3f, 0xc9, 0x96, 0xc5,
0xfa, 0xf5, 0x90, 0xb2, 0x64, 0x2f, 0xaf, 0x9c,
0xc8, 0x57, 0x21, 0x6a, 0x52, 0x7e, 0xf1, 0x95
};
#else
unsigned char expHash[32] = {
0xea, 0x41, 0x55, 0x21, 0x61, 0x00, 0x5c, 0x9a,
0x57, 0x35, 0x6b, 0x49, 0xca, 0x8f, 0x65, 0xc2,
0x0e, 0x29, 0x0c, 0xa0, 0x1d, 0xa7, 0xc4, 0xed,
0xdd, 0x51, 0x12, 0xf6, 0xe7, 0x55, 0xc5, 0xf4
};
#endif
#ifdef WOLFSSL_SM3
hashType = WC_HASH_TYPE_SM3;
#else
hashType = WC_HASH_TYPE_SHA256;
#endif
XMEMSET(key, 0, sizeof(*key));
ExpectIntEQ(wc_ecc_init(key), 0);
/* Test with no curve set. */
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg),
hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg),
hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg),
hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg),
hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG);
/* Bad hash type. */
/* // NOLINTBEGIN(clang-analyzer-optin.core.EnumCastOutOfRange) */
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
-1, hash, 0, key), BAD_FUNC_ARG);
/* // NOLINTEND(clang-analyzer-optin.core.EnumCastOutOfRange) */
/* Bad hash size. */
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
hashType, hash, 0, key), BUFFER_E);
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
hashType, hash, sizeof(hash), key), 0);
ExpectBufEQ(hash, expHash, sizeof(expHash));
wc_ecc_free(key);
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing wc_ecc_sm2_verify_hash_ex()
*/
static int test_wc_ecc_sm2_verify_hash_ex(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY) && \
defined(WOLFSSL_PUBLIC_MP)
EXPECT_DECLS;
ecc_key key[1];
mp_int r[1];
mp_int s[1];
int verified;
unsigned char pub[] = {
0x04,
0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
};
unsigned char hash[] = {
0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D,
0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1,
0x50, 0x69, 0x5B, 0x20
};
unsigned char rData[] = {
0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00,
0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2,
0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40,
0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE7,
};
unsigned char sData[] = {
0x1D,
0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC
};
unsigned char rBadData[] = {
0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00,
0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2,
0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40,
0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE8,
};
XMEMSET(key, 0, sizeof(*key));
XMEMSET(r, 0, sizeof(*r));
XMEMSET(s, 0, sizeof(*s));
ExpectIntEQ(mp_init(r), 0);
ExpectIntEQ(mp_init(s), 0);
ExpectIntEQ(mp_read_unsigned_bin(r, rData, sizeof(rData)), 0);
ExpectIntEQ(mp_read_unsigned_bin(s, sData, sizeof(sData)), 0);
ExpectIntEQ(wc_ecc_init(key), 0);
/* Test with no curve set. */
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, NULL, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, NULL, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, hash, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
&verified, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
NULL, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, NULL, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
NULL, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
&verified, NULL), BAD_FUNC_ARG);
/* Make key not on the SM2 curve. */
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
&verified, key), 0);
ExpectIntEQ(verified, 1);
ExpectIntEQ(mp_read_unsigned_bin(r, rBadData, sizeof(rBadData)), 0);
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
&verified, key), 0);
ExpectIntEQ(verified, 0);
mp_free(s);
mp_free(r);
wc_ecc_free(key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing wc_ecc_sm2_verify_hash()
*/
static int test_wc_ecc_sm2_verify_hash(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY)
EXPECT_DECLS;
ecc_key key[1];
int verified;
unsigned char pub[] = {
0x04,
0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
};
unsigned char hash[] = {
0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D,
0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1,
0x50, 0x69, 0x5B, 0x20
};
unsigned char sig[] = {
0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3,
0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C,
0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5,
0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D,
0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D,
0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC
};
unsigned char sigBad[] = {
0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3,
0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C,
0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5,
0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D,
0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D,
0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDD
};
XMEMSET(key, 0, sizeof(*key));
ExpectIntEQ(wc_ecc_init(key), 0);
/* Test with no curve set. */
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash),
NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
&verified, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
NULL, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
NULL, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
&verified, NULL), BAD_FUNC_ARG);
/* Make key not on the SM2 curve. */
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
&verified, key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
&verified, key), 0);
ExpectIntEQ(verified, 1);
ExpectIntEQ(wc_ecc_sm2_verify_hash(sigBad, sizeof(sigBad), hash,
sizeof(hash), &verified, key), 0);
ExpectIntEQ(verified, 0);
wc_ecc_free(key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing wc_ecc_sm2_verify_hash_ex()
*/
static int test_wc_ecc_sm2_sign_hash_ex(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN) && \
defined(WOLFSSL_PUBLIC_MP)
EXPECT_DECLS;
WC_RNG rng[1];
ecc_key key[1];
mp_int r[1];
mp_int s[1];
unsigned char hash[32];
#ifdef HAVE_ECC_VERIFY
int verified;
#endif
XMEMSET(rng, 0, sizeof(*rng));
XMEMSET(key, 0, sizeof(*key));
XMEMSET(r, 0, sizeof(*r));
XMEMSET(s, 0, sizeof(*s));
ExpectIntEQ(wc_InitRng(rng), 0);
ExpectIntEQ(mp_init(r), 0);
ExpectIntEQ(mp_init(s), 0);
ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0);
ExpectIntEQ(wc_ecc_init(key), 0);
/* Test with no curve set. */
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, NULL, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, NULL, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, key, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, r,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL,
s), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, key, r, s),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, key, r, s),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, NULL, r, s),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, NULL, s),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, NULL),
BAD_FUNC_ARG);
/* Make key not on the SM2 curve. */
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
#ifdef WOLFSSL_SP_MATH_ALL
{
mp_int smallR[1];
sp_init_size(smallR, 1);
/* Force failure in _ecc_sm2_calc_r_s by r being too small. */
ExpectIntLT(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key,
smallR, s), 0);
}
#endif
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
0);
#ifdef HAVE_ECC_VERIFY
ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified,
key), 0);
ExpectIntEQ(verified, 1);
#endif
mp_free(s);
mp_free(r);
wc_ecc_free(key);
wc_FreeRng(rng);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing wc_ecc_sm2_verify_hash()
*/
static int test_wc_ecc_sm2_sign_hash(void)
{
int res = TEST_SKIPPED;
#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN)
EXPECT_DECLS;
WC_RNG rng[1];
ecc_key key[1];
unsigned char hash[32];
unsigned char sig[72];
word32 sigSz = sizeof(sig);
#ifdef HAVE_ECC_VERIFY
int verified;
#endif
XMEMSET(rng, 0, sizeof(*rng));
XMEMSET(key, 0, sizeof(*key));
ExpectIntEQ(wc_InitRng(rng), 0);
ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0);
ExpectIntEQ(wc_ecc_init(key), 0);
/* Test with no curve set. */
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
/* Test invalid parameters. */
ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, NULL, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, NULL, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, &sigSz, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, rng,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL,
key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, &sigSz, rng,
key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, &sigSz, rng,
key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, NULL, rng,
key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, NULL,
key), BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng,
NULL), BAD_FUNC_ARG);
/* Make key not on the SM2 curve. */
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
/* Test valid parameters. */
ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
0);
#ifdef HAVE_ECC_VERIFY
ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sigSz, hash, sizeof(hash),
&verified, key), 0);
ExpectIntEQ(verified, 1);
#endif
wc_ecc_free(key);
wc_FreeRng(rng);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
res = EXPECT_RESULT();
#endif
return res;
}
/*
* Testing ToTraditional
*/
static int test_ToTraditional(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && (defined(HAVE_PKCS8) || defined(HAVE_PKCS12)) && \
(defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) && !defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
byte input[TWOK_BUF];
word32 sz = 0;
ExpectTrue((f = XFOPEN("./certs/server-keyPkcs8.der", "rb")) != XBADFILE);
ExpectTrue((sz = (word32)XFREAD(input, 1, sizeof(input), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
/* Good case */
ExpectIntGT(ToTraditional(input, sz), 0);
/* Bad cases */
ExpectIntEQ(ToTraditional(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(ToTraditional(NULL, sz), BAD_FUNC_ARG);
#ifdef WOLFSSL_ASN_TEMPLATE
ExpectIntEQ(ToTraditional(input, 0), BUFFER_E);
#else
ExpectIntEQ(ToTraditional(input, 0), ASN_PARSE_E);
#endif
#endif
return EXPECT_RESULT();
} /* End test_ToTraditional*/
/*
* Testing wc_EccPrivateKeyToDer
*/
static int test_wc_EccPrivateKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
byte output[ONEK_BUF];
ecc_key eccKey;
WC_RNG rng;
word32 inLen;
word32 outLen = 0;
int ret;
XMEMSET(&eccKey, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&eccKey), 0);
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, NULL, inLen), LENGTH_ONLY_E);
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0), BAD_FUNC_ARG);
/* Good Case */
ExpectIntGT(outLen = (word32)wc_EccPrivateKeyToDer(&eccKey, output, inLen), 0);
wc_ecc_free(&eccKey);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
{
/* test importing private only into a PKEY struct */
EC_KEY* ec = NULL;
EVP_PKEY* pkey = NULL;
const unsigned char* der;
der = output;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, outLen));
der = output;
ExpectNotNull(ec = d2i_ECPrivateKey(NULL, &der, outLen));
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
if (EXPECT_FAIL()) {
EC_KEY_free(ec);
}
EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
}
#endif
PRIVATE_KEY_LOCK();
#endif
return EXPECT_RESULT();
} /* End test_wc_EccPrivateKeyToDer*/
/*
* Testing wc_DhPublicKeyDecode
*/
static int test_wc_DhPublicKeyDecode(void)
{
EXPECT_DECLS;
#ifndef NO_DH
#if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048)
DhKey key;
word32 inOutIdx;
XMEMSET(&key, 0, sizeof(DhKey));
ExpectIntEQ(wc_InitDhKey(&key), 0);
ExpectIntEQ(wc_DhPublicKeyDecode(NULL,NULL,NULL,0), BAD_FUNC_ARG);
ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
BAD_FUNC_ARG);
ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
BAD_FUNC_ARG);
inOutIdx = 0;
ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,NULL, 0),
BAD_FUNC_ARG);
inOutIdx = 0;
ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, 0),
BAD_FUNC_ARG);
inOutIdx = 0;
ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key,
sizeof_dh_pub_key_der_2048), 0);
ExpectIntNE(key.p.used, 0);
ExpectIntNE(key.g.used, 0);
ExpectIntEQ(key.q.used, 0);
ExpectIntNE(key.pub.used, 0);
ExpectIntEQ(key.priv.used, 0);
DoExpectIntEQ(wc_FreeDhKey(&key), 0);
#endif
#endif /* !NO_DH */
return EXPECT_RESULT();
}
/*
* Testing wc_Ed25519KeyToDer
*/
static int test_wc_Ed25519KeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
ed25519_key ed25519Key;
WC_RNG rng;
word32 inLen;
XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_Ed25519KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed25519KeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BUFFER_E);
/* Good Cases */
/* length only */
ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, 0), 0);
ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen), 0);
ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, output, inLen), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&ed25519Key);
#endif
return EXPECT_RESULT();
} /* End test_wc_Ed25519KeyToDer*/
/*
* Testing wc_Ed25519PrivateKeyToDer
*/
static int test_wc_Ed25519PrivateKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
ed25519_key ed25519PrivKey;
WC_RNG rng;
word32 inLen;
XMEMSET(&ed25519PrivKey, 0, sizeof(ed25519_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed25519_init(&ed25519PrivKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519PrivKey),
0);
inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0),
BUFFER_E);
/* Good Cases */
/* length only */
ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, 0), 0);
ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&ed25519PrivKey);
#endif
return EXPECT_RESULT();
} /* End test_wc_Ed25519PrivateKeyToDer*/
/*
* Testing wc_Ed448KeyToDer
*/
static int test_wc_Ed448KeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
ed448_key ed448Key;
WC_RNG rng;
word32 inLen;
XMEMSET(&ed448Key, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_Ed448KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed448KeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BUFFER_E);
/* Good Cases */
/* length only */
ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, 0), 0);
ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, output, inLen), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&ed448Key);
#endif
return EXPECT_RESULT();
} /* End test_wc_Ed448KeyToDer*/
/*
* Testing wc_Ed448PrivateKeyToDer
*/
static int test_wc_Ed448PrivateKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
ed448_key ed448PrivKey;
WC_RNG rng;
word32 inLen;
XMEMSET(&ed448PrivKey, 0, sizeof(ed448_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ed448_init(&ed448PrivKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448PrivKey),
0);
inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0),
BUFFER_E);
/* Good cases */
/* length only */
ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, 0), 0);
ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&ed448PrivKey);
#endif
return EXPECT_RESULT();
} /* End test_wc_Ed448PrivateKeyToDer*/
/*
* Testing wc_Curve448PrivateKeyToDer
*/
static int test_wc_Curve448PrivateKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
curve448_key curve448PrivKey;
WC_RNG rng;
word32 inLen;
XMEMSET(&curve448PrivKey, 0, sizeof(curve448PrivKey));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_curve448_init(&curve448PrivKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &curve448PrivKey),
0);
inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_Curve448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Curve448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_Curve448PrivateKeyToDer(&curve448PrivKey, output, 0),
BUFFER_E);
/* Good cases */
/* length only */
ExpectIntGT(wc_Curve448PrivateKeyToDer(&curve448PrivKey, NULL, 0), 0);
ExpectIntGT(wc_Curve448PrivateKeyToDer(&curve448PrivKey, output, inLen), 0);
/* Bad Cases */
ExpectIntEQ(wc_Curve448PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Curve448PublicKeyToDer(NULL, output, inLen, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Curve448PublicKeyToDer(&curve448PrivKey, output, 0, 0),
BUFFER_E);
ExpectIntEQ(wc_Curve448PublicKeyToDer(&curve448PrivKey, output, 0, 1),
BUFFER_E);
/* Good cases */
/* length only */
ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, NULL, 0, 0), 0);
ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, NULL, 0, 1), 0);
ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, output, inLen, 0), 0);
ExpectIntGT(wc_Curve448PublicKeyToDer(&curve448PrivKey, output, inLen, 1), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&curve448PrivKey);
#endif
return EXPECT_RESULT();
} /* End wc_Curve448PrivateKeyToDer*/
static int test_wc_kyber_make_key_kats(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_HAVE_KYBER) && defined(WOLFSSL_WC_KYBER) && \
defined(WOLFSSL_ML_KEM)
KyberKey* key;
#ifndef WOLFSSL_NO_KYBER512
static const byte seed_512[KYBER_MAKEKEY_RAND_SZ] = {
0xCD, 0x11, 0x9A, 0xFD, 0xC8, 0x55, 0x94, 0x42,
0x42, 0x4A, 0x87, 0xC1, 0x3E, 0xA1, 0x01, 0xE2,
0x9F, 0xCA, 0x11, 0x88, 0x18, 0x69, 0x07, 0x7E,
0x40, 0x92, 0xE7, 0x51, 0xBE, 0xDC, 0xA8, 0xBC,
0xCD, 0x11, 0x9A, 0xFD, 0xC8, 0x55, 0x94, 0x42,
0x42, 0x4A, 0x87, 0xC1, 0x3E, 0xA1, 0x01, 0xE2,
0x9F, 0xCA, 0x11, 0x88, 0x18, 0x69, 0x07, 0x7E,
0x40, 0x92, 0xE7, 0x51, 0xBE, 0xDC, 0xA8, 0xBC
};
static const byte ek_512[KYBER512_PUBLIC_KEY_SIZE] = {
0xC6, 0x5A, 0x1D, 0x9D, 0x47, 0x97, 0x77, 0xE6,
0x90, 0x5A, 0x91, 0xA5, 0xCB, 0x24, 0x55, 0x1C,
0x8B, 0x1E, 0x52, 0xA3, 0xC7, 0x7B, 0x63, 0x31,
0x3F, 0xFC, 0x8B, 0x58, 0x17, 0x81, 0x52, 0x59,
0xA6, 0xAD, 0xB5, 0x96, 0x45, 0xDC, 0x4B, 0xB1,
0x43, 0x6D, 0x51, 0xE6, 0x2A, 0x09, 0x68, 0x34,
0xAF, 0x43, 0x77, 0x25, 0x10, 0xC4, 0xED, 0xF3,
0x4C, 0xDE, 0x0A, 0x5B, 0x57, 0xC1, 0x45, 0xE6,
0x87, 0xCB, 0x87, 0x16, 0x2F, 0x00, 0x1C, 0x21,
0xC9, 0xE1, 0x93, 0x4A, 0xC1, 0x1A, 0xAF, 0xA7,
0x0F, 0xF8, 0x10, 0x73, 0x26, 0x50, 0xB3, 0x2A,
0x30, 0x18, 0xA7, 0xC5, 0x0C, 0xD7, 0x36, 0x79,
0x62, 0x22, 0xC8, 0xAB, 0x82, 0x1A, 0x92, 0x83,
0xBE, 0x1C, 0xC2, 0x04, 0xC3, 0xF1, 0x63, 0x0D,
0x3C, 0xCC, 0xDB, 0x0A, 0x9A, 0x3D, 0x17, 0x55,
0x2B, 0x91, 0x58, 0xC0, 0x66, 0x4E, 0x5D, 0x6A,
0x04, 0xB0, 0xFA, 0x36, 0xDE, 0x45, 0x86, 0x2A,
0x46, 0xA3, 0x9E, 0xC5, 0x97, 0xAE, 0x42, 0xC3,
0x11, 0xC4, 0xAC, 0x22, 0x4A, 0x72, 0xD6, 0xF2,
0x53, 0xBB, 0x52, 0x35, 0xF7, 0xA2, 0xB8, 0xB0,
0xF2, 0x4D, 0x13, 0x76, 0xAF, 0x58, 0x87, 0x46,
0xF3, 0xBB, 0x8E, 0x03, 0x65, 0x07, 0x87, 0x61,
0xCA, 0xB9, 0x83, 0xA4, 0xA6, 0xA9, 0x40, 0xA3,
0xD9, 0x97, 0x04, 0x7A, 0x8F, 0x36, 0xA7, 0x31,
0xE8, 0x96, 0x52, 0x36, 0xC3, 0x7B, 0xF2, 0x00,
0x08, 0x2F, 0x82, 0x1D, 0xCA, 0x77, 0x16, 0xC4,
0x44, 0xA9, 0x0B, 0xEC, 0x53, 0x07, 0x4B, 0xBA,
0x58, 0xC1, 0x32, 0xBF, 0xB9, 0xA2, 0xAC, 0xE2,
0xCE, 0xC9, 0xAA, 0x65, 0x8E, 0xAC, 0x12, 0x32,
0xCC, 0xCA, 0x3C, 0x81, 0x7A, 0x92, 0xC1, 0x19,
0x5C, 0x05, 0xC0, 0xE1, 0xD6, 0x63, 0x9F, 0xD2,
0xAD, 0xE5, 0x31, 0x60, 0x7D, 0x48, 0x8B, 0x74,
0xA7, 0x47, 0xCF, 0xF4, 0x7F, 0xCA, 0x5C, 0x8B,
0x21, 0x63, 0xCA, 0x03, 0xC5, 0x45, 0xED, 0x10,
0x32, 0x78, 0x43, 0x0C, 0x60, 0xB2, 0x38, 0x1A,
0x09, 0x42, 0x7F, 0xD1, 0x30, 0xF8, 0x59, 0xBF,
0x5D, 0xB7, 0x76, 0xDA, 0x09, 0x5D, 0xCA, 0x58,
0x04, 0xFA, 0x63, 0xB0, 0xD7, 0xD8, 0x7F, 0xA9,
0x41, 0x5C, 0x72, 0xFB, 0x51, 0x87, 0x2A, 0x98,
0x9F, 0x46, 0x6C, 0x98, 0x4B, 0xC7, 0x4C, 0x29,
0xB8, 0x63, 0x20, 0x19, 0xCA, 0x04, 0x0C, 0x9C,
0xA3, 0x5E, 0x22, 0x60, 0x8D, 0xAA, 0x70, 0x35,
0x7A, 0xE2, 0xC3, 0xAD, 0x83, 0x63, 0x1F, 0xAA,
0x17, 0x4E, 0x0A, 0xCD, 0xF5, 0xDB, 0xBF, 0x3C,
0xF6, 0x8A, 0x05, 0xB6, 0x54, 0x3A, 0xB6, 0x26,
0x8E, 0x1A, 0x51, 0xB0, 0x93, 0x2C, 0x17, 0xB0,
0x0A, 0x13, 0x71, 0xB2, 0xDA, 0xB2, 0x41, 0xF9,
0x2A, 0x43, 0xFF, 0xB4, 0x56, 0xD0, 0xA8, 0xC8,
0x86, 0x0A, 0x8E, 0x28, 0xA6, 0x1A, 0x21, 0x30,
0x7C, 0xC0, 0x45, 0x6D, 0xA4, 0x24, 0x29, 0x05,
0xCB, 0x1D, 0x3D, 0x0B, 0xBD, 0x81, 0xBB, 0x8E,
0xE2, 0x74, 0xA4, 0x3C, 0x76, 0xC3, 0x10, 0x01,
0x95, 0x15, 0xFC, 0xC1, 0x40, 0x46, 0x7C, 0x33,
0x37, 0x0C, 0x86, 0x80, 0x8E, 0xCA, 0xA5, 0x8E,
0x3B, 0xA9, 0x3A, 0x2C, 0x11, 0x90, 0x46, 0x1C,
0x1D, 0xFA, 0x11, 0x30, 0x20, 0x01, 0xBB, 0xAB,
0x4C, 0xB1, 0xE3, 0x64, 0x2E, 0xF8, 0xCB, 0x26,
0x30, 0x9B, 0x60, 0x52, 0x3B, 0xC2, 0x18, 0x87,
0xB0, 0x7F, 0x89, 0x8C, 0xE5, 0x62, 0xA6, 0xCA,
0x77, 0x8E, 0xA0, 0x15, 0x05, 0x85, 0x13, 0x78,
0xCE, 0xA8, 0xBB, 0x7F, 0xC0, 0x9D, 0x11, 0x96,
0x1B, 0x6C, 0x59, 0x6F, 0x93, 0x54, 0x2A, 0x99,
0x04, 0x86, 0x4E, 0xB1, 0x0C, 0xD0, 0xA7, 0x03,
0xDB, 0xA9, 0x89, 0x21, 0x86, 0x1A, 0x87, 0xB0,
0x56, 0x52, 0x5C, 0x71, 0xA8, 0x43, 0x55, 0x3E,
0x64, 0x00, 0x77, 0x74, 0x37, 0xC9, 0x5C, 0xCC,
0x80, 0x85, 0xCC, 0x0C, 0x47, 0x7D, 0x66, 0x5A,
0x44, 0x79, 0x01, 0x9D, 0x4C, 0xD4, 0x42, 0xF7,
0x4A, 0x3C, 0xD8, 0x16, 0x9F, 0x42, 0x62, 0xB8,
0x27, 0x1B, 0x5D, 0x5A, 0x67, 0xC8, 0xC1, 0x61,
0x1A, 0xAE, 0x7B, 0x3D, 0x05, 0x34, 0xC0, 0x85,
0x97, 0x16, 0xFD, 0xF0, 0xBB, 0x68, 0x94, 0x90,
0x94, 0xC0, 0x6A, 0x1B, 0x73, 0xC9, 0xAA, 0x1C,
0xBD, 0xF3, 0x31, 0x54, 0x3D, 0xE0, 0x02, 0xA8,
0xC0, 0x6F, 0x94, 0xE8, 0x81, 0x0A, 0x5C, 0xB3,
0x73, 0x83, 0x27, 0x45, 0xD7, 0x20, 0x68, 0x3B,
0x57, 0x48, 0x75, 0xA6, 0x66, 0x94, 0x6D, 0x02,
0x96, 0x89, 0x3F, 0x2B, 0x59, 0xE9, 0x07, 0x48,
0x8D, 0x8C, 0x84, 0x89, 0xD4, 0x74, 0xD9, 0x29,
0xA0, 0x5A, 0x57, 0x3E, 0xD6, 0x67, 0x49, 0x03,
0x71, 0xA4, 0x6D, 0x45, 0x56, 0xCB, 0xB6, 0x8A,
0xAA, 0x79, 0xCC, 0x3E, 0xC6, 0x65, 0x34, 0x13,
0x57, 0x6C, 0x22, 0x8E, 0x37, 0x9A, 0x14, 0xCB,
0x90, 0xB7, 0xB7, 0x59, 0x1B, 0x19, 0xA7, 0xBD,
0x37, 0xA1, 0xC4, 0xD3, 0x78, 0x59, 0x89, 0x22,
0x19, 0x44, 0x2B, 0xB0, 0xB9, 0xB9, 0xBA, 0x67,
0xBA, 0x3B, 0xC0, 0xD0, 0x95, 0xC8, 0x80, 0x3C,
0xEB, 0xE9, 0x7A, 0xFF, 0x0B, 0x1C, 0x15, 0x35,
0x78, 0xA1, 0x30, 0xCD, 0x81, 0x57, 0xCF, 0x74,
0x59, 0x46, 0xC2, 0xF5, 0x72, 0x6D, 0x9C, 0x11,
0x27, 0x35, 0x75, 0x50, 0x52, 0x91, 0x34, 0x65,
0x28, 0xEE, 0x0B, 0xAC, 0x04, 0x7C, 0xC9, 0x84,
0x53, 0x8B, 0x97, 0xBB, 0xAB, 0xFC, 0xC3, 0x57,
0xDC, 0xB8, 0xA9, 0x8F, 0xB8, 0x57, 0xC9, 0xC5,
0x2D, 0x1B, 0x78, 0x67, 0x49, 0xCA, 0x61, 0x89,
0x2B, 0x09, 0x75, 0x99, 0x80, 0x52, 0x00, 0x91,
0xB9, 0xB4, 0x77, 0xC7, 0x0E, 0x6C, 0x46, 0x58,
0x6B, 0x1C, 0xCE, 0xBE, 0x87, 0xBC, 0xF6, 0xDF,
0x03, 0xC2, 0xB2, 0x7C, 0xB0, 0x9F, 0xA0, 0x3F,
0x63, 0x16, 0x09, 0x58, 0x38, 0x3B, 0xE6, 0x36
};
static const byte dk_512[KYBER512_PRIVATE_KEY_SIZE] = {
0x37, 0xEC, 0x47, 0x7E, 0x21, 0x7B, 0xFB, 0x40,
0x38, 0x4C, 0x85, 0x0E, 0x51, 0xC1, 0x83, 0x71,
0x58, 0xBD, 0xBC, 0x23, 0xA3, 0x18, 0x32, 0xBC,
0x25, 0xC9, 0x1B, 0x31, 0x21, 0x44, 0x4A, 0xD4,
0x53, 0x37, 0x33, 0xBA, 0xFF, 0x07, 0xCA, 0x81,
0x7B, 0x64, 0xB2, 0xCA, 0x42, 0x99, 0xAA, 0x26,
0x45, 0x4C, 0xBA, 0xFB, 0x35, 0xB6, 0xAB, 0xE1,
0x18, 0x5C, 0xB4, 0x7C, 0x4C, 0xD6, 0x1A, 0xF9,
0x83, 0x83, 0xC4, 0x81, 0x4B, 0x20, 0xAB, 0x87,
0x54, 0xFC, 0x51, 0x4F, 0x23, 0x07, 0x41, 0x14,
0xC3, 0xE5, 0xA8, 0x10, 0xA4, 0x53, 0xB8, 0x55,
0xAA, 0x7F, 0x13, 0x10, 0xC7, 0x4B, 0x0B, 0x01,
0xE5, 0xAA, 0xB2, 0xE8, 0x71, 0x73, 0x8F, 0xAC,
0x27, 0x86, 0xC7, 0xA0, 0x5D, 0x6B, 0x3B, 0x32,
0xA0, 0x50, 0xD0, 0xFB, 0x22, 0x39, 0x56, 0xC9,
0x5C, 0xA0, 0xC2, 0xC1, 0xD5, 0x41, 0x54, 0xA7,
0x7B, 0xD3, 0x37, 0x37, 0xA4, 0x9A, 0x00, 0x65,
0xD1, 0x42, 0x4A, 0x2A, 0xBA, 0xFD, 0x52, 0xAA,
0x93, 0x4C, 0x98, 0x04, 0x93, 0x92, 0x08, 0xF0,
0x5C, 0xCF, 0x8B, 0x8B, 0x80, 0x86, 0x31, 0x6E,
0x09, 0x43, 0xA0, 0x87, 0x10, 0x50, 0x0C, 0x91,
0x8A, 0x2B, 0x21, 0x8D, 0x37, 0xB8, 0x5A, 0xE2,
0x80, 0x22, 0xCB, 0x01, 0x34, 0xFB, 0x49, 0xF5,
0xC4, 0x5D, 0x98, 0xD3, 0xC0, 0x4B, 0x75, 0x5A,
0x60, 0x88, 0x04, 0x22, 0x66, 0x8E, 0x2B, 0x30,
0x1B, 0x18, 0xD5, 0x19, 0x4D, 0xE9, 0x91, 0xB2,
0x65, 0xBF, 0x94, 0x69, 0x7E, 0x6A, 0x4B, 0x81,
0x50, 0xC8, 0xB8, 0x52, 0x03, 0x39, 0x15, 0x63,
0x5E, 0x30, 0x66, 0x5B, 0xDA, 0x21, 0x91, 0xDA,
0xA5, 0x05, 0xD4, 0x33, 0x44, 0xFD, 0x29, 0xC9,
0xFC, 0xC1, 0xC5, 0x07, 0x69, 0x1D, 0x47, 0x5B,
0x61, 0x7C, 0x94, 0x8F, 0xCC, 0x84, 0xB1, 0xB0,
0x8A, 0x1C, 0x63, 0x8C, 0x3E, 0x13, 0x58, 0x0C,
0xE3, 0x59, 0x78, 0x9A, 0x98, 0x60, 0xE5, 0x46,
0x9C, 0xC7, 0x54, 0xB0, 0x8E, 0xE3, 0x3F, 0x09,
0x21, 0xBD, 0xEF, 0x15, 0xA9, 0x06, 0x96, 0x9F,
0x2D, 0xC5, 0x7A, 0x25, 0xE8, 0x0C, 0xE4, 0xC4,
0x5F, 0x11, 0xE0, 0x4A, 0x51, 0x9A, 0xB0, 0x8B,
0x9B, 0x92, 0x7C, 0x3A, 0x13, 0xA0, 0x81, 0xCF,
0xFA, 0x11, 0x0F, 0xAC, 0xCC, 0x5E, 0x8D, 0xC2,
0x94, 0x95, 0x97, 0x8B, 0x55, 0x53, 0x10, 0x4D,
0x47, 0x3A, 0x17, 0x59, 0x18, 0xAD, 0x5B, 0x54,
0x87, 0xBB, 0xA6, 0x97, 0x12, 0xAE, 0x93, 0xF6,
0x15, 0xC6, 0x0A, 0x8D, 0x38, 0x7B, 0xCE, 0x3F,
0x65, 0x1E, 0x56, 0x88, 0x0A, 0x52, 0x2B, 0x2D,
0xB8, 0x63, 0x51, 0xCA, 0xB6, 0x5D, 0x13, 0xB4,
0x69, 0x3D, 0xB0, 0xB2, 0xC8, 0x09, 0x36, 0xFA,
0xD1, 0xCE, 0x67, 0x92, 0x5E, 0x6B, 0xB7, 0xC1,
0x10, 0xC4, 0x3E, 0x83, 0x24, 0x7D, 0x22, 0x60,
0x8D, 0x8C, 0x10, 0x23, 0x43, 0x1C, 0xB6, 0x92,
0x90, 0xA4, 0xF8, 0xA9, 0x59, 0x3B, 0xF1, 0x24,
0x1D, 0x73, 0x7C, 0x0C, 0xD1, 0x6D, 0x75, 0xEB,
0x50, 0xC6, 0x84, 0x2C, 0xE0, 0xA2, 0x1D, 0xCE,
0x49, 0x40, 0x36, 0x82, 0x4C, 0xE6, 0x32, 0x52,
0xE9, 0x32, 0x5F, 0x05, 0xB7, 0x34, 0x45, 0x2B,
0x12, 0x91, 0x32, 0xB1, 0x96, 0x08, 0x4A, 0x37,
0x88, 0xBB, 0xB1, 0xF2, 0x0A, 0x37, 0xD2, 0xC2,
0xB3, 0xF9, 0x0E, 0x0D, 0xD7, 0xA2, 0x74, 0xC9,
0xB1, 0xA9, 0xF0, 0x2E, 0xC7, 0xE7, 0x21, 0xF4,
0xA4, 0x3D, 0x40, 0x9A, 0x25, 0xFB, 0xC9, 0x9A,
0x44, 0xD4, 0x76, 0x31, 0x07, 0xC7, 0x87, 0x62,
0x09, 0x41, 0x76, 0x1E, 0xD4, 0x8C, 0x93, 0x29,
0x24, 0xBA, 0x62, 0x09, 0x86, 0xCF, 0x27, 0x7A,
0x23, 0x47, 0x1C, 0x7B, 0x13, 0x33, 0x3D, 0x93,
0x6C, 0x0D, 0xD4, 0x9E, 0x0F, 0xF3, 0x4C, 0xA3,
0xAB, 0x82, 0x34, 0xC4, 0x2A, 0xEB, 0xE4, 0x59,
0xC6, 0x12, 0x05, 0x2B, 0x97, 0x16, 0xE9, 0x6B,
0x20, 0xBE, 0xC7, 0x18, 0x12, 0x60, 0x40, 0xA9,
0x09, 0x1F, 0x6B, 0xA9, 0x44, 0x5F, 0x45, 0x80,
0x6A, 0xEB, 0x6E, 0x38, 0x16, 0x71, 0x0F, 0x7C,
0xBF, 0xED, 0x11, 0x01, 0x46, 0x12, 0x84, 0xDD,
0x96, 0x2B, 0x7B, 0x12, 0x04, 0x7C, 0x0A, 0x0A,
0x90, 0x6A, 0x05, 0x89, 0xB4, 0xA9, 0xA4, 0x26,
0x46, 0x9B, 0xDA, 0x39, 0x46, 0x09, 0x1A, 0x37,
0x5B, 0x19, 0x52, 0xA9, 0x1C, 0x23, 0x1C, 0x0F,
0xE6, 0xB5, 0x7F, 0x7C, 0xC9, 0x7E, 0xFE, 0xD0,
0xBC, 0x10, 0x01, 0x36, 0x78, 0x23, 0xBE, 0x18,
0x86, 0x30, 0x8B, 0x3A, 0x21, 0x45, 0x2B, 0x7E,
0x45, 0x50, 0x66, 0x71, 0x9C, 0xCC, 0xEA, 0xF6,
0xA7, 0x26, 0xFC, 0x22, 0xBC, 0x83, 0x99, 0xF5,
0x4B, 0xBF, 0xCA, 0xF7, 0xCA, 0x63, 0xBA, 0x73,
0x17, 0x3C, 0x7A, 0xA8, 0x61, 0x9A, 0x3F, 0x48,
0x5C, 0x3E, 0x33, 0x04, 0x21, 0x00, 0x67, 0x66,
0x74, 0x6F, 0x4E, 0xF6, 0x65, 0x3E, 0x44, 0x0E,
0x5C, 0xDC, 0x59, 0x53, 0x40, 0x18, 0xC3, 0x52,
0xC0, 0x23, 0x58, 0x4C, 0xBB, 0x37, 0x4E, 0xB7,
0xA9, 0xB7, 0x83, 0x68, 0x32, 0xBE, 0x53, 0xAF,
0x27, 0x2A, 0x06, 0x97, 0x55, 0xCE, 0x2F, 0xF2,
0x9C, 0xD8, 0xB3, 0x94, 0xC5, 0x24, 0x22, 0xB3,
0x47, 0x0E, 0x27, 0x41, 0x5F, 0x41, 0xB3, 0x97,
0x53, 0x59, 0x59, 0xF1, 0x60, 0x00, 0x3B, 0x45,
0x2C, 0xF4, 0x96, 0x97, 0xB7, 0xA5, 0x36, 0x89,
0x85, 0x2B, 0xBE, 0x6C, 0xCF, 0xDF, 0xB4, 0x0B,
0x48, 0xE9, 0x32, 0x8D, 0xE1, 0x15, 0x22, 0xD0,
0xA4, 0x31, 0xB1, 0x15, 0xA5, 0xC0, 0xC2, 0xF4,
0x30, 0x7D, 0x98, 0x62, 0xC0, 0xDD, 0x1B, 0x40,
0xC6, 0x5A, 0x1D, 0x9D, 0x47, 0x97, 0x77, 0xE6,
0x90, 0x5A, 0x91, 0xA5, 0xCB, 0x24, 0x55, 0x1C,
0x8B, 0x1E, 0x52, 0xA3, 0xC7, 0x7B, 0x63, 0x31,
0x3F, 0xFC, 0x8B, 0x58, 0x17, 0x81, 0x52, 0x59,
0xA6, 0xAD, 0xB5, 0x96, 0x45, 0xDC, 0x4B, 0xB1,
0x43, 0x6D, 0x51, 0xE6, 0x2A, 0x09, 0x68, 0x34,
0xAF, 0x43, 0x77, 0x25, 0x10, 0xC4, 0xED, 0xF3,
0x4C, 0xDE, 0x0A, 0x5B, 0x57, 0xC1, 0x45, 0xE6,
0x87, 0xCB, 0x87, 0x16, 0x2F, 0x00, 0x1C, 0x21,
0xC9, 0xE1, 0x93, 0x4A, 0xC1, 0x1A, 0xAF, 0xA7,
0x0F, 0xF8, 0x10, 0x73, 0x26, 0x50, 0xB3, 0x2A,
0x30, 0x18, 0xA7, 0xC5, 0x0C, 0xD7, 0x36, 0x79,
0x62, 0x22, 0xC8, 0xAB, 0x82, 0x1A, 0x92, 0x83,
0xBE, 0x1C, 0xC2, 0x04, 0xC3, 0xF1, 0x63, 0x0D,
0x3C, 0xCC, 0xDB, 0x0A, 0x9A, 0x3D, 0x17, 0x55,
0x2B, 0x91, 0x58, 0xC0, 0x66, 0x4E, 0x5D, 0x6A,
0x04, 0xB0, 0xFA, 0x36, 0xDE, 0x45, 0x86, 0x2A,
0x46, 0xA3, 0x9E, 0xC5, 0x97, 0xAE, 0x42, 0xC3,
0x11, 0xC4, 0xAC, 0x22, 0x4A, 0x72, 0xD6, 0xF2,
0x53, 0xBB, 0x52, 0x35, 0xF7, 0xA2, 0xB8, 0xB0,
0xF2, 0x4D, 0x13, 0x76, 0xAF, 0x58, 0x87, 0x46,
0xF3, 0xBB, 0x8E, 0x03, 0x65, 0x07, 0x87, 0x61,
0xCA, 0xB9, 0x83, 0xA4, 0xA6, 0xA9, 0x40, 0xA3,
0xD9, 0x97, 0x04, 0x7A, 0x8F, 0x36, 0xA7, 0x31,
0xE8, 0x96, 0x52, 0x36, 0xC3, 0x7B, 0xF2, 0x00,
0x08, 0x2F, 0x82, 0x1D, 0xCA, 0x77, 0x16, 0xC4,
0x44, 0xA9, 0x0B, 0xEC, 0x53, 0x07, 0x4B, 0xBA,
0x58, 0xC1, 0x32, 0xBF, 0xB9, 0xA2, 0xAC, 0xE2,
0xCE, 0xC9, 0xAA, 0x65, 0x8E, 0xAC, 0x12, 0x32,
0xCC, 0xCA, 0x3C, 0x81, 0x7A, 0x92, 0xC1, 0x19,
0x5C, 0x05, 0xC0, 0xE1, 0xD6, 0x63, 0x9F, 0xD2,
0xAD, 0xE5, 0x31, 0x60, 0x7D, 0x48, 0x8B, 0x74,
0xA7, 0x47, 0xCF, 0xF4, 0x7F, 0xCA, 0x5C, 0x8B,
0x21, 0x63, 0xCA, 0x03, 0xC5, 0x45, 0xED, 0x10,
0x32, 0x78, 0x43, 0x0C, 0x60, 0xB2, 0x38, 0x1A,
0x09, 0x42, 0x7F, 0xD1, 0x30, 0xF8, 0x59, 0xBF,
0x5D, 0xB7, 0x76, 0xDA, 0x09, 0x5D, 0xCA, 0x58,
0x04, 0xFA, 0x63, 0xB0, 0xD7, 0xD8, 0x7F, 0xA9,
0x41, 0x5C, 0x72, 0xFB, 0x51, 0x87, 0x2A, 0x98,
0x9F, 0x46, 0x6C, 0x98, 0x4B, 0xC7, 0x4C, 0x29,
0xB8, 0x63, 0x20, 0x19, 0xCA, 0x04, 0x0C, 0x9C,
0xA3, 0x5E, 0x22, 0x60, 0x8D, 0xAA, 0x70, 0x35,
0x7A, 0xE2, 0xC3, 0xAD, 0x83, 0x63, 0x1F, 0xAA,
0x17, 0x4E, 0x0A, 0xCD, 0xF5, 0xDB, 0xBF, 0x3C,
0xF6, 0x8A, 0x05, 0xB6, 0x54, 0x3A, 0xB6, 0x26,
0x8E, 0x1A, 0x51, 0xB0, 0x93, 0x2C, 0x17, 0xB0,
0x0A, 0x13, 0x71, 0xB2, 0xDA, 0xB2, 0x41, 0xF9,
0x2A, 0x43, 0xFF, 0xB4, 0x56, 0xD0, 0xA8, 0xC8,
0x86, 0x0A, 0x8E, 0x28, 0xA6, 0x1A, 0x21, 0x30,
0x7C, 0xC0, 0x45, 0x6D, 0xA4, 0x24, 0x29, 0x05,
0xCB, 0x1D, 0x3D, 0x0B, 0xBD, 0x81, 0xBB, 0x8E,
0xE2, 0x74, 0xA4, 0x3C, 0x76, 0xC3, 0x10, 0x01,
0x95, 0x15, 0xFC, 0xC1, 0x40, 0x46, 0x7C, 0x33,
0x37, 0x0C, 0x86, 0x80, 0x8E, 0xCA, 0xA5, 0x8E,
0x3B, 0xA9, 0x3A, 0x2C, 0x11, 0x90, 0x46, 0x1C,
0x1D, 0xFA, 0x11, 0x30, 0x20, 0x01, 0xBB, 0xAB,
0x4C, 0xB1, 0xE3, 0x64, 0x2E, 0xF8, 0xCB, 0x26,
0x30, 0x9B, 0x60, 0x52, 0x3B, 0xC2, 0x18, 0x87,
0xB0, 0x7F, 0x89, 0x8C, 0xE5, 0x62, 0xA6, 0xCA,
0x77, 0x8E, 0xA0, 0x15, 0x05, 0x85, 0x13, 0x78,
0xCE, 0xA8, 0xBB, 0x7F, 0xC0, 0x9D, 0x11, 0x96,
0x1B, 0x6C, 0x59, 0x6F, 0x93, 0x54, 0x2A, 0x99,
0x04, 0x86, 0x4E, 0xB1, 0x0C, 0xD0, 0xA7, 0x03,
0xDB, 0xA9, 0x89, 0x21, 0x86, 0x1A, 0x87, 0xB0,
0x56, 0x52, 0x5C, 0x71, 0xA8, 0x43, 0x55, 0x3E,
0x64, 0x00, 0x77, 0x74, 0x37, 0xC9, 0x5C, 0xCC,
0x80, 0x85, 0xCC, 0x0C, 0x47, 0x7D, 0x66, 0x5A,
0x44, 0x79, 0x01, 0x9D, 0x4C, 0xD4, 0x42, 0xF7,
0x4A, 0x3C, 0xD8, 0x16, 0x9F, 0x42, 0x62, 0xB8,
0x27, 0x1B, 0x5D, 0x5A, 0x67, 0xC8, 0xC1, 0x61,
0x1A, 0xAE, 0x7B, 0x3D, 0x05, 0x34, 0xC0, 0x85,
0x97, 0x16, 0xFD, 0xF0, 0xBB, 0x68, 0x94, 0x90,
0x94, 0xC0, 0x6A, 0x1B, 0x73, 0xC9, 0xAA, 0x1C,
0xBD, 0xF3, 0x31, 0x54, 0x3D, 0xE0, 0x02, 0xA8,
0xC0, 0x6F, 0x94, 0xE8, 0x81, 0x0A, 0x5C, 0xB3,
0x73, 0x83, 0x27, 0x45, 0xD7, 0x20, 0x68, 0x3B,
0x57, 0x48, 0x75, 0xA6, 0x66, 0x94, 0x6D, 0x02,
0x96, 0x89, 0x3F, 0x2B, 0x59, 0xE9, 0x07, 0x48,
0x8D, 0x8C, 0x84, 0x89, 0xD4, 0x74, 0xD9, 0x29,
0xA0, 0x5A, 0x57, 0x3E, 0xD6, 0x67, 0x49, 0x03,
0x71, 0xA4, 0x6D, 0x45, 0x56, 0xCB, 0xB6, 0x8A,
0xAA, 0x79, 0xCC, 0x3E, 0xC6, 0x65, 0x34, 0x13,
0x57, 0x6C, 0x22, 0x8E, 0x37, 0x9A, 0x14, 0xCB,
0x90, 0xB7, 0xB7, 0x59, 0x1B, 0x19, 0xA7, 0xBD,
0x37, 0xA1, 0xC4, 0xD3, 0x78, 0x59, 0x89, 0x22,
0x19, 0x44, 0x2B, 0xB0, 0xB9, 0xB9, 0xBA, 0x67,
0xBA, 0x3B, 0xC0, 0xD0, 0x95, 0xC8, 0x80, 0x3C,
0xEB, 0xE9, 0x7A, 0xFF, 0x0B, 0x1C, 0x15, 0x35,
0x78, 0xA1, 0x30, 0xCD, 0x81, 0x57, 0xCF, 0x74,
0x59, 0x46, 0xC2, 0xF5, 0x72, 0x6D, 0x9C, 0x11,
0x27, 0x35, 0x75, 0x50, 0x52, 0x91, 0x34, 0x65,
0x28, 0xEE, 0x0B, 0xAC, 0x04, 0x7C, 0xC9, 0x84,
0x53, 0x8B, 0x97, 0xBB, 0xAB, 0xFC, 0xC3, 0x57,
0xDC, 0xB8, 0xA9, 0x8F, 0xB8, 0x57, 0xC9, 0xC5,
0x2D, 0x1B, 0x78, 0x67, 0x49, 0xCA, 0x61, 0x89,
0x2B, 0x09, 0x75, 0x99, 0x80, 0x52, 0x00, 0x91,
0xB9, 0xB4, 0x77, 0xC7, 0x0E, 0x6C, 0x46, 0x58,
0x6B, 0x1C, 0xCE, 0xBE, 0x87, 0xBC, 0xF6, 0xDF,
0x03, 0xC2, 0xB2, 0x7C, 0xB0, 0x9F, 0xA0, 0x3F,
0x63, 0x16, 0x09, 0x58, 0x38, 0x3B, 0xE6, 0x36,
0xC0, 0xEC, 0xC8, 0xDD, 0xAE, 0x8B, 0x59, 0x4A,
0x14, 0x03, 0x78, 0x68, 0xBE, 0xC0, 0xB2, 0x23,
0x00, 0xDE, 0xFD, 0xFA, 0xA1, 0xD9, 0x73, 0xAC,
0x5C, 0xEC, 0x84, 0xAE, 0x43, 0x86, 0xB8, 0xFB,
0xCD, 0x11, 0x9A, 0xFD, 0xC8, 0x55, 0x94, 0x42,
0x42, 0x4A, 0x87, 0xC1, 0x3E, 0xA1, 0x01, 0xE2,
0x9F, 0xCA, 0x11, 0x88, 0x18, 0x69, 0x07, 0x7E,
0x40, 0x92, 0xE7, 0x51, 0xBE, 0xDC, 0xA8, 0xBC
};
#endif
#ifndef WOLFSSL_NO_KYBER768
static const byte seed_768[KYBER_MAKEKEY_RAND_SZ] = {
0x92, 0xAC, 0x7D, 0x1F, 0x83, 0xBA, 0xFA, 0xE6,
0xEE, 0x86, 0xFE, 0x00, 0xF9, 0x5D, 0x81, 0x33,
0x75, 0x77, 0x24, 0x34, 0x86, 0x0F, 0x5F, 0xF7,
0xD5, 0x4F, 0xFC, 0x37, 0x39, 0x9B, 0xC4, 0xCC,
0x92, 0xAC, 0x7D, 0x1F, 0x83, 0xBA, 0xFA, 0xE6,
0xEE, 0x86, 0xFE, 0x00, 0xF9, 0x5D, 0x81, 0x33,
0x75, 0x77, 0x24, 0x34, 0x86, 0x0F, 0x5F, 0xF7,
0xD5, 0x4F, 0xFC, 0x37, 0x39, 0x9B, 0xC4, 0xCC
};
static const byte ek_768[KYBER768_PUBLIC_KEY_SIZE] = {
0xD2, 0xE6, 0x9A, 0x05, 0x53, 0x4A, 0x72, 0x32,
0xC5, 0xF1, 0xB7, 0x66, 0xE9, 0x3A, 0x5E, 0xE2,
0xEA, 0x1B, 0x26, 0xE8, 0x60, 0xA3, 0x44, 0x1A,
0xDE, 0xA9, 0x1E, 0xDB, 0x78, 0x2C, 0xAB, 0xC8,
0xA5, 0xD0, 0x11, 0xA2, 0x1B, 0xC3, 0x88, 0xE7,
0xF4, 0x86, 0xF0, 0xB7, 0x99, 0x30, 0x79, 0xAE,
0x3F, 0x1A, 0x7C, 0x85, 0xD2, 0x7D, 0x0F, 0x49,
0x21, 0x84, 0xD5, 0x90, 0x62, 0x14, 0x2B, 0x76,
0xA4, 0x37, 0x34, 0xA9, 0x0D, 0x55, 0x6A, 0x95,
0xDC, 0x48, 0x3D, 0xD8, 0x21, 0x04, 0xED, 0x58,
0xCA, 0x15, 0x71, 0xC3, 0x96, 0x85, 0x82, 0x79,
0x51, 0x43, 0x4C, 0xC1, 0x00, 0x1A, 0xA4, 0xC8,
0x13, 0x26, 0x1E, 0x4F, 0x93, 0x02, 0x8E, 0x14,
0xCD, 0x08, 0xF7, 0x68, 0xA4, 0x54, 0x31, 0x0C,
0x3B, 0x01, 0x0C, 0x83, 0xB7, 0x4D, 0x04, 0xA5,
0x7B, 0xB9, 0x77, 0xB3, 0xD8, 0xBC, 0xF3, 0xAA,
0xA7, 0x8C, 0xA1, 0x2B, 0x78, 0xF0, 0x10, 0xD9,
0x51, 0x34, 0x92, 0x8A, 0x5E, 0x5D, 0x96, 0xA0,
0x29, 0xB4, 0x42, 0xA4, 0x18, 0x88, 0x03, 0x8B,
0x29, 0xC2, 0xF1, 0x22, 0xB0, 0xB6, 0xB3, 0xAF,
0x12, 0x1A, 0xEA, 0x29, 0xA0, 0x55, 0x53, 0xBD,
0xF1, 0xDB, 0x60, 0x7A, 0xFB, 0x17, 0x00, 0x18,
0x60, 0xAF, 0x18, 0x23, 0xBC, 0xF0, 0x3D, 0xB3,
0xB4, 0x41, 0xDA, 0x16, 0x3A, 0x28, 0xC5, 0x23,
0xA5, 0xFB, 0x46, 0x69, 0xA6, 0x42, 0x34, 0xA4,
0xBC, 0xD1, 0x21, 0x7F, 0xF2, 0x63, 0x5B, 0xD9,
0x76, 0x80, 0xFF, 0x93, 0x8D, 0xBC, 0xF1, 0x0E,
0x95, 0x32, 0xA9, 0xA7, 0x9A, 0x5B, 0x07, 0x3A,
0x9E, 0x8D, 0xB2, 0x12, 0x3D, 0x21, 0x0F, 0xAE,
0xA2, 0x00, 0xB6, 0x64, 0x83, 0x8E, 0x80, 0x07,
0x1F, 0x2B, 0xA2, 0x54, 0xAA, 0xC8, 0x90, 0xA4,
0x6E, 0x28, 0xEC, 0x34, 0x2D, 0x92, 0x81, 0x2B,
0x01, 0x59, 0x30, 0x71, 0x65, 0x7E, 0x7A, 0x3A,
0x4A, 0x75, 0xCB, 0x3D, 0x52, 0x79, 0xCE, 0x88,
0x40, 0x5A, 0xC5, 0xAD, 0xAC, 0xB2, 0x05, 0x1E,
0x02, 0x2E, 0xE0, 0xAC, 0x9B, 0xBF, 0xE3, 0x2D,
0xEF, 0x98, 0x66, 0x7E, 0xD3, 0x47, 0xAD, 0xCB,
0x39, 0x30, 0xF3, 0xCA, 0xD0, 0x31, 0x39, 0x1B,
0x70, 0x9A, 0x4E, 0x61, 0xB8, 0xDD, 0x4B, 0x3F,
0xB7, 0x41, 0xB5, 0xBD, 0x60, 0xBF, 0x30, 0x40,
0x15, 0xEE, 0x75, 0x46, 0xA2, 0x4B, 0x59, 0xEA,
0xDC, 0xA1, 0x37, 0xC7, 0x12, 0x50, 0x74, 0x72,
0x6B, 0x76, 0x86, 0xEC, 0x55, 0x1B, 0x7B, 0xC2,
0x6B, 0xBD, 0xB2, 0x0F, 0xC3, 0x78, 0x35, 0x34,
0xE3, 0x4E, 0xE1, 0xF1, 0xBC, 0x6B, 0x77, 0xAB,
0x49, 0xA6, 0x66, 0x78, 0x46, 0x97, 0x57, 0x78,
0xC3, 0xC5, 0x36, 0x83, 0x04, 0x50, 0xA3, 0xFA,
0x91, 0x02, 0x59, 0x72, 0x2F, 0x3F, 0x80, 0x6E,
0x6E, 0xB4, 0xB9, 0x34, 0x67, 0x63, 0xFE, 0xF0,
0x92, 0x2B, 0xC4, 0xB6, 0xEB, 0x38, 0x26, 0xAF,
0xF2, 0x4E, 0xAD, 0xC6, 0xCF, 0x6E, 0x47, 0x7C,
0x2E, 0x05, 0x5C, 0xFB, 0x7A, 0x90, 0xA5, 0x5C,
0x06, 0xD0, 0xB2, 0xA2, 0xF5, 0x11, 0x60, 0x69,
0xE6, 0x4A, 0x5B, 0x50, 0x78, 0xC0, 0x57, 0x7B,
0xC8, 0xE7, 0x90, 0x0E, 0xA7, 0x1C, 0x34, 0x1C,
0x02, 0xAD, 0x85, 0x4E, 0xA5, 0xA0, 0x1A, 0xF2,
0xA6, 0x05, 0xCB, 0x20, 0x68, 0xD5, 0x24, 0x38,
0xCD, 0xDC, 0x60, 0xB0, 0x38, 0x82, 0xCC, 0x02,
0x4D, 0x13, 0x04, 0x5F, 0x2B, 0xA6, 0xB0, 0xF4,
0x46, 0xAA, 0xA5, 0x95, 0x87, 0x60, 0x61, 0x79,
0x45, 0x37, 0x1F, 0xD7, 0x8C, 0x28, 0xA4, 0x06,
0x77, 0xA6, 0xE7, 0x2F, 0x51, 0x3B, 0x9E, 0x06,
0x67, 0xA9, 0xBA, 0xF4, 0x46, 0xC1, 0xBA, 0x93,
0x1B, 0xA8, 0x18, 0x34, 0x23, 0x47, 0x92, 0xA2,
0xA2, 0xB2, 0xB3, 0x70, 0x1F, 0x31, 0xB7, 0xCF,
0x46, 0x7C, 0x80, 0xF1, 0x98, 0x11, 0x41, 0xBB,
0x45, 0x77, 0x93, 0xE1, 0x30, 0x70, 0x91, 0xC4,
0x8B, 0x59, 0x14, 0x64, 0x6A, 0x60, 0xCE, 0x1A,
0x30, 0x15, 0x43, 0x77, 0x9D, 0x7C, 0x33, 0x42,
0xAD, 0x17, 0x97, 0x96, 0xC2, 0xC4, 0x40, 0xD9,
0x9D, 0xF9, 0xD4, 0x1B, 0x52, 0xE3, 0x26, 0x25,
0xA8, 0x2A, 0xA5, 0xF5, 0x79, 0xA9, 0x92, 0x0B,
0xFF, 0xBA, 0x96, 0x4F, 0xA7, 0x0D, 0xB2, 0x59,
0xC8, 0x5E, 0x68, 0xC8, 0x13, 0x81, 0x7B, 0x13,
0x47, 0xBF, 0x19, 0x81, 0x4D, 0xA5, 0xE9, 0x36,
0x4A, 0x46, 0x45, 0xE6, 0x21, 0x92, 0x3D, 0x95,
0x5C, 0x21, 0x1A, 0x55, 0xD3, 0x55, 0xC8, 0x16,
0xDA, 0x04, 0x73, 0x0A, 0xA3, 0x24, 0x08, 0x5E,
0x62, 0x2B, 0x51, 0xD6, 0x10, 0x9B, 0x49, 0xF6,
0x73, 0xAD, 0xD0, 0x0E, 0x41, 0x47, 0x55, 0xC8,
0x02, 0x4A, 0xA0, 0x16, 0x4F, 0x24, 0x55, 0x6D,
0xED, 0x96, 0x3D, 0x61, 0x14, 0x38, 0x56, 0xCB,
0x4F, 0xF0, 0x56, 0x7E, 0x33, 0x20, 0x73, 0x0D,
0xBC, 0xBF, 0x12, 0xF6, 0x6E, 0x2B, 0x70, 0xB2,
0x00, 0x54, 0xA6, 0xDE, 0xA4, 0x26, 0x14, 0xB5,
0x0E, 0xF7, 0x2B, 0x15, 0x6F, 0x51, 0x49, 0xFC,
0x26, 0x3D, 0xD7, 0xE0, 0x39, 0xC5, 0x5A, 0x3E,
0xE9, 0x82, 0x7D, 0xF9, 0x2C, 0x56, 0x5D, 0x24,
0xC5, 0x5E, 0x0A, 0x81, 0xC6, 0x49, 0x46, 0x95,
0x34, 0x4D, 0x94, 0x87, 0x48, 0xAF, 0xBA, 0x9F,
0x76, 0x2C, 0x0E, 0xA9, 0x0B, 0xB7, 0x24, 0x89,
0x79, 0x02, 0x00, 0x07, 0x75, 0x61, 0x39, 0x49,
0x60, 0x2C, 0x48, 0xC7, 0x8A, 0x94, 0x40, 0x67,
0x8C, 0x24, 0x08, 0x6D, 0x32, 0x6D, 0x79, 0x64,
0x3B, 0xAF, 0x70, 0x36, 0xC6, 0x6C, 0x7E, 0x02,
0x6A, 0xAE, 0xFD, 0xA2, 0x80, 0x7A, 0x60, 0xBD,
0x7F, 0xC9, 0x13, 0x63, 0xBB, 0x02, 0x34, 0xA5,
0x90, 0x98, 0x4A, 0xA0, 0x11, 0xF1, 0x1D, 0x40,
0x26, 0x82, 0x18, 0xA1, 0x58, 0x83, 0x77, 0xB3,
0xD7, 0x67, 0x1B, 0x8B, 0x99, 0x78, 0x99, 0x19,
0xB8, 0x6E, 0xE8, 0x2B, 0x18, 0xEC, 0x22, 0xD4,
0xE8, 0x0A, 0x1F, 0x27, 0x85, 0x3D, 0x88, 0x94,
0x19, 0xD4, 0x60, 0xDE, 0xF7, 0x56, 0x7A, 0xA4,
0x56, 0x79, 0x69, 0xC4, 0x30, 0x48, 0xC3, 0x2B,
0x84, 0x62, 0xA9, 0xC9, 0x38, 0x6E, 0xB3, 0x15,
0x2A, 0x69, 0x76, 0xAA, 0x78, 0x3C, 0xDD, 0x1A,
0x8C, 0x57, 0xA9, 0xB6, 0xBB, 0xD8, 0x37, 0xA0,
0x06, 0x24, 0xB5, 0x8B, 0x4B, 0xA3, 0xDB, 0xB6,
0x3B, 0xB8, 0x20, 0x0E, 0x7B, 0xC8, 0x88, 0x81,
0xBE, 0xBD, 0xA9, 0x25, 0xBC, 0xA0, 0x28, 0xE2,
0x91, 0xAA, 0x1C, 0x22, 0x53, 0x9C, 0xD0, 0x4F,
0x90, 0x09, 0x0D, 0x7F, 0x74, 0x10, 0x8C, 0x32,
0xB8, 0x02, 0x2C, 0x15, 0x91, 0xC8, 0x81, 0xE7,
0x63, 0x04, 0xE2, 0x40, 0x81, 0x90, 0xE2, 0x0F,
0x09, 0xA5, 0x4F, 0xC2, 0x34, 0x20, 0xE2, 0x62,
0x0E, 0x9D, 0x87, 0xA3, 0x10, 0x8A, 0x94, 0xFE,
0xEA, 0x72, 0xD5, 0xAB, 0x7F, 0xCF, 0xB9, 0x72,
0xE6, 0x56, 0x1B, 0x1A, 0x7B, 0x06, 0x2F, 0x1A,
0x68, 0x2E, 0x02, 0x0A, 0xA2, 0x56, 0x28, 0x12,
0xB2, 0x96, 0x54, 0x7B, 0x91, 0x78, 0x24, 0xCD,
0xB8, 0x8C, 0x58, 0x2B, 0x5A, 0x68, 0x90, 0x17,
0x7B, 0xC7, 0x0C, 0x91, 0xAC, 0xAC, 0x9A, 0xBE,
0x29, 0x0A, 0xEB, 0x2C, 0x34, 0xA7, 0xE2, 0x36,
0x89, 0x55, 0xCB, 0x45, 0x6A, 0x34, 0x53, 0x68,
0xAB, 0xE3, 0xB9, 0x1B, 0x47, 0xFC, 0x30, 0xB0,
0x23, 0x3A, 0x09, 0xBA, 0x79, 0xFB, 0x11, 0x23,
0x8A, 0xC5, 0x08, 0xCC, 0xE6, 0x10, 0x95, 0xF8,
0x54, 0xC2, 0x32, 0x04, 0xA8, 0xD3, 0x6B, 0xFC,
0x2C, 0x6E, 0x05, 0xA7, 0x2A, 0xF5, 0x24, 0x4B,
0x17, 0xC1, 0x21, 0x01, 0xE0, 0x14, 0x51, 0x57,
0x0E, 0xB1, 0x10, 0x56, 0x7E, 0x85, 0x0E, 0x79,
0xC0, 0x00, 0x14, 0x24, 0x41, 0xFE, 0x41, 0x60,
0x02, 0x75, 0x45, 0xF6, 0x29, 0x0E, 0x85, 0x45,
0x1B, 0x80, 0x23, 0x4A, 0x94, 0x06, 0xC3, 0x90,
0xB0, 0xCE, 0xA3, 0xC8, 0x33, 0x5D, 0x4C, 0x6F,
0x85, 0x50, 0xB5, 0x44, 0xC9, 0x34, 0x3E, 0x61,
0xBA, 0x1C, 0x84, 0x89, 0xD1, 0xB0, 0x39, 0x97,
0x39, 0x16, 0x8A, 0xF7, 0x40, 0xA4, 0x81, 0xB0,
0xF5, 0xC3, 0x37, 0x25, 0x30, 0xCA, 0x06, 0xB5,
0x08, 0xEC, 0xE8, 0x38, 0xAB, 0x78, 0xBE, 0xE1,
0xE5, 0x97, 0xA9, 0xB1, 0x4F, 0x6A, 0xEC, 0x7A,
0x3B, 0xD1, 0xAA, 0x8D, 0x10, 0xBA, 0xC2, 0x3B,
0x98, 0x02, 0x90, 0x2C, 0xD5, 0x29, 0xAB, 0x6E,
0xF5, 0x4D, 0xB3, 0x11, 0x0C, 0xFB, 0x56, 0x1E,
0x7E, 0x69, 0x48, 0xE6, 0x52, 0x81, 0x25, 0x04,
0x16, 0xC3, 0x49, 0xC8, 0x10, 0x0B, 0x3B, 0x4D,
0x3D, 0x0F, 0x62, 0xAC, 0xAD, 0x8D, 0x16, 0x11,
0x75, 0xB1, 0x34, 0xF7, 0x56, 0x49, 0x37, 0xCD
};
static const byte dk_768[KYBER768_PRIVATE_KEY_SIZE] = {
0x19, 0xD7, 0x4A, 0xD5, 0x47, 0x2A, 0x8B, 0x2B,
0xAA, 0xD2, 0xA5, 0x67, 0x02, 0xC9, 0xB3, 0xB5,
0x51, 0x0E, 0xF3, 0x92, 0x48, 0x58, 0x06, 0x1D,
0x57, 0xF9, 0x0D, 0xD9, 0xA1, 0xA0, 0x1F, 0xEC,
0x2F, 0x57, 0xC5, 0x1A, 0x88, 0x88, 0x05, 0x34,
0x1B, 0x61, 0x7C, 0x51, 0x55, 0x39, 0x59, 0x77,
0x50, 0x83, 0x5C, 0x3E, 0xD7, 0xA0, 0x33, 0xB0,
0x39, 0xD7, 0x24, 0x91, 0x33, 0x2C, 0x5D, 0xF4,
0xA6, 0x9B, 0x6D, 0xF2, 0x61, 0x71, 0x87, 0x7A,
0xD1, 0xE5, 0x0A, 0xC5, 0x01, 0x00, 0xBE, 0x47,
0x28, 0x78, 0x66, 0x85, 0xDA, 0x7A, 0x73, 0x9E,
0x84, 0x3F, 0xF0, 0xD4, 0x59, 0x22, 0xD7, 0x28,
0x1E, 0x21, 0x0D, 0x5E, 0x82, 0xB9, 0x44, 0x65,
0x2F, 0x48, 0x62, 0xCF, 0xB3, 0xD9, 0x02, 0xDE,
0x60, 0xAF, 0xD0, 0xA1, 0x64, 0x47, 0x1B, 0x26,
0x14, 0x4A, 0x1D, 0x7A, 0x38, 0x09, 0x65, 0x03,
0x09, 0x59, 0x11, 0x76, 0x2E, 0xBA, 0x79, 0x62,
0xC4, 0x51, 0x1D, 0x05, 0xA1, 0x28, 0xF2, 0x78,
0x1E, 0xCB, 0x3D, 0x1F, 0x5B, 0xB1, 0x24, 0x42,
0x37, 0x61, 0x1A, 0xBA, 0xB9, 0x24, 0x99, 0x1F,
0x8A, 0x27, 0x32, 0xE2, 0x70, 0x32, 0x35, 0x79,
0x20, 0xF1, 0x97, 0xC7, 0x69, 0x2D, 0x60, 0xA9,
0x44, 0x44, 0x72, 0x25, 0x8C, 0xB4, 0x57, 0xC1,
0xB7, 0x1B, 0x77, 0x99, 0x54, 0x69, 0xF3, 0xA9,
0x62, 0xF3, 0xAB, 0xA6, 0x69, 0x96, 0x14, 0xFC,
0xCC, 0xEA, 0x74, 0x1E, 0x21, 0xC6, 0x00, 0xC4,
0x35, 0x7B, 0xBF, 0xAB, 0x45, 0x29, 0x27, 0xC3,
0xD4, 0x41, 0xBF, 0x8E, 0xD7, 0x31, 0x52, 0xF7,
0x5C, 0x08, 0xF5, 0x40, 0xE1, 0x86, 0xAC, 0xCA,
0x33, 0x26, 0xF4, 0x22, 0xC8, 0x4B, 0x98, 0x8D,
0x77, 0xE6, 0x1A, 0xE6, 0x18, 0x59, 0xCF, 0x85,
0x41, 0xF8, 0x92, 0x09, 0xE4, 0x98, 0x30, 0x40,
0xC5, 0x61, 0x76, 0x54, 0x80, 0x88, 0x52, 0xB6,
0x49, 0xB8, 0x99, 0xA3, 0x99, 0xAE, 0xC2, 0xC8,
0xBB, 0xA8, 0xA5, 0x42, 0xF3, 0x45, 0xAB, 0xF2,
0x81, 0x3F, 0x65, 0xE9, 0xA7, 0x91, 0xD3, 0x2C,
0xC2, 0xD7, 0x60, 0x26, 0xFB, 0x8D, 0x0C, 0x94,
0xB6, 0x57, 0x48, 0x9A, 0xBB, 0x48, 0x7D, 0xA4,
0xA2, 0xC0, 0xE3, 0x86, 0x8D, 0x3C, 0xF4, 0x7F,
0x1C, 0xBB, 0x2F, 0xA7, 0x9C, 0x53, 0xCF, 0xF6,
0x26, 0x47, 0x77, 0xC0, 0x9B, 0x17, 0x7C, 0x91,
0x31, 0x54, 0x84, 0xD2, 0xB3, 0x0B, 0x0C, 0xA2,
0x1F, 0x55, 0xAD, 0xD2, 0x3C, 0x57, 0xE1, 0x91,
0x1C, 0x3F, 0x08, 0x6B, 0xCA, 0xD2, 0x17, 0x98,
0x48, 0x6E, 0xB4, 0x7B, 0x7C, 0x58, 0x57, 0x73,
0x81, 0xC0, 0x9F, 0x52, 0x52, 0x58, 0x2D, 0x1B,
0x27, 0xA7, 0xD5, 0xB8, 0xE0, 0x60, 0xCE, 0x78,
0x20, 0x9C, 0xC8, 0x2B, 0xAE, 0x4D, 0xA6, 0x06,
0x80, 0x0C, 0x8D, 0xB1, 0x26, 0x8F, 0x7A, 0xD2,
0xB7, 0x93, 0xA4, 0x4F, 0x34, 0x61, 0x2C, 0xCE,
0xA3, 0x1C, 0xE7, 0xD7, 0x96, 0xA6, 0x5A, 0x26,
0x91, 0xD6, 0x15, 0x00, 0x62, 0x5F, 0x83, 0xE7,
0xBE, 0x57, 0x07, 0x7E, 0xE9, 0xC1, 0xB8, 0xC1,
0xCA, 0xA1, 0x37, 0xCC, 0x4B, 0x65, 0x73, 0x30,
0x8C, 0x19, 0x66, 0x8B, 0x24, 0xB0, 0x1E, 0x96,
0x69, 0x03, 0xAB, 0xBC, 0xB7, 0x9B, 0x67, 0xBE,
0x0A, 0x3E, 0x3E, 0x05, 0x8A, 0xAD, 0xA1, 0x89,
0xB9, 0xEA, 0x80, 0x35, 0x9A, 0xC2, 0x6F, 0x4C,
0x5C, 0x53, 0x73, 0x5F, 0xE4, 0xFC, 0x35, 0x24,
0x73, 0x37, 0x76, 0x0C, 0xCA, 0x35, 0x29, 0xB8,
0xD2, 0x66, 0xBB, 0x6C, 0x48, 0x01, 0x06, 0x54,
0xCD, 0xBC, 0x5A, 0x3E, 0x97, 0x57, 0x52, 0x46,
0x75, 0xAB, 0xC4, 0x13, 0x13, 0x0C, 0xC2, 0x70,
0x1F, 0x28, 0x93, 0x3E, 0xAB, 0xB8, 0x39, 0x2B,
0x0D, 0x6D, 0x05, 0x9C, 0xFC, 0x3A, 0x30, 0x32,
0x6C, 0x4F, 0xCC, 0x81, 0x0B, 0x37, 0xA4, 0x74,
0x8C, 0x1C, 0x53, 0x92, 0x8A, 0x49, 0x13, 0xE4,
0x8B, 0x18, 0x66, 0x97, 0x16, 0x2C, 0x33, 0xFF,
0xFB, 0x06, 0xDD, 0x51, 0x61, 0xC8, 0x63, 0x9D,
0xB1, 0x95, 0xC6, 0xCA, 0x64, 0x82, 0x9B, 0x2B,
0x3A, 0x2E, 0x4C, 0x96, 0x83, 0xB6, 0x6D, 0xF7,
0xFB, 0x19, 0x09, 0x90, 0x4E, 0x00, 0x02, 0x0D,
0xBA, 0x13, 0x4E, 0x02, 0xA1, 0x68, 0xD7, 0x6A,
0xC0, 0x76, 0xBB, 0x77, 0xD4, 0xDC, 0x84, 0x96,
0xB4, 0xBB, 0xE7, 0xB4, 0x69, 0x0B, 0xA2, 0x9B,
0x62, 0xA9, 0x1A, 0xBE, 0x72, 0xBE, 0xF3, 0x23,
0xA4, 0x4C, 0x89, 0x03, 0xE4, 0x82, 0xB6, 0x0D,
0x99, 0xBA, 0x61, 0xD1, 0xBB, 0xCF, 0x9C, 0xB9,
0x67, 0x35, 0x34, 0xC1, 0xD6, 0x47, 0x66, 0x23,
0x74, 0xEE, 0x2C, 0x7C, 0x5F, 0x00, 0x81, 0xBA,
0xD1, 0x49, 0xF4, 0x42, 0x06, 0x71, 0x76, 0x84,
0xD9, 0x74, 0x6B, 0x20, 0x48, 0x63, 0x3A, 0xF7,
0xA6, 0x8C, 0x68, 0x65, 0xFB, 0x59, 0x03, 0x58,
0xD8, 0xCF, 0x82, 0x14, 0x58, 0x36, 0x9B, 0x0C,
0x31, 0xEB, 0x59, 0x7C, 0xF5, 0xBE, 0x78, 0xEB,
0x48, 0x0E, 0xA0, 0x4E, 0x35, 0xFA, 0xCC, 0x38,
0x03, 0x72, 0xC8, 0xC0, 0xA0, 0x4D, 0xE2, 0x76,
0xB1, 0xA7, 0x21, 0x21, 0xE5, 0x96, 0xCB, 0xB2,
0x5E, 0xF7, 0x53, 0x6A, 0xD3, 0x80, 0x41, 0x84,
0xA8, 0x7B, 0xDF, 0xB5, 0xA7, 0x69, 0x16, 0x0B,
0xFB, 0xB0, 0xCA, 0x3C, 0x36, 0x07, 0x90, 0xE5,
0x56, 0x2B, 0xB7, 0x8E, 0xFE, 0x00, 0x69, 0xC7,
0x74, 0x83, 0xAD, 0x35, 0xCA, 0xC2, 0x37, 0xC6,
0x1D, 0xE7, 0x8A, 0x7D, 0xB4, 0x6F, 0xC9, 0x17,
0x12, 0x4C, 0xA1, 0x75, 0x10, 0xDB, 0x7D, 0xA2,
0x18, 0x89, 0x0F, 0x44, 0x8E, 0xF6, 0x31, 0x86,
0x13, 0xA1, 0xC9, 0x7C, 0x92, 0x8E, 0x2B, 0x7B,
0x6A, 0x54, 0x61, 0x7B, 0xCC, 0xB6, 0xCD, 0xF2,
0x78, 0xAE, 0x54, 0x2B, 0x56, 0xAD, 0x7B, 0xB5,
0xEC, 0xD8, 0xC4, 0x6A, 0x66, 0xC4, 0xFA, 0x09,
0x50, 0xCE, 0x41, 0x35, 0x2C, 0xB8, 0x57, 0x11,
0x89, 0x04, 0x58, 0xF2, 0x99, 0xBF, 0x40, 0xBA,
0x6F, 0xF2, 0xC0, 0x71, 0x38, 0x62, 0x26, 0x8B,
0x5F, 0x08, 0xE4, 0x98, 0x45, 0xB0, 0x94, 0x43,
0x99, 0x7A, 0xB2, 0x9A, 0x62, 0x07, 0x3C, 0x0D,
0x98, 0x18, 0xC0, 0x20, 0x16, 0x7D, 0x47, 0x49,
0x23, 0x1C, 0x05, 0x9E, 0x6F, 0x48, 0x3F, 0x97,
0x68, 0x17, 0xC9, 0x0C, 0x20, 0xA9, 0xC9, 0x37,
0x07, 0x9C, 0x2D, 0x4B, 0xE3, 0x0D, 0xA9, 0x74,
0xA9, 0x7E, 0x4B, 0xC5, 0x3E, 0xD9, 0x6A, 0x55,
0x16, 0x9F, 0x4A, 0x23, 0xA3, 0xEA, 0x24, 0xBD,
0x8E, 0x01, 0xB8, 0xFA, 0xEB, 0x95, 0xD4, 0xE5,
0x3F, 0xFF, 0xEC, 0xB6, 0x08, 0x02, 0xC3, 0x88,
0xA4, 0x0F, 0x46, 0x60, 0x54, 0x0B, 0x1B, 0x1F,
0x81, 0x76, 0xC9, 0x81, 0x1B, 0xB2, 0x6A, 0x68,
0x3C, 0xA7, 0x89, 0x56, 0x4A, 0x29, 0x40, 0xFC,
0xEB, 0x2C, 0xE6, 0xA9, 0x2A, 0x1E, 0xE4, 0x5E,
0xE4, 0xC3, 0x18, 0x57, 0xC9, 0xB9, 0xB8, 0xB5,
0x6A, 0x79, 0xD9, 0x5A, 0x46, 0xCB, 0x39, 0x3A,
0x31, 0xA2, 0x73, 0x7B, 0xAF, 0xEA, 0x6C, 0x81,
0x06, 0x6A, 0x67, 0x2B, 0x34, 0xC1, 0x0A, 0xA9,
0x89, 0x57, 0xC9, 0x17, 0x66, 0xB7, 0x30, 0x03,
0x6A, 0x56, 0xD9, 0x40, 0xAA, 0x4E, 0xBC, 0xB7,
0x58, 0xB0, 0x83, 0x51, 0xE2, 0xC4, 0xFD, 0x19,
0x45, 0x3B, 0xF3, 0xA6, 0x29, 0x2A, 0x99, 0x3D,
0x67, 0xC7, 0xEC, 0xC7, 0x2F, 0x42, 0xF7, 0x82,
0xE9, 0xEB, 0xAA, 0x1A, 0x8B, 0x3B, 0x0F, 0x56,
0x7A, 0xB3, 0x94, 0x21, 0xF6, 0xA6, 0x7A, 0x6B,
0x84, 0x10, 0xFD, 0x94, 0xA7, 0x21, 0xD3, 0x65,
0xF1, 0x63, 0x9E, 0x9D, 0xDA, 0xBF, 0xD0, 0xA6,
0xCE, 0x1A, 0x46, 0x05, 0xBD, 0x2B, 0x1C, 0x9B,
0x97, 0x7B, 0xD1, 0xEA, 0x32, 0x86, 0x73, 0x68,
0xD6, 0xE6, 0x39, 0xD0, 0x19, 0xAC, 0x10, 0x18,
0x53, 0xBC, 0x15, 0x3C, 0x86, 0xF8, 0x52, 0x80,
0xFC, 0x76, 0x3B, 0xA2, 0x4F, 0xB5, 0x7A, 0x29,
0x6C, 0xB1, 0x2D, 0x32, 0xE0, 0x8A, 0xB3, 0x2C,
0x55, 0x1D, 0x5A, 0x45, 0xA4, 0xA2, 0x8F, 0x9A,
0xDC, 0x28, 0xF7, 0xA2, 0x90, 0x0E, 0x25, 0xA4,
0x0B, 0x51, 0x90, 0xB2, 0x2A, 0xB1, 0x9D, 0xFB,
0x24, 0x6F, 0x42, 0xB2, 0x4F, 0x97, 0xCC, 0xA9,
0xB0, 0x9B, 0xEA, 0xD2, 0x46, 0xE1, 0x73, 0x4F,
0x44, 0x66, 0x77, 0xB3, 0x8B, 0x75, 0x22, 0xB7,
0x80, 0x72, 0x7C, 0x11, 0x74, 0x40, 0xC9, 0xF1,
0xA0, 0x24, 0x52, 0x0C, 0x14, 0x1A, 0x69, 0xCD,
0xD2, 0xE6, 0x9A, 0x05, 0x53, 0x4A, 0x72, 0x32,
0xC5, 0xF1, 0xB7, 0x66, 0xE9, 0x3A, 0x5E, 0xE2,
0xEA, 0x1B, 0x26, 0xE8, 0x60, 0xA3, 0x44, 0x1A,
0xDE, 0xA9, 0x1E, 0xDB, 0x78, 0x2C, 0xAB, 0xC8,
0xA5, 0xD0, 0x11, 0xA2, 0x1B, 0xC3, 0x88, 0xE7,
0xF4, 0x86, 0xF0, 0xB7, 0x99, 0x30, 0x79, 0xAE,
0x3F, 0x1A, 0x7C, 0x85, 0xD2, 0x7D, 0x0F, 0x49,
0x21, 0x84, 0xD5, 0x90, 0x62, 0x14, 0x2B, 0x76,
0xA4, 0x37, 0x34, 0xA9, 0x0D, 0x55, 0x6A, 0x95,
0xDC, 0x48, 0x3D, 0xD8, 0x21, 0x04, 0xED, 0x58,
0xCA, 0x15, 0x71, 0xC3, 0x96, 0x85, 0x82, 0x79,
0x51, 0x43, 0x4C, 0xC1, 0x00, 0x1A, 0xA4, 0xC8,
0x13, 0x26, 0x1E, 0x4F, 0x93, 0x02, 0x8E, 0x14,
0xCD, 0x08, 0xF7, 0x68, 0xA4, 0x54, 0x31, 0x0C,
0x3B, 0x01, 0x0C, 0x83, 0xB7, 0x4D, 0x04, 0xA5,
0x7B, 0xB9, 0x77, 0xB3, 0xD8, 0xBC, 0xF3, 0xAA,
0xA7, 0x8C, 0xA1, 0x2B, 0x78, 0xF0, 0x10, 0xD9,
0x51, 0x34, 0x92, 0x8A, 0x5E, 0x5D, 0x96, 0xA0,
0x29, 0xB4, 0x42, 0xA4, 0x18, 0x88, 0x03, 0x8B,
0x29, 0xC2, 0xF1, 0x22, 0xB0, 0xB6, 0xB3, 0xAF,
0x12, 0x1A, 0xEA, 0x29, 0xA0, 0x55, 0x53, 0xBD,
0xF1, 0xDB, 0x60, 0x7A, 0xFB, 0x17, 0x00, 0x18,
0x60, 0xAF, 0x18, 0x23, 0xBC, 0xF0, 0x3D, 0xB3,
0xB4, 0x41, 0xDA, 0x16, 0x3A, 0x28, 0xC5, 0x23,
0xA5, 0xFB, 0x46, 0x69, 0xA6, 0x42, 0x34, 0xA4,
0xBC, 0xD1, 0x21, 0x7F, 0xF2, 0x63, 0x5B, 0xD9,
0x76, 0x80, 0xFF, 0x93, 0x8D, 0xBC, 0xF1, 0x0E,
0x95, 0x32, 0xA9, 0xA7, 0x9A, 0x5B, 0x07, 0x3A,
0x9E, 0x8D, 0xB2, 0x12, 0x3D, 0x21, 0x0F, 0xAE,
0xA2, 0x00, 0xB6, 0x64, 0x83, 0x8E, 0x80, 0x07,
0x1F, 0x2B, 0xA2, 0x54, 0xAA, 0xC8, 0x90, 0xA4,
0x6E, 0x28, 0xEC, 0x34, 0x2D, 0x92, 0x81, 0x2B,
0x01, 0x59, 0x30, 0x71, 0x65, 0x7E, 0x7A, 0x3A,
0x4A, 0x75, 0xCB, 0x3D, 0x52, 0x79, 0xCE, 0x88,
0x40, 0x5A, 0xC5, 0xAD, 0xAC, 0xB2, 0x05, 0x1E,
0x02, 0x2E, 0xE0, 0xAC, 0x9B, 0xBF, 0xE3, 0x2D,
0xEF, 0x98, 0x66, 0x7E, 0xD3, 0x47, 0xAD, 0xCB,
0x39, 0x30, 0xF3, 0xCA, 0xD0, 0x31, 0x39, 0x1B,
0x70, 0x9A, 0x4E, 0x61, 0xB8, 0xDD, 0x4B, 0x3F,
0xB7, 0x41, 0xB5, 0xBD, 0x60, 0xBF, 0x30, 0x40,
0x15, 0xEE, 0x75, 0x46, 0xA2, 0x4B, 0x59, 0xEA,
0xDC, 0xA1, 0x37, 0xC7, 0x12, 0x50, 0x74, 0x72,
0x6B, 0x76, 0x86, 0xEC, 0x55, 0x1B, 0x7B, 0xC2,
0x6B, 0xBD, 0xB2, 0x0F, 0xC3, 0x78, 0x35, 0x34,
0xE3, 0x4E, 0xE1, 0xF1, 0xBC, 0x6B, 0x77, 0xAB,
0x49, 0xA6, 0x66, 0x78, 0x46, 0x97, 0x57, 0x78,
0xC3, 0xC5, 0x36, 0x83, 0x04, 0x50, 0xA3, 0xFA,
0x91, 0x02, 0x59, 0x72, 0x2F, 0x3F, 0x80, 0x6E,
0x6E, 0xB4, 0xB9, 0x34, 0x67, 0x63, 0xFE, 0xF0,
0x92, 0x2B, 0xC4, 0xB6, 0xEB, 0x38, 0x26, 0xAF,
0xF2, 0x4E, 0xAD, 0xC6, 0xCF, 0x6E, 0x47, 0x7C,
0x2E, 0x05, 0x5C, 0xFB, 0x7A, 0x90, 0xA5, 0x5C,
0x06, 0xD0, 0xB2, 0xA2, 0xF5, 0x11, 0x60, 0x69,
0xE6, 0x4A, 0x5B, 0x50, 0x78, 0xC0, 0x57, 0x7B,
0xC8, 0xE7, 0x90, 0x0E, 0xA7, 0x1C, 0x34, 0x1C,
0x02, 0xAD, 0x85, 0x4E, 0xA5, 0xA0, 0x1A, 0xF2,
0xA6, 0x05, 0xCB, 0x20, 0x68, 0xD5, 0x24, 0x38,
0xCD, 0xDC, 0x60, 0xB0, 0x38, 0x82, 0xCC, 0x02,
0x4D, 0x13, 0x04, 0x5F, 0x2B, 0xA6, 0xB0, 0xF4,
0x46, 0xAA, 0xA5, 0x95, 0x87, 0x60, 0x61, 0x79,
0x45, 0x37, 0x1F, 0xD7, 0x8C, 0x28, 0xA4, 0x06,
0x77, 0xA6, 0xE7, 0x2F, 0x51, 0x3B, 0x9E, 0x06,
0x67, 0xA9, 0xBA, 0xF4, 0x46, 0xC1, 0xBA, 0x93,
0x1B, 0xA8, 0x18, 0x34, 0x23, 0x47, 0x92, 0xA2,
0xA2, 0xB2, 0xB3, 0x70, 0x1F, 0x31, 0xB7, 0xCF,
0x46, 0x7C, 0x80, 0xF1, 0x98, 0x11, 0x41, 0xBB,
0x45, 0x77, 0x93, 0xE1, 0x30, 0x70, 0x91, 0xC4,
0x8B, 0x59, 0x14, 0x64, 0x6A, 0x60, 0xCE, 0x1A,
0x30, 0x15, 0x43, 0x77, 0x9D, 0x7C, 0x33, 0x42,
0xAD, 0x17, 0x97, 0x96, 0xC2, 0xC4, 0x40, 0xD9,
0x9D, 0xF9, 0xD4, 0x1B, 0x52, 0xE3, 0x26, 0x25,
0xA8, 0x2A, 0xA5, 0xF5, 0x79, 0xA9, 0x92, 0x0B,
0xFF, 0xBA, 0x96, 0x4F, 0xA7, 0x0D, 0xB2, 0x59,
0xC8, 0x5E, 0x68, 0xC8, 0x13, 0x81, 0x7B, 0x13,
0x47, 0xBF, 0x19, 0x81, 0x4D, 0xA5, 0xE9, 0x36,
0x4A, 0x46, 0x45, 0xE6, 0x21, 0x92, 0x3D, 0x95,
0x5C, 0x21, 0x1A, 0x55, 0xD3, 0x55, 0xC8, 0x16,
0xDA, 0x04, 0x73, 0x0A, 0xA3, 0x24, 0x08, 0x5E,
0x62, 0x2B, 0x51, 0xD6, 0x10, 0x9B, 0x49, 0xF6,
0x73, 0xAD, 0xD0, 0x0E, 0x41, 0x47, 0x55, 0xC8,
0x02, 0x4A, 0xA0, 0x16, 0x4F, 0x24, 0x55, 0x6D,
0xED, 0x96, 0x3D, 0x61, 0x14, 0x38, 0x56, 0xCB,
0x4F, 0xF0, 0x56, 0x7E, 0x33, 0x20, 0x73, 0x0D,
0xBC, 0xBF, 0x12, 0xF6, 0x6E, 0x2B, 0x70, 0xB2,
0x00, 0x54, 0xA6, 0xDE, 0xA4, 0x26, 0x14, 0xB5,
0x0E, 0xF7, 0x2B, 0x15, 0x6F, 0x51, 0x49, 0xFC,
0x26, 0x3D, 0xD7, 0xE0, 0x39, 0xC5, 0x5A, 0x3E,
0xE9, 0x82, 0x7D, 0xF9, 0x2C, 0x56, 0x5D, 0x24,
0xC5, 0x5E, 0x0A, 0x81, 0xC6, 0x49, 0x46, 0x95,
0x34, 0x4D, 0x94, 0x87, 0x48, 0xAF, 0xBA, 0x9F,
0x76, 0x2C, 0x0E, 0xA9, 0x0B, 0xB7, 0x24, 0x89,
0x79, 0x02, 0x00, 0x07, 0x75, 0x61, 0x39, 0x49,
0x60, 0x2C, 0x48, 0xC7, 0x8A, 0x94, 0x40, 0x67,
0x8C, 0x24, 0x08, 0x6D, 0x32, 0x6D, 0x79, 0x64,
0x3B, 0xAF, 0x70, 0x36, 0xC6, 0x6C, 0x7E, 0x02,
0x6A, 0xAE, 0xFD, 0xA2, 0x80, 0x7A, 0x60, 0xBD,
0x7F, 0xC9, 0x13, 0x63, 0xBB, 0x02, 0x34, 0xA5,
0x90, 0x98, 0x4A, 0xA0, 0x11, 0xF1, 0x1D, 0x40,
0x26, 0x82, 0x18, 0xA1, 0x58, 0x83, 0x77, 0xB3,
0xD7, 0x67, 0x1B, 0x8B, 0x99, 0x78, 0x99, 0x19,
0xB8, 0x6E, 0xE8, 0x2B, 0x18, 0xEC, 0x22, 0xD4,
0xE8, 0x0A, 0x1F, 0x27, 0x85, 0x3D, 0x88, 0x94,
0x19, 0xD4, 0x60, 0xDE, 0xF7, 0x56, 0x7A, 0xA4,
0x56, 0x79, 0x69, 0xC4, 0x30, 0x48, 0xC3, 0x2B,
0x84, 0x62, 0xA9, 0xC9, 0x38, 0x6E, 0xB3, 0x15,
0x2A, 0x69, 0x76, 0xAA, 0x78, 0x3C, 0xDD, 0x1A,
0x8C, 0x57, 0xA9, 0xB6, 0xBB, 0xD8, 0x37, 0xA0,
0x06, 0x24, 0xB5, 0x8B, 0x4B, 0xA3, 0xDB, 0xB6,
0x3B, 0xB8, 0x20, 0x0E, 0x7B, 0xC8, 0x88, 0x81,
0xBE, 0xBD, 0xA9, 0x25, 0xBC, 0xA0, 0x28, 0xE2,
0x91, 0xAA, 0x1C, 0x22, 0x53, 0x9C, 0xD0, 0x4F,
0x90, 0x09, 0x0D, 0x7F, 0x74, 0x10, 0x8C, 0x32,
0xB8, 0x02, 0x2C, 0x15, 0x91, 0xC8, 0x81, 0xE7,
0x63, 0x04, 0xE2, 0x40, 0x81, 0x90, 0xE2, 0x0F,
0x09, 0xA5, 0x4F, 0xC2, 0x34, 0x20, 0xE2, 0x62,
0x0E, 0x9D, 0x87, 0xA3, 0x10, 0x8A, 0x94, 0xFE,
0xEA, 0x72, 0xD5, 0xAB, 0x7F, 0xCF, 0xB9, 0x72,
0xE6, 0x56, 0x1B, 0x1A, 0x7B, 0x06, 0x2F, 0x1A,
0x68, 0x2E, 0x02, 0x0A, 0xA2, 0x56, 0x28, 0x12,
0xB2, 0x96, 0x54, 0x7B, 0x91, 0x78, 0x24, 0xCD,
0xB8, 0x8C, 0x58, 0x2B, 0x5A, 0x68, 0x90, 0x17,
0x7B, 0xC7, 0x0C, 0x91, 0xAC, 0xAC, 0x9A, 0xBE,
0x29, 0x0A, 0xEB, 0x2C, 0x34, 0xA7, 0xE2, 0x36,
0x89, 0x55, 0xCB, 0x45, 0x6A, 0x34, 0x53, 0x68,
0xAB, 0xE3, 0xB9, 0x1B, 0x47, 0xFC, 0x30, 0xB0,
0x23, 0x3A, 0x09, 0xBA, 0x79, 0xFB, 0x11, 0x23,
0x8A, 0xC5, 0x08, 0xCC, 0xE6, 0x10, 0x95, 0xF8,
0x54, 0xC2, 0x32, 0x04, 0xA8, 0xD3, 0x6B, 0xFC,
0x2C, 0x6E, 0x05, 0xA7, 0x2A, 0xF5, 0x24, 0x4B,
0x17, 0xC1, 0x21, 0x01, 0xE0, 0x14, 0x51, 0x57,
0x0E, 0xB1, 0x10, 0x56, 0x7E, 0x85, 0x0E, 0x79,
0xC0, 0x00, 0x14, 0x24, 0x41, 0xFE, 0x41, 0x60,
0x02, 0x75, 0x45, 0xF6, 0x29, 0x0E, 0x85, 0x45,
0x1B, 0x80, 0x23, 0x4A, 0x94, 0x06, 0xC3, 0x90,
0xB0, 0xCE, 0xA3, 0xC8, 0x33, 0x5D, 0x4C, 0x6F,
0x85, 0x50, 0xB5, 0x44, 0xC9, 0x34, 0x3E, 0x61,
0xBA, 0x1C, 0x84, 0x89, 0xD1, 0xB0, 0x39, 0x97,
0x39, 0x16, 0x8A, 0xF7, 0x40, 0xA4, 0x81, 0xB0,
0xF5, 0xC3, 0x37, 0x25, 0x30, 0xCA, 0x06, 0xB5,
0x08, 0xEC, 0xE8, 0x38, 0xAB, 0x78, 0xBE, 0xE1,
0xE5, 0x97, 0xA9, 0xB1, 0x4F, 0x6A, 0xEC, 0x7A,
0x3B, 0xD1, 0xAA, 0x8D, 0x10, 0xBA, 0xC2, 0x3B,
0x98, 0x02, 0x90, 0x2C, 0xD5, 0x29, 0xAB, 0x6E,
0xF5, 0x4D, 0xB3, 0x11, 0x0C, 0xFB, 0x56, 0x1E,
0x7E, 0x69, 0x48, 0xE6, 0x52, 0x81, 0x25, 0x04,
0x16, 0xC3, 0x49, 0xC8, 0x10, 0x0B, 0x3B, 0x4D,
0x3D, 0x0F, 0x62, 0xAC, 0xAD, 0x8D, 0x16, 0x11,
0x75, 0xB1, 0x34, 0xF7, 0x56, 0x49, 0x37, 0xCD,
0xEC, 0xE9, 0xE2, 0x46, 0xAA, 0xD1, 0x10, 0x21,
0xA6, 0x7B, 0x20, 0xEB, 0x8F, 0x77, 0x65, 0xAC,
0x28, 0x23, 0xA9, 0xD1, 0x8C, 0x93, 0xEC, 0x28,
0x2D, 0x6D, 0xBC, 0x53, 0xCD, 0x6D, 0xF5, 0x75,
0x92, 0xAC, 0x7D, 0x1F, 0x83, 0xBA, 0xFA, 0xE6,
0xEE, 0x86, 0xFE, 0x00, 0xF9, 0x5D, 0x81, 0x33,
0x75, 0x77, 0x24, 0x34, 0x86, 0x0F, 0x5F, 0xF7,
0xD5, 0x4F, 0xFC, 0x37, 0x39, 0x9B, 0xC4, 0xCC
};
#endif
#ifndef WOLFSSL_NO_KYBER1024
static const byte seed_1024[KYBER_MAKEKEY_RAND_SZ] = {
0x7A, 0xF6, 0x50, 0x22, 0xE0, 0xA4, 0x72, 0xED,
0x63, 0x88, 0x63, 0x8E, 0xA2, 0x9D, 0x82, 0xDA,
0x68, 0xB4, 0xCF, 0x9F, 0xFD, 0xF2, 0xB6, 0x7C,
0xD7, 0x08, 0xEA, 0x5A, 0x37, 0x0C, 0x6A, 0x7C,
0x7A, 0xF6, 0x50, 0x22, 0xE0, 0xA4, 0x72, 0xED,
0x63, 0x88, 0x63, 0x8E, 0xA2, 0x9D, 0x82, 0xDA,
0x68, 0xB4, 0xCF, 0x9F, 0xFD, 0xF2, 0xB6, 0x7C,
0xD7, 0x08, 0xEA, 0x5A, 0x37, 0x0C, 0x6A, 0x7C
};
static const byte ek_1024[KYBER1024_PUBLIC_KEY_SIZE] = {
0x70, 0xE1, 0x3F, 0x30, 0x15, 0x17, 0xB5, 0xA4,
0x0D, 0x70, 0x36, 0x1F, 0x63, 0x09, 0x41, 0x60,
0x67, 0x64, 0x6D, 0x2B, 0x71, 0x36, 0x62, 0x6B,
0xCC, 0xCC, 0x17, 0x0C, 0x66, 0xCE, 0xD4, 0x90,
0xC7, 0x35, 0x34, 0x4B, 0x62, 0x77, 0x09, 0x7C,
0xA9, 0x14, 0x21, 0x2A, 0x29, 0x2D, 0xD1, 0x22,
0xFB, 0xB6, 0x9F, 0xDE, 0xCA, 0x47, 0xFA, 0xB4,
0x53, 0x2B, 0x8C, 0x80, 0xCE, 0xB7, 0x7F, 0x9C,
0x54, 0x3E, 0x0B, 0xF1, 0x53, 0x6D, 0x1C, 0x0C,
0xAE, 0x07, 0x7E, 0x2C, 0xA7, 0x86, 0x2B, 0x45,
0xA4, 0x10, 0x46, 0x9C, 0xC5, 0xB7, 0x06, 0xBA,
0xE0, 0x05, 0x1C, 0xB2, 0x96, 0x1D, 0xB7, 0x27,
0x0B, 0x75, 0xB7, 0x11, 0x69, 0x8D, 0x2B, 0x80,
0x70, 0x40, 0xD5, 0x62, 0x81, 0x29, 0x43, 0x6F,
0xBB, 0x58, 0xF1, 0x20, 0x3F, 0x75, 0x56, 0x14,
0x65, 0xF5, 0x42, 0x57, 0xE4, 0x4D, 0x33, 0xF5,
0x12, 0xD6, 0x33, 0x43, 0x1D, 0x00, 0xA2, 0xFB,
0x02, 0x30, 0xC9, 0xBB, 0x9C, 0xDD, 0xFC, 0x83,
0xBD, 0x65, 0xC9, 0x74, 0x45, 0x30, 0x21, 0x86,
0xA1, 0x72, 0x23, 0xAD, 0x21, 0x33, 0x28, 0x03,
0xB9, 0x09, 0xE5, 0xE5, 0x67, 0x19, 0x70, 0xBB,
0xB0, 0xF1, 0xC4, 0x83, 0x7B, 0xB8, 0x42, 0x73,
0xBA, 0x67, 0x5A, 0xC0, 0x74, 0xC5, 0x29, 0x0B,
0x41, 0x1C, 0x25, 0x00, 0x65, 0x70, 0x59, 0x33,
0x9D, 0xE3, 0x92, 0xF9, 0xCA, 0x30, 0x89, 0x52,
0xA2, 0x20, 0x1A, 0x58, 0x87, 0x67, 0xAD, 0xC0,
0x35, 0xBD, 0xF3, 0x30, 0x24, 0xEA, 0x3B, 0x9A,
0x83, 0xC5, 0xA0, 0xB9, 0xC5, 0x42, 0x5D, 0x14,
0x07, 0x0C, 0x81, 0xAA, 0xDA, 0x26, 0xBA, 0xC3,
0xFB, 0xB8, 0xD4, 0xB7, 0xCF, 0xEE, 0x03, 0x92,
0x37, 0x5C, 0x68, 0x42, 0x73, 0x51, 0xDF, 0xEC,
0x63, 0x60, 0x9B, 0xBB, 0x50, 0xB4, 0x63, 0xE0,
0x40, 0x92, 0x85, 0x70, 0x09, 0xD1, 0xE5, 0xB8,
0x1D, 0x70, 0x7D, 0x14, 0xB8, 0x33, 0xCD, 0x4A,
0x0B, 0x55, 0x1B, 0xAA, 0x13, 0xEC, 0x48, 0x8A,
0x15, 0x03, 0xB0, 0x46, 0x7E, 0xE4, 0x02, 0x3C,
0x3F, 0xE0, 0x32, 0xC7, 0x82, 0x25, 0x06, 0x38,
0x86, 0xE2, 0x46, 0x8E, 0x00, 0xF7, 0x00, 0x07,
0x2A, 0x2E, 0xC8, 0xDA, 0x6A, 0xFB, 0x20, 0x6C,
0x91, 0x90, 0x44, 0x33, 0xBB, 0xCC, 0xB0, 0xE7,
0x6F, 0x42, 0x46, 0x8C, 0x40, 0xEB, 0x5F, 0x59,
0xCB, 0x9A, 0xE1, 0xB0, 0x35, 0xE5, 0x21, 0x51,
0x0B, 0xF2, 0x16, 0xA1, 0xAB, 0xCB, 0x19, 0x03,
0x3B, 0x7A, 0x65, 0x88, 0x97, 0xC6, 0x58, 0x74,
0xD5, 0x13, 0x51, 0x83, 0x14, 0x9F, 0x97, 0x9E,
0x55, 0x3C, 0xCF, 0xBF, 0xA3, 0x90, 0x0C, 0xDA,
0x6F, 0x01, 0x96, 0x0B, 0x75, 0x15, 0x7F, 0x54,
0x53, 0xAA, 0x6E, 0x73, 0xB3, 0xED, 0x90, 0x2F,
0x7D, 0x7C, 0x93, 0x05, 0x97, 0x1B, 0xDF, 0x72,
0x2E, 0x29, 0x37, 0x16, 0x9A, 0x1B, 0xC0, 0xFA,
0xEB, 0x6C, 0x92, 0xF7, 0x15, 0x0D, 0x23, 0x30,
0x87, 0x7C, 0x5D, 0xC5, 0x24, 0x9A, 0xAE, 0x20,
0x30, 0x26, 0x34, 0xC5, 0xC5, 0xB2, 0x30, 0x53,
0x52, 0x10, 0x28, 0x12, 0x25, 0x42, 0xF4, 0x85,
0xA0, 0xEA, 0xC8, 0x69, 0x22, 0x37, 0x20, 0x63,
0x36, 0x51, 0xF5, 0xB2, 0x47, 0xC6, 0x62, 0xB3,
0x1A, 0x10, 0x53, 0x8C, 0xA7, 0x49, 0x1B, 0x14,
0x37, 0xAA, 0x74, 0xF4, 0x28, 0x2D, 0x12, 0x97,
0x4D, 0x9C, 0x93, 0x4D, 0xF2, 0x14, 0x78, 0x5B,
0x64, 0x18, 0x46, 0x8B, 0x92, 0xE5, 0x25, 0x28,
0xC8, 0x44, 0x7A, 0x1C, 0xA4, 0x22, 0xFA, 0x6C,
0xC8, 0x8E, 0x28, 0xB0, 0x59, 0xF0, 0x4B, 0x23,
0x59, 0x73, 0x23, 0xF7, 0x2F, 0x3E, 0x23, 0x36,
0xF8, 0x7C, 0x47, 0x90, 0x5C, 0xBA, 0x65, 0x5B,
0xB7, 0x3F, 0xC3, 0x2E, 0x18, 0xD4, 0xB7, 0x87,
0x05, 0xC7, 0x82, 0xEB, 0xCB, 0x43, 0xE2, 0x78,
0x5C, 0x82, 0xC5, 0xAF, 0x24, 0xB0, 0xE1, 0x69,
0x9C, 0xFB, 0xC0, 0x25, 0x74, 0x75, 0x79, 0x9A,
0x53, 0x9B, 0x11, 0xA5, 0x0F, 0x4D, 0xF2, 0xB7,
0xFA, 0xA2, 0x0B, 0xD8, 0x82, 0x75, 0x15, 0xCA,
0x37, 0x0F, 0x89, 0xC0, 0xD4, 0xC6, 0x09, 0x02,
0xF6, 0x56, 0x7C, 0xD6, 0x0B, 0x08, 0x60, 0xA5,
0x5B, 0xC8, 0x57, 0x2C, 0x43, 0x6C, 0x24, 0x6A,
0xC2, 0x76, 0x64, 0x4E, 0x7D, 0x60, 0x2A, 0xA5,
0x7C, 0x01, 0x66, 0x20, 0x18, 0x14, 0x99, 0x1C,
0x1B, 0xD7, 0x5C, 0x7C, 0x47, 0xC3, 0x48, 0xB6,
0x7D, 0x77, 0x61, 0x33, 0x86, 0x90, 0x81, 0x44,
0xEA, 0x83, 0xFF, 0x72, 0x1F, 0x9A, 0x50, 0x07,
0x6C, 0x51, 0x01, 0x64, 0xD1, 0x8E, 0x05, 0xD0,
0x5D, 0x98, 0x84, 0xC4, 0x41, 0x46, 0xA0, 0x7C,
0xCA, 0xCF, 0x89, 0x04, 0x98, 0xED, 0x1A, 0x19,
0xB2, 0xA1, 0x54, 0x31, 0x72, 0x9D, 0xC1, 0xF1,
0x2B, 0x7E, 0xA1, 0x0F, 0x9F, 0x92, 0x80, 0x62,
0xD1, 0x45, 0x4B, 0x4B, 0x9F, 0x68, 0xE5, 0x99,
0x90, 0x29, 0x0B, 0xE3, 0x72, 0x8B, 0x32, 0x89,
0x56, 0x93, 0x63, 0xAB, 0x10, 0x05, 0x13, 0x1B,
0x23, 0x81, 0xA0, 0x8C, 0xC2, 0xBF, 0x94, 0x3E,
0x95, 0xD5, 0xB2, 0x1B, 0xC6, 0xAA, 0xBC, 0x22,
0x73, 0x34, 0x8B, 0xC7, 0x2B, 0xD0, 0x93, 0xB7,
0xB5, 0x61, 0x7A, 0xE8, 0x7F, 0x60, 0x2B, 0xB9,
0x89, 0xE6, 0xAF, 0xC4, 0x4B, 0x81, 0x51, 0x20,
0x76, 0xA3, 0xA8, 0x76, 0xE0, 0xE2, 0x5F, 0x97,
0x62, 0xB4, 0x62, 0x08, 0x19, 0x85, 0x50, 0x2F,
0x26, 0xB2, 0x87, 0xA2, 0x93, 0x6D, 0x5B, 0x1A,
0xCF, 0xFC, 0xEC, 0x4E, 0xEE, 0x77, 0xA9, 0xCB,
0xA9, 0x80, 0xEB, 0x9B, 0x5F, 0xDE, 0x75, 0x53,
0x9F, 0x65, 0x09, 0x04, 0x67, 0x7D, 0xBE, 0x29,
0xAB, 0x8B, 0xB9, 0x18, 0xA3, 0x49, 0x48, 0x03,
0xEC, 0xA5, 0x9A, 0x2C, 0x32, 0xE5, 0xB5, 0xC8,
0x3B, 0x0B, 0x80, 0xB1, 0x10, 0x2C, 0xD7, 0xD9,
0x48, 0x2B, 0x45, 0x9B, 0x6B, 0x74, 0x49, 0x1E,
0xC3, 0x0C, 0x4B, 0xE7, 0x7C, 0x2B, 0x52, 0x4A,
0xF7, 0xB3, 0xAD, 0x1F, 0x71, 0x34, 0x1D, 0xF0,
0xA7, 0x6F, 0x25, 0x5C, 0x29, 0x03, 0xC8, 0x82,
0x08, 0x07, 0x93, 0x79, 0x93, 0x0A, 0x95, 0x13,
0xF3, 0x90, 0x12, 0x6E, 0x73, 0x2A, 0x2B, 0xB0,
0x94, 0xBF, 0xA6, 0xBF, 0x0A, 0x43, 0x2B, 0xCD,
0x65, 0x7D, 0xAF, 0xCB, 0x25, 0xC8, 0xBB, 0x15,
0xE0, 0x95, 0x5D, 0x09, 0x9B, 0x74, 0xFF, 0x1A,
0x4D, 0xE6, 0x55, 0x9C, 0xD6, 0x79, 0x7C, 0x38,
0xC4, 0x8C, 0x11, 0x34, 0xCA, 0x2C, 0x97, 0x92,
0x43, 0xF3, 0x15, 0x2A, 0xF4, 0xBB, 0xE4, 0xD7,
0xA6, 0xBC, 0x09, 0x87, 0x21, 0x33, 0x92, 0x0C,
0xD2, 0x3B, 0x3E, 0xF9, 0x84, 0x8C, 0xCC, 0x68,
0x45, 0xD6, 0x47, 0xB5, 0x38, 0x75, 0x57, 0x73,
0x65, 0x13, 0xD5, 0x85, 0x60, 0x84, 0x51, 0x92,
0xF9, 0x26, 0x51, 0x59, 0x93, 0x2E, 0x57, 0x2A,
0x88, 0xC4, 0x4E, 0x65, 0x66, 0x76, 0x0C, 0x06,
0x1C, 0x67, 0xFC, 0xB5, 0xBF, 0x21, 0x00, 0x95,
0xE2, 0x14, 0xDA, 0x74, 0x53, 0x57, 0xE3, 0x69,
0x96, 0xD8, 0xC0, 0x66, 0x31, 0x1B, 0xBC, 0x76,
0x1A, 0x1F, 0xD2, 0x52, 0x73, 0xD2, 0x1E, 0xAB,
0x50, 0x01, 0x05, 0x63, 0xCD, 0x64, 0x68, 0xA4,
0xEA, 0x83, 0x6B, 0x6D, 0x64, 0xBD, 0x2B, 0xD7,
0x6D, 0xBE, 0x35, 0x82, 0xD5, 0x73, 0x6A, 0x60,
0x5A, 0x55, 0x09, 0xFC, 0x28, 0x78, 0x9B, 0x56,
0xB8, 0x84, 0xAE, 0x9A, 0x60, 0x41, 0x5F, 0x55,
0x67, 0x4B, 0xE6, 0x01, 0x57, 0x6C, 0x7C, 0xEE,
0x58, 0x14, 0x3B, 0xF0, 0x54, 0x80, 0x6A, 0xBC,
0xB3, 0x45, 0xA2, 0x56, 0xCB, 0xC4, 0x54, 0xE3,
0x43, 0xF3, 0xCC, 0x7A, 0xDE, 0x65, 0x56, 0x2F,
0xD2, 0x9E, 0xB2, 0x59, 0x73, 0x7B, 0xB3, 0xCF,
0x96, 0x49, 0xBD, 0xEA, 0x28, 0x3F, 0xB0, 0x72,
0x65, 0x67, 0x7C, 0x98, 0x08, 0xD1, 0x31, 0x19,
0xC0, 0xA2, 0xAD, 0xF7, 0x45, 0xDE, 0x69, 0x75,
0xF4, 0x56, 0x2C, 0xD6, 0x15, 0x57, 0xB3, 0x96,
0x5D, 0x2B, 0x07, 0x2F, 0x00, 0x0A, 0xA7, 0xE0,
0xA3, 0x57, 0xE1, 0x25, 0x3E, 0xAF, 0xEA, 0x7F,
0xDF, 0xCC, 0x92, 0xFA, 0x87, 0x63, 0x0D, 0xD2,
0x27, 0x6C, 0xE4, 0x2E, 0x82, 0x0B, 0x69, 0xD1,
0xFC, 0x2E, 0x47, 0xD5, 0xC4, 0x98, 0xA5, 0x5B,
0x3B, 0x29, 0xC3, 0x4E, 0x64, 0x90, 0x3D, 0x04,
0x7A, 0xB1, 0xC0, 0x40, 0x24, 0x95, 0x8F, 0x70,
0x11, 0x95, 0xF5, 0xD1, 0x3E, 0xC6, 0x70, 0x6B,
0x84, 0x48, 0x50, 0x3A, 0x54, 0x99, 0x22, 0xA5,
0x8A, 0x24, 0xB6, 0x7C, 0x93, 0x63, 0x27, 0x56,
0xB7, 0x7D, 0x22, 0x54, 0x07, 0x31, 0x61, 0x71,
0xDE, 0xEC, 0x56, 0x71, 0x44, 0x35, 0xCF, 0x94,
0xCC, 0xF4, 0x59, 0x9E, 0x00, 0xD1, 0x0E, 0x56,
0x96, 0x22, 0xBA, 0xDA, 0x82, 0x0C, 0x45, 0x2F,
0x25, 0x42, 0xAD, 0xF0, 0x87, 0x65, 0xCA, 0x93,
0xAE, 0x38, 0xEB, 0x02, 0x5D, 0xE3, 0x1C, 0xFF,
0x79, 0x74, 0x54, 0x9A, 0x78, 0x25, 0xA8, 0x31,
0xDD, 0x05, 0x4E, 0x87, 0xB8, 0x4C, 0x5F, 0x25,
0x47, 0xFF, 0x47, 0xB4, 0x6F, 0x88, 0xC9, 0x9F,
0x15, 0x48, 0xE9, 0x33, 0xA6, 0xF4, 0xD8, 0x7F,
0x1A, 0x4A, 0x1B, 0x00, 0xE3, 0x9E, 0x02, 0xD6,
0x0E, 0x51, 0xEB, 0x60, 0x3C, 0x1C, 0x0D, 0x80,
0x7A, 0xCD, 0xAB, 0x08, 0xBA, 0xA2, 0xB9, 0x98,
0x69, 0xB7, 0x5C, 0xA2, 0xC4, 0xB9, 0x63, 0x68,
0xB5, 0x17, 0x80, 0xBD, 0x1E, 0xC7, 0x5B, 0x11,
0x0B, 0x9F, 0xA6, 0x65, 0x56, 0x87, 0x6C, 0x5F,
0x48, 0x79, 0x7D, 0x09, 0x01, 0x38, 0xF7, 0x54,
0xAE, 0x30, 0x53, 0x3D, 0x36, 0xAA, 0x44, 0xB9,
0xB1, 0x70, 0x2A, 0x6A, 0x8A, 0x56, 0x62, 0x6B,
0xF0, 0x45, 0x1A, 0x37, 0xA7, 0xAC, 0x1A, 0x33,
0x70, 0x76, 0xE5, 0x1E, 0x0A, 0x6B, 0x03, 0x00,
0xC2, 0xC7, 0x90, 0xA4, 0x43, 0x7E, 0xA2, 0x8D,
0x7E, 0xC9, 0x8C, 0x41, 0x9B, 0x37, 0xD6, 0xAA,
0x97, 0x04, 0x17, 0x43, 0x5F, 0x91, 0xBE, 0xDC,
0x2B, 0x1F, 0x4B, 0xC8, 0x15, 0x8A, 0x51, 0xB1,
0xF4, 0x71, 0x51, 0x6F, 0xE8, 0x24, 0x28, 0x7C,
0x89, 0x6B, 0x89, 0x1B, 0x49, 0xF2, 0x54, 0xDD,
0x36, 0x35, 0x9B, 0x89, 0xC8, 0x24, 0xEB, 0x3F,
0x62, 0x48, 0x02, 0x7F, 0xBB, 0xAD, 0x4C, 0xF2,
0x91, 0x18, 0xCB, 0x50, 0xEB, 0xB6, 0x25, 0xA3,
0x7C, 0x53, 0x7A, 0x02, 0x23, 0xF0, 0xEB, 0x70,
0x85, 0xB5, 0xC7, 0xEC, 0x60, 0x75, 0x70, 0xDB,
0x91, 0x85, 0xD5, 0x99, 0x02, 0xBC, 0x26, 0xC6,
0x54, 0xA2, 0x80, 0x4C, 0x0D, 0x94, 0x67, 0x93,
0xD8, 0xA2, 0x14, 0x82, 0xAC, 0x4F, 0x05, 0xE9,
0x01, 0x62, 0x60, 0x33, 0x1D, 0xCC, 0x58, 0xBC,
0x66, 0xAF, 0x3C, 0xA7, 0x58, 0x54, 0x40, 0x21,
0x6A, 0xA0, 0x26, 0x3B, 0x2A, 0x72, 0x5E, 0x08,
0x0F, 0x6F, 0x9C, 0x5B, 0x6A, 0x9C, 0x9D, 0xA2,
0x93, 0x55, 0x18, 0x9B, 0x4B, 0x95, 0xB1, 0x37,
0xD1, 0x22, 0x5F, 0x25, 0x2A, 0xC7, 0x97, 0xB0,
0x64, 0x6C, 0xAC, 0x52, 0x16, 0x4B, 0x59, 0x72,
0xA9, 0x92, 0x65, 0xD3, 0x47, 0xFC, 0x7C, 0x35,
0x91, 0xD1, 0x5F, 0xFE, 0x68, 0x1C, 0x06, 0xD4,
0x38, 0xCC, 0xEB, 0x60, 0xBB, 0x63, 0x10, 0xB7,
0x95, 0x32, 0x89, 0x72, 0x0E, 0x2C, 0x72, 0x87,
0x30, 0x05, 0x23, 0x37, 0xAC, 0xA7, 0xC8, 0x52,
0x1A, 0xB4, 0x4F, 0x1E, 0x2A, 0x04, 0x9B, 0x83,
0xE0, 0x77, 0x4C, 0x96, 0xCD, 0x8C, 0x87, 0x6F,
0xA6, 0x75, 0xD0, 0x92, 0x39, 0x77, 0x27, 0x1B
};
static const byte dk_1024[KYBER1024_PRIVATE_KEY_SIZE] = {
0x8A, 0xD0, 0xB5, 0xF0, 0x9A, 0x25, 0xAA, 0x93,
0x5D, 0xD9, 0xDA, 0x34, 0xAB, 0x82, 0xCA, 0x75,
0xA1, 0x2D, 0x66, 0xE9, 0x9C, 0xF4, 0x8B, 0xCA,
0x45, 0xB9, 0xB2, 0xDB, 0x44, 0x1B, 0xC2, 0x97,
0x1B, 0xDC, 0x99, 0x22, 0xB5, 0xF8, 0xBC, 0x3C,
0x06, 0x78, 0x54, 0x67, 0x59, 0x07, 0x3C, 0xB8,
0x8E, 0x26, 0xBA, 0xD1, 0xB1, 0xB3, 0xA4, 0x64,
0x6A, 0x65, 0x29, 0xC6, 0x32, 0xEA, 0xA3, 0x47,
0x73, 0x4A, 0x3B, 0xE5, 0x83, 0xD4, 0x71, 0x78,
0x09, 0x4C, 0x4A, 0x67, 0x0C, 0xBC, 0x41, 0xEC,
0x06, 0x89, 0x76, 0x56, 0x68, 0x54, 0x2E, 0x6F,
0x15, 0xA7, 0xD5, 0x86, 0xC9, 0xE2, 0x6A, 0x6A,
0x03, 0xC7, 0x14, 0x69, 0xC2, 0xC5, 0x3F, 0x7B,
0x14, 0x1B, 0x23, 0x2D, 0x86, 0x21, 0x6A, 0x25,
0xC7, 0xA8, 0xF3, 0x68, 0x52, 0x85, 0x8C, 0x07,
0xA9, 0x52, 0x4E, 0xE1, 0x7B, 0xA6, 0x34, 0x0A,
0xA2, 0xA2, 0x15, 0xC1, 0xEA, 0x85, 0x21, 0x67,
0xB6, 0x89, 0x1C, 0xC1, 0x66, 0xC2, 0xFA, 0x13,
0xA0, 0x27, 0x0A, 0x22, 0x98, 0x34, 0x13, 0xE0,
0xAC, 0xC4, 0x44, 0xBF, 0x40, 0xE2, 0x8C, 0x45,
0xE1, 0x4E, 0x07, 0x40, 0x4F, 0x62, 0x99, 0x63,
0x69, 0x59, 0x7F, 0x10, 0xFC, 0xC1, 0x80, 0xEC,
0xAC, 0xAD, 0x1A, 0x67, 0x19, 0xAB, 0x9F, 0x1B,
0x44, 0x7A, 0xE1, 0x9A, 0x2C, 0xB0, 0x2A, 0x7D,
0x04, 0x20, 0x61, 0x72, 0x16, 0x8C, 0x4F, 0x0A,
0x99, 0xBA, 0xFA, 0x93, 0x2D, 0x66, 0x49, 0xE8,
0x94, 0xA8, 0xF0, 0x57, 0x7B, 0x81, 0xC6, 0x64,
0x83, 0xC5, 0xB5, 0xCF, 0x60, 0xAE, 0x75, 0xA4,
0x44, 0x52, 0x6A, 0x9B, 0x36, 0x74, 0x32, 0x5F,
0xBA, 0x38, 0xF5, 0x32, 0x96, 0x42, 0x1A, 0x78,
0x50, 0x11, 0xC1, 0xDD, 0xB3, 0xA6, 0x99, 0x77,
0x45, 0xDB, 0x83, 0xCD, 0x58, 0x3C, 0x0C, 0x41,
0x77, 0xC7, 0x97, 0xD4, 0x0A, 0x4F, 0x69, 0x9F,
0x1F, 0x40, 0xC5, 0x41, 0x3A, 0xC4, 0xE4, 0x23,
0x73, 0x49, 0x2B, 0x6A, 0x2C, 0x6A, 0x40, 0x6D,
0x43, 0x7F, 0x42, 0x57, 0x0B, 0x5E, 0x94, 0x9E,
0xF4, 0x35, 0x0D, 0xEA, 0x79, 0x0C, 0xFE, 0xB7,
0x2D, 0x12, 0x87, 0x51, 0x7F, 0xE3, 0x27, 0x3D,
0x3C, 0xA6, 0x5A, 0x13, 0xCA, 0x6E, 0x23, 0xC5,
0x7B, 0xF0, 0x7D, 0xA0, 0x4B, 0x85, 0x1C, 0xF3,
0xAF, 0xA1, 0x8B, 0xAF, 0x5E, 0xF0, 0x20, 0x79,
0x28, 0x57, 0xA9, 0xE7, 0x21, 0xF0, 0x1B, 0x9F,
0xEA, 0x7B, 0x61, 0x2E, 0x4C, 0x6E, 0x29, 0x07,
0x93, 0x66, 0xB0, 0x22, 0x86, 0x88, 0xBE, 0x2A,
0x06, 0x7F, 0xBE, 0x92, 0x84, 0x2D, 0xD2, 0x80,
0xB3, 0xC7, 0x4D, 0xFA, 0xB7, 0x61, 0xE6, 0x13,
0xA8, 0x60, 0x4C, 0x47, 0x6E, 0x15, 0x46, 0x66,
0x85, 0xC6, 0x95, 0xAC, 0x35, 0x79, 0x1A, 0x91,
0x59, 0x94, 0x2F, 0x60, 0x17, 0x0C, 0xA2, 0x14,
0xC7, 0xC0, 0x9B, 0x1A, 0x4B, 0x1B, 0xCC, 0x4F,
0x4C, 0xC6, 0x0D, 0xF0, 0x1A, 0x10, 0x19, 0x15,
0xA9, 0xA2, 0xBC, 0x55, 0x31, 0x19, 0x66, 0x50,
0x32, 0xDC, 0xD9, 0x47, 0x6F, 0xBA, 0x7B, 0xB0,
0x71, 0x57, 0xD3, 0x3C, 0x9C, 0x8E, 0xFA, 0x6B,
0xD0, 0xAC, 0x38, 0xC1, 0xAC, 0x26, 0x5F, 0xB5,
0x18, 0x57, 0xD0, 0x15, 0x17, 0x61, 0x53, 0x26,
0xCA, 0x0E, 0x08, 0x65, 0x0B, 0xA6, 0xFA, 0x40,
0x83, 0x2C, 0x7B, 0x4C, 0x41, 0xB6, 0x44, 0x71,
0x60, 0x22, 0xB6, 0x52, 0xB1, 0x92, 0x7D, 0x55,
0xC9, 0xB3, 0x7F, 0xE2, 0x5F, 0x1A, 0xB6, 0x7A,
0x9A, 0x03, 0xC7, 0x00, 0x8C, 0x84, 0xB0, 0x7C,
0x49, 0x26, 0xB6, 0x38, 0x1E, 0x40, 0xCF, 0xD4,
0x41, 0x04, 0x12, 0x35, 0x18, 0x74, 0x16, 0xCE,
0xC3, 0x66, 0xCA, 0x6F, 0xB7, 0x6F, 0xA0, 0xAB,
0x6E, 0x32, 0x8A, 0x26, 0x41, 0xFC, 0x47, 0xDC,
0xD7, 0x6E, 0x91, 0xCA, 0x94, 0x31, 0xE1, 0x9B,
0xFF, 0x02, 0xCE, 0x62, 0x28, 0xC2, 0x33, 0x63,
0x82, 0xF8, 0xA1, 0x0E, 0x9E, 0xE2, 0xC8, 0xF1,
0x75, 0x93, 0x90, 0xA2, 0x00, 0x24, 0xA1, 0x5B,
0x3B, 0x09, 0x0C, 0x13, 0x90, 0xCA, 0x03, 0x43,
0x79, 0x72, 0x84, 0x24, 0x6B, 0xD8, 0x94, 0x35,
0x07, 0xB7, 0xA6, 0xB7, 0x1F, 0xC3, 0x3A, 0x03,
0xB7, 0xA8, 0x83, 0x66, 0xE4, 0xAF, 0xED, 0x51,
0x57, 0x39, 0xE5, 0xC6, 0x9F, 0x8A, 0x26, 0x6E,
0x4A, 0x1F, 0x53, 0xD7, 0x39, 0x30, 0xE9, 0x87,
0x55, 0x69, 0x31, 0x2B, 0x27, 0x03, 0x7E, 0x5C,
0x7F, 0x85, 0x21, 0x00, 0xC2, 0xBA, 0x36, 0x48,
0xB1, 0xB9, 0xC1, 0xB1, 0x49, 0xF6, 0x25, 0x0E,
0x0A, 0x6B, 0x06, 0x52, 0x13, 0x13, 0x4F, 0x30,
0x25, 0x69, 0x75, 0x5B, 0x8C, 0x5C, 0x4F, 0xFC,
0x68, 0x0B, 0xF7, 0x81, 0x18, 0x45, 0x34, 0x00,
0x35, 0xF1, 0x70, 0xB0, 0x68, 0xBA, 0x67, 0xA4,
0xC3, 0xB0, 0x16, 0x6D, 0x03, 0xCC, 0x82, 0x61,
0x84, 0x01, 0x90, 0xA2, 0x0F, 0x9A, 0x3B, 0x1E,
0xF4, 0x65, 0xC2, 0xF2, 0x18, 0x2D, 0xA8, 0xDA,
0x8D, 0x3B, 0x3C, 0x8C, 0xB1, 0x29, 0x15, 0xF7,
0xD9, 0x3E, 0x04, 0xD8, 0x84, 0x0C, 0x35, 0x67,
0x25, 0x5A, 0x7B, 0xD6, 0xD4, 0x33, 0xCF, 0x10,
0x68, 0xD8, 0x84, 0x52, 0xCF, 0xC1, 0x1F, 0x99,
0x1B, 0x7C, 0xE3, 0x79, 0x27, 0xD6, 0xCA, 0xAE,
0x88, 0x10, 0x74, 0x2F, 0x42, 0x14, 0x8B, 0x89,
0x6E, 0xC4, 0xEB, 0xB5, 0x34, 0x03, 0x86, 0x31,
0x5B, 0x2C, 0x1E, 0x2B, 0x43, 0x91, 0x5C, 0x04,
0x54, 0x9C, 0xC8, 0xC1, 0x9A, 0xB4, 0x0E, 0x3B,
0x7C, 0x31, 0x1B, 0x42, 0x61, 0x10, 0xA9, 0xBB,
0xB1, 0x8D, 0x3B, 0x99, 0x2A, 0x42, 0xC0, 0x18,
0x92, 0x90, 0xBE, 0x67, 0x3A, 0x39, 0x7C, 0x40,
0x90, 0x44, 0x3B, 0x88, 0xC5, 0xD5, 0xC5, 0x65,
0xA1, 0x0F, 0xEA, 0x05, 0x60, 0x3D, 0x36, 0x24,
0x4A, 0x4A, 0xA8, 0xE9, 0x25, 0x5C, 0xF1, 0x84,
0xAE, 0x69, 0x53, 0x5A, 0x83, 0x99, 0xC1, 0xC6,
0xF7, 0x6C, 0xF2, 0x34, 0x2A, 0xDF, 0xEA, 0x6A,
0x44, 0x7B, 0xB4, 0x50, 0x1B, 0x9A, 0x6C, 0x44,
0x59, 0x3E, 0xB0, 0x43, 0xE7, 0xA5, 0x50, 0x2F,
0x58, 0x6C, 0xF3, 0x40, 0x7D, 0xEB, 0x7A, 0x0F,
0xC3, 0x2B, 0x3F, 0x46, 0xF1, 0x24, 0x5C, 0x55,
0x96, 0xE0, 0xF1, 0xBE, 0xD9, 0x37, 0x20, 0x7C,
0x45, 0x09, 0xE1, 0xD8, 0x98, 0x5B, 0xE7, 0x45,
0xFD, 0x69, 0xBF, 0x44, 0x80, 0x92, 0x43, 0x30,
0x28, 0xBE, 0x25, 0x95, 0x90, 0x33, 0x11, 0x47,
0x95, 0x86, 0xA3, 0x4B, 0x2D, 0x49, 0x10, 0x74,
0x10, 0xBC, 0x4B, 0xD2, 0x96, 0x53, 0x17, 0xFC,
0x76, 0x35, 0x2B, 0x63, 0x8D, 0xF3, 0xB3, 0xA3,
0x15, 0x32, 0x50, 0x26, 0x80, 0x9E, 0x3B, 0xC4,
0x60, 0x8C, 0x0B, 0x2C, 0xB8, 0x4D, 0xF0, 0xC9,
0x5B, 0xC0, 0x52, 0x70, 0x7F, 0xC1, 0xA3, 0x77,
0xB2, 0xB4, 0x65, 0xEB, 0x7A, 0x5D, 0x64, 0x4A,
0xB4, 0x27, 0x8D, 0xDC, 0xE5, 0xB6, 0x1E, 0x2B,
0xB3, 0xA7, 0x10, 0x52, 0x55, 0x5C, 0xB3, 0xBA,
0xC6, 0x93, 0xEF, 0x02, 0x5F, 0xF0, 0x03, 0x53,
0xFB, 0x76, 0x94, 0x5B, 0x8A, 0xA3, 0xE9, 0x95,
0x0F, 0x92, 0x73, 0x81, 0x87, 0x91, 0xCC, 0xAD,
0x56, 0x88, 0x46, 0x58, 0x14, 0x2A, 0x2B, 0x4D,
0xF3, 0xC5, 0x7E, 0xCA, 0x13, 0xAD, 0x44, 0xB4,
0x9B, 0x63, 0x46, 0xC6, 0x3E, 0xE8, 0x90, 0x78,
0x58, 0x9E, 0x9E, 0xB9, 0xA9, 0x80, 0x4A, 0x03,
0xBF, 0x7A, 0x27, 0x6F, 0x86, 0xB9, 0x67, 0x6C,
0x58, 0xD3, 0xE7, 0x1D, 0x2C, 0x87, 0x70, 0x80,
0x4A, 0x61, 0x59, 0x21, 0x78, 0xB4, 0x49, 0xC7,
0x95, 0x5B, 0xBE, 0x8C, 0xF4, 0x2F, 0x31, 0x67,
0x25, 0xE3, 0xB1, 0x6D, 0x55, 0xB5, 0x27, 0xCF,
0xB2, 0x32, 0x68, 0x1B, 0x21, 0xB2, 0xCB, 0x2F,
0x30, 0xAC, 0x76, 0x01, 0x5B, 0xB5, 0x41, 0x6A,
0x04, 0x11, 0xC1, 0x74, 0x58, 0x92, 0x41, 0x2E,
0x68, 0x3A, 0x98, 0xD7, 0x36, 0xED, 0x1A, 0x4C,
0xD9, 0x80, 0x61, 0x7D, 0x08, 0x21, 0xC2, 0xAB,
0x02, 0x82, 0x07, 0x0A, 0x61, 0x1A, 0x11, 0xD1,
0x97, 0x01, 0xFB, 0xD5, 0x5A, 0x21, 0x27, 0xB3,
0x24, 0xE6, 0x90, 0x1D, 0x84, 0x98, 0x6C, 0x04,
0x64, 0xDE, 0x71, 0x20, 0xAF, 0x45, 0x10, 0xAF,
0x59, 0x1D, 0xD9, 0xBB, 0x79, 0x47, 0x9C, 0x5F,
0xA8, 0x87, 0x14, 0xC6, 0xA9, 0x97, 0x14, 0xF7,
0x6A, 0x1E, 0x40, 0x2C, 0x8F, 0x38, 0x4A, 0x4E,
0xE6, 0xBC, 0xD4, 0x15, 0x00, 0x72, 0x4C, 0xC1,
0x79, 0x3A, 0xBF, 0xD8, 0xD3, 0xC2, 0xF3, 0x20,
0x39, 0x71, 0x34, 0xB0, 0x0F, 0x76, 0x2D, 0xBA,
0x85, 0xA2, 0x3A, 0xF1, 0x55, 0xE6, 0xCC, 0x03,
0x73, 0x80, 0xC1, 0xDD, 0x64, 0xA9, 0x73, 0xDB,
0x35, 0xB7, 0x44, 0x70, 0x44, 0x8B, 0x24, 0x21,
0x20, 0x62, 0x76, 0x47, 0x87, 0xE5, 0xA9, 0x3A,
0x48, 0x80, 0x71, 0x71, 0xA7, 0x71, 0x5C, 0xFC,
0x89, 0xBC, 0xBC, 0x9E, 0x14, 0x18, 0x86, 0xF8,
0x07, 0xA1, 0xF9, 0xD6, 0x84, 0xC8, 0x42, 0x6F,
0x01, 0x22, 0x88, 0x7D, 0x9C, 0x4C, 0x27, 0xEA,
0x69, 0xCC, 0x15, 0x1B, 0x4D, 0x49, 0xB5, 0x1E,
0x5A, 0x4E, 0xAA, 0xA5, 0xAD, 0x06, 0xAB, 0xA8,
0x6D, 0xF9, 0x42, 0xE9, 0x86, 0xA5, 0xD5, 0x79,
0x20, 0x80, 0xFC, 0x48, 0x03, 0x96, 0xB3, 0x94,
0x86, 0x68, 0xFB, 0x38, 0x2C, 0xC8, 0xFC, 0x15,
0x47, 0x48, 0xCB, 0x30, 0xB7, 0x64, 0x1F, 0x02,
0x70, 0xC8, 0x34, 0x38, 0xB4, 0xFC, 0x3D, 0x19,
0x01, 0x26, 0x58, 0x80, 0x40, 0x51, 0x77, 0xBC,
0x7F, 0x44, 0x78, 0x82, 0x51, 0xAB, 0xC4, 0x74,
0x27, 0x35, 0x31, 0x21, 0x2A, 0x66, 0x27, 0x9E,
0x70, 0x33, 0x7A, 0x23, 0x09, 0xFD, 0xF4, 0x9E,
0x05, 0x9B, 0xBD, 0xAF, 0x49, 0x73, 0xA5, 0x37,
0x7A, 0x4D, 0x51, 0x7B, 0xA7, 0x55, 0x70, 0x2C,
0x37, 0xCC, 0x35, 0x56, 0x85, 0x40, 0x4C, 0x95,
0x2F, 0xB6, 0x7E, 0x04, 0x19, 0xC7, 0x8D, 0x15,
0x84, 0xD0, 0x94, 0x92, 0x54, 0xD0, 0x49, 0x52,
0xF7, 0x24, 0x3B, 0xF1, 0x40, 0x28, 0x03, 0xC9,
0xFC, 0x73, 0x73, 0x25, 0x88, 0x13, 0x78, 0xCA,
0x77, 0xEE, 0xF5, 0xC4, 0x15, 0xFB, 0x03, 0x7D,
0x68, 0x9A, 0x58, 0x54, 0xA1, 0xD2, 0x4B, 0x65,
0x27, 0xA5, 0x9B, 0x9B, 0x16, 0x95, 0x93, 0x84,
0x35, 0x8C, 0x42, 0x3C, 0x79, 0x64, 0x5C, 0xCF,
0x31, 0x33, 0xE2, 0x1B, 0x4B, 0x64, 0x95, 0x7B,
0x14, 0xF6, 0x3F, 0x2A, 0xA2, 0x63, 0x57, 0xB1,
0xC2, 0x62, 0xF2, 0xA9, 0x0F, 0x7C, 0xCC, 0x2A,
0x15, 0x93, 0x69, 0x99, 0xB0, 0xA1, 0xB4, 0x98,
0xAB, 0x3B, 0x32, 0x43, 0x30, 0x32, 0xC9, 0xCA,
0x23, 0x08, 0x1C, 0x55, 0xD3, 0x1C, 0xAD, 0x36,
0xE9, 0x0C, 0x1C, 0xE0, 0xB5, 0xFC, 0x24, 0x7C,
0xE8, 0xC8, 0x43, 0xF2, 0x88, 0x35, 0x24, 0xB6,
0x64, 0xFA, 0xC1, 0xB2, 0x0B, 0xE6, 0x02, 0xA1,
0x0A, 0xAF, 0x65, 0x73, 0x86, 0x80, 0xBB, 0x10,
0x25, 0x44, 0x26, 0xF9, 0xCB, 0x09, 0xA1, 0x95,
0x4D, 0xB7, 0x65, 0x56, 0x22, 0x30, 0x8F, 0xAE,
0xF5, 0x05, 0xAC, 0xB4, 0x97, 0x55, 0x4A, 0x8F,
0xCF, 0xA9, 0x6A, 0x85, 0x25, 0x5A, 0xD8, 0x46,
0x54, 0x20, 0x13, 0xB8, 0x41, 0x59, 0x51, 0xBD,
0xD4, 0x5C, 0x01, 0x93, 0x1E, 0xBE, 0x58, 0x3E,
0x70, 0xE1, 0x3F, 0x30, 0x15, 0x17, 0xB5, 0xA4,
0x0D, 0x70, 0x36, 0x1F, 0x63, 0x09, 0x41, 0x60,
0x67, 0x64, 0x6D, 0x2B, 0x71, 0x36, 0x62, 0x6B,
0xCC, 0xCC, 0x17, 0x0C, 0x66, 0xCE, 0xD4, 0x90,
0xC7, 0x35, 0x34, 0x4B, 0x62, 0x77, 0x09, 0x7C,
0xA9, 0x14, 0x21, 0x2A, 0x29, 0x2D, 0xD1, 0x22,
0xFB, 0xB6, 0x9F, 0xDE, 0xCA, 0x47, 0xFA, 0xB4,
0x53, 0x2B, 0x8C, 0x80, 0xCE, 0xB7, 0x7F, 0x9C,
0x54, 0x3E, 0x0B, 0xF1, 0x53, 0x6D, 0x1C, 0x0C,
0xAE, 0x07, 0x7E, 0x2C, 0xA7, 0x86, 0x2B, 0x45,
0xA4, 0x10, 0x46, 0x9C, 0xC5, 0xB7, 0x06, 0xBA,
0xE0, 0x05, 0x1C, 0xB2, 0x96, 0x1D, 0xB7, 0x27,
0x0B, 0x75, 0xB7, 0x11, 0x69, 0x8D, 0x2B, 0x80,
0x70, 0x40, 0xD5, 0x62, 0x81, 0x29, 0x43, 0x6F,
0xBB, 0x58, 0xF1, 0x20, 0x3F, 0x75, 0x56, 0x14,
0x65, 0xF5, 0x42, 0x57, 0xE4, 0x4D, 0x33, 0xF5,
0x12, 0xD6, 0x33, 0x43, 0x1D, 0x00, 0xA2, 0xFB,
0x02, 0x30, 0xC9, 0xBB, 0x9C, 0xDD, 0xFC, 0x83,
0xBD, 0x65, 0xC9, 0x74, 0x45, 0x30, 0x21, 0x86,
0xA1, 0x72, 0x23, 0xAD, 0x21, 0x33, 0x28, 0x03,
0xB9, 0x09, 0xE5, 0xE5, 0x67, 0x19, 0x70, 0xBB,
0xB0, 0xF1, 0xC4, 0x83, 0x7B, 0xB8, 0x42, 0x73,
0xBA, 0x67, 0x5A, 0xC0, 0x74, 0xC5, 0x29, 0x0B,
0x41, 0x1C, 0x25, 0x00, 0x65, 0x70, 0x59, 0x33,
0x9D, 0xE3, 0x92, 0xF9, 0xCA, 0x30, 0x89, 0x52,
0xA2, 0x20, 0x1A, 0x58, 0x87, 0x67, 0xAD, 0xC0,
0x35, 0xBD, 0xF3, 0x30, 0x24, 0xEA, 0x3B, 0x9A,
0x83, 0xC5, 0xA0, 0xB9, 0xC5, 0x42, 0x5D, 0x14,
0x07, 0x0C, 0x81, 0xAA, 0xDA, 0x26, 0xBA, 0xC3,
0xFB, 0xB8, 0xD4, 0xB7, 0xCF, 0xEE, 0x03, 0x92,
0x37, 0x5C, 0x68, 0x42, 0x73, 0x51, 0xDF, 0xEC,
0x63, 0x60, 0x9B, 0xBB, 0x50, 0xB4, 0x63, 0xE0,
0x40, 0x92, 0x85, 0x70, 0x09, 0xD1, 0xE5, 0xB8,
0x1D, 0x70, 0x7D, 0x14, 0xB8, 0x33, 0xCD, 0x4A,
0x0B, 0x55, 0x1B, 0xAA, 0x13, 0xEC, 0x48, 0x8A,
0x15, 0x03, 0xB0, 0x46, 0x7E, 0xE4, 0x02, 0x3C,
0x3F, 0xE0, 0x32, 0xC7, 0x82, 0x25, 0x06, 0x38,
0x86, 0xE2, 0x46, 0x8E, 0x00, 0xF7, 0x00, 0x07,
0x2A, 0x2E, 0xC8, 0xDA, 0x6A, 0xFB, 0x20, 0x6C,
0x91, 0x90, 0x44, 0x33, 0xBB, 0xCC, 0xB0, 0xE7,
0x6F, 0x42, 0x46, 0x8C, 0x40, 0xEB, 0x5F, 0x59,
0xCB, 0x9A, 0xE1, 0xB0, 0x35, 0xE5, 0x21, 0x51,
0x0B, 0xF2, 0x16, 0xA1, 0xAB, 0xCB, 0x19, 0x03,
0x3B, 0x7A, 0x65, 0x88, 0x97, 0xC6, 0x58, 0x74,
0xD5, 0x13, 0x51, 0x83, 0x14, 0x9F, 0x97, 0x9E,
0x55, 0x3C, 0xCF, 0xBF, 0xA3, 0x90, 0x0C, 0xDA,
0x6F, 0x01, 0x96, 0x0B, 0x75, 0x15, 0x7F, 0x54,
0x53, 0xAA, 0x6E, 0x73, 0xB3, 0xED, 0x90, 0x2F,
0x7D, 0x7C, 0x93, 0x05, 0x97, 0x1B, 0xDF, 0x72,
0x2E, 0x29, 0x37, 0x16, 0x9A, 0x1B, 0xC0, 0xFA,
0xEB, 0x6C, 0x92, 0xF7, 0x15, 0x0D, 0x23, 0x30,
0x87, 0x7C, 0x5D, 0xC5, 0x24, 0x9A, 0xAE, 0x20,
0x30, 0x26, 0x34, 0xC5, 0xC5, 0xB2, 0x30, 0x53,
0x52, 0x10, 0x28, 0x12, 0x25, 0x42, 0xF4, 0x85,
0xA0, 0xEA, 0xC8, 0x69, 0x22, 0x37, 0x20, 0x63,
0x36, 0x51, 0xF5, 0xB2, 0x47, 0xC6, 0x62, 0xB3,
0x1A, 0x10, 0x53, 0x8C, 0xA7, 0x49, 0x1B, 0x14,
0x37, 0xAA, 0x74, 0xF4, 0x28, 0x2D, 0x12, 0x97,
0x4D, 0x9C, 0x93, 0x4D, 0xF2, 0x14, 0x78, 0x5B,
0x64, 0x18, 0x46, 0x8B, 0x92, 0xE5, 0x25, 0x28,
0xC8, 0x44, 0x7A, 0x1C, 0xA4, 0x22, 0xFA, 0x6C,
0xC8, 0x8E, 0x28, 0xB0, 0x59, 0xF0, 0x4B, 0x23,
0x59, 0x73, 0x23, 0xF7, 0x2F, 0x3E, 0x23, 0x36,
0xF8, 0x7C, 0x47, 0x90, 0x5C, 0xBA, 0x65, 0x5B,
0xB7, 0x3F, 0xC3, 0x2E, 0x18, 0xD4, 0xB7, 0x87,
0x05, 0xC7, 0x82, 0xEB, 0xCB, 0x43, 0xE2, 0x78,
0x5C, 0x82, 0xC5, 0xAF, 0x24, 0xB0, 0xE1, 0x69,
0x9C, 0xFB, 0xC0, 0x25, 0x74, 0x75, 0x79, 0x9A,
0x53, 0x9B, 0x11, 0xA5, 0x0F, 0x4D, 0xF2, 0xB7,
0xFA, 0xA2, 0x0B, 0xD8, 0x82, 0x75, 0x15, 0xCA,
0x37, 0x0F, 0x89, 0xC0, 0xD4, 0xC6, 0x09, 0x02,
0xF6, 0x56, 0x7C, 0xD6, 0x0B, 0x08, 0x60, 0xA5,
0x5B, 0xC8, 0x57, 0x2C, 0x43, 0x6C, 0x24, 0x6A,
0xC2, 0x76, 0x64, 0x4E, 0x7D, 0x60, 0x2A, 0xA5,
0x7C, 0x01, 0x66, 0x20, 0x18, 0x14, 0x99, 0x1C,
0x1B, 0xD7, 0x5C, 0x7C, 0x47, 0xC3, 0x48, 0xB6,
0x7D, 0x77, 0x61, 0x33, 0x86, 0x90, 0x81, 0x44,
0xEA, 0x83, 0xFF, 0x72, 0x1F, 0x9A, 0x50, 0x07,
0x6C, 0x51, 0x01, 0x64, 0xD1, 0x8E, 0x05, 0xD0,
0x5D, 0x98, 0x84, 0xC4, 0x41, 0x46, 0xA0, 0x7C,
0xCA, 0xCF, 0x89, 0x04, 0x98, 0xED, 0x1A, 0x19,
0xB2, 0xA1, 0x54, 0x31, 0x72, 0x9D, 0xC1, 0xF1,
0x2B, 0x7E, 0xA1, 0x0F, 0x9F, 0x92, 0x80, 0x62,
0xD1, 0x45, 0x4B, 0x4B, 0x9F, 0x68, 0xE5, 0x99,
0x90, 0x29, 0x0B, 0xE3, 0x72, 0x8B, 0x32, 0x89,
0x56, 0x93, 0x63, 0xAB, 0x10, 0x05, 0x13, 0x1B,
0x23, 0x81, 0xA0, 0x8C, 0xC2, 0xBF, 0x94, 0x3E,
0x95, 0xD5, 0xB2, 0x1B, 0xC6, 0xAA, 0xBC, 0x22,
0x73, 0x34, 0x8B, 0xC7, 0x2B, 0xD0, 0x93, 0xB7,
0xB5, 0x61, 0x7A, 0xE8, 0x7F, 0x60, 0x2B, 0xB9,
0x89, 0xE6, 0xAF, 0xC4, 0x4B, 0x81, 0x51, 0x20,
0x76, 0xA3, 0xA8, 0x76, 0xE0, 0xE2, 0x5F, 0x97,
0x62, 0xB4, 0x62, 0x08, 0x19, 0x85, 0x50, 0x2F,
0x26, 0xB2, 0x87, 0xA2, 0x93, 0x6D, 0x5B, 0x1A,
0xCF, 0xFC, 0xEC, 0x4E, 0xEE, 0x77, 0xA9, 0xCB,
0xA9, 0x80, 0xEB, 0x9B, 0x5F, 0xDE, 0x75, 0x53,
0x9F, 0x65, 0x09, 0x04, 0x67, 0x7D, 0xBE, 0x29,
0xAB, 0x8B, 0xB9, 0x18, 0xA3, 0x49, 0x48, 0x03,
0xEC, 0xA5, 0x9A, 0x2C, 0x32, 0xE5, 0xB5, 0xC8,
0x3B, 0x0B, 0x80, 0xB1, 0x10, 0x2C, 0xD7, 0xD9,
0x48, 0x2B, 0x45, 0x9B, 0x6B, 0x74, 0x49, 0x1E,
0xC3, 0x0C, 0x4B, 0xE7, 0x7C, 0x2B, 0x52, 0x4A,
0xF7, 0xB3, 0xAD, 0x1F, 0x71, 0x34, 0x1D, 0xF0,
0xA7, 0x6F, 0x25, 0x5C, 0x29, 0x03, 0xC8, 0x82,
0x08, 0x07, 0x93, 0x79, 0x93, 0x0A, 0x95, 0x13,
0xF3, 0x90, 0x12, 0x6E, 0x73, 0x2A, 0x2B, 0xB0,
0x94, 0xBF, 0xA6, 0xBF, 0x0A, 0x43, 0x2B, 0xCD,
0x65, 0x7D, 0xAF, 0xCB, 0x25, 0xC8, 0xBB, 0x15,
0xE0, 0x95, 0x5D, 0x09, 0x9B, 0x74, 0xFF, 0x1A,
0x4D, 0xE6, 0x55, 0x9C, 0xD6, 0x79, 0x7C, 0x38,
0xC4, 0x8C, 0x11, 0x34, 0xCA, 0x2C, 0x97, 0x92,
0x43, 0xF3, 0x15, 0x2A, 0xF4, 0xBB, 0xE4, 0xD7,
0xA6, 0xBC, 0x09, 0x87, 0x21, 0x33, 0x92, 0x0C,
0xD2, 0x3B, 0x3E, 0xF9, 0x84, 0x8C, 0xCC, 0x68,
0x45, 0xD6, 0x47, 0xB5, 0x38, 0x75, 0x57, 0x73,
0x65, 0x13, 0xD5, 0x85, 0x60, 0x84, 0x51, 0x92,
0xF9, 0x26, 0x51, 0x59, 0x93, 0x2E, 0x57, 0x2A,
0x88, 0xC4, 0x4E, 0x65, 0x66, 0x76, 0x0C, 0x06,
0x1C, 0x67, 0xFC, 0xB5, 0xBF, 0x21, 0x00, 0x95,
0xE2, 0x14, 0xDA, 0x74, 0x53, 0x57, 0xE3, 0x69,
0x96, 0xD8, 0xC0, 0x66, 0x31, 0x1B, 0xBC, 0x76,
0x1A, 0x1F, 0xD2, 0x52, 0x73, 0xD2, 0x1E, 0xAB,
0x50, 0x01, 0x05, 0x63, 0xCD, 0x64, 0x68, 0xA4,
0xEA, 0x83, 0x6B, 0x6D, 0x64, 0xBD, 0x2B, 0xD7,
0x6D, 0xBE, 0x35, 0x82, 0xD5, 0x73, 0x6A, 0x60,
0x5A, 0x55, 0x09, 0xFC, 0x28, 0x78, 0x9B, 0x56,
0xB8, 0x84, 0xAE, 0x9A, 0x60, 0x41, 0x5F, 0x55,
0x67, 0x4B, 0xE6, 0x01, 0x57, 0x6C, 0x7C, 0xEE,
0x58, 0x14, 0x3B, 0xF0, 0x54, 0x80, 0x6A, 0xBC,
0xB3, 0x45, 0xA2, 0x56, 0xCB, 0xC4, 0x54, 0xE3,
0x43, 0xF3, 0xCC, 0x7A, 0xDE, 0x65, 0x56, 0x2F,
0xD2, 0x9E, 0xB2, 0x59, 0x73, 0x7B, 0xB3, 0xCF,
0x96, 0x49, 0xBD, 0xEA, 0x28, 0x3F, 0xB0, 0x72,
0x65, 0x67, 0x7C, 0x98, 0x08, 0xD1, 0x31, 0x19,
0xC0, 0xA2, 0xAD, 0xF7, 0x45, 0xDE, 0x69, 0x75,
0xF4, 0x56, 0x2C, 0xD6, 0x15, 0x57, 0xB3, 0x96,
0x5D, 0x2B, 0x07, 0x2F, 0x00, 0x0A, 0xA7, 0xE0,
0xA3, 0x57, 0xE1, 0x25, 0x3E, 0xAF, 0xEA, 0x7F,
0xDF, 0xCC, 0x92, 0xFA, 0x87, 0x63, 0x0D, 0xD2,
0x27, 0x6C, 0xE4, 0x2E, 0x82, 0x0B, 0x69, 0xD1,
0xFC, 0x2E, 0x47, 0xD5, 0xC4, 0x98, 0xA5, 0x5B,
0x3B, 0x29, 0xC3, 0x4E, 0x64, 0x90, 0x3D, 0x04,
0x7A, 0xB1, 0xC0, 0x40, 0x24, 0x95, 0x8F, 0x70,
0x11, 0x95, 0xF5, 0xD1, 0x3E, 0xC6, 0x70, 0x6B,
0x84, 0x48, 0x50, 0x3A, 0x54, 0x99, 0x22, 0xA5,
0x8A, 0x24, 0xB6, 0x7C, 0x93, 0x63, 0x27, 0x56,
0xB7, 0x7D, 0x22, 0x54, 0x07, 0x31, 0x61, 0x71,
0xDE, 0xEC, 0x56, 0x71, 0x44, 0x35, 0xCF, 0x94,
0xCC, 0xF4, 0x59, 0x9E, 0x00, 0xD1, 0x0E, 0x56,
0x96, 0x22, 0xBA, 0xDA, 0x82, 0x0C, 0x45, 0x2F,
0x25, 0x42, 0xAD, 0xF0, 0x87, 0x65, 0xCA, 0x93,
0xAE, 0x38, 0xEB, 0x02, 0x5D, 0xE3, 0x1C, 0xFF,
0x79, 0x74, 0x54, 0x9A, 0x78, 0x25, 0xA8, 0x31,
0xDD, 0x05, 0x4E, 0x87, 0xB8, 0x4C, 0x5F, 0x25,
0x47, 0xFF, 0x47, 0xB4, 0x6F, 0x88, 0xC9, 0x9F,
0x15, 0x48, 0xE9, 0x33, 0xA6, 0xF4, 0xD8, 0x7F,
0x1A, 0x4A, 0x1B, 0x00, 0xE3, 0x9E, 0x02, 0xD6,
0x0E, 0x51, 0xEB, 0x60, 0x3C, 0x1C, 0x0D, 0x80,
0x7A, 0xCD, 0xAB, 0x08, 0xBA, 0xA2, 0xB9, 0x98,
0x69, 0xB7, 0x5C, 0xA2, 0xC4, 0xB9, 0x63, 0x68,
0xB5, 0x17, 0x80, 0xBD, 0x1E, 0xC7, 0x5B, 0x11,
0x0B, 0x9F, 0xA6, 0x65, 0x56, 0x87, 0x6C, 0x5F,
0x48, 0x79, 0x7D, 0x09, 0x01, 0x38, 0xF7, 0x54,
0xAE, 0x30, 0x53, 0x3D, 0x36, 0xAA, 0x44, 0xB9,
0xB1, 0x70, 0x2A, 0x6A, 0x8A, 0x56, 0x62, 0x6B,
0xF0, 0x45, 0x1A, 0x37, 0xA7, 0xAC, 0x1A, 0x33,
0x70, 0x76, 0xE5, 0x1E, 0x0A, 0x6B, 0x03, 0x00,
0xC2, 0xC7, 0x90, 0xA4, 0x43, 0x7E, 0xA2, 0x8D,
0x7E, 0xC9, 0x8C, 0x41, 0x9B, 0x37, 0xD6, 0xAA,
0x97, 0x04, 0x17, 0x43, 0x5F, 0x91, 0xBE, 0xDC,
0x2B, 0x1F, 0x4B, 0xC8, 0x15, 0x8A, 0x51, 0xB1,
0xF4, 0x71, 0x51, 0x6F, 0xE8, 0x24, 0x28, 0x7C,
0x89, 0x6B, 0x89, 0x1B, 0x49, 0xF2, 0x54, 0xDD,
0x36, 0x35, 0x9B, 0x89, 0xC8, 0x24, 0xEB, 0x3F,
0x62, 0x48, 0x02, 0x7F, 0xBB, 0xAD, 0x4C, 0xF2,
0x91, 0x18, 0xCB, 0x50, 0xEB, 0xB6, 0x25, 0xA3,
0x7C, 0x53, 0x7A, 0x02, 0x23, 0xF0, 0xEB, 0x70,
0x85, 0xB5, 0xC7, 0xEC, 0x60, 0x75, 0x70, 0xDB,
0x91, 0x85, 0xD5, 0x99, 0x02, 0xBC, 0x26, 0xC6,
0x54, 0xA2, 0x80, 0x4C, 0x0D, 0x94, 0x67, 0x93,
0xD8, 0xA2, 0x14, 0x82, 0xAC, 0x4F, 0x05, 0xE9,
0x01, 0x62, 0x60, 0x33, 0x1D, 0xCC, 0x58, 0xBC,
0x66, 0xAF, 0x3C, 0xA7, 0x58, 0x54, 0x40, 0x21,
0x6A, 0xA0, 0x26, 0x3B, 0x2A, 0x72, 0x5E, 0x08,
0x0F, 0x6F, 0x9C, 0x5B, 0x6A, 0x9C, 0x9D, 0xA2,
0x93, 0x55, 0x18, 0x9B, 0x4B, 0x95, 0xB1, 0x37,
0xD1, 0x22, 0x5F, 0x25, 0x2A, 0xC7, 0x97, 0xB0,
0x64, 0x6C, 0xAC, 0x52, 0x16, 0x4B, 0x59, 0x72,
0xA9, 0x92, 0x65, 0xD3, 0x47, 0xFC, 0x7C, 0x35,
0x91, 0xD1, 0x5F, 0xFE, 0x68, 0x1C, 0x06, 0xD4,
0x38, 0xCC, 0xEB, 0x60, 0xBB, 0x63, 0x10, 0xB7,
0x95, 0x32, 0x89, 0x72, 0x0E, 0x2C, 0x72, 0x87,
0x30, 0x05, 0x23, 0x37, 0xAC, 0xA7, 0xC8, 0x52,
0x1A, 0xB4, 0x4F, 0x1E, 0x2A, 0x04, 0x9B, 0x83,
0xE0, 0x77, 0x4C, 0x96, 0xCD, 0x8C, 0x87, 0x6F,
0xA6, 0x75, 0xD0, 0x92, 0x39, 0x77, 0x27, 0x1B,
0xE6, 0xE8, 0x32, 0xF2, 0x49, 0x8C, 0xA5, 0xA3,
0x43, 0x1F, 0x40, 0xD3, 0x18, 0x7B, 0x1E, 0xD9,
0x65, 0xFD, 0xD6, 0x69, 0x3B, 0x37, 0xF6, 0xEB,
0x40, 0x8A, 0x99, 0x97, 0x7A, 0xE4, 0x96, 0x44,
0x7A, 0xF6, 0x50, 0x22, 0xE0, 0xA4, 0x72, 0xED,
0x63, 0x88, 0x63, 0x8E, 0xA2, 0x9D, 0x82, 0xDA,
0x68, 0xB4, 0xCF, 0x9F, 0xFD, 0xF2, 0xB6, 0x7C,
0xD7, 0x08, 0xEA, 0x5A, 0x37, 0x0C, 0x6A, 0x7C
};
#endif
static byte pubKey[KYBER_MAX_PUBLIC_KEY_SIZE];
static byte privKey[KYBER_MAX_PRIVATE_KEY_SIZE];
key = (KyberKey*)XMALLOC(sizeof(KyberKey), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(KyberKey));
}
#ifndef WOLFSSL_NO_KYBER512
ExpectIntEQ(wc_KyberKey_Init(KYBER512, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_MakeKeyWithRandom(key, seed_512, sizeof(seed_512)),
0);
ExpectIntEQ(wc_KyberKey_EncodePublicKey(key, pubKey,
KYBER512_PUBLIC_KEY_SIZE), 0);
ExpectIntEQ(wc_KyberKey_EncodePrivateKey(key, privKey,
KYBER512_PRIVATE_KEY_SIZE), 0);
ExpectIntEQ(XMEMCMP(pubKey, ek_512, KYBER512_PUBLIC_KEY_SIZE), 0);
ExpectIntEQ(XMEMCMP(privKey, dk_512, KYBER512_PRIVATE_KEY_SIZE), 0);
wc_KyberKey_Free(key);
#endif
#ifndef WOLFSSL_NO_KYBER768
ExpectIntEQ(wc_KyberKey_Init(KYBER768, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_MakeKeyWithRandom(key, seed_768, sizeof(seed_768)),
0);
ExpectIntEQ(wc_KyberKey_EncodePublicKey(key, pubKey,
KYBER768_PUBLIC_KEY_SIZE), 0);
ExpectIntEQ(wc_KyberKey_EncodePrivateKey(key, privKey,
KYBER768_PRIVATE_KEY_SIZE), 0);
ExpectIntEQ(XMEMCMP(pubKey, ek_768, KYBER768_PUBLIC_KEY_SIZE), 0);
ExpectIntEQ(XMEMCMP(privKey, dk_768, KYBER768_PRIVATE_KEY_SIZE), 0);
wc_KyberKey_Free(key);
#endif
#ifndef WOLFSSL_NO_KYBER1024
ExpectIntEQ(wc_KyberKey_Init(KYBER1024, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_MakeKeyWithRandom(key, seed_1024,
sizeof(seed_1024)), 0);
ExpectIntEQ(wc_KyberKey_EncodePublicKey(key, pubKey,
KYBER1024_PUBLIC_KEY_SIZE), 0);
ExpectIntEQ(wc_KyberKey_EncodePrivateKey(key, privKey,
KYBER1024_PRIVATE_KEY_SIZE), 0);
ExpectIntEQ(XMEMCMP(pubKey, ek_1024, KYBER1024_PUBLIC_KEY_SIZE), 0);
ExpectIntEQ(XMEMCMP(privKey, dk_1024, KYBER1024_PRIVATE_KEY_SIZE), 0);
wc_KyberKey_Free(key);
#endif
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_kyber_encapsulate_kats(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_HAVE_KYBER) && defined(WOLFSSL_WC_KYBER) && \
defined(WOLFSSL_ML_KEM)
KyberKey* key;
#ifndef WOLFSSL_NO_KYBER512
static const byte ek_512[KYBER512_PUBLIC_KEY_SIZE] = {
0xA5, 0x40, 0x97, 0x18, 0xCB, 0x72, 0xF2, 0x43,
0x8A, 0x35, 0x55, 0xA3, 0xC8, 0xF1, 0x8F, 0x26,
0x71, 0xA1, 0xF8, 0x14, 0x03, 0xDF, 0x7B, 0x5A,
0x46, 0x59, 0xA5, 0x1F, 0x50, 0x82, 0x7B, 0xA6,
0x57, 0x7A, 0xA7, 0x08, 0x00, 0xD7, 0x8D, 0x8B,
0xC5, 0xAA, 0x86, 0xB8, 0x9E, 0x08, 0xB5, 0x8F,
0x34, 0x80, 0xA8, 0x9E, 0x10, 0x4D, 0xC6, 0x92,
0x2E, 0xDB, 0xC1, 0x2D, 0x06, 0xF8, 0x91, 0x02,
0x7C, 0x65, 0x4E, 0x99, 0x4A, 0x22, 0xF9, 0x1A,
0x2A, 0xF6, 0x34, 0x04, 0xCA, 0x98, 0xD7, 0xB6,
0x7E, 0xEA, 0x25, 0x91, 0x1B, 0x24, 0xC7, 0x0D,
0xEB, 0x81, 0x46, 0xA0, 0x82, 0x1F, 0x34, 0xA3,
0x02, 0x55, 0x1F, 0x2D, 0x51, 0x0C, 0x05, 0x88,
0xC8, 0xBC, 0xA7, 0x4E, 0xB4, 0xDC, 0x0C, 0xFA,
0x46, 0x03, 0xC1, 0xC5, 0xA3, 0xC5, 0x53, 0x70,
0x61, 0x78, 0x90, 0x68, 0x68, 0x2C, 0x4C, 0xC3,
0x14, 0x3F, 0xBA, 0x9B, 0xB5, 0x54, 0x2F, 0x97,
0x78, 0xBD, 0xF2, 0x3B, 0x36, 0x52, 0xF2, 0xA7,
0x52, 0x47, 0x56, 0xFA, 0x73, 0x90, 0x9D, 0xDA,
0xC7, 0xE5, 0x32, 0x52, 0x26, 0x59, 0x21, 0x8C,
0xBA, 0x25, 0xF3, 0x3B, 0x6B, 0x04, 0x58, 0xCB,
0x03, 0xDA, 0x79, 0x35, 0xBA, 0x59, 0x11, 0x19,
0x55, 0x31, 0x2B, 0x15, 0xCC, 0xE2, 0xC0, 0xF7,
0x34, 0x66, 0xA8, 0x00, 0x62, 0x83, 0xA2, 0xAA,
0x7C, 0xBB, 0x61, 0x02, 0x2A, 0xBB, 0xC2, 0xD1,
0x9F, 0x29, 0x20, 0xBC, 0x30, 0x24, 0x72, 0xDC,
0x97, 0xC4, 0xA1, 0x78, 0x8C, 0x9B, 0xD3, 0xBB,
0xED, 0xC9, 0x12, 0x2B, 0x82, 0x7B, 0x27, 0x9C,
0x07, 0x4C, 0x80, 0x44, 0x31, 0x41, 0x11, 0x9F,
0x4B, 0x16, 0x29, 0xF6, 0x2F, 0x10, 0xD4, 0xCE,
0x2B, 0xE3, 0xBB, 0x34, 0x38, 0x16, 0xCA, 0xD1,
0x6A, 0x1C, 0x87, 0x58, 0x2F, 0x2B, 0x70, 0xE2,
0x66, 0x35, 0xB0, 0x8B, 0xB3, 0x90, 0xC1, 0x33,
0x98, 0xFC, 0xCD, 0xA7, 0xE9, 0xBB, 0x3D, 0x9B,
0x0B, 0x78, 0x03, 0x75, 0x0C, 0x95, 0x5C, 0x57,
0xA0, 0x28, 0xA5, 0xD2, 0x6C, 0x27, 0x03, 0x16,
0xBB, 0x2B, 0x81, 0x5C, 0x3B, 0x97, 0x2B, 0xA6,
0x78, 0x2D, 0xAB, 0x02, 0xF3, 0x06, 0x82, 0x1E,
0x61, 0x28, 0x5B, 0xB0, 0x72, 0xBF, 0x79, 0x78,
0x1C, 0xAB, 0xC3, 0x86, 0x14, 0x2A, 0x50, 0xC7,
0xAA, 0xAE, 0x66, 0xA9, 0x47, 0x58, 0x5B, 0xB0,
0xD8, 0x28, 0x8D, 0xBC, 0xAF, 0x4B, 0x3B, 0x85,
0xBB, 0x79, 0x26, 0x98, 0x7B, 0xAF, 0x76, 0x43,
0xAA, 0xB5, 0xFB, 0x02, 0x21, 0x05, 0x80, 0xA0,
0x26, 0x43, 0x52, 0xE6, 0x9C, 0x60, 0x98, 0x98,
0x9C, 0xFB, 0x87, 0x48, 0x33, 0x95, 0x96, 0x0A,
0x3A, 0x4F, 0x31, 0xBE, 0xFD, 0xA8, 0x0B, 0x5F,
0x28, 0x6E, 0xCF, 0xDA, 0xA5, 0x55, 0xD4, 0x39,
0x0A, 0xF6, 0xB5, 0x5D, 0x31, 0x39, 0x20, 0x92,
0x90, 0x93, 0x44, 0x9C, 0xD6, 0x72, 0x9D, 0x00,
0x21, 0x8E, 0x2D, 0x86, 0x57, 0x0A, 0xDC, 0x0C,
0x4F, 0x65, 0x45, 0xFF, 0xB5, 0x63, 0x2E, 0xFB,
0x3A, 0xAE, 0x26, 0x25, 0xA6, 0x98, 0x26, 0x70,
0xFA, 0xCE, 0x8D, 0x16, 0x12, 0x6F, 0xA6, 0x07,
0xE6, 0xD0, 0xA1, 0xFF, 0x61, 0x6A, 0x46, 0xEC,
0xA6, 0x42, 0xCC, 0x6A, 0xAC, 0x55, 0x4D, 0xBB,
0xC4, 0x3D, 0xFC, 0xF5, 0x7F, 0x36, 0x4C, 0x19,
0x0C, 0xEA, 0x57, 0x76, 0xC1, 0xCE, 0xB5, 0x8B,
0x70, 0x07, 0x50, 0x5F, 0xD7, 0x9C, 0x5F, 0x00,
0x5A, 0x4B, 0xA2, 0x18, 0xCF, 0x06, 0x93, 0xB0,
0x58, 0xB5, 0x10, 0xA4, 0xCA, 0x20, 0x43, 0x24,
0x60, 0x2F, 0x59, 0xBB, 0x8F, 0x22, 0x81, 0xC4,
0xD7, 0xB0, 0xBC, 0x86, 0x25, 0xE7, 0x88, 0x16,
0x50, 0xF5, 0x7C, 0x89, 0xE3, 0x2C, 0xF4, 0x80,
0x91, 0x44, 0x77, 0x5C, 0x90, 0x73, 0xB6, 0x73,
0xE3, 0x94, 0x12, 0xA2, 0x7C, 0x91, 0x43, 0x21,
0xCC, 0xB6, 0xA7, 0xCF, 0x7C, 0x37, 0xC5, 0xBC,
0xBE, 0x7C, 0xA5, 0x1B, 0xE0, 0xC9, 0x28, 0x46,
0x6A, 0x45, 0x8E, 0xB7, 0x78, 0xD6, 0x46, 0x6A,
0x89, 0x2A, 0x0A, 0xCB, 0xC0, 0x96, 0x38, 0x78,
0x4A, 0x27, 0x73, 0x9C, 0x97, 0x0C, 0xA5, 0x8B,
0xC2, 0x59, 0x5A, 0xD6, 0xBF, 0xA4, 0xE5, 0x2E,
0xB4, 0x38, 0xAC, 0x97, 0xC4, 0x16, 0x23, 0x80,
0x22, 0x48, 0xE1, 0x10, 0xB0, 0x74, 0x83, 0x8F,
0x31, 0xA6, 0xE7, 0x50, 0x37, 0x37, 0x70, 0x4E,
0x7A, 0xE4, 0xAD, 0x91, 0x29, 0x95, 0x72, 0xA8,
0xC1, 0x36, 0x03, 0x50, 0x0F, 0x36, 0x09, 0xB6,
0x25, 0xB4, 0xE2, 0x4C, 0xAE, 0x33, 0x2B, 0x0D,
0x7A, 0x5B, 0xB4, 0x7A, 0x03, 0x85, 0x12, 0xA0,
0x81, 0xBC, 0x27, 0xCD, 0xF0, 0xF2, 0x92, 0x3C,
0xD3, 0x47, 0x9F, 0x53, 0x07, 0x02, 0x0B, 0x77,
0xF1, 0x49, 0x58, 0x45, 0x64, 0x06, 0x0E, 0x50,
0x83, 0xCE, 0xD5, 0x53, 0x12, 0xB6, 0xA6, 0xA4,
0x65, 0xA8, 0x2B, 0x45, 0x77, 0xD6, 0x3A, 0x4B,
0x49, 0xC8, 0x0B, 0x07, 0xA9, 0x36, 0x7E, 0x39,
0x77, 0x8A, 0xF7, 0x6F, 0xA8, 0xEC, 0x2C, 0xF5,
0x28, 0x72, 0x28, 0x56, 0xCE, 0x78, 0x13, 0x40,
0x1A, 0x83, 0x83, 0xBD, 0xB7, 0x15, 0x1B, 0x9B,
0x6D, 0x2D, 0xD6, 0xBF, 0xF5, 0x54, 0x01, 0xD2,
0x8A, 0xC6, 0x12, 0x81, 0x8C, 0x88, 0xC9, 0x28,
0x73, 0x47, 0xB0, 0x98, 0xA9, 0x66, 0xEB, 0x9C,
0x0A, 0x2D, 0xB7, 0x1F, 0x0A, 0x75, 0x55, 0x5E,
0x17, 0x57, 0xD3, 0xAC, 0x4E, 0x3D, 0x80, 0x2C,
0x8D, 0xC6, 0xA2, 0x61, 0x52, 0x12, 0x55, 0x18,
0x6A, 0xBB, 0x98, 0xC2, 0x48, 0x03, 0x01, 0xB8,
0xC6, 0xB3, 0x12, 0x28, 0xB5, 0x44, 0x61, 0xBC,
0x44, 0xEA, 0x3C, 0x2C, 0xF9, 0x4B, 0x86, 0xC7,
0xA5, 0xB8, 0x2C, 0x55, 0x16, 0x7A, 0x76, 0x06,
0xCA, 0x9D, 0xC8, 0x25, 0x3B, 0x76, 0x04, 0xE4,
0x4A, 0x07, 0xF3, 0xED, 0x55, 0xCD, 0x5B, 0x5E
};
static const byte seed_512[KYBER_ENC_RAND_SZ] = {
0x10, 0x9A, 0x24, 0x8F, 0xE8, 0x05, 0x2F, 0x84,
0x27, 0x1F, 0xF5, 0x7B, 0xAC, 0x15, 0x6B, 0x1B,
0xA6, 0xA5, 0x09, 0xCD, 0xCD, 0xBC, 0xC9, 0x6C,
0xCD, 0xB1, 0xCC, 0xB8, 0x5C, 0xA4, 0x93, 0x15
};
static const byte c_512[KYBER512_CIPHER_TEXT_SIZE] = {
0x59, 0x7A, 0x06, 0xDE, 0xB8, 0x81, 0x72, 0xBA,
0x8D, 0x7C, 0xDE, 0x8D, 0x82, 0xCA, 0xA2, 0x34,
0xB8, 0x11, 0x2A, 0xF8, 0xA7, 0x2F, 0x1A, 0xB4,
0xCE, 0xA1, 0xEF, 0xCB, 0x2D, 0x86, 0x8D, 0x53,
0xD2, 0x12, 0xE3, 0x03, 0xB7, 0x0E, 0x7E, 0x52,
0x1A, 0xB0, 0xF4, 0xB5, 0xDB, 0x4F, 0x51, 0x15,
0x92, 0x48, 0xBF, 0xB2, 0x75, 0x36, 0x1B, 0xEF,
0x88, 0x37, 0x52, 0xC7, 0x8B, 0x8D, 0x47, 0x12,
0x27, 0x53, 0x85, 0x53, 0x6A, 0x4B, 0x0A, 0x96,
0xE3, 0xC2, 0x3E, 0xA6, 0xC1, 0x7E, 0xA9, 0x2B,
0x60, 0x26, 0x16, 0xE5, 0x82, 0x1E, 0x57, 0x53,
0xA4, 0x73, 0x6C, 0x40, 0x39, 0xC2, 0x0C, 0x92,
0x3C, 0xCE, 0xCB, 0x57, 0x98, 0x05, 0x58, 0x7C,
0x0C, 0xE7, 0x22, 0x18, 0xBB, 0x1A, 0xB1, 0x24,
0x52, 0xF8, 0xE1, 0x54, 0xCB, 0x86, 0x43, 0x32,
0x81, 0x42, 0xF9, 0xB3, 0x40, 0xA6, 0x41, 0xC6,
0xF2, 0x95, 0xE5, 0xEC, 0xF2, 0xE0, 0x48, 0xBC,
0x7F, 0xC7, 0x9B, 0xC5, 0xB9, 0x42, 0x77, 0xC8,
0x68, 0xD8, 0xE5, 0x36, 0xB5, 0x04, 0x25, 0x80,
0x9D, 0xCF, 0xA0, 0x24, 0xA3, 0x90, 0x5C, 0xBA,
0x55, 0x0A, 0xD3, 0xBB, 0x52, 0xB4, 0x59, 0xAC,
0x38, 0xFA, 0xBC, 0x9B, 0xC0, 0x0E, 0xBA, 0x03,
0xEC, 0x09, 0x06, 0x72, 0x5B, 0x4F, 0xE4, 0xE9,
0x76, 0xF1, 0x74, 0x32, 0x00, 0x47, 0xB3, 0x1D,
0x15, 0x89, 0x13, 0x65, 0xBA, 0x48, 0x23, 0x88,
0xF0, 0xFB, 0x97, 0x3B, 0x85, 0x22, 0x4F, 0xB0,
0x0B, 0xA8, 0x65, 0xAF, 0xAB, 0x3C, 0x9A, 0x1B,
0x7D, 0x48, 0x9F, 0x7B, 0x98, 0x2D, 0x0B, 0xD4,
0x70, 0xEF, 0x94, 0x8E, 0xCB, 0x5B, 0x39, 0x20,
0xAF, 0x89, 0x03, 0x59, 0x60, 0x12, 0x3B, 0x1F,
0x86, 0x30, 0xD7, 0x63, 0x68, 0x1B, 0xFD, 0x67,
0x15, 0x67, 0xEF, 0xBB, 0x1E, 0x62, 0x76, 0xAA,
0x4F, 0xB2, 0xDF, 0xA9, 0xC3, 0x94, 0x8D, 0xB7,
0xF0, 0x83, 0xF2, 0x83, 0x83, 0xB7, 0x7B, 0xC5,
0x14, 0xAF, 0x9D, 0x68, 0xD2, 0x2E, 0x24, 0x87,
0xC2, 0x01, 0x63, 0xC0, 0x2B, 0x0B, 0xBF, 0x23,
0xBB, 0xCE, 0x06, 0x50, 0xF8, 0x4F, 0xF8, 0xCE,
0x02, 0xC7, 0x4E, 0x9E, 0x11, 0xD6, 0xF3, 0x0E,
0xC5, 0xFA, 0x8A, 0x01, 0x2A, 0xDC, 0x3B, 0x89,
0x62, 0x7C, 0x7D, 0xE8, 0x55, 0xC1, 0xFB, 0xBE,
0xB5, 0xDC, 0xDE, 0x84, 0xD0, 0x5E, 0x36, 0xC5,
0x56, 0x6E, 0x55, 0x51, 0xB5, 0x87, 0x50, 0xA4,
0x11, 0x64, 0x26, 0x39, 0xB2, 0x78, 0x64, 0xF7,
0xE0, 0x05, 0x97, 0x8F, 0xFE, 0x25, 0x6B, 0x75,
0x7D, 0x13, 0xDA, 0x66, 0x3F, 0xC3, 0xBB, 0x07,
0x94, 0xA2, 0x7C, 0xF7, 0x58, 0x5D, 0x12, 0xF2,
0x2D, 0x95, 0x3B, 0x28, 0x54, 0x59, 0xFD, 0xC9,
0xBC, 0xDF, 0xCD, 0xCC, 0xB7, 0xBF, 0x3E, 0x4E,
0x36, 0x2D, 0x28, 0x91, 0xD5, 0x83, 0x85, 0x5F,
0x5D, 0x94, 0x87, 0xE6, 0xFB, 0x21, 0x7E, 0x2E,
0x45, 0xEE, 0x0B, 0xD9, 0xAF, 0xC2, 0x89, 0xF4,
0xD5, 0x64, 0x58, 0x12, 0x09, 0xA3, 0xAC, 0xA3,
0x17, 0x95, 0xA1, 0x24, 0xBD, 0x1B, 0xBA, 0xEA,
0x84, 0x67, 0x55, 0xC8, 0xEA, 0x78, 0x10, 0xEA,
0xA7, 0x30, 0x60, 0xE8, 0x6F, 0xB5, 0xFD, 0xF3,
0xFB, 0xE7, 0x2F, 0x80, 0x6B, 0xB1, 0xBF, 0xBF,
0xBA, 0xC0, 0xC7, 0xB1, 0x6B, 0xFE, 0x74, 0x25,
0x02, 0x77, 0xEC, 0xF5, 0xF5, 0x41, 0x57, 0x1B,
0x8A, 0x97, 0x50, 0x50, 0x91, 0x7F, 0xDF, 0x78,
0x1F, 0xEA, 0x17, 0xB5, 0x85, 0xE3, 0xC6, 0xDB,
0xFE, 0x77, 0xB1, 0xE4, 0x8A, 0x16, 0x50, 0x4C,
0x3A, 0x38, 0x90, 0x11, 0x56, 0x10, 0x0C, 0xAF,
0xEC, 0x2E, 0xD9, 0x39, 0xAE, 0x9A, 0x9E, 0xDF,
0xC9, 0xC0, 0xF8, 0xC7, 0xF5, 0x5C, 0xC9, 0x3E,
0x5D, 0xDD, 0x0B, 0x3D, 0xE1, 0xC6, 0xED, 0xAE,
0x2B, 0x7E, 0xE3, 0x4C, 0x61, 0x01, 0xF0, 0x11,
0xB5, 0x90, 0x4F, 0x69, 0x3D, 0x28, 0x63, 0x56,
0xB5, 0x4C, 0x86, 0xCE, 0x8B, 0xCF, 0xEA, 0x9D,
0xBF, 0xEC, 0x21, 0xC1, 0xEF, 0x0E, 0xCC, 0x91,
0x05, 0x00, 0x5B, 0xAA, 0x37, 0x7D, 0x82, 0x9D,
0xCA, 0x2C, 0xBF, 0x5E, 0xA5, 0xF3, 0x1B, 0x71,
0xD4, 0x46, 0xB8, 0x33, 0xE0, 0x06, 0x19, 0x81,
0x9D, 0x7F, 0xC6, 0x02, 0x40, 0x52, 0x49, 0x97,
0x57, 0xA2, 0x76, 0x5F, 0x19, 0xCD, 0x2B, 0x36,
0xC2, 0x48, 0x85, 0x99, 0xDC, 0x52, 0x47, 0x49,
0x4F, 0xAB, 0xE8, 0x1E, 0xEB, 0xEF, 0xD3, 0xBE,
0x75, 0xC4, 0x78, 0x0E, 0x43, 0xA5, 0x04, 0x18,
0xC5, 0xDB, 0x2F, 0xF3, 0x59, 0xC5, 0xA6, 0xDE,
0x28, 0x6E, 0xF5, 0x95, 0x1E, 0x27, 0x09, 0x48,
0x6E, 0xDC, 0x9C, 0xC4, 0x9D, 0x07, 0x24, 0xEC,
0xA3, 0xF2, 0xC0, 0xB7, 0x5F, 0x8A, 0x36, 0xCE,
0x86, 0x23, 0x88, 0xF0, 0x0B, 0x3C, 0x59, 0x3D,
0x1C, 0x8C, 0x6A, 0xC4, 0x5D, 0x73, 0xA7, 0x2F,
0xF6, 0xB4, 0xF8, 0x05, 0xB1, 0x31, 0xED, 0x4E,
0xAF, 0x56, 0x01, 0xD7, 0xB7, 0x3B, 0x0E, 0x37,
0x24, 0xE7, 0x5D, 0x58, 0xDD, 0x50, 0xF5, 0x87,
0x1C, 0x54, 0xA3, 0x7C, 0x14, 0x81, 0x33, 0x17,
0x59, 0xF4, 0xBE, 0x86, 0xFB, 0x58, 0xA2, 0xEE,
0x00, 0x31, 0x30, 0xF6, 0x6E, 0x18, 0x7C, 0x8B,
0xA5, 0x01, 0x5B, 0xE7, 0x13, 0x29, 0x65, 0x89,
0xAC, 0xAF, 0xBF, 0x65, 0x96, 0x89, 0x7E, 0x03,
0xD4, 0x92, 0x0C, 0x91, 0xF2, 0x63, 0x33, 0xB7,
0xBF, 0x17, 0x98, 0xAF, 0x81, 0x5C, 0x93, 0xD4,
0xDF, 0x55, 0xBD, 0x47, 0xA0, 0x82, 0x49, 0xBF,
0x11, 0x30, 0x63, 0xFB, 0xB3, 0x95, 0x03, 0xE9,
0xB6, 0xD4, 0x3E, 0xAC, 0x7B, 0x0C, 0x30, 0x5A
};
static const byte k_512[KYBER_SS_SZ] = {
0x4D, 0xDD, 0x30, 0x4E, 0x27, 0x48, 0x99, 0xBD,
0x82, 0x97, 0x18, 0x56, 0x82, 0x4B, 0x58, 0x71,
0x30, 0x92, 0x79, 0x52, 0x06, 0x01, 0x21, 0x85,
0x8F, 0x9A, 0xDE, 0xB9, 0x6A, 0xB7, 0xF5, 0x71
};
#endif
#ifndef WOLFSSL_NO_KYBER768
static const byte ek_768[KYBER768_PUBLIC_KEY_SIZE] = {
0x14, 0x56, 0xA2, 0xEE, 0x8C, 0x35, 0x56, 0x05,
0x4A, 0xBC, 0x79, 0xB4, 0x88, 0x2C, 0x31, 0x90,
0xE5, 0xCA, 0x72, 0x6A, 0xB4, 0x02, 0xE5, 0xB0,
0x97, 0x28, 0xC0, 0xF4, 0xF7, 0x9C, 0x9F, 0xC2,
0xAD, 0xD8, 0x28, 0xAB, 0xE4, 0x32, 0xB1, 0x50,
0x1B, 0x60, 0xF4, 0x6C, 0xCB, 0xC8, 0x6A, 0x33,
0x78, 0xC3, 0x48, 0x95, 0x70, 0x8A, 0x13, 0x67,
0x1B, 0x20, 0xB3, 0x89, 0x47, 0x9A, 0xAA, 0x01,
0xC6, 0x9D, 0x6B, 0x3B, 0x7D, 0x07, 0xD1, 0xC3,
0xAB, 0x54, 0xB9, 0x1C, 0x58, 0x0F, 0x5A, 0x33,
0x6B, 0x30, 0x06, 0x9A, 0x4F, 0x13, 0x4F, 0xFD,
0x37, 0x64, 0xCE, 0x73, 0xA0, 0x47, 0xE2, 0x84,
0x47, 0x71, 0x74, 0x2B, 0xF4, 0x71, 0x0B, 0x97,
0x2D, 0x4F, 0x65, 0x90, 0xA1, 0xC5, 0x3A, 0x97,
0x53, 0x68, 0xC2, 0x71, 0xB6, 0x70, 0xF1, 0xA4,
0x03, 0x64, 0x41, 0x05, 0x4A, 0x66, 0xE8, 0x81,
0x59, 0x97, 0x51, 0x22, 0x88, 0x55, 0x2F, 0xD7,
0x14, 0x9F, 0xFB, 0x70, 0x5A, 0xAE, 0x13, 0x3F,
0x84, 0x14, 0x06, 0x0D, 0x00, 0x92, 0xFA, 0x8A,
0x16, 0x27, 0xD7, 0x8A, 0xB2, 0xAB, 0xC6, 0x69,
0x62, 0x88, 0xBA, 0xF5, 0xC6, 0x0E, 0xF3, 0x70,
0x82, 0x7A, 0x7E, 0xFA, 0x72, 0xAE, 0x5C, 0x67,
0x41, 0xA5, 0xDA, 0x04, 0x3D, 0x59, 0x40, 0xF1,
0x21, 0x48, 0x53, 0x72, 0xA9, 0x8F, 0x47, 0x2D,
0x60, 0xF0, 0x5F, 0x74, 0xD9, 0x5F, 0x01, 0xA1,
0x99, 0x1E, 0x73, 0xA3, 0xE0, 0xA9, 0x53, 0x64,
0x67, 0xA4, 0x73, 0x8A, 0xB4, 0xCF, 0x38, 0x5B,
0xA7, 0x72, 0x82, 0x7E, 0xB8, 0xCC, 0x05, 0x8B,
0x35, 0x72, 0xE4, 0x0B, 0x59, 0x84, 0x44, 0xC1,
0x81, 0xC7, 0xF6, 0xD9, 0xB7, 0x60, 0xA7, 0xB9,
0x07, 0x09, 0x2E, 0x9C, 0x33, 0x51, 0xEA, 0x23,
0x4E, 0x44, 0x49, 0xBD, 0x9B, 0x61, 0xA1, 0x34,
0x65, 0x4E, 0x2D, 0xA1, 0x91, 0xFF, 0x07, 0x93,
0x96, 0x15, 0x69, 0xD3, 0x59, 0x44, 0x48, 0xBB,
0xC2, 0x58, 0x69, 0x99, 0xA6, 0x67, 0x1E, 0xFC,
0xA9, 0x57, 0xF3, 0xA6, 0x69, 0x9A, 0x4A, 0x1B,
0x2F, 0x47, 0x07, 0xAB, 0xA0, 0xB2, 0xDB, 0x20,
0x11, 0x4F, 0xE6, 0x8A, 0x4E, 0x28, 0x15, 0xAF,
0x3A, 0xAC, 0x4B, 0x8C, 0x6B, 0xE5, 0x64, 0x8C,
0x50, 0xCC, 0x35, 0xC2, 0x7C, 0x57, 0x28, 0x80,
0x28, 0xD3, 0x61, 0x70, 0x8D, 0x30, 0x2E, 0xEB,
0xB8, 0x60, 0xBE, 0xE6, 0x91, 0xF6, 0x56, 0xA2,
0x55, 0x0C, 0xB3, 0x21, 0xE9, 0x29, 0x3D, 0x75,
0x16, 0xC5, 0x99, 0x81, 0x7B, 0x76, 0x6B, 0xA9,
0x28, 0xB1, 0x08, 0x77, 0x9A, 0x1C, 0x87, 0x12,
0xE7, 0x4C, 0x76, 0x84, 0x1A, 0xC5, 0x8B, 0x8C,
0x51, 0x5B, 0xF4, 0x74, 0x9B, 0xF7, 0x15, 0x98,
0x44, 0x45, 0xB2, 0xB5, 0x30, 0x63, 0x38, 0x40,
0x01, 0xE5, 0x5F, 0x68, 0x86, 0x7B, 0x1A, 0xF4,
0x6C, 0xA7, 0x0C, 0xA8, 0xEA, 0x74, 0x17, 0x2D,
0xB8, 0x0B, 0x52, 0x18, 0xBD, 0xE4, 0xF0, 0x0A,
0x0E, 0x65, 0x8D, 0xB5, 0xA1, 0x8D, 0x94, 0xE1,
0x42, 0x7A, 0xF7, 0xAE, 0x35, 0x8C, 0xCE, 0xB2,
0x38, 0x77, 0x2F, 0xCC, 0x83, 0xF1, 0x08, 0x28,
0xA4, 0xA3, 0x67, 0xD4, 0x2C, 0x4C, 0xB6, 0x93,
0x3F, 0xDD, 0x1C, 0x1C, 0x7B, 0x86, 0xAD, 0x8B,
0x00, 0x96, 0x57, 0xA9, 0x62, 0x22, 0xD7, 0xBA,
0x92, 0xF5, 0x27, 0xAF, 0x87, 0x79, 0x70, 0xA8,
0x32, 0x47, 0xF4, 0x7A, 0x23, 0xFC, 0x22, 0x85,
0x11, 0x8B, 0x57, 0x71, 0x77, 0x15, 0x20, 0x46,
0x74, 0xDA, 0x9C, 0x94, 0xB6, 0x2B, 0xC7, 0x83,
0x8C, 0xF8, 0x72, 0x00, 0x15, 0x6B, 0x26, 0xBA,
0x46, 0x71, 0x15, 0x99, 0x31, 0xC4, 0x93, 0x22,
0xD8, 0x06, 0x71, 0xA0, 0xF3, 0x32, 0xEA, 0xA2,
0xBB, 0xF8, 0x93, 0xBE, 0x40, 0x8B, 0x9E, 0xAC,
0x6A, 0x50, 0x54, 0x83, 0xAA, 0x90, 0x75, 0xBD,
0x13, 0x68, 0xB5, 0x1F, 0x99, 0x21, 0x1F, 0x48,
0x0A, 0x9C, 0x54, 0x2A, 0x75, 0xB5, 0xBE, 0x08,
0xE4, 0x3A, 0xDA, 0xF3, 0x01, 0xDD, 0x72, 0x9A,
0x85, 0x95, 0x40, 0x10, 0xE6, 0x48, 0x92, 0xA2,
0xAA, 0x4F, 0x15, 0xC0, 0xBD, 0x70, 0xB3, 0xD8,
0x56, 0x49, 0x4F, 0xF9, 0xBA, 0x0F, 0xE4, 0xCE,
0x12, 0x99, 0x1C, 0xA0, 0x6B, 0x5E, 0x3D, 0x0B,
0x2A, 0xF1, 0xF7, 0x97, 0xB7, 0xA2, 0xB7, 0x60,
0x91, 0x0A, 0xE9, 0xF8, 0x33, 0xD0, 0xD4, 0x26,
0x7A, 0x58, 0x05, 0x2C, 0x29, 0x90, 0xF1, 0x61,
0xB8, 0x86, 0xE2, 0x51, 0x71, 0x1C, 0x09, 0xD0,
0x85, 0xC3, 0xD9, 0x58, 0xB1, 0x44, 0x19, 0x2C,
0x9C, 0xC3, 0x22, 0x4A, 0x46, 0x07, 0x15, 0xB6,
0x78, 0x4E, 0xB0, 0xB2, 0x6F, 0x23, 0x71, 0x87,
0x50, 0x7D, 0x85, 0xC5, 0x11, 0x0A, 0xCC, 0x71,
0xCE, 0x47, 0x19, 0x8F, 0x25, 0x45, 0x53, 0x35,
0x6D, 0xAB, 0x44, 0x8C, 0x38, 0xD2, 0x43, 0xA7,
0xC0, 0x2B, 0xE4, 0x0C, 0x90, 0x8C, 0x82, 0x8D,
0x05, 0xC0, 0x81, 0xDF, 0xAB, 0x8F, 0xC6, 0xB5,
0xCF, 0xE7, 0xD5, 0x6E, 0x73, 0x17, 0x15, 0x7D,
0xC0, 0x53, 0xB2, 0xB3, 0x48, 0x99, 0x86, 0xB0,
0x81, 0x28, 0x88, 0x71, 0x81, 0x85, 0x85, 0xE0,
0x99, 0x31, 0x09, 0x5E, 0x32, 0x74, 0xA0, 0x84,
0x11, 0x5B, 0xE2, 0x76, 0x43, 0x82, 0x54, 0xA7,
0x96, 0x27, 0x0A, 0x7B, 0x43, 0x06, 0xF0, 0x8B,
0x98, 0xD9, 0xC2, 0xAA, 0xEC, 0xF7, 0x06, 0x5E,
0x74, 0x44, 0x6B, 0x7C, 0x69, 0x6D, 0xBA, 0xAF,
0x8B, 0x46, 0x25, 0xA1, 0x0B, 0x07, 0x82, 0x7B,
0x4A, 0x8B, 0xAB, 0xAB, 0x09, 0xB6, 0x4A, 0xE1,
0xC3, 0x75, 0xBB, 0x78, 0x54, 0x41, 0xF3, 0x19,
0xFB, 0x9A, 0xC2, 0xF1, 0x4C, 0x95, 0xFF, 0xB2,
0x52, 0xAB, 0xBB, 0x80, 0x9C, 0x69, 0x09, 0xCD,
0x97, 0x70, 0x6E, 0x40, 0x69, 0x1C, 0xBA, 0x61,
0xC9, 0x25, 0x2B, 0xD3, 0x8A, 0x04, 0x31, 0x1C,
0xA5, 0xBB, 0x2C, 0xA7, 0x95, 0x78, 0x34, 0x75,
0x05, 0xD0, 0x88, 0x88, 0x51, 0xE0, 0x82, 0x64,
0x8B, 0xD0, 0x03, 0xBE, 0x97, 0xC0, 0xF8, 0xF6,
0x67, 0x59, 0xEC, 0x96, 0xA9, 0x6A, 0x08, 0x1C,
0x68, 0x22, 0xC4, 0x51, 0x05, 0x59, 0x53, 0x70,
0x42, 0xFC, 0x15, 0xF0, 0x69, 0xA6, 0x49, 0xB7,
0x4A, 0x10, 0x96, 0x1B, 0x35, 0x4A, 0x1F, 0x62,
0x5B, 0x04, 0xE2, 0x5B, 0x29, 0x3C, 0xF6, 0x5F,
0xB4, 0xF5, 0x3A, 0x80, 0xCC, 0x73, 0x3D, 0x7A,
0x17, 0x57, 0x75, 0xBF, 0x8A, 0x9A, 0xBB, 0x92,
0x01, 0x62, 0x0E, 0x83, 0xA7, 0xF3, 0xE7, 0x24,
0xD1, 0x28, 0x7D, 0xBC, 0x44, 0xBD, 0xD5, 0xD8,
0x5F, 0xC7, 0x15, 0x45, 0xA9, 0x27, 0xBE, 0xED,
0xE5, 0x37, 0xA7, 0x76, 0x87, 0x35, 0xCC, 0x14,
0x86, 0xC7, 0xC3, 0xF3, 0x11, 0x04, 0xDB, 0x67,
0x34, 0x3F, 0x43, 0x5D, 0x2D, 0x45, 0x55, 0x4B,
0xAA, 0xC9, 0xCD, 0xB5, 0x82, 0x2E, 0x84, 0x22,
0xAE, 0x83, 0x21, 0xC7, 0x8A, 0xBE, 0x9F, 0x26,
0x1F, 0xD4, 0x81, 0x0A, 0x79, 0xE3, 0x3E, 0x94,
0xE6, 0x3B, 0x33, 0x41, 0x87, 0x2C, 0x92, 0x25,
0x35, 0x21, 0x99, 0x7C, 0x08, 0x4F, 0xBC, 0x06,
0x0B, 0x8B, 0x12, 0x5C, 0xCC, 0x88, 0xAC, 0x85,
0xAC, 0x5F, 0xE3, 0x16, 0x8A, 0xCB, 0x05, 0x9B,
0x3F, 0x11, 0x9C, 0x4E, 0x05, 0x0A, 0x20, 0x73,
0x2F, 0x50, 0x1B, 0xB9, 0xB3, 0xE6, 0x87, 0xC8,
0x46, 0xB5, 0xC2, 0x65, 0x3F, 0x88, 0x86, 0x37,
0x3E, 0x10, 0x04, 0xA2, 0xAB, 0x8D, 0x1B, 0xB9,
0x70, 0xA7, 0xE5, 0x71, 0xD8, 0xA4, 0x6E, 0xE8,
0x1B, 0x78, 0x2F, 0x26, 0x94, 0x2D, 0xD3, 0x94,
0xFD, 0xD9, 0xA5, 0xE4, 0xC5, 0x63, 0x1D, 0x98,
0x55, 0x28, 0x60, 0x4B, 0x1C, 0xC9, 0x76, 0x27,
0x5B, 0x6A, 0xC8, 0xA6, 0x7C, 0xEE, 0xC1, 0x0F,
0xFA, 0xCB, 0xBA, 0x3D, 0x3B, 0xB1, 0x41, 0x32,
0x1D, 0xFC, 0x3C, 0x92, 0x31, 0xFC, 0x96, 0xE4,
0x48, 0xB9, 0xAB, 0x84, 0x70, 0x21, 0xE2, 0xC8,
0xD9, 0x0C, 0x6B, 0xCA, 0xF2, 0xB1, 0x24, 0x07,
0x83, 0xB6, 0x2C, 0x79, 0xDE, 0xDC, 0x07, 0x2A,
0x57, 0x63, 0xE6, 0x60, 0xAF, 0x2C, 0x27, 0xC3,
0xF0, 0xC3, 0xC0, 0x92, 0x07, 0xCA, 0xD9, 0x90,
0xBB, 0x41, 0xA7, 0xBF, 0xCE, 0xC9, 0x9F, 0x51,
0x59, 0x6A, 0x0E, 0x83, 0x77, 0x8F, 0x85, 0xC0,
0x06, 0xAC, 0x6D, 0x1F, 0xE9, 0x81, 0xB4, 0xC4,
0xBA, 0x1C, 0xB5, 0x75, 0xA7, 0xD0, 0x7A, 0xE2,
0xD3, 0x1B, 0xA7, 0x60, 0x09, 0x5F, 0x74, 0xBC,
0x16, 0x38, 0x41, 0xCF, 0x8F, 0xF7, 0x7F, 0x89,
0x4A, 0xBC, 0x6D, 0x26, 0x1E, 0xD8, 0x7A, 0x45,
0x30, 0x36, 0x3B, 0x94, 0x9C, 0x4A, 0xD2, 0x4E,
0xFB, 0x3A, 0x56, 0x80, 0x94, 0x78, 0xDD, 0xA2
};
static const byte seed_768[KYBER_ENC_RAND_SZ] = {
0x40, 0xBE, 0x9D, 0xCA, 0xC1, 0x6E, 0x9C, 0xA7,
0x3D, 0x49, 0xD0, 0xC8, 0x3F, 0x9D, 0x3D, 0x89,
0xBB, 0x71, 0x57, 0x4A, 0x42, 0x19, 0xA0, 0xF3,
0x93, 0xDF, 0xEC, 0xE2, 0x98, 0x83, 0x94, 0xC4
};
static const byte c_768[KYBER768_CIPHER_TEXT_SIZE] = {
0x77, 0x8D, 0x6B, 0x03, 0x79, 0x1A, 0xCA, 0xF5,
0x6C, 0xAA, 0xFC, 0xC7, 0x8C, 0xEE, 0x5C, 0xBC,
0xA1, 0xDE, 0x87, 0x37, 0xE9, 0xC7, 0xFF, 0x4A,
0xE5, 0xF3, 0x84, 0xD3, 0x44, 0xE0, 0x82, 0x23,
0xC7, 0x4C, 0x82, 0x4C, 0xB5, 0x84, 0x85, 0x20,
0x51, 0x7C, 0x7F, 0x0E, 0xA0, 0x64, 0x5E, 0xB6,
0xF8, 0x89, 0x51, 0x7A, 0xE5, 0x21, 0x6B, 0x0C,
0xF4, 0x1D, 0xDC, 0x3F, 0x0D, 0x1D, 0xF9, 0xBC,
0x6E, 0x4D, 0xEC, 0xB2, 0x36, 0xA5, 0xEA, 0x8B,
0x21, 0x4F, 0x64, 0x26, 0x6D, 0x3C, 0xDE, 0x08,
0xE0, 0xCB, 0x00, 0xE5, 0xD9, 0x1F, 0x58, 0x67,
0x06, 0xB1, 0xEE, 0x53, 0x3D, 0x20, 0x47, 0x6F,
0x44, 0x23, 0xB7, 0x8F, 0x91, 0x6B, 0x17, 0x26,
0xEE, 0xEA, 0x95, 0x9F, 0xFB, 0x9A, 0xC6, 0x34,
0xD0, 0x4A, 0x94, 0xD0, 0x99, 0x23, 0xCB, 0x0D,
0x4E, 0x73, 0x0C, 0xCA, 0x41, 0x44, 0xE7, 0xC4,
0x88, 0x49, 0x21, 0x65, 0x2D, 0xA4, 0x92, 0x8C,
0x68, 0xE6, 0x44, 0xF6, 0x73, 0xCF, 0xC5, 0x7D,
0x3E, 0x87, 0xCF, 0x5B, 0xE5, 0x81, 0xA8, 0x9F,
0x9C, 0xB8, 0xF0, 0xFC, 0xE2, 0x78, 0x2D, 0x68,
0x1E, 0x5C, 0xE8, 0x8A, 0xF5, 0x84, 0x58, 0xC3,
0xD6, 0x3D, 0x80, 0x75, 0x72, 0xDE, 0x5A, 0xA8,
0xE1, 0xFA, 0xF2, 0xDC, 0xD1, 0x4E, 0xDB, 0x73,
0x49, 0x56, 0x5B, 0x7D, 0x32, 0x71, 0xDD, 0xBE,
0xB0, 0xB6, 0xCC, 0x7A, 0xFE, 0x08, 0x63, 0x57,
0x84, 0x31, 0x11, 0x59, 0x73, 0x3C, 0x46, 0xE5,
0xFD, 0xC5, 0xE0, 0xCD, 0x36, 0xCE, 0x56, 0x85,
0xAC, 0xFB, 0x1A, 0xFE, 0x50, 0xAB, 0xB4, 0x6F,
0x44, 0x75, 0x21, 0xE6, 0x0D, 0x9C, 0x8F, 0x0E,
0x4C, 0xA2, 0x8C, 0x19, 0x0A, 0xBB, 0x40, 0xC3,
0x65, 0xF4, 0x12, 0x47, 0x1E, 0x95, 0xA8, 0xEA,
0x39, 0x6D, 0x4B, 0xD8, 0x07, 0x0E, 0xEB, 0x1F,
0x02, 0xB0, 0x7C, 0x82, 0x53, 0x67, 0xAA, 0x1E,
0xC0, 0xF1, 0x0C, 0x38, 0x62, 0x41, 0x6B, 0xB2,
0x1A, 0xD6, 0xCA, 0x74, 0x8A, 0x86, 0xE9, 0x82,
0x9E, 0xFC, 0x1A, 0x04, 0x99, 0x09, 0x3C, 0x85,
0x17, 0x6D, 0x37, 0xF5, 0x74, 0xC7, 0x5C, 0xF5,
0xED, 0xFA, 0x8D, 0x92, 0x0D, 0x32, 0x68, 0xCB,
0x34, 0xC6, 0xA4, 0xBB, 0x00, 0x02, 0x86, 0x9B,
0xC0, 0x5D, 0x7C, 0x8F, 0xCC, 0x06, 0x58, 0xD4,
0xA0, 0x1E, 0xAC, 0xD7, 0x45, 0x57, 0xA3, 0x7D,
0x98, 0xA7, 0x63, 0x07, 0x47, 0x52, 0xDF, 0xDD,
0x64, 0x29, 0x88, 0x1C, 0xAF, 0xF5, 0x77, 0xD3,
0xA0, 0x48, 0x03, 0x1B, 0xD5, 0x2C, 0x4E, 0x97,
0x26, 0x39, 0x85, 0x90, 0xF9, 0x51, 0x9F, 0xD5,
0x94, 0x05, 0xD6, 0xB3, 0xC3, 0x07, 0xAF, 0xCB,
0x16, 0x8A, 0x98, 0x57, 0x85, 0xD9, 0x54, 0xA6,
0xD1, 0xDC, 0x1E, 0xA9, 0x2E, 0x1E, 0xB6, 0xF9,
0x46, 0xA4, 0xD9, 0x9D, 0xD6, 0xCA, 0x30, 0x7A,
0xBF, 0xD8, 0x36, 0x2F, 0xAB, 0xA9, 0x8B, 0xB2,
0x64, 0xC6, 0x9C, 0x5F, 0x55, 0x5D, 0x60, 0x88,
0x3C, 0xC5, 0x60, 0x19, 0xFE, 0xB4, 0xE8, 0x00,
0x0C, 0x48, 0xB7, 0xE6, 0x8C, 0xD6, 0x67, 0xF0,
0x0B, 0x52, 0x50, 0xCE, 0xF2, 0x93, 0xA4, 0xA9,
0xE7, 0x78, 0x72, 0x6E, 0x62, 0xF1, 0x20, 0x36,
0x1E, 0x21, 0xAB, 0x31, 0x40, 0x46, 0x4C, 0xDC,
0x6A, 0xBD, 0xE9, 0xEA, 0x05, 0x19, 0x8D, 0x8B,
0x3B, 0xB6, 0x71, 0xB9, 0x11, 0x1A, 0x2F, 0x31,
0x75, 0x82, 0x84, 0x7C, 0xA5, 0x01, 0x56, 0x64,
0xF2, 0x2C, 0xDB, 0x08, 0xC1, 0x43, 0x18, 0x7B,
0xDE, 0x21, 0x29, 0xB5, 0x4F, 0x34, 0x16, 0x02,
0x95, 0xD7, 0x5F, 0xE9, 0xA4, 0x94, 0xFD, 0x7E,
0x67, 0xAA, 0xA7, 0x6B, 0x57, 0xAA, 0xFF, 0xD8,
0x9D, 0x01, 0xA7, 0x1D, 0xF5, 0xC8, 0x15, 0x86,
0x20, 0x29, 0x8D, 0x58, 0x2B, 0xBE, 0xFA, 0x6D,
0x09, 0xAC, 0x41, 0x2A, 0x99, 0xAA, 0x3B, 0xE9,
0xC3, 0x83, 0x50, 0x49, 0x48, 0xC4, 0x3D, 0xD5,
0xAF, 0x41, 0x27, 0xB1, 0x43, 0x58, 0x04, 0xF4,
0x4B, 0xAF, 0xA1, 0x42, 0xBF, 0xC2, 0xA9, 0x5D,
0x95, 0xFB, 0x2E, 0xF0, 0x64, 0x1A, 0xBE, 0x71,
0x06, 0x4D, 0xE5, 0x1D, 0x6B, 0x9E, 0xC5, 0x08,
0x57, 0xB8, 0xEE, 0xF7, 0xF4, 0x80, 0x36, 0x31,
0x3D, 0x0E, 0x93, 0x67, 0x63, 0xB8, 0xF7, 0xBD,
0xE6, 0x9B, 0x06, 0x4D, 0xD5, 0x76, 0x1D, 0x80,
0xEA, 0x6F, 0x1A, 0x8B, 0x37, 0x56, 0x57, 0x53,
0xC5, 0x79, 0xBB, 0xB8, 0x95, 0xEF, 0xB9, 0xFC,
0xB3, 0xFC, 0x5F, 0xA3, 0x36, 0x2E, 0x37, 0x74,
0xF0, 0xF7, 0x71, 0x40, 0xB9, 0x73, 0xCA, 0xE5,
0x87, 0xBA, 0xD2, 0xF3, 0xB5, 0x66, 0xA9, 0xC2,
0x5A, 0x96, 0x93, 0x47, 0xE5, 0xC5, 0x4F, 0x87,
0xF1, 0x10, 0x5E, 0x9C, 0x07, 0x48, 0x67, 0xD9,
0x40, 0x77, 0xCC, 0xAE, 0x3A, 0xBE, 0xA5, 0x45,
0x20, 0xED, 0xB5, 0x1D, 0x9D, 0xAA, 0xBE, 0x78,
0x48, 0xE7, 0x8F, 0xDF, 0x66, 0xE0, 0x7E, 0x2E,
0x22, 0xB3, 0x02, 0x51, 0x93, 0x1E, 0x89, 0x0B,
0xAF, 0x1F, 0x5E, 0x17, 0x7D, 0x4D, 0x9C, 0xEC,
0x9E, 0x49, 0x69, 0x48, 0x1F, 0xD7, 0xC1, 0x33,
0x5A, 0x0E, 0xD5, 0x87, 0x9F, 0x34, 0xEF, 0x4B,
0xB4, 0xF6, 0x6C, 0x28, 0x80, 0x3C, 0xEA, 0x16,
0x2B, 0xA4, 0x61, 0x50, 0x6D, 0x52, 0xEB, 0x3A,
0xE1, 0x69, 0x51, 0x92, 0x2B, 0x06, 0x82, 0x51,
0x86, 0xC3, 0xD4, 0xCE, 0x1B, 0x51, 0xF3, 0xC9,
0x2F, 0x3C, 0x52, 0xF2, 0xD0, 0x4D, 0x1F, 0x13,
0xB2, 0xB1, 0x7C, 0x9E, 0xEB, 0x88, 0x2C, 0xCE,
0x0E, 0xB8, 0x8B, 0x7E, 0xA9, 0xA1, 0xCE, 0x4E,
0x37, 0x41, 0x5C, 0xC8, 0x4C, 0x7B, 0xC4, 0x36,
0xA4, 0x62, 0x83, 0x86, 0xCC, 0x77, 0xD9, 0xAF,
0xD2, 0x07, 0x91, 0x1B, 0xD9, 0xBF, 0xD8, 0xA7,
0xFA, 0x05, 0xC2, 0x75, 0xBE, 0x0C, 0x4C, 0x6A,
0x8F, 0xC0, 0xA6, 0x1B, 0xDA, 0x1D, 0x67, 0xAE,
0x33, 0xB5, 0x31, 0x0B, 0xE1, 0x29, 0x0D, 0xC7,
0x1C, 0x14, 0x18, 0xEB, 0x57, 0x44, 0xBF, 0x28,
0x42, 0xC1, 0x65, 0x21, 0x73, 0xA4, 0x9A, 0x69,
0x2E, 0x71, 0xFE, 0x43, 0x25, 0x8A, 0x20, 0x5B,
0x3C, 0xAA, 0xB9, 0x0C, 0x03, 0x04, 0xA5, 0x1E,
0x77, 0xD0, 0x1B, 0x40, 0x4A, 0x01, 0xFA, 0xE2,
0xF8, 0x3A, 0xB8, 0x0C, 0x5D, 0xBF, 0x6C, 0xF5,
0x18, 0xC0, 0x01, 0xF4, 0x6A, 0x63, 0x3F, 0xA1,
0x69, 0xB1, 0xBD, 0xB7, 0x7A, 0x9D, 0x0B, 0x1E,
0x0C, 0x00, 0x78, 0x35, 0xC0, 0x9F, 0x6A, 0xBB,
0xA9, 0x6F, 0x3F, 0x53, 0x56, 0x4D, 0xA5, 0x08,
0xEE, 0x88, 0x61, 0xA4, 0x83, 0xA8, 0x17, 0x49,
0xD4, 0xA4, 0x46, 0x72, 0xB1, 0xEF, 0x16, 0x05,
0xF2, 0x9D, 0x16, 0x8B, 0x74, 0xB7, 0x36, 0xB4,
0xF1, 0x35, 0x01, 0xD7, 0xAD, 0x12, 0x13, 0x11,
0x8A, 0x78, 0x32, 0xE6, 0x66, 0xA5, 0x0B, 0xE8,
0x01, 0x0D, 0x54, 0x32, 0x2A, 0x52, 0x6C, 0xF7,
0xA4, 0xE5, 0x43, 0xA7, 0x9D, 0x0D, 0x98, 0xE0,
0x04, 0xFB, 0xEC, 0x76, 0xEA, 0x3F, 0x7E, 0x88,
0x7B, 0xDB, 0xAF, 0x50, 0xDA, 0xDF, 0xDD, 0xDF,
0x3F, 0xFE, 0xCF, 0x6D, 0x3F, 0x77, 0xEA, 0x4B,
0x9B, 0x16, 0xDC, 0x75, 0x4F, 0x4A, 0x68, 0xE5,
0xEF, 0x32, 0xF6, 0xA1, 0x37, 0xE7, 0xC9, 0xE3,
0xC3, 0xE8, 0xC2, 0xE2, 0x36, 0xC7, 0xEB, 0xC4,
0x5D, 0x46, 0xEC, 0x16, 0x77, 0xA5, 0xA8, 0xBB,
0x26, 0x68, 0x44, 0x3B, 0x0B, 0xE8, 0x69, 0x3D,
0xC2, 0x57, 0xF1, 0x3D, 0x8B, 0x9A, 0x90, 0x10,
0x0B, 0x92, 0xB4, 0xD1, 0x76, 0x1B, 0x81, 0x96,
0x73, 0x83, 0x2C, 0x32, 0x02, 0x06, 0x71, 0xBF,
0xB3, 0xD0, 0x22, 0x0A, 0x36, 0x3E, 0x4B, 0xED,
0x6D, 0x64, 0x9D, 0x3F, 0x73, 0x68, 0xCF, 0xE0,
0x81, 0xE1, 0x96, 0xA4, 0x3D, 0x47, 0x08, 0x79,
0x8E, 0x31, 0xBB, 0x2A, 0x2F, 0x61, 0x82, 0x46,
0x74, 0xAB, 0xA2, 0xFC, 0x9D, 0xCD, 0x05, 0xDB,
0x84, 0xB8, 0x62, 0x7A, 0xE1, 0x14, 0x88, 0x88,
0x6F, 0x92, 0x1B, 0xC7, 0x9A, 0xE1, 0xFD, 0x03
};
static const byte k_768[KYBER_SS_SZ] = {
0x61, 0x6E, 0x0B, 0x75, 0x3A, 0x3B, 0x7F, 0x40,
0xFE, 0xF9, 0xA3, 0x89, 0xF5, 0x8F, 0x16, 0xBF,
0xBB, 0x04, 0x62, 0x29, 0x41, 0xD2, 0x46, 0x4B,
0xDA, 0xE7, 0x67, 0x82, 0x0D, 0xFA, 0xC3, 0x8E
};
#endif
#ifndef WOLFSSL_NO_KYBER1024
static const byte ek_1024[KYBER1024_PUBLIC_KEY_SIZE] = {
0x27, 0x66, 0x9A, 0x66, 0x76, 0x67, 0xB8, 0xD5,
0x46, 0x68, 0x58, 0x60, 0x22, 0x60, 0x11, 0x5B,
0x62, 0x09, 0xBC, 0x2C, 0x45, 0xDF, 0x7A, 0x4E,
0x64, 0x93, 0x2B, 0x75, 0xC7, 0x8B, 0x9F, 0x70,
0x83, 0xF1, 0x31, 0xBC, 0xD4, 0xE2, 0x0E, 0xFF,
0x8C, 0xCF, 0x69, 0x73, 0x6B, 0xDB, 0xC8, 0x84,
0x06, 0xF9, 0xB6, 0x9A, 0xD3, 0xCE, 0x35, 0x6A,
0x0F, 0x5E, 0x67, 0x6D, 0xD0, 0xA7, 0xC4, 0xAB,
0xB1, 0xA1, 0xC9, 0xD6, 0x20, 0x21, 0xBB, 0x38,
0x4A, 0x40, 0x14, 0xFB, 0x04, 0xCD, 0x2F, 0x82,
0x18, 0x90, 0xD9, 0x04, 0x27, 0xC4, 0x9F, 0x4A,
0x62, 0x8E, 0xCE, 0xC2, 0x73, 0x1F, 0xAC, 0x02,
0x52, 0x37, 0x36, 0x0D, 0x58, 0x2C, 0xD0, 0x66,
0x47, 0xB1, 0x10, 0x9A, 0xA6, 0xC2, 0xAC, 0x5D,
0x43, 0x37, 0x58, 0xC1, 0xCA, 0xA5, 0x35, 0x55,
0xFF, 0xF5, 0x77, 0xEB, 0xB5, 0x21, 0xFB, 0xE3,
0x2D, 0x10, 0xF7, 0x90, 0x60, 0x4C, 0x53, 0xC2,
0xF8, 0x2C, 0x17, 0xB0, 0x8E, 0xF3, 0x62, 0x56,
0x74, 0x21, 0x48, 0x44, 0x90, 0x6D, 0xB3, 0xFB,
0x95, 0x20, 0x03, 0x14, 0x22, 0xA1, 0x3B, 0xD7,
0x61, 0x2D, 0x42, 0x01, 0xC2, 0x7D, 0x15, 0xB9,
0xD1, 0x94, 0x83, 0x0C, 0xC3, 0x66, 0x9B, 0xB8,
0xBA, 0x34, 0xC2, 0x52, 0x37, 0x64, 0x41, 0x39,
0x71, 0xC4, 0x0D, 0x84, 0xAE, 0xE6, 0x56, 0x75,
0xD5, 0x21, 0x53, 0x09, 0xDA, 0x83, 0x67, 0xF0,
0x01, 0x49, 0x75, 0x46, 0xEC, 0xE0, 0x7C, 0xBF,
0x00, 0x2D, 0x78, 0x1B, 0x83, 0x06, 0x82, 0x48,
0x40, 0x80, 0xAD, 0x6F, 0x95, 0x58, 0xB3, 0x6B,
0x6B, 0xF6, 0x10, 0x91, 0x71, 0x30, 0xB7, 0x41,
0x9B, 0x39, 0xF8, 0x50, 0x29, 0x62, 0x12, 0x64,
0xCF, 0x2C, 0x8A, 0xE4, 0xD8, 0x08, 0x38, 0x7B,
0x20, 0xCC, 0x5A, 0xA0, 0xB9, 0x69, 0xC3, 0x9B,
0xC8, 0x0E, 0x6C, 0xB9, 0xCA, 0x03, 0x51, 0xA3,
0xF6, 0x0A, 0xCE, 0xAF, 0x12, 0xBD, 0x41, 0xFA,
0x09, 0x96, 0xE3, 0x99, 0x06, 0xA9, 0xB6, 0x16,
0x97, 0xB7, 0x47, 0xC2, 0x03, 0x1C, 0x76, 0x02,
0x88, 0x36, 0x44, 0x57, 0x42, 0x5B, 0xBB, 0xB4,
0x0F, 0x48, 0x98, 0xAD, 0x08, 0x58, 0x76, 0x60,
0x8A, 0x77, 0xA5, 0xEB, 0x9D, 0x12, 0x4B, 0xC9,
0x92, 0x26, 0x51, 0xB7, 0x63, 0x95, 0x88, 0x15,
0x58, 0xCA, 0xD0, 0x6F, 0x3C, 0x4B, 0xCF, 0x08,
0xE4, 0x5B, 0x67, 0xBA, 0x51, 0x60, 0x38, 0xA3,
0x64, 0xB7, 0x74, 0x0E, 0x97, 0x40, 0xEE, 0x2B,
0x93, 0xC5, 0xC6, 0x5F, 0x49, 0x02, 0x0A, 0xD4,
0x2B, 0x3C, 0x0A, 0xEA, 0x5B, 0xF2, 0x42, 0xA4,
0xF1, 0xB0, 0x89, 0xB5, 0xA3, 0x45, 0x8B, 0xE8,
0xA3, 0x71, 0xCA, 0x1F, 0x29, 0x3C, 0x53, 0xF2,
0x78, 0x0E, 0xCE, 0x28, 0x12, 0x93, 0xD9, 0x91,
0xE6, 0xE5, 0x79, 0x04, 0x2B, 0xAB, 0xC1, 0x69,
0x72, 0x4F, 0x10, 0x68, 0x1F, 0xD1, 0xC7, 0xD2,
0xFB, 0x16, 0x48, 0xB0, 0xBF, 0x80, 0x81, 0x8A,
0x7D, 0xD3, 0xB7, 0x09, 0x73, 0x4D, 0x38, 0x97,
0x2E, 0x3E, 0x44, 0x87, 0x5A, 0xF0, 0x92, 0x7A,
0x9A, 0xAD, 0xE8, 0x26, 0x13, 0xFC, 0xA0, 0x5E,
0xE5, 0xB3, 0x21, 0x06, 0x47, 0xA5, 0x63, 0x2A,
0xA1, 0x70, 0xD0, 0x9E, 0x70, 0xB5, 0x6A, 0x2F,
0x04, 0x33, 0x7A, 0x33, 0x7E, 0xE9, 0x52, 0x38,
0x3A, 0x1A, 0x8A, 0xEE, 0xA6, 0xCD, 0xB9, 0x0C,
0xCD, 0x86, 0xA8, 0x18, 0xD1, 0xBB, 0x39, 0x46,
0x5B, 0xA3, 0x13, 0xD2, 0x66, 0xBB, 0xB1, 0x05,
0x81, 0xFA, 0x18, 0x7D, 0x92, 0x6A, 0xC3, 0xA8,
0xB7, 0x49, 0xF6, 0x44, 0x45, 0xFA, 0xB5, 0x6C,
0x99, 0x27, 0x55, 0x57, 0x93, 0xFB, 0x4A, 0xCF,
0xB0, 0x39, 0xB1, 0xAA, 0x54, 0x3B, 0x1B, 0x87,
0xAE, 0x6A, 0x49, 0xAB, 0x56, 0x29, 0x33, 0xC4,
0xC9, 0x7B, 0xD7, 0x4C, 0x07, 0xBF, 0x29, 0x85,
0x1A, 0x46, 0x98, 0x51, 0xA9, 0x82, 0x59, 0x55,
0x96, 0xFE, 0x7A, 0xCA, 0xE0, 0xDB, 0x23, 0x53,
0x30, 0x28, 0xAA, 0x34, 0x67, 0x6F, 0x7A, 0x9B,
0x29, 0x26, 0x3E, 0x7A, 0xA2, 0x79, 0x00, 0x10,
0x4B, 0x1B, 0xA1, 0xB5, 0x67, 0x47, 0x39, 0xB2,
0xFC, 0x4E, 0xD8, 0xA3, 0x30, 0xBB, 0xA5, 0xA0,
0xB6, 0x24, 0x7C, 0x63, 0xF1, 0x15, 0x3D, 0xA0,
0x1D, 0xC8, 0xF6, 0x16, 0xF1, 0x04, 0x83, 0xA6,
0x93, 0xA6, 0x34, 0xC1, 0xBA, 0x6A, 0xE1, 0xAB,
0x2F, 0x16, 0x34, 0x00, 0xBB, 0x57, 0x71, 0xE7,
0x01, 0x71, 0xFC, 0xB5, 0x41, 0x55, 0xAB, 0xFC,
0xB2, 0x04, 0x4F, 0xCB, 0x30, 0xBA, 0xD6, 0x7F,
0x74, 0x21, 0x83, 0x86, 0x18, 0x19, 0xED, 0xB1,
0xAA, 0x6C, 0x77, 0x1F, 0xC8, 0xE1, 0x1A, 0x92,
0xE0, 0x8B, 0x71, 0xF4, 0x0D, 0x03, 0x6C, 0x15,
0xD2, 0x89, 0x6A, 0x20, 0x47, 0x25, 0xBA, 0x90,
0xA0, 0x3B, 0x47, 0x8D, 0x98, 0xC4, 0x90, 0x84,
0x38, 0x2F, 0x1D, 0x22, 0x3F, 0xE1, 0x29, 0x80,
0xE9, 0x47, 0xA4, 0x15, 0xE5, 0x5F, 0xE6, 0x7B,
0x85, 0xDA, 0x40, 0x44, 0x13, 0x42, 0x44, 0x5B,
0x46, 0xC2, 0xFC, 0x42, 0x02, 0x0D, 0x04, 0x76,
0x9A, 0x2A, 0x1C, 0x64, 0x64, 0x1F, 0x0C, 0x36,
0x63, 0x6B, 0xA6, 0xC4, 0x65, 0x2B, 0x26, 0x7A,
0x4B, 0x92, 0x19, 0xE3, 0x33, 0xA0, 0x68, 0x17,
0xB5, 0x81, 0x7B, 0x6E, 0x6C, 0xC4, 0x85, 0xE3,
0x52, 0x61, 0x41, 0x69, 0xAB, 0xC2, 0x0E, 0x18,
0x91, 0xB7, 0xA0, 0x00, 0xC5, 0x2A, 0xF1, 0x5A,
0x7B, 0x90, 0x4C, 0x97, 0x6C, 0x1B, 0xFD, 0x3A,
0x23, 0x77, 0xEB, 0x76, 0xB5, 0x50, 0x33, 0xC7,
0xC4, 0xC6, 0x9E, 0x71, 0x74, 0xAA, 0xF2, 0x77,
0x15, 0x75, 0x63, 0x16, 0xCA, 0xCC, 0xCE, 0x63,
0xA5, 0xA2, 0x24, 0x35, 0xC7, 0xD1, 0x02, 0x04,
0x43, 0xAA, 0x71, 0x69, 0x3B, 0xF0, 0x62, 0x30,
0x3D, 0x13, 0x33, 0x1F, 0x79, 0x54, 0x24, 0xC2,
0x0D, 0x26, 0x6C, 0x1D, 0x90, 0x30, 0x5F, 0xC8,
0xC2, 0x53, 0x66, 0x84, 0xA9, 0x3D, 0x50, 0x6D,
0xE6, 0x32, 0x9B, 0x61, 0x62, 0x40, 0x59, 0x99,
0xBD, 0x5C, 0xAA, 0x7D, 0xDB, 0x96, 0x13, 0xC8,
0x23, 0x8C, 0xC6, 0xD3, 0x35, 0xA1, 0xEB, 0x40,
0x82, 0xE7, 0x71, 0x0D, 0x07, 0x9F, 0x87, 0xA4,
0xBF, 0xF6, 0x47, 0x8B, 0x5F, 0x0C, 0x58, 0x77,
0x86, 0xAF, 0x42, 0x71, 0x92, 0xD9, 0xA3, 0x4A,
0x4F, 0xA3, 0x3B, 0xF0, 0xD3, 0xCC, 0x58, 0xFB,
0x46, 0x3B, 0x48, 0x38, 0xCA, 0x2C, 0x33, 0x7E,
0x65, 0x39, 0x7D, 0xA1, 0x56, 0x90, 0xC5, 0x2A,
0xC0, 0xE5, 0x46, 0x8B, 0xDC, 0x03, 0xDF, 0x5A,
0x62, 0xF7, 0x02, 0x09, 0x34, 0xE2, 0x67, 0xE0,
0xF7, 0xCF, 0x95, 0x59, 0x94, 0x35, 0xF9, 0x52,
0xFA, 0xB7, 0x4C, 0xFE, 0xB4, 0x30, 0x8B, 0x17,
0x3F, 0x12, 0xE0, 0x73, 0xF7, 0xF0, 0x40, 0xDB,
0x4C, 0x63, 0xC1, 0xC4, 0x8A, 0x7B, 0x7A, 0x41,
0xF4, 0x77, 0x9A, 0x6B, 0x57, 0xA9, 0x22, 0xC9,
0x70, 0x77, 0x11, 0x80, 0x00, 0x84, 0x93, 0xD4,
0xC7, 0x68, 0x05, 0x40, 0x0B, 0x7C, 0x66, 0x4D,
0x0B, 0x92, 0xB2, 0x2C, 0x49, 0x55, 0x1B, 0x12,
0x47, 0xE6, 0x2C, 0x85, 0xE1, 0xE5, 0x40, 0xC8,
0x20, 0x93, 0x37, 0x10, 0x13, 0xC4, 0x67, 0x6C,
0xEA, 0xD7, 0x7C, 0x5F, 0x30, 0x64, 0xA3, 0x73,
0x49, 0xC7, 0x16, 0x5E, 0xB3, 0xAA, 0x7D, 0xEF,
0x87, 0x31, 0xE9, 0xD6, 0x6A, 0x56, 0x36, 0x8F,
0x19, 0x5C, 0x04, 0x5B, 0x2A, 0x50, 0xE5, 0x97,
0x86, 0x16, 0x1A, 0x63, 0x0D, 0x28, 0x00, 0x89,
0x80, 0x12, 0x98, 0xC1, 0x30, 0xE4, 0x48, 0x31,
0x50, 0xCA, 0x91, 0x52, 0xC2, 0xA0, 0xF2, 0x47,
0x75, 0x0C, 0x06, 0x22, 0x59, 0xB8, 0x4C, 0x28,
0x23, 0x6C, 0x3F, 0xB5, 0x46, 0x25, 0xD5, 0xCD,
0xBE, 0xCC, 0x68, 0xDB, 0xA2, 0x2F, 0xB1, 0x55,
0x80, 0x55, 0xFB, 0x9B, 0x24, 0x35, 0x01, 0xC7,
0x58, 0x51, 0xE7, 0x6A, 0xBE, 0x48, 0x47, 0xB9,
0xB9, 0x72, 0xA7, 0x34, 0x11, 0xA6, 0xB4, 0x28,
0x2B, 0xF5, 0x98, 0x3A, 0x82, 0xDA, 0x74, 0x13,
0xE5, 0x4B, 0xA3, 0x5B, 0xAB, 0x37, 0xA9, 0xB3,
0xC6, 0x28, 0x84, 0xB6, 0x43, 0xC1, 0x34, 0x16,
0x5C, 0x98, 0x70, 0xC6, 0xBB, 0x39, 0x0F, 0x6B,
0x7A, 0x1E, 0x57, 0x45, 0x15, 0x8F, 0xB2, 0x51,
0xD6, 0x90, 0x94, 0x33, 0x55, 0x1F, 0xEB, 0xD3,
0x0B, 0xA5, 0x75, 0xA1, 0xE2, 0xF1, 0x09, 0x58,
0x49, 0x8D, 0x9F, 0x14, 0x7E, 0xD9, 0x53, 0x13,
0x22, 0xA1, 0x60, 0x97, 0xF5, 0x5D, 0x81, 0x17,
0x95, 0x45, 0x79, 0x12, 0x91, 0x2B, 0x1C, 0x65,
0xF3, 0x80, 0x25, 0x42, 0x9B, 0x3E, 0x76, 0x4A,
0x2E, 0x1A, 0xBC, 0x4E, 0x30, 0xC2, 0x88, 0x08,
0x27, 0x42, 0x99, 0x55, 0x90, 0x98, 0x1C, 0x43,
0xDB, 0xB3, 0x65, 0x96, 0x6B, 0xCB, 0x97, 0x20,
0xB1, 0x78, 0xC5, 0xEB, 0x96, 0x3B, 0x82, 0x93,
0x4C, 0x02, 0x81, 0x4B, 0x75, 0x25, 0x54, 0x6D,
0xB7, 0xC9, 0x6D, 0x65, 0x82, 0x2E, 0x49, 0x42,
0xE4, 0xA4, 0xAC, 0x13, 0xC9, 0x94, 0x90, 0xE7,
0xAB, 0x4A, 0x70, 0x23, 0x71, 0xF2, 0x13, 0x16,
0xA5, 0x79, 0x06, 0xB1, 0x92, 0x58, 0x42, 0x88,
0x01, 0x19, 0x25, 0x67, 0xC2, 0x04, 0x5B, 0xF8,
0x77, 0x5C, 0xF5, 0x8C, 0x5D, 0xB2, 0x8B, 0xA1,
0xB0, 0x5E, 0x04, 0x2A, 0x18, 0x59, 0xE6, 0x42,
0x86, 0xB5, 0xB1, 0x14, 0xF3, 0x9F, 0xCA, 0xCC,
0x12, 0x7B, 0xE6, 0x3D, 0xFF, 0x59, 0x0B, 0xC1,
0x84, 0xB8, 0x3B, 0x16, 0x8C, 0x30, 0x19, 0x98,
0x90, 0x37, 0x41, 0x00, 0xE4, 0x0D, 0x2F, 0xC7,
0x75, 0x2B, 0x14, 0x30, 0x35, 0x50, 0x22, 0xF3,
0xD5, 0x89, 0x25, 0xD1, 0x99, 0x1B, 0xF3, 0xB9,
0x8A, 0x90, 0x39, 0x5F, 0x85, 0x79, 0x64, 0x6C,
0x84, 0x13, 0xBA, 0xB3, 0xC0, 0xC0, 0x70, 0x7A,
0x23, 0x8A, 0x27, 0xD0, 0x9F, 0xA5, 0x7A, 0x32,
0xFF, 0x85, 0x39, 0x2F, 0xD0, 0x8C, 0x2F, 0x22,
0x86, 0xAB, 0xDB, 0x2B, 0x69, 0x36, 0xB9, 0xD3,
0x50, 0x38, 0x02, 0xC6, 0xB5, 0x1E, 0x41, 0x5B,
0x81, 0x67, 0x3C, 0xC7, 0x80, 0x54, 0xF1, 0xB2,
0xC4, 0xBD, 0xFA, 0x73, 0x3E, 0x52, 0x64, 0xC5,
0x5A, 0x7C, 0x4D, 0xA5, 0xB7, 0x39, 0x44, 0x40,
0x24, 0x62, 0x03, 0x3D, 0x08, 0xAE, 0x62, 0x0B,
0xD0, 0x56, 0x44, 0xB4, 0x77, 0xAB, 0x31, 0x5E,
0x93, 0x6D, 0x3F, 0x25, 0xB5, 0xBA, 0x7A, 0xC1,
0x9E, 0xB5, 0x59, 0xA5, 0xC1, 0x19, 0x5F, 0x56,
0x8B, 0x31, 0x3C, 0x26, 0x75, 0x09, 0x2E, 0x6D,
0xF5, 0x8F, 0xF3, 0x99, 0xC4, 0x2C, 0xAB, 0x63,
0x63, 0xAA, 0x03, 0x36, 0x91, 0xCB, 0x8C, 0xE0,
0x66, 0x99, 0xE7, 0x01, 0xF2, 0xB9, 0x25, 0x97,
0xCB, 0x8F, 0xC2, 0x35, 0x16, 0xE9, 0xF4, 0x0C,
0xE7, 0x5B, 0x7B, 0xC1, 0xE0, 0x52, 0x0A, 0x5A,
0x38, 0x95, 0xEB, 0x7D, 0x8D, 0x47, 0x40, 0x09,
0xA0, 0xCB, 0x0A, 0xDC, 0x2D, 0xF4, 0x76, 0xB5,
0x16, 0x41, 0x12, 0xC3, 0xB6, 0x00, 0xB6, 0x77,
0x6D, 0xAB, 0x49, 0xB2, 0x03, 0x81, 0xA4, 0x01,
0x46, 0x91, 0x65, 0x2A, 0x3C, 0x31, 0x61, 0xAA,
0xC6, 0x61, 0x6C, 0xFA, 0xA2, 0x65, 0x63, 0x8C,
0x6C, 0x66, 0x5A, 0x84, 0x54, 0xF3, 0x67, 0x80,
0xB7, 0x89, 0xCF, 0xA3, 0x5D, 0x2A, 0xF4, 0x9E,
0x6D, 0x5F, 0x48, 0x2B, 0xFA, 0x3C, 0x86, 0x4B,
0x0E, 0xF2, 0x9E, 0x18, 0xD2, 0xEF, 0xFF, 0x92,
0xDB, 0x18, 0x76, 0xA2, 0x20, 0x76, 0xAB, 0x1A,
0xAC, 0x0A, 0x73, 0x93, 0xED, 0x9E, 0x5A, 0x48
};
static const byte seed_1024[KYBER_ENC_RAND_SZ] = {
0x03, 0x4F, 0xF1, 0x4A, 0x56, 0x24, 0x9C, 0x25,
0x21, 0xD4, 0x27, 0x9E, 0xBA, 0x3D, 0x04, 0x93,
0x1C, 0xC8, 0x92, 0xBB, 0xC4, 0x50, 0x02, 0xB5,
0xB3, 0x3D, 0x9F, 0x01, 0x88, 0xAC, 0xBA, 0xF6
};
static const byte c_1024[KYBER1024_CIPHER_TEXT_SIZE] = {
0x8D, 0x4E, 0x2C, 0xB3, 0x9F, 0xFD, 0xE4, 0x31,
0x1A, 0xEE, 0xDB, 0x23, 0x38, 0xBF, 0x58, 0xCE,
0x11, 0xFA, 0xDA, 0xBD, 0xC9, 0x81, 0x3A, 0x32,
0x19, 0x30, 0xF4, 0x67, 0x56, 0xDD, 0x13, 0xA8,
0xE7, 0x91, 0x9F, 0xAC, 0x4F, 0x59, 0xCC, 0x9F,
0x8B, 0x91, 0xC8, 0x33, 0xB3, 0xB3, 0xF9, 0x1A,
0xDC, 0x6F, 0x9F, 0xBD, 0xBD, 0xE2, 0xF7, 0xDA,
0xE8, 0x84, 0x1B, 0xE5, 0x23, 0x8B, 0x98, 0x50,
0xA5, 0xEE, 0xBE, 0x67, 0x5D, 0xDE, 0xF4, 0x2A,
0x93, 0x14, 0xF6, 0x90, 0x59, 0x5D, 0x51, 0x52,
0x3E, 0x81, 0x17, 0xF2, 0x22, 0x66, 0x03, 0x4F,
0x09, 0xB7, 0x7D, 0x99, 0x1E, 0xE5, 0x75, 0x80,
0x2A, 0xFE, 0x44, 0x63, 0x74, 0xEB, 0x3D, 0x9E,
0x1B, 0xEB, 0x8F, 0x25, 0x04, 0x9C, 0x6E, 0xFA,
0x96, 0x32, 0x73, 0x66, 0xC0, 0x24, 0xCD, 0xFB,
0xE8, 0xDC, 0x27, 0xEF, 0x56, 0x49, 0x2C, 0x90,
0x40, 0x9E, 0x87, 0x13, 0x9C, 0x60, 0x88, 0x48,
0x8E, 0x17, 0xB8, 0x2D, 0x15, 0x56, 0xC2, 0x51,
0x31, 0xAC, 0xEE, 0x7D, 0xAF, 0xFE, 0x2D, 0x43,
0x7C, 0xEC, 0x34, 0x41, 0xBB, 0xBB, 0xAB, 0x80,
0xC4, 0xBF, 0x17, 0x7E, 0x65, 0x3A, 0xE0, 0x83,
0x1C, 0x9B, 0x4C, 0xEB, 0x70, 0x50, 0x57, 0x27,
0xD6, 0x3C, 0x4D, 0x47, 0x4F, 0xED, 0xC5, 0x20,
0x19, 0xBE, 0x41, 0x1C, 0x9A, 0x43, 0xB8, 0x71,
0x70, 0xF5, 0x89, 0x3F, 0x06, 0xEC, 0xD8, 0xD7,
0x82, 0x06, 0x3D, 0xF8, 0x93, 0xA1, 0xB6, 0x82,
0x24, 0x6D, 0x1C, 0x64, 0xF8, 0xF5, 0xA8, 0xC6,
0xFC, 0xDF, 0x07, 0x92, 0x7F, 0x4D, 0x5B, 0x7A,
0x39, 0x7F, 0xBC, 0xBD, 0x07, 0x50, 0x45, 0xDF,
0x2C, 0x4A, 0x36, 0xF5, 0x30, 0x4C, 0x95, 0xF4,
0x4A, 0xF9, 0x27, 0xAE, 0x91, 0x66, 0x42, 0x0B,
0x39, 0x44, 0x87, 0x94, 0xF5, 0xB3, 0xC3, 0x52,
0x27, 0xC3, 0xC9, 0xDF, 0x92, 0x56, 0x02, 0xA1,
0xAC, 0x98, 0xF8, 0x51, 0xAA, 0xDB, 0x65, 0xC9,
0x3F, 0xDD, 0x63, 0x27, 0xAE, 0xD8, 0xAE, 0x41,
0x29, 0x72, 0x44, 0x36, 0xA3, 0x3A, 0xA0, 0x8A,
0xA5, 0x66, 0x08, 0x85, 0x5F, 0xF8, 0x0A, 0xAA,
0x42, 0xAC, 0xA4, 0x56, 0x2B, 0x2D, 0x78, 0xDB,
0xBD, 0x2F, 0x91, 0xAE, 0xF2, 0x51, 0x56, 0x6B,
0x8C, 0x6F, 0x98, 0x21, 0x37, 0x84, 0xC9, 0x9D,
0xD7, 0xD7, 0x1F, 0x49, 0x55, 0x64, 0xC9, 0x08,
0x50, 0x1E, 0x35, 0xE3, 0xBF, 0xBB, 0x67, 0x5C,
0xCB, 0x66, 0x63, 0x52, 0x87, 0xCB, 0x64, 0x66,
0xE6, 0xE3, 0x8E, 0xA8, 0xAB, 0x11, 0xCE, 0x7E,
0xC6, 0x0B, 0xED, 0x86, 0x20, 0xB3, 0xDC, 0xD6,
0x94, 0x3D, 0x12, 0x79, 0xA4, 0x1F, 0x93, 0xA8,
0x7F, 0xA3, 0x59, 0xE5, 0x13, 0xC8, 0x1D, 0xE9,
0x18, 0xDA, 0x88, 0x32, 0x2B, 0x1B, 0x08, 0x81,
0x40, 0xE0, 0x74, 0xBE, 0x39, 0xBC, 0x17, 0xE3,
0xC5, 0x1A, 0xB7, 0x19, 0xDF, 0x6E, 0x42, 0x6D,
0x64, 0xFF, 0x94, 0xB8, 0x66, 0x2B, 0x9D, 0xD2,
0x6A, 0x32, 0xA3, 0xC3, 0x68, 0x7B, 0xF9, 0x29,
0x4C, 0x53, 0x7A, 0x22, 0x68, 0xF9, 0xDE, 0xD3,
0x80, 0xCC, 0x8A, 0x0F, 0x11, 0x27, 0xEE, 0x5A,
0x32, 0x2B, 0x4D, 0xF2, 0x4D, 0x87, 0xFB, 0xCE,
0x76, 0xF5, 0x60, 0xB0, 0x37, 0xC6, 0x59, 0xB6,
0xFB, 0x15, 0xC1, 0x56, 0x07, 0x1A, 0xED, 0xC2,
0x6E, 0xF1, 0x11, 0x40, 0xDE, 0x88, 0xD0, 0x8D,
0x46, 0x3E, 0xA0, 0xEA, 0xF0, 0x80, 0xA0, 0xB2,
0xE6, 0x27, 0xD9, 0xFF, 0x1D, 0x56, 0xC5, 0x02,
0x33, 0x55, 0x24, 0x26, 0x97, 0x27, 0xA0, 0x32,
0xDA, 0xCD, 0x16, 0x54, 0x3A, 0xDA, 0x83, 0x42,
0xCD, 0x6C, 0xB4, 0x0E, 0x72, 0x28, 0x59, 0x2C,
0x35, 0x74, 0xD9, 0x82, 0xE0, 0xB9, 0x14, 0x5E,
0xB8, 0x65, 0xDB, 0x2E, 0xE7, 0x81, 0x07, 0x26,
0xA9, 0x16, 0xB8, 0x37, 0xCA, 0x4F, 0x14, 0xC2,
0xCB, 0x9E, 0x95, 0x1B, 0xDE, 0x76, 0xBE, 0x16,
0xB8, 0xB1, 0xCD, 0xC2, 0xEE, 0xCD, 0xC0, 0x69,
0x49, 0xB8, 0xBE, 0xB1, 0x17, 0x86, 0xB8, 0xF2,
0x5F, 0x4C, 0x9A, 0xFA, 0x55, 0x97, 0xCE, 0xB1,
0xD8, 0x5F, 0xC9, 0xB9, 0xC9, 0x1D, 0xC6, 0x19,
0x66, 0xF3, 0x96, 0x09, 0x1E, 0x54, 0xC9, 0x6C,
0x97, 0xA4, 0x30, 0x0E, 0x99, 0xFD, 0x9F, 0x75,
0x2C, 0x0B, 0xEF, 0x5D, 0x88, 0xCA, 0xFB, 0xDC,
0xB3, 0x99, 0x3F, 0xCF, 0x6C, 0x7A, 0x8C, 0x55,
0x19, 0xFC, 0xEC, 0xB6, 0xA7, 0x91, 0x17, 0xE9,
0xB5, 0x21, 0x68, 0x01, 0x97, 0xD8, 0xA9, 0x1A,
0xB7, 0x5F, 0x18, 0x14, 0xDB, 0xC5, 0x80, 0x75,
0xEF, 0x4F, 0x07, 0x98, 0x7A, 0xBC, 0x56, 0xA7,
0x5D, 0xA4, 0x41, 0x6E, 0xDB, 0x9D, 0x6F, 0x3D,
0x77, 0x1A, 0xD3, 0x40, 0xD5, 0xCB, 0xCF, 0xC0,
0xE5, 0x71, 0xFA, 0x70, 0xAA, 0xC1, 0xC7, 0xDB,
0xBB, 0x5F, 0x5C, 0x5E, 0x1D, 0x8B, 0x10, 0x36,
0xF5, 0xA6, 0xFC, 0xFD, 0x06, 0x25, 0xAB, 0x5B,
0xBD, 0xA5, 0x71, 0x83, 0x9C, 0x58, 0x35, 0xDD,
0x69, 0x79, 0x77, 0x8F, 0x59, 0xD3, 0x48, 0x68,
0x4F, 0xA6, 0xCF, 0xC2, 0xA6, 0x25, 0x35, 0xB4,
0x7F, 0xAD, 0x7F, 0x97, 0xB5, 0x21, 0x88, 0x72,
0xD5, 0x2D, 0xCA, 0xCE, 0x9D, 0x3C, 0x1B, 0x11,
0x62, 0x8D, 0x35, 0x2A, 0xD8, 0x21, 0x90, 0x0F,
0x44, 0xE1, 0x4B, 0x64, 0x7F, 0x6B, 0xFA, 0x70,
0xF6, 0x46, 0xB5, 0xC7, 0xAF, 0x53, 0x13, 0x17,
0x7A, 0x10, 0x95, 0x49, 0x44, 0x22, 0x91, 0x53,
0xA4, 0x49, 0xFC, 0xF8, 0x9A, 0x62, 0x63, 0xBD,
0xBF, 0x85, 0x56, 0xE9, 0x81, 0xE5, 0xD6, 0x25,
0x13, 0x40, 0xF9, 0xF4, 0x3C, 0x66, 0x92, 0x03,
0x0F, 0xB9, 0x60, 0x5B, 0xB9, 0x9F, 0x33, 0xE9,
0x6F, 0x06, 0xD1, 0xE4, 0xE6, 0xAB, 0xBE, 0x65,
0xE1, 0x46, 0x96, 0xD5, 0x30, 0xF1, 0xB5, 0x25,
0xFF, 0xF8, 0x7D, 0x54, 0xC1, 0xAC, 0x2F, 0x5E,
0x96, 0x4D, 0x46, 0xEE, 0x37, 0xF4, 0x04, 0x5B,
0x54, 0xE6, 0x09, 0x8F, 0x76, 0xB2, 0x8E, 0xAF,
0x69, 0xE9, 0x98, 0x88, 0x8D, 0x25, 0xE0, 0x21,
0xA5, 0x38, 0xFD, 0x19, 0x56, 0xA7, 0xFC, 0x30,
0xAE, 0x83, 0xF8, 0xBA, 0x99, 0x47, 0xF8, 0x64,
0xFD, 0x59, 0x73, 0x1A, 0x6F, 0xBB, 0x40, 0x2A,
0xF2, 0x99, 0x0E, 0x1E, 0xD2, 0xD5, 0x6B, 0xF6,
0x2A, 0xA6, 0xCE, 0xAE, 0x6F, 0x76, 0x9D, 0x2D,
0x0C, 0x6C, 0x31, 0x3D, 0x7A, 0xAF, 0x97, 0x4E,
0x69, 0xDC, 0x02, 0xCC, 0x43, 0x18, 0xB9, 0x45,
0x7B, 0x8C, 0xC4, 0x06, 0x56, 0xAB, 0x7B, 0x61,
0x34, 0xDE, 0x3F, 0x98, 0x01, 0xCE, 0x01, 0x96,
0x99, 0xCE, 0x85, 0x5E, 0xBE, 0x9C, 0x6C, 0x02,
0xFD, 0x08, 0x50, 0x6F, 0x00, 0x4A, 0x4E, 0xED,
0x2C, 0xA1, 0x66, 0xC9, 0x54, 0xC7, 0xDB, 0x88,
0x10, 0x70, 0x0C, 0xA6, 0x71, 0xEF, 0x37, 0x2A,
0x29, 0x0B, 0x00, 0xE1, 0xBF, 0xBB, 0x97, 0xE3,
0xE6, 0x74, 0xD3, 0xDC, 0xCC, 0x57, 0xCE, 0x59,
0xF4, 0x65, 0xB1, 0x48, 0x8F, 0xF7, 0x6F, 0x62,
0x39, 0x00, 0x8B, 0xE3, 0xE7, 0x61, 0xEF, 0x9C,
0x11, 0x3D, 0xF0, 0x10, 0x7B, 0x8E, 0xEA, 0xE3,
0xFE, 0xBA, 0x55, 0xB3, 0x5E, 0x4C, 0x1D, 0xA3,
0xB6, 0xC8, 0x7A, 0x8D, 0x20, 0x11, 0x0E, 0x1C,
0xD7, 0x71, 0xCC, 0xBC, 0x30, 0xDF, 0xF7, 0x61,
0xE6, 0x03, 0xD4, 0x88, 0xE5, 0x5B, 0x85, 0x3A,
0xAE, 0x7D, 0xAA, 0xDF, 0x2A, 0x00, 0x7B, 0x83,
0x93, 0xDF, 0x08, 0xAF, 0x53, 0x4F, 0x9F, 0x53,
0xA7, 0x37, 0x57, 0xBA, 0xBE, 0x21, 0xC8, 0x64,
0x26, 0xCF, 0x05, 0x8E, 0xCA, 0x81, 0x7E, 0xF2,
0x37, 0xBF, 0xC5, 0x8A, 0xC2, 0x98, 0xFB, 0xF2,
0xA1, 0x48, 0x1C, 0x4D, 0x12, 0xDC, 0xF1, 0xB7,
0x37, 0xFD, 0x63, 0x97, 0x69, 0xA2, 0x53, 0x1E,
0xF9, 0x31, 0xA3, 0x62, 0xA4, 0x44, 0x56, 0xEE,
0x2C, 0xA4, 0x85, 0x98, 0xB4, 0x62, 0x59, 0xFC,
0xC9, 0x77, 0x07, 0x6C, 0x59, 0xFA, 0x4E, 0x29,
0x54, 0xE9, 0x96, 0x7D, 0xA4, 0x5D, 0xA7, 0xCB,
0xF7, 0x86, 0x33, 0xEC, 0x59, 0xC4, 0x63, 0xFE,
0x48, 0xA8, 0x3B, 0x80, 0x1A, 0x54, 0xDB, 0x3F,
0xEA, 0xB4, 0x45, 0xA3, 0x57, 0xE4, 0x18, 0xB0,
0x65, 0x3F, 0x29, 0x40, 0xB2, 0xB7, 0x13, 0x81,
0xB2, 0xDF, 0x9E, 0xCF, 0x81, 0x00, 0x84, 0x8E,
0x29, 0x12, 0xF4, 0xBD, 0x50, 0x3A, 0xF0, 0x75,
0xAA, 0xAF, 0x36, 0xC1, 0x36, 0xA4, 0x13, 0xC9,
0x5B, 0xE2, 0xF2, 0x5A, 0x6D, 0x29, 0x19, 0x76,
0xCD, 0x66, 0xA2, 0x76, 0x43, 0x53, 0x7E, 0x35,
0xE1, 0xDF, 0x89, 0xB1, 0xE4, 0x94, 0xB3, 0x6B,
0x08, 0xF3, 0xD0, 0x19, 0x6C, 0xD7, 0xE9, 0x0B,
0xA5, 0xBB, 0x21, 0x00, 0x9F, 0x37, 0xA8, 0x43,
0x19, 0x9E, 0x08, 0xDD, 0x95, 0xCA, 0x49, 0x48,
0xC5, 0x33, 0xCB, 0x26, 0x3B, 0x5D, 0x40, 0x5A,
0xF2, 0xFA, 0x11, 0x99, 0x81, 0xA8, 0x53, 0x6E,
0xB7, 0x1C, 0x88, 0x22, 0x6C, 0x41, 0x53, 0x4C,
0x26, 0x87, 0xBF, 0x1E, 0xED, 0x34, 0x75, 0xE8,
0x48, 0x8B, 0xDE, 0x90, 0x9A, 0x93, 0xD4, 0xDB,
0x55, 0xB6, 0xE8, 0x34, 0xB5, 0xE7, 0x86, 0x0A,
0xA9, 0x8F, 0xD8, 0xBC, 0xB1, 0x3A, 0xB0, 0x77,
0xB7, 0xBF, 0xD7, 0x5B, 0x35, 0xFA, 0x39, 0x3E,
0x93, 0xE3, 0xBF, 0xB4, 0xB9, 0xBA, 0x1D, 0xAA,
0x74, 0x65, 0xFD, 0x5B, 0x23, 0xA5, 0xB4, 0xCD,
0x17, 0x16, 0xD4, 0xBD, 0xF7, 0xB8, 0xD5, 0x57,
0x4B, 0x15, 0x6D, 0xB8, 0x7D, 0x8D, 0xE1, 0xE5,
0x26, 0xC9, 0x7F, 0x8E, 0xB2, 0x87, 0xBD, 0x97,
0xEE, 0xEE, 0xEF, 0x07, 0x4D, 0xBC, 0xB2, 0xC4,
0xDB, 0x51, 0xA4, 0xEF, 0xF1, 0xFA, 0x7F, 0xFF,
0x32, 0x8A, 0x57, 0x2D, 0x72, 0x70, 0x01, 0x71,
0x08, 0xAC, 0xE2, 0xED, 0x25, 0x09, 0x3D, 0xA5,
0x35, 0xC7, 0xA2, 0x6D, 0x3B, 0x91, 0x2A, 0xA5,
0x7F, 0xB3, 0x22, 0xE5, 0x3B, 0xB2, 0x22, 0xE9,
0x4E, 0x7C, 0xF6, 0x8C, 0xD8, 0xA2, 0x1A, 0xD7,
0xC0, 0x6A, 0x4A, 0xF9, 0x78, 0xED, 0x1D, 0xEB,
0x10, 0xE3, 0xF2, 0x41, 0x2A, 0xC6, 0x54, 0x3C,
0x18, 0x20, 0x68, 0xEF, 0xFB, 0xD8, 0x7F, 0x31,
0x76, 0x5F, 0x5A, 0xE6, 0x81, 0xEE, 0x8B, 0x2E,
0x9A, 0xEB, 0x5B, 0xC9, 0x40, 0xA9, 0x4E, 0xC0,
0xEE, 0xF5, 0xBE, 0xF7, 0x48, 0x74, 0x16, 0x9E,
0xAB, 0xEC, 0xF1, 0x51, 0x25, 0x65, 0xC5, 0x1E,
0xA5, 0x87, 0x21, 0xDD, 0x3A, 0xF1, 0x69, 0x03,
0x65, 0xDB, 0x22, 0xE1, 0x87, 0x7F, 0x2A, 0x5C,
0x01, 0x72, 0x3F, 0x69, 0xB7, 0x72, 0x52, 0x77,
0xAE, 0x4E, 0x9E, 0xFA, 0xCD, 0x3A, 0xFA, 0x5A,
0xDC, 0xAF, 0x38, 0x57, 0x77, 0xE7, 0xCE, 0x10,
0xF9, 0x56, 0xB4, 0x64, 0x2C, 0x6F, 0xC1, 0xC9,
0x78, 0x08, 0x99, 0x3E, 0xFD, 0x99, 0x4C, 0xA6,
0x5C, 0x75, 0xF4, 0x59, 0xAC, 0x58, 0x72, 0xF8,
0x24, 0x88, 0xC5, 0x7F, 0xB7, 0xAF, 0x9A, 0xB9,
0x69, 0xD5, 0xE3, 0x69, 0xC1, 0x6D, 0x0B, 0x2B,
0xF7, 0x80, 0x0B, 0x93, 0x8D, 0x67, 0x84, 0xC7,
0xF6, 0x4D, 0x0C, 0x55, 0xCA, 0x77, 0x94, 0x65,
0x49, 0x38, 0x94, 0x9E, 0x14, 0x21, 0x70, 0x55,
0xD3, 0x41, 0x01, 0xF9, 0x41, 0x7D, 0x37, 0x0A,
0x8A, 0xDD, 0x72, 0xFC, 0x0B, 0x57, 0x66, 0xEC,
0x1D, 0x8A, 0xDD, 0xD7, 0x02, 0x33, 0x4A, 0x2A,
0xC2, 0x77, 0x09, 0xC5, 0xAC, 0x5A, 0xE5, 0x60,
0x1D, 0xBA, 0x95, 0x2B, 0xE2, 0x58, 0xD9, 0x33,
0x6D, 0xF3, 0xE0, 0xF6, 0x58, 0x78, 0xA8, 0x58,
0x61, 0x32, 0x58, 0xFB, 0x5E, 0x47, 0x94, 0x1B
};
static const byte k_1024[KYBER_SS_SZ] = {
0x46, 0xC2, 0x00, 0xF3, 0xF6, 0xEE, 0x8E, 0x11,
0xD4, 0x76, 0x53, 0x80, 0x1E, 0x34, 0x82, 0x24,
0x1C, 0xB7, 0x83, 0xB9, 0xD7, 0x94, 0xEB, 0x11,
0x6A, 0x4B, 0xDA, 0x08, 0x5A, 0xEB, 0x6B, 0xB7
};
#endif
static byte ct[KYBER_MAX_CIPHER_TEXT_SIZE];
static byte ss[KYBER_SS_SZ];
key = (KyberKey*)XMALLOC(sizeof(KyberKey), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(KyberKey));
}
#ifndef WOLFSSL_NO_KYBER512
ExpectIntEQ(wc_KyberKey_Init(KYBER512, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_DecodePublicKey(key, ek_512, sizeof(ek_512)), 0);
ExpectIntEQ(wc_KyberKey_EncapsulateWithRandom(key, ct, ss, seed_512,
sizeof(seed_512)), 0);
ExpectIntEQ(XMEMCMP(ct, c_512, KYBER512_CIPHER_TEXT_SIZE), 0);
ExpectIntEQ(XMEMCMP(ss, k_512, KYBER_SS_SZ), 0);
wc_KyberKey_Free(key);
#endif
#ifndef WOLFSSL_NO_KYBER768
ExpectIntEQ(wc_KyberKey_Init(KYBER768, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_DecodePublicKey(key, ek_768, sizeof(ek_768)), 0);
ExpectIntEQ(wc_KyberKey_EncapsulateWithRandom(key, ct, ss, seed_768,
sizeof(seed_768)), 0);
ExpectIntEQ(XMEMCMP(ct, c_768, KYBER768_CIPHER_TEXT_SIZE), 0);
ExpectIntEQ(XMEMCMP(ss, k_768, KYBER_SS_SZ), 0);
wc_KyberKey_Free(key);
#endif
#ifndef WOLFSSL_NO_KYBER1024
ExpectIntEQ(wc_KyberKey_Init(KYBER1024, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_DecodePublicKey(key, ek_1024, sizeof(ek_1024)), 0);
ExpectIntEQ(wc_KyberKey_EncapsulateWithRandom(key, ct, ss, seed_1024,
sizeof(seed_1024)), 0);
ExpectIntEQ(XMEMCMP(ct, c_1024, KYBER1024_CIPHER_TEXT_SIZE), 0);
ExpectIntEQ(XMEMCMP(ss, k_1024, KYBER_SS_SZ), 0);
wc_KyberKey_Free(key);
#endif
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_kyber_decapsulate_kats(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_HAVE_KYBER) && defined(WOLFSSL_WC_KYBER) && \
defined(WOLFSSL_ML_KEM)
KyberKey* key;
#ifndef WOLFSSL_NO_KYBER512
static const byte dk_512[KYBER512_PRIVATE_KEY_SIZE] = {
0x17, 0x43, 0x13, 0xEF, 0xA9, 0x35, 0x20, 0xE2,
0x8A, 0x70, 0x76, 0xC8, 0x88, 0x09, 0x6E, 0x02,
0xB0, 0xBD, 0xD8, 0x68, 0x30, 0x49, 0x7B, 0x61,
0xFD, 0xEA, 0xB6, 0x20, 0x9C, 0x6C, 0xF7, 0x1C,
0x62, 0x5C, 0x46, 0x80, 0x77, 0x5C, 0x34, 0x77,
0x58, 0x1C, 0x42, 0x7A, 0x6F, 0xE1, 0xB0, 0x35,
0x6E, 0xAB, 0x04, 0x8B, 0xCA, 0x43, 0x4F, 0x83,
0xB5, 0x42, 0xC8, 0xB8, 0x60, 0x01, 0x06, 0x96,
0xA5, 0x72, 0x99, 0xBB, 0x26, 0x22, 0x68, 0x89,
0x1F, 0xFC, 0x72, 0x14, 0x2C, 0xA1, 0xA8, 0x66,
0x18, 0x5C, 0xA8, 0x2D, 0x05, 0x40, 0x66, 0x95,
0xBA, 0x57, 0xD4, 0xC9, 0x30, 0xF9, 0xC1, 0x7D,
0x62, 0x23, 0x52, 0x3C, 0xF5, 0xA4, 0xF2, 0xA4,
0x33, 0xA3, 0x64, 0x45, 0x9A, 0xC0, 0xAC, 0xDE,
0x72, 0x54, 0x48, 0x13, 0x29, 0x28, 0x8B, 0x1B,
0xE1, 0x87, 0xCC, 0x25, 0x21, 0x9F, 0x48, 0xC2,
0x44, 0x3C, 0x53, 0x21, 0x99, 0x85, 0x93, 0x55,
0x32, 0x0D, 0x04, 0xF0, 0xB8, 0x0D, 0xE9, 0x69,
0xF1, 0x69, 0xA3, 0xD2, 0xBA, 0x34, 0x11, 0xB4,
0xAD, 0xBC, 0x01, 0xB6, 0x62, 0x71, 0x82, 0x4C,
0xD9, 0x54, 0x3C, 0x78, 0xBA, 0x48, 0x04, 0xAE,
0x81, 0xF3, 0xAF, 0x00, 0x33, 0x6C, 0x5C, 0xC3,
0x69, 0x83, 0x54, 0xC0, 0xE0, 0x18, 0x73, 0xA2,
0xA1, 0x7D, 0x6A, 0x95, 0xA3, 0x12, 0x68, 0x9A,
0x99, 0xDC, 0x89, 0x08, 0x41, 0x50, 0xA8, 0xD5,
0x2B, 0xB3, 0x1C, 0x3F, 0xF3, 0xD4, 0x21, 0x5F,
0xA3, 0xC4, 0x11, 0x1B, 0x40, 0x19, 0x92, 0x86,
0x6E, 0x51, 0x3E, 0x51, 0x28, 0xA2, 0x0E, 0xD9,
0x5F, 0xDE, 0xE6, 0x14, 0x85, 0xDC, 0x93, 0x7E,
0x09, 0x9D, 0x76, 0xF7, 0x9B, 0x92, 0x73, 0x4D,
0xC4, 0xCB, 0xB9, 0xA7, 0xA4, 0x13, 0xFE, 0xA6,
0x28, 0x5B, 0xC0, 0xC2, 0x7C, 0x96, 0x1E, 0x47,
0xD1, 0x98, 0x36, 0x44, 0xC4, 0xBF, 0x91, 0x3D,
0x72, 0xF4, 0xB0, 0x30, 0xD3, 0x47, 0x38, 0x42,
0x72, 0x63, 0xE8, 0x7A, 0xB4, 0xC0, 0xB7, 0xDF,
0x0B, 0x72, 0xCA, 0x8A, 0xA0, 0xBA, 0xA6, 0x7B,
0x07, 0x99, 0x39, 0xD5, 0x87, 0x80, 0x1D, 0x60,
0xC8, 0x7A, 0x20, 0x40, 0x5E, 0x5C, 0x52, 0x60,
0x3C, 0x07, 0x2F, 0xDB, 0x63, 0xE2, 0xE1, 0xC2,
0xA9, 0x5C, 0xC2, 0x6F, 0x5A, 0xBE, 0xF6, 0x08,
0x83, 0x33, 0x80, 0x08, 0x86, 0xD0, 0x93, 0xCA,
0x01, 0xA7, 0x6F, 0x57, 0x00, 0x5E, 0x05, 0x35,
0x69, 0x54, 0x2E, 0x0A, 0x07, 0x6B, 0x98, 0x73,
0x6D, 0x4D, 0x39, 0xB0, 0x0F, 0xC1, 0x65, 0x3F,
0xBC, 0x2D, 0x12, 0xEA, 0x32, 0xA9, 0x4B, 0x9B,
0x92, 0xC6, 0x8B, 0xA4, 0xB6, 0x8A, 0x4E, 0x7B,
0x37, 0x0A, 0x23, 0xB0, 0x3F, 0xE8, 0x22, 0x16,
0x39, 0xB0, 0x12, 0x44, 0x80, 0x6C, 0x27, 0x06,
0x7A, 0x58, 0x03, 0x1D, 0xB8, 0x0D, 0x2D, 0x03,
0x66, 0x1A, 0x01, 0x7B, 0xB4, 0x6B, 0xB3, 0x71,
0x1A, 0xCB, 0x56, 0x8A, 0x4F, 0xAB, 0xEB, 0xAF,
0xC5, 0xFA, 0x06, 0xF7, 0xCA, 0x0E, 0x4D, 0x96,
0x2E, 0x31, 0x70, 0xCB, 0x11, 0xC0, 0xA8, 0xD1,
0x8A, 0x09, 0xCE, 0x27, 0xA6, 0xA9, 0x76, 0x3E,
0x12, 0x38, 0x85, 0x45, 0x02, 0x24, 0xDE, 0x07,
0xCC, 0x17, 0x54, 0x6C, 0x17, 0x95, 0x1F, 0xDE,
0x47, 0x6E, 0x08, 0x35, 0x83, 0xEF, 0x10, 0xBF,
0x76, 0xA9, 0x8A, 0xFF, 0xF9, 0xB1, 0x2D, 0xB5,
0x40, 0x1C, 0xD3, 0x67, 0x34, 0x95, 0x39, 0x2D,
0x74, 0x12, 0x91, 0xC3, 0xAA, 0x78, 0x42, 0x0C,
0x8A, 0x7C, 0xB5, 0xFF, 0xE6, 0x50, 0x12, 0x99,
0x7C, 0x4D, 0xA4, 0x32, 0x2E, 0xA9, 0x0B, 0x50,
0x14, 0xB5, 0xB4, 0xD0, 0x18, 0x01, 0x00, 0x24,
0x70, 0x47, 0x34, 0x1E, 0x4C, 0x24, 0xB9, 0x6B,
0x8D, 0x7C, 0x00, 0x20, 0x52, 0x4B, 0x7C, 0x1D,
0x66, 0xC3, 0xE0, 0x8C, 0xB2, 0x99, 0xEB, 0x4E,
0xC6, 0xFA, 0x0E, 0xE8, 0xEA, 0x05, 0xFD, 0x43,
0x0F, 0x57, 0x60, 0x5E, 0x89, 0x2B, 0x23, 0x2D,
0x20, 0x47, 0xCA, 0x9B, 0x4E, 0xCA, 0xD9, 0xBD,
0xD0, 0x9C, 0x99, 0x51, 0x19, 0x69, 0x16, 0x52,
0x5D, 0x1E, 0xC9, 0x21, 0xB6, 0xE3, 0xCE, 0x0E,
0xE6, 0x92, 0xEB, 0xA7, 0x28, 0xB4, 0xDB, 0x10,
0xF3, 0x38, 0x1F, 0xBF, 0x58, 0x4A, 0xBB, 0x7B,
0x6A, 0x92, 0x10, 0xC7, 0xC4, 0x24, 0xCE, 0x4A,
0x36, 0x93, 0x70, 0xCB, 0x48, 0xD6, 0x08, 0x63,
0x4A, 0xBA, 0x0B, 0xFF, 0x91, 0xC5, 0x62, 0x0A,
0x11, 0x89, 0xD0, 0xCA, 0x97, 0x42, 0x1D, 0x42,
0x34, 0x29, 0xFB, 0x66, 0x39, 0x52, 0xDC, 0x12,
0x31, 0xB4, 0x36, 0x2B, 0x71, 0x62, 0xFE, 0x3A,
0x42, 0x11, 0x1C, 0x91, 0xD7, 0x6A, 0x96, 0x4C,
0xB4, 0x15, 0x41, 0x94, 0x20, 0x9E, 0xDB, 0xAA,
0x1F, 0x48, 0x1B, 0xD1, 0x26, 0xC3, 0x25, 0xD1,
0x56, 0x78, 0xE3, 0x9B, 0xCC, 0xE4, 0xC7, 0x04,
0xEA, 0x48, 0x72, 0x46, 0x64, 0x8A, 0x6C, 0x6C,
0x25, 0x40, 0xB5, 0xF6, 0x80, 0xA3, 0x5E, 0xE2,
0x82, 0x42, 0x46, 0x45, 0x0A, 0x72, 0x93, 0xF2,
0x1A, 0x90, 0xCF, 0xD1, 0x4E, 0xFA, 0xF7, 0x8F,
0xA3, 0xD7, 0x32, 0x22, 0x51, 0xC6, 0x41, 0xA5,
0x0E, 0x95, 0xBB, 0x5E, 0xC5, 0xCA, 0x0B, 0x60,
0xE8, 0x9D, 0x7C, 0x18, 0xB7, 0xA4, 0x4A, 0x0F,
0xAF, 0xB4, 0xBC, 0xAD, 0xE9, 0xB5, 0x88, 0xD1,
0xB7, 0xFC, 0xF1, 0x2B, 0xA1, 0xE1, 0x08, 0x4D,
0x56, 0xB1, 0x97, 0xEA, 0x90, 0xA7, 0x9A, 0x3D,
0x83, 0x92, 0x7A, 0x23, 0x07, 0x60, 0x3B, 0xC2,
0x11, 0xC0, 0x83, 0x0C, 0xB7, 0x06, 0x2C, 0x04,
0x25, 0x48, 0x24, 0x57, 0x5B, 0x22, 0x6C, 0xAD,
0x9A, 0x27, 0xC2, 0xA4, 0x55, 0x19, 0xAE, 0x39,
0x54, 0x64, 0x67, 0x69, 0x04, 0x85, 0x49, 0x8A,
0x32, 0x0A, 0xD5, 0x69, 0x93, 0xB1, 0x5A, 0x9D,
0x22, 0xC6, 0x19, 0x14, 0x46, 0xCB, 0x40, 0xAA,
0x75, 0x47, 0x40, 0x16, 0x81, 0xDC, 0xC7, 0xE3,
0x65, 0x96, 0xB1, 0x0C, 0x07, 0xFA, 0x2A, 0x20,
0xB4, 0x3C, 0x4B, 0x01, 0x24, 0x40, 0x1F, 0x8A,
0x0E, 0x74, 0x48, 0x78, 0xC7, 0x29, 0x66, 0x23,
0xC7, 0x39, 0x5B, 0x69, 0x94, 0xD1, 0x8C, 0x47,
0x87, 0xA2, 0x89, 0xDB, 0xB0, 0x5C, 0xB1, 0x82,
0x74, 0x51, 0xD8, 0x3F, 0x07, 0x29, 0x04, 0x53,
0x75, 0x94, 0xF5, 0x15, 0xCA, 0x10, 0x17, 0x99,
0x16, 0x20, 0xA3, 0x3E, 0x09, 0x6E, 0xE0, 0xDC,
0x09, 0x1A, 0xE4, 0xCA, 0x96, 0x06, 0x03, 0xB1,
0x01, 0xB5, 0xB4, 0xE2, 0x3E, 0x9A, 0x5B, 0x65,
0xE1, 0xF6, 0xC2, 0xA8, 0xCC, 0x89, 0x34, 0x13,
0x83, 0xB7, 0x06, 0x72, 0x5E, 0xD5, 0xB3, 0x48,
0x57, 0x69, 0x18, 0x1B, 0x8F, 0x76, 0x43, 0x9C,
0x05, 0x63, 0x6A, 0x0C, 0x34, 0x36, 0xFF, 0xBA,
0x8B, 0x86, 0xA5, 0x30, 0x6F, 0xA1, 0x11, 0xF6,
0xFC, 0x71, 0xEB, 0x77, 0x9B, 0x25, 0x70, 0x7C,
0xFA, 0xE0, 0xA6, 0xDA, 0x7B, 0x0A, 0xD5, 0xD9,
0x4B, 0x10, 0xF2, 0x1E, 0x4F, 0xCA, 0x92, 0x89,
0x3B, 0x9F, 0xFE, 0x73, 0x21, 0x07, 0x63, 0x40,
0x13, 0x77, 0x83, 0x7A, 0x10, 0xCA, 0x96, 0x25,
0x34, 0x6C, 0x42, 0xAD, 0xC7, 0x05, 0xBD, 0x92,
0xDB, 0x34, 0x26, 0xD9, 0x26, 0xCE, 0x4B, 0x5E,
0xC2, 0x4A, 0x5C, 0xDF, 0x27, 0xCB, 0x91, 0xE5,
0xA7, 0xE7, 0x16, 0x4D, 0x1B, 0xDC, 0x99, 0xD7,
0x56, 0x79, 0xFB, 0xC9, 0x3A, 0x58, 0xF6, 0x47,
0xDA, 0xC1, 0x08, 0x6C, 0xE9, 0x31, 0xBC, 0x08,
0x92, 0x33, 0xE9, 0x48, 0x7E, 0x08, 0x67, 0xBC,
0x58, 0x47, 0x2B, 0x01, 0xBF, 0x28, 0x95, 0xC3,
0x23, 0xB6, 0x4D, 0xBE, 0x4A, 0x17, 0xA9, 0xE8,
0x41, 0xB0, 0x53, 0xCA, 0xDB, 0x5C, 0x76, 0xD0,
0x35, 0x72, 0x4C, 0x32, 0x1B, 0xBC, 0x13, 0x66,
0x6F, 0x0A, 0x35, 0xDF, 0xDA, 0x07, 0x21, 0xE8,
0x98, 0x76, 0x23, 0x25, 0x6A, 0x99, 0x4D, 0x95,
0xFA, 0x1C, 0x05, 0xF5, 0x7C, 0x1E, 0x15, 0xA3,
0x0C, 0x4A, 0x0C, 0x83, 0x18, 0xA0, 0xD8, 0x3C,
0x41, 0x0C, 0x36, 0x28, 0x62, 0xE8, 0x17, 0xDD,
0x6A, 0xBB, 0xAA, 0x4B, 0xBE, 0x75, 0xB7, 0x36,
0xCC, 0xCB, 0xB4, 0xAF, 0x2A, 0x18, 0x84, 0x02,
0xBD, 0x4C, 0xE5, 0x97, 0x93, 0x20, 0x08, 0x86,
0x28, 0x65, 0x33, 0x25, 0x62, 0xF3, 0x24, 0xC7,
0xA4, 0x24, 0x15, 0x1F, 0xB5, 0x9D, 0x0A, 0xE1,
0x82, 0x1F, 0x28, 0x64, 0xC7, 0xE6, 0x98, 0x12,
0x7A, 0xAD, 0x92, 0xC3, 0x3B, 0x31, 0x39, 0x88,
0xC2, 0x9A, 0x09, 0xE2, 0x60, 0x44, 0x9B, 0xCA,
0x7B, 0xEE, 0x36, 0x08, 0x62, 0x31, 0x4E, 0x47,
0x51, 0x9E, 0xF3, 0x91, 0x8D, 0xDD, 0xE4, 0x03,
0xE7, 0xB9, 0x2A, 0xC9, 0x90, 0x8F, 0x93, 0xC6,
0x36, 0x9C, 0xC5, 0xC4, 0x7B, 0x8C, 0xB1, 0xDC,
0x3A, 0x34, 0x79, 0xC7, 0x62, 0xF6, 0x2A, 0x18,
0xFE, 0x05, 0xA9, 0xB0, 0x64, 0x5A, 0x53, 0x11,
0xA0, 0x18, 0x28, 0x72, 0x3A, 0xEB, 0x51, 0xFA,
0x50, 0x5E, 0x96, 0xB2, 0x9E, 0x3D, 0x2B, 0x6E,
0x5B, 0x13, 0x27, 0xDE, 0x3A, 0x61, 0xAB, 0x0C,
0x50, 0xBE, 0x01, 0x24, 0xB6, 0x4B, 0x33, 0x31,
0x4B, 0x32, 0xD6, 0x12, 0x25, 0x10, 0xE4, 0x64,
0x45, 0x85, 0x7A, 0xA0, 0xE2, 0xC4, 0xB0, 0xD2,
0x56, 0x95, 0x56, 0x20, 0xA8, 0x68, 0x1D, 0x1E,
0x55, 0x51, 0x26, 0xD0, 0x05, 0x09, 0xE3, 0x5B,
0xF5, 0x96, 0x83, 0xDD, 0xAA, 0x40, 0xE8, 0x2C,
0x51, 0x9B, 0x85, 0x58, 0x52, 0xC3, 0x66, 0xCB,
0x54, 0x45, 0x2B, 0xF9, 0x10, 0xB0, 0x01, 0x69,
0x23, 0x30, 0x34, 0x57, 0x08, 0x65, 0x3F, 0x51,
0x18, 0x00, 0xB1, 0x0E, 0x00, 0x9D, 0x9F, 0x7D,
0x10, 0xA5, 0x3B, 0x8B, 0x30, 0xBF, 0x13, 0xB0,
0x6F, 0x25, 0x4E, 0xC8, 0xA6, 0xBA, 0x53, 0x97,
0x00, 0xF6, 0x35, 0x8D, 0xE0, 0x46, 0x3A, 0x01,
0x95, 0x40, 0xC9, 0x87, 0x3F, 0x3F, 0x46, 0x80,
0xE2, 0x11, 0x3A, 0x7C, 0xCC, 0x55, 0xFF, 0x75,
0x4D, 0x85, 0xAA, 0x67, 0xE9, 0xE5, 0x5F, 0x88,
0x74, 0x24, 0xE0, 0xB2, 0x62, 0x56, 0x82, 0xA5,
0xDD, 0xA2, 0x18, 0xF0, 0x3C, 0x3C, 0x10, 0xA2,
0x46, 0xCD, 0xB0, 0xCC, 0x91, 0xD1, 0x9D, 0x8F,
0x02, 0x4D, 0xB9, 0xB1, 0x41, 0x5F, 0x50, 0xAC,
0xD8, 0xF6, 0x5D, 0xE2, 0x78, 0x7B, 0x91, 0x03,
0xC5, 0x75, 0xB6, 0x87, 0x76, 0x55, 0x72, 0xCF,
0xFA, 0x59, 0x02, 0x6C, 0x2B, 0xCE, 0xE7, 0x74,
0x23, 0xBC, 0xAF, 0xD3, 0x05, 0x4B, 0xF8, 0xE2,
0x71, 0x3F, 0xB8, 0x5B, 0x0B, 0xF6, 0xA4, 0x6E,
0x71, 0x61, 0x52, 0xF5, 0xC9, 0xA3, 0x01, 0x1E,
0xC9, 0x01, 0x14, 0xC7, 0x6B, 0x01, 0x51, 0x67,
0x99, 0xBD, 0x59, 0x11, 0x41, 0x5B, 0x70, 0x45,
0x44, 0x07, 0x7F, 0x18, 0x88, 0x06, 0x75, 0x5E,
0xEC, 0x41, 0x31, 0xE5, 0x55, 0x56, 0xDB, 0x90,
0x3F, 0x42, 0x84, 0xC1, 0xF9, 0x00, 0x86, 0xFF,
0x43, 0x1B, 0x68, 0xF5, 0x1F, 0x62, 0x98, 0x12,
0xF3, 0x20, 0xB5, 0x5F, 0x21, 0x9D, 0x72, 0xA1,
0x92, 0x8F, 0x38, 0xC9, 0xA1, 0xEC, 0x82, 0x3B,
0xA1, 0x98, 0xBA, 0x9A, 0xBB, 0xAC, 0xF6, 0x29,
0x02, 0xB3, 0xCA, 0x0A, 0xFC, 0x95, 0xEA, 0x8A,
0xC3, 0x03, 0xFB, 0x8B, 0xDD, 0x29, 0xBB, 0x9D,
0x18, 0xA0, 0x3B, 0xA4, 0x4E, 0x58, 0xB1, 0xB0,
0xB8, 0x5A, 0x2A, 0x16, 0x62, 0xE6, 0xA3, 0x1D,
0xA7, 0x54, 0x55, 0x11, 0xA4, 0x78, 0xA1, 0x81,
0x77, 0x88, 0x90, 0x61, 0xEF, 0x76, 0x63, 0x12,
0x64, 0x23, 0x9A, 0xDE, 0xBD, 0x04, 0xA8, 0xC5,
0x2B, 0x72, 0xE2, 0xB1, 0xF3, 0xA2, 0xDF, 0xBB,
0xD8, 0xC0, 0x54, 0xE7, 0x0C, 0xC2, 0xA7, 0x42,
0xE7, 0xB7, 0xD4, 0x17, 0xDF, 0xED, 0x31, 0x44,
0x22, 0x18, 0x7D, 0xE1, 0xB2, 0x95, 0x44, 0x81,
0x19, 0x57, 0x55, 0xEC, 0x04, 0xBB, 0x76, 0x71,
0xC4, 0x33, 0x14, 0x46, 0xBB, 0xE8, 0x95, 0x25,
0x14, 0x90, 0x53, 0x21, 0xA2, 0x17, 0x6E, 0x93,
0x5B, 0x54, 0x20, 0xC0, 0xD5, 0xEA, 0x44, 0x65
};
static const byte c_512[KYBER512_CIPHER_TEXT_SIZE] = {
0x84, 0xA1, 0x88, 0xA0, 0x72, 0xE4, 0xD4, 0xF4,
0x49, 0xA4, 0xBE, 0x17, 0x02, 0x74, 0xDD, 0x2A,
0x5F, 0x3E, 0x35, 0x6E, 0x95, 0xB9, 0x6E, 0x40,
0xAD, 0x3F, 0xF1, 0x45, 0x5E, 0x36, 0xC6, 0xA7,
0x1E, 0x90, 0x9D, 0xD2, 0xC0, 0xDF, 0xF8, 0xAD,
0x2C, 0x9F, 0x50, 0x3B, 0xAC, 0x90, 0x65, 0x71,
0x62, 0x48, 0x08, 0x3B, 0xDA, 0x40, 0xCE, 0xCB,
0x38, 0xE3, 0xB3, 0x05, 0x8B, 0xAF, 0x51, 0xA7,
0x57, 0x23, 0x84, 0xFF, 0x84, 0x06, 0xA8, 0x13,
0x6A, 0x4F, 0xC6, 0xD9, 0x12, 0xA5, 0x4B, 0x2E,
0xB5, 0xB9, 0xD5, 0x98, 0xFB, 0x68, 0x9E, 0x72,
0xED, 0x3D, 0xEF, 0xD2, 0xFF, 0x83, 0x55, 0xED,
0x9E, 0x9C, 0xCA, 0x53, 0xE8, 0x2C, 0x08, 0x86,
0xE0, 0x94, 0xC5, 0x92, 0xC3, 0x92, 0x31, 0x1F,
0x04, 0xFE, 0xC6, 0x8F, 0x9A, 0x1C, 0x53, 0x1C,
0xF3, 0x41, 0x90, 0x30, 0x89, 0x2B, 0x5B, 0xDC,
0xAC, 0xEE, 0xF6, 0xA0, 0xE7, 0xF1, 0xBD, 0x44,
0x90, 0x3F, 0x49, 0xDE, 0x8E, 0x37, 0xB0, 0x2B,
0xA3, 0xFC, 0x51, 0x21, 0xD9, 0x9F, 0x8C, 0xC3,
0x04, 0x0F, 0x66, 0x83, 0x2F, 0x77, 0x02, 0x1B,
0x4C, 0xA3, 0x5F, 0x7A, 0x48, 0x25, 0x03, 0x89,
0x36, 0x56, 0x4C, 0xA2, 0xE6, 0x73, 0xFF, 0x9C,
0xC0, 0x51, 0x9C, 0x25, 0xF6, 0xA5, 0x2D, 0x87,
0xED, 0xD9, 0x65, 0xB2, 0x46, 0x4A, 0xA3, 0x65,
0xD2, 0xBF, 0x06, 0x8B, 0x72, 0xFC, 0x68, 0xB6,
0x5E, 0x88, 0x51, 0x5E, 0x2C, 0x83, 0x2B, 0xBD,
0xB2, 0x7D, 0x61, 0xBF, 0x51, 0x2B, 0x5F, 0xC2,
0xD8, 0x59, 0x0F, 0xB3, 0x5F, 0x49, 0x50, 0x0C,
0xAF, 0xE7, 0x0E, 0x7D, 0x07, 0x76, 0xB5, 0xC4,
0xE4, 0x50, 0x3A, 0x71, 0x89, 0xAD, 0xBA, 0xFF,
0x5D, 0x5B, 0x51, 0x5C, 0xC6, 0x8B, 0x2F, 0x81,
0xD9, 0x93, 0xC6, 0xD7, 0xFA, 0x7D, 0x3D, 0x1D,
0x90, 0xEB, 0xFF, 0x51, 0xDA, 0x3F, 0xBB, 0xB4,
0x43, 0x0E, 0x5B, 0xBE, 0xDB, 0xCA, 0x8D, 0xA0,
0x78, 0xDC, 0xE8, 0xEC, 0x81, 0x5B, 0x16, 0x8B,
0xFC, 0x09, 0xAB, 0x4A, 0x20, 0x67, 0x88, 0x70,
0xF4, 0x86, 0x8B, 0x1F, 0xAE, 0x28, 0xD2, 0x09,
0xC7, 0x53, 0x68, 0xA7, 0x99, 0x31, 0x7D, 0xFA,
0x08, 0xC2, 0xB6, 0x51, 0xFA, 0xC7, 0x2D, 0xCA,
0x2A, 0x1B, 0x4C, 0xBB, 0x75, 0xE8, 0x73, 0xF1,
0x5C, 0x51, 0xB6, 0xD0, 0xB5, 0xE6, 0xF5, 0xE6,
0x0E, 0x2A, 0xF6, 0xC4, 0x0D, 0x2C, 0xAB, 0xCB,
0xF3, 0x58, 0x8F, 0x44, 0xBC, 0xEA, 0x6D, 0x72,
0xD3, 0x59, 0xF4, 0x0F, 0x9C, 0xF5, 0xE0, 0xEC,
0x40, 0xA5, 0x21, 0x5E, 0x5A, 0xCE, 0xEA, 0xF0,
0xDA, 0x00, 0xD9, 0x23, 0xD4, 0xCE, 0xFF, 0x5C,
0x3A, 0x3A, 0xB1, 0xE4, 0x6C, 0x75, 0x4F, 0x4A,
0xE0, 0x52, 0xC2, 0xBC, 0x49, 0xFD, 0xB4, 0x52,
0x1A, 0xE4, 0x4D, 0xF6, 0x34, 0xD5, 0x6E, 0x43,
0x3D, 0xAD, 0x3D, 0xF3, 0xC0, 0x71, 0x15, 0x40,
0x6F, 0xF8, 0xBF, 0xD0, 0xD7, 0xC9, 0x3B, 0x49,
0x41, 0xD0, 0xF0, 0x92, 0x13, 0xC1, 0x68, 0x1C,
0xFD, 0x5C, 0x86, 0x63, 0xDF, 0x02, 0x04, 0x1A,
0x3C, 0xBD, 0x16, 0x2F, 0x5C, 0x4D, 0x80, 0xCB,
0x1D, 0xC7, 0xD4, 0xA5, 0x01, 0xAD, 0x06, 0xFE,
0x96, 0xEB, 0x34, 0x8B, 0x6E, 0x33, 0x1C, 0x82,
0x96, 0xFE, 0x90, 0x4E, 0xB9, 0x7C, 0x08, 0x74,
0x56, 0x32, 0x8D, 0x70, 0x3B, 0x85, 0xBD, 0xAC,
0x2F, 0xB4, 0x3C, 0x72, 0x8D, 0x0B, 0x05, 0xFC,
0x54, 0xB8, 0xC1, 0x55, 0xC0, 0x10, 0xEF, 0x0D,
0xB1, 0x4C, 0xC6, 0x68, 0xD1, 0xB1, 0xBC, 0x72,
0x7A, 0xF8, 0x86, 0x40, 0x76, 0x73, 0x6B, 0x89,
0x8B, 0xAB, 0xA1, 0xC8, 0x1D, 0xCA, 0x20, 0x53,
0xF5, 0x85, 0x87, 0xD3, 0xC4, 0xE3, 0x3C, 0x69,
0x4A, 0x26, 0x4B, 0xE2, 0x89, 0x7E, 0x7D, 0x2E,
0xEF, 0xAD, 0xDA, 0x9F, 0xF8, 0x8D, 0x70, 0xBF,
0x37, 0x31, 0xF1, 0x22, 0x8C, 0xB3, 0xE1, 0x31,
0xEB, 0x0C, 0xB7, 0x6F, 0xDB, 0xD2, 0xCC, 0xB1,
0xCB, 0xC1, 0x8D, 0x14, 0x50, 0xAC, 0x7A, 0x16,
0x34, 0x9E, 0x71, 0x29, 0xCA, 0xB7, 0x20, 0xD5,
0xCB, 0x70, 0xB5, 0x6E, 0x85, 0x5E, 0x83, 0x05,
0xDC, 0xDA, 0x73, 0x0B, 0xBD, 0x0E, 0xA3, 0x3E,
0xF0, 0x81, 0x5D, 0x02, 0x19, 0x0B, 0xB9, 0x8E,
0x30, 0xF7, 0x3B, 0xF7, 0x78, 0x9C, 0xDD, 0x67,
0x3C, 0x61, 0x3B, 0x0C, 0x57, 0xCB, 0x2E, 0xF3,
0x2E, 0x67, 0x0A, 0x98, 0xD2, 0xD6, 0x30, 0x67,
0x07, 0x73, 0xC5, 0x9D, 0x8A, 0x6A, 0x2C, 0xFC,
0xFF, 0x1C, 0x7C, 0xA1, 0xBB, 0x55, 0xC1, 0x7A,
0x32, 0xCB, 0x65, 0xA2, 0xEA, 0x19, 0xC7, 0xB8,
0xE2, 0x95, 0xC6, 0x89, 0x8C, 0xF3, 0x2F, 0xEE,
0x1D, 0xEB, 0x01, 0x47, 0x2B, 0xE7, 0x6C, 0x3A,
0x78, 0xCB, 0x24, 0x2E, 0xDF, 0xE2, 0x1D, 0x96,
0x1F, 0xCB, 0x85, 0xC3, 0xCF, 0x6C, 0xEE, 0x21,
0x89, 0x86, 0xC1, 0xBD, 0x93, 0x2B, 0xF9, 0x7B,
0xC6, 0xDE, 0xCA, 0xAB, 0xF8, 0xC6, 0x29, 0x40,
0xC0, 0xA5, 0x8E, 0x87, 0xC6, 0xED, 0xDC, 0xD7,
0x4B, 0x7F, 0x71, 0x5D, 0x8C, 0x22, 0x52, 0x05,
0x46, 0x23, 0x9F, 0x3A, 0xAA, 0x10, 0xA4, 0x35,
0x82, 0x01, 0x03, 0xB4, 0xE3, 0x29, 0x53, 0x11,
0xD9, 0x92, 0xC9, 0xC8, 0x77, 0x1A, 0x3C, 0xE8,
0x49, 0x86, 0x8F, 0x36, 0xF3, 0x12, 0x14, 0xF9,
0x63, 0x9C, 0x02, 0x8F, 0x4A, 0x5F, 0x49, 0x45,
0xF2, 0xBE, 0xC9, 0x58, 0x50, 0x77, 0xBF, 0x2F,
0x63, 0x7D, 0x25, 0x49, 0xF8, 0x34, 0x8C, 0x00,
0xEC, 0xBF, 0x19, 0xC4, 0x70, 0xDF, 0x25, 0x5E,
0xFF, 0x62, 0x32, 0x81, 0x34, 0x29, 0xF8, 0x53
};
static const byte kprime_512[KYBER_SS_SZ] = {
0x22, 0x4B, 0x9C, 0x05, 0x12, 0x13, 0xEF, 0x46,
0x54, 0x92, 0x43, 0x79, 0x65, 0x32, 0x28, 0x29,
0x73, 0xFA, 0x7C, 0xF9, 0x7E, 0x89, 0x13, 0xC3,
0x39, 0xC1, 0x94, 0x0A, 0xC1, 0x7E, 0x05, 0xE0
};
#endif
#ifndef WOLFSSL_NO_KYBER768
static const byte dk_768[KYBER768_PRIVATE_KEY_SIZE] = {
0x34, 0x56, 0x85, 0x9B, 0xF7, 0x07, 0xE6, 0x72,
0xAC, 0x71, 0x2B, 0x7E, 0x70, 0xF5, 0x42, 0x75,
0x74, 0x59, 0x75, 0x02, 0xB8, 0x1D, 0xE8, 0x93,
0x1C, 0x92, 0xA9, 0xC0, 0xD2, 0x2A, 0x8E, 0x17,
0x73, 0xCB, 0x87, 0x47, 0x22, 0x05, 0xA3, 0x1C,
0x32, 0x20, 0x6B, 0xA4, 0xBC, 0xF4, 0x22, 0x59,
0x53, 0x3C, 0xB3, 0xA1, 0x9C, 0x02, 0x00, 0x86,
0x02, 0x44, 0xA6, 0xC3, 0xF6, 0x92, 0x18, 0x45,
0xB0, 0xA0, 0x58, 0x50, 0x18, 0x7A, 0x43, 0x10,
0xB3, 0xD5, 0x22, 0x3A, 0xAA, 0xA0, 0xC7, 0x9B,
0x9B, 0xBC, 0xFC, 0xCB, 0x3F, 0x75, 0x12, 0x14,
0xEB, 0x0C, 0xFA, 0xC1, 0xA2, 0x9E, 0xD8, 0x84,
0x8A, 0x5A, 0x49, 0xBA, 0x84, 0xBA, 0x68, 0xE6,
0xB6, 0xF5, 0x05, 0x7D, 0x49, 0x31, 0x05, 0xFF,
0x38, 0xA9, 0xF4, 0x4B, 0x4E, 0x7F, 0x6C, 0xBE,
0x7D, 0x21, 0x64, 0x08, 0xF7, 0xB4, 0x86, 0x05,
0xB2, 0x70, 0xB2, 0x53, 0xB0, 0x01, 0xA5, 0x40,
0x1C, 0x0C, 0x91, 0x27, 0xCC, 0x18, 0x5B, 0x1B,
0x0C, 0xF9, 0x2B, 0x99, 0xFB, 0xA0, 0xD9, 0x5A,
0x29, 0x5F, 0x87, 0x35, 0x15, 0x52, 0x0C, 0x86,
0x32, 0x1B, 0x8C, 0x96, 0x6C, 0x83, 0x7A, 0xAB,
0x34, 0xB2, 0xBF, 0xFA, 0xB2, 0xA2, 0xA4, 0x30,
0x1B, 0x35, 0x6B, 0x26, 0xCD, 0xC4, 0x56, 0x38,
0x02, 0x90, 0x1B, 0x47, 0x62, 0xF2, 0x84, 0x28,
0x1A, 0x38, 0x2E, 0x5F, 0x76, 0x2B, 0xEF, 0x47,
0xB5, 0x19, 0xA8, 0x1A, 0x10, 0x86, 0x57, 0xEB,
0xE9, 0x62, 0xBE, 0x12, 0x0B, 0x5F, 0xB3, 0xB9,
0xED, 0x33, 0x8C, 0xCF, 0x47, 0xB3, 0xA0, 0x39,
0x52, 0xA1, 0x66, 0x33, 0xF6, 0xE6, 0xB5, 0x34,
0xE6, 0xB6, 0x3D, 0x05, 0x70, 0x6E, 0xFA, 0x0F,
0x94, 0xC0, 0x3A, 0x2B, 0x85, 0x6A, 0xE5, 0x51,
0x42, 0x2F, 0x90, 0x11, 0xF2, 0x58, 0x9A, 0x41,
0xB9, 0x6A, 0x2C, 0xD2, 0x13, 0xC6, 0x99, 0x9B,
0x09, 0xE9, 0x1F, 0xF4, 0x23, 0xCB, 0x10, 0x6A,
0x1A, 0x92, 0x0B, 0x84, 0xB8, 0x11, 0x46, 0x94,
0x97, 0x15, 0x42, 0x23, 0x98, 0x7F, 0x00, 0x5C,
0x72, 0xF8, 0xAF, 0x38, 0x8B, 0x09, 0x0C, 0x63,
0x9F, 0x8C, 0x77, 0x4F, 0xC5, 0xA2, 0x94, 0xC7,
0x4A, 0x21, 0x2C, 0x91, 0xA8, 0x6C, 0x32, 0x8A,
0xEB, 0xEA, 0x55, 0x8A, 0xB4, 0x3F, 0x8B, 0x87,
0x35, 0x34, 0xFA, 0x2E, 0xF9, 0xE6, 0x6C, 0xEF,
0x3C, 0x52, 0xCD, 0x47, 0x1A, 0xB7, 0x83, 0x75,
0xE7, 0x45, 0xB9, 0xD0, 0xAA, 0x65, 0xD2, 0x27,
0x8B, 0x92, 0x75, 0xAE, 0x53, 0x48, 0xB1, 0x6C,
0xF6, 0x2A, 0xC8, 0x06, 0x57, 0x34, 0xE4, 0xBD,
0x77, 0xB8, 0x0C, 0xCF, 0x89, 0x76, 0x05, 0xEB,
0x76, 0xF4, 0x85, 0xAF, 0x8A, 0x0B, 0x46, 0x65,
0x57, 0xA8, 0x3C, 0x02, 0x92, 0xCC, 0xF9, 0x03,
0xEE, 0x7A, 0xA5, 0x7C, 0x3B, 0x51, 0xAD, 0x66,
0x01, 0x89, 0xB8, 0x61, 0x39, 0xE3, 0x80, 0x42,
0x5B, 0x31, 0xA9, 0x26, 0x89, 0xDF, 0x24, 0x31,
0xBF, 0xA7, 0xB6, 0x9E, 0xAB, 0x17, 0x27, 0x45,
0x1B, 0x29, 0xDA, 0x8B, 0x8B, 0xF8, 0x51, 0xE1,
0xBC, 0x2D, 0x3A, 0x63, 0x13, 0x4C, 0xA9, 0x66,
0x3C, 0x57, 0xAE, 0xC6, 0x98, 0x5C, 0xEB, 0xD5,
0x6D, 0xB0, 0x44, 0x7B, 0x13, 0x6B, 0x01, 0x7A,
0x97, 0x47, 0x61, 0xC3, 0xC6, 0x7D, 0x33, 0x77,
0x2F, 0x99, 0x64, 0xE5, 0x43, 0x4D, 0x64, 0x35,
0x04, 0x33, 0x2A, 0x30, 0x27, 0x29, 0x4A, 0x07,
0x8C, 0x59, 0x9C, 0xB2, 0x91, 0x63, 0x10, 0x9C,
0xE3, 0xB5, 0x6C, 0xE6, 0x98, 0xB4, 0xD3, 0xF5,
0x9E, 0x29, 0x56, 0xA1, 0xF0, 0x3A, 0x4B, 0x95,
0x55, 0x93, 0xF2, 0xD2, 0x45, 0x7F, 0xFA, 0xAE,
0x96, 0x24, 0xA0, 0x71, 0x10, 0x45, 0xB3, 0xF5,
0x52, 0x92, 0xF2, 0x0C, 0xC9, 0xD0, 0xCD, 0x79,
0x1A, 0x21, 0x59, 0x7B, 0x0F, 0x2C, 0xD9, 0x80,
0xF3, 0x51, 0x0F, 0x0B, 0x02, 0x39, 0x02, 0x20,
0x00, 0xD7, 0x35, 0x58, 0x6E, 0xE6, 0xA7, 0x3F,
0x3A, 0x3D, 0xCB, 0xD6, 0xBD, 0x1A, 0x85, 0xC8,
0x65, 0x12, 0xAB, 0xF3, 0xC5, 0x1C, 0xE0, 0x0A,
0x03, 0x31, 0xF6, 0x53, 0x60, 0x46, 0x2C, 0x02,
0x23, 0x29, 0x59, 0x7A, 0x81, 0xC3, 0xF9, 0x2F,
0xC1, 0x79, 0x38, 0xC9, 0x13, 0x8F, 0x41, 0x11,
0x38, 0x79, 0x79, 0xC2, 0x8F, 0x03, 0x34, 0xF9,
0x01, 0x19, 0x22, 0x13, 0x74, 0xDA, 0xB0, 0x45,
0x92, 0x9B, 0x49, 0xE4, 0x3A, 0x96, 0x46, 0xA2,
0x43, 0xF4, 0x46, 0x4D, 0xAF, 0x81, 0x1A, 0xB0,
0x06, 0x30, 0xC7, 0x59, 0x61, 0xBC, 0xD4, 0xAF,
0x5D, 0x99, 0x11, 0x5A, 0x37, 0x49, 0x19, 0x1B,
0xA8, 0xFD, 0x41, 0xCE, 0x0B, 0x3C, 0x89, 0xA6,
0x95, 0xB4, 0xBB, 0x85, 0x06, 0x4F, 0xD3, 0xAF,
0x95, 0xC9, 0xB4, 0xAE, 0xE0, 0x9A, 0xC7, 0xB0,
0xCC, 0x69, 0xEC, 0xA3, 0x6A, 0x00, 0x4B, 0x6C,
0xD6, 0x62, 0xA6, 0xD3, 0x27, 0x95, 0x05, 0x3E,
0xF0, 0xA0, 0x3A, 0xDA, 0x3B, 0x98, 0xBF, 0xE3,
0xB4, 0x6A, 0x79, 0x72, 0x3E, 0x3A, 0x45, 0xAB,
0x3C, 0x31, 0x95, 0x06, 0x69, 0xAD, 0x77, 0x07,
0x20, 0x62, 0xCC, 0x3B, 0x50, 0x4D, 0xF1, 0x33,
0x4F, 0xD6, 0x90, 0x9E, 0xAC, 0x79, 0x15, 0xF1,
0xD5, 0xAD, 0x16, 0x63, 0x9F, 0x5F, 0xB5, 0x64,
0x41, 0x64, 0x54, 0x25, 0x91, 0x34, 0xD5, 0x65,
0x88, 0x2C, 0xB3, 0x81, 0xCB, 0xA5, 0x8B, 0x76,
0x88, 0x07, 0x67, 0xB5, 0x0A, 0xC1, 0xB8, 0x57,
0x95, 0xD7, 0x26, 0x84, 0x33, 0xB3, 0x71, 0x23,
0x0E, 0xD4, 0xC7, 0x2F, 0x99, 0xAB, 0x1A, 0xD1,
0xE5, 0x95, 0xA4, 0x59, 0xCF, 0x0A, 0x23, 0x34,
0xAA, 0x14, 0x63, 0xAD, 0xE4, 0xBD, 0xC9, 0x24,
0x96, 0x05, 0x38, 0x18, 0x57, 0xBB, 0x98, 0x09,
0x5B, 0x41, 0x13, 0x29, 0x46, 0xCA, 0x24, 0x57,
0xDF, 0xAA, 0x91, 0x49, 0x58, 0x2A, 0xA1, 0x99,
0x27, 0xB6, 0x36, 0x89, 0xE2, 0x92, 0x9A, 0xA4,
0x10, 0x27, 0xBE, 0xF4, 0x92, 0x19, 0x70, 0xBA,
0xD4, 0xA5, 0x54, 0x90, 0xD9, 0x1A, 0xBE, 0x25,
0x1D, 0xEF, 0x45, 0x52, 0xCA, 0x88, 0x03, 0x41,
0x06, 0xA0, 0x2C, 0xE4, 0xB0, 0x58, 0xF8, 0xB5,
0x96, 0x24, 0xB6, 0x7E, 0x06, 0x3B, 0xF1, 0x78,
0xB0, 0x15, 0xE4, 0x28, 0x1E, 0xB1, 0x14, 0xA2,
0xBC, 0x24, 0x54, 0x94, 0x3A, 0x4B, 0x46, 0x47,
0x12, 0x2C, 0x42, 0xCB, 0xEA, 0x4E, 0x94, 0x15,
0x4F, 0xD3, 0xE4, 0xB7, 0x91, 0xF6, 0x29, 0x0B,
0x78, 0x29, 0x94, 0x20, 0x68, 0x53, 0xD6, 0x70,
0x00, 0xA6, 0x33, 0xF3, 0x20, 0xA8, 0xA3, 0x74,
0xCA, 0x5D, 0x40, 0x38, 0xF9, 0xCA, 0x42, 0x44,
0xDC, 0xB0, 0x2E, 0x9A, 0x84, 0xE1, 0xF7, 0xC8,
0xA8, 0x21, 0x13, 0x2B, 0x32, 0xB9, 0xA8, 0x40,
0x55, 0x7B, 0x34, 0x78, 0x06, 0x65, 0x30, 0x17,
0x24, 0xBA, 0x26, 0x06, 0x68, 0x1D, 0x94, 0x5E,
0x34, 0xD7, 0xCF, 0x94, 0x1B, 0x89, 0x63, 0xCA,
0xA1, 0x00, 0x1A, 0x49, 0x1B, 0x8B, 0x2E, 0x43,
0x57, 0x0E, 0x9A, 0xB9, 0x5C, 0x0A, 0x57, 0xC5,
0x03, 0xF0, 0xAB, 0x96, 0x0B, 0x48, 0x56, 0xD0,
0x25, 0x15, 0x74, 0x71, 0x0F, 0xE5, 0xCB, 0x47,
0x42, 0x84, 0xFC, 0x10, 0x49, 0xAA, 0x2A, 0x7B,
0x03, 0x69, 0x4A, 0x1C, 0x76, 0x3E, 0x99, 0xDA,
0xC6, 0xAD, 0x0B, 0xA8, 0x03, 0x8B, 0x13, 0x8A,
0x64, 0x43, 0x2E, 0x34, 0x91, 0x16, 0xA0, 0x31,
0xE8, 0xC7, 0x92, 0x78, 0x17, 0x51, 0xBA, 0x47,
0x3C, 0xBD, 0xF5, 0x57, 0x20, 0x00, 0x5A, 0xBD,
0xAA, 0x13, 0xD5, 0x01, 0x82, 0xF0, 0xE6, 0x33,
0x77, 0x6B, 0xB0, 0x67, 0x5C, 0x40, 0x47, 0x2B,
0xAD, 0x1F, 0x96, 0x72, 0x76, 0x91, 0x83, 0xD0,
0xCC, 0xC8, 0x10, 0xBC, 0x25, 0xA8, 0x57, 0x32,
0x20, 0x56, 0x9F, 0x6A, 0xC4, 0xBA, 0xC2, 0x2A,
0x13, 0x54, 0xD8, 0xB3, 0x6C, 0x05, 0x80, 0xD0,
0xE5, 0x29, 0x9E, 0x62, 0x9C, 0x50, 0x6C, 0xC7,
0x65, 0x55, 0x46, 0xFF, 0x27, 0x81, 0x0C, 0x97,
0xB5, 0x1B, 0xA0, 0x56, 0xBB, 0xF8, 0x6E, 0xD9,
0xCB, 0x7C, 0x0A, 0x53, 0x7F, 0x72, 0xD0, 0xCF,
0x9A, 0xD2, 0xC2, 0x31, 0xE2, 0x9E, 0xBF, 0x55,
0x3F, 0x61, 0x3C, 0xBB, 0x15, 0xB3, 0x72, 0x1A,
0x20, 0x07, 0x7E, 0x50, 0x5F, 0xD3, 0x90, 0xCB,
0x19, 0xF6, 0x48, 0x8A, 0x10, 0x7D, 0xEE, 0x1C,
0xAC, 0x58, 0xAB, 0x70, 0x34, 0xBA, 0x69, 0x03,
0x00, 0x21, 0x95, 0x95, 0xB3, 0x69, 0x5C, 0x12,
0x34, 0xE8, 0xB5, 0x7E, 0x33, 0xC8, 0xD3, 0xA0,
0x48, 0x45, 0x4A, 0x61, 0x6D, 0xF3, 0xC9, 0xB5,
0x6A, 0x6F, 0xF2, 0x02, 0x6A, 0xF9, 0x97, 0x72,
0x5F, 0xC9, 0x55, 0x79, 0x04, 0x3B, 0xAE, 0x93,
0x99, 0xB6, 0x79, 0x0D, 0x63, 0x7B, 0x4F, 0xA8,
0x20, 0xB0, 0xB2, 0xD2, 0xCA, 0xB6, 0x07, 0xBA,
0xF6, 0xA3, 0x72, 0x73, 0x4C, 0x31, 0xEE, 0x00,
0x26, 0xF3, 0xC0, 0x76, 0xD1, 0x4A, 0x8E, 0x3E,
0xE6, 0x6A, 0xAD, 0x8B, 0xBB, 0xCC, 0xEB, 0x9D,
0xC7, 0x0C, 0x7B, 0x6B, 0xB0, 0xBB, 0x76, 0xC2,
0x00, 0xC2, 0x31, 0x60, 0x1C, 0xA0, 0x87, 0x3E,
0xC8, 0x71, 0x0F, 0x4B, 0x18, 0xD5, 0x72, 0x90,
0xB0, 0x33, 0x72, 0x7C, 0x60, 0x1E, 0xDB, 0x71,
0xC2, 0xB0, 0xF0, 0xC2, 0x1D, 0x55, 0x3E, 0x0E,
0x7A, 0x4F, 0x77, 0x71, 0x68, 0x39, 0xC7, 0xC8,
0x44, 0x8A, 0xBB, 0x9F, 0x66, 0xA5, 0x4E, 0x8A,
0x4B, 0x08, 0xA7, 0x9D, 0x9A, 0x39, 0x2C, 0xA1,
0x27, 0x00, 0x31, 0x38, 0x8B, 0xAD, 0x56, 0x21,
0x7E, 0x32, 0xAE, 0xF5, 0x54, 0x11, 0x97, 0x49,
0x06, 0xA2, 0x45, 0xC0, 0x07, 0x12, 0xB3, 0xCB,
0xB1, 0x17, 0x06, 0x85, 0x19, 0x3F, 0xE2, 0x5A,
0xCD, 0x7A, 0xC1, 0x3D, 0x32, 0x07, 0x3F, 0x38,
0x79, 0xA5, 0xD7, 0x83, 0x75, 0xF0, 0x05, 0x2C,
0xF7, 0x91, 0x75, 0xBA, 0xB4, 0x6D, 0x22, 0x37,
0x05, 0x97, 0xBD, 0x06, 0x78, 0x9E, 0xDD, 0x07,
0x11, 0xCC, 0x42, 0x43, 0x50, 0x7A, 0x02, 0xB4,
0xFA, 0xAD, 0xBB, 0x62, 0x25, 0x0C, 0xC9, 0x97,
0xAE, 0x03, 0x27, 0xAE, 0xB0, 0x0D, 0xEB, 0x52,
0x91, 0x92, 0xA6, 0x4B, 0x10, 0x96, 0xA8, 0x6B,
0x19, 0x67, 0x4D, 0x0B, 0x0A, 0xF0, 0x5C, 0x4A,
0xAE, 0x17, 0x8C, 0x2C, 0x9A, 0x64, 0x42, 0xE9,
0x4E, 0xD0, 0xA5, 0x60, 0x33, 0xA1, 0x1E, 0xE4,
0x26, 0x32, 0xC0, 0xB4, 0xAA, 0x51, 0xD4, 0x21,
0x50, 0x79, 0x0F, 0x41, 0x06, 0x2B, 0x77, 0x25,
0x3C, 0x25, 0xBA, 0x4D, 0xE5, 0x59, 0x76, 0x1F,
0x0A, 0x90, 0x06, 0x83, 0x89, 0x72, 0x8B, 0xC9,
0x77, 0xF7, 0x0C, 0xF7, 0xBC, 0xCF, 0xBD, 0x88,
0x3D, 0xF1, 0x3C, 0x79, 0xF5, 0xF2, 0xC3, 0x43,
0x12, 0xCB, 0x1D, 0x5A, 0x55, 0xD7, 0x8C, 0x1B,
0x24, 0x20, 0x96, 0xA8, 0xC0, 0x59, 0x3C, 0xFB,
0x27, 0x53, 0x46, 0x0B, 0xD3, 0x0A, 0xBA, 0x30,
0x6C, 0x74, 0x17, 0x39, 0x95, 0x74, 0x83, 0x85,
0xD0, 0x0B, 0x36, 0x70, 0xE6, 0x13, 0x24, 0xD8,
0x7D, 0xE8, 0xA1, 0x44, 0x50, 0xDC, 0x49, 0x37,
0x68, 0x77, 0x7F, 0xF0, 0xCE, 0x68, 0x10, 0x93,
0x7A, 0x71, 0x12, 0x29, 0x56, 0x1A, 0x5E, 0xF2,
0xBB, 0x69, 0x86, 0x10, 0x74, 0xE0, 0x0B, 0xD9,
0x32, 0x66, 0xE4, 0xB8, 0x62, 0x69, 0xE1, 0x8E,
0xEA, 0x2C, 0xAA, 0xCB, 0x60, 0xA1, 0x35, 0x86,
0x36, 0xCD, 0x7A, 0x7C, 0xA6, 0xBB, 0x68, 0x21,
0x30, 0x24, 0x17, 0x84, 0xB1, 0x01, 0xEA, 0x5B,
0xFD, 0x6C, 0x3A, 0x07, 0x15, 0x86, 0x21, 0x61,
0x47, 0x36, 0xF6, 0x99, 0x6D, 0x5A, 0x4E, 0x14,
0x96, 0x3A, 0x12, 0xD8, 0x36, 0xE5, 0x33, 0xA0,
0xC8, 0x91, 0x2D, 0xB7, 0xE1, 0x16, 0x85, 0xA4,
0xA5, 0x3D, 0x82, 0x85, 0xF0, 0x87, 0x50, 0xDF,
0xF6, 0x6D, 0xA2, 0x7C, 0x23, 0xB9, 0x75, 0x42,
0xDE, 0xFB, 0x99, 0xE4, 0x70, 0xAC, 0xD5, 0xE6,
0x47, 0xC9, 0x40, 0xCB, 0x57, 0x30, 0x1B, 0x43,
0xCC, 0x3E, 0x68, 0xE6, 0x4E, 0x28, 0xB0, 0x67,
0x70, 0x69, 0x5E, 0xF6, 0x09, 0x26, 0x5E, 0x06,
0xC6, 0x0F, 0x22, 0xCB, 0x87, 0x58, 0x49, 0xE6,
0x2B, 0xAB, 0x88, 0xCC, 0x10, 0xEC, 0xF6, 0x22,
0xC3, 0x79, 0xCB, 0x54, 0xF1, 0x3D, 0x8B, 0x2B,
0xAC, 0x90, 0x2B, 0x9A, 0xB0, 0x2B, 0xB3, 0x30,
0xB4, 0x5A, 0xC8, 0xB7, 0x41, 0xC2, 0x64, 0x7A,
0xC4, 0x5B, 0x5B, 0xF4, 0x8A, 0x6D, 0x3F, 0xE0,
0x39, 0x98, 0x6C, 0xC9, 0x40, 0xC6, 0x0A, 0x94,
0xE6, 0x6C, 0xF6, 0x44, 0x53, 0x10, 0x16, 0xA5,
0x27, 0x24, 0x50, 0x82, 0x43, 0x14, 0xB5, 0x66,
0x2A, 0x0A, 0x90, 0x9A, 0xBF, 0xB4, 0x6F, 0xD2,
0x7B, 0xAE, 0xD3, 0xAB, 0xA8, 0x25, 0x93, 0x61,
0x59, 0x68, 0x82, 0xB0, 0x8B, 0x2A, 0xC7, 0x23,
0x39, 0x30, 0xFC, 0x37, 0x86, 0x73, 0x8E, 0xD2,
0xF8, 0x1E, 0xE6, 0x38, 0xC4, 0x5C, 0x3B, 0x9C,
0xFD, 0x19, 0x51, 0xDB, 0x5B, 0xCC, 0x14, 0x45,
0xC2, 0xC1, 0x62, 0x5D, 0x57, 0xD5, 0x7B, 0x53,
0x90, 0x4B, 0x6A, 0x1A, 0xB6, 0x81, 0x58, 0x07,
0x55, 0xE8, 0x9F, 0xA7, 0x97, 0x75, 0xA6, 0x57,
0xCD, 0x62, 0xB4, 0x42, 0x63, 0x04, 0xBC, 0x0C,
0x71, 0x1E, 0x28, 0x07, 0xA2, 0xC9, 0xE8, 0x52,
0xD4, 0xB4, 0x35, 0x9E, 0xE6, 0xB5, 0x3E, 0x46,
0x75, 0xF5, 0x23, 0xC9, 0x07, 0x82, 0x57, 0x2D,
0xC7, 0x36, 0x8F, 0xB4, 0x00, 0xC3, 0x28, 0xC7,
0x0F, 0xC8, 0x46, 0xB5, 0xE9, 0x8A, 0x43, 0x30,
0xBB, 0xB6, 0x27, 0xBD, 0xD7, 0x84, 0xB4, 0xDA,
0xF0, 0xB1, 0xF6, 0x45, 0x94, 0x49, 0x42, 0xB4,
0xC2, 0xB6, 0x22, 0x5C, 0x8B, 0x31, 0xE9, 0x89,
0x54, 0x55, 0x22, 0xBA, 0x6F, 0x10, 0x39, 0x60,
0x34, 0xCB, 0x1C, 0xA7, 0x45, 0x97, 0x78, 0x44,
0xD5, 0x70, 0x89, 0x4C, 0x61, 0x1A, 0x56, 0x08,
0xA7, 0x57, 0x41, 0x6D, 0x6D, 0xE5, 0x99, 0x63,
0xC3, 0x27, 0x98, 0xC4, 0x93, 0xEF, 0xD2, 0x26,
0x4C, 0x23, 0x19, 0x10, 0xE9, 0xA3, 0x00, 0x90,
0xCA, 0x7B, 0x53, 0x84, 0xF2, 0x31, 0xB8, 0x9B,
0xA6, 0x8A, 0x23, 0x81, 0x90, 0xEF, 0x1A, 0x2A,
0x43, 0xCB, 0x01, 0x70, 0x34, 0x70, 0xA0, 0xF0,
0x61, 0xA7, 0x07, 0x38, 0x94, 0x4B, 0xCD, 0x9B,
0x70, 0x04, 0xF2, 0x47, 0x97, 0xAE, 0xCB, 0x88,
0xB1, 0x09, 0x1C, 0xFE, 0xD0, 0x59, 0x0B, 0x04,
0x15, 0x45, 0x3C, 0x39, 0xB6, 0xEC, 0x45, 0xB6,
0x63, 0x05, 0xFA, 0xEA, 0x6B, 0x55, 0xA4, 0xB7,
0x96, 0x75, 0x05, 0xFE, 0x38, 0x62, 0xA2, 0x67,
0xAD, 0xBF, 0xE0, 0x5B, 0x91, 0x81, 0xA0, 0x65,
0x01, 0x89, 0x33, 0x91, 0x65, 0x0E, 0xAA, 0xA4,
0xA6, 0xD1, 0x68, 0x53, 0x34, 0x92, 0x76, 0xF9,
0x8E, 0x0F, 0x44, 0xCD, 0x72, 0x66, 0x15, 0xC6,
0x1C, 0x16, 0x71, 0x30, 0x94, 0xD8, 0xAB, 0x09,
0x3C, 0xAC, 0x71, 0xF2, 0x80, 0x3E, 0x7D, 0x39,
0x10, 0x9E, 0xF5, 0x00, 0x9C, 0x9C, 0x2C, 0xDA,
0xF7, 0xB7, 0xA6, 0xB3, 0x7A, 0x33, 0xA4, 0x98,
0x81, 0xF4, 0xBB, 0x5D, 0x72, 0x45, 0xA1, 0x4C,
0x50, 0x42, 0x28, 0x0C, 0x76, 0xA8, 0x4E, 0x63,
0xF4, 0x9D, 0x0D, 0x61, 0x9D, 0x46, 0xD7, 0x23,
0xBA, 0xA7, 0x47, 0xA3, 0xBA, 0x90, 0xA6, 0xFB,
0x63, 0x7A, 0x9A, 0x1D, 0xC0, 0x22, 0x68, 0xFD,
0x5C, 0x04, 0x3D, 0x18, 0xCB, 0xA1, 0x52, 0x8A,
0xC8, 0xE2, 0x25, 0xC1, 0xF9, 0x23, 0xD1, 0xCC,
0x84, 0xF2, 0xE7, 0x8E, 0x25, 0xDC, 0x3C, 0xCE,
0x93, 0x53, 0xC9, 0xDA, 0xC2, 0xAD, 0x72, 0x6A,
0x79, 0xF6, 0x49, 0x40, 0x80, 0x1D, 0xD5, 0x70,
0x1E, 0xFB, 0xDC, 0xB8, 0x0A, 0x98, 0xA2, 0x59,
0x93, 0xCD, 0x7F, 0x80, 0x59, 0x13, 0x20, 0xB6,
0x31, 0x72, 0x71, 0x86, 0x47, 0xB9, 0x76, 0xA9,
0x8A, 0x77, 0x16, 0x86, 0xF0, 0x12, 0x0A, 0x05,
0x3B, 0x0C, 0x44, 0x74, 0x60, 0x43, 0x05, 0x89,
0x0F, 0xEC, 0xAF, 0x23, 0x47, 0x5D, 0xDC, 0xC1,
0x1B, 0xC0, 0x8A, 0x9C, 0x5F, 0x59, 0x2A, 0xBB,
0x1A, 0x15, 0x3D, 0xB1, 0xB8, 0x83, 0xC0, 0x50,
0x7E, 0xB6, 0x8F, 0x78, 0xE0, 0xA1, 0x4D, 0xEB,
0xBF, 0xEE, 0xC6, 0x21, 0xE1, 0x0A, 0x69, 0xB6,
0xDA, 0xAF, 0xAA, 0x91, 0x6B, 0x53, 0x95, 0x33,
0xE5, 0x08, 0x00, 0x7C, 0x41, 0x88, 0xCE, 0x05,
0xC8, 0x62, 0xD1, 0x01, 0xD4, 0xDB, 0x1D, 0xF3,
0xC4, 0x50, 0x2B, 0x8C, 0x8A, 0xE1, 0x45, 0x74,
0x88, 0xA3, 0x6E, 0xAD, 0x26, 0x65, 0xBF, 0xAC,
0xB3, 0x21, 0x76, 0x02, 0x81, 0xDB, 0x9C, 0xA7,
0x2C, 0x76, 0x14, 0x36, 0x34, 0x04, 0xA0, 0xA8,
0xEA, 0xBC, 0x05, 0x8A, 0x23, 0xA3, 0x46, 0x87,
0x5F, 0xA9, 0x6B, 0xB1, 0x8A, 0xC2, 0xCC, 0xF0,
0x93, 0xB8, 0xA8, 0x55, 0x67, 0x38, 0x11, 0xCE,
0xD4, 0x7C, 0xBE, 0x1E, 0xE8, 0x1D, 0x2C, 0xF0,
0x7E, 0x43, 0xFC, 0x48, 0x72, 0x09, 0x08, 0x53,
0x74, 0x31, 0x08, 0x86, 0x5F, 0x02, 0xC5, 0x61,
0x2A, 0xA8, 0x71, 0x66, 0x70, 0x7E, 0xE9, 0x0F,
0xFD, 0x5B, 0x80, 0x21, 0xF0, 0xAA, 0x01, 0x6E,
0x5D, 0xBC, 0xD9, 0x1F, 0x57, 0xB3, 0x56, 0x2D,
0x3A, 0x2B, 0xCF, 0xA2, 0x0A, 0x4C, 0x03, 0x01,
0x0B, 0x8A, 0xA1, 0x44, 0xE6, 0x48, 0x28, 0x04,
0xB4, 0x74, 0xFE, 0xC1, 0xF5, 0xE1, 0x38, 0xBE,
0x63, 0x2A, 0x3B, 0x9C, 0x82, 0x48, 0x3D, 0xC6,
0x89, 0x0A, 0x13, 0xB1, 0xE8, 0xEE, 0x6A, 0xF7,
0x14, 0xEC, 0x5E, 0xFA, 0xC3, 0xB1, 0x97, 0x6B,
0x29, 0xDA, 0xDB, 0x60, 0x5B, 0x14, 0xD3, 0x73,
0x2B, 0x5D, 0xE1, 0x18, 0x59, 0x65, 0x16, 0x85,
0x81, 0x17, 0xE2, 0x63, 0x4C, 0x4E, 0xA0, 0xCC
};
static const byte c_768[KYBER768_CIPHER_TEXT_SIZE] = {
0xDF, 0xA6, 0xB9, 0xD7, 0x2A, 0x63, 0xB4, 0x20,
0xB8, 0x9D, 0xDE, 0x50, 0xF7, 0xE0, 0xD5, 0x6E,
0xCF, 0x87, 0x6B, 0xFE, 0xF9, 0x91, 0xFC, 0xE9,
0x1C, 0x8D, 0x28, 0x6F, 0xA6, 0xEA, 0xBA, 0xC1,
0x73, 0x0F, 0xD8, 0x77, 0x41, 0xFE, 0x4A, 0xD7,
0x17, 0xB2, 0x82, 0xA2, 0x1E, 0x23, 0x5A, 0x55,
0xC3, 0x75, 0x7D, 0x88, 0xD4, 0xCE, 0x62, 0xF4,
0x14, 0xEB, 0x77, 0xEB, 0x9D, 0x35, 0x7E, 0xE2,
0x9D, 0x00, 0x08, 0x7B, 0xF8, 0x11, 0x0E, 0x5B,
0xBB, 0xC7, 0xC9, 0x04, 0x19, 0x07, 0x2E, 0xAE,
0x04, 0x4B, 0xF7, 0xE1, 0x83, 0xD4, 0x3A, 0x94,
0xB2, 0x63, 0x2A, 0xA1, 0x46, 0x49, 0x61, 0x9B,
0x70, 0x64, 0x95, 0x21, 0xBC, 0x19, 0x37, 0x09,
0x42, 0xEF, 0x70, 0xF3, 0x6C, 0x34, 0xC8, 0xC2,
0x35, 0x91, 0xEE, 0x0C, 0xA7, 0x1A, 0x12, 0xD2,
0x79, 0xE0, 0xF5, 0x2D, 0x39, 0xED, 0x0F, 0x91,
0x3F, 0x8C, 0x26, 0x26, 0x21, 0xFB, 0x24, 0x2E,
0x68, 0x0D, 0xEB, 0x30, 0x7B, 0x07, 0x49, 0xC6,
0xB3, 0x93, 0xA8, 0xEF, 0x66, 0xF8, 0xB0, 0x4A,
0xAF, 0xA8, 0x77, 0xB9, 0x51, 0xAB, 0x93, 0xF5,
0x98, 0xB4, 0xB2, 0xFA, 0xB0, 0x4F, 0x88, 0xAC,
0x80, 0x39, 0x84, 0xFF, 0x37, 0xE3, 0xFE, 0x74,
0xF3, 0xA6, 0x16, 0xD5, 0x31, 0x4E, 0xB3, 0xA8,
0x26, 0xF8, 0x74, 0xF8, 0xEC, 0xD3, 0xA5, 0x64,
0x7D, 0x04, 0x94, 0x2A, 0x57, 0xEF, 0xC0, 0x96,
0x38, 0x47, 0x0D, 0xC0, 0xA9, 0xDF, 0x40, 0xB3,
0x17, 0x57, 0x1D, 0x39, 0x84, 0xA7, 0x8C, 0xF7,
0xD1, 0x17, 0x51, 0x09, 0x07, 0x22, 0xB3, 0x05,
0x9E, 0x07, 0x59, 0x1C, 0xC4, 0xA2, 0xED, 0x9B,
0xA0, 0xDC, 0xE9, 0x9B, 0xE9, 0xE5, 0xEE, 0x5D,
0xB8, 0xD6, 0x98, 0xCD, 0xEB, 0x58, 0x14, 0x75,
0x9B, 0xA9, 0x77, 0xC9, 0x00, 0x79, 0xCF, 0x2A,
0xFD, 0xE4, 0x78, 0x06, 0x9C, 0x51, 0x3A, 0x60,
0x09, 0x1A, 0x3A, 0x5D, 0x01, 0x11, 0xE2, 0x2D,
0xE0, 0x6C, 0xB1, 0x45, 0xC1, 0x4E, 0x22, 0xA2,
0x14, 0xCB, 0x27, 0x8C, 0x81, 0x52, 0xB0, 0x68,
0x1B, 0xCA, 0xFF, 0x54, 0xD5, 0x52, 0xB5, 0x4A,
0x67, 0x1C, 0x0D, 0xFE, 0xF7, 0x75, 0xE7, 0xC5,
0x4F, 0xEF, 0xC4, 0x85, 0x38, 0x68, 0xC9, 0x55,
0x97, 0x1A, 0xBD, 0xAC, 0x2A, 0x76, 0x29, 0x2C,
0xCC, 0xD4, 0xFD, 0x1C, 0x70, 0x6B, 0x7D, 0x36,
0x14, 0x15, 0x96, 0x73, 0xE9, 0xD7, 0xB2, 0x9A,
0x2D, 0x3F, 0x63, 0x36, 0x31, 0x29, 0xE7, 0xA2,
0x1E, 0x80, 0x3A, 0x46, 0x0F, 0x27, 0x14, 0xE3,
0xE2, 0x59, 0x22, 0x78, 0x0A, 0xF3, 0x82, 0x57,
0xCD, 0x14, 0x95, 0xAC, 0xD1, 0xE0, 0x19, 0x80,
0x63, 0x8D, 0xF5, 0x8A, 0x15, 0x3D, 0xAB, 0x07,
0xEF, 0xB5, 0xC7, 0xE7, 0x8A, 0xDA, 0xCF, 0x63,
0x19, 0x56, 0xD6, 0x9C, 0xCD, 0xA0, 0x70, 0x45,
0x95, 0x68, 0xBD, 0x9D, 0x11, 0xA2, 0x93, 0x4B,
0xCF, 0x16, 0x43, 0xBC, 0x99, 0x46, 0x82, 0x38,
0x91, 0x0B, 0x1F, 0x74, 0x2E, 0xBB, 0x3C, 0x03,
0xD3, 0x9F, 0xD4, 0x5C, 0xFB, 0x85, 0xBA, 0x30,
0x9E, 0x29, 0xDD, 0x9B, 0x5C, 0xD5, 0x60, 0x81,
0x9E, 0xC7, 0x29, 0xFC, 0xAC, 0x8B, 0x9D, 0x72,
0x5E, 0x3E, 0x8A, 0xBE, 0xDE, 0x4B, 0x52, 0x98,
0xA8, 0x65, 0x8E, 0xE3, 0xF7, 0x81, 0xB0, 0xCE,
0x68, 0x3C, 0xBB, 0x73, 0x35, 0xCD, 0x57, 0xEF,
0xE2, 0x20, 0x4A, 0x8F, 0x19, 0x74, 0x46, 0xD7,
0x31, 0x4C, 0xDB, 0xF4, 0xC5, 0xD0, 0x8C, 0xCC,
0x41, 0xF8, 0x08, 0x57, 0xCC, 0x95, 0x71, 0xFB,
0xFB, 0x90, 0x60, 0x60, 0xF7, 0xE1, 0x7C, 0x8C,
0xEF, 0x0F, 0x27, 0x4A, 0xFF, 0x83, 0xE3, 0x93,
0xB1, 0x5F, 0x2F, 0x95, 0x89, 0xA1, 0x3A, 0xF4,
0xBC, 0x78, 0xE1, 0x6C, 0xDD, 0xE6, 0x23, 0x61,
0xD6, 0x3B, 0x8D, 0xC9, 0x03, 0xB7, 0x0C, 0x01,
0xA4, 0x34, 0x19, 0xCD, 0x20, 0x52, 0x15, 0x0B,
0xD2, 0x87, 0x19, 0xF6, 0x1F, 0xF3, 0x1F, 0x4A,
0x9B, 0xEC, 0x4D, 0xDB, 0xCE, 0xC1, 0xF8, 0xFB,
0x2E, 0xFB, 0xF3, 0x7D, 0xFF, 0xFA, 0x4C, 0x7F,
0xEC, 0xA8, 0xCE, 0x6D, 0x62, 0x6B, 0xFD, 0xA1,
0x6E, 0xE7, 0x08, 0xD9, 0x20, 0x68, 0x14, 0xA2,
0xEF, 0x98, 0x85, 0x25, 0x61, 0x5D, 0x4A, 0xC9,
0xBE, 0x60, 0x8C, 0x4B, 0x03, 0xAB, 0xEE, 0x95,
0xB3, 0x2A, 0x5D, 0xB7, 0x4A, 0x96, 0x11, 0x9A,
0x7E, 0x15, 0x9A, 0xF9, 0x9C, 0xD9, 0x8E, 0x88,
0xEA, 0xF0, 0x9F, 0x0D, 0x78, 0x0E, 0x7C, 0x7E,
0x81, 0x4B, 0x8E, 0x88, 0xB4, 0xF4, 0xE1, 0x5F,
0xA5, 0x49, 0x95, 0xD0, 0xEC, 0xBA, 0xD3, 0xEF,
0x04, 0x6A, 0x49, 0x47, 0xF3, 0xE8, 0xB9, 0xE7,
0x44, 0x24, 0x14, 0x89, 0xB8, 0x06, 0xFE, 0x94,
0x01, 0xE7, 0x8B, 0xAF, 0xC8, 0xE8, 0x82, 0xE9,
0xD6, 0xD0, 0x70, 0x0F, 0x72, 0x0C, 0x00, 0x24,
0xE7, 0xDA, 0x49, 0x06, 0x1C, 0x5D, 0x18, 0xA6,
0x20, 0x74, 0x04, 0x0A, 0xBC, 0x00, 0x03, 0x20,
0x0E, 0xD4, 0x65, 0x23, 0x17, 0x97, 0x93, 0x0A,
0x2E, 0x2A, 0xA5, 0x01, 0xF6, 0x48, 0x62, 0xDD,
0xA1, 0x30, 0x14, 0xA9, 0x9F, 0x9D, 0x32, 0x70,
0xAA, 0x90, 0x7E, 0xEB, 0x3F, 0xDB, 0xFF, 0x29,
0x16, 0x00, 0xDF, 0x1F, 0x6B, 0x39, 0x68, 0x4B,
0x11, 0xE3, 0x96, 0xB7, 0x0D, 0x86, 0xF9, 0x04,
0x92, 0xE8, 0x2B, 0x09, 0xBA, 0x25, 0x60, 0x7B,
0x0C, 0x28, 0x6F, 0xBC, 0x07, 0x01, 0x82, 0xAC,
0x76, 0xFA, 0x7C, 0x85, 0x9A, 0xAF, 0xEA, 0x87,
0x01, 0x6A, 0xED, 0x22, 0xC3, 0x60, 0x5A, 0x27,
0x89, 0xA1, 0xD4, 0x39, 0xFD, 0x8D, 0x93, 0x33,
0x42, 0xDA, 0xB7, 0x45, 0xA3, 0xE5, 0x50, 0xE7,
0xD7, 0x7C, 0x01, 0xA6, 0x23, 0x4B, 0xDA, 0x7D,
0x6B, 0xB1, 0x9D, 0x49, 0x5E, 0x65, 0x60, 0xFC,
0xE8, 0x39, 0x6F, 0xC3, 0xC6, 0xE0, 0x88, 0xED,
0x60, 0xF5, 0xF2, 0x77, 0x14, 0x16, 0xEA, 0x3B,
0xE5, 0xBE, 0x47, 0x2B, 0x64, 0x04, 0x90, 0x6C,
0x91, 0xE7, 0x1D, 0x9A, 0x86, 0x72, 0xF3, 0x90,
0x08, 0x36, 0x55, 0xAB, 0x7D, 0x0E, 0xC6, 0xED,
0xFE, 0x86, 0x78, 0x9C, 0xE2, 0x0B, 0xE2, 0xEA,
0x90, 0xCA, 0x5C, 0xC3, 0x14, 0x16, 0xFB, 0x24,
0xCB, 0xAF, 0x94, 0xDA, 0x14, 0x68, 0xFE, 0x69,
0x6B, 0xCD, 0xF5, 0x24, 0x7C, 0xF1, 0x17, 0xCB,
0xE9, 0x33, 0x40, 0x76, 0xCA, 0x68, 0x96, 0xB2,
0xF6, 0xA0, 0x16, 0xB1, 0xF7, 0xC7, 0x37, 0x28,
0x80, 0x78, 0x98, 0xD8, 0xB1, 0x99, 0x75, 0x6C,
0x2B, 0x0A, 0xA2, 0x45, 0x7E, 0x1B, 0x4F, 0x77,
0x54, 0xC4, 0x57, 0x6C, 0xE5, 0x64, 0x56, 0x14,
0xEA, 0x15, 0xC1, 0xAE, 0x28, 0xB0, 0x94, 0xEB,
0x21, 0x7C, 0x7A, 0x7A, 0x41, 0x23, 0x95, 0x76,
0xCB, 0xDA, 0x38, 0x0E, 0xE6, 0x87, 0x83, 0x43,
0x27, 0x30, 0xAD, 0x5E, 0xBE, 0x7F, 0x51, 0xD6,
0xBE, 0x7F, 0xB0, 0x2A, 0xB3, 0x7B, 0xE0, 0xC9,
0x6A, 0xAC, 0x9F, 0x3C, 0x79, 0x0A, 0x18, 0xD1,
0x59, 0xE6, 0xBA, 0xBA, 0x71, 0xEC, 0x88, 0xC1,
0x10, 0xFD, 0x84, 0xC3, 0x36, 0xDF, 0x63, 0x0F,
0x27, 0x1C, 0xF7, 0x93, 0x28, 0xB6, 0xC8, 0x79,
0xDF, 0x7C, 0xDE, 0x0F, 0x70, 0x71, 0x22, 0x20,
0xB1, 0xFB, 0xB9, 0xAC, 0xB4, 0x82, 0x48, 0xD9,
0x1F, 0x0E, 0x2B, 0x6E, 0x3B, 0xE4, 0x0C, 0x2B,
0x22, 0x1E, 0x62, 0x6E, 0x7E, 0x33, 0x0D, 0x9D,
0x83, 0xCC, 0x06, 0x68, 0xF7, 0x30, 0x85, 0x91,
0xE1, 0x4C, 0x7D, 0x72, 0xB8, 0x41, 0xA6, 0xF0,
0x5F, 0x3F, 0xDC, 0x13, 0x9E, 0xEC, 0xC1, 0x53,
0x67, 0x65, 0x65, 0x0B, 0x55, 0xA9, 0xCE, 0xC6,
0xBB, 0xF5, 0x4C, 0xCE, 0xC5, 0xC3, 0xAC, 0x9A,
0x0E, 0x39, 0xF4, 0x8F, 0x23, 0x7B, 0xD4, 0xC6,
0x60, 0xCB, 0x1A, 0x8D, 0x25, 0x0B, 0xB6, 0xC8,
0xC0, 0x10, 0xFE, 0xC3, 0x4C, 0xC3, 0xD9, 0x15,
0x99, 0x27, 0x1C, 0x75, 0x31, 0x33, 0x0F, 0x12,
0xA3, 0xE4, 0x4F, 0xAF, 0xD9, 0x05, 0xD2, 0xC6
};
static const byte kprime_768[KYBER_SS_SZ] = {
0xBD, 0x72, 0x56, 0xB2, 0x42, 0xF4, 0x04, 0x86,
0x9D, 0x66, 0x2F, 0x80, 0xBF, 0x67, 0x7A, 0x16,
0xC0, 0xC6, 0xFC, 0x15, 0x68, 0xCC, 0xA5, 0xB6,
0x45, 0x82, 0xA0, 0x1A, 0x6A, 0x14, 0x2D, 0x71
};
#endif
#ifndef WOLFSSL_NO_KYBER1024
static const byte dk_1024[KYBER1024_PRIVATE_KEY_SIZE] = {
0x0F, 0xEA, 0x26, 0xC4, 0xA5, 0x44, 0xA5, 0x14,
0x44, 0x4A, 0x97, 0x1B, 0x5C, 0x5A, 0x82, 0x58,
0x27, 0xC0, 0x9D, 0x42, 0x46, 0x9E, 0x59, 0x34,
0x4C, 0xF2, 0xAC, 0x06, 0xA2, 0x8D, 0x33, 0xE9,
0xA0, 0x12, 0xCA, 0xA3, 0x71, 0x7B, 0x2C, 0x3B,
0x29, 0x0A, 0x07, 0x15, 0x82, 0x11, 0x09, 0xC4,
0xCC, 0xEA, 0xC4, 0x9F, 0x34, 0x1D, 0xAD, 0xD3,
0x77, 0xD4, 0x2A, 0x37, 0x26, 0x19, 0x16, 0xAC,
0x7B, 0xB9, 0xE4, 0x1C, 0x09, 0x6C, 0xA8, 0x18,
0x1C, 0xF5, 0x83, 0x50, 0x57, 0x3F, 0x60, 0x56,
0x84, 0xA1, 0xBC, 0xA5, 0x3D, 0x88, 0x25, 0x74,
0x53, 0xC5, 0x35, 0x16, 0x5C, 0x4E, 0xD7, 0x2A,
0x9F, 0xF0, 0x56, 0x45, 0x71, 0x29, 0x01, 0xF6,
0x6C, 0x10, 0xD0, 0x4F, 0x5E, 0xB4, 0xA2, 0xEC,
0x37, 0x72, 0xE9, 0x49, 0x8E, 0x9D, 0xC4, 0x4B,
0xBD, 0xAB, 0x71, 0xBB, 0xDB, 0xBC, 0xFC, 0x85,
0xB8, 0x01, 0x36, 0x30, 0x89, 0xEA, 0x60, 0xEF,
0xE5, 0x86, 0xE1, 0xE2, 0x18, 0x0C, 0x38, 0xB2,
0xE7, 0xB4, 0xA6, 0x3E, 0xD6, 0x07, 0x49, 0x0B,
0xC5, 0xBA, 0x7A, 0x58, 0xAC, 0x3B, 0x1C, 0x0E,
0x43, 0x96, 0x72, 0x00, 0xC7, 0x98, 0x02, 0x90,
0xEB, 0xF4, 0x11, 0x82, 0x84, 0x39, 0xEE, 0x8C,
0x8E, 0x61, 0x29, 0xB2, 0x58, 0xE1, 0x3D, 0x12,
0x7C, 0xB1, 0x5A, 0x00, 0xCB, 0x7B, 0x46, 0x8D,
0x40, 0x23, 0xB5, 0x09, 0x7B, 0x9B, 0x2E, 0x50,
0x9B, 0x50, 0xE8, 0x90, 0xB6, 0x3B, 0x47, 0x07,
0x48, 0x79, 0x61, 0xA2, 0x9E, 0x18, 0x65, 0x6D,
0xD2, 0xD0, 0x9E, 0x6A, 0x3B, 0x88, 0x43, 0xE2,
0x84, 0x3C, 0xB4, 0x85, 0x4F, 0x18, 0x11, 0x6E,
0x71, 0x7D, 0xDB, 0x03, 0x55, 0xA7, 0x51, 0x35,
0xB2, 0x02, 0x6A, 0x75, 0x2C, 0x8E, 0x7F, 0xF1,
0x8E, 0x0F, 0x4A, 0x39, 0x1C, 0xA3, 0x7F, 0x5B,
0x2B, 0xCC, 0x88, 0xC9, 0x99, 0xB4, 0xE4, 0x77,
0x50, 0xC4, 0x65, 0x47, 0xEC, 0x07, 0x6A, 0xC2,
0x15, 0x30, 0x72, 0x2C, 0xFA, 0xF9, 0x67, 0x99,
0x61, 0xC9, 0x86, 0x88, 0xC3, 0x56, 0x2B, 0x17,
0xCC, 0x80, 0x81, 0x46, 0xA1, 0x25, 0x72, 0xC9,
0xB5, 0xFF, 0x15, 0x1A, 0xAB, 0x54, 0x41, 0x09,
0x01, 0x84, 0x0E, 0x26, 0x42, 0x39, 0x87, 0xC5,
0xE0, 0xD2, 0x8E, 0xF2, 0xEA, 0x53, 0xEA, 0xE5,
0x95, 0x1E, 0x62, 0xAC, 0x7B, 0xD5, 0x18, 0xB9,
0x83, 0x0A, 0x4D, 0xBC, 0xCE, 0x6A, 0x93, 0x65,
0x91, 0xEA, 0x8E, 0xF2, 0x75, 0x07, 0x8A, 0x09,
0x73, 0x85, 0x2A, 0x4D, 0x13, 0x04, 0x95, 0xD0,
0x0B, 0x3F, 0x21, 0x85, 0x15, 0x99, 0x90, 0x1C,
0xFD, 0xF9, 0x36, 0x83, 0x44, 0xC8, 0x10, 0x42,
0x2F, 0xFE, 0xA0, 0x8A, 0xED, 0xCB, 0x1A, 0x7F,
0xD3, 0x62, 0x5F, 0x26, 0xB0, 0x34, 0x81, 0x2F,
0xA3, 0x07, 0xAB, 0x2C, 0x20, 0x94, 0x54, 0x65,
0x54, 0x6D, 0x31, 0xA3, 0x41, 0xA4, 0x01, 0x3D,
0x81, 0x89, 0xB4, 0xF5, 0x0F, 0xE8, 0x60, 0xA6,
0x68, 0xDA, 0xC7, 0xB1, 0x03, 0x44, 0x1E, 0x96,
0x1F, 0xCE, 0xB0, 0xC5, 0xB1, 0xF3, 0x4D, 0xF2,
0xE5, 0x98, 0xC6, 0xD8, 0xCF, 0x60, 0xB8, 0x64,
0x15, 0x0C, 0x70, 0x3D, 0x2B, 0xBE, 0xAC, 0x9B,
0x00, 0x1A, 0xA2, 0x10, 0x81, 0x47, 0xAE, 0x6B,
0x8A, 0xAE, 0x2C, 0x77, 0x91, 0xDB, 0xE9, 0x56,
0xC1, 0xF9, 0xB2, 0x04, 0x7A, 0x15, 0x76, 0x09,
0x43, 0x87, 0x06, 0x4C, 0x3A, 0x80, 0x1B, 0x0D,
0x89, 0xC9, 0x96, 0xA5, 0xCF, 0xA3, 0xB0, 0x12,
0xC1, 0x44, 0x38, 0xB9, 0xF3, 0x53, 0x0C, 0x0C,
0x5F, 0xA9, 0x38, 0x9F, 0x10, 0xFB, 0x3E, 0xF1,
0xE2, 0x01, 0x33, 0x38, 0x41, 0x5F, 0x7B, 0x1D,
0xB4, 0x11, 0xAD, 0xF9, 0x1C, 0x73, 0xB6, 0x45,
0x6B, 0x68, 0xAB, 0x7C, 0xFC, 0x7B, 0xC9, 0x29,
0xE4, 0x4E, 0x58, 0xEB, 0x34, 0xCA, 0x10, 0xAE,
0x31, 0xF0, 0x3B, 0x2C, 0x3B, 0xA6, 0xCC, 0xA2,
0x7E, 0xB3, 0x5C, 0xB1, 0x37, 0x9A, 0x13, 0x0A,
0xAC, 0x87, 0xE3, 0xB8, 0x75, 0xCF, 0xE2, 0x53,
0xAF, 0x03, 0xC4, 0xBD, 0x78, 0x3F, 0x18, 0xC5,
0xA2, 0xF8, 0x49, 0x2B, 0xBF, 0x7C, 0x56, 0x87,
0x55, 0x98, 0xB1, 0xB6, 0x3F, 0xE6, 0xCB, 0x06,
0x94, 0xD0, 0x48, 0x0C, 0xA1, 0xC8, 0xF8, 0x86,
0x7C, 0x11, 0xB8, 0xBF, 0x33, 0xA3, 0x2C, 0x20,
0xB7, 0x9F, 0x9C, 0xA4, 0x86, 0x85, 0x86, 0x10,
0xB1, 0x97, 0x83, 0xBE, 0xF7, 0x84, 0xBF, 0x6B,
0x0F, 0x85, 0x8C, 0x1A, 0x79, 0x11, 0x30, 0xDA,
0x69, 0x57, 0xF2, 0x12, 0x23, 0x4E, 0xC9, 0x86,
0x79, 0x81, 0x4B, 0xE8, 0x39, 0xBF, 0x11, 0x0B,
0x45, 0xC1, 0xC8, 0x83, 0xEC, 0xDC, 0x3D, 0xB3,
0xF8, 0x22, 0xA4, 0xF7, 0xC1, 0x25, 0x56, 0x6E,
0xD1, 0x66, 0x35, 0x68, 0xC8, 0x41, 0x3C, 0xD0,
0x1C, 0x22, 0x46, 0x7A, 0xD5, 0x20, 0x1A, 0x0A,
0xDC, 0x76, 0x34, 0x35, 0xA2, 0xCB, 0x05, 0xCD,
0xC4, 0x70, 0x72, 0xA9, 0x43, 0x70, 0xF5, 0xB4,
0x34, 0xF7, 0x5C, 0x07, 0x8B, 0x41, 0x59, 0x93,
0xE8, 0x54, 0xDD, 0xE1, 0x7B, 0xBF, 0x86, 0xC0,
0xC6, 0xC9, 0xA3, 0x24, 0x85, 0x32, 0xD9, 0xC2,
0x13, 0x9E, 0xF3, 0xC7, 0x5A, 0x9B, 0xC6, 0x93,
0x78, 0x10, 0x60, 0xDC, 0xAE, 0x2F, 0xFA, 0x58,
0xD9, 0xCC, 0x54, 0x8F, 0x19, 0xC1, 0xCE, 0x53,
0x64, 0x88, 0x0C, 0x7F, 0xB5, 0x0C, 0xC7, 0xBE,
0x40, 0x53, 0x12, 0xD6, 0xCC, 0x94, 0x03, 0x76,
0x18, 0xF3, 0x88, 0xC4, 0x90, 0xAF, 0x8F, 0x61,
0xB9, 0xB4, 0x04, 0x4C, 0xF7, 0x5A, 0x5C, 0xD7,
0x1A, 0x15, 0x85, 0x3B, 0x5F, 0xD6, 0x22, 0x4C,
0x6B, 0x95, 0x90, 0xE5, 0x85, 0x01, 0xD2, 0x81,
0x42, 0x00, 0xC9, 0x19, 0xF2, 0x83, 0xCC, 0x2B,
0x49, 0xAD, 0x8B, 0xFA, 0x5B, 0xAA, 0xA2, 0x97,
0x7F, 0x03, 0x82, 0x3F, 0x60, 0x9E, 0xFB, 0x24,
0x26, 0xF9, 0x36, 0xC3, 0x02, 0x87, 0x09, 0x7B,
0xD6, 0xB7, 0xBD, 0xC6, 0x78, 0x62, 0x85, 0x88,
0x83, 0xDB, 0x59, 0x54, 0x08, 0x04, 0x29, 0xB9,
0xCD, 0x02, 0xCA, 0x96, 0xBC, 0x1C, 0xCB, 0xDB,
0x51, 0x21, 0xDF, 0xF8, 0x05, 0xB0, 0x82, 0x4A,
0xEE, 0x99, 0x9E, 0x2B, 0xBB, 0x2D, 0x82, 0x35,
0x3E, 0x6D, 0x3A, 0x30, 0x07, 0x92, 0x78, 0x10,
0x58, 0xC5, 0x6E, 0xF7, 0x09, 0x8A, 0xB3, 0x58,
0x4E, 0xA0, 0x62, 0x1E, 0x20, 0x33, 0x7D, 0x3A,
0x97, 0x5D, 0x93, 0xCF, 0x32, 0x58, 0x6D, 0x6A,
0x71, 0xA2, 0xC4, 0xBB, 0xB2, 0x02, 0xB8, 0x53,
0xFF, 0x09, 0xC4, 0x07, 0xB4, 0x3B, 0x1C, 0x19,
0xB1, 0xC4, 0xCC, 0xB8, 0x21, 0x48, 0x2D, 0xDD,
0x27, 0x37, 0x81, 0x77, 0xAA, 0x7F, 0x61, 0x78,
0x49, 0x7C, 0x3F, 0xBA, 0x79, 0x71, 0x53, 0x84,
0x8C, 0x5D, 0x0B, 0x1F, 0x40, 0xB5, 0x4E, 0x9D,
0x51, 0x93, 0x90, 0x4A, 0x30, 0x3F, 0x72, 0x5F,
0x0C, 0xCC, 0x66, 0xC6, 0xCC, 0xB1, 0x58, 0x85,
0x06, 0x05, 0x34, 0x6D, 0xB4, 0x2B, 0x87, 0x7D,
0xD9, 0xCE, 0xA5, 0xF6, 0x9C, 0x12, 0xB2, 0x21,
0xC7, 0xEC, 0x51, 0x00, 0xF7, 0x65, 0x87, 0xB9,
0x83, 0x4B, 0xC0, 0xC6, 0x41, 0x53, 0x8F, 0x83,
0xE8, 0x5B, 0xB3, 0x09, 0x0D, 0xBA, 0xFB, 0xCB,
0x0B, 0x71, 0x18, 0xFF, 0x7C, 0x97, 0xE9, 0x52,
0x63, 0x15, 0x70, 0x41, 0xF8, 0xAC, 0x40, 0x52,
0xD0, 0x40, 0x35, 0x00, 0xCC, 0x4F, 0x68, 0x94,
0x55, 0x97, 0x4C, 0xEB, 0x5B, 0x07, 0x67, 0x90,
0xA0, 0x50, 0xE0, 0xB3, 0xF6, 0x77, 0x2A, 0x77,
0x67, 0x54, 0x1F, 0xF6, 0xB6, 0x7B, 0x2A, 0x1D,
0x54, 0x07, 0x82, 0x06, 0x47, 0x68, 0x8F, 0x36,
0x0A, 0x2B, 0x01, 0x47, 0x37, 0x67, 0x71, 0x29,
0x09, 0xB2, 0x27, 0x65, 0x8B, 0xE6, 0x45, 0x78,
0x48, 0xC4, 0x40, 0x75, 0x71, 0x68, 0x06, 0x18,
0x88, 0x58, 0x9C, 0xB0, 0x5A, 0x99, 0x9E, 0x55,
0x49, 0x67, 0x91, 0xB1, 0x1A, 0xF2, 0x06, 0x6B,
0xB8, 0xCA, 0x74, 0x60, 0x51, 0xC4, 0x68, 0x0A,
0x0B, 0xC0, 0x73, 0x82, 0x41, 0x2A, 0xB8, 0xB8,
0xA3, 0x19, 0xDB, 0xC7, 0x94, 0xDD, 0xC6, 0x94,
0xBF, 0xDB, 0x81, 0x3F, 0x80, 0xB5, 0x8B, 0x72,
0x21, 0x8D, 0xD6, 0x4D, 0xFC, 0xDB, 0xA1, 0xAB,
0x48, 0xA9, 0x4F, 0x7A, 0x8D, 0xCA, 0x92, 0x66,
0xCD, 0x15, 0xA4, 0x2D, 0x9B, 0xA5, 0xFB, 0x67,
0x67, 0xA9, 0x55, 0x52, 0x6C, 0x05, 0x0D, 0xE2,
0x59, 0x8B, 0x11, 0x2A, 0x2B, 0x10, 0x3A, 0xA2,
0xD1, 0xF0, 0x60, 0x6F, 0xE6, 0x8A, 0x55, 0x19,
0x1E, 0xF5, 0x3B, 0x30, 0x2F, 0x7C, 0x19, 0x22,
0xC3, 0x01, 0xCE, 0xEA, 0x98, 0x9A, 0x62, 0x13,
0x40, 0x90, 0xA8, 0x60, 0x76, 0x77, 0x6F, 0xA4,
0x46, 0x27, 0xB7, 0x31, 0x63, 0x86, 0x57, 0x6A,
0x67, 0x81, 0x75, 0xB2, 0x18, 0xE6, 0xF4, 0x82,
0xB5, 0x2B, 0xC6, 0x02, 0x7B, 0xBE, 0xB3, 0x46,
0x98, 0xB9, 0x80, 0x2F, 0xD6, 0x76, 0x34, 0xC1,
0xA9, 0x4D, 0xD4, 0xC5, 0xCD, 0x49, 0xEC, 0x6E,
0x2D, 0x66, 0x5F, 0x72, 0x77, 0x81, 0xD1, 0xEC,
0x10, 0xAA, 0xF6, 0x6A, 0xD8, 0x27, 0x9B, 0x9B,
0xF2, 0x4C, 0x99, 0xE8, 0x75, 0xEC, 0x94, 0x35,
0x2D, 0x96, 0x05, 0xFA, 0x30, 0xCB, 0x3D, 0x8B,
0x26, 0x86, 0xB0, 0x39, 0x71, 0xA7, 0x60, 0xB3,
0x05, 0x3B, 0x34, 0x34, 0x6D, 0x0D, 0x71, 0xB4,
0x4D, 0x8B, 0x7D, 0x2E, 0xA6, 0x1A, 0x5C, 0x10,
0xA9, 0x33, 0xD3, 0x8B, 0xA4, 0x83, 0x36, 0x71,
0x11, 0x74, 0x54, 0x61, 0x47, 0xD4, 0x4B, 0x29,
0x14, 0xF8, 0x56, 0x89, 0xD9, 0xC1, 0xBF, 0x00,
0x37, 0xC7, 0xF7, 0x37, 0x7C, 0xD9, 0x30, 0xCF,
0xF6, 0x0F, 0x84, 0xB0, 0xA2, 0x00, 0x5D, 0x3E,
0xFE, 0x55, 0xC7, 0x31, 0x1B, 0x1B, 0x61, 0x32,
0x76, 0x8B, 0x52, 0x90, 0xD8, 0x36, 0xB8, 0x2B,
0xC4, 0x43, 0xC3, 0x2B, 0x4F, 0xEC, 0x96, 0x02,
0x19, 0xDB, 0x21, 0x32, 0xF7, 0x99, 0x0A, 0xD6,
0x84, 0xA3, 0x72, 0x9F, 0x3D, 0x1A, 0x2C, 0xEA,
0x3A, 0x1F, 0xE4, 0xB1, 0x26, 0x75, 0xC4, 0x89,
0xEF, 0x33, 0x19, 0x8F, 0x01, 0xA1, 0x06, 0x80,
0x6E, 0xFC, 0xE8, 0x92, 0x1D, 0xC4, 0x6E, 0x97,
0x1C, 0x0A, 0x0A, 0x56, 0x4A, 0xF9, 0xE5, 0x6C,
0xA7, 0x27, 0xA7, 0x64, 0x1C, 0x56, 0x8C, 0x95,
0xAA, 0x59, 0x56, 0x91, 0x0B, 0x28, 0x84, 0x29,
0xF8, 0x0E, 0xE7, 0x22, 0x6E, 0x9D, 0xC4, 0x06,
0x7E, 0x34, 0x94, 0x4F, 0x06, 0x92, 0x6D, 0x44,
0xB2, 0xCF, 0x87, 0x64, 0xF7, 0x13, 0x59, 0x3B,
0x44, 0x29, 0xF8, 0x2B, 0x8F, 0xCC, 0x60, 0x77,
0x98, 0x91, 0x6B, 0x81, 0x5B, 0x90, 0x98, 0x33,
0x0E, 0xC3, 0x34, 0x29, 0x0D, 0xB8, 0xC0, 0x4B,
0x08, 0x3D, 0xF3, 0xCA, 0x10, 0xCE, 0x35, 0x75,
0x07, 0x30, 0x28, 0xE9, 0x94, 0xA2, 0x5B, 0xE7,
0x28, 0x78, 0x49, 0x2F, 0xE1, 0xB6, 0x96, 0xBA,
0x5C, 0xB1, 0xA7, 0x73, 0x19, 0x3A, 0x3B, 0x28,
0xA4, 0xF4, 0x40, 0xAE, 0x58, 0x2D, 0xC7, 0xC2,
0x4F, 0xE7, 0x45, 0x1D, 0x66, 0x76, 0x23, 0x2B,
0xB9, 0x61, 0xC5, 0x04, 0x0C, 0x9E, 0x52, 0x01,
0xAA, 0xF3, 0xCD, 0x4D, 0xE4, 0x0A, 0xD5, 0xA9,
0x57, 0x8A, 0xF5, 0x28, 0x10, 0xB5, 0x93, 0xE9,
0x81, 0x5E, 0x23, 0xF6, 0x3F, 0x56, 0x40, 0x61,
0xA4, 0x84, 0x07, 0x21, 0x3A, 0xA1, 0xB0, 0x90,
0x8F, 0x4B, 0x17, 0x4F, 0x86, 0xD5, 0x73, 0xFA,
0x04, 0x38, 0x64, 0x98, 0xBE, 0x68, 0x39, 0x8E,
0x8D, 0x72, 0x0D, 0x27, 0x81, 0x11, 0xD8, 0xB1,
0x73, 0x03, 0x60, 0x2A, 0x96, 0xE3, 0x5F, 0x56,
0xFB, 0x25, 0x17, 0x3C, 0x4F, 0x4A, 0x03, 0xCA,
0x2A, 0xC9, 0xBF, 0x79, 0xDC, 0xAB, 0x76, 0x4B,
0xCE, 0x44, 0x10, 0x40, 0x1E, 0x10, 0x13, 0xE6,
0x52, 0x8C, 0xCC, 0x51, 0x13, 0x35, 0x85, 0x77,
0xDA, 0x83, 0x75, 0xE0, 0x23, 0x43, 0x10, 0x8C,
0x29, 0x24, 0xD2, 0x55, 0x1E, 0x5C, 0xC5, 0xA1,
0xB0, 0x4D, 0xEF, 0x88, 0x32, 0x4D, 0x85, 0x4F,
0xC9, 0x2C, 0x4A, 0xDF, 0x7C, 0x23, 0x01, 0x33,
0x7E, 0x45, 0x20, 0xBF, 0xC3, 0x65, 0x56, 0x6F,
0x66, 0x09, 0x2E, 0x36, 0x7A, 0xE6, 0x06, 0x12,
0x74, 0x46, 0x53, 0xC1, 0xEB, 0x47, 0xF0, 0x82,
0x09, 0x51, 0xA2, 0xA1, 0x4C, 0x42, 0x59, 0x09,
0x34, 0x0D, 0x87, 0x27, 0x18, 0x8E, 0xAA, 0x08,
0xE4, 0x86, 0x78, 0x98, 0x48, 0x76, 0xD0, 0x00,
0x8D, 0xAE, 0x99, 0x01, 0x5B, 0x36, 0x63, 0xFD,
0xCB, 0x72, 0x57, 0x41, 0x53, 0x0B, 0xC3, 0x89,
0x5B, 0x11, 0x62, 0x0C, 0xE3, 0xB4, 0x17, 0xA3,
0x20, 0xE1, 0x88, 0x13, 0xB9, 0x9C, 0x23, 0x5A,
0xC0, 0x6F, 0x55, 0x60, 0x0F, 0x98, 0x38, 0x82,
0xBF, 0xF0, 0x02, 0x36, 0x10, 0x7B, 0x50, 0x42,
0x54, 0x5B, 0x6B, 0x77, 0x58, 0x68, 0xAE, 0xFB,
0x79, 0xB5, 0x95, 0x59, 0x69, 0x02, 0xC6, 0x9B,
0x9E, 0xCA, 0x3D, 0x35, 0x8C, 0x61, 0xFE, 0xE0,
0x36, 0xD2, 0x18, 0xAC, 0x43, 0xBA, 0x3F, 0x52,
0xC0, 0x6A, 0x8F, 0x88, 0x1A, 0x7E, 0xD7, 0x03,
0x86, 0x14, 0x2C, 0xBA, 0xC5, 0xCC, 0x04, 0xFC,
0xC3, 0x1E, 0x16, 0x27, 0x76, 0x51, 0xCE, 0x2D,
0xCC, 0x50, 0x14, 0xF6, 0xBA, 0x5A, 0x91, 0x5C,
0x13, 0x38, 0x83, 0x4E, 0xF4, 0x74, 0xB6, 0x71,
0x59, 0x13, 0xBC, 0x7A, 0x4E, 0x59, 0x3C, 0x68,
0x87, 0x66, 0xAD, 0xD7, 0x06, 0x98, 0xB3, 0x7E,
0x06, 0xE5, 0x39, 0x15, 0xF3, 0x85, 0x38, 0x8C,
0x25, 0xC4, 0x26, 0x5E, 0x1C, 0xB4, 0x4F, 0xE3,
0xD0, 0x19, 0xD1, 0x21, 0xAE, 0x4C, 0x32, 0x43,
0x4F, 0x37, 0xB0, 0xA4, 0xCB, 0x69, 0xC7, 0xCC,
0x95, 0x70, 0x73, 0x50, 0xC3, 0x49, 0x3D, 0x0F,
0xB1, 0x1C, 0xD4, 0xD0, 0x9F, 0x29, 0xDC, 0x56,
0xC0, 0x7B, 0xC8, 0xEB, 0x0B, 0xD0, 0x08, 0x2B,
0x41, 0x44, 0x21, 0x45, 0x66, 0x3C, 0x21, 0xAB,
0x43, 0x34, 0x67, 0xB9, 0x5E, 0xC2, 0x47, 0x84,
0x23, 0xC1, 0x8B, 0xF2, 0xEC, 0x70, 0x3E, 0xFB,
0xA2, 0x8C, 0xDA, 0xBD, 0x42, 0xB7, 0xB8, 0x33,
0x15, 0x0D, 0x6D, 0xA2, 0x5E, 0xB0, 0x0A, 0x83,
0x28, 0x90, 0x2E, 0x2D, 0x08, 0x9B, 0x55, 0xD6,
0x9A, 0xAD, 0x9A, 0x94, 0xD8, 0x18, 0x26, 0x4C,
0x54, 0xB0, 0x4D, 0x61, 0x4D, 0x14, 0x7A, 0x30,
0xAB, 0xFC, 0x03, 0xD9, 0x92, 0x9D, 0x96, 0xBA,
0x7F, 0x81, 0x86, 0x5D, 0xA3, 0x53, 0xC4, 0x54,
0xBA, 0x7A, 0xA7, 0x88, 0x1A, 0xB9, 0x74, 0xC1,
0xB8, 0xF0, 0x83, 0x1E, 0x79, 0xC4, 0x41, 0x86,
0x64, 0xE9, 0x53, 0xA5, 0x4D, 0xE9, 0x32, 0x13,
0x69, 0x72, 0x81, 0x34, 0x1D, 0x37, 0xF5, 0x08,
0xE8, 0xCB, 0xAE, 0x3D, 0x81, 0x85, 0x05, 0x45,
0x67, 0xDE, 0xFC, 0x8E, 0x3B, 0xBC, 0xAA, 0x42,
0x47, 0x90, 0x7C, 0x48, 0x3B, 0x8F, 0x1B, 0x84,
0xB3, 0x24, 0xC1, 0xA7, 0xCA, 0x84, 0x42, 0xDB,
0x6B, 0x7B, 0x12, 0x8C, 0x83, 0x13, 0xBE, 0x1F,
0xE2, 0x57, 0x91, 0x20, 0x9B, 0x86, 0x4A, 0x3E,
0x1A, 0x61, 0x8D, 0x56, 0xD7, 0x10, 0xD6, 0xF3,
0xBF, 0x55, 0x95, 0x10, 0x16, 0x7C, 0x46, 0x4C,
0x6B, 0x9B, 0x8B, 0xC4, 0x90, 0xB8, 0xE0, 0x39,
0x25, 0xD0, 0x3D, 0x0E, 0xEB, 0x5D, 0x78, 0x17,
0x94, 0x28, 0xBB, 0x80, 0xD3, 0xFB, 0x14, 0x88,
0x40, 0x70, 0x9C, 0x41, 0x14, 0x7A, 0x68, 0x6F,
0xC9, 0xBC, 0xBD, 0xCD, 0xF7, 0xC7, 0xEA, 0x7C,
0x30, 0xFB, 0x64, 0x0F, 0xF0, 0x5B, 0x75, 0x39,
0xAB, 0xAB, 0x70, 0x89, 0x29, 0x08, 0xE9, 0x3C,
0xC9, 0xC3, 0x47, 0xF8, 0xAC, 0x88, 0x9E, 0x56,
0x46, 0x8A, 0x13, 0x5B, 0x99, 0x75, 0x47, 0x38,
0xE1, 0x5F, 0x4E, 0x67, 0x7D, 0xF3, 0x75, 0xBF,
0x1B, 0x43, 0x60, 0x6A, 0x2C, 0x47, 0x38, 0x0B,
0x10, 0xA0, 0xC1, 0x4C, 0x28, 0x58, 0x3C, 0x83,
0x31, 0x1A, 0x28, 0x54, 0xB2, 0xA9, 0x93, 0x1F,
0xD6, 0x60, 0x86, 0xC1, 0x07, 0x49, 0xF3, 0x34,
0x57, 0x7F, 0xD7, 0x0B, 0x51, 0xB9, 0x50, 0x60,
0x07, 0x51, 0x99, 0x31, 0x9B, 0x3F, 0x7C, 0xB5,
0xB2, 0x37, 0x30, 0x2C, 0x37, 0x0A, 0x23, 0x17,
0x5E, 0x4E, 0x01, 0x3C, 0x56, 0x28, 0x1B, 0xAF,
0xE2, 0xBE, 0x9F, 0x82, 0x5A, 0x30, 0x66, 0xAB,
0x8B, 0xBA, 0x57, 0x93, 0xE2, 0x1E, 0x7A, 0x48,
0x97, 0x8C, 0xF6, 0x0C, 0x09, 0x1B, 0x1F, 0x80,
0xC0, 0xC2, 0x38, 0x14, 0xA3, 0x0F, 0x77, 0x60,
0x60, 0x1A, 0xCE, 0xAB, 0xB1, 0x21, 0x52, 0x00,
0x94, 0x0F, 0xFA, 0x15, 0x22, 0x72, 0x09, 0x6D,
0x45, 0x8D, 0x00, 0xDD, 0x03, 0x9F, 0x23, 0x6B,
0x27, 0x27, 0xB5, 0x88, 0xC6, 0x22, 0x04, 0xE7,
0x9C, 0x45, 0x16, 0x81, 0xDF, 0xE4, 0x10, 0xEE,
0xC4, 0x2B, 0x74, 0x94, 0x5A, 0xEC, 0x03, 0x13,
0xA3, 0x91, 0x94, 0x2A, 0xE1, 0xB1, 0x22, 0x17,
0x4D, 0xBE, 0x59, 0xAB, 0x1E, 0x39, 0x0C, 0xD6,
0x49, 0x41, 0x43, 0x6C, 0x75, 0xA9, 0x32, 0x3C,
0x69, 0xA6, 0x41, 0x88, 0x08, 0x70, 0xFB, 0xB2,
0x80, 0xB3, 0xB3, 0x7B, 0x3B, 0xD9, 0x82, 0xB8,
0x29, 0x55, 0x62, 0x0B, 0x07, 0x83, 0xB8, 0x2E,
0x89, 0x61, 0xA4, 0x04, 0x3B, 0xC7, 0xF6, 0x6C,
0x0E, 0xF2, 0x5A, 0x5E, 0xD1, 0x53, 0x26, 0xF8,
0x81, 0x6E, 0x5E, 0xA4, 0x16, 0x7E, 0xE8, 0xBF,
0x66, 0x66, 0x45, 0x1D, 0x31, 0x5B, 0x2C, 0x75,
0x14, 0x41, 0x17, 0x2C, 0x27, 0x83, 0x00, 0x26,
0x82, 0x61, 0xC7, 0x8C, 0x6F, 0x0C, 0x46, 0x56,
0x27, 0x79, 0xB3, 0xA1, 0x19, 0x6F, 0x87, 0x83,
0x5F, 0x79, 0xFC, 0xB7, 0xE0, 0xCB, 0xA1, 0x53,
0x36, 0xCC, 0x83, 0xE1, 0x56, 0xC5, 0x02, 0x28,
0x87, 0xA8, 0x09, 0x86, 0xB4, 0x9C, 0x1B, 0x57,
0x65, 0x94, 0xA2, 0x31, 0x42, 0x62, 0x4A, 0xBF,
0x52, 0x48, 0x22, 0x41, 0x8C, 0x61, 0x01, 0x90,
0x52, 0x62, 0x80, 0x65, 0x72, 0x49, 0x4D, 0x37,
0x53, 0xC0, 0x62, 0x81, 0xE7, 0xF1, 0x7E, 0x0D,
0x79, 0x6C, 0xD7, 0x76, 0x7F, 0xDC, 0xE9, 0x01,
0xFE, 0x17, 0x12, 0xA0, 0x0A, 0x3D, 0x36, 0xEB,
0x42, 0x3E, 0x29, 0x86, 0x88, 0x46, 0x93, 0x2A,
0x94, 0x31, 0xB8, 0xCA, 0x66, 0x0F, 0xC1, 0x97,
0x5E, 0x23, 0xA7, 0x5B, 0x4A, 0x51, 0xDE, 0x10,
0x69, 0xD3, 0xA5, 0x9F, 0x6E, 0xEB, 0x2A, 0x5C,
0xE7, 0x2A, 0x89, 0x16, 0xB5, 0xE8, 0x63, 0x47,
0x6E, 0x6A, 0xC5, 0x72, 0x92, 0x9F, 0x2C, 0x29,
0xBC, 0x56, 0x27, 0xBA, 0x99, 0x41, 0x63, 0xCE,
0xD3, 0x5A, 0xB7, 0x03, 0x1C, 0x00, 0x49, 0x07,
0x24, 0x55, 0x5A, 0xCD, 0xE6, 0x13, 0xAE, 0xB4,
0xC3, 0xE9, 0x99, 0x81, 0xC6, 0x2B, 0x5D, 0xC6,
0xA9, 0xB3, 0x5B, 0xA7, 0x92, 0x20, 0x24, 0x36,
0x89, 0xE0, 0x59, 0x49, 0x96, 0x85, 0x7C, 0x04,
0x5D, 0x67, 0x19, 0x3D, 0x9E, 0x41, 0x1B, 0x4F,
0xF3, 0x9D, 0x0F, 0x8C, 0x3C, 0x0A, 0x70, 0xAD,
0xB7, 0x2A, 0x70, 0x21, 0xE3, 0x6D, 0x64, 0xFB,
0x29, 0x4D, 0x93, 0x2B, 0x24, 0xE1, 0xA2, 0xBC,
0x0B, 0xC4, 0x1C, 0x4A, 0xA3, 0xB5, 0xEC, 0x3C,
0xF0, 0xE6, 0x72, 0xDE, 0x14, 0x0F, 0x48, 0x47,
0x33, 0xFD, 0x82, 0xBF, 0x08, 0x29, 0x34, 0xB5,
0x40, 0xA6, 0x35, 0xC4, 0x48, 0x98, 0xE8, 0xAB,
0x8E, 0x06, 0x45, 0x70, 0x5A, 0xA5, 0x81, 0x71,
0x8B, 0x41, 0x32, 0xC4, 0x27, 0x92, 0x7F, 0xAE,
0x75, 0xBF, 0x96, 0x16, 0xA5, 0x42, 0x4C, 0x20,
0x20, 0xEB, 0xC5, 0xCF, 0xC1, 0xBC, 0x0E, 0xD1,
0x65, 0x3A, 0xE5, 0x00, 0x5A, 0x17, 0x54, 0x18,
0x16, 0x20, 0xB7, 0xF0, 0x6D, 0x71, 0x63, 0x13,
0x03, 0x3B, 0xB7, 0x2A, 0x40, 0x64, 0x7A, 0xDB,
0x2E, 0x66, 0x73, 0x70, 0xF2, 0xC7, 0x4F, 0xDB,
0x94, 0x42, 0x0D, 0xA4, 0x8D, 0xD1, 0x37, 0x9D,
0xBA, 0x59, 0xAA, 0x22, 0xF8, 0x57, 0xE2, 0x31,
0xC5, 0xC0, 0x83, 0x29, 0x00, 0x66, 0xC5, 0x48,
0x76, 0x1B, 0xDF, 0x38, 0x5F, 0x2F, 0x85, 0x81,
0x7B, 0x21, 0x20, 0x66, 0xD3, 0x9F, 0x03, 0xB7,
0x7F, 0x8E, 0xF4, 0x12, 0x19, 0xE4, 0xBF, 0xB9,
0xC1, 0x2E, 0x4F, 0xC9, 0x88, 0x00, 0x57, 0x1D,
0x22, 0x3A, 0xA9, 0x2A, 0x32, 0xC7, 0xA3, 0xC2,
0xA7, 0xCF, 0x9C, 0x99, 0x5A, 0xE0, 0xA7, 0xB5,
0x93, 0x91, 0xFE, 0x9A, 0x4F, 0x0D, 0x63, 0x3B,
0xFB, 0x79, 0x8C, 0x34, 0xB7, 0x2B, 0xBA, 0x6A,
0x9F, 0x16, 0xC4, 0x13, 0x2E, 0x88, 0xB5, 0x70,
0x75, 0x8B, 0xD5, 0x51, 0xC9, 0x1B, 0xD2, 0xAD,
0xEB, 0x53, 0xA7, 0x2A, 0xC6, 0xAA, 0x03, 0x68,
0x9D, 0xD6, 0x4B, 0x03, 0x57, 0x09, 0xA8, 0xAF,
0x46, 0x85, 0x43, 0xCB, 0x17, 0x36, 0xDB, 0xC9,
0xC7, 0x2B, 0x52, 0x9E, 0x70, 0x59, 0x6D, 0x18,
0xB1, 0x9C, 0xA6, 0x8E, 0x61, 0x7A, 0x14, 0x7C,
0x18, 0x9D, 0x28, 0x3A, 0x77, 0x68, 0x8C, 0xAF,
0x94, 0xDA, 0x5A, 0x0E, 0x9B, 0x63, 0x18, 0x1A,
0x40, 0xBB, 0xE7, 0xBD, 0x41, 0x68, 0xA2, 0x4D,
0x27, 0x43, 0x19, 0xA9, 0x93, 0xBC, 0xEA, 0x8A,
0xBF, 0x50, 0x5F, 0xE8, 0x62, 0x12, 0x96, 0x92,
0xB5, 0xBD, 0xE8, 0x49, 0xF3, 0x6A, 0xC9, 0x2F,
0x71, 0x71, 0xE5, 0x38, 0x59, 0x31, 0x36, 0x04,
0xEA, 0xC1, 0x0B, 0xE2, 0x78, 0x6F, 0xF3, 0x85,
0xB9, 0xC7, 0x18, 0x15, 0x48, 0x18, 0x77, 0x2F,
0xA7, 0xB8, 0x99, 0xC0, 0x4E, 0xFD, 0x18, 0xA8,
0x01, 0x9A, 0x79, 0xB6, 0xF6, 0x4D, 0x5B, 0x9A,
0x2C, 0x55, 0xE7, 0x84, 0xCB, 0x47, 0xCA, 0x29,
0x48, 0x56, 0x68, 0x9A, 0xA6, 0xA7, 0x0C, 0xC2,
0x7B, 0x6C, 0x20, 0xD4, 0xD1, 0xC7, 0x29, 0xC4,
0x09, 0xD0, 0xB9, 0x25, 0xC4, 0x0C, 0x30, 0xC0,
0x77, 0x78, 0x15, 0x07, 0x77, 0x49, 0x48, 0x8B,
0x8D, 0xF0, 0x39, 0x06, 0x95, 0xAB, 0xDB, 0x04,
0x8C, 0x7C, 0xE1, 0x85, 0x36, 0x02, 0xA5, 0x4D,
0x15, 0x3C, 0xF2, 0xA5, 0x16, 0x17, 0x84, 0x7B,
0x11, 0xE6, 0x3C, 0x4C, 0x76, 0x19, 0x66, 0xD5,
0xAD, 0x93, 0x35, 0x0D, 0xBA, 0xDA, 0x4A, 0x15,
0xC1, 0x24, 0xBD, 0x80, 0x88, 0x71, 0x99, 0x3F,
0xC7, 0x75, 0xB6, 0xE4, 0x10, 0xC3, 0x86, 0x59,
0x0F, 0x73, 0x0A, 0x8E, 0xC9, 0x47, 0x5E, 0xEE,
0x91, 0x50, 0x39, 0xE9, 0x1B, 0x6F, 0xE4, 0x25,
0xB9, 0x06, 0x68, 0xC6, 0xAC, 0x52, 0x58, 0xB7,
0xAF, 0x10, 0x3B, 0x9F, 0x5E, 0x23, 0x0B, 0x71,
0x9B, 0xBB, 0x09, 0x87, 0x1D, 0xC1, 0x62, 0x15,
0x17, 0xBA, 0x2A, 0x83, 0x9C, 0x96, 0xAA, 0xA6,
0x44, 0x0A, 0x87, 0x5E, 0xAC, 0x90, 0xB2, 0x98,
0xD6, 0x1B, 0xD3, 0xF3, 0xAC, 0x89, 0xB4, 0x05,
0xDB, 0x39, 0x42, 0x32, 0x68, 0x6A, 0x2B, 0xE0,
0xF3, 0xC7, 0x5F, 0x15, 0xE6, 0x4E, 0x61, 0xF0,
0x70, 0x79, 0x1E, 0xB4, 0xBB, 0x97, 0xB7, 0x01,
0x98, 0x25, 0xF1, 0x17, 0xC7, 0xD7, 0x3A, 0x12,
0xFD, 0x3D, 0xCC, 0x22, 0xD5, 0x81, 0xB0, 0xE4,
0x1B, 0x78, 0x63, 0x74, 0xA4, 0x61, 0xEA, 0x0D,
0x88, 0xDA, 0xA8, 0x9B, 0x65, 0x9F, 0x0D, 0xC8,
0x24, 0x43, 0x42, 0x35, 0x15, 0xB6, 0x33, 0xB0,
0x05, 0xC9, 0x58, 0xEC, 0x26, 0x56, 0x1B, 0x6D,
0xB8, 0x18, 0xF4, 0xB8, 0xCB, 0x2E, 0x28, 0x99,
0x0E, 0x74, 0x84, 0x17, 0x58, 0x7F, 0xEC, 0x38,
0xA1, 0x28, 0x4B, 0xBB, 0x4F, 0xF9, 0xE4, 0x78
};
static const byte c_1024[KYBER1024_CIPHER_TEXT_SIZE] = {
0x61, 0xFF, 0x1A, 0x8B, 0x61, 0x17, 0xEF, 0x11,
0x83, 0x28, 0xE8, 0x8B, 0x32, 0x27, 0x99, 0x30,
0x14, 0xDC, 0xD0, 0x75, 0xB8, 0xA1, 0xA7, 0xF9,
0x80, 0x18, 0x93, 0xEE, 0xE6, 0x40, 0x5B, 0xB9,
0x60, 0xB6, 0xB7, 0xF6, 0xA1, 0xA2, 0x75, 0x18,
0xA3, 0x40, 0x91, 0x39, 0xA4, 0x8B, 0x85, 0x96,
0x81, 0xCC, 0x75, 0x8F, 0x2B, 0xCC, 0x3E, 0xEF,
0xB0, 0x43, 0x94, 0xA3, 0x75, 0xA5, 0xCD, 0x71,
0x31, 0x64, 0x90, 0x93, 0x8A, 0xBF, 0xD1, 0x94,
0xB2, 0x0B, 0xCD, 0x31, 0xB3, 0x98, 0x02, 0x61,
0xC9, 0xED, 0x69, 0xBF, 0x9B, 0x1D, 0x7D, 0x76,
0x59, 0xA8, 0x04, 0x0D, 0xB1, 0xE2, 0x5D, 0x2B,
0xA6, 0xF7, 0x03, 0x48, 0x66, 0x24, 0xB7, 0x3C,
0xAC, 0xDC, 0xA2, 0x7D, 0xB0, 0xF7, 0xE2, 0x40,
0x8C, 0x94, 0x48, 0xE3, 0x88, 0x73, 0x28, 0x0F,
0x5E, 0x99, 0x50, 0xD7, 0xCC, 0xE2, 0x52, 0xA6,
0x47, 0x58, 0x0C, 0x19, 0x90, 0x4F, 0xAD, 0x62,
0xAE, 0xC3, 0x00, 0xBC, 0x8E, 0x38, 0xF0, 0x59,
0x48, 0xB6, 0x3B, 0xAD, 0x5C, 0xE7, 0xC9, 0x0E,
0x40, 0xC4, 0xBC, 0x65, 0x11, 0x77, 0x61, 0xF5,
0xF8, 0x86, 0x8F, 0x80, 0x25, 0xD6, 0xCE, 0xB2,
0xC5, 0xDF, 0x60, 0xDE, 0x38, 0xC3, 0x23, 0x29,
0x22, 0x08, 0x7E, 0xFC, 0xF2, 0xCD, 0x95, 0xDE,
0x5E, 0x87, 0xB6, 0x88, 0x8B, 0x88, 0xC8, 0x6C,
0xC7, 0x83, 0x15, 0x58, 0x5B, 0x2C, 0xC6, 0x88,
0xA7, 0x1B, 0x47, 0x7B, 0xFA, 0x38, 0x8D, 0xC2,
0x33, 0x4D, 0xFA, 0x8A, 0xA9, 0x55, 0x03, 0xD5,
0x39, 0x7E, 0x2A, 0xE0, 0x35, 0x29, 0x03, 0xEA,
0x6A, 0x0A, 0xE8, 0xB6, 0x49, 0xA9, 0x14, 0xB3,
0x52, 0x5F, 0xE5, 0x8F, 0x56, 0x4B, 0xF1, 0x9C,
0xC0, 0x9F, 0x54, 0xE1, 0x05, 0xD1, 0x9B, 0xD8,
0x10, 0x54, 0xE5, 0x70, 0x01, 0xF7, 0x0B, 0xBD,
0xD7, 0x71, 0x94, 0x49, 0x68, 0x7E, 0x9A, 0x53,
0xB1, 0x6C, 0xA5, 0x36, 0x6A, 0x19, 0x10, 0x5A,
0x8B, 0xA0, 0x85, 0x89, 0xAD, 0x08, 0xDF, 0x13,
0x00, 0xEF, 0x4F, 0x92, 0x3B, 0xA9, 0xE7, 0x62,
0xA8, 0x2F, 0xB0, 0x9B, 0x76, 0xE1, 0x25, 0xF2,
0xF2, 0x74, 0xD6, 0x17, 0xBF, 0x30, 0xEA, 0xB4,
0x65, 0xEC, 0xF2, 0x4D, 0x37, 0x07, 0xAD, 0x30,
0x0D, 0x9A, 0xFC, 0x1C, 0xF1, 0xDC, 0x40, 0xEE,
0x7D, 0x4E, 0xEA, 0x6D, 0x15, 0x0E, 0x6F, 0x0A,
0x31, 0xDB, 0x9F, 0x8F, 0x92, 0xBA, 0x8E, 0xEE,
0xB3, 0x5D, 0x74, 0x45, 0x58, 0x9B, 0x04, 0x6B,
0xA7, 0x9E, 0xFE, 0x23, 0x11, 0x06, 0xCF, 0x0A,
0x75, 0x71, 0x2A, 0xB3, 0x92, 0x72, 0x4C, 0x53,
0xEF, 0xF9, 0xF5, 0x73, 0x3B, 0xEE, 0x0D, 0x6A,
0x44, 0xD0, 0xB6, 0xF5, 0x15, 0xD0, 0xF5, 0xE4,
0x0B, 0x1B, 0x1E, 0x17, 0xE6, 0x7A, 0xED, 0x3C,
0x81, 0xD0, 0x0A, 0xC4, 0x68, 0xA2, 0x8F, 0x84,
0x53, 0xD4, 0xB0, 0xDA, 0x80, 0x9E, 0x57, 0xD8,
0x23, 0xF2, 0x8D, 0x61, 0xED, 0x0B, 0x59, 0xA0,
0x8C, 0x62, 0x29, 0x72, 0xD9, 0x91, 0x79, 0xDA,
0x86, 0x36, 0xC4, 0x5F, 0x1C, 0xE8, 0xF6, 0x25,
0x2A, 0xC8, 0x6D, 0x91, 0xB5, 0xE9, 0x29, 0x97,
0x01, 0x4E, 0x3F, 0x50, 0x89, 0xE6, 0x8B, 0xC5,
0x2C, 0xED, 0x5D, 0xAE, 0x6D, 0x5B, 0x17, 0x5F,
0xE2, 0xD6, 0x19, 0x28, 0x46, 0x50, 0x59, 0x72,
0x4C, 0x83, 0x59, 0x02, 0xD7, 0x61, 0x2C, 0xDB,
0x69, 0xCD, 0xAC, 0x66, 0x4F, 0xC1, 0xC9, 0xCB,
0x11, 0x20, 0x3A, 0x8C, 0x7B, 0x71, 0x48, 0x6E,
0x97, 0xB7, 0xD1, 0xBC, 0x6A, 0x98, 0xF4, 0x93,
0xDC, 0xBE, 0xC8, 0xE6, 0x29, 0x55, 0x8E, 0xD3,
0x61, 0x09, 0x12, 0x93, 0xD1, 0xB5, 0xD2, 0x09,
0x6C, 0xEB, 0x9F, 0xC7, 0xAF, 0xEE, 0x71, 0xDB,
0x7C, 0xCF, 0xE4, 0x82, 0xB6, 0x8A, 0x19, 0x64,
0x29, 0xFF, 0x04, 0xD1, 0x59, 0x03, 0xE7, 0xA7,
0x5C, 0x7B, 0xB5, 0xF6, 0x22, 0xC3, 0x69, 0x71,
0x69, 0x45, 0x59, 0xFF, 0x07, 0xDF, 0xAA, 0x79,
0xE4, 0x1C, 0x36, 0x2B, 0x22, 0x64, 0x3C, 0xD3,
0x9B, 0xD9, 0xE1, 0xD3, 0xD6, 0xC2, 0xA3, 0x06,
0xB5, 0xF1, 0x10, 0x2C, 0x26, 0x6E, 0xEE, 0x67,
0xDC, 0xDA, 0xCF, 0x36, 0x69, 0x7A, 0x83, 0x6F,
0x20, 0x38, 0x38, 0xEC, 0x11, 0x03, 0x08, 0xC9,
0x0A, 0x3D, 0x01, 0x57, 0x0C, 0xB3, 0x66, 0x8A,
0xBA, 0x50, 0x34, 0x0E, 0x40, 0xF5, 0x4C, 0xFA,
0x6A, 0x9E, 0x88, 0x62, 0x53, 0x2F, 0x5F, 0x19,
0x84, 0x8A, 0xA1, 0x1F, 0xD3, 0x4F, 0xC8, 0x6B,
0x7F, 0xCB, 0x16, 0x37, 0xF4, 0xE5, 0xA1, 0xD0,
0x3A, 0xFC, 0xE4, 0x41, 0x24, 0xE4, 0xE4, 0x60,
0xB8, 0x4C, 0x63, 0x49, 0x6A, 0xDE, 0xD5, 0x58,
0x01, 0xDF, 0x25, 0x17, 0xA9, 0x0A, 0xB0, 0x61,
0xC8, 0xE6, 0x3A, 0xB6, 0xB1, 0x4B, 0xE1, 0x69,
0x4D, 0x6F, 0x38, 0x9D, 0xD8, 0x5F, 0x56, 0x39,
0xC5, 0x78, 0x3A, 0xFC, 0xA0, 0x14, 0x6E, 0x6A,
0x1E, 0xB0, 0xC4, 0x05, 0x63, 0xC1, 0x37, 0x01,
0x0D, 0xB6, 0x0B, 0xBC, 0x3D, 0x63, 0x74, 0xD6,
0xF3, 0xA8, 0x92, 0xDE, 0xBC, 0x06, 0x47, 0x01,
0xC6, 0x4B, 0xEC, 0xCB, 0x8E, 0x2C, 0x33, 0xB7,
0x40, 0xCC, 0x7E, 0xD4, 0x9D, 0x10, 0x8A, 0x8C,
0x46, 0x56, 0x81, 0x8D, 0xF5, 0xF7, 0xD9, 0x1E,
0xAA, 0xA4, 0x46, 0xAC, 0x6C, 0xCD, 0xE3, 0x0C,
0x6D, 0x3D, 0x1B, 0xF6, 0x6E, 0x4E, 0x3B, 0x7B,
0x6B, 0x81, 0xE3, 0xCB, 0x17, 0x22, 0x7F, 0x80,
0xDB, 0x00, 0x96, 0xE6, 0xBE, 0x7D, 0x85, 0x9C,
0x09, 0x71, 0x37, 0x49, 0xFC, 0xA2, 0x15, 0x30,
0xFE, 0x1A, 0x71, 0x6E, 0xBE, 0x32, 0x55, 0x04,
0x31, 0x9B, 0xD0, 0xEA, 0x2A, 0x7D, 0x77, 0x13,
0x60, 0x7C, 0xB6, 0x79, 0xB0, 0xA0, 0xB2, 0x26,
0x8D, 0x49, 0x3B, 0x67, 0xC0, 0x48, 0x18, 0x72,
0x17, 0x7F, 0xFD, 0x25, 0x93, 0xF3, 0xAC, 0xF6,
0x91, 0xCE, 0xE9, 0x9A, 0x36, 0xEC, 0xA7, 0x22,
0x57, 0x9E, 0xFA, 0xA5, 0x9A, 0xCC, 0x59, 0xEF,
0x8C, 0xEA, 0x91, 0x08, 0xE6, 0x20, 0xB0, 0x60,
0x56, 0xC1, 0x9D, 0x3C, 0x1E, 0xB9, 0x1E, 0x86,
0x34, 0xDE, 0x49, 0x57, 0x70, 0x6D, 0xFA, 0x8F,
0x9D, 0x0A, 0x9E, 0x0C, 0xD4, 0x09, 0x4F, 0x6B,
0x95, 0xA8, 0x3F, 0x11, 0x8A, 0x51, 0x3E, 0xBF,
0xE5, 0xE9, 0x9A, 0xEB, 0x88, 0xA2, 0x68, 0xE0,
0x09, 0x7F, 0xCC, 0x3C, 0x7A, 0xE2, 0x50, 0xB6,
0x81, 0x93, 0x3B, 0xBC, 0x2A, 0x8F, 0x53, 0x81,
0xF9, 0x4D, 0x15, 0x64, 0x34, 0xA8, 0x7E, 0x9E,
0xE3, 0x7E, 0x78, 0xC2, 0x7A, 0x0C, 0xDA, 0xEE,
0xA9, 0x81, 0x4B, 0xCB, 0x43, 0xDF, 0x53, 0x8D,
0xBE, 0x62, 0x8C, 0x80, 0x2C, 0x1A, 0x94, 0xE0,
0xCD, 0xDC, 0xD0, 0xCD, 0x5A, 0x0F, 0x82, 0x20,
0xDA, 0x97, 0xC2, 0x38, 0x39, 0x36, 0xA3, 0x39,
0x19, 0xFC, 0xDC, 0x11, 0xD7, 0x0E, 0xD4, 0x43,
0x7D, 0xD2, 0xD7, 0xC7, 0x3C, 0xD0, 0xC3, 0xBB,
0x90, 0xCA, 0x70, 0x70, 0x22, 0x8F, 0xE8, 0xD6,
0x4A, 0x1C, 0x9D, 0x56, 0xE6, 0xB3, 0x48, 0x30,
0xEF, 0x30, 0x0B, 0x5A, 0xA6, 0xEC, 0x6C, 0x78,
0xA5, 0x42, 0x5A, 0xE6, 0xF7, 0xAD, 0x0E, 0xFD,
0xD5, 0x27, 0xCF, 0x0A, 0xF8, 0xE0, 0x9B, 0x56,
0xE4, 0x95, 0xBE, 0x66, 0xF6, 0x65, 0xC6, 0x4B,
0x0A, 0x42, 0xC5, 0xC4, 0xB2, 0x46, 0x80, 0x48,
0x0A, 0xD2, 0xE5, 0xC1, 0x1D, 0x99, 0x1F, 0x7E,
0x3D, 0xA7, 0x59, 0xAE, 0xC8, 0x02, 0xF1, 0x76,
0xDD, 0xF1, 0x1E, 0xF7, 0x14, 0x69, 0xDC, 0x13,
0xB3, 0xA3, 0xE0, 0x36, 0x99, 0x51, 0x98, 0x58,
0xAC, 0x6F, 0xC6, 0x5C, 0x27, 0xFA, 0x4C, 0xEF,
0xDA, 0x09, 0xC8, 0x2E, 0x8F, 0x95, 0x8E, 0x01,
0x8D, 0xD5, 0x25, 0x5C, 0xA2, 0xF6, 0x28, 0xE0,
0xDA, 0x73, 0x91, 0xAB, 0xED, 0x6D, 0x37, 0x70,
0x55, 0x28, 0xAB, 0x22, 0xEC, 0x71, 0xDC, 0x88,
0x36, 0xD7, 0xFD, 0x46, 0x45, 0x94, 0x47, 0x03,
0xA5, 0x1C, 0xC7, 0x4D, 0x29, 0x70, 0x92, 0xFC,
0xE1, 0x39, 0xE8, 0x97, 0x6F, 0x8B, 0xE9, 0xC5,
0xF8, 0x63, 0x90, 0xB7, 0x4D, 0x40, 0x1A, 0x8C,
0x81, 0x53, 0x11, 0x22, 0x01, 0x13, 0x3D, 0x0C,
0x51, 0x7C, 0x6C, 0xE7, 0xA3, 0x8C, 0x08, 0x60,
0x69, 0xCE, 0x39, 0x71, 0xF1, 0xAD, 0x28, 0xF3,
0xE5, 0xD0, 0x1B, 0x56, 0xA4, 0x80, 0xB4, 0x17,
0xA0, 0x16, 0xAE, 0xA4, 0x63, 0x94, 0xCD, 0xF7,
0x64, 0x81, 0x29, 0x18, 0xD8, 0xAB, 0x05, 0x01,
0xD5, 0xD1, 0x8C, 0xE1, 0x3F, 0xBD, 0x3D, 0xE9,
0x1F, 0x50, 0x42, 0x15, 0xCC, 0xD0, 0xE2, 0xD1,
0x7B, 0x7E, 0x96, 0x3C, 0x86, 0x7F, 0x6F, 0x13,
0x21, 0x14, 0xE3, 0x64, 0x59, 0xFC, 0x5A, 0xF7,
0xCE, 0xE9, 0x9B, 0x78, 0x96, 0x73, 0xE5, 0x24,
0x13, 0x1F, 0x7D, 0xC7, 0x13, 0x60, 0x95, 0x1A,
0x99, 0x7A, 0x9C, 0xE5, 0x0D, 0xD5, 0xFA, 0xFC,
0x45, 0x21, 0x14, 0x44, 0x41, 0xC0, 0x6B, 0xB4,
0x1C, 0x79, 0xE8, 0xED, 0x53, 0x28, 0x5D, 0x13,
0x7D, 0x54, 0xF3, 0x25, 0xA6, 0xC2, 0xF2, 0xEF,
0x74, 0xE3, 0x4C, 0x0F, 0x87, 0x7A, 0x61, 0x4C,
0xE4, 0x5D, 0xC0, 0xAE, 0xDD, 0xF9, 0x5A, 0x0E,
0x2E, 0x4E, 0xDA, 0xE2, 0x9A, 0xF4, 0x11, 0xC9,
0xCC, 0x2A, 0xF9, 0x5C, 0x9E, 0xA9, 0xA9, 0x4A,
0x79, 0x61, 0xC8, 0x24, 0x6E, 0x65, 0x4F, 0xA2,
0x8F, 0x3D, 0x56, 0x8D, 0x5F, 0xEE, 0x93, 0x35,
0x2C, 0x2E, 0x0D, 0x60, 0xCC, 0xAF, 0x5B, 0x00,
0x09, 0x0A, 0xB6, 0xE7, 0xA5, 0x3A, 0xA0, 0x6A,
0x8C, 0xD3, 0x73, 0x7E, 0xBF, 0x1B, 0x65, 0xD6,
0x25, 0xBC, 0xF2, 0x20, 0xF7, 0x4D, 0xE2, 0x2D,
0x98, 0x71, 0xEF, 0xC3, 0x76, 0xBF, 0x08, 0x2D,
0x4B, 0x87, 0x2A, 0x30, 0x3C, 0x32, 0x42, 0x7A,
0x0C, 0x98, 0xBE, 0xCF, 0x58, 0x95, 0x9C, 0x9F,
0x9E, 0x2E, 0x88, 0x7D, 0xBC, 0x42, 0xAA, 0xB1,
0x65, 0x6A, 0xD1, 0x56, 0x37, 0xA6, 0xA8, 0xF4,
0xBF, 0x96, 0x34, 0x09, 0x54, 0x91, 0xF8, 0xC9,
0x92, 0x42, 0x91, 0x38, 0x91, 0x43, 0x7E, 0x6C,
0x5B, 0x50, 0xA2, 0x13, 0xDD, 0xE8, 0x0D, 0x21,
0x96, 0xBE, 0x12, 0xC3, 0x93, 0x7F, 0xE3, 0x23,
0x9B, 0xF6, 0x75, 0x9A, 0xBB, 0x8C, 0x1C, 0x94,
0x66, 0xF4, 0x2F, 0xBD, 0x53, 0x89, 0x4A, 0xE5,
0x2F, 0xB5, 0x33, 0x32, 0x14, 0x29, 0xFC, 0xE4,
0xFE, 0xC1, 0xDB, 0x35, 0x2C, 0x49, 0x58, 0x3A,
0x7D, 0x81, 0x7E, 0xAF, 0x62, 0x00, 0x08, 0x88,
0xEC, 0xB0, 0xEB, 0xFF, 0xEF, 0x69, 0xFF, 0x8E,
0x59, 0x0C, 0xFA, 0x25, 0xBE, 0xAB, 0x21, 0x60,
0x5B, 0x63, 0x5A, 0xBC, 0x2C, 0xA2, 0x36, 0x80,
0x78, 0x97, 0x25, 0xCF, 0x70, 0x0F, 0x55, 0x3C,
0x88, 0x35, 0x2F, 0x31, 0x61, 0x61, 0x54, 0x87,
0x3D, 0x18, 0xB6, 0xC6, 0xEB, 0x51, 0x9F, 0xC6,
0x39, 0xB0, 0x70, 0xFD, 0x67, 0xF8, 0x6A, 0xAB,
0x62, 0x34, 0x9D, 0xBF, 0xFA, 0x89, 0xF9, 0x30,
0x51, 0xA7, 0xC7, 0xB7, 0xBD, 0x16, 0x1F, 0xCD,
0x73, 0x67, 0x2C, 0xEE, 0xF5, 0x9A, 0x9B, 0xB7,
0xF5, 0x71, 0xEA, 0xBE, 0x25, 0x70, 0xC5, 0xBF,
0x31, 0xEC, 0xAA, 0x1F, 0x9C, 0xA7, 0xA9, 0xC6,
0xD3, 0x1E, 0xA5, 0xFB, 0x7C, 0x97, 0x9C, 0xDD,
0x26, 0x13, 0x89, 0x7E, 0x7D, 0x15, 0x03, 0xFB,
0x0C, 0x19, 0xAD, 0xDC, 0xFB, 0x3A, 0x63, 0xE2,
0x18, 0x5F, 0xC4, 0x10, 0x18, 0x38, 0xDA, 0x66,
0xCC, 0xE2, 0xD3, 0xD9, 0xFF, 0xB4, 0x77, 0x46,
0xC2, 0x00, 0x3E, 0xDD, 0x86, 0xC2, 0xF8, 0xC3
};
static const byte kprime_1024[KYBER_SS_SZ] = {
0xC6, 0x1F, 0x73, 0xD2, 0xBF, 0xB1, 0x85, 0x94,
0xE1, 0xBA, 0x5D, 0x3B, 0x58, 0xB4, 0xC9, 0x34,
0x20, 0x6D, 0x3A, 0x6F, 0x8E, 0xC9, 0x13, 0x95,
0xAB, 0x77, 0x79, 0xC6, 0x1F, 0xA1, 0xDD, 0x6F
};
#endif
static byte ss[KYBER_SS_SZ];
key = (KyberKey*)XMALLOC(sizeof(KyberKey), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(KyberKey));
}
#ifndef WOLFSSL_NO_KYBER512
ExpectIntEQ(wc_KyberKey_Init(KYBER512, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_DecodePrivateKey(key, dk_512, sizeof(dk_512)), 0);
ExpectIntEQ(wc_KyberKey_Decapsulate(key, ss, c_512, sizeof(c_512)), 0);
ExpectIntEQ(XMEMCMP(ss, kprime_512, KYBER_SS_SZ), 0);
wc_KyberKey_Free(key);
#endif
#ifndef WOLFSSL_NO_KYBER768
ExpectIntEQ(wc_KyberKey_Init(KYBER768, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_DecodePrivateKey(key, dk_768, sizeof(dk_768)), 0);
ExpectIntEQ(wc_KyberKey_Decapsulate(key, ss, c_768, sizeof(c_768)), 0);
ExpectIntEQ(XMEMCMP(ss, kprime_768, KYBER_SS_SZ), 0);
wc_KyberKey_Free(key);
#endif
#ifndef WOLFSSL_NO_KYBER1024
ExpectIntEQ(wc_KyberKey_Init(KYBER1024, key, NULL, INVALID_DEVID), 0);
ExpectIntEQ(wc_KyberKey_DecodePrivateKey(key, dk_1024, sizeof(dk_1024)), 0);
ExpectIntEQ(wc_KyberKey_Decapsulate(key, ss, c_1024, sizeof(c_1024)), 0);
ExpectIntEQ(XMEMCMP(ss, kprime_1024, KYBER_SS_SZ), 0);
wc_KyberKey_Free(key);
#endif
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && !defined(WOLFSSL_NO_ML_DSA_44)
static const byte ml_dsa_44_pub_key[] = {
0xf1, 0xdf, 0x1e, 0xfc, 0x6b, 0x41, 0xe7,
0x5e, 0xcb, 0xb5, 0xb5, 0xd2, 0x3c, 0xc8,
0xd3, 0x99, 0x73, 0x36, 0x9a, 0x0b, 0x32,
0x71, 0x7a, 0x9f, 0x6d, 0x66, 0x07, 0xb8,
0x31, 0x5f, 0x25, 0xb6, 0x2e, 0xee, 0x4f,
0x63, 0x13, 0x02, 0x45, 0x3c, 0xd1, 0x3d,
0x79, 0x6b, 0x3c, 0xfe, 0xd9, 0x2f, 0x39,
0xe8, 0x62, 0x60, 0xf0, 0x04, 0x83, 0x28,
0xaa, 0xdc, 0x15, 0x90, 0xef, 0x55, 0x48,
0xf9, 0xd2, 0xcd, 0x53, 0x87, 0x0e, 0x42,
0xba, 0x16, 0x87, 0x7b, 0x32, 0xa8, 0xbf,
0xed, 0x32, 0xa1, 0x19, 0x66, 0x44, 0xfe,
0x57, 0xec, 0x26, 0xed, 0x9e, 0x73, 0xa0,
0x87, 0xe8, 0x8a, 0x93, 0x3c, 0xec, 0x1d,
0xa0, 0xcc, 0x2e, 0x0d, 0x37, 0x5b, 0xb1,
0x74, 0x77, 0x18, 0x4b, 0xde, 0x4b, 0xc9,
0xac, 0xf8, 0xda, 0x23, 0x7a, 0x2a, 0x39,
0xfa, 0x96, 0x01, 0xff, 0xf0, 0xc7, 0xa7,
0x34, 0xca, 0x9d, 0xe9, 0xda, 0x4d, 0x85,
0x00, 0xc9, 0xe9, 0xcf, 0xb0, 0x3e, 0x21,
0xe6, 0xae, 0x52, 0x67, 0x4f, 0xe3, 0x93,
0x2f, 0x50, 0x47, 0xdd, 0x89, 0xa2, 0x48,
0xf8, 0xfe, 0x93, 0xfe, 0xce, 0x68, 0x9c,
0xe9, 0x4d, 0xdd, 0xbd, 0x9f, 0xeb, 0x14,
0x8d, 0x38, 0x7a, 0xc6, 0xf2, 0x50, 0x00,
0x91, 0x65, 0xd0, 0xd1, 0xeb, 0x51, 0xab,
0x3a, 0x0e, 0x45, 0x5c, 0xbd, 0x65, 0xf5,
0x78, 0xc6, 0xa0, 0xaa, 0xae, 0x50, 0xf2,
0x19, 0x1f, 0x90, 0x1a, 0x9f, 0x34, 0xa0,
0xa1, 0x95, 0x94, 0x86, 0x30, 0xc2, 0xb2,
0x95, 0x82, 0x13, 0xf6, 0x73, 0xe2, 0x03,
0xe3, 0x7c, 0x09, 0x8e, 0x5d, 0x07, 0xd6,
0x33, 0x93, 0x8a, 0x1b, 0x67, 0xc9, 0xb1,
0x76, 0x74, 0x1c, 0x22, 0x58, 0x05, 0x5a,
0xa8, 0x83, 0x68, 0xce, 0x64, 0xfc, 0x52,
0x7f, 0x35, 0x80, 0x6e, 0xdf, 0xf5, 0x2d,
0xd2, 0xd1, 0x17, 0xdc, 0xce, 0x95, 0xe8,
0xe6, 0x42, 0xb1, 0xb1, 0x61, 0xc1, 0x24,
0x79, 0x1c, 0x51, 0xfc, 0x3c, 0xba, 0x40,
0xf7, 0x70, 0x35, 0x22, 0x73, 0x31, 0x53,
0x21, 0xea, 0x09, 0xf7, 0xaa, 0x07, 0xb8,
0xfa, 0x0b, 0xa0, 0xa9, 0xb4, 0x8c, 0x83,
0xbb, 0x25, 0xfe, 0x39, 0x29, 0xef, 0x34,
0xd5, 0xe2, 0xc7, 0x9e, 0x87, 0xbd, 0x50,
0x86, 0x71, 0x12, 0x3e, 0x8a, 0x78, 0xe2,
0xb3, 0xe1, 0xfa, 0x5b, 0x73, 0x3b, 0x34,
0x9f, 0x4e, 0x7d, 0xd5, 0x1b, 0xb9, 0x8e,
0x43, 0x76, 0xef, 0x3e, 0x37, 0x70, 0x33,
0x36, 0xd1, 0xa1, 0xba, 0x1b, 0xb1, 0x79,
0xfb, 0x2c, 0xb1, 0x9b, 0xc3, 0x1b, 0x26,
0x83, 0x89, 0x4d, 0x53, 0x40, 0xa5, 0xf9,
0x8b, 0xe2, 0xec, 0x30, 0x1f, 0xf6, 0x16,
0xd6, 0x55, 0xce, 0x0e, 0x1b, 0xed, 0xe0,
0xeb, 0xc9, 0x7a, 0x2e, 0x1a, 0x85, 0x81,
0xa4, 0xe2, 0xa8, 0xbe, 0x9f, 0xac, 0x0b,
0x23, 0xb4, 0xbb, 0xc2, 0x0f, 0x66, 0x43,
0x45, 0x93, 0x20, 0x37, 0x4d, 0x47, 0x23,
0x7f, 0x4a, 0x5e, 0x8b, 0x19, 0xec, 0xd9,
0x57, 0x69, 0xc4, 0x91, 0xb0, 0xcd, 0x25,
0x2a, 0x7d, 0x52, 0xdb, 0x59, 0x18, 0x8b,
0x96, 0xad, 0x75, 0x21, 0x81, 0x1a, 0x2c,
0xb3, 0x26, 0x30, 0x78, 0x19, 0x2b, 0x22,
0x74, 0x6e, 0x92, 0x57, 0xec, 0x3c, 0x75,
0x8b, 0xd8, 0x4b, 0x7c, 0xd1, 0x72, 0x1b,
0x1f, 0xed, 0xae, 0x15, 0x82, 0xd3, 0xf6,
0xaf, 0x01, 0x31, 0xec, 0x1b, 0xca, 0xa5,
0xf8, 0x78, 0x7f, 0x8a, 0x8a, 0x03, 0xbd,
0x03, 0x0a, 0xc5, 0x4e, 0x15, 0xab, 0xa4,
0x76, 0x56, 0x5b, 0xf8, 0x50, 0xa9, 0xee,
0x61, 0xbd, 0x05, 0xe0, 0xdf, 0xc6, 0xbe,
0x4a, 0xaf, 0xdb, 0x96, 0x0a, 0x7e, 0xcb,
0x2e, 0xb0, 0x68, 0x4e, 0x2d, 0x88, 0x32,
0x1e, 0xe1, 0xbc, 0x08, 0x15, 0x15, 0x71,
0xe6, 0x77, 0x2b, 0xeb, 0x47, 0x81, 0xb7,
0xe8, 0x82, 0x9f, 0x5f, 0x94, 0xd2, 0xac,
0xa5, 0x89, 0x52, 0xe1, 0x3c, 0x59, 0xe0,
0x06, 0xe6, 0x66, 0xe1, 0xf9, 0x9d, 0x32,
0x42, 0x9d, 0x77, 0xfe, 0x6a, 0x12, 0x4a,
0xa3, 0xd2, 0x49, 0xbb, 0x39, 0xad, 0x42,
0xb7, 0x37, 0xfb, 0xde, 0x9d, 0xaf, 0x1b,
0xd5, 0x5a, 0x3b, 0x06, 0xa6, 0x51, 0x7d,
0x6a, 0x5c, 0x32, 0xdb, 0xde, 0x5d, 0x0d,
0x20, 0x88, 0xee, 0x8b, 0xa8, 0x49, 0x5b,
0x6c, 0x50, 0x72, 0xdb, 0x68, 0x44, 0x17,
0x28, 0xd4, 0xbb, 0x43, 0x8e, 0x00, 0xa5,
0xc8, 0x27, 0x00, 0xaa, 0x2b, 0xa4, 0xc2,
0x16, 0xcd, 0x2d, 0x59, 0xdc, 0x1a, 0xa2,
0x66, 0xe2, 0x96, 0x6b, 0xcc, 0x39, 0xc6,
0xe9, 0x2b, 0x14, 0xa7, 0x7d, 0x67, 0x5d,
0x54, 0xfc, 0x93, 0x73, 0x52, 0x47, 0xc7,
0x24, 0x1e, 0x7e, 0xc9, 0x2d, 0x87, 0x60,
0xd3, 0xd8, 0x76, 0xf0, 0x51, 0x04, 0xc7,
0xcb, 0x68, 0x0f, 0xd8, 0x4b, 0x22, 0xb2,
0x51, 0x87, 0xe9, 0x1e, 0x05, 0x3d, 0xe2,
0x8a, 0x6b, 0xb8, 0x96, 0xd6, 0xe0, 0x6e,
0x38, 0x74, 0x96, 0xad, 0x7e, 0x4f, 0x52,
0x35, 0xcf, 0x4a, 0x50, 0xe7, 0x60, 0x2e,
0x58, 0xcf, 0xdc, 0x7a, 0x9a, 0x21, 0x76,
0x1d, 0x2c, 0xd1, 0x98, 0xab, 0xab, 0xed,
0xf9, 0xec, 0xd5, 0x7b, 0x09, 0xad, 0x2e,
0xad, 0x5a, 0xdc, 0xad, 0xd6, 0x46, 0xba,
0x2d, 0x55, 0xf7, 0x0c, 0x9a, 0x23, 0x10,
0x50, 0x3e, 0x4f, 0xe1, 0xeb, 0x58, 0x8a,
0xc0, 0x17, 0x48, 0x41, 0x40, 0x65, 0x0b,
0xfb, 0x43, 0x9e, 0xf0, 0x37, 0x4a, 0x89,
0x4e, 0x71, 0xad, 0x44, 0x19, 0x13, 0xbb,
0x4a, 0x63, 0x83, 0x9e, 0x6a, 0x49, 0x1b,
0x28, 0xb0, 0x8e, 0x9c, 0x7b, 0xaf, 0xf9,
0x57, 0x5d, 0x35, 0x16, 0x5c, 0xa7, 0x5e,
0xd1, 0x0d, 0x83, 0xdc, 0x49, 0xdd, 0x40,
0x58, 0x9c, 0x97, 0x91, 0xa6, 0xb0, 0x68,
0xb0, 0xfa, 0x9e, 0xc0, 0x3f, 0x81, 0xc6,
0xce, 0x58, 0xc5, 0x87, 0xc6, 0xf4, 0x06,
0xec, 0x91, 0x57, 0x81, 0xce, 0x3a, 0xe8,
0xf1, 0x29, 0x3f, 0x01, 0x93, 0xf0, 0x74,
0x22, 0xea, 0x6b, 0x06, 0xd8, 0x65, 0xdb,
0xd7, 0x41, 0xd9, 0x60, 0x23, 0xe7, 0x83,
0xc8, 0x69, 0x6b, 0x90, 0xc5, 0xc7, 0xb9,
0xd5, 0xba, 0x79, 0xc9, 0x4a, 0x87, 0x23,
0x1c, 0x95, 0x78, 0xf3, 0x73, 0x10, 0xbe,
0xb2, 0x0f, 0x32, 0xec, 0xff, 0x15, 0x51,
0x4d, 0xb5, 0x48, 0x3c, 0xca, 0x4c, 0x5b,
0x32, 0x29, 0x47, 0x21, 0xba, 0x2a, 0x5d,
0xc9, 0x59, 0xfa, 0x8f, 0x33, 0x10, 0x83,
0x40, 0x80, 0xf3, 0xce, 0xee, 0x6d, 0xcd,
0x9c, 0xbb, 0x23, 0x0b, 0x45, 0xba, 0x7a,
0x07, 0xdc, 0x4d, 0x57, 0x97, 0xb4, 0xa4,
0xef, 0x94, 0xe8, 0x43, 0xfe, 0x18, 0x47,
0x1a, 0xb0, 0xf6, 0xb6, 0x0b, 0x55, 0x05,
0xbd, 0x67, 0x2d, 0x37, 0x27, 0x17, 0x13,
0x65, 0x22, 0xf2, 0x7c, 0xf7, 0x47, 0xd2,
0x85, 0x63, 0x98, 0x83, 0xd2, 0xc1, 0xbf,
0x8f, 0x4c, 0xda, 0xbf, 0xa4, 0x10, 0x6b,
0x4e, 0x6b, 0x78, 0x5e, 0x3f, 0x7a, 0xec,
0x15, 0x84, 0xbe, 0x1a, 0x94, 0xa2, 0x2b,
0xb5, 0x3e, 0x55, 0x86, 0x51, 0xec, 0x2e,
0x62, 0xcb, 0xd6, 0x9f, 0xe5, 0xa4, 0xb8,
0xc0, 0xaa, 0x4e, 0x6d, 0x8a, 0xb1, 0xd6,
0xf7, 0x8d, 0x1c, 0x04, 0x32, 0x8b, 0x20,
0xf5, 0x80, 0x33, 0xbd, 0xcc, 0x3e, 0x4c,
0x16, 0x04, 0xab, 0xd8, 0x64, 0x6d, 0xf9,
0xc9, 0x15, 0x7d, 0x4b, 0x00, 0x86, 0xb2,
0x70, 0x1d, 0x20, 0xcb, 0x7a, 0xed, 0x7e,
0x81, 0x7f, 0x41, 0x33, 0xb8, 0x7b, 0xc0,
0xa3, 0xbd, 0x12, 0xd1, 0x67, 0x48, 0xa0,
0xb9, 0xeb, 0xd5, 0x29, 0xab, 0x91, 0x9c,
0xa2, 0x2f, 0x8e, 0x01, 0x1c, 0x88, 0xc1,
0x3e, 0x34, 0x47, 0x36, 0x8a, 0x35, 0x6c,
0x2f, 0xc1, 0x8a, 0xb6, 0xd0, 0xa5, 0x01,
0x82, 0xee, 0x4f, 0x44, 0xb9, 0xcd, 0x16,
0x9c, 0x3a, 0xf8, 0xe9, 0x2a, 0xd2, 0xb6,
0x1d, 0xfd, 0x3c, 0x06, 0xdc, 0x42, 0xdd,
0x2d, 0x60, 0x6a, 0x44, 0x21, 0xc3, 0x37,
0x75, 0x79, 0xc5, 0x29, 0x5c, 0x7e, 0xf5,
0x86, 0xbb, 0x56, 0x05, 0x21, 0x46, 0xaf,
0x6d, 0x3a, 0xa2, 0x9e, 0x11, 0x6d, 0x9e,
0x05, 0x74, 0x8a, 0xfe, 0x84, 0x88, 0x3e,
0x76, 0xb4, 0xef, 0x2f, 0xeb, 0x52, 0xcd,
0x97, 0x82, 0xba, 0x0c, 0xcc, 0xcb, 0x72,
0x8d, 0x8d, 0xd2, 0x32, 0x7c, 0x41, 0x39,
0xa6, 0x22, 0xb7, 0xdc, 0x3f, 0x39, 0x43,
0xf5, 0xee, 0x0c, 0xfc, 0xbb, 0x2b, 0x43,
0xe8, 0xce, 0xae, 0x0c, 0xd9, 0x15, 0x22,
0x32, 0xbd, 0x69, 0xad, 0x76, 0xd9, 0xdf,
0x81, 0xdf, 0x24, 0x76, 0x7b, 0x53, 0x0b,
0xe6, 0xc7, 0x6c, 0x38, 0x2c, 0xbf, 0x28,
0x95, 0x03, 0x18, 0xef, 0x98, 0x88, 0xc2,
0x6b, 0x1a, 0xf5, 0xb4, 0xf9, 0x19, 0x76,
0x25, 0x1d, 0xcf, 0x9b, 0xcd, 0x4c, 0x00,
0x06, 0xde, 0x55, 0x58, 0x95, 0x9a, 0x06,
0xfb, 0xf9, 0x88, 0x20, 0x85, 0x80, 0xe3,
0x27, 0xdf, 0xc5, 0x20, 0x29, 0x7c, 0x58,
0x02, 0x07, 0x2e, 0xd2, 0xeb, 0xdc, 0x68,
0x58, 0x91, 0x08, 0x71, 0x16, 0xb3, 0x82,
0x2f, 0x6c, 0x45, 0xcd, 0xbe, 0xe5, 0x0c,
0x07, 0x77, 0x95, 0x3b, 0x2c, 0x59, 0x8e,
0xba, 0x07, 0xa8, 0xa1, 0xc6, 0xe5, 0x6a,
0x49, 0xb5, 0x85, 0xf2, 0x70, 0x05, 0x22,
0xc4, 0x2f, 0x8d, 0xdd, 0x48, 0x8d, 0x87,
0xfa, 0xb6, 0xf8, 0x59, 0xc8, 0xb1, 0x18,
0x03, 0x5f, 0xce, 0x53, 0x28, 0x96, 0x15,
0xd4, 0xb4, 0x10, 0x2c, 0xe2, 0x22, 0x9e,
0x88, 0xe5, 0xcd, 0xda, 0xfc, 0xf9, 0x64,
0xa4, 0x7b, 0xfb, 0xeb, 0xa8, 0x6a, 0xb6,
0xf6, 0x17, 0x84, 0x26, 0x3d, 0xe4, 0x66,
0x7e, 0x5c, 0x85, 0x01, 0xaf, 0xdc, 0xdb,
0x48, 0x33, 0x4a, 0x20, 0x7c, 0x22, 0x1b,
0xd5, 0xeb, 0x2d,
};
static const byte ml_dsa_44_good_sig[] = {
0xfc, 0x2d, 0xa0, 0x06, 0x85, 0xc2, 0xfc,
0x92, 0x47, 0x77, 0x0b, 0x39, 0xbf, 0xe5,
0xba, 0xd4, 0x44, 0xbf, 0xde, 0xce, 0x1f,
0x04, 0xa2, 0x87, 0xed, 0x4a, 0xce, 0x0e,
0xf3, 0x95, 0x61, 0x1e, 0x66, 0x4e, 0x9a,
0x5d, 0x00, 0x31, 0x32, 0xf0, 0x90, 0x3d,
0x7e, 0xf2, 0x9d, 0xe2, 0x93, 0xa1, 0xc8,
0x64, 0x36, 0xf2, 0x59, 0xc7, 0x9e, 0xb6,
0xb3, 0x6f, 0xe5, 0x80, 0x8d, 0x92, 0x77,
0xd6, 0xb6, 0xe4, 0xc5, 0x5e, 0x79, 0x45,
0x4b, 0xd0, 0xfe, 0x53, 0x55, 0xb6, 0x66,
0x88, 0xfe, 0x95, 0x40, 0x07, 0xfd, 0xdb,
0x40, 0x33, 0x39, 0x67, 0x03, 0x30, 0x8e,
0x80, 0x4e, 0xa7, 0x0e, 0xe4, 0x05, 0x04,
0xc5, 0x33, 0x72, 0x47, 0x5b, 0x85, 0x0f,
0xe1, 0xeb, 0x98, 0x1a, 0x76, 0x79, 0x84,
0xce, 0x26, 0x66, 0xe8, 0x92, 0xc9, 0x1f,
0x40, 0x96, 0x72, 0xfe, 0x61, 0xae, 0xba,
0x84, 0x70, 0xb7, 0x92, 0x2f, 0x7e, 0xc8,
0xe8, 0xe4, 0x34, 0x73, 0xd4, 0x69, 0x57,
0x3e, 0x28, 0x2b, 0x18, 0x0f, 0xef, 0xb1,
0x06, 0xe2, 0xf8, 0x79, 0x70, 0x5a, 0x84,
0x84, 0x6c, 0xb3, 0x57, 0x5b, 0x18, 0x42,
0xdf, 0xd5, 0xdb, 0xf8, 0x35, 0x5f, 0x7b,
0x23, 0x25, 0x2f, 0x0f, 0x17, 0x0b, 0x9a,
0xb6, 0xe8, 0x31, 0x30, 0x6b, 0x90, 0x06,
0x2c, 0xfd, 0xca, 0xaa, 0xa6, 0xc3, 0xdc,
0x88, 0xa7, 0x31, 0x74, 0x67, 0xe2, 0x64,
0x8f, 0x5c, 0xc4, 0xc0, 0x4d, 0x34, 0x15,
0x0d, 0xd2, 0x23, 0x69, 0xfc, 0x6e, 0xbb,
0x82, 0xca, 0xc4, 0xee, 0xf1, 0x14, 0xc1,
0xd4, 0x5a, 0x71, 0x78, 0x9b, 0x40, 0x01,
0xb9, 0xe4, 0x6e, 0x68, 0xf6, 0x13, 0xca,
0xc1, 0xea, 0x70, 0x71, 0x3d, 0xc9, 0x1a,
0x62, 0xb9, 0xa9, 0xe0, 0x1e, 0xe2, 0x34,
0xf2, 0x9a, 0xf7, 0x23, 0xb3, 0xc1, 0xca,
0x35, 0x0e, 0x5e, 0xa7, 0xd1, 0x3d, 0xea,
0x51, 0xdc, 0xe2, 0x0e, 0xfc, 0x7d, 0x26,
0x75, 0xec, 0x9a, 0x6e, 0x40, 0x1f, 0x60,
0x06, 0xd7, 0x56, 0xf8, 0xa4, 0x2a, 0x82,
0x9c, 0xef, 0x51, 0x4a, 0xe1, 0x01, 0x2b,
0xb0, 0x8b, 0x34, 0x7b, 0xe1, 0x63, 0xa4,
0xcc, 0x72, 0x81, 0xd9, 0xb4, 0x20, 0xcc,
0x60, 0xe2, 0x15, 0x6d, 0xc7, 0x6c, 0x75,
0x65, 0x4d, 0xb6, 0xc0, 0x36, 0x49, 0x87,
0x06, 0x3e, 0xca, 0x1c, 0x32, 0x36, 0x2f,
0xe3, 0xf6, 0x06, 0x0a, 0xb1, 0xd2, 0xfb,
0xee, 0x4e, 0xd7, 0xce, 0x65, 0xcc, 0x89,
0xf2, 0x77, 0x14, 0x27, 0x27, 0x84, 0x52,
0x97, 0x1b, 0x89, 0x17, 0x31, 0x8d, 0xc4,
0x0f, 0xc7, 0xc6, 0x45, 0x44, 0x9a, 0x97,
0xd3, 0x88, 0x71, 0x73, 0x97, 0x64, 0xa6,
0xe6, 0x3d, 0xf2, 0xd3, 0x7f, 0x7f, 0xfa,
0x4f, 0xf4, 0xe9, 0x76, 0x8a, 0x2a, 0xfe,
0x28, 0x8e, 0xa5, 0xb3, 0x46, 0x2b, 0xad,
0x50, 0x5e, 0x12, 0xcd, 0xf8, 0x46, 0xe4,
0x06, 0x12, 0xc2, 0xb8, 0xcd, 0x04, 0x76,
0x07, 0x7c, 0xed, 0x2f, 0x0f, 0xd6, 0x97,
0x31, 0xa4, 0x0c, 0x18, 0x85, 0x75, 0xd3,
0x55, 0xfd, 0xe3, 0x1a, 0xbf, 0x43, 0xde,
0x20, 0xa9, 0x19, 0xcd, 0x03, 0x01, 0xdf,
0x04, 0x71, 0x09, 0x94, 0x99, 0x51, 0xb0,
0x8e, 0x32, 0x80, 0xe6, 0x64, 0x4b, 0xdf,
0xa5, 0xec, 0xfa, 0xce, 0xf6, 0xf3, 0xce,
0x51, 0xe8, 0x6d, 0x03, 0x1e, 0x69, 0x59,
0xef, 0x20, 0x98, 0x71, 0xe2, 0xc3, 0xec,
0x19, 0x03, 0xa9, 0x2d, 0x12, 0x21, 0x79,
0x7e, 0xb0, 0xcb, 0x76, 0x68, 0x2f, 0x11,
0x01, 0x2b, 0x11, 0xef, 0xd6, 0xb7, 0x8b,
0x5e, 0x31, 0x78, 0x7b, 0x2d, 0xe6, 0x4a,
0xfb, 0xc1, 0xbb, 0x78, 0x92, 0x11, 0xcb,
0x91, 0x97, 0x52, 0x1b, 0x8e, 0xfb, 0x59,
0x02, 0x22, 0xbe, 0xf7, 0x33, 0xaa, 0x7b,
0xfd, 0x93, 0xf7, 0xa8, 0x9b, 0xfc, 0x99,
0x36, 0x22, 0x04, 0x1e, 0xdc, 0xa3, 0x2b,
0xe6, 0xac, 0x2e, 0x4b, 0x38, 0x0a, 0x25,
0xde, 0x3d, 0x8e, 0x0b, 0x95, 0x04, 0x48,
0x3d, 0x66, 0x52, 0x99, 0x79, 0xe1, 0x8d,
0xe0, 0xa7, 0xd5, 0x23, 0x0d, 0x45, 0x89,
0x88, 0xa9, 0x59, 0x4e, 0xc7, 0x64, 0x39,
0x93, 0xdd, 0xcb, 0xfe, 0x97, 0xe7, 0x7d,
0xab, 0x61, 0x08, 0xf7, 0x7a, 0xff, 0x10,
0x1d, 0x8d, 0x11, 0xa9, 0x97, 0xbd, 0x16,
0xb5, 0x6c, 0x84, 0x71, 0x61, 0x72, 0x36,
0x51, 0xe7, 0x43, 0x8b, 0x15, 0xb2, 0x48,
0x6a, 0x14, 0x8a, 0xbe, 0x92, 0xa7, 0xfa,
0xce, 0x02, 0x1a, 0x7f, 0xc5, 0xdb, 0x76,
0x0a, 0x4c, 0xc7, 0x20, 0x2a, 0x34, 0xf4,
0x92, 0x3b, 0x34, 0x69, 0x71, 0x3d, 0xe1,
0xf2, 0x2f, 0x52, 0xe1, 0x48, 0xbe, 0x27,
0x47, 0x1d, 0x55, 0x96, 0x6e, 0xa3, 0x39,
0xc6, 0xd8, 0x12, 0xe0, 0xb2, 0x93, 0x56,
0xef, 0x10, 0xf4, 0xa6, 0xf4, 0x5f, 0xa9,
0xfd, 0x5d, 0x01, 0x87, 0xb8, 0xe5, 0x4f,
0x86, 0x2c, 0xa5, 0x09, 0xfc, 0x29, 0x84,
0x5b, 0x44, 0xf9, 0x8d, 0x9c, 0xbb, 0x19,
0x97, 0x52, 0xbb, 0xac, 0x19, 0x57, 0x68,
0x7d, 0x74, 0xb5, 0x4f, 0xda, 0x8a, 0x9c,
0xcf, 0x5d, 0x7b, 0xd9, 0xf0, 0xb3, 0x11,
0x76, 0x50, 0x03, 0x06, 0x44, 0xe7, 0x68,
0x35, 0xe9, 0x14, 0x20, 0xbd, 0x0d, 0x90,
0x96, 0x21, 0xa1, 0x17, 0x8f, 0xf7, 0x50,
0x6c, 0xc0, 0x76, 0x3d, 0x34, 0x8d, 0xf2,
0x75, 0xf0, 0xa2, 0x6c, 0x8a, 0xc1, 0x56,
0x95, 0xb2, 0xd9, 0x87, 0xf2, 0xe4, 0x80,
0x25, 0xc7, 0x97, 0xd2, 0xd2, 0xf8, 0x1c,
0x7a, 0x48, 0x70, 0x99, 0x6b, 0xf2, 0x50,
0x83, 0xf3, 0x10, 0xb1, 0x9b, 0x6d, 0x75,
0x53, 0x86, 0x23, 0xc9, 0x60, 0x4d, 0x73,
0xc7, 0x52, 0x90, 0x12, 0x6b, 0x92, 0x2d,
0x35, 0xbc, 0x4d, 0x86, 0x67, 0xfe, 0x35,
0x11, 0x6c, 0xbb, 0x9b, 0x76, 0xaf, 0x26,
0xae, 0x50, 0x23, 0x76, 0x68, 0x16, 0x80,
0xf0, 0xa4, 0xcc, 0x76, 0x6b, 0xf3, 0x99,
0x04, 0x8b, 0x39, 0xf2, 0xa6, 0xa9, 0x72,
0x6f, 0xbe, 0xa8, 0xdb, 0x53, 0xf3, 0x93,
0x00, 0xac, 0x3e, 0x8f, 0xdd, 0x68, 0x9e,
0x2f, 0xe3, 0x48, 0x0b, 0x11, 0xe2, 0x9a,
0xfa, 0x98, 0x32, 0x40, 0x26, 0xf8, 0x83,
0xc6, 0x00, 0x02, 0x7d, 0xb5, 0xd2, 0xd4,
0xdd, 0xc6, 0x02, 0xec, 0xb3, 0x98, 0xd6,
0x8e, 0xab, 0x75, 0x06, 0x37, 0x97, 0x4c,
0x50, 0xc5, 0xe1, 0x43, 0x34, 0xd6, 0xbd,
0xb6, 0xfc, 0xb7, 0x04, 0x0d, 0xd8, 0x35,
0xb4, 0x3e, 0x0e, 0x43, 0x22, 0x83, 0xf5,
0x5d, 0x2e, 0x0a, 0x8f, 0xa0, 0xec, 0x17,
0xd9, 0xa1, 0x84, 0x98, 0x32, 0x5c, 0x99,
0x66, 0x05, 0x70, 0x9a, 0xa4, 0x9b, 0xbe,
0xd3, 0x3d, 0x2a, 0x13, 0xb1, 0x96, 0x37,
0x4f, 0xe7, 0x6f, 0x6b, 0x5e, 0x80, 0xe4,
0xb6, 0x98, 0x56, 0xed, 0xff, 0x5b, 0x21,
0x5f, 0x79, 0x9a, 0x0f, 0x53, 0x69, 0x76,
0xdb, 0xc0, 0x12, 0x9c, 0xed, 0xd4, 0x00,
0x64, 0xca, 0xf4, 0xc3, 0x17, 0x49, 0xbb,
0xef, 0xbc, 0x7b, 0x73, 0x24, 0x4f, 0x6e,
0xcf, 0x25, 0x49, 0x30, 0x4f, 0x9a, 0xb7,
0x2a, 0x2f, 0xc2, 0x69, 0x74, 0xe5, 0xa6,
0xd7, 0x29, 0x4d, 0x80, 0xe6, 0xf6, 0x66,
0x4b, 0xdf, 0xef, 0xfd, 0xb5, 0xaa, 0x53,
0x75, 0x0e, 0xf5, 0x92, 0xb3, 0x30, 0x3d,
0x5d, 0xa8, 0x49, 0x74, 0xa2, 0x13, 0xb3,
0x99, 0x7e, 0xf9, 0x34, 0x08, 0xc2, 0xa6,
0xc9, 0xd1, 0xb7, 0x65, 0xf4, 0xa9, 0xda,
0x11, 0x07, 0x89, 0x08, 0x92, 0xdf, 0x1a,
0x8d, 0xd7, 0x1e, 0xe9, 0xa3, 0x5c, 0x66,
0x79, 0xa0, 0x2d, 0xd1, 0xd9, 0x65, 0xa2,
0xd3, 0x47, 0xb1, 0xa1, 0xf4, 0xa1, 0x18,
0x7f, 0xb0, 0xd1, 0x20, 0x05, 0x06, 0x6f,
0xda, 0xe3, 0xef, 0xee, 0x47, 0xdf, 0x80,
0x22, 0x14, 0x4b, 0xc2, 0xe4, 0xea, 0x02,
0xe7, 0x06, 0xc8, 0x2d, 0x2d, 0xbd, 0xd2,
0xef, 0xd3, 0x3b, 0xf0, 0xc8, 0xc1, 0x04,
0x53, 0x81, 0x27, 0xb2, 0xf2, 0xf8, 0x5d,
0xe1, 0x27, 0xd6, 0xd8, 0x2e, 0x0d, 0x43,
0xf4, 0xf0, 0x7a, 0x8c, 0x78, 0x3f, 0x23,
0x4d, 0x05, 0xf6, 0xc6, 0x9a, 0xc1, 0x19,
0x58, 0x48, 0x02, 0x71, 0xc4, 0xf1, 0x16,
0xc2, 0xbf, 0xc2, 0xf5, 0xa6, 0x70, 0x25,
0x8b, 0x6c, 0x31, 0xa6, 0x2b, 0x6a, 0x1f,
0x26, 0x4a, 0x6b, 0x05, 0x67, 0xa9, 0x5e,
0xa6, 0xc7, 0x19, 0xf0, 0x6f, 0xc2, 0xa4,
0x07, 0xe1, 0xf8, 0xb6, 0x70, 0x79, 0x85,
0x97, 0x1f, 0xc2, 0x97, 0xf3, 0x57, 0x3d,
0xd1, 0x70, 0xb1, 0xe8, 0x43, 0x11, 0xe6,
0x2f, 0x8a, 0x12, 0x97, 0xe1, 0x1f, 0x86,
0x33, 0xa1, 0x30, 0xb3, 0x8e, 0xd7, 0x43,
0x99, 0x35, 0xd3, 0x48, 0x04, 0x29, 0xa3,
0xf3, 0x2c, 0x0e, 0xda, 0x66, 0xc8, 0xa9,
0xd3, 0x28, 0x7f, 0xf0, 0xaa, 0x53, 0xc8,
0x4b, 0xa3, 0xde, 0xcc, 0x5f, 0xae, 0x9b,
0x2f, 0x20, 0xf7, 0x9a, 0x41, 0xb7, 0xdb,
0x7a, 0x92, 0xa1, 0x45, 0x2c, 0x49, 0xb7,
0x2d, 0xe5, 0x6e, 0x84, 0xb1, 0xa4, 0x6e,
0xea, 0xf9, 0xca, 0xc6, 0x0f, 0xd3, 0xdc,
0xad, 0x79, 0xf4, 0x3b, 0xc0, 0x8c, 0x8c,
0x6f, 0xdf, 0x2c, 0xbb, 0x2a, 0x9f, 0x74,
0x2f, 0x31, 0x7b, 0x05, 0xc5, 0xc4, 0x22,
0xfd, 0xfc, 0xdf, 0x95, 0x3b, 0x21, 0x41,
0xab, 0x5b, 0xe9, 0x37, 0xdf, 0xd3, 0x4c,
0x97, 0x73, 0xac, 0xbd, 0x82, 0x97, 0xd0,
0x00, 0x55, 0x47, 0xa4, 0x67, 0x12, 0xcd,
0xe3, 0x01, 0x31, 0xe6, 0x1c, 0x61, 0xf8,
0xa4, 0xce, 0x23, 0xed, 0xeb, 0x8f, 0x57,
0xbf, 0x97, 0x4b, 0x26, 0x75, 0xa0, 0x4b,
0xf6, 0x7e, 0xda, 0x1c, 0x90, 0x8a, 0xc4,
0xf4, 0x60, 0xfc, 0x65, 0x45, 0x8c, 0x1b,
0x5c, 0x65, 0xc4, 0x5d, 0x99, 0x9a, 0xed,
0x62, 0xd6, 0x74, 0x43, 0xac, 0x5e, 0x0c,
0xfd, 0x7d, 0xf2, 0x4f, 0xc3, 0x02, 0xc8,
0x24, 0xa7, 0x17, 0x49, 0xf9, 0xdd, 0xc9,
0x64, 0x71, 0x08, 0xb9, 0xac, 0x47, 0x3d,
0x6a, 0x4f, 0xdc, 0xa6, 0x56, 0x00, 0x01,
0x53, 0x2d, 0xca, 0x32, 0x4e, 0x40, 0xec,
0x14, 0x03, 0x69, 0x75, 0xfa, 0x93, 0x49,
0x98, 0x04, 0x25, 0x29, 0xe5, 0x78, 0x6e,
0x3e, 0x99, 0x58, 0x18, 0x48, 0xf3, 0x29,
0x56, 0x8d, 0x23, 0xd1, 0x5d, 0xb2, 0x2a,
0x74, 0xa7, 0x53, 0xc5, 0xc6, 0xc4, 0x12,
0xfe, 0x65, 0x6c, 0xde, 0xc3, 0x6c, 0x18,
0xde, 0xc3, 0x97, 0xaa, 0xed, 0x69, 0x3c,
0x4d, 0xc9, 0xa9, 0x63, 0xa9, 0x4d, 0x91,
0x63, 0xa3, 0x1c, 0x87, 0x36, 0x19, 0x4a,
0xc5, 0xd1, 0xcb, 0xf4, 0x88, 0xfd, 0xa0,
0x9b, 0x37, 0x9a, 0x7e, 0xcc, 0x09, 0xac,
0x3b, 0xf0, 0xf5, 0xb5, 0x15, 0x72, 0x47,
0xb0, 0x42, 0x0d, 0xed, 0x19, 0x42, 0x93,
0x5a, 0x56, 0xbf, 0x2c, 0x4b, 0xec, 0xf4,
0x13, 0x30, 0x0b, 0xdf, 0x0e, 0xc1, 0x22,
0xa5, 0x6c, 0xf4, 0xcf, 0x09, 0x83, 0xe2,
0xd0, 0x05, 0x62, 0x8d, 0xda, 0xea, 0x79,
0xa9, 0x6c, 0xe1, 0x90, 0xc0, 0xe7, 0x6d,
0x63, 0x8e, 0xe5, 0xe0, 0xa9, 0x67, 0x80,
0xb7, 0x80, 0x43, 0xfc, 0xa1, 0x11, 0x6d,
0xc9, 0x91, 0xa3, 0xcb, 0x1a, 0x6e, 0xf8,
0x6e, 0xdb, 0xf0, 0x7d, 0xeb, 0x45, 0x6a,
0xee, 0xd8, 0x3e, 0x6b, 0x9a, 0xc4, 0xcd,
0x7b, 0x35, 0x19, 0x73, 0x14, 0x22, 0x47,
0x86, 0x54, 0x34, 0xc9, 0x02, 0x49, 0xe6,
0xb9, 0x45, 0xf7, 0x2c, 0xf7, 0xa4, 0x12,
0xc4, 0x7a, 0x95, 0x41, 0x54, 0x8d, 0x51,
0xc5, 0x1a, 0x19, 0x75, 0x0c, 0x11, 0x03,
0xd0, 0x6f, 0x56, 0x04, 0xb2, 0x87, 0x21,
0xdb, 0x47, 0xed, 0x9b, 0xe8, 0xec, 0xa3,
0xe1, 0x74, 0x3e, 0x21, 0x50, 0xf2, 0x09,
0x2c, 0x5e, 0x3d, 0xca, 0xa7, 0x31, 0x7c,
0xbd, 0xe4, 0xf1, 0x15, 0x0d, 0xe6, 0x3d,
0x4c, 0x8e, 0x36, 0x45, 0xf7, 0x08, 0x3d,
0x56, 0x63, 0xb6, 0x99, 0x46, 0x34, 0x48,
0xfa, 0xcf, 0x88, 0xe5, 0x43, 0xf7, 0x88,
0xd5, 0x55, 0x13, 0xfe, 0x79, 0x02, 0x49,
0x1e, 0x82, 0x45, 0x45, 0x29, 0x8e, 0x0a,
0x7c, 0x77, 0x51, 0x1b, 0x8e, 0x75, 0xd5,
0xd6, 0x61, 0xff, 0xa5, 0xfe, 0x59, 0x48,
0xbf, 0xfc, 0xf2, 0xcd, 0x37, 0x09, 0x4c,
0xb6, 0xfc, 0xb0, 0x20, 0x5f, 0x12, 0x7a,
0x3f, 0x64, 0x96, 0xdb, 0xc8, 0xe8, 0xd0,
0x11, 0x19, 0x47, 0x95, 0x2d, 0x3d, 0xbf,
0x56, 0x9c, 0x23, 0x30, 0x07, 0x1f, 0x2c,
0x04, 0x5c, 0x7e, 0x4e, 0x2e, 0xa6, 0x20,
0x38, 0xa0, 0x88, 0x47, 0x8a, 0x3f, 0x8f,
0x8a, 0xe7, 0x6d, 0x0a, 0xf1, 0x2d, 0xd6,
0x10, 0x23, 0x01, 0x62, 0x71, 0x5a, 0xbb,
0x51, 0x98, 0xa1, 0x27, 0x7d, 0xba, 0x5f,
0xe4, 0xdc, 0xd6, 0xd7, 0x4c, 0x1a, 0xe0,
0x4d, 0xe1, 0xee, 0x61, 0xb7, 0xc5, 0x50,
0x92, 0x99, 0xc7, 0x7b, 0x18, 0xf9, 0x89,
0x2b, 0x57, 0xf9, 0xe9, 0xac, 0x23, 0x6e,
0xff, 0xbd, 0x5a, 0x93, 0xdf, 0x15, 0x74,
0x92, 0x0b, 0x76, 0x84, 0x96, 0x94, 0x1b,
0x8f, 0xe4, 0x6e, 0x2b, 0xd7, 0x47, 0xfd,
0x24, 0x3b, 0xe4, 0xe4, 0x99, 0xf9, 0x0b,
0xf9, 0x29, 0x25, 0x25, 0x6a, 0xc0, 0x1e,
0xb8, 0x8c, 0xd6, 0xd0, 0x6e, 0x13, 0x86,
0xa8, 0x7c, 0xc3, 0x31, 0x30, 0x2e, 0x9b,
0x51, 0xc1, 0x21, 0xea, 0x15, 0x8e, 0xd8,
0x06, 0xa2, 0xe9, 0x12, 0x9f, 0xcb, 0x6b,
0x24, 0xef, 0x4e, 0x19, 0x6c, 0xa5, 0x98,
0x47, 0x8b, 0x4d, 0xbe, 0x00, 0x0c, 0x04,
0xe3, 0x4d, 0x84, 0x64, 0x36, 0x20, 0x9f,
0xde, 0xe2, 0x55, 0x89, 0x3e, 0x40, 0xe1,
0xe3, 0x63, 0x0a, 0xe7, 0x15, 0x4c, 0xcd,
0x4b, 0x63, 0x6f, 0x70, 0xc2, 0x84, 0x30,
0x5d, 0x22, 0xd0, 0xe4, 0x65, 0xfb, 0x8a,
0x07, 0x1a, 0x54, 0xf5, 0x4b, 0x65, 0xad,
0x64, 0x91, 0x6e, 0x23, 0x98, 0x31, 0x26,
0x79, 0x70, 0x94, 0xff, 0xc0, 0x65, 0x70,
0xb4, 0x9d, 0x74, 0x8e, 0x76, 0x6b, 0x9a,
0x24, 0x28, 0x0d, 0x8a, 0x93, 0x87, 0x18,
0x04, 0x10, 0xfd, 0x0b, 0xaf, 0xd3, 0x92,
0xbb, 0xb5, 0x41, 0xd2, 0x87, 0xc7, 0x69,
0x89, 0x0c, 0x52, 0xf8, 0x46, 0x70, 0x8e,
0xf0, 0x99, 0x96, 0x57, 0x40, 0x9c, 0xef,
0x9a, 0xc2, 0x63, 0x47, 0x13, 0x11, 0x68,
0x40, 0xab, 0x36, 0x16, 0x53, 0xd6, 0x8f,
0x58, 0x5a, 0xdd, 0x0c, 0xd7, 0x17, 0x6a,
0x39, 0x34, 0xf1, 0xe7, 0x75, 0x3b, 0x41,
0x7e, 0x5a, 0x70, 0xfe, 0x5b, 0x08, 0x30,
0xf4, 0x7b, 0x1d, 0xd0, 0x70, 0xae, 0x18,
0xad, 0xd4, 0xff, 0xbb, 0xa4, 0x31, 0xec,
0x28, 0x72, 0x64, 0x9a, 0x24, 0x16, 0x30,
0xe4, 0xc5, 0x3c, 0xb0, 0x3c, 0x81, 0x4f,
0xb9, 0xfc, 0xe1, 0x3a, 0x05, 0x17, 0xb2,
0x18, 0x4c, 0x98, 0x3b, 0xfc, 0x93, 0xf0,
0x0d, 0xb6, 0x3c, 0x54, 0x7b, 0x10, 0xfd,
0x7f, 0x63, 0xfe, 0xa5, 0xc6, 0xb5, 0x24,
0xb4, 0xf2, 0x2f, 0xb2, 0x6f, 0x7f, 0xdb,
0x01, 0xdb, 0xaf, 0x57, 0xdc, 0xdb, 0xf4,
0xc8, 0x31, 0xb0, 0xdd, 0x05, 0x8b, 0x9b,
0x6e, 0x7c, 0x5e, 0x5e, 0x31, 0x2c, 0x7f,
0xbb, 0xa4, 0x26, 0x88, 0xe1, 0x55, 0x3d,
0x8d, 0x36, 0x69, 0xb7, 0xc8, 0xcc, 0x05,
0xfe, 0x6e, 0xcc, 0xcb, 0xfd, 0x81, 0x14,
0x8b, 0xbc, 0x0c, 0xd4, 0x7e, 0xb4, 0x13,
0xc0, 0xe2, 0x51, 0xf4, 0x07, 0xde, 0xc4,
0x1c, 0xf0, 0xc8, 0x92, 0xd4, 0x38, 0xd7,
0x1e, 0x57, 0xa7, 0x4b, 0xc7, 0xf8, 0xca,
0xcc, 0x61, 0x86, 0x96, 0x50, 0x4e, 0x6a,
0x71, 0xbd, 0x5f, 0xc6, 0x48, 0x8b, 0x6f,
0xeb, 0x53, 0x50, 0xea, 0x35, 0x39, 0x79,
0xcc, 0xee, 0xae, 0x81, 0x0f, 0xe2, 0xd2,
0xbb, 0x81, 0x03, 0x8a, 0xeb, 0x98, 0xc2,
0xad, 0xb7, 0xc0, 0x14, 0x68, 0xb9, 0x7e,
0x8e, 0x30, 0x11, 0x43, 0x59, 0x8f, 0x04,
0x2f, 0x7a, 0x99, 0x36, 0xd0, 0x75, 0x07,
0x6b, 0x8e, 0xc2, 0x10, 0xac, 0xc6, 0x4d,
0x30, 0x91, 0x9f, 0xde, 0x33, 0x0e, 0xe7,
0xbc, 0xe5, 0x94, 0xbf, 0x80, 0xdb, 0xb7,
0xe0, 0x8f, 0xb7, 0x74, 0xc3, 0x77, 0x18,
0x76, 0x33, 0x34, 0xb8, 0xe4, 0x81, 0xa5,
0xd9, 0xf7, 0x78, 0xba, 0xec, 0x62, 0x34,
0xcb, 0x54, 0xbe, 0x90, 0xc1, 0x56, 0x59,
0x22, 0x94, 0x5b, 0x1a, 0x8f, 0xc6, 0x8f,
0xf2, 0x84, 0x1f, 0x61, 0x4e, 0xeb, 0x98,
0x72, 0xdd, 0xde, 0xc9, 0xc6, 0xab, 0xd1,
0xad, 0xd1, 0x02, 0x60, 0x82, 0x89, 0xba,
0xf5, 0x1a, 0x6b, 0xde, 0x96, 0x19, 0x64,
0x44, 0x0a, 0xd6, 0x27, 0x9f, 0x67, 0x96,
0x44, 0xcc, 0x4b, 0xfd, 0x8f, 0x9e, 0xa1,
0x1f, 0x06, 0xac, 0x2e, 0xcf, 0xdb, 0xc7,
0x08, 0x5e, 0xe3, 0xa2, 0x59, 0xa2, 0x22,
0xf1, 0x7a, 0xce, 0xf5, 0x30, 0x53, 0xc0,
0xbb, 0x36, 0x13, 0x95, 0x69, 0xe2, 0x28,
0x47, 0xad, 0xb1, 0x82, 0xfd, 0x14, 0xf6,
0x6e, 0xed, 0x5b, 0xe0, 0xeb, 0x13, 0x5c,
0xc6, 0x72, 0xd5, 0x2c, 0xd0, 0xae, 0xc3,
0xad, 0xa9, 0x60, 0x2a, 0x68, 0x7b, 0x03,
0x54, 0xc5, 0xd1, 0x71, 0xc4, 0x99, 0x48,
0x75, 0x18, 0x1e, 0xda, 0x0a, 0x8b, 0xe1,
0x2d, 0x67, 0x1f, 0xae, 0x91, 0xc0, 0x37,
0x39, 0x8c, 0x7c, 0x9e, 0x42, 0xd3, 0x6e,
0xaf, 0x7e, 0x8e, 0xa0, 0x01, 0x45, 0xc1,
0xc6, 0xef, 0xc6, 0x2e, 0x87, 0x7b, 0x5a,
0x60, 0xe0, 0xec, 0x3b, 0x76, 0x8e, 0xb3,
0x0d, 0x57, 0x86, 0xa2, 0xc9, 0x1a, 0x1b,
0x38, 0x6b, 0x75, 0x7a, 0x81, 0x8b, 0x97,
0x99, 0xa1, 0xbb, 0xd8, 0xda, 0xdf, 0xea,
0xef, 0xf0, 0xf9, 0x01, 0x08, 0x11, 0x18,
0x26, 0x36, 0x4b, 0x52, 0x56, 0x68, 0x7b,
0x98, 0xca, 0xd3, 0xd6, 0xef, 0xf6, 0x05,
0x07, 0x09, 0x10, 0x1f, 0x21, 0x28, 0x32,
0x39, 0x3a, 0x3c, 0x54, 0x77, 0x7b, 0x81,
0x99, 0xa9, 0xb0, 0xb2, 0xce, 0xe5, 0xe7,
0x1f, 0x23, 0x3f, 0x4e, 0x50, 0x5d, 0x71,
0x7a, 0x7c, 0x91, 0xa7, 0xab, 0xae, 0xd0,
0xd6, 0xe1, 0xe6, 0xf1, 0xf3, 0xfa, 0x00,
0x00, 0x13, 0x24, 0x3a, 0x4e,
};
#endif
static int test_wc_dilithium(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM)
dilithium_key* key;
byte level;
#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
!defined(WOLFSSL_DILITHIUM_NO_SIGN)
WC_RNG rng;
#endif
byte* privKey = NULL;
#ifndef WOLFSSL_DILITHIUM_NO_SIGN
word32 privKeyLen = DILITHIUM_MAX_KEY_SIZE;
#endif
byte* pubKey = NULL;
#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
word32 pubKeyLen = DILITHIUM_MAX_PUB_KEY_SIZE;
#endif
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
privKey = (byte*)XMALLOC(DILITHIUM_MAX_KEY_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(privKey);
pubKey = (byte*)XMALLOC(DILITHIUM_MAX_PUB_KEY_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(pubKey);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
!defined(WOLFSSL_DILITHIUM_NO_SIGN)
XMEMSET(&rng, 0, sizeof(WC_RNG));
#endif
#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
!defined(WOLFSSL_DILITHIUM_NO_SIGN)
ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
ExpectIntEQ(wc_dilithium_init(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_init_ex(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
wc_dilithium_free(NULL);
ExpectIntEQ(wc_dilithium_init(key), 0);
wc_dilithium_free(key);
ExpectIntEQ(wc_dilithium_init_ex(key, NULL, INVALID_DEVID), 0);
#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
ExpectIntEQ(wc_dilithium_export_public(key, pubKey, &pubKeyLen),
BAD_FUNC_ARG);
#endif
#ifndef WOLFSSL_DILITHIUM_NO_SIGN
ExpectIntEQ(wc_dilithium_export_private(key, privKey, &privKeyLen),
BAD_FUNC_ARG);
#endif
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
ExpectIntEQ(wc_dilithium_size(NULL), BAD_FUNC_ARG);
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_priv_size(NULL), BAD_FUNC_ARG);
#endif
#endif
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_pub_size(NULL), BAD_FUNC_ARG);
#endif
#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
ExpectIntEQ(wc_dilithium_sig_size(NULL), BAD_FUNC_ARG);
#endif
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
ExpectIntEQ(wc_dilithium_size(key), BAD_FUNC_ARG);
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_priv_size(key), BAD_FUNC_ARG);
#endif
#endif
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_pub_size(key), BAD_FUNC_ARG);
#endif
#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
ExpectIntEQ(wc_dilithium_sig_size(key), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wc_dilithium_set_level(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_set_level(key, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_set_level(NULL, WC_ML_DSA_44), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_set_level(key, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_set_level(key, 4), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_get_level(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_get_level(key, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_get_level(NULL, &level), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_get_level(key, &level), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_ML_DSA_87
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
ExpectIntEQ(wc_dilithium_get_level(key, &level), 0);
ExpectIntEQ(level, WC_ML_DSA_87);
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
ExpectIntEQ(wc_dilithium_size(key), DILITHIUM_LEVEL5_KEY_SIZE);
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_priv_size(key), DILITHIUM_LEVEL5_PRV_KEY_SIZE);
#endif
#endif
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_pub_size(key), DILITHIUM_LEVEL5_PUB_KEY_SIZE);
#endif
#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
ExpectIntEQ(wc_dilithium_sig_size(key), DILITHIUM_LEVEL5_SIG_SIZE);
#endif
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), NOT_COMPILED_IN);
#endif
#ifndef WOLFSSL_NO_ML_DSA_65
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
ExpectIntEQ(wc_dilithium_get_level(key, &level), 0);
ExpectIntEQ(level, WC_ML_DSA_65);
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
ExpectIntEQ(wc_dilithium_size(key), DILITHIUM_LEVEL3_KEY_SIZE);
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_priv_size(key), DILITHIUM_LEVEL3_PRV_KEY_SIZE);
#endif
#endif
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_pub_size(key), DILITHIUM_LEVEL3_PUB_KEY_SIZE);
#endif
#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
ExpectIntEQ(wc_dilithium_sig_size(key), DILITHIUM_LEVEL3_SIG_SIZE);
#endif
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), NOT_COMPILED_IN);
#endif
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
ExpectIntEQ(wc_dilithium_get_level(key, &level), 0);
ExpectIntEQ(level, WC_ML_DSA_44);
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
ExpectIntEQ(wc_dilithium_size(key), DILITHIUM_LEVEL2_KEY_SIZE);
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_priv_size(key), DILITHIUM_LEVEL2_PRV_KEY_SIZE);
#endif
#endif
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
ExpectIntEQ(wc_dilithium_pub_size(key), DILITHIUM_LEVEL2_PUB_KEY_SIZE);
#endif
#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
ExpectIntEQ(wc_dilithium_sig_size(key), DILITHIUM_LEVEL2_SIG_SIZE);
#endif
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), NOT_COMPILED_IN);
#endif
#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
ExpectIntEQ(wc_dilithium_export_public(key, pubKey, &pubKeyLen),
BAD_FUNC_ARG);
#endif
#ifndef WOLFSSL_DILITHIUM_NO_SIGN
ExpectIntEQ(wc_dilithium_export_private(key, privKey, &privKeyLen),
BAD_FUNC_ARG);
#endif
wc_dilithium_free(key);
#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
!defined(WOLFSSL_DILITHIUM_NO_SIGN)
wc_FreeRng(&rng);
#endif
XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY)
dilithium_key* key;
WC_RNG rng;
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_dilithium_init(key), 0);
ExpectIntEQ(wc_dilithium_make_key(key, &rng), BAD_STATE_E);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
#endif
ExpectIntEQ(wc_dilithium_make_key(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_make_key(key, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_make_key(NULL, &rng), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_make_key(key, &rng), 0);
wc_dilithium_free(key);
wc_FreeRng(&rng);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_sign(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_SIGN)
dilithium_key* key;
dilithium_key* importKey = NULL;
WC_RNG rng;
byte* privKey = NULL;
word32 privKeyLen = DILITHIUM_MAX_KEY_SIZE;
word32 badKeyLen;
byte msg[32];
byte* sig = NULL;
word32 sigLen = DILITHIUM_MAX_SIG_SIZE;
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
importKey = (dilithium_key*)XMALLOC(sizeof(*key), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(importKey);
privKey = (byte*)XMALLOC(DILITHIUM_MAX_KEY_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(privKey);
sig = (byte*)XMALLOC(DILITHIUM_MAX_SIG_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(sig);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
if (importKey != NULL) {
XMEMSET(importKey, 0, sizeof(*importKey));
}
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(msg, 0x55, sizeof(msg));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_dilithium_init(key), 0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
#endif
#ifdef WOLFSSL_DILITHIUM_NO_MAKE_KEY
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_import_private(bench_dilithium_level2_key,
sizeof_bench_dilithium_level2_key, key), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_import_private(bench_dilithium_level3_key,
sizeof_bench_dilithium_level3_key, key), 0);
#else
ExpectIntEQ(wc_dilithium_import_private(bench_dilithium_level5_key,
sizeof_bench_dilithium_level5_key, key), 0);
#endif
#else
ExpectIntEQ(wc_dilithium_make_key(key, &rng), 0);
#endif
ExpectIntEQ(wc_dilithium_sign_msg(NULL, 32, NULL, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, NULL, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(NULL, 32, sig, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(NULL, 32, NULL, &sigLen, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(NULL, 32, NULL, NULL, key, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(NULL, 32, NULL, NULL, NULL, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(NULL, 32, sig, &sigLen, key, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, NULL, &sigLen, key, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, sig, NULL, key, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, sig, &sigLen, NULL, &rng),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, sig, &sigLen, key, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, sig, &sigLen, key, &rng), 0);
ExpectIntEQ(wc_dilithium_export_private(NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_private(key, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_private(NULL, privKey, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_private(NULL, NULL, &privKeyLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_private(NULL, privKey, &privKeyLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_private(key, NULL, &privKeyLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_private(key, privKey, NULL),
BAD_FUNC_ARG);
badKeyLen = 0;
ExpectIntEQ(wc_dilithium_export_private(key, privKey, &badKeyLen),
BUFFER_E);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(badKeyLen, DILITHIUM_LEVEL2_KEY_SIZE);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(badKeyLen, DILITHIUM_LEVEL3_KEY_SIZE);
#else
ExpectIntEQ(badKeyLen, DILITHIUM_LEVEL5_KEY_SIZE);
#endif
ExpectIntEQ(wc_dilithium_export_private(key, privKey, &privKeyLen),
0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(privKeyLen, DILITHIUM_LEVEL2_KEY_SIZE);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(privKeyLen, DILITHIUM_LEVEL3_KEY_SIZE);
#else
ExpectIntEQ(privKeyLen, DILITHIUM_LEVEL5_KEY_SIZE);
#endif
ExpectIntEQ(wc_dilithium_init(importKey), 0);
ExpectIntEQ(wc_dilithium_import_private(privKey, privKeyLen, importKey),
BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(importKey, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(importKey, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(importKey, WC_ML_DSA_87), 0);
#endif
ExpectIntEQ(wc_dilithium_import_private(NULL, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(privKey, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(NULL, privKeyLen, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(NULL, 0, importKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(NULL, privKeyLen, importKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(privKey, 0, importKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(privKey, privKeyLen, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_private(privKey, privKeyLen, importKey),
0);
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, sig, &sigLen, key, &rng), 0);
#ifdef WOLFSSL_DILITHIUM_CHECK_KEY
ExpectIntEQ(wc_dilithium_check_key(importKey), PUBLIC_KEY_E);
#endif
wc_dilithium_free(importKey);
wc_dilithium_free(key);
wc_FreeRng(&rng);
XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(importKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_verify(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
(!defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_DILITHIUM_NO_SIGN))
dilithium_key* key;
dilithium_key* importKey = NULL;
WC_RNG rng;
byte* pubKey = NULL;
word32 pubKeyLen = DILITHIUM_MAX_PUB_KEY_SIZE;
word32 badKeyLen;
byte msg[32];
byte* sig = NULL;
word32 sigLen = DILITHIUM_MAX_SIG_SIZE;
int res;
#ifndef WOLFSSL_NO_ML_DSA_44
byte b;
#endif
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
importKey = (dilithium_key*)XMALLOC(sizeof(*key), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(importKey);
pubKey = (byte*)XMALLOC(DILITHIUM_MAX_PUB_KEY_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(pubKey);
sig = (byte*)XMALLOC(DILITHIUM_MAX_SIG_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(sig);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
if (importKey != NULL) {
XMEMSET(importKey, 0, sizeof(*importKey));
}
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(msg, 0x55, sizeof(msg));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_dilithium_init(key), 0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
#endif
#if !defined(WOLFSSL_NO_ML_DSA_44)
ExpectIntEQ(wc_dilithium_import_public(ml_dsa_44_pub_key,
(word32)sizeof(ml_dsa_44_pub_key), key), 0);
if (sig != NULL) {
XMEMCPY(sig, ml_dsa_44_good_sig, sizeof(ml_dsa_44_good_sig));
}
sigLen = (word32)sizeof(ml_dsa_44_good_sig);
#else
#ifdef WOLFSSL_DILITHIUM_NO_MAKE_KEY
#ifndef WOLFSSL_NO_ML_DSA_65
ExpectIntEQ(wc_dilithium_import_public(bench_dilithium_level3_pub_key,
sizeof_bench_dilithium_level3_pub_key, key), 0);
#else
ExpectIntEQ(wc_dilithium_import_public(bench_dilithium_level5_pub_key,
sizeof_bench_dilithium_level5_pub_key, key), 0);
#endif /* !WOLFSSL_NO_ML_DSA_65 */
#else
ExpectIntEQ(wc_dilithium_make_key(key, &rng), 0);
#endif /* WOLFSSL_DILITHIUM_NO_MAKE_KEY */
ExpectIntEQ(wc_dilithium_sign_msg(msg, 32, sig, &sigLen, key, &rng), 0);
#endif /* !WOLFSSL_NO_ML_DSA_44 */
ExpectIntEQ(wc_dilithium_export_public(NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_public(key, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_public(NULL, pubKey, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_public(NULL, NULL, &pubKeyLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_public(NULL, pubKey, &pubKeyLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_public(key, NULL, &pubKeyLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_public(key, pubKey, NULL),
BAD_FUNC_ARG);
badKeyLen = 0;
ExpectIntEQ(wc_dilithium_export_public(key, pubKey, &badKeyLen),
BUFFER_E);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(badKeyLen, DILITHIUM_LEVEL2_PUB_KEY_SIZE);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(badKeyLen, DILITHIUM_LEVEL3_PUB_KEY_SIZE);
#else
ExpectIntEQ(badKeyLen, DILITHIUM_LEVEL5_PUB_KEY_SIZE);
#endif
ExpectIntEQ(wc_dilithium_export_public(key, pubKey, &pubKeyLen), 0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(pubKeyLen, DILITHIUM_LEVEL2_PUB_KEY_SIZE);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(pubKeyLen, DILITHIUM_LEVEL3_PUB_KEY_SIZE);
#else
ExpectIntEQ(pubKeyLen, DILITHIUM_LEVEL5_PUB_KEY_SIZE);
#endif
ExpectIntEQ(wc_dilithium_verify_msg(NULL, 0, NULL, 32, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(sig, 0, NULL, 32, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(NULL, 0, msg, 32, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(NULL, 0, NULL, 32, &res, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(NULL, 0, NULL, 32, NULL, key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(NULL, sigLen, msg, 32, &res, key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(sig, 0, msg, 32, &res, key),
BUFFER_E);
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, NULL, 32, &res, key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, NULL, key),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, NULL),
BAD_FUNC_ARG);
res = 0;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key), 0);
ExpectIntEQ(res, 1);
ExpectIntEQ(wc_dilithium_init(importKey), 0);
ExpectIntEQ(wc_dilithium_import_public(pubKey, pubKeyLen, importKey),
BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(importKey, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(importKey, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(importKey, WC_ML_DSA_87), 0);
#endif
ExpectIntEQ(wc_dilithium_import_public(NULL, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(pubKey, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(NULL, pubKeyLen, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(NULL, 0, importKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(NULL, pubKeyLen, importKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(pubKey, 0, importKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(pubKey, pubKeyLen, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_public(pubKey, pubKeyLen, importKey), 0);
res = 0;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, importKey),
0);
ExpectIntEQ(res, 1);
#ifdef WOLFSSL_DILITHIUM_CHECK_KEY
ExpectIntEQ(wc_dilithium_check_key(importKey), BAD_FUNC_ARG);
#endif
wc_dilithium_free(importKey);
#ifndef WOLFSSL_NO_ML_DSA_44
if (sig != NULL) {
if (sig[sigLen - 5] == 0) {
/* Unused hints meant to be 0. */
sig[sigLen - 5] = 0xff;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res,
key), SIG_VERIFY_E);
ExpectIntEQ(res, 0);
sig[sigLen - 5] = 0x00;
}
/* Last count of hints must be less than PARAMS_ML_DSA_44_OMEGA == 80 */
b = sig[sigLen - 1];
sig[sigLen - 1] = 0xff;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
SIG_VERIFY_E);
ExpectIntEQ(res, 0);
sig[sigLen - 1] = b;
if (sig[sigLen - 4] > 1) {
/* Index must be less than previous. */
b = sig[sigLen - 84];
sig[sigLen - 84] = 0xff;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res,
key), SIG_VERIFY_E);
ExpectIntEQ(res, 0);
sig[sigLen - 84] = b;
}
/* Mess up commit hash. */
sig[0] ^= 0x80;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
0);
ExpectIntEQ(res, 0);
sig[0] ^= 0x80;
/* Mess up z. */
sig[100] ^= 0x80;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
0);
ExpectIntEQ(res, 0);
sig[100] ^= 0x80;
}
#endif
wc_dilithium_free(key);
wc_FreeRng(&rng);
XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(importKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_check_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
defined(WOLFSSL_DILITHIUM_CHECK_KEY) && \
!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY)
dilithium_key* checkKey;
WC_RNG rng;
byte* privCheckKey = NULL;
word32 privCheckKeyLen = DILITHIUM_MAX_KEY_SIZE;
byte* pubCheckKey = NULL;
word32 pubCheckKeyLen = DILITHIUM_MAX_PUB_KEY_SIZE;
checkKey = (dilithium_key*)XMALLOC(sizeof(*checkKey), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(checkKey);
privCheckKey = (byte*)XMALLOC(DILITHIUM_MAX_KEY_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(privCheckKey);
pubCheckKey = (byte*)XMALLOC(DILITHIUM_MAX_PUB_KEY_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(pubCheckKey);
if (checkKey != NULL) {
XMEMSET(checkKey, 0, sizeof(*checkKey));
}
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_dilithium_check_key(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_init(checkKey), 0);
ExpectIntEQ(wc_dilithium_export_key(NULL, privCheckKey,
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, privCheckKey,
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(checkKey, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(checkKey, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(checkKey, WC_ML_DSA_87), 0);
#endif
ExpectIntEQ(wc_dilithium_make_key(checkKey, &rng), 0);
ExpectIntEQ(wc_dilithium_export_key(NULL, NULL, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, NULL, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(NULL, privCheckKey, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(NULL, NULL, &privCheckKeyLen, NULL,
NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(NULL, NULL, NULL, pubCheckKey, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(NULL, NULL, NULL, NULL,
&pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(NULL , privCheckKey,
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, NULL ,
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, privCheckKey,
NULL , pubCheckKey, &pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, privCheckKey,
&privCheckKeyLen, NULL , &pubCheckKeyLen), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, privCheckKey,
&privCheckKeyLen, pubCheckKey, NULL ), BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_export_key(checkKey, privCheckKey,
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), 0);
/* Modify hash. */
if (pubCheckKey != NULL) {
pubCheckKey[0] ^= 0x80;
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, 0, NULL, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, pubCheckKey, 0, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, checkKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(NULL ,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
0 , pubCheckKey, pubCheckKeyLen, checkKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, NULL , pubCheckKeyLen, checkKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, 0 , checkKey),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, NULL ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey), 0);
ExpectIntEQ(wc_dilithium_check_key(checkKey), PUBLIC_KEY_E);
pubCheckKey[0] ^= 0x80;
/* Modify encoded t1. */
pubCheckKey[48] ^= 0x80;
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen,pubCheckKey, pubCheckKeyLen, checkKey), 0);
ExpectIntEQ(wc_dilithium_check_key(checkKey), PUBLIC_KEY_E);
pubCheckKey[48] ^= 0x80;
}
wc_dilithium_free(checkKey);
wc_FreeRng(&rng);
XFREE(pubCheckKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(privCheckKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(checkKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
defined(WOLFSSL_DILITHIUM_PUBLIC_KEY)
static const unsigned char dilithium_public_der[] = {
#ifndef WOLFSSL_NO_ML_DSA_44
0x30, 0x82, 0x05, 0x34, 0x30, 0x0d, 0x06, 0x0b,
0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b,
0x0c, 0x04, 0x04, 0x03, 0x82, 0x05, 0x21, 0x00,
0x0a, 0xf7, 0xc8, 0xa4, 0x96, 0x01, 0xa7, 0xb2,
0x2e, 0x4d, 0xc9, 0xd9, 0x1c, 0xa1, 0x86, 0x09,
0xce, 0x14, 0x6f, 0xe8, 0x33, 0x3c, 0x7b, 0xdb,
0x19, 0x9c, 0x56, 0x39, 0x6a, 0x6c, 0x5d, 0x1f,
0xe4, 0x26, 0xcb, 0x16, 0x91, 0x4d, 0xeb, 0x5a,
0x36, 0x22, 0xee, 0xda, 0xdf, 0x46, 0x3e, 0xa1,
0x4f, 0x9a, 0x30, 0xb5, 0x3f, 0x60, 0xf7, 0x75,
0x47, 0xdc, 0x55, 0xf1, 0xbe, 0xbc, 0x87, 0x6c,
0x50, 0x7c, 0x21, 0x55, 0x35, 0xad, 0xa7, 0xf9,
0x1c, 0xf8, 0xa1, 0x92, 0x79, 0x10, 0x52, 0x7a,
0xc3, 0xba, 0xd3, 0x9d, 0xc6, 0x9b, 0xf4, 0xcb,
0x1b, 0xa2, 0xde, 0x83, 0x86, 0xa6, 0x35, 0xea,
0xf2, 0x8c, 0xdc, 0xba, 0x3e, 0xef, 0x9c, 0xf5,
0x8e, 0xc3, 0xb0, 0xc0, 0x5b, 0xcc, 0x35, 0x6a,
0x81, 0xe5, 0x17, 0xb3, 0x9a, 0x57, 0xa6, 0x4a,
0x87, 0xb1, 0xa7, 0xf5, 0xa2, 0x96, 0x40, 0x8b,
0xc1, 0x62, 0xb2, 0xd9, 0x76, 0xe8, 0x51, 0x33,
0x44, 0x3d, 0xeb, 0x14, 0x86, 0x88, 0x2c, 0xc1,
0x47, 0xba, 0x2b, 0x85, 0x3b, 0x72, 0xcb, 0x9f,
0x40, 0xba, 0x19, 0x58, 0xa4, 0x34, 0x0a, 0xd2,
0x8c, 0x97, 0xbd, 0x3d, 0x09, 0xb0, 0x4a, 0xeb,
0xaa, 0xee, 0x58, 0x1e, 0xc1, 0x19, 0x26, 0x70,
0x15, 0xa5, 0x17, 0x7e, 0xd0, 0xa1, 0x08, 0xf9,
0x6d, 0xcf, 0x20, 0x62, 0x95, 0x8e, 0x61, 0xf4,
0x29, 0x96, 0x6f, 0x38, 0x1c, 0x67, 0xd5, 0xa6,
0x4c, 0xf5, 0x1f, 0xda, 0x12, 0x22, 0x24, 0x6b,
0x0d, 0xb7, 0x6a, 0xe5, 0xaf, 0x6c, 0x89, 0x52,
0xc2, 0x85, 0x85, 0x5f, 0x16, 0x33, 0x0c, 0xc6,
0x7a, 0xe0, 0xa8, 0xed, 0x13, 0x58, 0xf3, 0xa0,
0x80, 0x42, 0x3c, 0xe3, 0x57, 0xd1, 0xe2, 0x66,
0xc4, 0xe0, 0x3d, 0x49, 0x32, 0x21, 0xd9, 0xa1,
0x3c, 0x93, 0x0a, 0xf7, 0x5f, 0x34, 0x65, 0xa4,
0x30, 0xf9, 0xe7, 0x8a, 0x96, 0x04, 0xdb, 0xc5,
0x16, 0x15, 0x10, 0x74, 0x4f, 0xc9, 0x6b, 0x4b,
0x66, 0x29, 0xb0, 0xd1, 0x3b, 0xdd, 0x41, 0x0a,
0xfe, 0xdf, 0x5f, 0x72, 0x91, 0xbc, 0x99, 0x2f,
0x8d, 0x72, 0x3a, 0x4a, 0xde, 0x11, 0x3a, 0x20,
0xb2, 0x56, 0xb5, 0x73, 0x89, 0xb4, 0x63, 0x37,
0x86, 0xbd, 0x99, 0x8b, 0x03, 0x56, 0x50, 0x21,
0x11, 0x78, 0x8c, 0xd5, 0xc1, 0x92, 0x33, 0x72,
0x6e, 0x8d, 0x88, 0x2d, 0x10, 0x8f, 0x31, 0xd3,
0x23, 0xe5, 0xaa, 0x1f, 0xe1, 0x37, 0xec, 0x34,
0x42, 0x30, 0x75, 0xff, 0xb2, 0x1a, 0x8e, 0x29,
0x03, 0x4c, 0xfd, 0xdf, 0x53, 0xf2, 0x0b, 0x2d,
0xf9, 0x1c, 0x9e, 0xb6, 0x5a, 0x6c, 0x5e, 0x88,
0x48, 0x29, 0x89, 0x42, 0xfc, 0x97, 0xfb, 0x27,
0x1c, 0x99, 0x2a, 0xbf, 0x7f, 0x04, 0xb2, 0xcd,
0xc9, 0x3a, 0x39, 0xfe, 0x4f, 0x47, 0x92, 0x0b,
0x85, 0xfc, 0x92, 0x57, 0xc5, 0x0b, 0x23, 0x1f,
0x0b, 0x72, 0xb4, 0xde, 0xfe, 0xbe, 0xb7, 0x39,
0xb3, 0xd7, 0x48, 0x03, 0xed, 0x76, 0xac, 0x63,
0xf7, 0x2a, 0x58, 0xef, 0xdb, 0x63, 0x5a, 0x56,
0x68, 0xcc, 0xb2, 0x8b, 0x22, 0xac, 0xdf, 0xc4,
0xad, 0x6f, 0xad, 0x24, 0xfd, 0x30, 0xfb, 0xed,
0x6e, 0xde, 0x65, 0x2b, 0xb4, 0x57, 0x35, 0x49,
0xc1, 0xc9, 0x82, 0xf4, 0x72, 0x69, 0xef, 0x34,
0xc0, 0x37, 0x8b, 0x8b, 0xd3, 0xd3, 0x25, 0xcc,
0xe5, 0xf5, 0xf6, 0x9c, 0xa3, 0xe7, 0x88, 0xd7,
0x55, 0x73, 0x31, 0x4c, 0xb1, 0x7b, 0x64, 0xb3,
0x38, 0xde, 0x47, 0x9a, 0xfc, 0xf1, 0xfa, 0xf8,
0x6e, 0xc5, 0x95, 0xb9, 0xaf, 0x6a, 0x7a, 0x94,
0x80, 0x0d, 0x29, 0x62, 0x99, 0x0a, 0x34, 0xa2,
0x8f, 0xa1, 0x5e, 0x98, 0x7c, 0x4e, 0x18, 0xcd,
0x63, 0x68, 0x0e, 0xfa, 0x6f, 0x49, 0x01, 0x02,
0xcd, 0xf1, 0xc1, 0x09, 0x57, 0xa3, 0x03, 0xec,
0x94, 0x36, 0xab, 0xc6, 0x1c, 0xc0, 0x98, 0x22,
0x15, 0x5b, 0x5b, 0x61, 0x3c, 0xc2, 0x5b, 0x6f,
0x1c, 0x82, 0x41, 0x39, 0x87, 0xde, 0x92, 0xa9,
0xe4, 0x12, 0x74, 0x3b, 0x31, 0x36, 0xac, 0x92,
0xb0, 0x23, 0x26, 0xfa, 0xd8, 0xa3, 0xe8, 0x84,
0xfc, 0x52, 0xc5, 0x7b, 0xd1, 0x4b, 0xe2, 0x1a,
0x33, 0xdd, 0x3c, 0xdf, 0x27, 0x50, 0x6f, 0x12,
0xd3, 0x17, 0x66, 0xd7, 0x54, 0x33, 0x30, 0x2b,
0xe8, 0xd1, 0x1f, 0x2d, 0xf3, 0x37, 0x81, 0xa0,
0x3c, 0x21, 0x8c, 0xea, 0x95, 0xa5, 0x5b, 0x3a,
0x24, 0xed, 0xf7, 0x67, 0x7b, 0x72, 0x3a, 0xda,
0x31, 0xbd, 0xa7, 0x63, 0xa6, 0x6f, 0xf9, 0xdf,
0x06, 0x36, 0xb4, 0xe2, 0x35, 0x4b, 0xa5, 0x8e,
0x29, 0x8e, 0x6c, 0x02, 0xc5, 0x06, 0x9b, 0x98,
0x6e, 0x5e, 0x00, 0x6a, 0x42, 0x09, 0x4b, 0xc3,
0x09, 0x37, 0x67, 0x19, 0x58, 0x6d, 0x40, 0x50,
0xb0, 0x62, 0x5b, 0xd6, 0x63, 0x7f, 0xed, 0xb0,
0x97, 0x80, 0x9e, 0x91, 0x3f, 0x82, 0xfd, 0x83,
0x36, 0xce, 0x06, 0xc4, 0xdc, 0xa4, 0x1e, 0x70,
0xd4, 0x94, 0xfc, 0x6e, 0x46, 0xa3, 0xc8, 0xed,
0x34, 0x0a, 0xb1, 0x9a, 0x66, 0x5d, 0xc0, 0xce,
0x73, 0xd3, 0x65, 0xcb, 0xfb, 0x79, 0xdd, 0xf6,
0x19, 0xf6, 0xd8, 0xa9, 0xe6, 0x34, 0x15, 0x86,
0x7a, 0x30, 0x79, 0xde, 0x2b, 0x06, 0xa4, 0xc0,
0xc8, 0xa2, 0xc1, 0x41, 0xb3, 0x4c, 0xf6, 0xdb,
0x16, 0xcd, 0xd2, 0x8b, 0xf1, 0x18, 0x5a, 0xc8,
0x3e, 0xd9, 0x54, 0x40, 0xd4, 0xce, 0x88, 0xbb,
0x66, 0xf1, 0x74, 0x20, 0xa2, 0x3c, 0x31, 0x09,
0xba, 0xac, 0x61, 0x15, 0x9f, 0x73, 0x5f, 0xa7,
0xe5, 0x0d, 0xb3, 0xab, 0xa2, 0x72, 0x25, 0xc9,
0x87, 0x9b, 0x18, 0xdb, 0xff, 0xfb, 0x39, 0x84,
0x8d, 0xf8, 0x97, 0x47, 0xab, 0xc4, 0xfb, 0xc2,
0xd8, 0xe8, 0xce, 0x6e, 0x65, 0x76, 0x88, 0x4a,
0x22, 0x2f, 0xdd, 0x43, 0xa7, 0xc4, 0x8d, 0x32,
0x12, 0x75, 0x0b, 0x72, 0xd6, 0xb7, 0x43, 0x84,
0xc8, 0x59, 0xa8, 0xb7, 0x8b, 0x84, 0x33, 0x92,
0x8f, 0x94, 0xe8, 0xd0, 0xaf, 0x11, 0x35, 0xde,
0xb7, 0x63, 0xb8, 0x91, 0x4c, 0x96, 0x4e, 0x9c,
0x62, 0x28, 0xa2, 0xbc, 0x0b, 0x90, 0xae, 0x94,
0x90, 0xe9, 0x32, 0xeb, 0xe3, 0x77, 0x60, 0x5f,
0x87, 0x48, 0x4b, 0xb0, 0x78, 0x0e, 0xe2, 0x85,
0x47, 0x06, 0xa4, 0xc9, 0x26, 0xac, 0x8f, 0xe7,
0xc2, 0xc7, 0xce, 0xf5, 0xd1, 0x20, 0xa8, 0x56,
0xe1, 0x4f, 0x50, 0x90, 0xb3, 0xc1, 0x03, 0x57,
0xd3, 0x62, 0x0e, 0x2a, 0xe8, 0x86, 0xf4, 0x94,
0x0e, 0xa5, 0x8b, 0x4e, 0x73, 0xa2, 0x76, 0xac,
0x00, 0x29, 0xe5, 0x80, 0x26, 0x02, 0x13, 0xd1,
0xb2, 0x68, 0x72, 0x23, 0x38, 0x55, 0xfc, 0x4d,
0x05, 0x60, 0x49, 0x7b, 0xfb, 0xaa, 0x17, 0x8f,
0x26, 0x0a, 0x08, 0x33, 0x8d, 0x7f, 0x4e, 0xe5,
0x6e, 0xf8, 0x84, 0x9b, 0x9f, 0xcb, 0xa2, 0x2b,
0xfb, 0xaf, 0xad, 0x21, 0xe2, 0x4f, 0x6f, 0x55,
0xc1, 0x78, 0x46, 0xe3, 0xb5, 0x63, 0x06, 0x9b,
0x93, 0x7d, 0xac, 0xd4, 0xe0, 0x64, 0x01, 0x8d,
0xac, 0x30, 0x8b, 0x8b, 0x55, 0xb7, 0x8a, 0x16,
0x3f, 0xc9, 0x82, 0x7f, 0xb5, 0x3b, 0x0d, 0xc0,
0x46, 0x89, 0x5c, 0x6c, 0x45, 0x21, 0x78, 0xda,
0x84, 0x1f, 0xc8, 0xcf, 0xf1, 0x1e, 0x79, 0x71,
0x3b, 0xc8, 0xe2, 0x8b, 0x41, 0xfe, 0xaf, 0x2f,
0x3b, 0x23, 0x13, 0xc5, 0x46, 0x87, 0xc6, 0x24,
0x37, 0x21, 0x68, 0x8a, 0x3e, 0x45, 0x61, 0xf4,
0xad, 0xf5, 0x1c, 0x23, 0x45, 0xa3, 0x42, 0xf2,
0xa9, 0xac, 0x94, 0x50, 0xc9, 0x3d, 0x5e, 0x70,
0x33, 0x2b, 0x78, 0xd1, 0x5c, 0x13, 0x35, 0xe6,
0x13, 0x80, 0x5e, 0x55, 0xa7, 0xcc, 0x67, 0xb0,
0x6c, 0xfe, 0xa2, 0x24, 0x02, 0x6d, 0xb3, 0xcb,
0x9e, 0x94, 0xb3, 0xc6, 0x01, 0xf3, 0x01, 0x3a,
0xe4, 0xa7, 0xa3, 0xdf, 0x56, 0x4c, 0x30, 0xce,
0xb1, 0xd5, 0x1b, 0x68, 0x9b, 0x75, 0xae, 0xf4,
0xb9, 0x2a, 0xe5, 0x8b, 0x7b, 0xe5, 0x99, 0x46,
0x5f, 0x29, 0xf6, 0x82, 0xd0, 0x42, 0xb1, 0x45,
0x09, 0x16, 0x5b, 0x32, 0x11, 0xca, 0x48, 0xea,
0x51, 0x12, 0x0a, 0x9f, 0x6e, 0x3f, 0x74, 0xe6,
0xe0, 0xfe, 0xf8, 0xa5, 0xc0, 0xfd, 0x15, 0x6e,
0x2b, 0x4a, 0xd5, 0x76, 0xa8, 0x3d, 0xe3, 0x0d,
0xfe, 0x44, 0x11, 0x5e, 0x7a, 0xde, 0x12, 0x29,
0x5a, 0x5a, 0x25, 0xc0, 0x8e, 0x98, 0xd1, 0x11,
0xc8, 0x00, 0x65, 0xb2, 0xf4, 0xd7, 0x56, 0x32,
0x46, 0x2b, 0x4f, 0x7e, 0xc3, 0x4e, 0xf1, 0x17,
0xff, 0x03, 0x32, 0xae, 0xe3, 0xbe, 0x0b, 0xab,
0xfb, 0x43, 0x0f, 0x6d, 0xa5, 0xc6, 0x44, 0xba,
0xc9, 0xe3, 0x3d, 0x40, 0xe7, 0x6c, 0xe8, 0x21,
0xb2, 0x46, 0x7b, 0x3b, 0x3d, 0xde, 0x80, 0xc8,
0xea, 0xf4, 0x6b, 0xf3, 0x53, 0xca, 0x51, 0x84,
0xcf, 0xad, 0x7e, 0xce, 0xce, 0xc2, 0x65, 0xfc,
0x03, 0x8c, 0xcb, 0xfa, 0xcb, 0x37, 0x89, 0x82,
0x59, 0x5e, 0x36, 0x52, 0xe4, 0xbc, 0x8d, 0x47,
0x7c, 0xb8, 0x3f, 0x63, 0x59, 0xdc, 0xd3, 0x74,
0x11, 0x33, 0xb4, 0x69, 0x74, 0x40, 0x0d, 0x42,
0x63, 0x1d, 0xe6, 0x5c, 0x1b, 0xca, 0x41, 0xff,
0x23, 0x4e, 0xe8, 0x3d, 0x14, 0xa8, 0x17, 0x18,
0xd0, 0x78, 0x08, 0x87, 0x7d, 0x5e, 0xdc, 0x3a,
0x07, 0xba, 0x12, 0x8e, 0x8e, 0x56, 0x0a, 0xcb,
0x37, 0xf6, 0x54, 0xeb, 0x55, 0x16, 0x8f, 0x06,
0x15, 0x28, 0x6b, 0xfb, 0xed, 0x38, 0x9e, 0x9b,
0x98, 0x5b, 0xdc, 0x67, 0x33, 0x0e, 0x02, 0x36,
0x1b, 0x7a, 0x9a, 0x43, 0xcd, 0xf2, 0x65, 0xef,
0x37, 0x19, 0x24, 0x6f, 0x4b, 0xb9, 0x4d, 0x3e,
0x0b, 0x47, 0xd1, 0x67, 0x50, 0x6a, 0x7f, 0x07
#elif !defined(WOLFSSL_NO_ML_DSA_65)
0x30, 0x82, 0x07, 0xb4, 0x30, 0x0d, 0x06, 0x0b,
0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b,
0x0c, 0x06, 0x05, 0x03, 0x82, 0x07, 0xa1, 0x00,
0xff, 0x89, 0xee, 0xad, 0x20, 0x8f, 0x61, 0xa4,
0x07, 0x1c, 0x54, 0x98, 0x8c, 0xf4, 0x2e, 0xd9,
0xe6, 0x0f, 0xcb, 0x0e, 0xab, 0xa1, 0x37, 0x4d,
0xc0, 0x48, 0x24, 0x78, 0xd6, 0x2d, 0x9b, 0x6f,
0x0f, 0x17, 0x08, 0x71, 0xc3, 0xd1, 0xc8, 0x7a,
0xe7, 0x32, 0xcb, 0xcd, 0xd6, 0xb5, 0x90, 0x08,
0xe1, 0xda, 0xaa, 0x89, 0x3e, 0x4a, 0x62, 0x98,
0x3d, 0xc6, 0x71, 0x30, 0xb4, 0x63, 0xa5, 0x3b,
0xb3, 0x69, 0x75, 0x10, 0xaf, 0x5e, 0x72, 0x78,
0xa2, 0xef, 0x63, 0x63, 0x21, 0xe7, 0xf4, 0xa7,
0x9c, 0x50, 0x74, 0x14, 0x3e, 0xdd, 0x73, 0x9e,
0x97, 0x65, 0xdd, 0xdf, 0x3c, 0x40, 0x4d, 0x03,
0x49, 0xe4, 0xbf, 0x65, 0xe7, 0x44, 0x8f, 0x59,
0x00, 0xe2, 0x98, 0xb5, 0x66, 0xa3, 0x3b, 0x11,
0x9f, 0xc7, 0xc2, 0x16, 0x61, 0xf0, 0x1e, 0x89,
0xc8, 0x96, 0x8d, 0x18, 0xac, 0x86, 0xa0, 0xe2,
0xd9, 0x8c, 0xef, 0x53, 0x6d, 0x4e, 0x74, 0xc9,
0x66, 0x28, 0x16, 0xf3, 0x62, 0xc4, 0x6f, 0x2b,
0x6e, 0x36, 0x03, 0xad, 0xc5, 0xe4, 0x8f, 0x0b,
0x90, 0x8c, 0x8f, 0xff, 0x5d, 0xdf, 0x7a, 0xe6,
0xaf, 0x9a, 0x43, 0xbc, 0xd4, 0x73, 0x22, 0xdc,
0x5f, 0x08, 0xa1, 0x17, 0x97, 0x89, 0x79, 0xf5,
0xdc, 0xed, 0x4f, 0x85, 0x8e, 0x0c, 0x23, 0x35,
0x3c, 0x34, 0x19, 0x65, 0xf5, 0xd6, 0xc9, 0x2d,
0x7a, 0x2e, 0x67, 0xd5, 0xf1, 0x82, 0x97, 0xaa,
0x05, 0x26, 0x84, 0x25, 0x47, 0x58, 0x2c, 0xe6,
0x59, 0xc7, 0x98, 0x7a, 0xdb, 0x40, 0x45, 0x1c,
0x71, 0x55, 0x2e, 0xea, 0x3f, 0x6e, 0x7c, 0x82,
0x52, 0x6a, 0x19, 0x3a, 0xd3, 0xa1, 0x3c, 0xce,
0x00, 0x06, 0xec, 0xed, 0x97, 0xce, 0xd8, 0xdf,
0xde, 0xa3, 0xed, 0xe7, 0x81, 0x62, 0x02, 0x9c,
0x1b, 0x51, 0xa1, 0xf4, 0x9d, 0x1b, 0x28, 0x76,
0x93, 0x96, 0x20, 0x55, 0x60, 0x1f, 0xaf, 0x52,
0xc3, 0xce, 0xb9, 0x12, 0x66, 0xf5, 0x64, 0x22,
0x87, 0x86, 0x29, 0x80, 0x8f, 0x18, 0x33, 0xba,
0x48, 0x71, 0x1d, 0x00, 0xfe, 0xa5, 0xfc, 0xc6,
0x87, 0xbe, 0x44, 0x3c, 0xc9, 0x49, 0xfb, 0x68,
0x3c, 0xdf, 0xca, 0xef, 0xa7, 0xdc, 0x67, 0xb8,
0x28, 0xd6, 0xad, 0x18, 0xaf, 0xad, 0x1f, 0x4c,
0x85, 0xa3, 0x64, 0xac, 0x3f, 0xa9, 0x39, 0x28,
0xef, 0x8a, 0x45, 0x7e, 0xb0, 0xf4, 0x89, 0x72,
0xf7, 0xb1, 0xef, 0x9d, 0x1c, 0x3c, 0x93, 0xcb,
0xa0, 0xfb, 0x2a, 0x90, 0xe2, 0x1d, 0x49, 0x8e,
0x36, 0xb8, 0x07, 0xf4, 0xb3, 0x09, 0xf0, 0x6f,
0x3c, 0xd9, 0x37, 0x19, 0x57, 0xd4, 0x1e, 0x2a,
0xa2, 0xa7, 0x2e, 0xc1, 0xcd, 0x8d, 0x48, 0x47,
0xb5, 0x8a, 0x12, 0x93, 0x34, 0xb8, 0xec, 0x32,
0x07, 0x49, 0xb6, 0x8d, 0x73, 0xd4, 0x2c, 0x6a,
0xa0, 0x33, 0x29, 0x21, 0x5d, 0x37, 0xa9, 0x39,
0x40, 0xbe, 0x71, 0x29, 0xbe, 0xd1, 0x4b, 0xbc,
0x9a, 0x17, 0x93, 0x52, 0xb8, 0x81, 0xee, 0xc5,
0xff, 0x25, 0x78, 0x2f, 0x52, 0x0a, 0x8f, 0xb2,
0xef, 0xf3, 0x1d, 0x68, 0x56, 0x31, 0x29, 0x84,
0x55, 0x47, 0x32, 0x34, 0x0f, 0x60, 0x07, 0xd6,
0x2b, 0xb9, 0x29, 0xaf, 0x0f, 0xcd, 0x1c, 0xc0,
0x77, 0x4c, 0xc6, 0x31, 0xdb, 0xf4, 0x17, 0xbe,
0x3d, 0xf8, 0x8c, 0xf1, 0x02, 0x7c, 0x6b, 0xd4,
0xaf, 0x03, 0xb2, 0xf4, 0x78, 0x8d, 0xd3, 0x4e,
0x5c, 0x04, 0xb9, 0x01, 0xe3, 0x73, 0xb4, 0x67,
0xe9, 0xa8, 0x77, 0x6f, 0x87, 0x2b, 0xe2, 0x00,
0x98, 0x5f, 0x02, 0x43, 0x85, 0x03, 0x4c, 0x71,
0xd2, 0xe7, 0x61, 0x03, 0x22, 0x9e, 0xe5, 0xc2,
0xa7, 0x66, 0x42, 0x7c, 0x9f, 0xf4, 0xb8, 0x6b,
0x2d, 0xe4, 0xaa, 0x51, 0xda, 0x08, 0x73, 0x75,
0x26, 0x45, 0xdc, 0xa6, 0x20, 0xd7, 0xcb, 0x00,
0xfc, 0xe4, 0xdb, 0x28, 0x92, 0xf8, 0xb0, 0xc7,
0xf0, 0x4b, 0x6d, 0xe8, 0xc1, 0x84, 0x38, 0xed,
0x1a, 0xd4, 0x66, 0x69, 0xc4, 0x96, 0x40, 0xc4,
0x7d, 0xfa, 0x58, 0x70, 0x7e, 0x70, 0x40, 0xba,
0xfc, 0x95, 0xb6, 0x4c, 0x7c, 0x58, 0xbc, 0xb3,
0x59, 0x08, 0x14, 0x03, 0x35, 0xf3, 0xf1, 0xaa,
0xd5, 0xa2, 0x57, 0x70, 0xb6, 0x20, 0x75, 0x0a,
0x58, 0x66, 0x74, 0xf7, 0x1c, 0xfd, 0x99, 0x7c,
0x20, 0xda, 0xe7, 0x76, 0xcb, 0xf4, 0xa3, 0x9b,
0xbc, 0x8f, 0x74, 0xef, 0xe2, 0x46, 0x5a, 0x72,
0x33, 0x06, 0x32, 0x1e, 0xbd, 0x4e, 0x4c, 0xf6,
0x16, 0x43, 0xa5, 0xa5, 0xa5, 0x6c, 0x76, 0x33,
0x35, 0x63, 0xdc, 0xe4, 0xec, 0x7f, 0x8a, 0xfa,
0xc3, 0x53, 0x69, 0x28, 0xf7, 0xd6, 0x97, 0xb9,
0x3a, 0xf4, 0x15, 0x90, 0x50, 0xd3, 0xdf, 0xf5,
0xd3, 0xcf, 0x15, 0x76, 0xe3, 0x3d, 0x24, 0x14,
0xfd, 0xd3, 0x01, 0x25, 0x82, 0xb4, 0xe3, 0xd8,
0x68, 0x89, 0x86, 0xa8, 0x26, 0x02, 0x5f, 0xc6,
0xf4, 0x99, 0x3b, 0x97, 0xa8, 0x65, 0xed, 0x18,
0xbb, 0x3c, 0x43, 0x4a, 0x6e, 0xaa, 0xbc, 0x83,
0x85, 0x19, 0x9f, 0x9b, 0xb8, 0xa4, 0xa3, 0xb2,
0xb7, 0x56, 0x07, 0x6c, 0xbf, 0x7d, 0xff, 0x5d,
0xb5, 0x1e, 0x83, 0xc8, 0x74, 0x70, 0x98, 0x17,
0x40, 0xe0, 0x2d, 0xad, 0x31, 0x00, 0x8e, 0x42,
0xd5, 0xb2, 0x25, 0xaa, 0x82, 0xaf, 0x33, 0xd8,
0x5b, 0xe2, 0x07, 0xed, 0xda, 0x84, 0xe9, 0xa2,
0xff, 0xbb, 0xa5, 0x47, 0x95, 0x6e, 0xa1, 0x8d,
0x59, 0x52, 0xeb, 0xf3, 0x3c, 0x18, 0x29, 0x92,
0x72, 0x27, 0x18, 0xfc, 0x95, 0xb9, 0xde, 0x46,
0xda, 0xcc, 0x4c, 0x31, 0x1d, 0x78, 0x86, 0xd2,
0x8c, 0x38, 0x9c, 0x32, 0xab, 0xf7, 0xca, 0x73,
0x85, 0xa5, 0xf1, 0xe0, 0x25, 0x06, 0xf9, 0x18,
0x14, 0xab, 0x3b, 0x73, 0x26, 0xee, 0xa0, 0xfd,
0x15, 0xac, 0xd6, 0x4e, 0x6b, 0xdb, 0x01, 0xa1,
0xdc, 0xd1, 0x2f, 0xd2, 0xb7, 0x5e, 0x12, 0x4f,
0x4b, 0x59, 0xd8, 0x03, 0x12, 0x60, 0xc9, 0x81,
0xb7, 0x06, 0x23, 0x09, 0xc4, 0xd9, 0xa8, 0x93,
0x6e, 0x96, 0xf4, 0x93, 0x53, 0xf0, 0x3d, 0xde,
0x10, 0x88, 0xb1, 0xd0, 0xcc, 0xad, 0x2c, 0xbf,
0x88, 0x98, 0x8f, 0x25, 0x76, 0xd7, 0x65, 0x77,
0xcc, 0x36, 0x1d, 0x1b, 0x6b, 0x60, 0x58, 0xc4,
0xfe, 0xe6, 0xca, 0xa8, 0x29, 0x33, 0x69, 0x36,
0xb8, 0x12, 0x95, 0x38, 0xd9, 0xd4, 0x16, 0xe9,
0x3e, 0x40, 0x8c, 0xc7, 0xae, 0x04, 0x11, 0xdf,
0x51, 0xd3, 0xdd, 0xbf, 0xa9, 0x41, 0x43, 0x4c,
0xff, 0x87, 0x2f, 0xea, 0x0f, 0x13, 0x66, 0x2a,
0x2b, 0x18, 0xe8, 0xc4, 0xff, 0xa0, 0x1c, 0x78,
0x79, 0x21, 0xf8, 0xaa, 0x8a, 0xf8, 0x92, 0xdf,
0x7b, 0x5f, 0x6a, 0x71, 0x60, 0x67, 0x5d, 0x94,
0xf6, 0xbb, 0x1d, 0x90, 0x7c, 0x51, 0x70, 0x1d,
0x87, 0xde, 0xf8, 0x91, 0xcb, 0x42, 0x9f, 0xc7,
0x4b, 0xa0, 0x16, 0xee, 0xb4, 0x73, 0xe8, 0xe0,
0x0b, 0xa5, 0xd3, 0x26, 0x9e, 0x52, 0xda, 0x4a,
0x1f, 0xae, 0x76, 0xbf, 0xbb, 0x4d, 0x74, 0x98,
0xa6, 0xae, 0xc0, 0x60, 0x96, 0xc5, 0xad, 0x9b,
0x91, 0x31, 0xb9, 0x50, 0x3d, 0x9a, 0x0f, 0xe1,
0x93, 0xef, 0x08, 0x72, 0xb2, 0x66, 0xe5, 0x5d,
0xe4, 0x15, 0x53, 0x8e, 0xb0, 0xb3, 0xf8, 0x78,
0xfc, 0x5d, 0x44, 0xc5, 0xbf, 0xf5, 0x01, 0x54,
0xc5, 0x45, 0xa9, 0x30, 0xa4, 0xf1, 0x49, 0x79,
0x4e, 0xab, 0xfc, 0xb2, 0x93, 0xe7, 0x3a, 0xe1,
0x7f, 0x1f, 0x2f, 0x45, 0x3a, 0x53, 0x2b, 0x68,
0xb3, 0xa4, 0xac, 0x23, 0x54, 0xb7, 0x5d, 0x25,
0xa3, 0xe3, 0x90, 0x8a, 0xb0, 0x02, 0xfb, 0x7f,
0x2d, 0xeb, 0x80, 0xc2, 0x5c, 0x62, 0xe1, 0x36,
0x5a, 0x82, 0x8f, 0x4e, 0x74, 0xeb, 0x7d, 0x70,
0xaf, 0x23, 0x92, 0x65, 0x3a, 0x11, 0xc0, 0x29,
0xdb, 0xf7, 0x9a, 0xdc, 0x81, 0x45, 0x25, 0x0c,
0x2e, 0x4f, 0x88, 0x41, 0x34, 0x53, 0xc6, 0x08,
0x21, 0x77, 0xc1, 0xbb, 0x61, 0x48, 0x20, 0x69,
0x1a, 0xbb, 0x71, 0x1b, 0x56, 0x18, 0x79, 0x75,
0x16, 0x9a, 0xb3, 0x79, 0x31, 0x11, 0xa2, 0x89,
0x8d, 0xea, 0x10, 0xb0, 0x04, 0x7f, 0xf8, 0x6e,
0xdc, 0x08, 0x9b, 0x51, 0xa7, 0x64, 0xbd, 0x8d,
0xd4, 0xd0, 0x1e, 0x38, 0x50, 0x1a, 0xa8, 0x7e,
0x20, 0xae, 0xee, 0x8c, 0xa7, 0x72, 0x94, 0xc9,
0xba, 0xf0, 0x67, 0xbd, 0x25, 0x1a, 0x3a, 0xdf,
0x75, 0x39, 0xb7, 0xd3, 0x83, 0x3b, 0x89, 0xdf,
0xb5, 0x2d, 0xd3, 0x12, 0x24, 0x21, 0x7c, 0x9e,
0x92, 0x1c, 0x19, 0xae, 0x28, 0xcb, 0x2e, 0x2e,
0x3c, 0xa9, 0x9b, 0xbd, 0xf9, 0x33, 0x30, 0xb2,
0xbd, 0x8b, 0xbf, 0xc1, 0x8b, 0x32, 0xf1, 0x20,
0xa1, 0x00, 0xfd, 0x11, 0x7d, 0x9a, 0xa8, 0x14,
0x2c, 0xce, 0x16, 0x16, 0x4b, 0xdd, 0x56, 0x91,
0x15, 0x36, 0x83, 0xcb, 0x01, 0x58, 0x35, 0xe1,
0xdc, 0x22, 0x3d, 0xf8, 0xc2, 0x06, 0x54, 0x68,
0x77, 0xd1, 0x47, 0x28, 0xdc, 0x09, 0x2a, 0x86,
0x13, 0x80, 0xa6, 0xe9, 0xd0, 0xb4, 0xa3, 0x41,
0x47, 0xf4, 0x71, 0x24, 0x10, 0x4c, 0x9f, 0xb7,
0x57, 0x34, 0x48, 0x1b, 0xb4, 0xed, 0x0e, 0x89,
0x4c, 0xf1, 0x73, 0x44, 0xff, 0x35, 0xb6, 0xe0,
0x8f, 0x02, 0xa3, 0xa3, 0x81, 0x55, 0x38, 0xb5,
0xc1, 0x99, 0xb3, 0x88, 0x84, 0x0d, 0xd9, 0x73,
0x77, 0x65, 0x0b, 0xd7, 0xf8, 0x03, 0x88, 0xcb,
0xdf, 0x25, 0xaf, 0xc6, 0xf1, 0xfa, 0x5c, 0x4d,
0xfa, 0xc3, 0x7b, 0x8f, 0xb8, 0x38, 0x5d, 0x29,
0xbb, 0x3d, 0x3e, 0x62, 0x1c, 0xdd, 0xe6, 0x97,
0xe6, 0xe9, 0xbe, 0x6e, 0xd2, 0xb7, 0x7a, 0x9a,
0x8e, 0xaf, 0xb3, 0xc8, 0x9e, 0x19, 0xee, 0x3d,
0x5b, 0x1f, 0xec, 0x34, 0x3a, 0x1c, 0x27, 0x90,
0xbd, 0x1e, 0x49, 0x72, 0x25, 0x2e, 0x38, 0x48,
0x7d, 0xe1, 0x85, 0x46, 0xa7, 0x1b, 0x4a, 0xd5,
0x23, 0x75, 0x6d, 0x8b, 0xc3, 0xf1, 0x87, 0xec,
0x8b, 0x45, 0xf0, 0x9b, 0xb2, 0x14, 0x7a, 0x7c,
0x8d, 0x78, 0x9c, 0x82, 0x64, 0x14, 0xfe, 0x01,
0xfa, 0x04, 0x33, 0x96, 0xdd, 0x5f, 0x56, 0xbc,
0xb2, 0x03, 0xe3, 0x0c, 0xa1, 0x09, 0x66, 0xa0,
0x5e, 0x44, 0xde, 0x21, 0xae, 0x7d, 0x7a, 0x0e,
0x81, 0x27, 0xd2, 0xfb, 0x85, 0xed, 0x27, 0x27,
0xac, 0x11, 0x1c, 0xa1, 0x6d, 0xe9, 0xc1, 0xca,
0xf6, 0x40, 0x7c, 0x95, 0x01, 0xb7, 0xa8, 0x29,
0x9a, 0xd2, 0xcc, 0x62, 0x70, 0x1c, 0x7d, 0x0e,
0xe5, 0x60, 0xcb, 0x79, 0xa3, 0xd7, 0x5d, 0x48,
0x4b, 0x3c, 0xf8, 0x12, 0xe8, 0x7a, 0x7e, 0x83,
0xab, 0x24, 0x33, 0x0f, 0x7b, 0x0a, 0x38, 0xae,
0xb1, 0xfc, 0xc3, 0x50, 0x5c, 0x83, 0x53, 0xfd,
0x15, 0xd6, 0x49, 0x54, 0xb6, 0x40, 0xe5, 0xe8,
0x55, 0xba, 0x08, 0x2f, 0x21, 0xd7, 0x0e, 0x71,
0x8a, 0xb2, 0xe1, 0x6b, 0xc6, 0x7e, 0x0f, 0x1c,
0x4d, 0x41, 0x9f, 0x38, 0xc2, 0xce, 0x41, 0x41,
0x48, 0xcd, 0xec, 0x16, 0x1d, 0x23, 0x8e, 0x41,
0xcd, 0x5e, 0xf9, 0x5f, 0x01, 0x5e, 0x73, 0xa2,
0xa1, 0xef, 0xe9, 0x57, 0xe0, 0xba, 0xe6, 0xbb,
0x2b, 0xff, 0x3e, 0xb8, 0xad, 0xd5, 0x12, 0xc1,
0x54, 0x49, 0xca, 0x93, 0xb0, 0x7d, 0x7b, 0xcf,
0xf0, 0xc5, 0x94, 0x43, 0x30, 0x94, 0x11, 0x8d,
0x15, 0x79, 0x2e, 0x57, 0xb8, 0x24, 0xcd, 0x2e,
0xc2, 0x49, 0x3d, 0x92, 0x44, 0x23, 0x0c, 0x3e,
0xa0, 0xf9, 0xa5, 0xad, 0x2a, 0x56, 0xec, 0xf4,
0x6d, 0x0f, 0x5b, 0xb5, 0xd4, 0x2a, 0x3f, 0x2b,
0x17, 0x9f, 0x5d, 0x33, 0x97, 0x42, 0xd4, 0x1e,
0x14, 0x49, 0x01, 0xfb, 0xb6, 0x72, 0xbc, 0x14,
0x5b, 0x79, 0xf4, 0x0a, 0xc5, 0x49, 0xe1, 0x76,
0x44, 0x78, 0x87, 0xd1, 0x8e, 0x5b, 0xd5, 0x95,
0xad, 0x19, 0x7c, 0x0d, 0x39, 0x7f, 0x41, 0x2e,
0xd7, 0x9e, 0xbc, 0xfd, 0x2c, 0xde, 0xfa, 0x01,
0x7d, 0x2b, 0x04, 0xef, 0x4d, 0xf9, 0xf4, 0x5b,
0xed, 0x05, 0x9a, 0x50, 0x35, 0xe7, 0xb0, 0xba,
0x24, 0xea, 0x16, 0x51, 0xe1, 0x6f, 0x32, 0x08,
0x94, 0xd6, 0x19, 0x9d, 0x0e, 0x4c, 0xc1, 0xbb,
0x01, 0x87, 0xa5, 0x90, 0x5f, 0x6f, 0xc4, 0xed,
0xa1, 0x4c, 0x06, 0x4d, 0x2c, 0x47, 0x24, 0xda,
0xae, 0xd2, 0x41, 0x92, 0x1f, 0x46, 0xce, 0xec,
0xb1, 0xcc, 0x80, 0x1e, 0xb2, 0xcb, 0x66, 0x48,
0x22, 0xec, 0x0e, 0x47, 0xfc, 0xad, 0x17, 0xfe,
0x7b, 0xc5, 0x4d, 0x34, 0x95, 0x40, 0xd0, 0x02,
0x7e, 0x90, 0xaa, 0x92, 0xaf, 0x48, 0x64, 0xc5,
0xc1, 0x56, 0xd8, 0x9b, 0x6c, 0x5f, 0x2e, 0xfa,
0xd7, 0x84, 0xdc, 0x71, 0x65, 0x1b, 0xfb, 0xbc,
0x21, 0xc7, 0x57, 0xf4, 0x71, 0x2e, 0x6f, 0x34,
0x85, 0x99, 0xa8, 0x5c, 0x6f, 0x34, 0x22, 0x44,
0x89, 0x01, 0xf9, 0x48, 0xd2, 0xe2, 0xe4, 0x71,
0x9d, 0x48, 0x07, 0x97, 0xd4, 0x66, 0xe4, 0x4d,
0x48, 0xa3, 0x08, 0x7f, 0x6e, 0xaa, 0x7b, 0xe9,
0x93, 0x81, 0x03, 0x0c, 0xd2, 0x48, 0xcf, 0x3f,
0x5f, 0xbe, 0x03, 0xfb, 0x0f, 0xad, 0xc3, 0x81,
0xd9, 0xce, 0x88, 0x0b, 0xfa, 0xed, 0x29, 0x7e,
0x0b, 0xa1, 0x6f, 0x4c, 0x7d, 0xe4, 0x36, 0xff,
0xdf, 0x94, 0x1a, 0x24, 0xb3, 0x7b, 0xca, 0x24,
0x7e, 0x3a, 0x19, 0x53, 0x13, 0x4a, 0x17, 0x58,
0xe7, 0x16, 0x9b, 0x50, 0xd8, 0xda, 0xcc, 0x6e,
0x05, 0x25, 0xfe, 0x16, 0xcb, 0x5b, 0xd5, 0x35,
0x76, 0x40, 0x44, 0x96, 0x23, 0x97, 0xe2, 0x4a,
0x72, 0x0c, 0x54, 0x43, 0xc0, 0x09, 0x85, 0x8e,
0x15, 0x85, 0xaf, 0x3c, 0x5e, 0x5f, 0x3c, 0x2d,
0x21, 0x42, 0x75, 0xb7, 0xe4, 0x50, 0xf9, 0x00,
0xa3, 0x4f, 0xb1, 0x7c, 0xfe, 0x62, 0xd0, 0xe9,
0x6d, 0x51, 0xcc, 0x83, 0xc1, 0xdc, 0x37, 0x10,
0x90, 0x0a, 0x15, 0xd8, 0xd5, 0x02, 0xf7, 0x74,
0xb8, 0x46, 0x84, 0xc3, 0x61, 0x17, 0x26, 0x0f,
0xe4, 0xde, 0x1a, 0xcf, 0x42, 0x53, 0x63, 0x2f,
0x8d, 0xf7, 0x06, 0x07, 0xc3, 0x33, 0x39, 0x59,
0xe9, 0x17, 0xc8, 0x05, 0xd2, 0xa2, 0xae, 0x53,
0x2c, 0x7e, 0xd0, 0x9d, 0x5c, 0xb5, 0x42, 0x9f,
0x84, 0xd7, 0xfe, 0x93, 0x74, 0xfb, 0xbb, 0xd2,
0x1e, 0x57, 0x4e, 0x7f, 0x79, 0xaf, 0xd2, 0xf9,
0x5e, 0x41, 0x9e, 0x63, 0x54, 0x61, 0x47, 0x0c,
0x92, 0x4c, 0xc9, 0xfe, 0x4f, 0xcb, 0xe5, 0x8e,
0x65, 0xb3, 0x97, 0x1b, 0xd8, 0xd1, 0x62, 0xfd
#else
0x30, 0x82, 0x0a, 0x34, 0x30, 0x0d, 0x06, 0x0b,
0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b,
0x0c, 0x08, 0x07, 0x03, 0x82, 0x0a, 0x21, 0x00,
0x7f, 0x5f, 0x63, 0x81, 0x6f, 0x04, 0x4c, 0xec,
0xa8, 0xaf, 0x7b, 0x99, 0x41, 0xc6, 0xff, 0xdf,
0x77, 0x66, 0x28, 0xc0, 0xe2, 0x58, 0xea, 0x9c,
0x60, 0xbb, 0x03, 0x3e, 0xca, 0xa8, 0x38, 0x64,
0xfb, 0xf7, 0x1b, 0x3f, 0xec, 0xfd, 0x0f, 0xf1,
0x9c, 0xe4, 0xfd, 0xad, 0x83, 0xf7, 0x03, 0x66,
0x6e, 0x7f, 0x4d, 0x42, 0xab, 0x6b, 0x73, 0x26,
0xde, 0x6f, 0x8c, 0xc4, 0xca, 0x21, 0x66, 0x31,
0x79, 0x57, 0x88, 0xcb, 0x1e, 0xab, 0xda, 0x1d,
0x56, 0x70, 0xd9, 0x83, 0xa1, 0xb4, 0x83, 0xce,
0xcc, 0x0f, 0xeb, 0xd6, 0x63, 0xbd, 0xf6, 0x02,
0x5d, 0x5b, 0x0c, 0x17, 0x3c, 0x3e, 0x15, 0x02,
0x22, 0xa1, 0x5d, 0xb5, 0xc5, 0x81, 0x28, 0x95,
0x0b, 0x34, 0x2b, 0x96, 0x0a, 0xae, 0x6a, 0xa8,
0xb5, 0x1d, 0x56, 0xbb, 0x7d, 0x83, 0x9a, 0x15,
0xad, 0x63, 0x9e, 0x86, 0x8c, 0x6e, 0x6a, 0xa8,
0xde, 0x55, 0xd0, 0xce, 0xc0, 0x2e, 0x05, 0xfe,
0x1f, 0x4d, 0xd7, 0x12, 0xa4, 0x5a, 0xe9, 0x04,
0x0d, 0x20, 0x84, 0x90, 0xb9, 0xca, 0x64, 0xe4,
0xad, 0x2e, 0x74, 0x4b, 0x1d, 0x2f, 0xcc, 0xac,
0xd8, 0x1a, 0x5e, 0xb2, 0x78, 0xbe, 0x61, 0xf7,
0x36, 0xa3, 0xd1, 0x93, 0x86, 0xb5, 0x15, 0xf1,
0x74, 0xf8, 0x9f, 0x6d, 0x6a, 0x8f, 0x6d, 0x86,
0x8b, 0x36, 0x61, 0x10, 0xc9, 0x1a, 0x31, 0x39,
0x09, 0xe6, 0x15, 0xa0, 0xb1, 0xfa, 0x69, 0xd4,
0xc2, 0xb2, 0x56, 0x4c, 0x06, 0x33, 0x13, 0xc4,
0x78, 0x53, 0x16, 0xfc, 0x52, 0x99, 0xe6, 0x27,
0xc9, 0x3b, 0x24, 0x5c, 0x3e, 0x85, 0x73, 0x76,
0x61, 0xa3, 0x61, 0xf0, 0x95, 0xd5, 0xb2, 0xf5,
0x21, 0xe7, 0x09, 0xc3, 0x0c, 0x5c, 0xb0, 0x36,
0xce, 0x45, 0x68, 0x41, 0x45, 0xcb, 0x1c, 0x36,
0x2f, 0x3a, 0x00, 0x07, 0x56, 0xbe, 0x61, 0xd2,
0x77, 0x37, 0x63, 0xa4, 0xdb, 0xfa, 0xa9, 0x6b,
0x37, 0x90, 0x35, 0xd1, 0x1e, 0x27, 0x5b, 0x3e,
0xc0, 0x0a, 0x02, 0x64, 0xe4, 0x58, 0x49, 0xab,
0x2d, 0xc1, 0x38, 0x29, 0x3d, 0x44, 0xf9, 0xac,
0xb7, 0x65, 0xd1, 0x5f, 0xf8, 0xce, 0x52, 0x76,
0x22, 0x15, 0x61, 0x02, 0x1f, 0xa7, 0xcd, 0xff,
0xeb, 0xa6, 0x7f, 0x6b, 0xba, 0x75, 0xe3, 0x09,
0x01, 0x06, 0x41, 0x20, 0x88, 0x75, 0x64, 0x6b,
0x97, 0x38, 0x13, 0xab, 0x4c, 0x0a, 0xd4, 0x7e,
0xd2, 0xfa, 0x78, 0xe8, 0x9f, 0x5d, 0xf9, 0x53,
0x30, 0x17, 0xf1, 0x10, 0x9e, 0x4a, 0x32, 0x17,
0x3a, 0x9b, 0xb9, 0x25, 0x8e, 0xeb, 0xd9, 0x41,
0x01, 0xa2, 0xc6, 0x58, 0x4a, 0x9f, 0xc3, 0x73,
0xfd, 0xe2, 0xe4, 0x2c, 0x92, 0xb4, 0xa2, 0x3d,
0x0f, 0x1f, 0x37, 0x64, 0xf1, 0x17, 0x2a, 0x8c,
0xc6, 0xb5, 0xb0, 0x69, 0x7d, 0xfe, 0x08, 0xe0,
0x8e, 0xaa, 0xe0, 0x08, 0xd5, 0x28, 0x92, 0x51,
0x73, 0x8a, 0x2f, 0x7a, 0x4a, 0xbf, 0x52, 0x8d,
0x3e, 0x9b, 0x36, 0x6a, 0xfb, 0x19, 0xf0, 0xea,
0xfe, 0x05, 0xbd, 0x2d, 0xa9, 0x58, 0x48, 0x02,
0xa8, 0x20, 0x9e, 0xdc, 0x04, 0x57, 0xc2, 0x0c,
0xae, 0xc1, 0x03, 0xe7, 0x17, 0x48, 0x80, 0x00,
0x8d, 0x1b, 0xd0, 0xc5, 0xdc, 0x2a, 0x02, 0x6e,
0x8e, 0x54, 0xf3, 0x79, 0x31, 0x02, 0x93, 0xc5,
0xf2, 0x55, 0xea, 0x61, 0xd0, 0xb2, 0x8e, 0xc9,
0x74, 0x17, 0x0d, 0x38, 0xf8, 0xab, 0xf4, 0x42,
0xd4, 0xc2, 0xdc, 0xf7, 0x1b, 0xdb, 0x65, 0x36,
0x9f, 0x56, 0xe2, 0xeb, 0xf7, 0xe5, 0x2d, 0x45,
0xae, 0xc0, 0x95, 0xbc, 0xe4, 0x1f, 0x22, 0xdc,
0x0f, 0x54, 0xed, 0x14, 0xb8, 0xf1, 0x2f, 0x5d,
0xd1, 0x79, 0xa0, 0x81, 0x17, 0x71, 0xa1, 0xd6,
0xf0, 0x88, 0x9c, 0x1c, 0xc7, 0x95, 0x07, 0xb0,
0xea, 0xf7, 0xd3, 0xa2, 0x55, 0xfe, 0x85, 0x65,
0x42, 0x06, 0xec, 0xd2, 0xbe, 0x03, 0x8f, 0x63,
0x84, 0x4b, 0xb1, 0x47, 0x48, 0x20, 0x71, 0xd2,
0xdf, 0xc9, 0x59, 0xb0, 0x24, 0x8a, 0x6e, 0xf9,
0x4a, 0xa1, 0x7b, 0xed, 0x11, 0xb6, 0xf9, 0x9b,
0xf7, 0x93, 0x0e, 0xcb, 0x7a, 0x32, 0x22, 0x23,
0x4e, 0x86, 0xce, 0xad, 0x9d, 0x1b, 0x84, 0x57,
0xaf, 0xa5, 0x04, 0x03, 0x0a, 0xc9, 0x04, 0x97,
0xd0, 0xce, 0x8e, 0x2a, 0x9a, 0x00, 0x15, 0xeb,
0xac, 0x96, 0x57, 0xde, 0xe6, 0xc1, 0x2d, 0xbd,
0xfc, 0xd6, 0x95, 0x0f, 0x5f, 0x19, 0xac, 0xaf,
0x6c, 0xd8, 0xa6, 0x1e, 0xd8, 0xdb, 0x14, 0xfd,
0xba, 0x0f, 0xd0, 0x3f, 0x61, 0xe3, 0x76, 0xfc,
0x47, 0x61, 0x07, 0x24, 0x49, 0x17, 0xca, 0x24,
0x31, 0x16, 0x26, 0x4f, 0xdc, 0x2b, 0x39, 0xae,
0x5f, 0xfa, 0x4f, 0x82, 0xef, 0xe1, 0x41, 0x8c,
0x3e, 0x8e, 0xa7, 0x6c, 0xf2, 0x51, 0xf7, 0x85,
0x35, 0x6c, 0xad, 0xea, 0x32, 0x35, 0xf3, 0xc0,
0x14, 0x17, 0xe2, 0x98, 0x27, 0x36, 0x7e, 0x60,
0x2f, 0x01, 0x60, 0x3e, 0x18, 0xf4, 0x4e, 0xe0,
0xf5, 0x14, 0x21, 0x81, 0x05, 0x78, 0x1c, 0x5f,
0x4e, 0x89, 0xbb, 0x23, 0x60, 0xb1, 0x8f, 0x07,
0x53, 0x16, 0x6e, 0xfb, 0x86, 0x07, 0x90, 0xff,
0xa6, 0x27, 0x60, 0xe6, 0x3e, 0x92, 0x2a, 0x3c,
0xa3, 0x57, 0xec, 0x97, 0x23, 0xaf, 0xd2, 0x44,
0xac, 0x09, 0x87, 0xb0, 0x54, 0xe9, 0x5b, 0x50,
0x37, 0xfa, 0x12, 0xa4, 0xcb, 0x6f, 0xed, 0x9f,
0x29, 0x73, 0xa7, 0x09, 0x29, 0x91, 0x93, 0x5c,
0x54, 0xf4, 0x44, 0xc2, 0x04, 0x64, 0xfc, 0xd2,
0xf2, 0x0a, 0x0b, 0x45, 0x1f, 0xc5, 0x18, 0xf0,
0xff, 0x10, 0x1f, 0x3a, 0x97, 0xf8, 0xb1, 0x83,
0x0e, 0x08, 0xe2, 0x55, 0x75, 0x6a, 0x45, 0x96,
0xf8, 0x1b, 0xdc, 0xb6, 0x57, 0x83, 0x8c, 0x28,
0xc0, 0x4a, 0x57, 0xc6, 0xfb, 0x27, 0x3d, 0xfa,
0x5a, 0x0d, 0x69, 0x56, 0x23, 0x66, 0x02, 0x78,
0xca, 0xf1, 0xfa, 0xcb, 0xc1, 0xf6, 0x92, 0x1c,
0xa0, 0xe3, 0x09, 0x7d, 0x48, 0x5e, 0x86, 0xa0,
0x82, 0xa8, 0xf1, 0x1e, 0xe1, 0xfe, 0xc6, 0x9d,
0x4f, 0x2e, 0xf4, 0xfc, 0xc6, 0x48, 0x1d, 0xc1,
0x2a, 0x6a, 0xb7, 0xea, 0x46, 0x89, 0x04, 0xe9,
0xbd, 0xf1, 0xed, 0x16, 0x76, 0xd8, 0x4b, 0x42,
0xd5, 0x43, 0xa4, 0xfb, 0x02, 0x01, 0x54, 0x00,
0xaf, 0x55, 0x52, 0x27, 0xff, 0x00, 0xe2, 0xbb,
0x4a, 0xf2, 0x69, 0xb4, 0x4e, 0x6c, 0x6b, 0xa3,
0x96, 0x4f, 0xf4, 0x65, 0x90, 0x2d, 0xc8, 0x57,
0x1f, 0xb2, 0xf0, 0x86, 0x7b, 0x93, 0x09, 0x49,
0x31, 0xc4, 0xf4, 0x8f, 0xc8, 0x2d, 0xac, 0x1d,
0xfc, 0xba, 0xa4, 0xa5, 0x41, 0x90, 0x76, 0x7d,
0x9e, 0x47, 0xdc, 0x10, 0xe6, 0x0c, 0xf7, 0x0f,
0xa4, 0xba, 0x4f, 0xe2, 0x46, 0x38, 0x4c, 0x28,
0xa0, 0x57, 0xb5, 0x3c, 0xb3, 0x4b, 0x8f, 0x03,
0x04, 0xff, 0xf6, 0xec, 0x60, 0x90, 0x62, 0xfe,
0x74, 0x76, 0x48, 0xb3, 0xf4, 0x0a, 0x6a, 0x5a,
0x5b, 0xad, 0xc8, 0x54, 0x62, 0x11, 0x52, 0xd9,
0x84, 0x1a, 0x09, 0x4b, 0xca, 0x66, 0xaa, 0x3c,
0x36, 0x08, 0x9d, 0x58, 0xd0, 0x4a, 0x3a, 0x8b,
0x24, 0xe0, 0x80, 0x9f, 0xe3, 0x76, 0xb6, 0x07,
0xb1, 0xbc, 0x00, 0x98, 0xb0, 0xc1, 0xe0, 0xf6,
0x1f, 0x4d, 0xa8, 0xd1, 0x69, 0x44, 0x9c, 0x33,
0xb0, 0x0f, 0x9c, 0xc9, 0x0c, 0x8c, 0xbc, 0x03,
0x58, 0x81, 0x76, 0xab, 0x0d, 0xef, 0x25, 0x5a,
0xf6, 0xab, 0x3b, 0xf1, 0x1f, 0x97, 0x12, 0x8e,
0x7f, 0x28, 0x77, 0x26, 0x18, 0xc4, 0xc4, 0xda,
0x2c, 0x43, 0x57, 0xd2, 0x1f, 0x67, 0x95, 0x40,
0x2c, 0x94, 0x41, 0x69, 0x22, 0x8a, 0x24, 0xd9,
0xc7, 0xfc, 0xea, 0x49, 0x83, 0x8f, 0x5d, 0x2e,
0x9d, 0xac, 0x17, 0xb6, 0xe0, 0xc4, 0xe7, 0xe6,
0xd5, 0xc2, 0x73, 0xa1, 0x8f, 0x33, 0x14, 0x02,
0xae, 0x01, 0x9f, 0x6f, 0x40, 0x92, 0x4e, 0x03,
0xc2, 0xa9, 0xf1, 0x36, 0x78, 0xe4, 0xde, 0x39,
0x4d, 0x29, 0x2e, 0xc2, 0x00, 0x93, 0x79, 0xe4,
0xb2, 0x29, 0x4b, 0x81, 0x5c, 0x06, 0x06, 0xbc,
0xc1, 0x01, 0x1c, 0xa7, 0x08, 0xf7, 0x47, 0x1f,
0x52, 0x4f, 0xdf, 0x94, 0x1e, 0xe6, 0x89, 0xe6,
0x26, 0x71, 0x2e, 0xa2, 0xd2, 0xfe, 0x04, 0xf2,
0x12, 0x4c, 0x06, 0x78, 0x34, 0xc0, 0xb9, 0x76,
0x62, 0x3b, 0x72, 0x25, 0x8c, 0x0d, 0x73, 0x24,
0xcf, 0x4b, 0x4c, 0x47, 0x20, 0x9d, 0x04, 0x7f,
0x86, 0x2c, 0x45, 0xb8, 0xfe, 0xb2, 0xaa, 0x36,
0xf8, 0xe0, 0x24, 0x25, 0x05, 0x23, 0x12, 0x16,
0xbf, 0x64, 0x10, 0xdd, 0xe4, 0xc0, 0xb0, 0x85,
0xa7, 0xd3, 0xd1, 0x18, 0x1b, 0x81, 0x6b, 0x94,
0xfd, 0x07, 0x43, 0xdd, 0x12, 0x37, 0x78, 0x69,
0xec, 0x8c, 0xd0, 0x41, 0x2c, 0x42, 0x94, 0x3e,
0x9f, 0xe3, 0x49, 0xb3, 0xb8, 0x45, 0x0b, 0x1d,
0xc1, 0x9b, 0x4d, 0x21, 0x85, 0x62, 0xea, 0xd1,
0xc9, 0x12, 0x30, 0x8c, 0x4b, 0x63, 0xeb, 0x7d,
0x02, 0x52, 0x15, 0xa1, 0x95, 0x48, 0x9f, 0xc2,
0xce, 0xf3, 0x4b, 0xff, 0x5a, 0xb6, 0x8f, 0xce,
0xcd, 0x42, 0x21, 0x40, 0x82, 0xad, 0x08, 0x99,
0x4d, 0x24, 0x58, 0x25, 0xf3, 0x7e, 0x42, 0x86,
0x06, 0x33, 0x1f, 0x53, 0xbb, 0x07, 0x33, 0xca,
0xc0, 0x02, 0x18, 0x30, 0x3c, 0xc5, 0x67, 0x1c,
0x32, 0x3f, 0x2d, 0x58, 0x4c, 0x24, 0x6e, 0x60,
0x96, 0x1a, 0xf4, 0xd0, 0x55, 0xb8, 0x84, 0xf0,
0xb9, 0x83, 0xbf, 0x3d, 0x37, 0xe4, 0xa6, 0x06,
0x1c, 0xd1, 0xd7, 0x91, 0x24, 0xdc, 0x3f, 0xcc,
0x71, 0xf3, 0x0c, 0x90, 0x2c, 0x1d, 0x2f, 0x90,
0xc8, 0x3c, 0x6f, 0x2c, 0x5d, 0xad, 0x8c, 0xdf,
0xbb, 0x0d, 0x2a, 0x7f, 0x4a, 0x34, 0x5a, 0xd9,
0x83, 0xfd, 0x61, 0x36, 0xe0, 0x0a, 0xb3, 0xf6,
0x69, 0xb1, 0xaf, 0x81, 0x22, 0xd6, 0x9e, 0x9a,
0xf8, 0xa6, 0x24, 0x8e, 0x0c, 0xcb, 0x25, 0xc2,
0xfc, 0xc5, 0x94, 0xbd, 0x23, 0x9c, 0xa9, 0xbd,
0x76, 0x28, 0xa4, 0x55, 0x92, 0x7c, 0xe6, 0x76,
0xf7, 0x30, 0xf8, 0x7d, 0xdc, 0x0a, 0x93, 0x9e,
0x7c, 0x39, 0x0a, 0x70, 0xa0, 0xb2, 0x77, 0xe0,
0x7a, 0x89, 0x50, 0xce, 0x75, 0xca, 0x2f, 0xa4,
0x12, 0x0e, 0xcb, 0x75, 0x1f, 0x0a, 0x83, 0xe8,
0x14, 0x80, 0xa7, 0xb0, 0xe8, 0x11, 0xca, 0x12,
0x5e, 0xf7, 0x31, 0x65, 0xbd, 0x20, 0x3d, 0x8c,
0xa6, 0x89, 0x83, 0x68, 0x66, 0x03, 0x28, 0x49,
0x17, 0xc4, 0x3f, 0x43, 0x02, 0x9b, 0xf8, 0xed,
0xae, 0x8e, 0x68, 0xbc, 0x8e, 0x39, 0xe7, 0x15,
0x32, 0x45, 0x66, 0x2c, 0x1f, 0xce, 0x56, 0xc7,
0xc0, 0x15, 0x52, 0x19, 0x40, 0xcf, 0x87, 0x20,
0xcd, 0x3d, 0xec, 0x90, 0x8d, 0x04, 0x01, 0x31,
0x0b, 0x74, 0x80, 0x6e, 0x61, 0xa7, 0xf3, 0x4c,
0xb2, 0x16, 0x00, 0xd5, 0xdb, 0xcc, 0xbb, 0x2c,
0x9f, 0xb6, 0x02, 0x4a, 0xcf, 0x71, 0x06, 0xfd,
0x60, 0xe0, 0x00, 0xbe, 0x22, 0xba, 0x39, 0x36,
0xa8, 0x7e, 0xe5, 0xcb, 0xea, 0x87, 0xb1, 0xee,
0xa2, 0x6c, 0x85, 0x94, 0x18, 0x6c, 0xab, 0x9a,
0x93, 0xa7, 0xab, 0x4e, 0x3b, 0x85, 0xf3, 0xef,
0x8f, 0x15, 0x74, 0x21, 0x9f, 0x5d, 0x9c, 0x22,
0x32, 0x71, 0xb5, 0x4d, 0x7f, 0xaa, 0x85, 0xe0,
0x05, 0x2a, 0x53, 0xbb, 0x3c, 0xab, 0xc3, 0xd2,
0x73, 0x6e, 0x97, 0xa3, 0xfd, 0x05, 0x58, 0xaa,
0x49, 0xc8, 0x69, 0xa9, 0x0b, 0x73, 0xd4, 0xe9,
0x1d, 0x84, 0x60, 0x34, 0x2a, 0x09, 0xb3, 0x0f,
0x08, 0x13, 0x67, 0x77, 0xb3, 0x24, 0xdf, 0xad,
0xbf, 0x51, 0x71, 0x2b, 0xbe, 0x4f, 0x5d, 0xf4,
0xe7, 0x25, 0x4c, 0x24, 0xa2, 0x4a, 0x22, 0xec,
0xcc, 0x7c, 0x6c, 0x62, 0xee, 0x47, 0x12, 0x43,
0x88, 0xe4, 0x71, 0xaa, 0x63, 0xaa, 0x2b, 0xed,
0x70, 0xbf, 0x26, 0x37, 0xcc, 0xa4, 0xff, 0xe9,
0xb6, 0x65, 0x31, 0x4d, 0x0d, 0x32, 0xd6, 0x84,
0xb8, 0xab, 0x98, 0xa7, 0x10, 0x44, 0x77, 0xc7,
0x2a, 0x60, 0xf0, 0xf5, 0xd5, 0xd4, 0x3a, 0x73,
0x11, 0xa5, 0x1b, 0x18, 0x3c, 0x13, 0xfb, 0xda,
0x76, 0x9d, 0xeb, 0x3e, 0xb9, 0x7a, 0xce, 0x02,
0xa7, 0x5e, 0x25, 0x96, 0xd2, 0xbc, 0x85, 0x1a,
0xd1, 0xa4, 0xe2, 0x02, 0x15, 0x08, 0x49, 0x16,
0x7c, 0xaf, 0xc6, 0x38, 0x7b, 0x95, 0xf9, 0x37,
0xc0, 0x87, 0x73, 0x6f, 0x01, 0xcd, 0x2b, 0xf1,
0xe7, 0x6e, 0x47, 0x18, 0x30, 0xb8, 0x16, 0x87,
0x1d, 0x23, 0x62, 0x22, 0x85, 0x92, 0x69, 0x46,
0x9c, 0x65, 0xd8, 0xf1, 0x27, 0x32, 0xe4, 0x16,
0x7f, 0x9a, 0xba, 0x46, 0x61, 0x60, 0x34, 0xe5,
0xc0, 0x14, 0xb5, 0xde, 0x4d, 0xd1, 0x71, 0x39,
0x26, 0xdc, 0x0c, 0x0a, 0x53, 0x9e, 0x31, 0x10,
0x45, 0x7a, 0xf9, 0xc8, 0xfa, 0x1d, 0x69, 0x5e,
0x25, 0xc1, 0xe2, 0x00, 0xbf, 0x94, 0xa3, 0xa2,
0x97, 0xca, 0xb4, 0x6a, 0x89, 0x68, 0xdd, 0xed,
0x6b, 0x99, 0x5a, 0x87, 0x9e, 0xe9, 0x68, 0xe4,
0xf2, 0xc2, 0x7e, 0x37, 0x02, 0xdf, 0x96, 0x1a,
0x5b, 0xed, 0xa1, 0xe8, 0xdf, 0x3c, 0xf7, 0xd2,
0x25, 0xac, 0xf7, 0x4a, 0x7f, 0x10, 0x27, 0x2b,
0x02, 0xc7, 0x95, 0x10, 0x5a, 0xb5, 0xb0, 0xcd,
0xa9, 0xe1, 0x36, 0xe2, 0x1c, 0x87, 0x99, 0x0e,
0x0a, 0x44, 0xec, 0x97, 0x75, 0xa7, 0x03, 0x27,
0x38, 0x3b, 0x16, 0x30, 0x00, 0x98, 0xbe, 0x77,
0xfe, 0x3a, 0xac, 0x6f, 0x8f, 0x4d, 0xe1, 0xa9,
0x9c, 0xba, 0x39, 0x52, 0xe8, 0xf7, 0xe4, 0xe6,
0xf9, 0xe9, 0xb3, 0x57, 0x82, 0xb2, 0x23, 0xd6,
0xa5, 0x14, 0xc0, 0x78, 0xb4, 0xa0, 0xf9, 0x96,
0xe4, 0x03, 0xe8, 0x6c, 0x27, 0xd8, 0x37, 0x7c,
0x8f, 0xf4, 0x80, 0x09, 0x09, 0xc9, 0x32, 0x15,
0xe0, 0x3f, 0x37, 0xa7, 0x1a, 0x5f, 0x8c, 0xfb,
0xdd, 0xfe, 0x6b, 0x34, 0x28, 0x53, 0x03, 0x4b,
0x39, 0x91, 0xf2, 0x48, 0x4c, 0x2a, 0x45, 0xfe,
0x66, 0xf7, 0x23, 0x74, 0xb8, 0x30, 0x70, 0xb4,
0x0c, 0x2c, 0x65, 0xb1, 0x4e, 0x32, 0x0f, 0x50,
0xbb, 0x46, 0x9b, 0x03, 0x34, 0x38, 0xfb, 0xe4,
0x25, 0x37, 0x8d, 0x0f, 0xa1, 0x41, 0x50, 0x85,
0x92, 0x07, 0x71, 0xff, 0x3c, 0xe6, 0xd9, 0x1d,
0x55, 0xb7, 0x10, 0x9c, 0xea, 0x70, 0x5f, 0xa3,
0xba, 0x84, 0x99, 0x91, 0x30, 0x3d, 0x4c, 0x98,
0x0b, 0x1f, 0x1f, 0xcc, 0x17, 0x94, 0xdd, 0x78,
0x7d, 0x50, 0xe5, 0xf5, 0x21, 0x88, 0x5a, 0x52,
0x76, 0x5a, 0x97, 0xbe, 0xba, 0xa9, 0xfe, 0x82,
0x8a, 0xb5, 0x46, 0xcf, 0x9c, 0xbe, 0xe8, 0x2f,
0x01, 0x2f, 0x6a, 0x03, 0x8a, 0xfa, 0x4b, 0x0b,
0xdc, 0x78, 0x79, 0x9c, 0x49, 0xc4, 0x01, 0x26,
0x16, 0x58, 0xc6, 0xb8, 0xee, 0x6c, 0xc9, 0xa9,
0x38, 0x7c, 0xcf, 0xf3, 0xf8, 0xd0, 0x6b, 0x99,
0x43, 0x13, 0xe0, 0x43, 0x8e, 0xfb, 0xb2, 0xdb,
0x61, 0x67, 0xf4, 0xfc, 0x01, 0x21, 0xd9, 0xb1,
0x1e, 0x6c, 0x6f, 0x2a, 0x9a, 0x4b, 0x86, 0x3c,
0x62, 0x03, 0x53, 0x83, 0x11, 0x18, 0x1a, 0x59,
0x9e, 0x25, 0xfe, 0xdb, 0x85, 0xd0, 0xee, 0x7c,
0x97, 0x72, 0xca, 0xf3, 0x0d, 0xd4, 0x19, 0x66,
0x14, 0xaf, 0x46, 0x68, 0x75, 0xdb, 0x8f, 0x5f,
0x77, 0x7f, 0xfe, 0xa9, 0xe6, 0xa1, 0x9e, 0x46,
0x5e, 0x92, 0xda, 0xea, 0xdd, 0x89, 0x01, 0xd9,
0xab, 0x25, 0x7d, 0xb4, 0x64, 0x50, 0x8f, 0xa3,
0xbe, 0xe2, 0x03, 0xd5, 0xc6, 0x9c, 0xc2, 0xf8,
0xac, 0xa4, 0x36, 0xa9, 0x37, 0x10, 0x59, 0x00,
0x45, 0xbb, 0x55, 0x33, 0xb9, 0x6f, 0xbc, 0xa2,
0x02, 0x9e, 0xa3, 0x1d, 0xf4, 0x17, 0x78, 0x9b,
0xbc, 0x42, 0x4e, 0x21, 0xc3, 0xde, 0xb5, 0x70,
0x4a, 0x23, 0x1e, 0xd4, 0x36, 0x5d, 0x7a, 0x08,
0x37, 0x55, 0x98, 0x07, 0xa0, 0x16, 0xa3, 0x4e,
0xa1, 0x2b, 0x96, 0x8b, 0x51, 0x63, 0x48, 0xab,
0xc9, 0x19, 0x6f, 0x5f, 0x25, 0x9d, 0xe7, 0x25,
0x63, 0xf0, 0x8e, 0xdb, 0x06, 0x2d, 0x42, 0x31,
0xfd, 0x14, 0x2b, 0x7a, 0x31, 0x43, 0x04, 0xd5,
0xe2, 0x89, 0x2e, 0xa8, 0xe4, 0x6e, 0xd5, 0xa5,
0x21, 0x67, 0x9b, 0x92, 0x61, 0x79, 0xdd, 0xe5,
0x44, 0x43, 0x45, 0x57, 0x13, 0xec, 0x04, 0xc1,
0x41, 0xa3, 0x14, 0x70, 0x86, 0xda, 0x76, 0x5d,
0xe8, 0x61, 0xd2, 0xfb, 0x7b, 0xe4, 0x71, 0x46,
0xa3, 0x52, 0xbf, 0xf2, 0xa0, 0x3c, 0xc1, 0x90,
0x0c, 0x2e, 0xeb, 0xb3, 0x38, 0xae, 0x13, 0x27,
0x84, 0xe9, 0x7a, 0xd6, 0x02, 0x40, 0x84, 0xff,
0x87, 0x1f, 0x37, 0x44, 0xd8, 0x2e, 0x93, 0xf7,
0x0a, 0xff, 0x5b, 0x4d, 0x07, 0x82, 0xfd, 0x6e,
0x44, 0xcc, 0x19, 0xc3, 0x7d, 0x7c, 0x31, 0xf9,
0x0e, 0xa8, 0x1c, 0x0d, 0xcb, 0x8e, 0xe8, 0x33,
0xb2, 0xff, 0x9e, 0x1d, 0x99, 0x7c, 0x46, 0x5b,
0xc7, 0x28, 0xec, 0x01, 0x62, 0x82, 0xfe, 0x2a,
0x22, 0xa3, 0x86, 0x4e, 0x47, 0xe2, 0x57, 0xf1,
0xb4, 0x58, 0x94, 0x89, 0xe5, 0xf1, 0xcd, 0x4d,
0x90, 0xd1, 0xa4, 0x4c, 0x34, 0x5d, 0xde, 0xdc,
0x39, 0x63, 0x8b, 0x85, 0xfd, 0x02, 0x21, 0xf1,
0x12, 0xa3, 0x6d, 0x65, 0x0f, 0x8d, 0xe5, 0xcd,
0x70, 0xd5, 0x1d, 0xf8, 0x65, 0x99, 0xfb, 0xe8,
0xb5, 0x5a, 0x09, 0x39, 0x9e, 0x09, 0x45, 0x62,
0x22, 0x1d, 0xa2, 0x46, 0xbf, 0x75, 0x20, 0xd1,
0xe7, 0xb0, 0x06, 0x68, 0xc3, 0x50, 0x48, 0xfc,
0xf8, 0x5c, 0x67, 0x69, 0x68, 0x66, 0xb6, 0x81,
0x95, 0x91, 0x81, 0x3d, 0xf6, 0x34, 0xd9, 0x4b,
0x06, 0x35, 0x17, 0x59, 0x89, 0x18, 0x74, 0x32,
0x50, 0xcf, 0x81, 0x16, 0x8e, 0x53, 0x9d, 0x1c,
0xad, 0x2d, 0x8e, 0x16, 0x41, 0xda, 0xca, 0xab,
0x78, 0x0d, 0xc9, 0x49, 0x61, 0xaa, 0x18, 0xf4,
0x56, 0x48, 0x29, 0x8c, 0xe3, 0x9a, 0x7d, 0x58,
0xf8, 0x99, 0x72, 0xf1, 0x78, 0xa8, 0x5a, 0x97,
0xe3, 0x2a, 0xc6, 0xa9, 0x59, 0xde, 0xcc, 0x62,
0xfb, 0xab, 0xc5, 0x9a, 0x0b, 0xc7, 0x16, 0x8f,
0x18, 0x20, 0x6e, 0x01, 0x7e, 0x04, 0xef, 0x72,
0x83, 0x61, 0xb8, 0x1a, 0x77, 0x0f, 0xd1, 0xa9,
0x75, 0xe0, 0x4a, 0x11, 0x69, 0x9d, 0xb6, 0xc9,
0x2e, 0xd3, 0xbf, 0xe2, 0x5b, 0x24, 0x77, 0x30,
0x85, 0x91, 0xef, 0xa8, 0x93, 0x4e, 0xad, 0x99,
0xad, 0xcb, 0x6d, 0x9d, 0x8f, 0xd8, 0x0f, 0xe5,
0x41, 0xd9, 0x9e, 0x0b, 0xce, 0x33, 0xd9, 0xbb,
0x87, 0x66, 0x2c, 0xa3, 0x0b, 0x68, 0x1b, 0xb0,
0x71, 0x30, 0xfa, 0x15, 0x2e, 0xe8, 0xc1, 0x99,
0x71, 0x01, 0xcc, 0xdb, 0x6f, 0x9f, 0x8a, 0xfd,
0xb4, 0x0f, 0x35, 0xa1, 0x36, 0xf4, 0x3a, 0xc4,
0x17, 0x77, 0x43, 0x60, 0x10, 0x18, 0xb4, 0xc2,
0xe5, 0xc0, 0x64, 0xd8, 0x38, 0x7c, 0x05, 0x9a,
0xfb, 0x2b, 0xb3, 0x9b, 0x9e, 0x34, 0x6b, 0x4b,
0xc8, 0x3b, 0x77, 0xe0, 0x6f, 0x08, 0xa1, 0x7b,
0x66, 0x69, 0x2f, 0xdb, 0x34, 0x9e, 0x98, 0x90,
0x5b, 0x4d, 0x7b, 0xa2, 0x32, 0x8e, 0x64, 0xe6,
0x0d, 0x75, 0xc9, 0x96, 0xe3, 0x57, 0xba, 0xad,
0x3e, 0x3b, 0x23, 0xfb, 0x9e, 0x7f, 0xc0, 0x3c,
0xd5, 0x41, 0x9c, 0xfb, 0xbc, 0xb3, 0x52, 0x49
#endif
};
#endif
static int test_wc_dilithium_public_der_decode(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
defined(WOLFSSL_DILITHIUM_PUBLIC_KEY)
dilithium_key* key;
word32 idx = 0;
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
ExpectIntEQ(wc_dilithium_init(key), 0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
#endif
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(dilithium_public_der, &idx, key,
(word32)sizeof(dilithium_public_der)), 0);
wc_dilithium_free(key);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_der(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_ASN1) && \
!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY)
#define DILITHIUM_MAX_DER_SIZE 8192
dilithium_key* key;
WC_RNG rng;
byte* der = NULL;
int len;
int pubLen;
int pubDerLen;
int privDerLen;
int keyDerLen;
word32 idx;
#ifndef WOLFSSL_NO_ML_DSA_44
pubLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
pubDerLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE + 24;
privDerLen = DILITHIUM_LEVEL2_KEY_SIZE + 30;
keyDerLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE + DILITHIUM_LEVEL2_KEY_SIZE + 34;
#elif !defined(WOLFSSL_NO_ML_DSA_65)
pubLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE;
pubDerLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE + 24;
privDerLen = DILITHIUM_LEVEL3_KEY_SIZE + 30;
keyDerLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE + DILITHIUM_LEVEL3_KEY_SIZE + 34;
#else
pubLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE;
pubDerLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE + 24;
privDerLen = DILITHIUM_LEVEL5_KEY_SIZE + 30;
keyDerLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE + DILITHIUM_LEVEL5_KEY_SIZE + 34;
#endif
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
der = (byte*)XMALLOC(DILITHIUM_MAX_DER_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(der);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_dilithium_init(key), 0);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key, der, DILITHIUM_MAX_DER_SIZE,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key, der, DILITHIUM_MAX_DER_SIZE,
1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(key, der, DILITHIUM_MAX_DER_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, pubDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
#elif !defined(WOLFSSL_NO_ML_DSA_65)
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
#else
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
#endif
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key, der, DILITHIUM_MAX_DER_SIZE,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key, der, DILITHIUM_MAX_DER_SIZE,
1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(key, der, DILITHIUM_MAX_DER_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_make_key(key, &rng), 0);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(NULL, NULL, 0 ,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(NULL, der , 0 ,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(NULL, NULL, DILITHIUM_MAX_DER_SIZE,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(NULL, der , DILITHIUM_MAX_DER_SIZE,
0), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key , der , 0 ,
0), BUFFER_E);
/* Get length only. */
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key , NULL, 0 ,
0), pubLen);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key , NULL, DILITHIUM_MAX_DER_SIZE,
0), pubLen);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key , NULL, 0 ,
1), pubDerLen);
ExpectIntEQ(wc_Dilithium_PublicKeyToDer(key , NULL, DILITHIUM_MAX_DER_SIZE,
1), pubDerLen);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(NULL, NULL,
0 ), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(key , NULL,
0 ), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(NULL, der ,
0 ), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(NULL, NULL,
DILITHIUM_MAX_DER_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(NULL, der ,
DILITHIUM_MAX_DER_SIZE), BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(key , der ,
0 ), BAD_FUNC_ARG);
/* Get length only. */
ExpectIntEQ(wc_Dilithium_PrivateKeyToDer(key , NULL,
DILITHIUM_MAX_DER_SIZE), privDerLen);
ExpectIntEQ(wc_Dilithium_KeyToDer(NULL, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_KeyToDer(key , NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_KeyToDer(NULL, der , 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_KeyToDer(NULL, NULL, DILITHIUM_MAX_DER_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_KeyToDer(NULL, der , DILITHIUM_MAX_DER_SIZE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_KeyToDer(key , der , 0 ),
BAD_FUNC_ARG);
/* Get length only. */
ExpectIntEQ(wc_Dilithium_KeyToDer(key , NULL, DILITHIUM_MAX_DER_SIZE),
keyDerLen);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(NULL, NULL, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der , NULL, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(NULL, &idx, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(NULL, NULL, key , 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(NULL, NULL, NULL, pubDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(NULL, &idx, key , pubDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der , NULL, key , pubDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der , &idx, NULL, pubDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der , &idx, key , 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(NULL, NULL, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der , NULL, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(NULL, &idx, NULL, 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(NULL, NULL, key , 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(NULL, NULL, NULL, privDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(NULL, &idx, key , privDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der , NULL, key , privDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der , &idx, NULL, privDerLen),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der , &idx, key , 0 ),
BAD_FUNC_ARG);
ExpectIntEQ(len = wc_Dilithium_PublicKeyToDer(key, der,
DILITHIUM_MAX_DER_SIZE, 0), pubLen);
ExpectIntEQ(wc_dilithium_import_public(der, len, key), 0);
ExpectIntEQ(len = wc_Dilithium_PublicKeyToDer(key, der,
DILITHIUM_MAX_DER_SIZE, 1), pubDerLen);
idx = 0;
{
fprintf(stderr, "\n");
for (int ii = 0; ii < pubDerLen; ii++) {
if ((ii % 8) == 0) fprintf(stderr, " ");
fprintf(stderr, "0x%02x,", der[ii]);
if ((ii % 8) == 7) fprintf(stderr, "\n");
else fprintf(stderr, " ");
}
}
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, len), 0);
ExpectIntEQ(len = wc_Dilithium_PrivateKeyToDer(key, der,
DILITHIUM_MAX_DER_SIZE), privDerLen);
idx = 0;
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, len), 0);
ExpectIntEQ(len = wc_Dilithium_KeyToDer(key, der, DILITHIUM_MAX_DER_SIZE),
keyDerLen);
idx = 0;
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, len), 0);
wc_dilithium_free(key);
wc_FreeRng(&rng);
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_make_key_from_seed(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && defined(WOLFSSL_WC_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY)
dilithium_key* key;
#ifndef WOLFSSL_NO_ML_DSA_44
static const byte seed_44[] = {
0xBA, 0xC0, 0x59, 0x52, 0x75, 0x5B, 0x26, 0x47,
0x01, 0xCA, 0x7D, 0x80, 0x6D, 0xFA, 0x08, 0x35,
0x10, 0x28, 0xF6, 0x7B, 0x0E, 0x83, 0xC4, 0x24,
0x01, 0x6F, 0x66, 0xCC, 0x83, 0x87, 0xD4, 0x69
};
static const byte pk_44[] = {
0x86, 0xF0, 0x0C, 0x20, 0xE0, 0xDA, 0xEE, 0x5E,
0x1E, 0xDE, 0x71, 0x39, 0x49, 0x0C, 0xC8, 0xCF,
0xEF, 0xC9, 0xAB, 0x62, 0x3B, 0x8D, 0xEF, 0x0B,
0xD8, 0x03, 0x12, 0x5B, 0x4A, 0xB2, 0x83, 0x61,
0xED, 0x7E, 0xA9, 0xED, 0x2D, 0xED, 0x5A, 0x71,
0xDD, 0xAE, 0x4A, 0x06, 0xE0, 0x2A, 0x5A, 0xAF,
0x99, 0x69, 0x89, 0xC6, 0xAF, 0xE3, 0x2A, 0xFE,
0x3D, 0x6E, 0x0A, 0x46, 0x71, 0x48, 0xD7, 0x17,
0x99, 0x20, 0x01, 0x78, 0xD5, 0x8B, 0x40, 0xCB,
0x81, 0xA0, 0x33, 0x38, 0xAE, 0x2B, 0x83, 0x4A,
0xFD, 0x5F, 0xE0, 0xB7, 0xEE, 0xA0, 0xC4, 0x3D,
0xB6, 0xA4, 0xD5, 0x59, 0x4B, 0xDD, 0x87, 0x1A,
0xFC, 0x03, 0x30, 0xA0, 0xB3, 0xAD, 0x75, 0x3C,
0xD4, 0x47, 0x72, 0x59, 0xCE, 0xB7, 0x80, 0xFD,
0x34, 0x35, 0x5E, 0x96, 0xC8, 0x42, 0xD9, 0xDD,
0x6C, 0xF1, 0xAB, 0xEF, 0x48, 0xD1, 0xA8, 0x02,
0x02, 0x0F, 0x5B, 0x71, 0x4D, 0x36, 0x1E, 0x0D,
0xC2, 0x09, 0x46, 0x7B, 0xF9, 0xEA, 0x24, 0x8F,
0x7C, 0xCF, 0xB8, 0x9C, 0xF7, 0x49, 0x15, 0x8E,
0x16, 0x49, 0x7E, 0xC5, 0x54, 0xF5, 0x03, 0x1D,
0x16, 0x12, 0x02, 0x72, 0x1B, 0x38, 0x2D, 0x58,
0x53, 0x15, 0x5E, 0xB6, 0x72, 0xCC, 0xA1, 0x09,
0xB0, 0x2F, 0x10, 0xFA, 0x21, 0x45, 0x46, 0x37,
0xD4, 0xFA, 0x7F, 0xFB, 0xB0, 0xD9, 0x20, 0xE2,
0xCB, 0x56, 0xB3, 0x1E, 0xDF, 0x82, 0x67, 0x25,
0x09, 0xD1, 0x8F, 0xFF, 0xE0, 0x43, 0xBD, 0x37,
0x2B, 0x73, 0x0E, 0x13, 0x08, 0xC9, 0x49, 0x88,
0x69, 0x69, 0xD9, 0x8C, 0x86, 0xE4, 0x7E, 0x63,
0x35, 0xC5, 0xE1, 0xD0, 0x14, 0x9A, 0x89, 0x27,
0x28, 0x17, 0xB0, 0x5B, 0x7A, 0x8F, 0xDD, 0x72,
0x8B, 0x0A, 0x0D, 0x49, 0x58, 0x59, 0x2F, 0x0D,
0x8F, 0x3D, 0x16, 0xCE, 0x7B, 0x11, 0xC7, 0x06,
0x5D, 0xD5, 0x6D, 0x7B, 0x96, 0xED, 0x1E, 0x1A,
0xF4, 0x10, 0x85, 0xDA, 0xDE, 0x84, 0x2F, 0x2B,
0xBA, 0xFB, 0xA2, 0x5F, 0x33, 0x7D, 0x7C, 0x18,
0x6B, 0xDF, 0x43, 0x3C, 0xE9, 0xEB, 0xB4, 0xC5,
0x8E, 0x52, 0xF5, 0x7E, 0x4C, 0x3E, 0x6A, 0x33,
0x41, 0x4C, 0x14, 0x05, 0x8E, 0x2C, 0x19, 0x0E,
0x86, 0x91, 0x66, 0xDE, 0xF6, 0x4B, 0x35, 0xC2,
0xDF, 0x3D, 0x4C, 0x7B, 0xC5, 0x58, 0x5E, 0x86,
0x89, 0x6A, 0xFC, 0x86, 0x48, 0x75, 0xD1, 0x18,
0xD1, 0xCB, 0x41, 0xC0, 0xF6, 0xD8, 0x87, 0x79,
0xD9, 0xA2, 0x56, 0x2E, 0x83, 0x26, 0x11, 0xC1,
0x4B, 0x53, 0x37, 0x85, 0x62, 0xFF, 0x6A, 0x67,
0xFD, 0x18, 0x79, 0xD7, 0x55, 0x9B, 0xF7, 0x64,
0xA9, 0x21, 0xB6, 0x1B, 0xF6, 0x11, 0x85, 0xF8,
0xC0, 0x68, 0xDE, 0x61, 0x0C, 0x61, 0x7E, 0x8E,
0xED, 0x9E, 0x58, 0x84, 0x16, 0x1A, 0x28, 0xC5,
0x41, 0x63, 0xB3, 0xF0, 0x82, 0xAA, 0xE8, 0x36,
0x81, 0x5C, 0xD3, 0xB7, 0xFB, 0x92, 0xF4, 0x7A,
0x1E, 0x85, 0xA2, 0xB7, 0x21, 0xD5, 0xFA, 0xC8,
0xE8, 0x02, 0x43, 0x5B, 0x56, 0x42, 0x03, 0x17,
0x67, 0xEE, 0x3E, 0x31, 0x23, 0x63, 0xC7, 0x33,
0x95, 0xDE, 0x07, 0xF6, 0x11, 0x3A, 0x2C, 0x3F,
0x7B, 0xBB, 0x2D, 0x5C, 0x23, 0xF9, 0x2F, 0x9C,
0x51, 0x19, 0x9F, 0x35, 0xC3, 0x18, 0x9F, 0x83,
0x6E, 0xA8, 0x03, 0xF1, 0x79, 0x1F, 0xB0, 0xC8,
0x2F, 0xF4, 0x2E, 0x9A, 0x26, 0xF3, 0x44, 0x02,
0x8F, 0x45, 0x8B, 0xB0, 0x25, 0x1D, 0xF2, 0xD4,
0x55, 0xB7, 0x65, 0xEF, 0xDB, 0x3D, 0x8E, 0x92,
0xC8, 0xA0, 0x63, 0x4C, 0x38, 0xA3, 0x54, 0xD3,
0xC2, 0x5A, 0x2A, 0x6A, 0x15, 0x27, 0x2A, 0xE2,
0xFC, 0x25, 0xB6, 0xC8, 0x68, 0xEB, 0xED, 0x2D,
0x23, 0xE8, 0x6D, 0x5C, 0xDD, 0x3F, 0x18, 0xB4,
0x6E, 0x79, 0x36, 0xC9, 0x1C, 0xB4, 0x92, 0x41,
0xAD, 0x35, 0xD4, 0x15, 0xE4, 0x64, 0x1C, 0x51,
0xCB, 0x0C, 0x41, 0xB7, 0xFD, 0xC1, 0x09, 0x3E,
0xD2, 0x4D, 0x38, 0x88, 0x77, 0x1C, 0x71, 0x91,
0x74, 0xD3, 0x28, 0xE0, 0xCE, 0x9A, 0x11, 0x8D,
0xBF, 0x4D, 0x8D, 0xF0, 0x44, 0xF6, 0x79, 0xFC,
0x4C, 0xAD, 0x17, 0x88, 0xC0, 0x8C, 0x0B, 0x7A,
0x90, 0x01, 0x53, 0x6C, 0x6B, 0x44, 0xF6, 0xE5,
0x2E, 0xEC, 0x44, 0x4F, 0xB8, 0x9B, 0x10, 0xBE,
0xCF, 0x55, 0x55, 0x29, 0x83, 0xB8, 0xD0, 0x25,
0x5B, 0xCE, 0x8F, 0xA5, 0xB7, 0x6C, 0xA7, 0x47,
0x65, 0xA9, 0xE9, 0x9B, 0xA5, 0xBC, 0x28, 0x1D,
0x9F, 0x1F, 0x5E, 0x97, 0x42, 0x10, 0x84, 0x92,
0xFB, 0x38, 0x0B, 0x2E, 0xAC, 0x79, 0x0A, 0x7D,
0x00, 0x2C, 0x35, 0xD0, 0x54, 0x0D, 0x28, 0xE7,
0xAB, 0x06, 0x02, 0xDA, 0x89, 0xA3, 0x06, 0x8E,
0x13, 0x9A, 0xA7, 0xCA, 0x48, 0x09, 0xB0, 0x48,
0x37, 0x08, 0xA7, 0x7D, 0xDA, 0xEB, 0x58, 0x64,
0x39, 0xB3, 0xF3, 0xB2, 0x4C, 0x00, 0x4B, 0xCB,
0x94, 0x36, 0xD4, 0x7C, 0x73, 0x45, 0xC8, 0x93,
0xE5, 0x2A, 0x11, 0xF0, 0xEF, 0x0C, 0xED, 0x5F,
0x8B, 0x0C, 0x86, 0xAD, 0x3A, 0x01, 0x07, 0x1A,
0xC0, 0x34, 0xE8, 0x74, 0x21, 0x27, 0x73, 0x56,
0x93, 0x76, 0x5D, 0x80, 0x59, 0xB4, 0xA4, 0xDC,
0x80, 0xE7, 0xCE, 0x70, 0x0E, 0x0F, 0xEC, 0x56,
0x42, 0x6E, 0x9C, 0x76, 0x3D, 0xF6, 0xB4, 0x41,
0xE2, 0x3E, 0xAC, 0x25, 0xE7, 0x86, 0xA7, 0xA7,
0x0A, 0x0D, 0x5D, 0x04, 0x1F, 0x45, 0xD4, 0x5B,
0x42, 0x38, 0x4C, 0x60, 0xE7, 0xB7, 0x0D, 0xC7,
0x28, 0x4F, 0xA5, 0x4E, 0x0C, 0x1B, 0xC4, 0xDA,
0x50, 0x1A, 0xA0, 0x93, 0xAE, 0x10, 0x9A, 0x1A,
0xC8, 0xC6, 0x56, 0xFC, 0x0A, 0xEA, 0x89, 0x3A,
0x28, 0x21, 0xE9, 0x52, 0x9D, 0xEB, 0x07, 0x68,
0xC1, 0x57, 0x32, 0x25, 0x1F, 0x93, 0x5D, 0x35,
0xB2, 0x4B, 0x58, 0x30, 0xAF, 0x51, 0xC6, 0x7D,
0x47, 0xD1, 0xA2, 0xAD, 0xDE, 0x75, 0x48, 0x84,
0x74, 0x19, 0x74, 0x18, 0xA0, 0x2C, 0xD8, 0xB2,
0xFE, 0x44, 0x78, 0x95, 0x6A, 0xBF, 0x56, 0x4D,
0x20, 0x79, 0xE7, 0xE2, 0xE3, 0x56, 0x69, 0xB3,
0xFA, 0xE1, 0xEB, 0xE6, 0x11, 0xAC, 0x18, 0xB3,
0x98, 0xC1, 0x04, 0x20, 0x96, 0x4B, 0xAD, 0xDE,
0x5B, 0x18, 0xEB, 0x7B, 0xBC, 0x15, 0x11, 0x57,
0x29, 0x10, 0xE5, 0x80, 0x78, 0x4A, 0xF0, 0x87,
0xF6, 0xD1, 0x3C, 0x23, 0xC5, 0xF4, 0x2D, 0xD7,
0xAB, 0xA4, 0xD7, 0xB8, 0x45, 0x8E, 0x04, 0x1B,
0x78, 0x59, 0x9F, 0x81, 0xE6, 0x04, 0xDF, 0x70,
0x2B, 0x14, 0x74, 0x16, 0x49, 0xDA, 0xF0, 0xE1,
0xC8, 0x29, 0xCC, 0x87, 0x8C, 0x2F, 0xFB, 0x18,
0x3B, 0x47, 0xFC, 0x79, 0x04, 0x84, 0xCB, 0x0A,
0xD2, 0x64, 0xBF, 0x86, 0xEA, 0x01, 0xAC, 0xE0,
0xBD, 0xEC, 0x3B, 0xE1, 0xA7, 0x6C, 0xDE, 0x1D,
0x58, 0x76, 0xCC, 0x53, 0x9E, 0xF6, 0xC6, 0xD4,
0x2C, 0x87, 0x92, 0xA2, 0x89, 0x27, 0x31, 0x33,
0x01, 0xA5, 0xA2, 0xE8, 0x8F, 0x13, 0x19, 0x0F,
0xFD, 0x73, 0xB9, 0x91, 0xBD, 0xB8, 0x80, 0x9A,
0xA3, 0xB1, 0x21, 0x6C, 0x91, 0x13, 0x8A, 0xAE,
0xC7, 0xCB, 0x67, 0x14, 0xD1, 0xC0, 0x28, 0x89,
0x04, 0x8C, 0x9F, 0xDE, 0xA0, 0x9A, 0x99, 0xA8,
0x61, 0xE6, 0x8F, 0x8E, 0x39, 0xEF, 0x6B, 0x5E,
0x84, 0x5F, 0x5D, 0x24, 0x37, 0x73, 0x9D, 0x75,
0xC4, 0xEF, 0xE2, 0xA1, 0xF2, 0xBC, 0x0D, 0xE1,
0x0D, 0xEC, 0xFA, 0xEE, 0xC1, 0x63, 0xC8, 0x2E,
0x7D, 0x85, 0x65, 0xC3, 0xF2, 0x0D, 0x8B, 0x73,
0xF9, 0x3B, 0x0B, 0x3D, 0x49, 0x8B, 0xFB, 0x16,
0x5B, 0x75, 0x48, 0x9B, 0x56, 0x0A, 0x83, 0x4C,
0x0D, 0x13, 0xB2, 0xB4, 0x25, 0xC7, 0x2C, 0xCB,
0xA7, 0x9E, 0xCA, 0x41, 0x44, 0x14, 0x9A, 0x03,
0xD3, 0x01, 0x8C, 0xB0, 0xD5, 0xA9, 0x36, 0xA4,
0x16, 0x21, 0x49, 0x0A, 0x99, 0xA1, 0x89, 0xA5,
0x91, 0x10, 0xA2, 0x1B, 0x3F, 0x98, 0x1E, 0x1C,
0x43, 0xAA, 0x9C, 0x16, 0x5A, 0xF0, 0x18, 0x64,
0x0F, 0x6A, 0xE3, 0x97, 0x83, 0x31, 0x4E, 0x84,
0xC9, 0xEA, 0xD8, 0x9F, 0xEA, 0x9E, 0xD6, 0xF2,
0x0E, 0x15, 0xA5, 0x48, 0x15, 0x8B, 0x10, 0x1D,
0x77, 0x78, 0x1B, 0x54, 0x03, 0xC1, 0x2C, 0xB1,
0xC8, 0x22, 0x11, 0x9D, 0xB8, 0x82, 0x94, 0x26,
0xA0, 0xED, 0x6C, 0xAD, 0xA8, 0x03, 0xC2, 0xED,
0x02, 0x74, 0x3E, 0x54, 0xBD, 0x77, 0xA6, 0x0B,
0x37, 0xFE, 0x04, 0xCD, 0x25, 0x10, 0x2D, 0x52,
0xC2, 0xD4, 0x5B, 0x9B, 0xAE, 0xFE, 0x35, 0x73,
0x16, 0x61, 0x84, 0x25, 0x1D, 0xBE, 0x95, 0x34,
0xA4, 0xF6, 0xB9, 0xA4, 0xF9, 0xAA, 0x5D, 0x1E,
0x49, 0xBB, 0x19, 0xD9, 0x64, 0xD7, 0x48, 0x1A,
0x0A, 0x93, 0xC3, 0x69, 0x13, 0x12, 0x68, 0xBB,
0x97, 0x97, 0xBD, 0x99, 0x69, 0xCE, 0xE6, 0xF5,
0x84, 0x7B, 0xCC, 0xE4, 0x7D, 0xD3, 0xCD, 0x8A,
0x7A, 0x4B, 0x98, 0xF4, 0x09, 0x9D, 0xEA, 0x5D,
0x4E, 0x1F, 0xE1, 0x1E, 0x6C, 0x48, 0xD3, 0x5E,
0x67, 0xD9, 0xFF, 0x64, 0x4D, 0xA7, 0x64, 0x7A,
0x01, 0xB2, 0xE9, 0x63, 0x14, 0x10, 0xB7, 0x08,
0x0C, 0xF9, 0x4D, 0x66, 0x48, 0x46, 0xE3, 0xC2,
0x48, 0x6B, 0x47, 0xCE, 0x00, 0x98, 0x92, 0x83,
0xF7, 0xE0, 0x1F, 0x96, 0xFA, 0x53, 0xD5, 0x49,
0x1C, 0xC7, 0x89, 0xB4, 0xA5, 0x4B, 0x63, 0xBF,
0xD2, 0x00, 0x79, 0xDD, 0xC1, 0x60, 0xAA, 0xF2,
0x0F, 0x47, 0xB9, 0x4F, 0x8A, 0x66, 0x05, 0x3D,
0x96, 0x36, 0x64, 0x48, 0x5F, 0x7E, 0x56, 0x2B,
0xB3, 0x47, 0xE2, 0x76, 0x64, 0x21, 0x65, 0x34,
0xFC, 0xDD, 0x2D, 0x4C, 0xE2, 0x99, 0x33, 0x04,
0xE4, 0x26, 0x15, 0x37, 0x6C, 0x32, 0xB9, 0x17
};
static const byte sk_44[] = {
0x86, 0xF0, 0x0C, 0x20, 0xE0, 0xDA, 0xEE, 0x5E,
0x1E, 0xDE, 0x71, 0x39, 0x49, 0x0C, 0xC8, 0xCF,
0xEF, 0xC9, 0xAB, 0x62, 0x3B, 0x8D, 0xEF, 0x0B,
0xD8, 0x03, 0x12, 0x5B, 0x4A, 0xB2, 0x83, 0x61,
0x73, 0x61, 0x49, 0x01, 0x0F, 0x94, 0x08, 0x30,
0x26, 0x02, 0x12, 0x63, 0x64, 0x15, 0x7A, 0x4D,
0xBA, 0xF5, 0x25, 0xA7, 0xAA, 0x0B, 0x7C, 0x3D,
0xCE, 0x05, 0x91, 0x95, 0xEF, 0x17, 0x2F, 0xE2,
0x5A, 0x03, 0x5E, 0x2E, 0x4D, 0xFA, 0xE7, 0x5F,
0xCD, 0x61, 0x34, 0xFB, 0x3D, 0x3C, 0x5C, 0x60,
0x1A, 0x6F, 0x09, 0xB5, 0x9D, 0xDD, 0x90, 0x53,
0xF6, 0x89, 0x50, 0xC2, 0xE1, 0xED, 0x0A, 0x61,
0x8F, 0xFA, 0xDC, 0x2D, 0xB2, 0x8B, 0xA1, 0x56,
0xAC, 0x5E, 0x0E, 0xF1, 0x3B, 0x1E, 0x22, 0x9F,
0xAA, 0x05, 0x96, 0xA3, 0x5E, 0x44, 0x86, 0xA8,
0xBA, 0x15, 0xD1, 0x11, 0x7D, 0xAA, 0xD0, 0xAA,
0x01, 0x27, 0x25, 0x04, 0x82, 0x89, 0xA4, 0x22,
0x2E, 0xDB, 0x80, 0x45, 0xD2, 0x30, 0x45, 0x59,
0x16, 0x64, 0xE2, 0x08, 0x86, 0x50, 0x00, 0x8E,
0xCA, 0x08, 0x51, 0x5A, 0x06, 0x01, 0x54, 0x82,
0x20, 0xC4, 0x92, 0x30, 0x02, 0x21, 0x4E, 0x0A,
0x93, 0x89, 0x84, 0xB8, 0x70, 0x24, 0x40, 0x51,
0x24, 0xB3, 0x44, 0xDB, 0x08, 0x40, 0x1B, 0x37,
0x44, 0x21, 0x22, 0x8E, 0x8C, 0x16, 0x42, 0x10,
0x22, 0x0E, 0xA1, 0xB2, 0x8D, 0x18, 0x49, 0x30,
0xC1, 0x32, 0x69, 0x21, 0x03, 0x8E, 0x49, 0x44,
0x08, 0xD3, 0x16, 0x89, 0x10, 0xA4, 0x25, 0x5C,
0x22, 0x8A, 0xC0, 0xC8, 0x08, 0xC1, 0x04, 0x6A,
0xD2, 0xA0, 0x50, 0x8A, 0x02, 0x52, 0x92, 0x16,
0x44, 0x54, 0x30, 0x4A, 0x92, 0x32, 0x0C, 0x4C,
0x44, 0x2D, 0x04, 0x15, 0x2A, 0x99, 0x24, 0x42,
0x52, 0xA8, 0x30, 0x53, 0x24, 0x85, 0x9A, 0xB8,
0x01, 0xE2, 0x08, 0x09, 0x23, 0x28, 0x08, 0xC4,
0x98, 0x85, 0x0B, 0xB9, 0x40, 0x60, 0x26, 0x28,
0x0A, 0x45, 0x12, 0x0C, 0x43, 0x84, 0x82, 0x16,
0x89, 0xC4, 0x48, 0x28, 0x58, 0x18, 0x2A, 0x20,
0x07, 0x02, 0xD3, 0x82, 0x45, 0x50, 0xB0, 0x50,
0x64, 0x36, 0x91, 0x52, 0x02, 0x45, 0x5A, 0x42,
0x26, 0x01, 0x28, 0x71, 0xD4, 0x86, 0x10, 0x19,
0xC4, 0x68, 0xC4, 0x30, 0x66, 0xE0, 0x02, 0x49,
0x18, 0x34, 0x05, 0x04, 0x02, 0x04, 0x90, 0x94,
0x4C, 0x01, 0xA7, 0x80, 0x12, 0x97, 0x08, 0x19,
0xC5, 0x41, 0x24, 0xC1, 0x61, 0x08, 0xB0, 0x0C,
0x21, 0xC1, 0x49, 0x9B, 0x42, 0x51, 0x62, 0x18,
0x22, 0x54, 0x06, 0x06, 0x93, 0x26, 0x70, 0x49,
0x86, 0x91, 0x00, 0x28, 0x6C, 0x02, 0xC9, 0x60,
0x13, 0xC3, 0x09, 0xCB, 0x14, 0x66, 0x09, 0x17,
0x25, 0x1C, 0x16, 0x89, 0x01, 0xB6, 0x01, 0x60,
0x86, 0x71, 0x58, 0x96, 0x04, 0x82, 0x38, 0x61,
0x43, 0x40, 0x72, 0xCC, 0x46, 0x71, 0x81, 0x20,
0x2C, 0x18, 0x20, 0x6E, 0x03, 0x91, 0x11, 0x9A,
0x08, 0x89, 0x43, 0x06, 0x48, 0x64, 0x02, 0x6C,
0x21, 0x33, 0x8D, 0x48, 0x16, 0x66, 0x9B, 0xA4,
0x2D, 0x01, 0x10, 0x66, 0xDC, 0xB0, 0x25, 0x40,
0xA0, 0x24, 0xA2, 0xB4, 0x44, 0xC8, 0x26, 0x61,
0x0A, 0x10, 0x4E, 0xD0, 0x04, 0x11, 0x4A, 0x82,
0x51, 0x03, 0x04, 0x6C, 0x18, 0x88, 0x6C, 0xE0,
0x98, 0x41, 0x11, 0x29, 0x06, 0x62, 0x12, 0x8E,
0xDA, 0x42, 0x91, 0x09, 0x48, 0x60, 0xD1, 0xB4,
0x80, 0x10, 0x30, 0x30, 0x80, 0x38, 0x82, 0xD0,
0x84, 0x0D, 0x08, 0x14, 0x92, 0x24, 0x41, 0x40,
0x0C, 0x10, 0x89, 0xCC, 0x38, 0x8A, 0x13, 0xB6,
0x89, 0x1A, 0xA7, 0x24, 0x5C, 0x10, 0x12, 0x1B,
0x21, 0x50, 0x91, 0xB4, 0x29, 0x99, 0xB6, 0x51,
0x04, 0xB1, 0x91, 0x59, 0xA6, 0x05, 0x19, 0x08,
0x4A, 0x4A, 0x84, 0x6C, 0x1C, 0x49, 0x02, 0x44,
0x20, 0x85, 0x14, 0xB1, 0x89, 0x09, 0x44, 0x2C,
0x10, 0x02, 0x22, 0xE1, 0xB4, 0x25, 0x01, 0x21,
0x71, 0x53, 0xC2, 0x85, 0x82, 0x88, 0x28, 0xC0,
0x02, 0x52, 0x19, 0xC5, 0x51, 0x19, 0xA5, 0x09,
0xC0, 0x82, 0x91, 0x21, 0x47, 0x0D, 0x1C, 0x30,
0x69, 0xDC, 0xB8, 0x6C, 0x04, 0x41, 0x6A, 0x91,
0x16, 0x40, 0xA0, 0xC8, 0x24, 0x1A, 0x10, 0x01,
0x04, 0x39, 0x25, 0x80, 0x16, 0x02, 0x63, 0x36,
0x71, 0x90, 0xB0, 0x8D, 0x44, 0x16, 0x8E, 0xDA,
0x16, 0x2E, 0xCB, 0x44, 0x20, 0x54, 0x38, 0x06,
0x54, 0xC4, 0x01, 0x51, 0x40, 0x86, 0x52, 0x44,
0x0E, 0x82, 0x02, 0x32, 0x21, 0x38, 0x89, 0x19,
0x04, 0x40, 0xD8, 0x12, 0x68, 0x21, 0x98, 0x11,
0x03, 0x33, 0x8A, 0x18, 0x00, 0x45, 0xCB, 0x22,
0x32, 0xC3, 0x04, 0x46, 0x09, 0x18, 0x51, 0x22,
0x44, 0x89, 0x13, 0x16, 0x6E, 0xDA, 0x46, 0x45,
0x09, 0x19, 0x41, 0x81, 0x10, 0x01, 0xDC, 0x18,
0x8E, 0xC8, 0x44, 0x4C, 0x00, 0x17, 0x82, 0x9C,
0xA6, 0x4D, 0xC8, 0x08, 0x10, 0x24, 0x42, 0x6D,
0x91, 0x38, 0x89, 0x8C, 0x40, 0x6E, 0x00, 0x35,
0x11, 0xD3, 0x24, 0x09, 0x1A, 0x01, 0x65, 0x88,
0x48, 0x45, 0x09, 0x01, 0x71, 0x43, 0xB8, 0x80,
0x11, 0x82, 0x2C, 0x84, 0xB8, 0x49, 0x58, 0x14,
0x28, 0x92, 0x20, 0x32, 0x09, 0x12, 0x05, 0x20,
0x81, 0x2D, 0x5B, 0x86, 0x11, 0x04, 0x90, 0x45,
0x49, 0x80, 0x40, 0xD1, 0xC8, 0x24, 0x98, 0xC2,
0x2C, 0x99, 0xA2, 0x30, 0x04, 0x98, 0x8C, 0x53,
0x24, 0x02, 0x8A, 0x04, 0x01, 0x4C, 0x28, 0x71,
0xC3, 0x86, 0x6C, 0x24, 0x49, 0x81, 0x04, 0x02,
0x28, 0x62, 0x44, 0x32, 0x61, 0x20, 0x28, 0x01,
0x04, 0x11, 0x0C, 0x09, 0x08, 0x90, 0x98, 0x84,
0x63, 0xB2, 0x45, 0x63, 0x38, 0x2E, 0x04, 0xA4,
0x0C, 0x18, 0x05, 0x4E, 0xCC, 0x86, 0x90, 0x43,
0x40, 0x91, 0x54, 0x02, 0x21, 0x43, 0x28, 0x42,
0x23, 0x94, 0x29, 0xC8, 0xA6, 0x91, 0x02, 0x09,
0x80, 0xE3, 0x82, 0x00, 0xC1, 0x34, 0x08, 0xD1,
0x34, 0x84, 0x12, 0x45, 0x8C, 0x02, 0xC6, 0x81,
0x41, 0xC6, 0x6C, 0x1B, 0x12, 0x24, 0x04, 0x08,
0x0D, 0x02, 0x00, 0x0C, 0x9C, 0xA2, 0x05, 0x49,
0x34, 0x65, 0x00, 0x06, 0x89, 0x88, 0x34, 0x00,
0xD8, 0x82, 0x29, 0x92, 0x12, 0x91, 0xE3, 0x36,
0x86, 0xD1, 0x80, 0x71, 0x98, 0xB0, 0x50, 0x48,
0xC6, 0x11, 0x14, 0x80, 0x0D, 0xA0, 0x12, 0x4D,
0x9B, 0xB2, 0x40, 0x21, 0x41, 0x50, 0x4B, 0x36,
0x05, 0x52, 0x10, 0x26, 0x19, 0xB2, 0x60, 0x92,
0xA2, 0x24, 0xCB, 0x08, 0x00, 0x14, 0x22, 0x49,
0x5A, 0xD0, 0x55, 0xBD, 0x2B, 0x45, 0xE4, 0x31,
0x41, 0xA8, 0xC3, 0xA3, 0xAD, 0xBD, 0xB6, 0x37,
0x92, 0x06, 0x95, 0x6B, 0x3D, 0xD8, 0xE5, 0x33,
0x71, 0xB6, 0x62, 0xB7, 0x67, 0x6C, 0x77, 0x84,
0x63, 0x2F, 0x41, 0x1D, 0xBA, 0x51, 0x27, 0xE1,
0x24, 0x5D, 0xC2, 0x38, 0x71, 0x65, 0x9E, 0x8E,
0xE4, 0xEB, 0xBB, 0x1D, 0x89, 0xEB, 0x18, 0xCA,
0x0C, 0xA6, 0x86, 0xA3, 0x4D, 0x7C, 0x7A, 0x02,
0xAC, 0xDD, 0x34, 0xCE, 0x05, 0x3B, 0x1B, 0x49,
0xF4, 0x6D, 0x12, 0x33, 0xBC, 0x52, 0x70, 0x59,
0xDF, 0xBC, 0x5D, 0x49, 0x42, 0x6A, 0xED, 0xC7,
0xF1, 0x8C, 0xF5, 0x6D, 0x1F, 0xBC, 0xE4, 0xBD,
0x45, 0x5D, 0x59, 0xF8, 0xCE, 0x9A, 0x39, 0xB5,
0x96, 0x32, 0xFD, 0x93, 0x65, 0x8E, 0x92, 0xF1,
0x8F, 0xB0, 0x99, 0xF3, 0x80, 0x0F, 0x66, 0x14,
0xFE, 0xEB, 0x23, 0x17, 0x2D, 0x4C, 0x8F, 0x41,
0x9A, 0x9B, 0xD1, 0x5B, 0x5B, 0xC0, 0x3D, 0xA6,
0x0E, 0xF3, 0xE0, 0xA1, 0x04, 0xDC, 0x24, 0x18,
0x9D, 0x90, 0xC6, 0x89, 0x5A, 0x7F, 0x10, 0x1E,
0x4B, 0x21, 0xEC, 0x91, 0xD8, 0x5D, 0x65, 0xDB,
0xCF, 0x90, 0x62, 0x85, 0xE9, 0x58, 0xA3, 0x47,
0x92, 0x1C, 0xD0, 0x0C, 0xA3, 0xF3, 0x3E, 0x36,
0xDB, 0x24, 0xA6, 0x98, 0xAB, 0xA7, 0x89, 0x2B,
0x71, 0x6C, 0x4D, 0x00, 0xB0, 0xD5, 0xA0, 0xCA,
0x1A, 0x76, 0x8E, 0x80, 0xB7, 0xAE, 0x83, 0x89,
0x50, 0xF8, 0xA7, 0x52, 0x8B, 0x94, 0xD2, 0x2B,
0x9F, 0x49, 0x92, 0x3D, 0x54, 0x0D, 0xB8, 0xD1,
0x19, 0x49, 0xAC, 0x91, 0xAF, 0xDB, 0xE9, 0x24,
0x4D, 0xD8, 0xE1, 0xD5, 0x16, 0x0E, 0xB1, 0x39,
0x40, 0x7D, 0x5F, 0xF5, 0x92, 0xB4, 0xAF, 0xC3,
0x76, 0x2B, 0xDB, 0x7D, 0x52, 0x97, 0x62, 0x9F,
0xCF, 0x32, 0x19, 0x5F, 0xE6, 0x32, 0xFB, 0x8E,
0x39, 0x24, 0xB4, 0xEB, 0xE9, 0x17, 0x9E, 0x47,
0x69, 0x4D, 0x92, 0x82, 0x96, 0x88, 0x38, 0x11,
0xCE, 0xD6, 0xBF, 0x18, 0xE3, 0x51, 0x40, 0x81,
0x11, 0xA0, 0x74, 0xDA, 0x0D, 0x5E, 0xEC, 0xD8,
0x5D, 0x33, 0x22, 0x1E, 0xB9, 0x5D, 0xBF, 0x79,
0xB0, 0xA1, 0xEF, 0xD1, 0x2D, 0xA0, 0x5F, 0xA1,
0xC7, 0x6E, 0xD5, 0x08, 0xB8, 0xD0, 0xC1, 0x95,
0x51, 0x9B, 0x07, 0xC3, 0x4A, 0x0A, 0xB5, 0xA1,
0x28, 0xFE, 0x95, 0x95, 0x0A, 0xCF, 0x83, 0xA8,
0xEB, 0x8F, 0xFB, 0x18, 0xD5, 0xBD, 0x69, 0x50,
0xF1, 0xDF, 0x06, 0xFA, 0x9A, 0x65, 0x47, 0xBB,
0x56, 0xE9, 0xCB, 0x8F, 0x69, 0x5F, 0xE0, 0xAD,
0x19, 0x3A, 0x70, 0xE5, 0x66, 0x42, 0xD7, 0x1C,
0x0C, 0xB4, 0x03, 0x89, 0x7D, 0x47, 0x4D, 0x29,
0x67, 0x8C, 0x41, 0x73, 0xAB, 0x7D, 0xFD, 0x69,
0x15, 0xAD, 0xE3, 0xB7, 0xF8, 0x98, 0x3B, 0xCA,
0x8F, 0x27, 0x37, 0x7B, 0x72, 0x2C, 0x5F, 0x23,
0x73, 0x15, 0xE2, 0xB6, 0xBD, 0xDE, 0x84, 0xF8,
0x7E, 0x22, 0xB9, 0xFD, 0xD3, 0x4D, 0x62, 0x80,
0xBA, 0xC5, 0x57, 0x29, 0x30, 0x1B, 0x06, 0x4D,
0x20, 0xB1, 0x53, 0x86, 0xCB, 0x6A, 0x4A, 0xE3,
0xC1, 0xA9, 0x88, 0xCF, 0xEB, 0x15, 0x2F, 0xA8,
0xA8, 0x6F, 0xFC, 0x2A, 0xA8, 0x0E, 0xD9, 0xFA,
0xEA, 0xD7, 0x3B, 0xCE, 0xF8, 0x5B, 0xD8, 0x92,
0x22, 0x6A, 0x1A, 0x8E, 0x5E, 0x91, 0x37, 0x2C,
0x21, 0x05, 0xC4, 0xAC, 0xF7, 0x62, 0x83, 0xBA,
0x55, 0xD5, 0x2C, 0xCE, 0xA1, 0x19, 0x93, 0x0E,
0xDE, 0xB6, 0xB8, 0x78, 0x0F, 0xBF, 0x4C, 0xA4,
0x66, 0xAD, 0x97, 0x2F, 0xEE, 0x34, 0xE9, 0xA2,
0xB6, 0x1D, 0x3C, 0x60, 0xFB, 0xB8, 0x7F, 0xF8,
0xFD, 0x34, 0x8C, 0xC5, 0xC7, 0x38, 0x72, 0x74,
0x19, 0xA9, 0xCF, 0x54, 0x49, 0x5B, 0xBA, 0x70,
0x12, 0xC1, 0x61, 0xDC, 0x32, 0x61, 0x49, 0x66,
0xF3, 0x57, 0xAA, 0x0F, 0xE6, 0x44, 0x9E, 0x8A,
0x19, 0x9C, 0x6B, 0x63, 0x2C, 0x14, 0x1E, 0xDD,
0x00, 0x27, 0xE3, 0x95, 0xE3, 0xE7, 0xD9, 0xFF,
0x30, 0x2D, 0x14, 0x19, 0x4F, 0x49, 0x20, 0x0B,
0x58, 0x2A, 0x23, 0x1C, 0xE2, 0xAD, 0x6B, 0x9C,
0x7B, 0xB6, 0x20, 0x63, 0x08, 0x24, 0x55, 0x04,
0x58, 0x1F, 0x0E, 0xBE, 0x2A, 0x6F, 0x79, 0x90,
0x9E, 0x15, 0x8F, 0x4B, 0xDB, 0xE2, 0xBE, 0xBC,
0x28, 0xB1, 0xC8, 0xFE, 0x00, 0x6D, 0x71, 0xCC,
0x91, 0x6A, 0xCC, 0xF8, 0x12, 0x8B, 0xEC, 0xF3,
0x46, 0x53, 0xB1, 0x7F, 0xB3, 0x79, 0xF0, 0xC7,
0xD7, 0xA5, 0xCF, 0x2C, 0xC3, 0x09, 0x66, 0x82,
0x53, 0x43, 0xFD, 0xAC, 0xDE, 0xD5, 0x85, 0xB3,
0x79, 0x74, 0x55, 0xE8, 0xF6, 0xE5, 0xFB, 0xF0,
0x63, 0x0C, 0x36, 0x63, 0x65, 0x10, 0x43, 0xC9,
0x60, 0x99, 0xD6, 0x0C, 0xB9, 0x66, 0x1C, 0xA9,
0x97, 0x4D, 0xDB, 0xA8, 0x13, 0x9E, 0xAE, 0xCA,
0x7A, 0x5F, 0xE3, 0x24, 0xA0, 0xEE, 0x8A, 0x9D,
0x7F, 0x03, 0x53, 0x21, 0x6B, 0xAF, 0x3D, 0xF9,
0x38, 0xF3, 0x7A, 0x1D, 0xDA, 0xE2, 0xEF, 0xBA,
0x86, 0x21, 0x85, 0x1F, 0x36, 0x08, 0x0B, 0xDA,
0x37, 0x5A, 0x0A, 0xD7, 0x55, 0x41, 0xD5, 0x84,
0x1B, 0x36, 0xA2, 0x50, 0x65, 0xD7, 0xF3, 0xA3,
0xEB, 0xE1, 0xDE, 0x0F, 0x85, 0xAA, 0xF6, 0x2F,
0xAB, 0xBB, 0xC8, 0xF1, 0x2A, 0xD1, 0x0A, 0x9B,
0xE4, 0x7B, 0xBC, 0x4D, 0x42, 0xD8, 0xA3, 0x4C,
0x07, 0x6A, 0x60, 0x3E, 0xE2, 0xDA, 0xE7, 0x00,
0xDF, 0x27, 0x94, 0xEF, 0x90, 0x99, 0x88, 0x2C,
0xCF, 0xAA, 0xE1, 0x71, 0x2D, 0xFD, 0x00, 0x9C,
0x55, 0xBF, 0xC4, 0x7A, 0x55, 0xE9, 0xE0, 0xB4,
0x7F, 0x3D, 0xE9, 0xB0, 0x01, 0xA7, 0x27, 0x23,
0x27, 0x58, 0x31, 0x0E, 0x8E, 0x80, 0xD8, 0xEB,
0x64, 0xA0, 0xC3, 0xC9, 0xEA, 0x69, 0x9C, 0x74,
0x5E, 0xAF, 0xD5, 0xEF, 0x5C, 0x4E, 0x40, 0x71,
0xD6, 0x57, 0x77, 0xE2, 0xAF, 0x0E, 0x1D, 0xB8,
0x5A, 0x91, 0x20, 0x4C, 0x33, 0x4D, 0xD8, 0x4F,
0x98, 0xE0, 0x86, 0x1D, 0x02, 0xA0, 0xDA, 0x06,
0x17, 0xC4, 0x5D, 0x2E, 0x49, 0x31, 0xE6, 0xE4,
0xDC, 0x18, 0x23, 0x26, 0xF3, 0x61, 0xF5, 0x8D,
0x26, 0x2C, 0x18, 0x4C, 0xDF, 0x71, 0x90, 0x24,
0x96, 0xD3, 0xD4, 0x1A, 0x6F, 0x08, 0xAB, 0x29,
0x7D, 0xFF, 0x4E, 0x27, 0x6D, 0x39, 0x83, 0x17,
0x90, 0xA4, 0x07, 0x8A, 0xDE, 0x79, 0x53, 0xF6,
0x99, 0x2E, 0xA6, 0x39, 0x47, 0xC3, 0xBE, 0x12,
0xC7, 0xA5, 0x7E, 0xA2, 0x19, 0x57, 0x04, 0x45,
0xBE, 0x44, 0x62, 0x92, 0xCA, 0x56, 0xE1, 0xF0,
0x45, 0x3B, 0xA4, 0xF8, 0xF5, 0xCD, 0xC7, 0xD2,
0xB2, 0x46, 0x57, 0x51, 0x0B, 0x06, 0xDA, 0x54,
0x03, 0x9E, 0x52, 0xA2, 0x78, 0x69, 0x25, 0x2E,
0x75, 0x83, 0x25, 0x3F, 0xA3, 0x62, 0x27, 0xB9,
0xA6, 0x59, 0x7A, 0xB1, 0xB6, 0xE9, 0xC1, 0xDD,
0x2F, 0x22, 0x2D, 0x3B, 0xA3, 0x22, 0xD6, 0x11,
0x7B, 0x08, 0x27, 0x92, 0x83, 0x7A, 0x5D, 0x0D,
0x6B, 0x9D, 0x5B, 0xEB, 0xE9, 0xC0, 0x88, 0xDE,
0x44, 0x55, 0xBA, 0x69, 0xC1, 0x7A, 0x4D, 0xE6,
0x35, 0x67, 0x6F, 0x99, 0x9B, 0x07, 0xD8, 0x04,
0xAA, 0xEA, 0x7D, 0xFF, 0x8E, 0xB8, 0xAA, 0x4C,
0x79, 0xE2, 0x88, 0xA8, 0x1D, 0xE8, 0xA6, 0x77,
0xCA, 0x06, 0xC0, 0xDF, 0x0E, 0x2B, 0xCB, 0xFF,
0x9F, 0x64, 0x67, 0x11, 0xF1, 0xB9, 0x38, 0x83,
0x19, 0x05, 0x30, 0x9B, 0x01, 0x11, 0x55, 0x03,
0xAD, 0x44, 0x7D, 0x3C, 0x07, 0xEF, 0x88, 0x19,
0x92, 0xC0, 0xFE, 0xE1, 0xAB, 0xDB, 0x24, 0x18,
0x17, 0xD0, 0x03, 0x5C, 0x91, 0xD4, 0xA6, 0x2A,
0xF1, 0xE9, 0x72, 0x62, 0x58, 0x22, 0x7D, 0x55,
0x15, 0xE2, 0xA1, 0x70, 0x14, 0x5E, 0x34, 0xB9,
0x5A, 0xB7, 0x5D, 0x3F, 0xB8, 0xB5, 0x45, 0x44,
0xD2, 0x50, 0xD1, 0xC6, 0x7E, 0xE7, 0x3D, 0xF4,
0xD3, 0xEC, 0xFB, 0x97, 0x32, 0x11, 0x72, 0x51,
0xB7, 0x4A, 0xC8, 0x38, 0x96, 0xFC, 0x6F, 0x69,
0xC2, 0xD5, 0xD3, 0x28, 0xE9, 0x63, 0x14, 0x14,
0xFE, 0xB1, 0xA4, 0x02, 0x80, 0x65, 0x73, 0xD3,
0x57, 0x07, 0x95, 0x21, 0x40, 0x00, 0x77, 0xA7,
0x6D, 0x44, 0x2B, 0x0D, 0x77, 0x07, 0x92, 0x64,
0xD4, 0x3A, 0xE2, 0x7F, 0xF2, 0x1C, 0x14, 0x08,
0x60, 0x74, 0x8F, 0xFC, 0x0B, 0xE8, 0xEC, 0xA9,
0xB7, 0x97, 0xA7, 0x85, 0x8A, 0xEF, 0xD7, 0x7E,
0xD5, 0x15, 0xF7, 0x45, 0x8D, 0x9C, 0xBF, 0x23,
0xEB, 0x8C, 0x4D, 0xD2, 0x28, 0x7E, 0x0A, 0x61,
0x2E, 0xBA, 0xBE, 0x89, 0x1D, 0x64, 0x45, 0x22,
0x70, 0x9D, 0x48, 0xEB, 0x2F, 0x96, 0xF1, 0xA7,
0xDE, 0xD3, 0x28, 0x4C, 0xC9, 0xFB, 0xF2, 0x9C,
0x5B, 0xFC, 0xBE, 0xBE, 0xF4, 0x38, 0xC9, 0x43,
0xC3, 0x66, 0x53, 0xA9, 0x06, 0xE5, 0x71, 0x16,
0xA4, 0xBB, 0x3B, 0x50, 0x53, 0xCF, 0xF4, 0x1F,
0xD6, 0x00, 0x07, 0x46, 0xFB, 0x97, 0x0B, 0xF9,
0x3D, 0xF4, 0xC6, 0x60, 0xD0, 0x37, 0x70, 0xC0,
0x2D, 0xD1, 0x9F, 0xA5, 0x78, 0xF3, 0x1F, 0x03,
0x81, 0xB1, 0x93, 0xBA, 0xE5, 0x82, 0xE6, 0xD1,
0x66, 0x93, 0x83, 0x5B, 0xB9, 0xAD, 0xD9, 0x01,
0xA5, 0xB6, 0x5C, 0x69, 0x82, 0xD7, 0x2F, 0x35,
0x35, 0x98, 0xEE, 0xE9, 0xA0, 0x74, 0xC1, 0x91,
0x44, 0x0A, 0x04, 0xCD, 0x97, 0xBE, 0x6B, 0x60,
0x90, 0x9A, 0x48, 0x7B, 0x83, 0xA2, 0x28, 0x97,
0xB5, 0xBA, 0xB1, 0x4D, 0x35, 0x8B, 0x34, 0x0A,
0xA1, 0xCB, 0xA5, 0xC2, 0xA4, 0x6A, 0x36, 0xB3,
0x12, 0x46, 0x59, 0xDB, 0x63, 0xE5, 0xF9, 0xF1,
0x7F, 0xAD, 0x42, 0xF4, 0x24, 0xF0, 0x02, 0x3D,
0x1E, 0x6C, 0xD5, 0xB3, 0x06, 0x8F, 0x1F, 0x59,
0x79, 0xCC, 0xF9, 0x5B, 0x4F, 0x8B, 0xD6, 0x03,
0xC7, 0x53, 0xE6, 0xCE, 0xBB, 0xD8, 0x52, 0x89,
0x70, 0x5D, 0x98, 0x86, 0xA5, 0x9E, 0x44, 0xA9,
0xC8, 0x17, 0xA2, 0x6F, 0x43, 0x2D, 0x8D, 0xA7,
0xDE, 0x3E, 0xFA, 0xE7, 0x98, 0x7B, 0xB5, 0xBE,
0x7B, 0x10, 0xB8, 0xB8, 0xA5, 0x3D, 0x3E, 0xCD,
0x94, 0x19, 0x5E, 0x06, 0x51, 0xB8, 0x58, 0x1E,
0x0E, 0xCF, 0xFE, 0xE5, 0xED, 0x84, 0xB5, 0xF5,
0x0F, 0x34, 0x32, 0xAC, 0x0A, 0x7F, 0x03, 0xF0,
0xF8, 0xFC, 0x69, 0xA0, 0x26, 0x0D, 0x2E, 0xFA,
0x62, 0x49, 0x5C, 0xC4, 0xE5, 0xF6, 0x8B, 0xC5,
0x26, 0x21, 0x23, 0x3B, 0xBD, 0x9A, 0x23, 0x95,
0x69, 0xA7, 0x48, 0x94, 0x30, 0x1E, 0xC3, 0x82,
0xB6, 0x75, 0x30, 0xA6, 0xF3, 0x1E, 0xBB, 0xBC,
0xF7, 0x21, 0x27, 0x12, 0x2C, 0x51, 0x50, 0x55,
0x87, 0x0D, 0xF1, 0xCC, 0x6C, 0xFF, 0xEA, 0x7E,
0x2C, 0xDA, 0x8B, 0x9B, 0x20, 0xF4, 0x75, 0xFB,
0xC2, 0x3F, 0xBE, 0x09, 0xA6, 0xC9, 0x26, 0xE7,
0xB5, 0xC7, 0xE6, 0xB9, 0x35, 0x8C, 0xAF, 0xFA,
0xC0, 0x8D, 0x43, 0x33, 0x25, 0xBA, 0xAA, 0xDC,
0xCF, 0xBC, 0xE4, 0xC4, 0xC6, 0x26, 0x4A, 0x0D,
0x9D, 0xCC, 0x2A, 0xE0, 0x5B, 0x1E, 0xC9, 0x78,
0xF8, 0xA2, 0xB5, 0x46, 0xE5, 0x49, 0xB8, 0x4C,
0xC2, 0x22, 0x40, 0xCE, 0x97, 0x9A, 0x95, 0x40,
0xF7, 0xD6, 0x52, 0x54, 0x3B, 0xBB, 0x42, 0xC5,
0x6F, 0x00, 0x7F, 0x83, 0xDD, 0x88, 0x71, 0xF7,
0xD4, 0x1B, 0x3D, 0x81, 0xC4, 0xB1, 0x49, 0x9B,
0xF3, 0x68, 0x15, 0xC5, 0x15, 0x97, 0x0F, 0xC5,
0x43, 0xDD, 0x07, 0xBE, 0x98, 0x43, 0x2C, 0xB3,
0xEF, 0x08, 0xCA, 0xDC, 0x9C, 0x27, 0x58, 0xFE,
0x49, 0xE9, 0x77, 0xD9, 0x1C, 0x62, 0xA4, 0xA2,
0xF9, 0x78, 0xCC, 0xB3, 0x21, 0x06, 0x10, 0xDE,
0x5A, 0x52, 0xA3, 0x67, 0xBD, 0x5E, 0xBC, 0x9B,
0x4E, 0x40, 0x87, 0x93, 0xCF, 0x0E, 0x27, 0x0E,
0xE3, 0x11, 0x4B, 0xB3, 0xE0, 0xCE, 0x24, 0xB6,
0x0A, 0x53, 0x03, 0xF8, 0x01, 0x6A, 0x7E, 0xFE,
0xC8, 0x66, 0x9F, 0x29, 0xF3, 0x45, 0x94, 0xD6,
0x0E, 0x30, 0xB5, 0x61, 0xA9, 0xEC, 0x8F, 0x71,
0xF7, 0x36, 0xD6, 0x43, 0x4B, 0x0C, 0xCD, 0x45,
0xBB, 0xA4, 0xBD, 0xE9, 0xA9, 0xC3, 0xC1, 0x95,
0x1E, 0xF9, 0x42, 0x07, 0x18, 0xEA, 0xF5, 0x0B,
0x27, 0xB6, 0xDE, 0xEF, 0x67, 0x33, 0x83, 0x0D,
0xD9, 0x5E, 0x3A, 0x93, 0xD2, 0xD0, 0xDB, 0xB9,
0x98, 0xF0, 0x25, 0x21, 0xF3, 0xDF, 0x0B, 0x1E
};
#endif /* !WOLFSSL_NO_ML_DSA_44 */
#ifndef WOLFSSL_NO_ML_DSA_65
static const byte seed_65[] = {
0x41, 0xAF, 0x98, 0x7B, 0x02, 0x6E, 0x47, 0x5F,
0x37, 0x91, 0x7F, 0x2A, 0x6A, 0x9A, 0x87, 0xE7,
0x51, 0xAD, 0xF9, 0x5B, 0x92, 0x7F, 0x2D, 0xCE,
0xF0, 0xD4, 0xF3, 0xDA, 0x8F, 0x8C, 0x86, 0x6B
};
static const byte pk_65[] = {
0xDC, 0x38, 0xE5, 0x5F, 0xDF, 0x2E, 0x9D, 0xD4,
0x34, 0x5C, 0xAE, 0x1A, 0x7D, 0xF4, 0x2E, 0x2E,
0xBC, 0x58, 0x57, 0x80, 0x55, 0x02, 0xE4, 0x3F,
0xA5, 0x19, 0x41, 0xE4, 0x44, 0x58, 0x66, 0x41,
0x39, 0x5D, 0xF9, 0x20, 0x6C, 0x36, 0x0D, 0x4F,
0x83, 0x43, 0xBE, 0x86, 0xEF, 0x6C, 0x43, 0xD0,
0x3E, 0xD0, 0x63, 0x0A, 0x5B, 0x92, 0x8D, 0x31,
0x19, 0x1D, 0xA9, 0x51, 0x61, 0x48, 0xE6, 0x26,
0x50, 0x07, 0x54, 0x9B, 0xB0, 0xB7, 0x62, 0x54,
0xDB, 0x80, 0x4E, 0x48, 0x7F, 0x48, 0xC5, 0x11,
0x91, 0xFC, 0xA9, 0x26, 0x25, 0x08, 0xA5, 0x99,
0xA0, 0x3C, 0xB9, 0x0C, 0xCF, 0x6C, 0xCD, 0x83,
0x9A, 0x38, 0x6D, 0x22, 0xDE, 0x0A, 0xC3, 0x8F,
0xF7, 0xD0, 0x57, 0x40, 0x53, 0xE9, 0xE9, 0x4E,
0x73, 0xFA, 0x58, 0x40, 0x9F, 0x6D, 0x8A, 0xD3,
0x6F, 0x86, 0x84, 0x4D, 0x18, 0xD7, 0x4C, 0x76,
0x39, 0x57, 0x9E, 0xC0, 0xC7, 0xE4, 0xEE, 0x54,
0xF4, 0xAD, 0x10, 0xC5, 0x69, 0x59, 0xE0, 0xBC,
0x9B, 0xF4, 0x20, 0x8F, 0xBA, 0x0A, 0x94, 0x10,
0x55, 0x07, 0x7E, 0xD1, 0xF9, 0x20, 0xCC, 0x2F,
0xA9, 0xAE, 0x9D, 0xF5, 0xE4, 0x29, 0x40, 0x7E,
0x44, 0xA4, 0xDF, 0xB2, 0xE9, 0x25, 0xE0, 0xBA,
0x8D, 0x6C, 0x33, 0x88, 0x9C, 0xEE, 0x27, 0xDB,
0xC7, 0x0A, 0x6E, 0x5A, 0x08, 0x92, 0x9B, 0x53,
0xF8, 0xFD, 0xF9, 0x5B, 0xEB, 0x03, 0x8E, 0x45,
0xCB, 0x91, 0x19, 0x4E, 0x6B, 0x1E, 0xA0, 0xA4,
0xF0, 0x43, 0xC9, 0x8F, 0xDF, 0x93, 0x5E, 0x86,
0xB0, 0x09, 0xD3, 0x47, 0x38, 0x7C, 0x8E, 0x78,
0x85, 0x71, 0x3D, 0x07, 0x2E, 0x2E, 0x12, 0x6F,
0x06, 0x97, 0x0E, 0x54, 0xAD, 0x71, 0x09, 0xEF,
0xA5, 0x55, 0x0A, 0x39, 0x86, 0xE6, 0x17, 0x17,
0x70, 0x9A, 0xA7, 0xA7, 0x1B, 0xCE, 0x78, 0x06,
0x2C, 0x61, 0x1A, 0xB9, 0x48, 0x22, 0x41, 0x45,
0x15, 0xEB, 0x10, 0x3C, 0x6E, 0x24, 0x37, 0xA4,
0xB5, 0xE8, 0x82, 0x4D, 0x6D, 0xCC, 0x44, 0xC6,
0xB0, 0x5D, 0xBE, 0x46, 0xDA, 0x5F, 0x00, 0x36,
0x5B, 0xBD, 0x87, 0x65, 0x3A, 0x96, 0x21, 0x58,
0x45, 0x65, 0xDB, 0xD8, 0x77, 0x76, 0x7B, 0x25,
0xC3, 0x78, 0x6E, 0xD9, 0x14, 0xA7, 0x19, 0x69,
0x4F, 0xBB, 0x1B, 0xDB, 0x37, 0xCE, 0xAF, 0x8C,
0x88, 0x2E, 0x9E, 0x30, 0xF6, 0xAE, 0x43, 0xCC,
0x59, 0x0F, 0x67, 0x8A, 0xCB, 0x4F, 0x08, 0x20,
0x6D, 0x99, 0xD7, 0xA9, 0xDE, 0xE5, 0xE5, 0xB3,
0xFF, 0xAA, 0x45, 0x3C, 0xF1, 0xE3, 0x02, 0x7D,
0x2F, 0xEE, 0x69, 0x04, 0x81, 0x73, 0x01, 0x37,
0x51, 0x68, 0xC8, 0x0B, 0x51, 0xFD, 0x05, 0xB4,
0x05, 0xBB, 0xA1, 0xDB, 0x1D, 0xF6, 0x5F, 0x70,
0xD3, 0x0A, 0x37, 0x4B, 0x9C, 0xC4, 0x45, 0x30,
0x11, 0x36, 0xE2, 0x48, 0x9F, 0xC4, 0x2E, 0x4E,
0x0C, 0x0C, 0xA1, 0x04, 0x41, 0x75, 0x95, 0xAA,
0xED, 0xAC, 0xD4, 0xB2, 0xE7, 0x85, 0x7E, 0xE1,
0xA6, 0xFE, 0x2A, 0x09, 0x19, 0x09, 0x3D, 0x7C,
0x20, 0x1E, 0x98, 0x3D, 0x6E, 0x02, 0xC1, 0xCA,
0xBB, 0x24, 0x82, 0x9F, 0x45, 0x1D, 0x26, 0x99,
0xAE, 0x02, 0x82, 0xF9, 0x86, 0x3B, 0x67, 0x8C,
0xBD, 0xFE, 0xF1, 0xD0, 0xB6, 0xB8, 0xAB, 0x00,
0x0F, 0xEC, 0x30, 0xDC, 0x27, 0x58, 0xE2, 0x29,
0x18, 0x05, 0x5A, 0x66, 0xA5, 0x88, 0x39, 0x8E,
0x49, 0x5B, 0xB9, 0x52, 0x43, 0x84, 0xDC, 0xA9,
0x50, 0x2B, 0x83, 0x3C, 0x84, 0x81, 0x37, 0x52,
0x30, 0x79, 0xBD, 0x04, 0xB8, 0xDD, 0x47, 0xC1,
0x02, 0x2E, 0xEC, 0x24, 0xD0, 0x56, 0x23, 0xE1,
0x92, 0xD0, 0x65, 0x7F, 0xC7, 0xC2, 0xF7, 0x60,
0x73, 0xB8, 0xAF, 0x0A, 0xF4, 0xEF, 0xFC, 0x1B,
0xC2, 0xB9, 0x76, 0x87, 0x8A, 0xA6, 0xC2, 0x3F,
0xD3, 0x9F, 0x1F, 0x2D, 0x94, 0xBC, 0x89, 0x4E,
0x31, 0x8D, 0x28, 0xD0, 0x90, 0xB5, 0x5B, 0x60,
0x30, 0xC6, 0x0B, 0x37, 0x63, 0x5D, 0xDC, 0xC6,
0xE0, 0x1A, 0xBA, 0x6B, 0x23, 0xCD, 0x2E, 0x09,
0x2D, 0x6A, 0x7E, 0x0C, 0xD9, 0x4F, 0xB1, 0xE2,
0x89, 0x67, 0xE7, 0xB1, 0x54, 0x08, 0xB2, 0xFA,
0x83, 0x43, 0x7C, 0x77, 0x06, 0xED, 0xE2, 0x29,
0x53, 0xB7, 0x09, 0xC4, 0x1B, 0x81, 0x55, 0x12,
0x41, 0x8E, 0x8B, 0x03, 0x36, 0xEE, 0x45, 0x70,
0x57, 0xA8, 0x73, 0xEF, 0x70, 0x7B, 0x1F, 0x63,
0xB0, 0xE8, 0x00, 0xBD, 0x1E, 0xE6, 0xA9, 0x93,
0x9D, 0x03, 0x19, 0x22, 0xDF, 0xE1, 0x01, 0xF2,
0xA9, 0x6B, 0x90, 0x5C, 0xD2, 0xC1, 0xAC, 0x9F,
0xB2, 0x21, 0x1C, 0x2D, 0xC6, 0x80, 0x9A, 0xB5,
0x1E, 0x46, 0x95, 0x6C, 0xCE, 0x47, 0x3E, 0x67,
0xCD, 0xD6, 0xC9, 0xB9, 0x81, 0x74, 0x7F, 0x17,
0xA3, 0xF7, 0x48, 0x99, 0xF3, 0x36, 0x84, 0xF3,
0x16, 0x41, 0x55, 0x5F, 0xA7, 0xBF, 0x4B, 0x69,
0x8D, 0xA3, 0x3D, 0x1E, 0xEA, 0xF5, 0x1E, 0xC6,
0xB8, 0x1C, 0xD6, 0x89, 0x45, 0x68, 0xFA, 0xE7,
0xCA, 0x86, 0xE4, 0xB1, 0xC9, 0x9C, 0xB2, 0xAB,
0x89, 0x03, 0xE7, 0x19, 0x7B, 0xA9, 0xF2, 0x6B,
0x4A, 0x43, 0x1D, 0x90, 0xAF, 0xA4, 0xE3, 0xBC,
0xEF, 0xD4, 0x37, 0xC5, 0x55, 0x5C, 0x9E, 0x14,
0xC6, 0x18, 0xDD, 0x45, 0x3F, 0x80, 0x49, 0x1C,
0x93, 0xFF, 0xBD, 0xDD, 0x75, 0x54, 0x0B, 0xD1,
0xA9, 0xF6, 0xBC, 0x89, 0x98, 0x7D, 0x6F, 0x03,
0x7B, 0x06, 0xD5, 0x40, 0x7D, 0x85, 0x48, 0x2E,
0x11, 0x3E, 0xF0, 0x47, 0x77, 0xD0, 0xBA, 0x03,
0x33, 0x58, 0xC4, 0x8F, 0x76, 0xF8, 0x72, 0x47,
0x04, 0x21, 0x5E, 0x85, 0x5A, 0x0F, 0x35, 0x77,
0xFB, 0x96, 0x29, 0x81, 0x2D, 0x55, 0x6E, 0x53,
0xC6, 0x13, 0x1E, 0xFA, 0x4D, 0xCE, 0xA9, 0x36,
0x1D, 0x8F, 0xAB, 0xAC, 0x13, 0x19, 0x94, 0xFC,
0x4B, 0xCD, 0x36, 0x4C, 0x6E, 0x21, 0xAE, 0xF1,
0x13, 0xA4, 0xF7, 0x64, 0x8E, 0xE1, 0xAF, 0x50,
0x6A, 0x63, 0x0E, 0xCA, 0x2F, 0xE9, 0x0C, 0x8A,
0xE7, 0xF2, 0xE3, 0x68, 0x03, 0xE0, 0x40, 0x1C,
0x64, 0xAB, 0xC3, 0xEC, 0xC0, 0x92, 0xE9, 0x57,
0x3E, 0x66, 0x72, 0x36, 0x39, 0x22, 0x4E, 0xCD,
0x13, 0x08, 0xBA, 0xF8, 0x2B, 0xA1, 0xF2, 0x69,
0x44, 0x7E, 0x90, 0x5C, 0xC8, 0xEC, 0xB6, 0xBE,
0x8C, 0x30, 0xE0, 0x69, 0xB7, 0x97, 0xA1, 0x1C,
0x18, 0xE5, 0x54, 0x62, 0xC3, 0x29, 0x99, 0x21,
0x16, 0xD9, 0x78, 0x1C, 0x4C, 0x9C, 0x88, 0x4C,
0xA5, 0xE1, 0x11, 0x66, 0x5B, 0x6E, 0x71, 0xE7,
0xE2, 0xE7, 0xE4, 0x02, 0xDD, 0x1A, 0x8D, 0x0C,
0xF5, 0x32, 0xFD, 0x41, 0x28, 0x35, 0x75, 0xD0,
0x0C, 0x5F, 0x06, 0x6A, 0x5A, 0x61, 0x49, 0x59,
0xC1, 0x0C, 0xD4, 0x9E, 0xD6, 0x29, 0xE2, 0x37,
0xDF, 0x2B, 0x3D, 0xE8, 0x98, 0xB9, 0xDF, 0x8E,
0xA0, 0xC4, 0xE2, 0xFC, 0x45, 0x70, 0xE8, 0x1B,
0xF4, 0xFA, 0xC5, 0xE6, 0xA7, 0xCF, 0x4F, 0xA2,
0xDA, 0x3D, 0x90, 0x49, 0x24, 0x8F, 0x61, 0x54,
0xD5, 0x50, 0x8E, 0xE8, 0x0C, 0x14, 0xAD, 0x6F,
0x65, 0x88, 0x3A, 0xF6, 0x92, 0xDB, 0x35, 0x5D,
0xFF, 0x21, 0x20, 0xAC, 0x01, 0x16, 0x0B, 0xEC,
0x84, 0x15, 0x3B, 0xA9, 0x93, 0x92, 0x75, 0xB3,
0x73, 0xF1, 0x23, 0x69, 0x94, 0x10, 0xF5, 0xFE,
0x20, 0xA8, 0xAF, 0x05, 0x87, 0x49, 0x4E, 0x9C,
0xEB, 0x21, 0x0A, 0xCF, 0x0B, 0xA1, 0x65, 0x38,
0xA6, 0x18, 0x4D, 0xF7, 0xD8, 0xC1, 0x2C, 0x14,
0x4C, 0xD9, 0x40, 0xC2, 0xF7, 0xBF, 0xE3, 0x07,
0x79, 0x55, 0xAE, 0xB9, 0xB6, 0x50, 0x06, 0x92,
0x94, 0x8C, 0x6A, 0x0E, 0x22, 0x14, 0xE2, 0xCC,
0x65, 0xBA, 0x0C, 0x4D, 0xB6, 0x5C, 0x4A, 0xE9,
0x0A, 0x08, 0x0C, 0xF9, 0x26, 0xA2, 0x51, 0x85,
0x36, 0xE2, 0xC1, 0xF1, 0x0A, 0x66, 0x51, 0x66,
0x7A, 0x98, 0x9B, 0x2C, 0x30, 0x1A, 0x0D, 0x49,
0x3C, 0x1E, 0xEC, 0x63, 0x53, 0x5E, 0xD9, 0xDD,
0x84, 0x69, 0xCD, 0x7E, 0x79, 0x58, 0x3D, 0x6E,
0xD9, 0x98, 0x58, 0xD8, 0x0A, 0x48, 0xB5, 0x13,
0x3F, 0x72, 0x4C, 0x11, 0x90, 0x15, 0x12, 0x74,
0xFF, 0x5C, 0x0D, 0xC6, 0x20, 0x8C, 0xC1, 0x99,
0xCA, 0x8E, 0xFC, 0xA2, 0xE8, 0xB8, 0xEE, 0xAA,
0x27, 0xC2, 0x97, 0x8D, 0xFA, 0xBE, 0xE0, 0x43,
0x99, 0xB6, 0x90, 0x60, 0x00, 0x7C, 0x33, 0xD4,
0x87, 0x71, 0x7B, 0x56, 0x6C, 0xAA, 0xE0, 0xAC,
0x9D, 0x7E, 0x7E, 0xA3, 0xCF, 0xBB, 0xB3, 0xA0,
0x5F, 0xD4, 0xC4, 0x3A, 0xA7, 0xB9, 0x0C, 0xCE,
0xF3, 0x05, 0x09, 0x91, 0xA7, 0xE9, 0x11, 0x55,
0x32, 0x45, 0xA6, 0x08, 0x0E, 0x10, 0x37, 0x91,
0xF3, 0xBF, 0xED, 0x64, 0x26, 0xEB, 0x39, 0xC2,
0x57, 0xAE, 0x64, 0x79, 0x33, 0x7C, 0x51, 0xB2,
0xC8, 0x85, 0xE0, 0xF9, 0x6D, 0x10, 0x52, 0x9F,
0x72, 0xF4, 0xD1, 0x5B, 0x54, 0x5B, 0x93, 0x28,
0x36, 0xA8, 0xCD, 0xB3, 0x30, 0x5B, 0x7A, 0xB0,
0xB6, 0xF0, 0xD8, 0xA0, 0xBA, 0x24, 0x59, 0x5F,
0x43, 0x02, 0x01, 0x57, 0x91, 0x7B, 0x94, 0x07,
0x63, 0x23, 0x12, 0x94, 0xFB, 0x9F, 0xF2, 0xC1,
0xD6, 0x80, 0x8F, 0x4E, 0xA7, 0x9E, 0x11, 0xD8,
0xB3, 0x08, 0xB6, 0x3B, 0x3B, 0xF2, 0xEE, 0x14,
0xA5, 0xDB, 0xB0, 0xBB, 0x17, 0xA5, 0x96, 0x3C,
0x2F, 0xB9, 0xE7, 0x4A, 0xD7, 0x52, 0x34, 0x98,
0xCB, 0x0C, 0xEB, 0x42, 0x5B, 0x2D, 0x2D, 0x2B,
0x0D, 0x94, 0x66, 0xD3, 0xAD, 0x08, 0x0A, 0x28,
0xF6, 0x0E, 0xDA, 0xD4, 0x54, 0xFD, 0xC6, 0x48,
0x08, 0xA1, 0x8D, 0xB0, 0x30, 0xFD, 0x18, 0xB1,
0x50, 0xB1, 0xFD, 0xE0, 0x6E, 0x33, 0x25, 0x0D,
0x90, 0xB1, 0xC1, 0xE7, 0x88, 0x74, 0x87, 0x05,
0xE7, 0xBE, 0xBD, 0xAA, 0x8C, 0x6D, 0xC2, 0x3D,
0x6F, 0x95, 0x84, 0xFA, 0x03, 0x74, 0x85, 0xE1,
0xED, 0xE5, 0xF4, 0xE8, 0x26, 0x4A, 0x0B, 0x20,
0x87, 0xB6, 0xE1, 0x10, 0x75, 0x6D, 0x9F, 0x95,
0x39, 0x4C, 0x0F, 0x50, 0x1B, 0xA8, 0x69, 0x82,
0xBB, 0xE2, 0xD6, 0x11, 0xD7, 0xBE, 0xFB, 0x4F,
0x60, 0xD3, 0x16, 0xC6, 0x04, 0x3A, 0x5A, 0xF5,
0x78, 0x9B, 0x0B, 0x21, 0xA1, 0x00, 0x96, 0xCD,
0x63, 0x78, 0x1D, 0x2D, 0x4F, 0x6E, 0x50, 0xEE,
0x62, 0x2D, 0x88, 0x62, 0x01, 0xF6, 0xB4, 0x17,
0x4F, 0x8C, 0xAD, 0xCB, 0x4B, 0xF9, 0xF6, 0x9D,
0xC7, 0xD8, 0xCC, 0xBF, 0x96, 0x1B, 0x1B, 0x79,
0xF3, 0x25, 0x85, 0x23, 0x10, 0x63, 0x30, 0x8D,
0xA8, 0x3A, 0x4B, 0x92, 0x1B, 0x88, 0x53, 0x24,
0x2D, 0x29, 0xA5, 0x2E, 0x7A, 0xD5, 0x58, 0xEB,
0x1B, 0x1C, 0xE6, 0xB8, 0x94, 0x0C, 0x58, 0x96,
0x5B, 0xA0, 0x2C, 0xBF, 0xE2, 0x99, 0xA0, 0x1F,
0x0C, 0xCC, 0xBD, 0x83, 0x72, 0x56, 0xBB, 0x13,
0x61, 0x5A, 0xC2, 0x04, 0x27, 0x29, 0x1F, 0xD4,
0xE4, 0x3D, 0x8A, 0x87, 0xE3, 0x81, 0x91, 0x07,
0xD3, 0x9B, 0xBC, 0xA9, 0xB3, 0xBA, 0xF5, 0x8B,
0x6A, 0xAD, 0xDE, 0xB0, 0x54, 0x3E, 0xFE, 0xCC,
0xD3, 0xCB, 0x2C, 0x69, 0xF0, 0x58, 0xD7, 0xEF,
0xA9, 0xC0, 0x15, 0x9B, 0x5A, 0xDF, 0x71, 0x25,
0x38, 0x44, 0xEC, 0xA9, 0x18, 0x47, 0x41, 0xCE,
0x3D, 0x53, 0x10, 0x12, 0xC3, 0x1B, 0x59, 0x9A,
0x93, 0xA1, 0xEA, 0xBE, 0x3E, 0xBA, 0x74, 0xF6,
0x2D, 0x40, 0x9D, 0xCB, 0x9E, 0xA1, 0xA5, 0x85,
0xFF, 0xDC, 0xC5, 0x60, 0x6F, 0x61, 0xE8, 0x17,
0x6C, 0x36, 0x9F, 0x7A, 0x48, 0x47, 0xDD, 0xF1,
0xF4, 0x43, 0x21, 0xCB, 0xB3, 0x55, 0x86, 0xD0,
0xE9, 0x46, 0x7D, 0xB5, 0x3D, 0x90, 0x34, 0x1E,
0xBB, 0x40, 0xD3, 0x2A, 0xEB, 0xE6, 0x4C, 0x46,
0x42, 0xA2, 0x8A, 0xBF, 0x90, 0xE7, 0x4B, 0x6D,
0x5C, 0x94, 0x97, 0xD2, 0xF0, 0x97, 0x74, 0x4C,
0x76, 0x03, 0xAC, 0x3D, 0xDE, 0x15, 0x96, 0x0C,
0xEF, 0x18, 0x9D, 0xBD, 0x1A, 0x20, 0x35, 0x7E,
0x2A, 0x70, 0x9D, 0xEA, 0x2E, 0x11, 0xDF, 0xF3,
0x2F, 0xFE, 0x23, 0xA9, 0xB6, 0xCF, 0xB7, 0xB9,
0x3F, 0x4F, 0x30, 0x6B, 0x3B, 0x0D, 0x3B, 0xED,
0xCD, 0x77, 0xD4, 0xBF, 0xEE, 0xDD, 0xB6, 0x56,
0x24, 0xD4, 0x29, 0x83, 0xDE, 0xDB, 0xC1, 0xFB,
0x6A, 0xCE, 0x7F, 0x47, 0xD2, 0xC5, 0xF1, 0x78,
0x5C, 0x2C, 0x5A, 0x28, 0x3E, 0x05, 0x50, 0x2E,
0xD9, 0xAE, 0x9B, 0x95, 0x64, 0xC7, 0xD2, 0x7B,
0xCB, 0xC5, 0x91, 0x80, 0xEB, 0x79, 0xC7, 0xCC,
0xA8, 0x06, 0xC8, 0xF9, 0xDF, 0x2A, 0x49, 0x4A,
0xF8, 0xFE, 0xBA, 0xA5, 0x85, 0x67, 0x1B, 0xDA,
0x51, 0x3B, 0xC2, 0x04, 0xA6, 0xA3, 0xFF, 0x99,
0x21, 0xE8, 0x17, 0x91, 0x33, 0x9B, 0x83, 0x75,
0x20, 0x5E, 0x95, 0xBE, 0x49, 0xDF, 0x53, 0xFC,
0x05, 0xA2, 0x3C, 0xAA, 0x5A, 0x22, 0x15, 0xA5,
0x56, 0xE0, 0x51, 0x30, 0x4E, 0x32, 0x14, 0xF2,
0x9F, 0x03, 0x51, 0x8E, 0xDD, 0x8B, 0x39, 0x19,
0x1E, 0x39, 0xC5, 0xA7, 0x1C, 0xC6, 0xA4, 0xE1,
0x77, 0xCA, 0x8C, 0x9D, 0x27, 0xBC, 0xCC, 0x16,
0xD6, 0xFC, 0x59, 0x10, 0x23, 0xFF, 0x64, 0x90,
0x9C, 0x23, 0x5A, 0xFF, 0x7E, 0x27, 0x1B, 0xC7,
0x7F, 0x21, 0x3B, 0x41, 0xDB, 0xBC, 0x96, 0x60,
0x0B, 0x35, 0xA1, 0xF3, 0xF8, 0x51, 0x0A, 0x65,
0xCF, 0xDF, 0x7A, 0xB8, 0x04, 0x56, 0x49, 0xD7,
0xD3, 0xC5, 0x0B, 0x4A, 0x1F, 0x60, 0xE1, 0x86,
0x36, 0x53, 0x8E, 0x6C, 0x3E, 0xAF, 0x5B, 0xC1,
0xCA, 0xCB, 0x22, 0x1A, 0x07, 0xDA, 0x54, 0xEC,
0xAA, 0x06, 0x72, 0x17, 0xCF, 0x80, 0xC4, 0x89,
0x56, 0x24, 0x1B, 0xD4, 0xFF, 0x50, 0x6B, 0x51,
0x55, 0x4D, 0x6E, 0x79, 0x7E, 0xEC, 0x61, 0xC6,
0xE4, 0x21, 0xC8, 0x0E, 0x10, 0x3F, 0x8C, 0x85,
0x3A, 0x27, 0xEA, 0x91, 0x07, 0xCB, 0x37, 0x18,
0x14, 0xB5, 0x63, 0x6E, 0x00, 0xBC, 0x0F, 0x36,
0xF9, 0x54, 0x75, 0xE7, 0x0B, 0xDC, 0xE7, 0xA0,
0x59, 0xF0, 0x64, 0xFB, 0x73, 0x07, 0x0E, 0xFE,
0x57, 0x7F, 0x0D, 0x12, 0xBC, 0xB0, 0xBF, 0xA2,
0x3A, 0x18, 0x08, 0x7E, 0xD5, 0x6C, 0xF0, 0x6F,
0xF8, 0x98, 0xFB, 0xA5, 0x10, 0x7B, 0x10, 0x5F,
0x6B, 0xC8, 0x6D, 0xDE, 0x2F, 0x1F, 0xE0, 0xC8,
0x19, 0xEE, 0xC2, 0x03, 0x39, 0x49, 0x70, 0x3E,
0x36, 0xE3, 0x3C, 0x70, 0xE3, 0xEA, 0xAC, 0x34,
0x32, 0xB7, 0x0D, 0xBA, 0x7C, 0xAB, 0xE6, 0x18
};
static const byte sk_65[] = {
0xDC, 0x38, 0xE5, 0x5F, 0xDF, 0x2E, 0x9D, 0xD4,
0x34, 0x5C, 0xAE, 0x1A, 0x7D, 0xF4, 0x2E, 0x2E,
0xBC, 0x58, 0x57, 0x80, 0x55, 0x02, 0xE4, 0x3F,
0xA5, 0x19, 0x41, 0xE4, 0x44, 0x58, 0x66, 0x41,
0x52, 0x8D, 0xA0, 0xC7, 0xD2, 0x80, 0xDD, 0x49,
0x0D, 0x5E, 0xB7, 0x65, 0xDB, 0x32, 0x33, 0x15,
0x0F, 0x9E, 0xC8, 0xEB, 0xC9, 0x6E, 0xE8, 0xE8,
0x5C, 0xBD, 0x18, 0x4F, 0xDC, 0xF8, 0xA8, 0xD9,
0xC5, 0x33, 0x84, 0x79, 0x5A, 0x5E, 0xB7, 0x3C,
0x6D, 0x82, 0xCA, 0xB9, 0xBA, 0x94, 0xB6, 0x46,
0xAE, 0x3A, 0xD9, 0x19, 0x6C, 0xB4, 0xDA, 0xE2,
0xF1, 0x4B, 0xB6, 0x43, 0xF0, 0x24, 0x08, 0xE5,
0xF7, 0x9A, 0x41, 0xF1, 0x15, 0x9C, 0xA8, 0x08,
0x79, 0x9F, 0xB8, 0x26, 0xD4, 0x08, 0x32, 0x47,
0xC8, 0xF0, 0xD5, 0x31, 0xA1, 0xC1, 0x19, 0x04,
0x02, 0x06, 0x2B, 0x4D, 0x46, 0xAE, 0x43, 0x6A,
0x25, 0x82, 0x75, 0x41, 0x70, 0x36, 0x42, 0x48,
0x78, 0x06, 0x36, 0x50, 0x23, 0x84, 0x68, 0x10,
0x87, 0x08, 0x62, 0x00, 0x08, 0x34, 0x20, 0x73,
0x32, 0x13, 0x36, 0x61, 0x87, 0x61, 0x43, 0x50,
0x30, 0x02, 0x26, 0x07, 0x65, 0x45, 0x32, 0x00,
0x25, 0x75, 0x01, 0x04, 0x88, 0x81, 0x58, 0x64,
0x52, 0x40, 0x84, 0x22, 0x88, 0x42, 0x82, 0x56,
0x47, 0x50, 0x05, 0x21, 0x88, 0x25, 0x32, 0x25,
0x12, 0x85, 0x14, 0x52, 0x87, 0x77, 0x67, 0x18,
0x46, 0x54, 0x63, 0x07, 0x88, 0x67, 0x37, 0x26,
0x72, 0x62, 0x41, 0x02, 0x00, 0x01, 0x17, 0x84,
0x33, 0x64, 0x32, 0x57, 0x06, 0x20, 0x05, 0x44,
0x88, 0x57, 0x33, 0x45, 0x70, 0x55, 0x14, 0x43,
0x12, 0x54, 0x04, 0x38, 0x37, 0x08, 0x42, 0x57,
0x36, 0x05, 0x30, 0x03, 0x86, 0x53, 0x02, 0x53,
0x75, 0x22, 0x62, 0x13, 0x38, 0x82, 0x48, 0x30,
0x83, 0x83, 0x64, 0x83, 0x13, 0x74, 0x57, 0x32,
0x46, 0x70, 0x06, 0x05, 0x82, 0x52, 0x73, 0x55,
0x25, 0x77, 0x21, 0x78, 0x57, 0x83, 0x66, 0x20,
0x38, 0x53, 0x21, 0x41, 0x77, 0x56, 0x77, 0x46,
0x34, 0x42, 0x58, 0x31, 0x08, 0x06, 0x03, 0x62,
0x20, 0x35, 0x11, 0x42, 0x35, 0x38, 0x63, 0x86,
0x64, 0x13, 0x13, 0x75, 0x40, 0x01, 0x53, 0x74,
0x41, 0x31, 0x56, 0x64, 0x38, 0x17, 0x14, 0x16,
0x62, 0x33, 0x22, 0x12, 0x64, 0x40, 0x67, 0x11,
0x62, 0x42, 0x25, 0x60, 0x38, 0x05, 0x83, 0x13,
0x51, 0x00, 0x28, 0x36, 0x62, 0x56, 0x41, 0x43,
0x58, 0x37, 0x51, 0x22, 0x70, 0x25, 0x82, 0x82,
0x35, 0x24, 0x06, 0x83, 0x48, 0x58, 0x81, 0x78,
0x07, 0x86, 0x23, 0x15, 0x75, 0x32, 0x46, 0x75,
0x35, 0x40, 0x08, 0x43, 0x10, 0x66, 0x74, 0x05,
0x13, 0x72, 0x74, 0x08, 0x83, 0x41, 0x81, 0x08,
0x75, 0x87, 0x83, 0x28, 0x56, 0x66, 0x20, 0x01,
0x18, 0x83, 0x57, 0x22, 0x14, 0x64, 0x18, 0x05,
0x27, 0x75, 0x22, 0x84, 0x12, 0x38, 0x87, 0x52,
0x32, 0x25, 0x28, 0x08, 0x14, 0x41, 0x81, 0x14,
0x03, 0x24, 0x54, 0x23, 0x04, 0x81, 0x40, 0x36,
0x38, 0x38, 0x64, 0x42, 0x46, 0x36, 0x68, 0x11,
0x55, 0x00, 0x11, 0x25, 0x76, 0x16, 0x43, 0x07,
0x23, 0x03, 0x34, 0x10, 0x46, 0x41, 0x14, 0x02,
0x26, 0x10, 0x74, 0x38, 0x38, 0x72, 0x07, 0x87,
0x54, 0x11, 0x12, 0x83, 0x75, 0x05, 0x82, 0x17,
0x45, 0x20, 0x38, 0x41, 0x37, 0x20, 0x00, 0x08,
0x32, 0x18, 0x16, 0x25, 0x58, 0x85, 0x16, 0x88,
0x71, 0x82, 0x45, 0x60, 0x33, 0x11, 0x13, 0x42,
0x43, 0x37, 0x68, 0x11, 0x16, 0x54, 0x04, 0x08,
0x52, 0x78, 0x13, 0x56, 0x83, 0x52, 0x15, 0x24,
0x03, 0x61, 0x78, 0x44, 0x13, 0x70, 0x67, 0x36,
0x74, 0x86, 0x52, 0x50, 0x15, 0x41, 0x88, 0x74,
0x53, 0x00, 0x05, 0x18, 0x65, 0x62, 0x14, 0x84,
0x12, 0x32, 0x01, 0x88, 0x40, 0x42, 0x34, 0x05,
0x32, 0x80, 0x72, 0x55, 0x20, 0x68, 0x16, 0x43,
0x14, 0x15, 0x15, 0x38, 0x43, 0x85, 0x27, 0x60,
0x70, 0x18, 0x27, 0x35, 0x53, 0x01, 0x28, 0x73,
0x27, 0x84, 0x10, 0x53, 0x67, 0x10, 0x45, 0x40,
0x81, 0x52, 0x86, 0x06, 0x11, 0x18, 0x04, 0x31,
0x57, 0x25, 0x22, 0x44, 0x47, 0x81, 0x45, 0x44,
0x55, 0x04, 0x72, 0x57, 0x06, 0x46, 0x76, 0x23,
0x38, 0x85, 0x65, 0x30, 0x08, 0x48, 0x20, 0x13,
0x22, 0x77, 0x44, 0x60, 0x43, 0x14, 0x15, 0x27,
0x86, 0x22, 0x37, 0x37, 0x27, 0x04, 0x27, 0x50,
0x74, 0x31, 0x10, 0x82, 0x00, 0x75, 0x80, 0x44,
0x38, 0x10, 0x58, 0x40, 0x86, 0x60, 0x63, 0x13,
0x65, 0x18, 0x33, 0x70, 0x57, 0x68, 0x05, 0x10,
0x81, 0x03, 0x42, 0x05, 0x25, 0x65, 0x33, 0x57,
0x38, 0x05, 0x65, 0x34, 0x46, 0x53, 0x68, 0x11,
0x75, 0x10, 0x04, 0x54, 0x18, 0x47, 0x52, 0x24,
0x63, 0x23, 0x74, 0x45, 0x11, 0x34, 0x68, 0x32,
0x35, 0x38, 0x52, 0x85, 0x28, 0x08, 0x71, 0x78,
0x37, 0x38, 0x27, 0x10, 0x80, 0x54, 0x26, 0x33,
0x31, 0x82, 0x44, 0x88, 0x33, 0x24, 0x62, 0x86,
0x32, 0x82, 0x73, 0x31, 0x28, 0x14, 0x73, 0x87,
0x06, 0x35, 0x80, 0x36, 0x67, 0x02, 0x33, 0x75,
0x27, 0x36, 0x38, 0x16, 0x35, 0x70, 0x52, 0x16,
0x87, 0x58, 0x85, 0x17, 0x22, 0x13, 0x54, 0x85,
0x07, 0x53, 0x31, 0x26, 0x78, 0x01, 0x85, 0x18,
0x08, 0x68, 0x38, 0x52, 0x11, 0x73, 0x32, 0x25,
0x58, 0x82, 0x70, 0x70, 0x36, 0x30, 0x50, 0x38,
0x65, 0x12, 0x78, 0x31, 0x77, 0x72, 0x18, 0x41,
0x05, 0x42, 0x32, 0x26, 0x26, 0x50, 0x52, 0x86,
0x15, 0x76, 0x28, 0x66, 0x88, 0x03, 0x78, 0x28,
0x70, 0x33, 0x36, 0x27, 0x16, 0x61, 0x43, 0x56,
0x62, 0x81, 0x85, 0x75, 0x47, 0x60, 0x63, 0x38,
0x66, 0x81, 0x51, 0x78, 0x03, 0x42, 0x60, 0x38,
0x01, 0x24, 0x73, 0x63, 0x81, 0x12, 0x01, 0x27,
0x63, 0x13, 0x11, 0x78, 0x36, 0x37, 0x15, 0x03,
0x84, 0x58, 0x17, 0x25, 0x67, 0x87, 0x57, 0x83,
0x71, 0x85, 0x37, 0x53, 0x86, 0x22, 0x33, 0x28,
0x77, 0x30, 0x18, 0x15, 0x01, 0x37, 0x85, 0x40,
0x15, 0x38, 0x51, 0x33, 0x17, 0x42, 0x64, 0x04,
0x56, 0x27, 0x50, 0x45, 0x11, 0x27, 0x20, 0x17,
0x76, 0x55, 0x33, 0x37, 0x58, 0x88, 0x88, 0x45,
0x16, 0x55, 0x08, 0x53, 0x52, 0x48, 0x72, 0x85,
0x30, 0x15, 0x23, 0x44, 0x22, 0x02, 0x43, 0x45,
0x41, 0x10, 0x00, 0x52, 0x32, 0x73, 0x05, 0x75,
0x72, 0x16, 0x08, 0x11, 0x51, 0x36, 0x20, 0x04,
0x76, 0x48, 0x78, 0x56, 0x60, 0x88, 0x07, 0x47,
0x70, 0x20, 0x46, 0x40, 0x43, 0x26, 0x04, 0x37,
0x17, 0x51, 0x58, 0x46, 0x72, 0x44, 0x50, 0x23,
0x67, 0x63, 0x60, 0x84, 0x30, 0x51, 0x52, 0x53,
0x21, 0x74, 0x85, 0x45, 0x74, 0x43, 0x11, 0x72,
0x52, 0x65, 0x76, 0x08, 0x78, 0x63, 0x14, 0x27,
0x41, 0x34, 0x67, 0x07, 0x45, 0x15, 0x10, 0x83,
0x24, 0x02, 0x80, 0x53, 0x07, 0x21, 0x58, 0x10,
0x34, 0x20, 0x54, 0x12, 0x58, 0x44, 0x25, 0x53,
0x33, 0x46, 0x02, 0x38, 0x60, 0x17, 0x70, 0x64,
0x18, 0x52, 0x62, 0x26, 0x65, 0x61, 0x42, 0x31,
0x22, 0x57, 0x34, 0x57, 0x02, 0x34, 0x62, 0x76,
0x74, 0x38, 0x73, 0x21, 0x68, 0x71, 0x07, 0x21,
0x61, 0x05, 0x20, 0x20, 0x86, 0x83, 0x30, 0x25,
0x50, 0x50, 0x83, 0x30, 0x31, 0x56, 0x30, 0x31,
0x76, 0x04, 0x54, 0x80, 0x75, 0x18, 0x82, 0x23,
0x61, 0x87, 0x58, 0x25, 0x13, 0x63, 0x21, 0x51,
0x48, 0x02, 0x67, 0x37, 0x12, 0x88, 0x70, 0x60,
0x07, 0x36, 0x18, 0x15, 0x87, 0x74, 0x55, 0x60,
0x00, 0x54, 0x37, 0x11, 0x01, 0x37, 0x14, 0x17,
0x11, 0x72, 0x14, 0x55, 0x31, 0x75, 0x77, 0x48,
0x10, 0x23, 0x83, 0x20, 0x00, 0x04, 0x32, 0x64,
0x66, 0x61, 0x71, 0x31, 0x03, 0x15, 0x44, 0x32,
0x57, 0x25, 0x64, 0x31, 0x28, 0x15, 0x33, 0x67,
0x86, 0x87, 0x37, 0x03, 0x12, 0x78, 0x86, 0x13,
0x47, 0x80, 0x61, 0x42, 0x50, 0x40, 0x23, 0x37,
0x01, 0x01, 0x66, 0x24, 0x06, 0x57, 0x82, 0x02,
0x22, 0x42, 0x41, 0x02, 0x26, 0x06, 0x41, 0x35,
0x64, 0x16, 0x44, 0x42, 0x38, 0x30, 0x86, 0x88,
0x47, 0x71, 0x62, 0x33, 0x24, 0x02, 0x12, 0x37,
0x42, 0x33, 0x20, 0x81, 0x80, 0x53, 0x07, 0x65,
0x71, 0x27, 0x13, 0x53, 0x15, 0x43, 0x76, 0x38,
0x71, 0x30, 0x07, 0x87, 0x25, 0x63, 0x03, 0x33,
0x70, 0x56, 0x18, 0x13, 0x83, 0x51, 0x44, 0x40,
0x04, 0x80, 0x62, 0x24, 0x20, 0x64, 0x54, 0x40,
0x20, 0x73, 0x61, 0x45, 0x01, 0x24, 0x47, 0x78,
0x23, 0x34, 0x56, 0x10, 0x25, 0x32, 0x02, 0x70,
0x08, 0x02, 0x23, 0x24, 0x80, 0x43, 0x04, 0x02,
0x81, 0x11, 0x23, 0x82, 0x03, 0x61, 0x30, 0x33,
0x15, 0x36, 0x25, 0x32, 0x14, 0x73, 0x22, 0x46,
0x81, 0x25, 0x16, 0x13, 0x52, 0x58, 0x71, 0x61,
0x67, 0x08, 0x38, 0x76, 0x71, 0x15, 0x88, 0x47,
0x31, 0x25, 0x27, 0x18, 0x31, 0x50, 0x40, 0x71,
0x06, 0x87, 0x37, 0x30, 0x85, 0x64, 0x62, 0x78,
0x32, 0x74, 0x18, 0x83, 0x67, 0x40, 0x37, 0x44,
0x56, 0x02, 0x72, 0x61, 0x27, 0x28, 0x38, 0x38,
0x67, 0x17, 0x58, 0x04, 0x61, 0x28, 0x67, 0x37,
0x46, 0x50, 0x38, 0x15, 0x45, 0x12, 0x71, 0x44,
0x22, 0x02, 0x34, 0x83, 0x40, 0x70, 0x55, 0x75,
0x54, 0x26, 0x88, 0x07, 0x25, 0x58, 0x73, 0x60,
0x58, 0x61, 0x45, 0x63, 0x35, 0x05, 0x48, 0x63,
0x48, 0x57, 0x03, 0x31, 0x28, 0x14, 0x05, 0x01,
0x57, 0x34, 0x64, 0x50, 0x23, 0x86, 0x75, 0x85,
0x18, 0x75, 0x56, 0x88, 0x08, 0x26, 0x01, 0x34,
0x01, 0x57, 0x05, 0x28, 0x35, 0x48, 0x17, 0x57,
0x71, 0x81, 0x41, 0x33, 0x77, 0x86, 0x07, 0x77,
0x02, 0x25, 0x71, 0x74, 0x37, 0x31, 0x20, 0x14,
0x32, 0x54, 0x20, 0x35, 0x54, 0x76, 0x83, 0x15,
0x80, 0x73, 0x27, 0x23, 0x00, 0x58, 0x22, 0x84,
0x64, 0x56, 0x14, 0x84, 0x38, 0x34, 0x16, 0x21,
0x77, 0x07, 0x34, 0x81, 0x66, 0x87, 0x40, 0x11,
0x62, 0x46, 0x45, 0x01, 0x20, 0x53, 0x21, 0x73,
0x07, 0x76, 0x44, 0x15, 0x61, 0x50, 0x83, 0x48,
0x58, 0x58, 0x45, 0x33, 0x25, 0x36, 0x07, 0x42,
0x70, 0x24, 0x07, 0x41, 0x08, 0x35, 0x00, 0x78,
0x41, 0x47, 0x02, 0x56, 0x07, 0x14, 0x68, 0x33,
0x55, 0x77, 0x32, 0x40, 0x55, 0x24, 0x50, 0x26,
0x47, 0x12, 0x65, 0x58, 0x43, 0x05, 0x52, 0x55,
0x75, 0x50, 0x18, 0x46, 0x65, 0x48, 0x03, 0x32,
0x85, 0x31, 0x16, 0x52, 0x71, 0x57, 0x87, 0x46,
0x76, 0x14, 0x42, 0x81, 0x28, 0x74, 0x60, 0x34,
0x35, 0x55, 0x52, 0x16, 0x58, 0x48, 0x61, 0x75,
0x80, 0x88, 0x15, 0x32, 0x72, 0x26, 0x31, 0x03,
0x05, 0x03, 0x16, 0x04, 0x07, 0x37, 0x37, 0x73,
0x43, 0x81, 0x57, 0x31, 0x88, 0x04, 0x72, 0x76,
0x01, 0x61, 0x81, 0x17, 0x37, 0x65, 0x44, 0x38,
0x61, 0x23, 0x16, 0x26, 0x52, 0x45, 0x00, 0x73,
0x83, 0x63, 0x64, 0x62, 0x26, 0x74, 0x60, 0x11,
0x81, 0x08, 0x06, 0x30, 0x36, 0x05, 0x10, 0x48,
0x47, 0x35, 0x10, 0x85, 0x30, 0x86, 0x71, 0x38,
0x16, 0x37, 0x6F, 0x3B, 0x1C, 0x18, 0xB1, 0xE3,
0xE8, 0xEE, 0x83, 0x3E, 0x8D, 0x38, 0x43, 0x9E,
0x78, 0x1C, 0xA3, 0xB8, 0x94, 0x06, 0x54, 0xEF,
0x44, 0x6C, 0x9A, 0xAC, 0xC3, 0xF1, 0xD3, 0x0E,
0xE0, 0x10, 0x5B, 0x8F, 0x63, 0xEB, 0x89, 0x74,
0x6E, 0xF4, 0xBE, 0xB5, 0x4C, 0xFC, 0xE8, 0x81,
0x2C, 0xF9, 0x47, 0xCF, 0x54, 0x54, 0xFB, 0x1C,
0xA5, 0x5F, 0x25, 0xA0, 0xFE, 0x57, 0xF5, 0xFC,
0xFD, 0x73, 0xB0, 0xDA, 0x04, 0xB0, 0xBF, 0x28,
0x92, 0x92, 0xAF, 0x39, 0x74, 0x72, 0x56, 0x69,
0xC3, 0x00, 0x03, 0xE0, 0x50, 0x9F, 0xED, 0xC8,
0x0F, 0x6C, 0x89, 0x4B, 0xB0, 0x47, 0xC2, 0xE2,
0xAF, 0x48, 0x5C, 0xAD, 0x68, 0xC2, 0x1D, 0x80,
0xEF, 0x33, 0xB0, 0xC4, 0xFD, 0xA6, 0x7B, 0x85,
0x31, 0xA1, 0x58, 0x87, 0x67, 0x54, 0x71, 0x3F,
0xF8, 0xA8, 0xA6, 0x8D, 0x9A, 0xBD, 0xC4, 0x81,
0x6B, 0x24, 0xB4, 0xA3, 0x6A, 0x8A, 0x2B, 0xB1,
0xFD, 0x1C, 0x2C, 0x25, 0xC3, 0x72, 0xC4, 0xB7,
0x75, 0xF8, 0xCC, 0x17, 0x39, 0xCF, 0x2C, 0xE9,
0xA4, 0x54, 0x58, 0xE4, 0x1A, 0xAE, 0xC6, 0x4A,
0xEE, 0xDE, 0x75, 0x7C, 0xE7, 0x38, 0xBC, 0xDF,
0x4D, 0xA0, 0xEE, 0x2B, 0xDD, 0x5F, 0x80, 0x5C,
0xCF, 0xF7, 0x2A, 0x5F, 0x73, 0x8B, 0xAC, 0x12,
0x34, 0x2E, 0xE3, 0xF1, 0x4C, 0xB7, 0x22, 0x68,
0xC2, 0xD6, 0x36, 0x7D, 0xF1, 0x7F, 0x20, 0x46,
0xA2, 0x4B, 0x47, 0x4B, 0x32, 0x58, 0xF7, 0xB0,
0x88, 0x54, 0x6C, 0x99, 0x3B, 0x0D, 0xA1, 0xE2,
0x92, 0x92, 0xEB, 0x72, 0x1E, 0xE7, 0xE5, 0xA1,
0xF8, 0x6E, 0x14, 0xA5, 0x39, 0xB0, 0x63, 0x6F,
0x78, 0x82, 0xA1, 0x9C, 0x8D, 0x79, 0x02, 0x85,
0xA6, 0xDF, 0x7D, 0xEE, 0xCE, 0x17, 0x4D, 0x63,
0xCF, 0xF3, 0xB2, 0xFF, 0x85, 0x68, 0x81, 0xCB,
0x38, 0x6B, 0x1B, 0x38, 0xA2, 0xE0, 0xF2, 0x4C,
0x31, 0xE0, 0x91, 0x93, 0xDD, 0xF3, 0x71, 0x47,
0xF2, 0x69, 0xD9, 0x4C, 0xDE, 0xF9, 0x90, 0x61,
0x34, 0x62, 0x07, 0x71, 0x79, 0xD0, 0xDD, 0x09,
0x32, 0x64, 0x39, 0x49, 0x93, 0x1A, 0x02, 0xBA,
0xFA, 0x80, 0x17, 0x6E, 0xDF, 0x97, 0xB6, 0xA2,
0x31, 0x34, 0x71, 0xF0, 0xB1, 0x9B, 0x3B, 0x59,
0xF4, 0x3B, 0xD2, 0x2A, 0x05, 0x49, 0x3E, 0xFB,
0x0C, 0xF8, 0xB5, 0xD7, 0xB6, 0x25, 0x2B, 0x09,
0x8B, 0x4B, 0xFA, 0x39, 0x5B, 0xF9, 0xA2, 0x09,
0xE9, 0xBB, 0x46, 0x01, 0x30, 0x00, 0x90, 0x32,
0x58, 0xA6, 0x9B, 0x67, 0xF5, 0x94, 0x11, 0xC8,
0x35, 0x95, 0xFA, 0x6E, 0x67, 0x42, 0x8D, 0x96,
0x6D, 0x20, 0xFC, 0xD3, 0x09, 0x61, 0x11, 0x86,
0x77, 0xC0, 0x86, 0xA3, 0x54, 0xAE, 0x6D, 0x41,
0xEE, 0x17, 0xDC, 0xA1, 0xB0, 0xB7, 0x50, 0x43,
0xD6, 0xCE, 0x23, 0xBD, 0xB0, 0x1E, 0x02, 0xE5,
0x9E, 0xCF, 0xC6, 0x2E, 0x8C, 0x39, 0x71, 0xB1,
0x45, 0x02, 0x75, 0xBA, 0x7F, 0x60, 0xB0, 0x8B,
0x1C, 0x33, 0xBA, 0x0C, 0xFF, 0x54, 0x63, 0xE3,
0x47, 0x5B, 0x07, 0x77, 0x77, 0xC5, 0x72, 0x24,
0x60, 0xFA, 0xDB, 0x0B, 0xF6, 0x41, 0x82, 0x69,
0x3C, 0x68, 0x37, 0xF5, 0xFD, 0x45, 0x4A, 0x66,
0x6C, 0xD7, 0x01, 0x10, 0x78, 0x4A, 0xED, 0x09,
0xAE, 0x49, 0x0A, 0x60, 0xC7, 0x78, 0x56, 0x51,
0x15, 0xE3, 0x4A, 0xB5, 0xAE, 0xAD, 0x09, 0xD1,
0x71, 0xA8, 0xCA, 0x3C, 0x8A, 0xE6, 0xCA, 0x39,
0x43, 0x60, 0x56, 0x83, 0x3C, 0x58, 0x04, 0xD4,
0xB4, 0x62, 0xDD, 0x53, 0x05, 0xC8, 0x51, 0xAF,
0x59, 0xF6, 0x4F, 0x04, 0xC3, 0x1E, 0x69, 0xFF,
0x82, 0xBF, 0xD7, 0x89, 0xD2, 0x30, 0x9F, 0xF2,
0xE6, 0x38, 0x05, 0x9C, 0xD5, 0x08, 0xB8, 0x25,
0xF3, 0x3B, 0x99, 0x85, 0x4E, 0x40, 0xF8, 0x40,
0xF2, 0x4B, 0x5C, 0x3A, 0xA8, 0x64, 0x41, 0x92,
0xEA, 0xCA, 0x9A, 0x7B, 0xCF, 0xBA, 0x1F, 0xDE,
0xE0, 0x9D, 0xCA, 0xAD, 0xB4, 0x0C, 0x90, 0xFF,
0xE1, 0x6C, 0xEC, 0xDD, 0x32, 0x38, 0x2A, 0xF7,
0x19, 0x20, 0x39, 0xCB, 0x29, 0x67, 0x2F, 0x70,
0x71, 0x12, 0x10, 0xB6, 0xB8, 0x3E, 0x8D, 0xFD,
0xB5, 0xFB, 0xBD, 0xBF, 0xA8, 0xCA, 0x19, 0xC4,
0xC6, 0xAC, 0x37, 0x31, 0xFC, 0x33, 0xC2, 0x7F,
0xA2, 0xA2, 0x6D, 0xEB, 0x15, 0x2E, 0xA1, 0x90,
0xF8, 0x29, 0xC6, 0x34, 0xD1, 0x39, 0x30, 0x24,
0x1C, 0xB9, 0x26, 0xAC, 0xDD, 0xE5, 0x24, 0x9C,
0xDD, 0x35, 0x60, 0x7E, 0x38, 0x0C, 0xC1, 0x2A,
0x7D, 0x1E, 0xA9, 0xBA, 0xA5, 0x58, 0x4C, 0xDD,
0x26, 0x86, 0x09, 0xDC, 0xC3, 0xB0, 0x1F, 0xCD,
0xC9, 0xAD, 0xCB, 0x4A, 0x7E, 0x51, 0x67, 0xE5,
0xED, 0x5A, 0xD2, 0x21, 0xDB, 0x2E, 0xAB, 0xD9,
0x0A, 0xEC, 0xAE, 0x71, 0xFA, 0x23, 0x7A, 0xEF,
0x98, 0xDF, 0x53, 0x89, 0x93, 0xE8, 0x71, 0xD7,
0x35, 0xDA, 0x6B, 0x88, 0x31, 0xAF, 0x67, 0xF2,
0x97, 0x29, 0x1C, 0x39, 0x67, 0xEB, 0xAF, 0x60,
0xD9, 0x53, 0xC4, 0x0F, 0x7A, 0x46, 0x4E, 0xF3,
0x2F, 0x8E, 0xAE, 0xFA, 0x64, 0x2E, 0x37, 0xDE,
0xA9, 0x74, 0x73, 0x5D, 0xDD, 0xBB, 0x83, 0x54,
0x27, 0xB9, 0x7A, 0x63, 0x2B, 0x19, 0x8B, 0x26,
0x22, 0x28, 0x84, 0xA0, 0x58, 0x00, 0x2D, 0x55,
0xEA, 0x2A, 0x80, 0x0D, 0x6C, 0x97, 0x0E, 0x8B,
0xF7, 0x67, 0xB2, 0x8B, 0x2D, 0xDE, 0x8F, 0x58,
0xFE, 0x97, 0x81, 0xE7, 0xE2, 0x58, 0x8D, 0x7E,
0x1B, 0xAB, 0xE5, 0x15, 0x9D, 0x54, 0xF4, 0x00,
0x34, 0x1D, 0x12, 0x1B, 0x03, 0x23, 0x2B, 0x06,
0x2E, 0x8C, 0xD0, 0x0A, 0xDC, 0x19, 0xA1, 0x69,
0x1D, 0x72, 0x91, 0xB4, 0xED, 0x0E, 0x81, 0xF7,
0x05, 0x99, 0x84, 0xFC, 0x74, 0x0F, 0x7D, 0xF8,
0x9B, 0x3E, 0x7F, 0x63, 0x7C, 0x73, 0xEB, 0xF5,
0x36, 0xB3, 0x24, 0x22, 0xAA, 0x33, 0x0C, 0x30,
0x42, 0xC3, 0xE2, 0x04, 0x6B, 0x3F, 0x2A, 0x0D,
0xAB, 0xE8, 0x5A, 0x9A, 0x09, 0xD7, 0xB6, 0xAA,
0x9C, 0x3E, 0xD0, 0x9E, 0xB5, 0x9B, 0x52, 0x7B,
0xAF, 0x2D, 0x6B, 0xE0, 0x40, 0x12, 0x34, 0xBE,
0x49, 0xAB, 0xD2, 0xC8, 0xB5, 0x89, 0x1B, 0x79,
0xEC, 0xAE, 0x88, 0x89, 0x3C, 0x05, 0xC7, 0x75,
0xC5, 0x84, 0xF7, 0x10, 0x49, 0x48, 0x92, 0x69,
0x9E, 0xD5, 0x56, 0xB2, 0x1E, 0x81, 0x18, 0x78,
0xCB, 0x93, 0x5D, 0x70, 0x3A, 0xB2, 0x67, 0xD1,
0xCC, 0x8F, 0x83, 0x03, 0xB9, 0x64, 0x46, 0x22,
0x78, 0x0D, 0x55, 0x67, 0x22, 0x58, 0x0E, 0x22,
0x6B, 0xBA, 0x01, 0xD4, 0x77, 0x05, 0xA7, 0xAC,
0xB7, 0xE5, 0xFC, 0xE6, 0x11, 0xCC, 0x92, 0x5A,
0x8C, 0xC0, 0x08, 0x24, 0xAF, 0xCC, 0x4D, 0xBD,
0x79, 0xD3, 0x5C, 0x52, 0x2C, 0xFF, 0x1A, 0x48,
0xBB, 0x91, 0x59, 0x6A, 0x80, 0x32, 0x8C, 0x75,
0x7C, 0xD2, 0xC1, 0x94, 0x94, 0xA8, 0x55, 0x4B,
0xF2, 0x96, 0xF7, 0x86, 0xF7, 0x53, 0x4F, 0x54,
0x74, 0x05, 0x5C, 0xEF, 0x02, 0xA0, 0x8A, 0xD1,
0x88, 0x72, 0xEB, 0x1B, 0x82, 0xF9, 0xFB, 0xDA,
0xBC, 0xB9, 0x90, 0x98, 0xF2, 0x4B, 0x9A, 0xA6,
0x89, 0xD5, 0xB3, 0xD8, 0x7B, 0x94, 0xE3, 0x1F,
0x17, 0x4F, 0xEB, 0x24, 0x06, 0x2B, 0xAB, 0x5F,
0x27, 0x9B, 0xCD, 0xCE, 0x50, 0x06, 0x40, 0xDD,
0x7A, 0x8C, 0x67, 0xF0, 0x8E, 0x07, 0xB4, 0x1C,
0x3C, 0x13, 0xB2, 0x07, 0x6A, 0x38, 0x59, 0x94,
0x2C, 0xB1, 0x72, 0xA8, 0x77, 0x5B, 0x15, 0x8F,
0x88, 0xC4, 0x5C, 0xDC, 0x92, 0xCA, 0xC0, 0xED,
0x02, 0xFF, 0x1D, 0x57, 0x25, 0xBE, 0x67, 0x3E,
0x4C, 0xE8, 0x95, 0x2A, 0x80, 0xB2, 0x5D, 0xBC,
0xFA, 0x17, 0xA9, 0x35, 0x0A, 0x6B, 0x07, 0xC8,
0x8F, 0x88, 0x8D, 0xBC, 0x97, 0x84, 0xE2, 0x07,
0x57, 0x92, 0x99, 0x4B, 0xE8, 0xDD, 0xD7, 0xA4,
0x58, 0xCB, 0x61, 0xCE, 0x16, 0xFC, 0x22, 0xCD,
0x4B, 0x1A, 0x08, 0xC9, 0xAD, 0x3D, 0xB1, 0xF2,
0xA9, 0x1B, 0x8E, 0xD0, 0xC7, 0xBC, 0xCE, 0xF9,
0x0A, 0x7A, 0x4D, 0xBE, 0x82, 0x0A, 0xBD, 0x6C,
0x42, 0x99, 0xBF, 0x86, 0x65, 0x53, 0xAA, 0x04,
0x79, 0xD6, 0x6D, 0x7E, 0x0F, 0x40, 0xFA, 0xEE,
0xCE, 0x38, 0x3B, 0x1C, 0x2F, 0xA4, 0x45, 0xA3,
0x78, 0x2B, 0xA0, 0x29, 0xC5, 0xAA, 0xA9, 0x09,
0x29, 0x51, 0xDC, 0x5B, 0xB5, 0x95, 0xE4, 0xCE,
0xC8, 0x50, 0x71, 0x2D, 0xE9, 0x32, 0x12, 0xA0,
0x7C, 0x88, 0x6B, 0xED, 0xE4, 0x38, 0xB7, 0x92,
0xCA, 0xE4, 0xDC, 0xD4, 0x05, 0x3B, 0x2B, 0x84,
0x95, 0x07, 0xFF, 0xF4, 0x79, 0xFF, 0x1E, 0x73,
0x1B, 0x8E, 0xDF, 0xA3, 0x15, 0xBD, 0x56, 0xAC,
0xDA, 0xAD, 0x73, 0x95, 0xC2, 0xD3, 0x72, 0xA8,
0xF0, 0x8E, 0x6C, 0xE3, 0x7D, 0xBE, 0x4C, 0x87,
0xFC, 0x0F, 0xA6, 0x3B, 0xED, 0xA4, 0x0F, 0x4F,
0xF1, 0x5D, 0xF2, 0x56, 0x54, 0xD1, 0xCE, 0x6C,
0xCA, 0x1C, 0xCB, 0xC2, 0x45, 0x7F, 0x90, 0x61,
0x0E, 0x3D, 0xCE, 0xBB, 0x5E, 0x41, 0x38, 0x2B,
0xD4, 0x41, 0x7C, 0x67, 0x7C, 0x71, 0x95, 0x34,
0xD7, 0xED, 0x4D, 0xAC, 0x6E, 0xF1, 0x46, 0xEA,
0x7D, 0xA4, 0x4C, 0x69, 0x0B, 0x9C, 0x2F, 0xAA,
0xF1, 0x17, 0x90, 0x1B, 0xF4, 0x4C, 0x03, 0xBE,
0x9D, 0x56, 0xCE, 0x0C, 0xCF, 0xE0, 0x87, 0x44,
0xBE, 0x2C, 0x52, 0xD3, 0xBC, 0xAE, 0x02, 0x30,
0xC7, 0x26, 0x06, 0x88, 0xA6, 0xAA, 0x9D, 0x50,
0xF1, 0x94, 0x58, 0xC7, 0x60, 0xF3, 0xA0, 0x6F,
0x53, 0x66, 0x53, 0xCD, 0x1D, 0xBE, 0xD1, 0xF2,
0x39, 0xBA, 0x1F, 0xE8, 0x40, 0x84, 0xCD, 0x1C,
0x8F, 0x3D, 0xB7, 0xD1, 0x51, 0x00, 0xDE, 0xB8,
0x11, 0xD9, 0x66, 0xAD, 0xD5, 0xE9, 0x33, 0x09,
0xE1, 0xA8, 0x00, 0x58, 0x65, 0xF1, 0xC1, 0x67,
0xB4, 0x3A, 0xA7, 0x98, 0x90, 0x6A, 0xDB, 0x91,
0xDB, 0x4A, 0x16, 0x35, 0xDC, 0x3D, 0x69, 0xEB,
0x7B, 0xDE, 0xCC, 0x91, 0x1B, 0x8D, 0xE6, 0x46,
0x61, 0x8E, 0x3F, 0x4C, 0x88, 0x81, 0x85, 0x4A,
0x73, 0x08, 0x56, 0x52, 0xAE, 0xE6, 0x4A, 0x60,
0x4A, 0x2E, 0x0C, 0x9A, 0x93, 0x76, 0x35, 0xC9,
0x36, 0x28, 0x0C, 0x72, 0x19, 0xAD, 0x33, 0xCF,
0x2B, 0xFB, 0xCE, 0x1A, 0x7D, 0xAC, 0xAA, 0x75,
0x15, 0x76, 0x81, 0x52, 0x55, 0xCC, 0xB9, 0x39,
0x07, 0xA3, 0x39, 0x12, 0x8D, 0x6F, 0x53, 0xAF,
0xC7, 0x14, 0x7F, 0xC7, 0x96, 0x5A, 0x49, 0x3C,
0x5C, 0xB0, 0x26, 0x47, 0xF4, 0x9D, 0xCA, 0x23,
0xA6, 0x7D, 0xA6, 0x61, 0xC4, 0xA3, 0x26, 0x40,
0x0F, 0xA7, 0x27, 0x09, 0xBC, 0x39, 0xFD, 0xA7,
0x75, 0x38, 0x74, 0xD0, 0x9D, 0x29, 0x15, 0x97,
0xDE, 0x25, 0x60, 0x4D, 0x19, 0x36, 0x04, 0xFB,
0xA5, 0x2C, 0xB0, 0xC8, 0xB5, 0xFE, 0xE5, 0x94,
0x7C, 0xE2, 0x1F, 0x84, 0xBB, 0xFB, 0x78, 0x9E,
0xA5, 0x7C, 0x5D, 0x4A, 0xB2, 0x48, 0x6F, 0x6E,
0x67, 0x95, 0x16, 0x5F, 0x01, 0x2A, 0xF8, 0x70,
0x95, 0xCB, 0x06, 0x93, 0x26, 0x6E, 0x7A, 0x75,
0xB5, 0xE5, 0x4E, 0x27, 0x1D, 0x8B, 0x30, 0xA6,
0x67, 0x67, 0xD6, 0xE2, 0xD6, 0xD1, 0x99, 0xA4,
0x55, 0x73, 0x19, 0x32, 0xF6, 0x0B, 0x6B, 0x4A,
0xEE, 0x23, 0x33, 0x38, 0x30, 0x68, 0x6F, 0x8E,
0x60, 0xA9, 0x60, 0x97, 0x3E, 0xEA, 0x5D, 0xE1,
0x40, 0x6F, 0x0C, 0x76, 0x84, 0xCF, 0xAF, 0x86,
0x8D, 0x36, 0xE5, 0x7D, 0xAE, 0x9A, 0x13, 0x70,
0x22, 0x2A, 0x31, 0xFE, 0xC2, 0xFB, 0xE1, 0x58,
0xA5, 0x4E, 0xEF, 0x10, 0x5B, 0x5E, 0xD4, 0x39,
0xFC, 0xF9, 0x15, 0x64, 0x78, 0x43, 0x7D, 0x03,
0x9F, 0x5B, 0xCB, 0x86, 0xD2, 0xEF, 0x28, 0xBD,
0x14, 0xCB, 0x8A, 0x04, 0x1D, 0x59, 0x23, 0x53,
0x4D, 0x13, 0xF9, 0x93, 0xFE, 0x19, 0x9C, 0xC3,
0x3F, 0xD9, 0xC1, 0x12, 0x94, 0x84, 0x13, 0x95,
0x8F, 0xD9, 0x10, 0xAB, 0x37, 0x69, 0x08, 0x04,
0x4A, 0x97, 0x82, 0x28, 0x75, 0xBB, 0xC9, 0xF4,
0x3F, 0x19, 0x6B, 0x00, 0x4C, 0x56, 0x16, 0x1F,
0x50, 0x82, 0xD1, 0x45, 0xFF, 0x0C, 0x37, 0x28,
0x04, 0xBB, 0x6C, 0x00, 0x97, 0x3A, 0x79, 0x2D,
0x9A, 0xB9, 0xA5, 0x16, 0x52, 0x02, 0xA3, 0x86,
0x81, 0xAA, 0x3A, 0x31, 0xE5, 0xB5, 0x44, 0x2D,
0x34, 0xE2, 0x7A, 0xD8, 0xFE, 0xA1, 0x36, 0xC0,
0x36, 0x65, 0x73, 0x12, 0x9F, 0x61, 0x3F, 0x59,
0xC9, 0x68, 0xB6, 0x34, 0x41, 0x40, 0x25, 0xD6,
0xE7, 0xAD, 0x25, 0x7D, 0xCB, 0xF1, 0x2A, 0xD8,
0x53, 0x48, 0x9D, 0xBF, 0xB5, 0xD5, 0x61, 0x18,
0x0E, 0x2A, 0x21, 0x3E, 0x61, 0x18, 0x07, 0x8E,
0x6F, 0x9A, 0x96, 0xA8, 0x61, 0xFE, 0x8D, 0x66,
0x1A, 0x21, 0x99, 0xD9, 0x60, 0x8B, 0xAC, 0x85,
0x84, 0x3D, 0x41, 0xF9, 0x93, 0x35, 0x24, 0x32,
0xFF, 0xC0, 0x8A, 0xFA, 0xBC, 0xA7, 0x85, 0x57,
0x3C, 0x16, 0x83, 0xAE, 0x90, 0xDE, 0x40, 0x12,
0xE4, 0x2B, 0xA2, 0x47, 0xA4, 0x92, 0x73, 0x54,
0x6C, 0xA5, 0xB7, 0xEE, 0x62, 0xEA, 0x62, 0x37,
0xD9, 0xD7, 0x73, 0x58, 0x43, 0xDB, 0x20, 0x60,
0x8C, 0x4F, 0x87, 0x58, 0xB2, 0x2B, 0xC3, 0x40,
0xB0, 0xC1, 0xB6, 0xB6, 0xA9, 0xCD, 0xCC, 0x05,
0x4F, 0x38, 0x5F, 0x08, 0xB3, 0x3B, 0x08, 0x4D,
0x78, 0x6B, 0x0D, 0x40, 0x46, 0xB9, 0x20, 0xDE,
0x29, 0x6F, 0x23, 0x96, 0xDA, 0x02, 0xF5, 0x1C,
0x1A, 0x1A, 0x36, 0xA3, 0x3A, 0xFA, 0x1D, 0x80,
0x36, 0x3C, 0xF6, 0xB4, 0xDC, 0x2C, 0x88, 0x54,
0xF7, 0x86, 0xC6, 0xF2, 0x15, 0xF8, 0x85, 0x33,
0xFB, 0x21, 0x20, 0x59, 0xCE, 0x60, 0x4B, 0xE8,
0xF1, 0xB7, 0x54, 0x17, 0x1E, 0x83, 0xCD, 0x82,
0x39, 0x40, 0x14, 0x31, 0xEC, 0x89, 0xC8, 0xE2,
0x6A, 0xAE, 0x3F, 0x49, 0x5B, 0x38, 0xE7, 0xCD,
0xE2, 0xF6, 0xEF, 0x90, 0x51, 0x10, 0x83, 0x79,
0x27, 0x80, 0x2F, 0x45, 0x78, 0x67, 0xAF, 0xF4,
0x65, 0x95, 0x2D, 0xFE, 0x00, 0xF3, 0x2A, 0x60,
0x00, 0xF7, 0x26, 0xFA, 0x3C, 0xAD, 0xA9, 0xAF,
0xCA, 0xF6, 0x69, 0x48, 0x03, 0xBE, 0x18, 0x73,
0x54, 0x06, 0x06, 0x3E, 0x4E, 0xAD, 0xFC, 0x8B,
0xC3, 0x43, 0x24, 0x5D, 0xE9, 0xDE, 0x78, 0xDC,
0xD0, 0xA7, 0x04, 0x77, 0xF0, 0x0D, 0xA3, 0x37,
0x8C, 0x5F, 0x8B, 0xDF, 0xBE, 0x90, 0x1F, 0xA6,
0xB3, 0x17, 0x9D, 0x68, 0x36, 0x45, 0x11, 0x60,
0xFF, 0xF9, 0xBA, 0xDA, 0x80, 0xAA, 0x37, 0x57,
0xDD, 0x34, 0x30, 0x42, 0x7A, 0x9C, 0x86, 0xB4,
0x91, 0x30, 0xB8, 0xC0, 0xC4, 0x29, 0x15, 0x31,
0xF3, 0x9A, 0xB0, 0xCD, 0xAC, 0x8C, 0x7C, 0x8C,
0x4A, 0xDC, 0x76, 0xB6, 0x31, 0x30, 0xDE, 0x2D,
0x81, 0x04, 0xC7, 0x48, 0x73, 0x69, 0x02, 0x40,
0x30, 0x19, 0x66, 0x94, 0x21, 0x65, 0x13, 0x18,
0xC2, 0x09, 0x14, 0x5F, 0xC4, 0x2F, 0xC4, 0xD6,
0xA6, 0x05, 0x37, 0xAF, 0x72, 0x0C, 0x47, 0x02,
0x29, 0x95, 0x08, 0x9D, 0xC9, 0x07, 0x31, 0x38,
0xA9, 0xB5, 0xDA, 0x21, 0x76, 0x1D, 0x84, 0xD0,
0x15, 0xAF, 0x2A, 0xA3, 0x69, 0x0A, 0xE9, 0x4F,
0x75, 0x8A, 0x50, 0xA5, 0x11, 0xD4, 0x5F, 0xAF,
0x70, 0x43, 0xCB, 0xD7, 0x03, 0x9E, 0xB0, 0xBD,
0x19, 0x47, 0x94, 0x58, 0x22, 0x86, 0xC6, 0xE3,
0x62, 0xD8, 0x63, 0x05, 0xD9, 0xE2, 0xE5, 0x4A,
0x04, 0x54, 0x5A, 0x55, 0x25, 0xAD, 0x15, 0x5C,
0x4B, 0x71, 0x25, 0xE1, 0x50, 0xE3, 0x62, 0x1B,
0xD2, 0x43, 0x28, 0xD2, 0x84, 0xE4, 0xE2, 0x05,
0xE3, 0x01, 0x4C, 0x8F, 0x38, 0x17, 0x49, 0xFD,
0x3B, 0x52, 0x1A, 0x55, 0xB3, 0x1D, 0x69, 0x83,
0xAB, 0x9E, 0xC4, 0x73, 0xEE, 0x64, 0x7A, 0x73,
0x19, 0xEF, 0xCD, 0x7D, 0xB7, 0xF4, 0x2E, 0xCB,
0x55, 0x2A, 0x8A, 0xCC, 0x8F, 0xF8, 0x4E, 0xFB,
0xD2, 0x63, 0x8F, 0xF1, 0x10, 0x89, 0x02, 0x93,
0x3E, 0xAC, 0xA4, 0xB4, 0x89, 0xC7, 0xF7, 0x8B,
0x3E, 0xE1, 0xE8, 0x93, 0xB9, 0x8E, 0x36, 0x25,
0xC1, 0xC0, 0xD9, 0x44, 0x81, 0xC0, 0x99, 0x3C,
0x2B, 0x89, 0xF7, 0xDF, 0xDB, 0xD8, 0xCC, 0x84,
0xE6, 0xFF, 0xFE, 0xAC, 0x21, 0x16, 0xF1, 0xE2,
0xEF, 0x0A, 0x32, 0xA7, 0xDE, 0x87, 0x51, 0xEC,
0xB1, 0x0C, 0x0B, 0xC7, 0x07, 0xD9, 0x9A, 0xF8,
0xE8, 0xB0, 0xFE, 0xA5, 0x67, 0xAF, 0x53, 0x9F,
0xEF, 0x23, 0xEF, 0x7D, 0xFF, 0xA8, 0x8E, 0xDE,
0x97, 0x93, 0x32, 0xA6, 0x7C, 0xCF, 0x49, 0xBC,
0x36, 0x0D, 0x88, 0x90, 0x89, 0x39, 0x76, 0xA8,
0x82, 0x19, 0x02, 0xB6, 0x02, 0x82, 0xFE, 0xED,
0x9C, 0x28, 0x8D, 0xB0, 0x1E, 0x2B, 0x2A, 0xCF,
0xF3, 0x94, 0xFF, 0x66, 0x33, 0x93, 0x31, 0xD6,
0xFC, 0xAF, 0xE7, 0xC5, 0x98, 0x01, 0x46, 0xCD,
0xCB, 0xC4, 0x41, 0x13, 0x6D, 0x42, 0xF5, 0x13,
0xDF, 0xF9, 0x97, 0x65, 0xD4, 0x7B, 0x6E, 0x10,
0x79, 0x5D, 0x5A, 0x82, 0xA2, 0x49, 0x53, 0xA7,
0x6D, 0x9C, 0xDD, 0x0A, 0x80, 0x98, 0x58, 0x07,
0x30, 0xBF, 0x0B, 0x30, 0xAC, 0x24, 0x9E, 0xA0,
0xE8, 0xE4, 0x7A, 0x0D, 0xD0, 0x50, 0x82, 0xAE,
0xBB, 0xEC, 0x15, 0x30, 0x2A, 0xF2, 0xA7, 0xA6,
0x6A, 0xC8, 0xAE, 0x1E, 0x14, 0x80, 0x7C, 0x18,
0xE7, 0x2B, 0x88, 0x65, 0xB7, 0x93, 0x12, 0xB3,
0xC1, 0x2A, 0x20, 0xAD, 0x3B, 0x2E, 0x84, 0xC4,
0x0D, 0xA7, 0x62, 0x5C, 0x79, 0x52, 0x5D, 0x59,
0xA4, 0x69, 0x5C, 0x26, 0xFD, 0x4F, 0x80, 0xCC,
0xFE, 0x8E, 0x70, 0x72, 0xB1, 0x41, 0xE1, 0x75,
0x53, 0x51, 0xCF, 0x4C, 0x0B, 0x57, 0xF2, 0xB8,
0x59, 0x76, 0xE6, 0xEF, 0x6D, 0x74, 0xA6, 0x73,
0x69, 0x7F, 0x7C, 0xB2, 0x35, 0xFE, 0x8A, 0x02,
0x2F, 0xBE, 0x7C, 0x4D, 0x02, 0xBE, 0x8F, 0xFB,
0x7A, 0x58, 0x45, 0xEC, 0xBA, 0x1B, 0xC6, 0xB9,
0x8D, 0xF5, 0xB0, 0x82, 0xD1, 0xB4, 0x97, 0x86,
0x9B, 0x33, 0x54, 0x49, 0x5B, 0x88, 0xD9, 0xB5,
0xD0, 0x93, 0x8A, 0x00, 0x5D, 0x0F, 0x37, 0x88,
0x57, 0xE3, 0xFA, 0x7E, 0x7B, 0xFA, 0x43, 0x74,
0x8D, 0x64, 0x07, 0xD7, 0x07, 0x85, 0x4D, 0x49,
0xBC, 0x83, 0xF5, 0xD4, 0x95, 0x3E, 0x3E, 0x09,
0x65, 0xF3, 0xFC, 0x88, 0xA7, 0xF0, 0x46, 0x61,
0x44, 0x7D, 0x76, 0xED, 0xC9, 0x8D, 0x0F, 0x8D,
0xDA, 0x0D, 0x01, 0xC8, 0xB1, 0xA8, 0x9B, 0x4A,
0xF0, 0xA3, 0x88, 0x54, 0xC1, 0xD6, 0x52, 0x97
};
#endif /* WOLFSSL_NO_ML_DSA_65 */
#ifndef WOLFSSL_NO_ML_DSA_87
static const byte seed_87[] = {
0x22, 0x5F, 0x77, 0x07, 0x5E, 0x66, 0xCE, 0x1C,
0x99, 0xBA, 0x95, 0xB4, 0xFC, 0xDF, 0x25, 0x8B,
0xBB, 0x6F, 0xA5, 0xFE, 0x9C, 0x34, 0x9F, 0x0F,
0xDE, 0x3F, 0x71, 0xD5, 0x33, 0x9F, 0x6F, 0xD8
};
static const byte pk_87[] = {
0x8C, 0x52, 0x4B, 0xD9, 0xAC, 0x48, 0x5C, 0xC6,
0x9A, 0xA0, 0x75, 0x64, 0xE1, 0x4F, 0x0F, 0x60,
0x13, 0x0E, 0xDE, 0x34, 0x08, 0xA5, 0xD4, 0x81,
0xFD, 0x76, 0xC2, 0x51, 0x74, 0x75, 0xA8, 0xFB,
0x24, 0xBF, 0x9E, 0x97, 0x9C, 0xD2, 0x3E, 0xDA,
0x8A, 0x1B, 0xB6, 0x76, 0xDA, 0x7D, 0x7F, 0x44,
0xAD, 0x6B, 0xB9, 0xB0, 0x70, 0xD3, 0xD6, 0x44,
0x7F, 0xBE, 0x6C, 0x0C, 0x71, 0x37, 0xC6, 0xFB,
0x7B, 0x39, 0x83, 0x63, 0x9C, 0x41, 0x5C, 0xF2,
0xC9, 0x15, 0xFF, 0xD4, 0x18, 0xEA, 0xA1, 0x4D,
0xA9, 0xD1, 0xAD, 0x3C, 0x09, 0x8E, 0xA9, 0x05,
0x34, 0x6C, 0xAA, 0x75, 0x78, 0xF8, 0x6B, 0x6E,
0x52, 0xE6, 0x57, 0x55, 0x16, 0xF4, 0x92, 0x3E,
0x74, 0x3F, 0x96, 0xA3, 0x2A, 0xD0, 0x0E, 0xEE,
0xA1, 0xCE, 0x8A, 0x33, 0xF4, 0x87, 0xB9, 0xF3,
0x22, 0x5D, 0x2D, 0x84, 0xCD, 0x27, 0x57, 0xCC,
0xCF, 0xE6, 0xA3, 0x66, 0x24, 0x53, 0x0E, 0x52,
0x8A, 0x2F, 0x64, 0xFC, 0xE7, 0x04, 0xE7, 0xA7,
0x6C, 0x2E, 0x6A, 0xDC, 0x00, 0xEF, 0x9B, 0xEC,
0x91, 0x07, 0xB9, 0x69, 0x8F, 0x11, 0x59, 0xFC,
0x52, 0xEF, 0x4C, 0x36, 0x5A, 0xFD, 0xB1, 0x50,
0xED, 0xC3, 0x43, 0x5E, 0x03, 0xBB, 0x70, 0x26,
0x00, 0x6E, 0x5A, 0x55, 0x13, 0x51, 0xA4, 0xB1,
0x5F, 0xB8, 0x9F, 0xD2, 0xE9, 0x98, 0x38, 0xE8,
0xCF, 0x41, 0x73, 0xFD, 0x0D, 0xF1, 0xF6, 0x80,
0x89, 0xE1, 0x51, 0x8D, 0xD4, 0xB5, 0x79, 0x27,
0x76, 0xBD, 0xD9, 0x2F, 0xC7, 0xC7, 0x9B, 0xC7,
0x99, 0x7F, 0x78, 0x84, 0xD2, 0xB8, 0x80, 0xC5,
0xD2, 0xB7, 0xEE, 0xC8, 0x0A, 0xFE, 0x35, 0x59,
0x84, 0x5D, 0x39, 0x08, 0x39, 0xBE, 0x5E, 0xBF,
0x95, 0x93, 0xA7, 0x3E, 0xD0, 0x1E, 0xF6, 0x7D,
0x50, 0x3F, 0xFB, 0x74, 0x47, 0x04, 0xA2, 0xDC,
0x49, 0x48, 0x76, 0x2B, 0xC8, 0x43, 0x45, 0x75,
0x72, 0x84, 0x4D, 0x15, 0x74, 0xE3, 0xEB, 0x37,
0x83, 0x0A, 0x3B, 0x7C, 0xD4, 0x02, 0xC7, 0x6E,
0xD5, 0xB4, 0xFC, 0x15, 0xF0, 0x5E, 0x76, 0x03,
0x4C, 0xBB, 0x6A, 0x29, 0xDE, 0xBC, 0x7E, 0x2B,
0x34, 0xB2, 0x14, 0x2A, 0x57, 0xCF, 0x1B, 0x39,
0x73, 0xE5, 0x8B, 0xFF, 0x47, 0x50, 0x42, 0xDC,
0x22, 0x6C, 0x7E, 0x13, 0x71, 0xF3, 0x37, 0x51,
0x40, 0xF2, 0x90, 0x57, 0xAC, 0xB4, 0x64, 0x7C,
0x5F, 0x92, 0x6D, 0x3F, 0xDC, 0xCC, 0xC8, 0xD2,
0xE1, 0x6B, 0x81, 0xA9, 0xED, 0xCD, 0x0C, 0x8B,
0x5B, 0x2E, 0x11, 0x89, 0x87, 0x42, 0x4B, 0xEC,
0xAD, 0x40, 0xA5, 0xE5, 0xB4, 0x6D, 0x1C, 0xB4,
0x01, 0x0A, 0x8E, 0x9F, 0x6F, 0x25, 0x92, 0x5D,
0xFE, 0x6B, 0x6F, 0x24, 0x64, 0x5F, 0x9C, 0x88,
0x86, 0x96, 0xE8, 0x79, 0x64, 0x5B, 0x6A, 0x3A,
0x76, 0x21, 0x90, 0xCC, 0xB7, 0xD6, 0x26, 0x9D,
0x35, 0x54, 0x79, 0xDF, 0x71, 0x90, 0x55, 0x2A,
0x38, 0x52, 0xD1, 0xE9, 0x56, 0x73, 0xE7, 0x19,
0x44, 0x6A, 0xD3, 0x10, 0x24, 0xB9, 0x4B, 0xF8,
0xBB, 0xC9, 0x7B, 0x04, 0x66, 0x39, 0xCE, 0x12,
0x3F, 0xDE, 0xC3, 0x75, 0xAF, 0x9F, 0x8D, 0x4C,
0xF7, 0x16, 0x9B, 0xEB, 0x5F, 0xE5, 0x1B, 0xBF,
0x82, 0x2C, 0x53, 0xBA, 0x2D, 0x98, 0xA4, 0xA0,
0x14, 0xA2, 0xDE, 0x69, 0x7F, 0x03, 0x3C, 0x9E,
0x4A, 0x57, 0xC6, 0xED, 0xF6, 0x10, 0x6A, 0x76,
0x2A, 0x81, 0x92, 0x9F, 0x3E, 0xF0, 0xFD, 0xE9,
0xB7, 0xB3, 0x8A, 0xF6, 0x1A, 0x19, 0x9A, 0x16,
0x0F, 0x09, 0x45, 0xBD, 0xBB, 0x96, 0x7C, 0x72,
0x40, 0xFE, 0x94, 0xBD, 0xE1, 0x60, 0x50, 0x53,
0x13, 0xC9, 0x2B, 0xFA, 0x52, 0x40, 0xA2, 0xA7,
0xF0, 0x8C, 0x85, 0x78, 0xDB, 0xD6, 0x7F, 0x21,
0x39, 0xB5, 0x06, 0x72, 0xEE, 0x99, 0xA1, 0xBD,
0x78, 0x1F, 0xA4, 0xE9, 0x54, 0xF4, 0xFA, 0xDF,
0xA7, 0x9E, 0xDD, 0x8E, 0xB1, 0xCF, 0xA8, 0x48,
0x84, 0x5D, 0x70, 0xCB, 0x2D, 0xA9, 0x66, 0x09,
0x0B, 0x75, 0x75, 0xA2, 0x32, 0xFE, 0xDF, 0x96,
0x33, 0x84, 0xA7, 0x84, 0x48, 0x1A, 0xFA, 0x82,
0x79, 0x0A, 0x87, 0xE1, 0x1F, 0x11, 0x74, 0xD4,
0x3C, 0xC0, 0x8D, 0x4F, 0xD2, 0x5D, 0xBB, 0x40,
0x10, 0xB2, 0x6F, 0x23, 0xD2, 0xD6, 0xF4, 0xA5,
0x87, 0xEF, 0x7D, 0xE8, 0xC6, 0xF7, 0xC6, 0x0F,
0xF9, 0x6F, 0xF8, 0x4C, 0x39, 0xE4, 0x82, 0x1E,
0x1E, 0x6A, 0x80, 0x2F, 0xEC, 0x22, 0xD6, 0xA0,
0xAA, 0xB6, 0x2C, 0xCB, 0x16, 0x43, 0x68, 0xC2,
0x27, 0xF6, 0xA2, 0x31, 0x62, 0x66, 0xEC, 0x2F,
0xFF, 0x8D, 0xB4, 0x19, 0x51, 0x19, 0xA0, 0x8C,
0x67, 0xE2, 0x04, 0x04, 0xB9, 0x1F, 0x08, 0x70,
0x9E, 0xAA, 0xC2, 0xDE, 0xCB, 0x96, 0x19, 0x8F,
0x02, 0x74, 0x10, 0xCC, 0x1B, 0x82, 0x5D, 0x9C,
0x07, 0x00, 0xE5, 0xD7, 0x04, 0x51, 0xBA, 0x7F,
0x67, 0xF9, 0x64, 0x0C, 0xA3, 0x6B, 0xF3, 0x12,
0x21, 0x80, 0x68, 0xD6, 0xA2, 0xCA, 0xFF, 0x59,
0x33, 0x43, 0x7D, 0x67, 0xBF, 0xD4, 0x88, 0x4A,
0x6E, 0x92, 0xBA, 0x41, 0xE1, 0x28, 0xDA, 0xEB,
0xE1, 0xEA, 0x25, 0x60, 0xE1, 0x2F, 0xED, 0x2C,
0xD4, 0x4B, 0xC9, 0x4E, 0x9E, 0x9D, 0xFA, 0xBB,
0xF9, 0x61, 0x41, 0x4C, 0x24, 0x24, 0xFC, 0x9B,
0x62, 0xFE, 0x73, 0x74, 0xF6, 0xB8, 0x9B, 0xA9,
0x02, 0x96, 0xF4, 0x90, 0x18, 0xA7, 0xF5, 0x49,
0xC1, 0xA3, 0x94, 0xB8, 0xED, 0xBD, 0x0B, 0xF3,
0xDB, 0xF3, 0xBC, 0x10, 0x6A, 0x6B, 0x3F, 0x79,
0x07, 0xF2, 0x11, 0x09, 0xD5, 0x42, 0x8F, 0xA9,
0x09, 0x94, 0xBE, 0xF2, 0x0D, 0x3A, 0x91, 0x33,
0x01, 0x31, 0x34, 0xBF, 0x0A, 0xCA, 0xF1, 0x3E,
0x66, 0x18, 0xA6, 0x69, 0xEC, 0xEA, 0xC5, 0xE9,
0x8B, 0x80, 0xFE, 0x4D, 0x93, 0x7B, 0xD4, 0xE5,
0x74, 0x90, 0xFA, 0xFD, 0xCE, 0x45, 0xE8, 0xD7,
0xD8, 0x8F, 0x08, 0x8B, 0x3A, 0xA8, 0x01, 0xA2,
0xB4, 0xE5, 0xF2, 0x29, 0x41, 0x02, 0xBD, 0xCB,
0xF9, 0x4A, 0x62, 0x54, 0x99, 0x94, 0x61, 0xB7,
0x8F, 0xA5, 0x8A, 0x7F, 0xDC, 0xAD, 0xD2, 0xF2,
0x28, 0x1E, 0xF3, 0x18, 0xAE, 0x21, 0x81, 0xF7,
0xE9, 0xE5, 0xBF, 0x2B, 0xC2, 0x98, 0x24, 0xB1,
0x45, 0x56, 0x57, 0x31, 0xA1, 0x48, 0xAB, 0x39,
0xC2, 0x04, 0x29, 0x1B, 0x5B, 0xD3, 0x23, 0x35,
0xCC, 0x5A, 0x58, 0x10, 0x11, 0x5B, 0xD5, 0x88,
0xC2, 0x60, 0x37, 0x3D, 0x1C, 0x1C, 0x7B, 0x09,
0x95, 0xB5, 0x05, 0x12, 0xD8, 0x52, 0x8D, 0xF5,
0xBD, 0x4A, 0xA5, 0x45, 0x6F, 0x3D, 0x55, 0x9D,
0x90, 0xAD, 0xD7, 0xA9, 0xD0, 0x25, 0x0B, 0xD7,
0x55, 0x11, 0x5C, 0x60, 0xBF, 0xBD, 0xFB, 0x9D,
0x2A, 0xCE, 0x4F, 0xE6, 0xB8, 0x36, 0x3A, 0x4D,
0xE7, 0xB6, 0xFF, 0x6B, 0xD8, 0xBA, 0xD4, 0xEE,
0x95, 0x9A, 0x0A, 0x47, 0xD4, 0x76, 0xE0, 0xF7,
0xAC, 0x02, 0xB6, 0xA8, 0x10, 0x1E, 0xA5, 0x98,
0xC0, 0xF4, 0x68, 0x5E, 0x55, 0xC1, 0x67, 0xCD,
0x16, 0x31, 0xBD, 0xA2, 0x86, 0xF3, 0xF8, 0xC0,
0xED, 0x4A, 0xFF, 0xE8, 0xF5, 0x2C, 0xFA, 0xD2,
0x06, 0x78, 0x6D, 0x34, 0xBE, 0xF9, 0x15, 0x84,
0x6D, 0xE5, 0x5F, 0xA4, 0xAC, 0x84, 0x3B, 0x3A,
0xA6, 0x2D, 0xC2, 0x01, 0xE0, 0x63, 0x92, 0xC7,
0x77, 0xB5, 0x4E, 0x2C, 0x40, 0x90, 0x48, 0xAF,
0x8B, 0xE9, 0x6C, 0x1E, 0xEE, 0x16, 0x8F, 0x4E,
0x4F, 0xFF, 0x35, 0x15, 0xE5, 0x51, 0xF4, 0xB2,
0x23, 0x1C, 0x6A, 0xCE, 0x05, 0xDC, 0xDC, 0xAD,
0x7F, 0x9D, 0xDA, 0xB3, 0x0C, 0xAD, 0x9C, 0x62,
0x68, 0xD6, 0x84, 0x00, 0x76, 0xFF, 0xD3, 0x01,
0x18, 0xB0, 0xC4, 0xE5, 0xE5, 0x0D, 0x87, 0x8E,
0xAF, 0x77, 0xEE, 0xCB, 0x56, 0x88, 0x7F, 0xED,
0xC5, 0x7C, 0x54, 0xD6, 0x28, 0x46, 0xE0, 0x8C,
0xE6, 0x87, 0xF2, 0x4D, 0x0D, 0x2F, 0x12, 0x62,
0x06, 0xDF, 0xB2, 0x4E, 0x03, 0x04, 0x78, 0x0B,
0x03, 0x4C, 0xCE, 0x86, 0xD1, 0xCD, 0x53, 0x00,
0xED, 0xC6, 0xF8, 0x9A, 0xCB, 0x59, 0x14, 0xA6,
0x0C, 0x87, 0x35, 0x92, 0x66, 0x0D, 0x02, 0xA9,
0xEF, 0x0D, 0x7D, 0xC6, 0x45, 0xF3, 0x11, 0xEF,
0x1F, 0x55, 0x72, 0x1F, 0x1B, 0x45, 0xD2, 0xE4,
0x8F, 0x3F, 0x9F, 0xEB, 0x27, 0x02, 0xD8, 0x2C,
0xEF, 0xAD, 0x7E, 0x7E, 0x10, 0xDD, 0x91, 0x5E,
0x39, 0x06, 0x7C, 0x39, 0xEA, 0x61, 0xB9, 0xCC,
0xF1, 0x45, 0x56, 0x81, 0x53, 0x55, 0x42, 0xD4,
0x37, 0x0F, 0x53, 0xF0, 0x7F, 0xA0, 0xC6, 0x50,
0x9B, 0x1D, 0xC6, 0x7E, 0x9F, 0x1D, 0x89, 0x3B,
0xEB, 0x85, 0x59, 0x6D, 0x9C, 0x12, 0xEE, 0xAC,
0xFC, 0xAE, 0xC0, 0xAE, 0x5F, 0xD4, 0x9C, 0x62,
0xE7, 0x09, 0x8C, 0xFA, 0x80, 0x1A, 0x19, 0x09,
0x0F, 0x8D, 0x68, 0x9E, 0x45, 0x33, 0xE2, 0x58,
0x7B, 0xEF, 0xC7, 0x6A, 0xDC, 0x38, 0x33, 0x3E,
0x5C, 0x53, 0xB5, 0x99, 0xDB, 0x04, 0xA7, 0xEA,
0xFB, 0x07, 0x9B, 0x25, 0x47, 0xED, 0xAC, 0x5A,
0xAA, 0x1E, 0xE5, 0x23, 0xDE, 0x64, 0xE5, 0x87,
0x46, 0x8C, 0x41, 0x52, 0xC9, 0x4F, 0x90, 0x48,
0x1C, 0xAA, 0xA6, 0xB0, 0x3A, 0x1E, 0xC9, 0x08,
0xF7, 0x82, 0x71, 0x13, 0x76, 0x6B, 0x9E, 0x52,
0x22, 0x32, 0xE0, 0xC6, 0xF7, 0xD7, 0x4C, 0xBD,
0xC3, 0x1C, 0x18, 0xAF, 0xA0, 0x12, 0xD3, 0x22,
0x6A, 0xFC, 0x71, 0x8A, 0x64, 0x24, 0xAC, 0x19,
0x4E, 0x85, 0x3C, 0x51, 0xE6, 0xA3, 0xAD, 0xA9,
0x59, 0x94, 0xD2, 0x7F, 0xC4, 0x9D, 0x93, 0x5B,
0x51, 0xD7, 0xF3, 0x03, 0xE7, 0x7D, 0x5B, 0x13,
0x0E, 0xCD, 0x7D, 0x0F, 0x77, 0x3E, 0x84, 0xD7,
0x4E, 0x69, 0x57, 0x1B, 0x73, 0x99, 0xC9, 0x4D,
0xC0, 0x19, 0x6B, 0x9D, 0x5F, 0xBA, 0x69, 0xEE,
0x11, 0xBD, 0x7C, 0x45, 0xD9, 0xA9, 0x65, 0x88,
0xA7, 0x0E, 0x16, 0xBF, 0xB3, 0x82, 0x5E, 0x5E,
0x56, 0x13, 0x02, 0x7D, 0xB1, 0xDC, 0xF5, 0x4A,
0x82, 0x73, 0x72, 0x35, 0x9B, 0x91, 0xAC, 0x04,
0x69, 0xE9, 0xEA, 0x19, 0xC9, 0xD8, 0x59, 0xEB,
0x8F, 0x22, 0x5F, 0x43, 0x11, 0x0C, 0xCF, 0xB4,
0x16, 0x6C, 0x7D, 0x60, 0xCE, 0x14, 0x24, 0xAD,
0xD7, 0x07, 0xC2, 0x4E, 0x98, 0xA0, 0xDE, 0x9E,
0xE6, 0x31, 0xED, 0xF8, 0x5B, 0x9C, 0xAF, 0xF7,
0x57, 0x59, 0x10, 0xA9, 0x92, 0xDC, 0x4F, 0x0C,
0x2B, 0x88, 0x75, 0x19, 0x1D, 0xB3, 0xBF, 0x70,
0x23, 0x17, 0xD5, 0x1A, 0x50, 0x30, 0x18, 0x14,
0x1A, 0x14, 0xE6, 0x1D, 0x4F, 0x8A, 0x96, 0x3E,
0xD8, 0x6E, 0xD9, 0xBF, 0x94, 0x4E, 0xDE, 0xB8,
0xFF, 0xE1, 0x6F, 0xFD, 0x31, 0xE8, 0xFE, 0x43,
0xC2, 0x40, 0x82, 0x45, 0x50, 0xFE, 0x1B, 0xBC,
0x77, 0x4B, 0xB4, 0x30, 0xA7, 0xD4, 0x46, 0x32,
0x6A, 0xF7, 0xC5, 0x92, 0xDA, 0x70, 0xB1, 0xB7,
0xA1, 0x5A, 0x5D, 0x17, 0x3B, 0xDB, 0x2F, 0x28,
0x8A, 0x6E, 0xEC, 0xDA, 0xC4, 0xF7, 0x2E, 0xCB,
0xEB, 0x96, 0x60, 0x92, 0x1B, 0xDD, 0xD6, 0x13,
0x7C, 0x85, 0x9F, 0x8A, 0x9A, 0xE9, 0x5F, 0xC4,
0x24, 0xFD, 0x33, 0xDF, 0xB3, 0x98, 0x66, 0xF7,
0xA1, 0x5A, 0xDC, 0x01, 0xC9, 0xFA, 0x37, 0xF1,
0x7B, 0xD0, 0xF6, 0x66, 0x8A, 0x26, 0x7C, 0xC2,
0x1B, 0xFF, 0x62, 0xBC, 0xFD, 0xCD, 0x47, 0xDA,
0xEE, 0x75, 0xF2, 0xAC, 0x60, 0x69, 0x87, 0x26,
0xCC, 0x92, 0x10, 0x1C, 0x92, 0xC1, 0x43, 0x09,
0xE9, 0xCE, 0x7D, 0x05, 0x5C, 0x64, 0x55, 0xCB,
0xBB, 0x7A, 0xAE, 0x05, 0xDB, 0x38, 0xD3, 0xD5,
0xBB, 0xD9, 0x9F, 0xCB, 0xCF, 0xB7, 0x9C, 0xEF,
0x7E, 0x7B, 0x2A, 0x6F, 0x84, 0x4E, 0x6A, 0x7F,
0xD3, 0x5F, 0xF3, 0xB3, 0xC1, 0xF0, 0x02, 0x9C,
0xA2, 0x4C, 0x86, 0x0E, 0x6B, 0xE2, 0x2B, 0x1D,
0x1D, 0xB4, 0x55, 0x7F, 0x85, 0x54, 0x2D, 0x85,
0x64, 0x89, 0x92, 0x19, 0x65, 0x44, 0xD7, 0x95,
0x48, 0x2C, 0x46, 0x8D, 0x0E, 0xBA, 0xFB, 0x13,
0x63, 0x52, 0x2E, 0x22, 0x19, 0x3F, 0x7F, 0xFB,
0x54, 0x4D, 0x73, 0xA1, 0x3C, 0x22, 0xD6, 0x5D,
0x2B, 0x4A, 0xBD, 0xD7, 0xBB, 0x72, 0x55, 0x80,
0xD4, 0x57, 0x4E, 0xDC, 0xF2, 0x8B, 0xB3, 0x09,
0x6A, 0xF9, 0x1A, 0xD3, 0x41, 0x0E, 0x72, 0x95,
0x49, 0xE7, 0xD1, 0xDC, 0x05, 0x22, 0xC3, 0x3E,
0x26, 0x95, 0x00, 0x01, 0x8C, 0xE1, 0x54, 0x47,
0x84, 0x10, 0xA7, 0x67, 0x45, 0xBB, 0xB9, 0x7B,
0x0B, 0xB4, 0x74, 0x82, 0xED, 0x6C, 0x26, 0x6E,
0xF2, 0x56, 0xCA, 0x1A, 0xD1, 0x10, 0x68, 0x40,
0x28, 0x23, 0xD5, 0x98, 0xB3, 0x6B, 0x75, 0x16,
0x13, 0x87, 0xE1, 0xF2, 0x3F, 0xAB, 0xC0, 0x2A,
0xF0, 0x16, 0x59, 0x85, 0x1A, 0x5B, 0x41, 0xB7,
0x52, 0xB1, 0x79, 0x46, 0x20, 0xDF, 0x59, 0xFB,
0x33, 0xB3, 0x05, 0xF1, 0x12, 0x8B, 0xDB, 0x7C,
0x51, 0x90, 0xC9, 0x8A, 0xC9, 0x48, 0x10, 0x54,
0xF4, 0x0F, 0x88, 0x1D, 0xDB, 0x40, 0x1B, 0x3A,
0xD7, 0x62, 0xD1, 0x75, 0x73, 0xD6, 0xCA, 0x23,
0x26, 0xB2, 0xBF, 0x4C, 0xCA, 0x22, 0xDD, 0xF6,
0xAF, 0x22, 0xB8, 0x4F, 0xC2, 0xC3, 0xB3, 0xD3,
0xED, 0xFA, 0xBA, 0x2E, 0x38, 0x28, 0x6A, 0xAE,
0x60, 0xE9, 0x2D, 0x11, 0x33, 0xED, 0x7E, 0xE9,
0x29, 0x8E, 0x01, 0xB0, 0x0F, 0x13, 0x83, 0x44,
0x17, 0xFA, 0xB6, 0x54, 0x7C, 0xAC, 0x1F, 0xED,
0xC9, 0x22, 0xF2, 0x4F, 0x69, 0x24, 0x04, 0xFE,
0xC2, 0x6A, 0xEB, 0xB0, 0xE4, 0xF5, 0x03, 0xCB,
0xB3, 0x99, 0x50, 0x66, 0x1F, 0x6B, 0xF3, 0xFE,
0xB7, 0xBF, 0x8D, 0xBA, 0x59, 0x75, 0x75, 0x51,
0xB0, 0xA5, 0xB9, 0x66, 0xC8, 0xDD, 0x35, 0xAE,
0x20, 0x66, 0x21, 0x9B, 0x04, 0x3F, 0xC6, 0x90,
0x6F, 0x2B, 0x5C, 0x78, 0x49, 0x3C, 0x40, 0xE6,
0xF9, 0x6B, 0x1A, 0xEF, 0xCE, 0x5A, 0xC1, 0x68,
0xD3, 0x34, 0x05, 0xD0, 0x21, 0x6C, 0xF8, 0xA8,
0x55, 0xE4, 0x6E, 0x80, 0x9B, 0xAD, 0xA5, 0xC3,
0x55, 0x0B, 0x28, 0xBB, 0x54, 0x02, 0xD4, 0xF6,
0x82, 0x73, 0xAB, 0x56, 0x0B, 0xB1, 0x5F, 0x94,
0xC3, 0xDA, 0x24, 0x1E, 0x7F, 0x62, 0x6B, 0x98,
0x6B, 0x2A, 0xF3, 0x92, 0x37, 0x3A, 0xB9, 0xE6,
0x27, 0xC4, 0xBB, 0xAB, 0xE4, 0x9A, 0x60, 0xD2,
0xAE, 0xCE, 0xFD, 0x44, 0xEB, 0x1C, 0xCF, 0x74,
0x54, 0xFC, 0xEC, 0x4F, 0xC2, 0xBA, 0xF4, 0x3B,
0xAC, 0x03, 0xC7, 0x2E, 0xE6, 0x62, 0x44, 0x61,
0x42, 0xC8, 0xAE, 0xF1, 0xB2, 0xA9, 0xAC, 0xE0,
0xCE, 0x23, 0xAF, 0xCC, 0x86, 0x61, 0xFE, 0xC5,
0xCB, 0xAC, 0x4A, 0x1B, 0x5C, 0xC7, 0x2B, 0xFF,
0x8A, 0x20, 0x62, 0x0E, 0xB9, 0x1D, 0xDD, 0x93,
0x19, 0x29, 0xE4, 0xD9, 0x13, 0x1D, 0x28, 0x32,
0x03, 0x5A, 0xA6, 0x8E, 0x20, 0xC7, 0xD6, 0xC6,
0x4D, 0x19, 0x17, 0xCC, 0x65, 0xB8, 0x84, 0x0C,
0x38, 0xB4, 0xA9, 0x45, 0x2B, 0x91, 0x61, 0x79,
0x87, 0x08, 0xA6, 0xBD, 0x28, 0x9A, 0x58, 0x48,
0xD5, 0x58, 0xC6, 0xCE, 0xC2, 0xC5, 0x72, 0x16,
0xD9, 0xF4, 0xED, 0x66, 0xAC, 0xFA, 0x93, 0xE8,
0x26, 0x10, 0x3B, 0x3D, 0x8F, 0xEA, 0x51, 0xCC,
0x82, 0xC0, 0xDB, 0xDF, 0xA7, 0x13, 0xFB, 0x1B,
0x77, 0x7E, 0x6F, 0x9E, 0x3C, 0xC5, 0x86, 0x35,
0x92, 0x5B, 0x6F, 0x76, 0xA1, 0x71, 0x0D, 0x8C,
0xDC, 0x95, 0x9F, 0xAC, 0x2C, 0x8E, 0x21, 0x01,
0x37, 0x06, 0x28, 0x64, 0x4C, 0x23, 0xE2, 0x75,
0x0B, 0xA7, 0xA4, 0xF5, 0x90, 0x87, 0xD2, 0x43,
0x71, 0x59, 0x7C, 0x8C, 0xCA, 0x77, 0x3B, 0xC5,
0x36, 0x46, 0xF7, 0x2F, 0xD3, 0x47, 0x18, 0xD7,
0xC9, 0x4E, 0x56, 0x2D, 0x49, 0x82, 0xAC, 0x7D,
0xD7, 0x3D, 0xF1, 0xDD, 0x73, 0x8B, 0xE4, 0xA1,
0x10, 0x85, 0xB6, 0x94, 0xBE, 0x6A, 0x5E, 0xEE,
0xBD, 0x60, 0xEB, 0x95, 0x76, 0xA8, 0x52, 0xE1,
0x47, 0x57, 0xA1, 0x9C, 0xEC, 0x44, 0xE5, 0x6F,
0x68, 0x34, 0x7E, 0x19, 0xBE, 0xCE, 0x56, 0xC9,
0xBE, 0xCE, 0xFC, 0xB8, 0x32, 0x6D, 0xCB, 0x84,
0x59, 0xBF, 0x4D, 0xF6, 0xE1, 0x53, 0x41, 0x61,
0x5C, 0xFB, 0xD2, 0x48, 0xA6, 0x7F, 0x05, 0xB2,
0xFC, 0xE8, 0xB2, 0x8A, 0x55, 0x7D, 0x19, 0xC0,
0x69, 0x3B, 0x91, 0x5D, 0x71, 0xE7, 0xBB, 0x72,
0x7D, 0xB9, 0x64, 0x6E, 0x8B, 0x5B, 0x70, 0x51,
0xB5, 0x69, 0x8C, 0xC0, 0xFC, 0x95, 0xB2, 0x43,
0x08, 0xF8, 0x70, 0xE4, 0x6F, 0x87, 0xA7, 0xDF,
0x23, 0x84, 0xEE, 0xCF, 0x73, 0x38, 0xDE, 0x99,
0x4C, 0xF8, 0xF1, 0x2D, 0xA2, 0x68, 0x99, 0xE3,
0x9B, 0xB8, 0xF6, 0xC1, 0x5C, 0x83, 0x07, 0xE9,
0xB9, 0xE2, 0x51, 0x62, 0xC8, 0x53, 0xF1, 0xC2,
0xF7, 0x57, 0x8A, 0xA0, 0x42, 0x3C, 0x18, 0x36,
0xF3, 0x99, 0xFD, 0x34, 0xB2, 0xF0, 0x1D, 0xBA,
0x43, 0xEA, 0x72, 0x1C, 0x0B, 0x37, 0x47, 0xBC,
0xAF, 0xDA, 0x22, 0x1F, 0x1C, 0x08, 0x16, 0x13,
0xBD, 0xAA, 0x07, 0xFD, 0x7E, 0xCA, 0x70, 0x57,
0x74, 0xDF, 0x68, 0x6B, 0x9F, 0x2D, 0x56, 0xBD,
0x21, 0x89, 0xFA, 0x09, 0x04, 0xCA, 0x09, 0xBD,
0x4F, 0xE6, 0x15, 0xF5, 0x89, 0xAB, 0xAC, 0xB2,
0xC9, 0xBF, 0xC8, 0xBB, 0x87, 0x83, 0xB4, 0xD3,
0xDC, 0xB1, 0x25, 0x9B, 0xAE, 0xC5, 0x75, 0x0C,
0x9E, 0x6A, 0x83, 0x41, 0x85, 0x9D, 0x4B, 0xBF,
0x62, 0x0C, 0x7D, 0x77, 0xC9, 0x89, 0xA6, 0xE1,
0x28, 0xBD, 0x13, 0x5D, 0x41, 0x26, 0x80, 0x75,
0x23, 0x57, 0xE7, 0x4F, 0x4D, 0x02, 0x8E, 0x0F,
0x43, 0x67, 0xF6, 0xA6, 0xE6, 0xB6, 0x84, 0x8D,
0xF5, 0x7B, 0x6A, 0x95, 0x73, 0x27, 0x86, 0x02,
0x72, 0xCB, 0xDF, 0x77, 0x1C, 0x6C, 0x5E, 0xD3,
0xF0, 0x1C, 0x82, 0x7A, 0x0D, 0xBB, 0x70, 0xA3,
0x98, 0x8B, 0x7B, 0x4A, 0xFE, 0x2D, 0xB1, 0x5C,
0x61, 0x89, 0x34, 0x4C, 0x81, 0x4B, 0x52, 0x17,
0x03, 0x81, 0x54, 0x4F, 0x9E, 0x9E, 0x07, 0x16,
0xF3, 0xD9, 0x18, 0x01, 0x11, 0xFD, 0x67, 0x18,
0xA2, 0x64, 0x35, 0x42, 0x81, 0x80, 0x4A, 0xBA,
0xCB, 0xD5, 0xF5, 0x4A, 0x10, 0x7F, 0xE2, 0xCF,
0xA5, 0x1E, 0xCB, 0x0C, 0xAB, 0x3E, 0x03, 0x98,
0x73, 0x89, 0xA4, 0x10, 0x75, 0xD5, 0xAC, 0x3D,
0xCF, 0x56, 0x75, 0xD8, 0x86, 0xC2, 0x21, 0x42,
0x99, 0x8D, 0x1B, 0x49, 0x09, 0xFE, 0x86, 0x41,
0xC9, 0xDC, 0x87, 0x8D, 0x5A, 0xF0, 0xF5, 0xBE,
0xF5, 0x49, 0x64, 0x5A, 0x7A, 0xC3, 0x5D, 0xE4,
0xD6, 0xB7, 0x30, 0x92, 0x2A, 0x15, 0x86, 0x02,
0xBE, 0xBA, 0x6E, 0xF6, 0x3D, 0x2D, 0x70, 0x89,
0xFB, 0xB5, 0x1E, 0xBA, 0xDA, 0x20, 0x12, 0x49,
0x22, 0xA0, 0xD8, 0x33, 0x9E, 0x4C, 0xC0, 0x27,
0x0F, 0x9C, 0x1F, 0xD2, 0xA9, 0xF4, 0xD2, 0xA9,
0x6D, 0xC5, 0x32, 0x16, 0x35, 0x9F, 0x19, 0x88,
0xC1, 0xAA, 0xA4, 0x66, 0x33, 0xE6, 0x2C, 0x6A,
0x6E, 0xA2, 0x1B, 0x33, 0xCB, 0xC3, 0x7E, 0xC5,
0x31, 0x4D, 0x5C, 0x17, 0x4C, 0x33, 0x7F, 0x09,
0x01, 0x33, 0x82, 0x84, 0x37, 0x03, 0xEB, 0x0E,
0xB1, 0x5F, 0x1B, 0x60, 0x8A, 0x2C, 0x9F, 0x39
};
static const byte sk_87[] = {
0x8C, 0x52, 0x4B, 0xD9, 0xAC, 0x48, 0x5C, 0xC6,
0x9A, 0xA0, 0x75, 0x64, 0xE1, 0x4F, 0x0F, 0x60,
0x13, 0x0E, 0xDE, 0x34, 0x08, 0xA5, 0xD4, 0x81,
0xFD, 0x76, 0xC2, 0x51, 0x74, 0x75, 0xA8, 0xFB,
0x9A, 0xFE, 0xF5, 0x92, 0x58, 0xBB, 0x3C, 0xEB,
0x4C, 0x5E, 0x83, 0xF9, 0xFF, 0xBC, 0x3B, 0x49,
0xAE, 0xE1, 0xFC, 0x4B, 0x94, 0x4B, 0x8C, 0x75,
0xD4, 0x67, 0x75, 0x66, 0x7D, 0x6B, 0xA4, 0xF2,
0xDA, 0xC2, 0xB7, 0xC4, 0xD8, 0x50, 0x25, 0xCB,
0x5A, 0xDB, 0xA4, 0xAD, 0xBB, 0x44, 0x20, 0x24,
0x90, 0xEA, 0xA5, 0x2C, 0xAE, 0x80, 0x22, 0xC9,
0x59, 0x02, 0xB7, 0x10, 0xB0, 0x5E, 0x1E, 0x5F,
0x52, 0x7D, 0x88, 0xDA, 0xE2, 0x04, 0xBF, 0x45,
0xA7, 0xA8, 0x49, 0x97, 0x7D, 0xAD, 0x7C, 0x7C,
0x9E, 0x9C, 0x4A, 0xCC, 0x36, 0x33, 0x0F, 0x30,
0xFA, 0xDE, 0x52, 0xE9, 0xAE, 0x23, 0x29, 0x13,
0x10, 0x17, 0x8A, 0xD0, 0x08, 0x8E, 0xE1, 0x10,
0x30, 0xD0, 0x84, 0x65, 0x92, 0x12, 0x2A, 0x81,
0x26, 0x2E, 0x11, 0x14, 0x30, 0x61, 0x38, 0x61,
0x64, 0x42, 0x05, 0x08, 0x91, 0x90, 0x4C, 0x06,
0x82, 0xCC, 0x90, 0x45, 0x10, 0x39, 0x90, 0x22,
0x40, 0x2A, 0x9B, 0x16, 0x26, 0x9A, 0xA8, 0x50,
0x91, 0x12, 0x70, 0x91, 0x20, 0x4D, 0xC0, 0x34,
0x90, 0x18, 0x28, 0x31, 0x10, 0x02, 0x11, 0x22,
0xB3, 0x6C, 0x8B, 0xB8, 0x2C, 0x22, 0xB0, 0x69,
0x53, 0x36, 0x31, 0x61, 0x42, 0x6C, 0xD9, 0x06,
0x6A, 0xD9, 0x04, 0x45, 0xDB, 0x18, 0x05, 0x12,
0x37, 0x4A, 0xD4, 0x06, 0x64, 0xD3, 0xA2, 0x85,
0xA0, 0x38, 0x8A, 0x14, 0xA5, 0x85, 0x50, 0x20,
0x85, 0xE4, 0xA8, 0x24, 0xC3, 0xC6, 0x31, 0xC9,
0x34, 0x4E, 0xD2, 0x14, 0x68, 0x82, 0x90, 0x85,
0xC4, 0x02, 0x61, 0x24, 0x38, 0x05, 0x01, 0xA3,
0x50, 0x48, 0x08, 0x62, 0x20, 0xB0, 0x25, 0x5B,
0xA6, 0x4D, 0x98, 0x92, 0x11, 0xC2, 0x06, 0x00,
0xD1, 0xB0, 0x4D, 0x21, 0xA4, 0x8C, 0x01, 0x16,
0x72, 0x11, 0xA6, 0x20, 0xD0, 0x16, 0x45, 0x10,
0x31, 0x8E, 0xCB, 0xC2, 0x69, 0x02, 0x08, 0x91,
0xD4, 0x30, 0x89, 0x03, 0x41, 0x05, 0x93, 0x16,
0x8E, 0x5A, 0x18, 0x04, 0x41, 0x10, 0x6D, 0x18,
0x42, 0x70, 0x53, 0x16, 0x31, 0x52, 0x30, 0x8E,
0x0C, 0x49, 0x66, 0x0C, 0x90, 0x0C, 0xA4, 0x08,
0x2E, 0x41, 0x92, 0x05, 0x24, 0x07, 0x30, 0x12,
0x46, 0x72, 0x13, 0x99, 0x20, 0xE0, 0xA2, 0x4C,
0x1B, 0x14, 0x52, 0x5A, 0x90, 0x05, 0x08, 0x82,
0x31, 0x53, 0xC2, 0x90, 0xCC, 0x42, 0x68, 0x18,
0xB0, 0x2C, 0x00, 0x80, 0x65, 0x58, 0x12, 0x84,
0x19, 0x90, 0x08, 0x44, 0x26, 0x4A, 0x10, 0xA9,
0x0C, 0x12, 0x25, 0x0C, 0x9C, 0x10, 0x25, 0x0C,
0x28, 0x25, 0xD8, 0x46, 0x84, 0x1A, 0x22, 0x71,
0x5B, 0x28, 0x6E, 0x98, 0x02, 0x51, 0x61, 0xB4,
0x51, 0x01, 0xA1, 0x21, 0x24, 0x39, 0x12, 0xC8,
0x08, 0x85, 0xD1, 0x34, 0x64, 0xA4, 0xA8, 0x04,
0xA2, 0xC0, 0x09, 0x44, 0x48, 0x48, 0x03, 0x37,
0x00, 0x20, 0x05, 0x4D, 0x20, 0xA4, 0x05, 0x11,
0x18, 0x82, 0x42, 0x94, 0x4D, 0x24, 0x16, 0x01,
0x02, 0x93, 0x4C, 0x00, 0x16, 0x06, 0xC1, 0xC0,
0x0C, 0x8B, 0xC0, 0x41, 0x41, 0x06, 0x42, 0xA3,
0xC6, 0x64, 0x1A, 0x85, 0x91, 0x41, 0x06, 0x49,
0x04, 0xA7, 0x44, 0x82, 0x22, 0x6A, 0x50, 0x08,
0x0E, 0x14, 0x18, 0x20, 0x4B, 0x88, 0x91, 0x01,
0xA0, 0x49, 0x1A, 0x85, 0x4D, 0x94, 0x18, 0x10,
0x0A, 0x05, 0x44, 0x94, 0x38, 0x05, 0x93, 0x40,
0x68, 0x23, 0x07, 0x85, 0xE2, 0x12, 0x22, 0x9B,
0xB8, 0x08, 0xD2, 0x10, 0x2A, 0x08, 0xA8, 0x10,
0x92, 0x40, 0x2D, 0xD8, 0x44, 0x4C, 0xCC, 0x94,
0x05, 0x24, 0x43, 0x4C, 0xD3, 0xC2, 0x48, 0x10,
0x21, 0x2D, 0xC9, 0xB6, 0x08, 0xC9, 0x06, 0x4D,
0xE1, 0x90, 0x20, 0x14, 0x24, 0x70, 0x5C, 0x84,
0x28, 0xC0, 0xC2, 0x81, 0x22, 0x13, 0x50, 0x44,
0x84, 0x91, 0xCA, 0xA2, 0x48, 0x12, 0x91, 0x05,
0x5B, 0x92, 0x8D, 0x92, 0x92, 0x24, 0x82, 0x42,
0x48, 0x03, 0x37, 0x46, 0xD8, 0x44, 0x86, 0x44,
0x20, 0x89, 0xE4, 0xC2, 0x84, 0xC2, 0x04, 0x65,
0x49, 0xA8, 0x4D, 0xA4, 0x38, 0x28, 0xDB, 0xA4,
0x64, 0x24, 0x00, 0x51, 0xC8, 0x12, 0x6D, 0x19,
0x82, 0x24, 0xCB, 0x00, 0x44, 0x4B, 0x20, 0x20,
0x9B, 0x82, 0x4C, 0x5C, 0xA8, 0x08, 0xD2, 0xB6,
0x8C, 0x08, 0x35, 0x20, 0xC0, 0x92, 0x45, 0xE3,
0xB4, 0x2C, 0x50, 0x32, 0x0E, 0xD1, 0x82, 0x11,
0x4A, 0x96, 0x08, 0x1C, 0x86, 0x29, 0x02, 0x19,
0x71, 0x12, 0x03, 0x6E, 0x94, 0x08, 0x50, 0x12,
0x27, 0x20, 0x0B, 0x10, 0x12, 0xA1, 0x18, 0x06,
0x5A, 0x36, 0x4C, 0x93, 0xB4, 0x68, 0x21, 0xA7,
0x28, 0x09, 0x34, 0x91, 0x18, 0x93, 0x49, 0x4A,
0x32, 0x60, 0x00, 0x29, 0x2D, 0x94, 0x48, 0x44,
0x09, 0x94, 0x2C, 0x21, 0x07, 0x6C, 0x41, 0x38,
0x60, 0x8C, 0x10, 0x46, 0x11, 0x19, 0x65, 0x01,
0x46, 0x60, 0x1A, 0x29, 0x42, 0x23, 0x30, 0x29,
0x40, 0x96, 0x85, 0x81, 0xC6, 0x6C, 0x09, 0xA2,
0x31, 0x23, 0xC9, 0x84, 0x18, 0x27, 0x61, 0x02,
0xA6, 0x05, 0x1B, 0x11, 0x32, 0xD1, 0x80, 0x24,
0x59, 0x22, 0x52, 0x21, 0x34, 0x64, 0x0A, 0x21,
0x52, 0x10, 0xC2, 0x80, 0x5C, 0x98, 0x0D, 0x81,
0xA0, 0x84, 0x14, 0x97, 0x04, 0xCC, 0xC2, 0x04,
0x1A, 0x81, 0x45, 0x23, 0x44, 0x6C, 0x13, 0xC0,
0x44, 0x59, 0xC2, 0x68, 0x64, 0x08, 0x52, 0x51,
0x30, 0x71, 0x12, 0x49, 0x70, 0x12, 0x94, 0x84,
0x80, 0x12, 0x12, 0x1B, 0x00, 0x50, 0x84, 0x10,
0x45, 0x4A, 0x30, 0x10, 0x22, 0x95, 0x49, 0xC9,
0x82, 0x24, 0x03, 0x35, 0x21, 0x18, 0x16, 0x72,
0x09, 0x89, 0x65, 0x88, 0xB2, 0x89, 0x41, 0xB4,
0x90, 0x92, 0x38, 0x8C, 0x08, 0x23, 0x26, 0x0B,
0x80, 0x61, 0x84, 0x28, 0x6A, 0x4C, 0x98, 0x44,
0x10, 0xB9, 0x30, 0x93, 0x02, 0x49, 0x22, 0x13,
0x80, 0x1C, 0xC3, 0x48, 0x50, 0xA8, 0x20, 0x1C,
0x05, 0x00, 0x5B, 0x02, 0x41, 0xD2, 0x84, 0x61,
0x4B, 0x40, 0x46, 0x20, 0x21, 0x44, 0xD9, 0xC4,
0x21, 0xD3, 0xA4, 0x4D, 0xC0, 0xC0, 0x09, 0x5B,
0x28, 0x91, 0x18, 0x15, 0x41, 0x18, 0xC5, 0x4C,
0x14, 0xB7, 0x61, 0xDB, 0x34, 0x25, 0x02, 0x06,
0x41, 0x14, 0xA9, 0x65, 0x0B, 0x10, 0x04, 0x23,
0xC7, 0x49, 0x13, 0x47, 0x0A, 0xD0, 0x30, 0x80,
0x99, 0x32, 0x68, 0x50, 0x18, 0x06, 0xA2, 0x28,
0x65, 0x13, 0x35, 0x82, 0xD3, 0x06, 0x81, 0x22,
0x49, 0x4D, 0x48, 0x44, 0x30, 0xCA, 0x96, 0x2C,
0x12, 0xC8, 0x08, 0xA1, 0x24, 0x2C, 0x52, 0xA8,
0x28, 0x23, 0x14, 0x0A, 0xD4, 0x20, 0x4D, 0x18,
0x12, 0x72, 0xD4, 0x80, 0x44, 0xDC, 0x26, 0x2C,
0x88, 0x10, 0x0A, 0x04, 0x14, 0x51, 0xC1, 0x96,
0x00, 0xA3, 0x40, 0x30, 0x99, 0x48, 0x92, 0x9B,
0x08, 0x86, 0x81, 0x04, 0x20, 0x4C, 0xB2, 0x29,
0x18, 0x31, 0x08, 0x09, 0x23, 0x8C, 0x4C, 0x02,
0x6A, 0xCA, 0x00, 0x62, 0x09, 0x22, 0x2D, 0x21,
0x00, 0x02, 0x0A, 0x39, 0x41, 0x04, 0xA3, 0x50,
0x90, 0x80, 0x2D, 0x59, 0xB4, 0x71, 0x13, 0x16,
0x31, 0x11, 0x90, 0x4C, 0xC3, 0x14, 0x20, 0x60,
0xB2, 0x30, 0x0A, 0xB6, 0x24, 0x21, 0xA9, 0x10,
0x89, 0x80, 0x88, 0x44, 0x06, 0x8A, 0x91, 0x22,
0x8E, 0xD9, 0x36, 0x86, 0x10, 0x46, 0x0A, 0xE1,
0x16, 0x85, 0x42, 0x40, 0x6C, 0x09, 0x49, 0x11,
0xE0, 0x88, 0x68, 0x12, 0x08, 0x68, 0x5C, 0x26,
0x24, 0x04, 0xA8, 0x70, 0xC8, 0x08, 0x05, 0x13,
0x87, 0x41, 0x23, 0x29, 0x72, 0xC9, 0xB8, 0x88,
0x1B, 0x22, 0x66, 0x11, 0xA5, 0x2D, 0x11, 0x29,
0x12, 0x50, 0x12, 0x70, 0x03, 0x09, 0x6A, 0x4B,
0x88, 0x4C, 0xD2, 0xC8, 0x31, 0x40, 0x26, 0x40,
0x4C, 0x04, 0x50, 0x58, 0x16, 0x71, 0x90, 0xC2,
0x00, 0x0A, 0x30, 0x8A, 0xDC, 0x24, 0x85, 0x19,
0xB0, 0x65, 0x1A, 0xA3, 0x64, 0x13, 0xA3, 0x45,
0xC8, 0x48, 0x91, 0x91, 0x12, 0x20, 0xDC, 0x42,
0x40, 0x24, 0xC0, 0x4D, 0xA3, 0x98, 0x10, 0x40,
0x26, 0x25, 0xDC, 0xB4, 0x68, 0x4B, 0xC2, 0x45,
0x13, 0x06, 0x91, 0xC8, 0x92, 0x24, 0x82, 0xA8,
0x20, 0x4C, 0x30, 0x48, 0x52, 0x06, 0x01, 0x0B,
0x24, 0x51, 0x41, 0x36, 0x40, 0x93, 0xC4, 0x70,
0x44, 0x40, 0x2C, 0x24, 0x28, 0x22, 0x81, 0xA4,
0x4C, 0x43, 0x84, 0x60, 0x20, 0x23, 0x90, 0x01,
0x94, 0x6C, 0xDB, 0x28, 0x21, 0x93, 0x30, 0x80,
0x93, 0xC0, 0x25, 0xC8, 0xA6, 0x50, 0xCA, 0x24,
0x26, 0xD1, 0x40, 0x31, 0x04, 0xC4, 0x8D, 0xE2,
0xC0, 0x04, 0x08, 0x33, 0x8C, 0x18, 0x87, 0x91,
0xC8, 0xC8, 0x71, 0x40, 0x46, 0x06, 0x00, 0x44,
0x20, 0x22, 0x49, 0x70, 0x11, 0x45, 0x90, 0x02,
0xC3, 0x61, 0x60, 0xB4, 0x25, 0x80, 0x16, 0x21,
0x11, 0x09, 0x04, 0x88, 0x04, 0x05, 0xCC, 0x36,
0x20, 0x01, 0xB1, 0x2C, 0x64, 0xB6, 0x50, 0x54,
0x32, 0x42, 0x0B, 0x08, 0x8D, 0x12, 0x39, 0x0D,
0x10, 0x29, 0x52, 0x88, 0xB0, 0x04, 0x11, 0x38,
0x44, 0xD2, 0xA6, 0x71, 0x0B, 0x45, 0x48, 0x9C,
0x34, 0x72, 0xA0, 0x28, 0x49, 0x82, 0x16, 0x86,
0x12, 0x18, 0x61, 0x04, 0x41, 0x0D, 0x8A, 0xA6,
0x41, 0x80, 0xA8, 0x61, 0xDA, 0x30, 0x65, 0x82,
0x84, 0x30, 0x08, 0xA3, 0x29, 0x04, 0x33, 0x8E,
0x02, 0x24, 0x0D, 0x9C, 0x44, 0x10, 0xC9, 0x02,
0x81, 0x53, 0x06, 0x66, 0x8B, 0x06, 0x90, 0x03,
0x87, 0x69, 0x21, 0xC9, 0x69, 0x83, 0x46, 0x4E,
0x14, 0x24, 0x89, 0x8C, 0xA0, 0x6C, 0x99, 0xA2,
0x2C, 0x11, 0x37, 0x66, 0x0C, 0xA6, 0x4D, 0xD3,
0xC8, 0x70, 0x03, 0x02, 0x61, 0xC3, 0xB6, 0x65,
0x23, 0xC1, 0x6C, 0x10, 0x34, 0x8D, 0x1A, 0xC1,
0x31, 0x43, 0x40, 0x44, 0xD4, 0x08, 0x02, 0x0A,
0x36, 0x20, 0xE3, 0x26, 0x42, 0x0A, 0x48, 0x26,
0x1A, 0x13, 0x44, 0x0C, 0x18, 0x61, 0x91, 0x96,
0x84, 0x02, 0x17, 0x46, 0x9C, 0x20, 0x40, 0x41,
0xC6, 0x2D, 0x1B, 0x16, 0x0C, 0x98, 0xB2, 0x90,
0x1A, 0x20, 0x84, 0xE2, 0x34, 0x2D, 0xCB, 0x14,
0x44, 0x93, 0xC6, 0x8D, 0x58, 0xB2, 0x69, 0x22,
0xB2, 0x88, 0xC0, 0xB8, 0x2D, 0xA2, 0xC2, 0x31,
0x20, 0xA3, 0x24, 0x11, 0x46, 0x48, 0x4A, 0xA6,
0x50, 0x24, 0x09, 0x21, 0x1A, 0x01, 0x0D, 0x20,
0x36, 0x01, 0xC4, 0x34, 0x70, 0xDA, 0x16, 0x68,
0x84, 0x22, 0x4C, 0x11, 0x14, 0x09, 0x13, 0xC4,
0x68, 0x11, 0x41, 0x2D, 0x1C, 0x10, 0x31, 0xDC,
0xB2, 0x64, 0x42, 0x36, 0x08, 0x5C, 0x10, 0x88,
0x04, 0x91, 0x25, 0xE1, 0xA0, 0x20, 0x14, 0x18,
0x12, 0x14, 0x94, 0x91, 0x4C, 0xC2, 0x24, 0xD4,
0x06, 0x71, 0x21, 0x02, 0x8D, 0xD4, 0x88, 0x30,
0xC9, 0x36, 0x0E, 0xE4, 0x82, 0x81, 0xC0, 0x04,
0x6D, 0x24, 0x23, 0x09, 0x21, 0x45, 0x45, 0x20,
0x06, 0x65, 0xC2, 0x30, 0x2A, 0x18, 0x30, 0x8E,
0x24, 0x83, 0x89, 0x93, 0x32, 0x66, 0xC1, 0x48,
0x45, 0x62, 0x48, 0x0A, 0x52, 0xB8, 0x80, 0x11,
0x86, 0x21, 0x04, 0x34, 0x11, 0x24, 0xB5, 0x6C,
0x50, 0x36, 0x0A, 0x19, 0xA7, 0x8C, 0x14, 0x90,
0x0D, 0x1A, 0xA5, 0x68, 0x0B, 0xB1, 0x11, 0x50,
0x40, 0x08, 0x48, 0xB6, 0x31, 0x14, 0x28, 0x8D,
0xE3, 0x47, 0xB4, 0xA1, 0x44, 0x94, 0xCC, 0x9F,
0x0B, 0x94, 0x9F, 0x25, 0x49, 0xD9, 0xB3, 0x8F,
0x71, 0xF4, 0x17, 0xA4, 0xA6, 0xAC, 0x24, 0x58,
0x14, 0x25, 0x03, 0xC8, 0x63, 0x3E, 0x10, 0xA8,
0xD4, 0x10, 0xD7, 0x90, 0x4A, 0x28, 0x37, 0x90,
0x70, 0x27, 0xE3, 0x56, 0x5F, 0x04, 0x67, 0x76,
0xC3, 0x67, 0x3F, 0xF5, 0xA5, 0x11, 0xA2, 0x2C,
0x11, 0x01, 0x5D, 0x63, 0x71, 0x1A, 0xE6, 0x70,
0x86, 0x46, 0xAB, 0xCE, 0x03, 0xB6, 0x82, 0xAF,
0x51, 0xBA, 0x81, 0x94, 0x9C, 0x82, 0x36, 0xA9,
0x49, 0xA5, 0xA3, 0x11, 0x08, 0x8C, 0x4B, 0x13,
0x41, 0xF0, 0x08, 0xFD, 0xB2, 0x99, 0xED, 0xA8,
0x07, 0x61, 0x3C, 0x2E, 0xBC, 0x49, 0x7B, 0x1C,
0xBC, 0x87, 0xBC, 0xAE, 0x5F, 0x5E, 0x8F, 0x5D,
0xE7, 0xB9, 0x0C, 0x70, 0x36, 0x25, 0x61, 0xFD,
0x95, 0x9F, 0xAE, 0x0F, 0x8D, 0xF3, 0xA2, 0x45,
0x24, 0xA7, 0xDE, 0x60, 0xD1, 0x4E, 0x6D, 0xAC,
0xC7, 0x6A, 0x32, 0x42, 0xC0, 0x73, 0xEB, 0x78,
0x50, 0xF4, 0x49, 0x52, 0x5E, 0x6F, 0x81, 0x42,
0x54, 0xF8, 0x82, 0x05, 0xC9, 0x64, 0x74, 0x6A,
0x60, 0x5E, 0x36, 0x59, 0x40, 0x50, 0xA3, 0xFE,
0xDA, 0xE2, 0x6D, 0x8D, 0x6E, 0xE4, 0x5A, 0x27,
0x73, 0x89, 0xDB, 0x0C, 0x5B, 0x14, 0xD9, 0xED,
0xB2, 0xC7, 0x1D, 0x71, 0x93, 0x91, 0x0A, 0x72,
0x32, 0xBE, 0xA3, 0xD8, 0x95, 0x8C, 0x94, 0x7E,
0x63, 0xEB, 0xCE, 0x8B, 0xFC, 0xB0, 0x3F, 0x77,
0x5C, 0x43, 0x48, 0x18, 0x83, 0xFE, 0xC8, 0xDA,
0x89, 0xF2, 0x3B, 0x54, 0x82, 0x44, 0xC6, 0x9C,
0xCC, 0x77, 0x0A, 0xC1, 0x6F, 0xB9, 0x98, 0x10,
0xD5, 0xF2, 0x60, 0xFF, 0x38, 0xD2, 0x0D, 0xD6,
0x8C, 0x38, 0x54, 0x5B, 0xD8, 0x38, 0x84, 0x50,
0x36, 0xF4, 0x02, 0xC1, 0x06, 0x0F, 0x15, 0x1B,
0xC8, 0x90, 0x9B, 0x6E, 0x36, 0xC8, 0x3F, 0xE9,
0x8B, 0x62, 0x15, 0x6F, 0xF0, 0xC2, 0x86, 0x7F,
0xD1, 0xB5, 0x97, 0x53, 0xAE, 0x41, 0xAE, 0x21,
0x84, 0xAC, 0x57, 0xA5, 0x1F, 0xA7, 0xC7, 0x24,
0xDF, 0xDE, 0x2F, 0x3C, 0xCD, 0xA2, 0x7E, 0x1D,
0x97, 0xE1, 0x96, 0xC5, 0xB4, 0x7D, 0xF9, 0x5F,
0x7E, 0xEF, 0x09, 0xC4, 0xF3, 0x57, 0xF0, 0x51,
0x73, 0xAB, 0x0E, 0x6A, 0xCA, 0x64, 0xE4, 0x99,
0x0F, 0xD2, 0x20, 0xAC, 0x72, 0xF1, 0xA8, 0x23,
0x8F, 0x94, 0x63, 0xDC, 0xB3, 0xBB, 0x62, 0x2C,
0xEA, 0xA6, 0x27, 0x5A, 0x93, 0xC6, 0xCD, 0xCE,
0x1E, 0x09, 0xAF, 0x89, 0xEC, 0x22, 0xE4, 0x30,
0x2D, 0xB9, 0xCD, 0x08, 0x2E, 0x12, 0x76, 0x79,
0x99, 0xBC, 0xA0, 0x34, 0x0B, 0xDA, 0x89, 0x08,
0x14, 0x60, 0x7B, 0x98, 0xE6, 0xAF, 0xD2, 0xE1,
0x87, 0xC8, 0xDA, 0x50, 0xF7, 0x10, 0x2C, 0x72,
0x74, 0x50, 0xD0, 0x3C, 0x98, 0x06, 0xFE, 0xEB,
0xC6, 0xC5, 0x69, 0x31, 0x06, 0xE2, 0x2E, 0x7E,
0x7D, 0x3D, 0x2B, 0x1F, 0x48, 0x43, 0xC5, 0x95,
0xDA, 0x84, 0x08, 0x1E, 0x2B, 0x50, 0x6D, 0x91,
0xA6, 0x2B, 0xCD, 0x08, 0x43, 0x7B, 0xA2, 0xD8,
0x60, 0x6E, 0xF7, 0x80, 0x08, 0xC3, 0x3F, 0x35,
0xF3, 0x70, 0xA5, 0xC7, 0x56, 0xFC, 0xBD, 0x34,
0x46, 0x7B, 0xBF, 0x63, 0x19, 0xAC, 0xB6, 0xC3,
0x1B, 0x81, 0x84, 0x9F, 0xBB, 0x54, 0x05, 0x99,
0xAE, 0x43, 0xE2, 0xA5, 0x20, 0xFD, 0x5C, 0xC7,
0x25, 0x47, 0xB1, 0xFD, 0x80, 0xB5, 0x78, 0xC2,
0x00, 0x98, 0x02, 0xB9, 0x61, 0x2A, 0xBA, 0x39,
0xC7, 0x20, 0xB8, 0x7D, 0x7A, 0x03, 0x68, 0xE5,
0x37, 0x71, 0x1F, 0x72, 0xAA, 0x41, 0x61, 0xB4,
0xC0, 0xC2, 0xD3, 0x7A, 0xCD, 0xD2, 0xED, 0xC2,
0xC5, 0x99, 0x8C, 0x62, 0xA3, 0x7D, 0xC8, 0x9C,
0xD2, 0x50, 0x02, 0x0D, 0xCB, 0x68, 0x15, 0xB0,
0xD6, 0x19, 0x03, 0xC8, 0x01, 0x12, 0x72, 0xA1,
0x3A, 0xC2, 0xA6, 0x63, 0x51, 0x26, 0x03, 0x5D,
0x3F, 0x1D, 0x3B, 0x0E, 0x30, 0x6B, 0xB7, 0xEC,
0xB6, 0x8E, 0x2D, 0x76, 0xC8, 0xD7, 0xAE, 0x59,
0x81, 0xFC, 0x5F, 0x57, 0x5E, 0xAD, 0xA0, 0x20,
0xC8, 0xB4, 0x91, 0x2D, 0xEC, 0x03, 0xC4, 0xC6,
0x55, 0x05, 0x87, 0xA4, 0xA2, 0x21, 0x09, 0x25,
0x97, 0x21, 0xA4, 0x46, 0x45, 0x46, 0x40, 0x3B,
0xDC, 0x6F, 0xCD, 0xFB, 0xFB, 0xD9, 0xF4, 0x2C,
0xEC, 0xF1, 0xC4, 0x73, 0x41, 0x30, 0x60, 0x63,
0x9A, 0xF2, 0xA5, 0x26, 0x78, 0x9A, 0x5E, 0x70,
0x98, 0xDE, 0x35, 0x10, 0xA0, 0x5D, 0x45, 0xD5,
0x95, 0xF7, 0x11, 0xBC, 0x99, 0xD3, 0x00, 0x67,
0x9A, 0x30, 0x85, 0x36, 0x50, 0xDB, 0x18, 0xEA,
0x6D, 0xB2, 0xF3, 0x14, 0xDA, 0x23, 0xE2, 0x8A,
0x44, 0x21, 0x25, 0xD4, 0xA3, 0x28, 0x43, 0xA0,
0xC6, 0x5C, 0x99, 0xB0, 0x72, 0x6B, 0xC2, 0x1A,
0x30, 0xBE, 0x6B, 0x7B, 0xE0, 0x31, 0x54, 0x8C,
0x29, 0xE5, 0xC6, 0x69, 0x53, 0xDE, 0x05, 0x1E,
0x43, 0xCC, 0x7E, 0x9A, 0x82, 0x4A, 0xC4, 0x0A,
0x50, 0x65, 0xDC, 0xD8, 0xF9, 0x01, 0x32, 0x65,
0x1E, 0xF9, 0xA4, 0xCC, 0x07, 0xB9, 0x55, 0x97,
0x45, 0xA9, 0x61, 0xF8, 0xBE, 0x99, 0x00, 0x12,
0xD8, 0x17, 0x62, 0xFB, 0x89, 0xE7, 0x05, 0x5E,
0x1B, 0xCD, 0x2B, 0x09, 0x6C, 0x5A, 0x5C, 0xA3,
0x66, 0x4D, 0x02, 0x78, 0x0C, 0xC3, 0x63, 0x30,
0xD0, 0xFA, 0x7B, 0x11, 0x00, 0x40, 0xDD, 0xF0,
0x8C, 0x7C, 0xBA, 0x4C, 0x63, 0x78, 0xDA, 0xBB,
0xDF, 0xF9, 0xC9, 0xA4, 0x40, 0x25, 0x86, 0xD1,
0xBA, 0x22, 0xD7, 0x69, 0x98, 0x4E, 0x9D, 0x15,
0x21, 0xA8, 0x56, 0xC0, 0xFF, 0x52, 0xE4, 0xB4,
0x0F, 0xB2, 0x53, 0xE7, 0xA1, 0x34, 0x18, 0xEA,
0x5B, 0x25, 0x42, 0x13, 0xE3, 0x13, 0xE7, 0xDF,
0x54, 0x2B, 0x8D, 0x70, 0x51, 0xC7, 0x60, 0xB1,
0x1E, 0x4D, 0x3A, 0x46, 0x04, 0xA1, 0x11, 0x43,
0xAD, 0x24, 0x29, 0x90, 0xC9, 0x04, 0x15, 0xC5,
0x07, 0xE5, 0x46, 0xB8, 0x50, 0x16, 0x6B, 0x66,
0xFE, 0x1C, 0x8B, 0xFC, 0x20, 0x9C, 0xC4, 0x88,
0x10, 0x36, 0x5E, 0x56, 0xE8, 0x45, 0x75, 0x89,
0xFB, 0xD6, 0xD0, 0x8D, 0x9D, 0x53, 0xAE, 0x89,
0x19, 0x54, 0xCF, 0xE1, 0xFF, 0x12, 0x13, 0xF2,
0xC7, 0xBE, 0x4C, 0x1E, 0xB0, 0x70, 0x6E, 0xDC,
0x0A, 0x64, 0x3B, 0x60, 0x3A, 0xEA, 0x0D, 0x41,
0xDD, 0x8E, 0x09, 0xB9, 0x96, 0x8F, 0x6A, 0x49,
0x50, 0xEF, 0xDF, 0xD7, 0x73, 0x8D, 0x16, 0x32,
0xA8, 0x5C, 0x0A, 0x90, 0x18, 0xA1, 0xEB, 0x19,
0xCC, 0x50, 0xD5, 0x59, 0xD7, 0x35, 0x3F, 0xBA,
0x38, 0x1B, 0x5F, 0x71, 0x56, 0x70, 0xB3, 0x20,
0x4D, 0x9E, 0x16, 0xA8, 0xF7, 0x35, 0x19, 0xD2,
0x09, 0x0A, 0x22, 0x28, 0x81, 0x61, 0x26, 0x5B,
0x9C, 0xEC, 0x9D, 0x4A, 0x61, 0xCF, 0x0D, 0x3C,
0x88, 0xEA, 0x0B, 0x7A, 0xA7, 0xC6, 0xAE, 0x31,
0xBE, 0xC2, 0xBA, 0x48, 0xBB, 0x9D, 0x06, 0xE1,
0x32, 0x6D, 0x80, 0xCE, 0x27, 0x5C, 0x6F, 0x13,
0x79, 0x35, 0x9F, 0x9C, 0x11, 0xEA, 0xDB, 0xF5,
0x49, 0x15, 0xB6, 0x51, 0x86, 0xFC, 0x62, 0x34,
0x3D, 0x58, 0x6B, 0x0E, 0xF8, 0x3B, 0xBB, 0x42,
0xF6, 0x2D, 0x5C, 0xE2, 0xF3, 0xAA, 0x9F, 0x03,
0x43, 0xE9, 0x9E, 0x90, 0xB9, 0xFF, 0x55, 0x93,
0x60, 0xF8, 0x10, 0x2F, 0xFC, 0xBD, 0x40, 0x23,
0xB8, 0x4F, 0x4C, 0x7A, 0x74, 0x9F, 0xDC, 0x55,
0xDF, 0x5E, 0xCD, 0x23, 0xEB, 0xAC, 0x47, 0x4E,
0x0D, 0x0F, 0xBE, 0xDE, 0x02, 0x64, 0x61, 0x7E,
0x73, 0x78, 0x8E, 0x25, 0xE9, 0x7D, 0x66, 0xE5,
0x82, 0xBF, 0x98, 0x5B, 0x36, 0xCE, 0x17, 0x72,
0x56, 0x9C, 0xDA, 0x63, 0x77, 0x55, 0x8B, 0xA9,
0x75, 0xF5, 0x28, 0xC3, 0x78, 0x6D, 0x8F, 0xC2,
0x75, 0x5F, 0x28, 0x9E, 0x3F, 0xFB, 0xF1, 0xFD,
0xB7, 0xDE, 0x05, 0x3C, 0xD3, 0xE8, 0xD7, 0x7A,
0x7D, 0xC9, 0xF7, 0x9D, 0x58, 0xB4, 0xA6, 0x21,
0x25, 0xFC, 0x52, 0x84, 0x21, 0xF6, 0x0B, 0x6D,
0xA6, 0x62, 0x51, 0x97, 0xCD, 0xA9, 0xA1, 0x0C,
0x88, 0x21, 0x67, 0xA5, 0xFB, 0x8C, 0x8A, 0x50,
0xC5, 0x21, 0x91, 0x3A, 0xAB, 0x95, 0x96, 0xF3,
0x30, 0x6D, 0x08, 0x42, 0x07, 0x4B, 0x78, 0x1F,
0xC1, 0xD3, 0x41, 0x15, 0x68, 0xED, 0x93, 0x09,
0xC7, 0x8B, 0xF9, 0x77, 0x25, 0xD3, 0xCE, 0x2B,
0xA2, 0x0D, 0xB4, 0xC6, 0x84, 0x7F, 0x8E, 0xE5,
0x24, 0x46, 0x59, 0x8D, 0x6F, 0x0F, 0x0C, 0xA8,
0xFC, 0x04, 0x9B, 0x4D, 0x2B, 0xA7, 0x70, 0x1F,
0x46, 0x7E, 0x76, 0x03, 0xC6, 0x7E, 0xA5, 0x3D,
0x79, 0xE2, 0xF1, 0xAC, 0xBC, 0xDD, 0xF6, 0x91,
0x69, 0x4C, 0x44, 0x1F, 0xC3, 0xBF, 0x9F, 0xFC,
0x4E, 0xB0, 0x79, 0x30, 0x68, 0x89, 0xAC, 0xF2,
0xD7, 0xC6, 0xE1, 0x6C, 0x37, 0xFB, 0xB3, 0x38,
0x44, 0x2C, 0x97, 0xAB, 0xDA, 0x2C, 0x88, 0xC7,
0xF2, 0x80, 0x08, 0x00, 0x4E, 0x44, 0xED, 0xBE,
0xA4, 0x28, 0x3D, 0xC1, 0xCF, 0x9E, 0x83, 0xE7,
0x2E, 0x7F, 0xF5, 0x08, 0x47, 0x26, 0xE0, 0xBD,
0x1A, 0x17, 0xDB, 0x2F, 0xED, 0x19, 0x2E, 0x65,
0x1B, 0x62, 0x5F, 0x08, 0x82, 0x10, 0x61, 0xCB,
0xAA, 0xA7, 0xF8, 0x59, 0x4B, 0x46, 0xCB, 0xA2,
0xCB, 0x41, 0x34, 0x30, 0x51, 0x58, 0x2A, 0xEE,
0xE1, 0x5E, 0xAC, 0xCA, 0xBF, 0x37, 0x45, 0x98,
0xBD, 0x93, 0x1B, 0x5A, 0x5E, 0x92, 0x14, 0x05,
0x75, 0x2D, 0xFB, 0x8F, 0xBD, 0x24, 0x9B, 0x81,
0xCD, 0xDD, 0xF5, 0xBE, 0x05, 0x0D, 0xBD, 0x4B,
0x2B, 0x8C, 0x0A, 0xF0, 0x3A, 0x85, 0xD6, 0x74,
0x65, 0x7F, 0x98, 0xF8, 0x57, 0xA2, 0x36, 0xA2,
0xFE, 0xE4, 0xB4, 0xA4, 0x0D, 0xEA, 0x9A, 0xBE,
0x41, 0x79, 0x68, 0x63, 0x70, 0x3F, 0x3E, 0x38,
0x60, 0xC3, 0x40, 0x81, 0x72, 0xDD, 0x25, 0x34,
0xB4, 0xFE, 0xAC, 0x41, 0x6E, 0x4A, 0xE7, 0xBF,
0xE3, 0x87, 0xFA, 0x20, 0x8B, 0xBD, 0x68, 0x9E,
0x06, 0xA9, 0x15, 0x23, 0x07, 0x04, 0x4B, 0xFA,
0x45, 0x45, 0xB7, 0x75, 0xD3, 0x3E, 0x16, 0x70,
0xF6, 0x26, 0xF2, 0x3A, 0x9D, 0xFB, 0xEA, 0xEB,
0x47, 0xCE, 0x99, 0x6B, 0x0E, 0xB2, 0xE8, 0x2B,
0x18, 0x15, 0x14, 0x2E, 0xF2, 0x14, 0x0D, 0x44,
0x47, 0x1E, 0x63, 0x84, 0x5B, 0x3F, 0xA8, 0xEF,
0x5F, 0xEB, 0xA0, 0x41, 0x77, 0xC1, 0xF4, 0x4F,
0x8E, 0x2E, 0x29, 0xCD, 0xDB, 0xF2, 0x75, 0x24,
0x24, 0x46, 0x73, 0xC3, 0x46, 0xB5, 0xCA, 0x13,
0x35, 0x12, 0x0A, 0x8D, 0x88, 0x89, 0x17, 0x99,
0x13, 0xCA, 0x66, 0x07, 0x67, 0x6B, 0x7B, 0x3B,
0x20, 0xD3, 0x5F, 0x78, 0x1C, 0xC0, 0x99, 0x59,
0x0A, 0xBA, 0x8F, 0xA0, 0xDB, 0xDF, 0xCC, 0x03,
0xC4, 0xA6, 0xC7, 0x08, 0xB9, 0xFD, 0x95, 0xC2,
0x45, 0xF9, 0xF3, 0x11, 0x62, 0xF7, 0x14, 0xB9,
0xEB, 0x09, 0xB3, 0x7C, 0xF8, 0xF6, 0x67, 0xCC,
0x03, 0xB3, 0x06, 0x6F, 0x60, 0xAC, 0x72, 0xF2,
0xD3, 0x71, 0x6C, 0x4D, 0xAD, 0x3A, 0x99, 0x75,
0x5C, 0x52, 0x2D, 0x87, 0x69, 0x3E, 0xD6, 0x7E,
0x12, 0x96, 0xD3, 0x88, 0x8D, 0x11, 0x85, 0xAA,
0x0A, 0xA5, 0x32, 0x90, 0x51, 0xC5, 0x65, 0x64,
0xE0, 0xA9, 0x73, 0xA4, 0xF3, 0x8A, 0x32, 0x83,
0xE5, 0x08, 0x09, 0x39, 0x6A, 0x90, 0x2C, 0xC3,
0xFC, 0x92, 0x29, 0x7A, 0x45, 0xBE, 0x02, 0x79,
0x15, 0x1B, 0xBB, 0x60, 0xBB, 0xD9, 0x42, 0xF1,
0xE5, 0x14, 0xB4, 0xA5, 0xFF, 0x12, 0x42, 0x30,
0xB0, 0xCB, 0xD0, 0x1D, 0xB4, 0x62, 0x49, 0xC5,
0xB7, 0xDA, 0x37, 0x47, 0x2C, 0x8B, 0x16, 0xCA,
0xD2, 0x2C, 0xA1, 0x24, 0xE6, 0x57, 0xFA, 0xEB,
0x2C, 0x62, 0x2E, 0x12, 0x74, 0x37, 0x2B, 0x3F,
0x56, 0x23, 0x9C, 0xED, 0x90, 0xDE, 0x0D, 0x6E,
0x9E, 0x11, 0x78, 0xA4, 0x9C, 0xB3, 0xA1, 0x37,
0xF7, 0x4B, 0x09, 0x61, 0xD8, 0x33, 0x1D, 0x80,
0x68, 0x5C, 0xDD, 0xBD, 0x3E, 0xAE, 0x9D, 0xB8,
0xBA, 0x42, 0x41, 0xDC, 0xC9, 0x93, 0xF1, 0x92,
0x2F, 0x7A, 0xF9, 0xFE, 0x67, 0x13, 0x87, 0xBD,
0x7D, 0x04, 0x17, 0x91, 0xB6, 0x03, 0x5E, 0xA0,
0x5B, 0x23, 0xEA, 0x0C, 0xFA, 0x45, 0xCB, 0x1A,
0xC5, 0x7F, 0x63, 0xD6, 0x3D, 0x3C, 0x66, 0x4A,
0x83, 0x4E, 0x4E, 0x90, 0xA6, 0x63, 0xB0, 0x8A,
0xD7, 0x0D, 0xB4, 0xB7, 0xA9, 0x0F, 0xC6, 0xC7,
0x3B, 0xAD, 0x07, 0xA6, 0x94, 0x47, 0xDB, 0x63,
0x26, 0x00, 0x18, 0x5E, 0x27, 0xB5, 0xE2, 0xE3,
0xED, 0x8D, 0x97, 0x95, 0x38, 0x20, 0x24, 0x9F,
0x40, 0x84, 0x44, 0x7E, 0x8C, 0x05, 0xAB, 0xB1,
0x89, 0x26, 0x7D, 0x46, 0x2C, 0x9F, 0xE5, 0xC1,
0x27, 0xCE, 0x1D, 0x5A, 0x9F, 0xF1, 0xF8, 0x57,
0x8F, 0xCF, 0xB7, 0x4E, 0x07, 0xF3, 0xBA, 0x56,
0xCF, 0xE9, 0x87, 0x21, 0x61, 0xD6, 0x97, 0x7B,
0x26, 0x97, 0x07, 0xB4, 0x87, 0xFE, 0x25, 0x9C,
0xA9, 0x8E, 0x06, 0x90, 0x17, 0x2C, 0x98, 0x26,
0x23, 0xEE, 0xBB, 0x91, 0x8A, 0x15, 0x38, 0xA1,
0x38, 0xCB, 0x8B, 0xA0, 0xF3, 0x4A, 0xF2, 0x12,
0xA7, 0xB7, 0x05, 0xB6, 0x09, 0xD0, 0xEC, 0xDD,
0x21, 0xB6, 0xFA, 0x29, 0x95, 0xB4, 0x08, 0xD5,
0x95, 0xB7, 0xB8, 0x2E, 0x23, 0xAA, 0x89, 0x81,
0xE2, 0xD0, 0xFD, 0x9C, 0x8D, 0xF0, 0xCA, 0x61,
0xE3, 0x1E, 0x73, 0x9E, 0xD1, 0x72, 0x5C, 0x63,
0xB8, 0x74, 0x0E, 0x2C, 0x27, 0x3A, 0x71, 0xF9,
0xFE, 0x66, 0x33, 0xE9, 0x41, 0x27, 0x61, 0xA3,
0xFA, 0xD8, 0x66, 0x2A, 0x52, 0x6D, 0xAB, 0xBF,
0x32, 0xC2, 0x8E, 0x8F, 0xB0, 0x60, 0x52, 0xE1,
0x96, 0xC8, 0x1E, 0x9A, 0x3E, 0x07, 0xFA, 0x34,
0xFA, 0x9C, 0x4C, 0x0D, 0x29, 0x0F, 0x68, 0xA6,
0x59, 0x28, 0x22, 0xB1, 0x99, 0x56, 0x2C, 0x01,
0x04, 0x2F, 0x34, 0x65, 0xFD, 0xD4, 0xD0, 0xD5,
0x17, 0x7C, 0x14, 0x92, 0x73, 0x6C, 0x31, 0xCE,
0xD4, 0xB3, 0x59, 0x83, 0x6B, 0x34, 0x7C, 0x76,
0x8C, 0xED, 0xD5, 0xE2, 0x4F, 0x39, 0x44, 0xBF,
0x90, 0x53, 0x9A, 0xC7, 0xD4, 0x6A, 0x86, 0xA3,
0xE2, 0x15, 0x59, 0xD0, 0x0F, 0x32, 0x92, 0xC2,
0x9B, 0x9E, 0xE3, 0xF6, 0x94, 0x96, 0xFD, 0x0B,
0xB6, 0x06, 0x8F, 0x0D, 0x1F, 0x38, 0xFC, 0x6F,
0xA2, 0x78, 0xAC, 0xC5, 0xB5, 0x6A, 0x6B, 0xEC,
0x78, 0x8A, 0x6F, 0xD8, 0x21, 0xB7, 0xCF, 0x66,
0x73, 0x03, 0xCA, 0x2E, 0x3C, 0x7F, 0x2F, 0x29,
0x41, 0xC9, 0x88, 0xFD, 0x0E, 0xA0, 0x43, 0xD6,
0x9E, 0xB1, 0xE7, 0x13, 0x9C, 0xF0, 0x9C, 0xCF,
0x33, 0x22, 0x57, 0xEF, 0xE5, 0xCE, 0xD9, 0xAC,
0x7D, 0x34, 0x75, 0xBD, 0xAE, 0x84, 0xEE, 0xE8,
0x5D, 0x8C, 0x55, 0x86, 0xBA, 0x19, 0xE5, 0x9D,
0x35, 0x6D, 0xD8, 0x70, 0xC5, 0xE0, 0xEA, 0x77,
0x3A, 0xE5, 0xB5, 0x2C, 0xD2, 0x28, 0xB5, 0xE8,
0xAF, 0xB1, 0xD2, 0xC4, 0xE5, 0x59, 0x06, 0xB8,
0x2E, 0xA6, 0x8F, 0xC4, 0x9B, 0x30, 0xF9, 0x37,
0xDB, 0x29, 0xA1, 0x44, 0x0B, 0xB7, 0xB5, 0xB4,
0x12, 0xD3, 0x4E, 0xB3, 0xB7, 0xD8, 0x2F, 0x19,
0xDE, 0x3B, 0xC3, 0x53, 0xCE, 0x1C, 0x34, 0x4C,
0xA4, 0x6A, 0xE2, 0xD0, 0x04, 0xDF, 0x3C, 0x53,
0x8B, 0x06, 0x8F, 0x36, 0xE5, 0x77, 0xB2, 0x7A,
0x1A, 0xC0, 0x0C, 0xBD, 0xA3, 0xA0, 0xEE, 0xB6,
0x40, 0xAD, 0x5C, 0x04, 0xAE, 0xCF, 0x64, 0x2B,
0x8A, 0x18, 0x58, 0x86, 0xDE, 0xC9, 0x3D, 0x7D,
0x15, 0xBC, 0xEE, 0x4C, 0x22, 0xF4, 0x98, 0xD9,
0x37, 0xEE, 0xE2, 0x40, 0x43, 0xFF, 0xB2, 0x6F,
0x05, 0xC0, 0x0E, 0x30, 0xDE, 0xD8, 0x0C, 0x0B,
0xAD, 0xED, 0xCC, 0xBC, 0x29, 0x95, 0x07, 0x40,
0x10, 0x99, 0xA0, 0xD1, 0x08, 0xF7, 0xD5, 0xF1,
0xAD, 0xC9, 0xDD, 0xC8, 0x6A, 0x1E, 0x9E, 0x06,
0xDF, 0x12, 0xFF, 0x66, 0x33, 0x5E, 0x21, 0x47,
0xC3, 0xDE, 0x36, 0x98, 0x5B, 0xBF, 0x42, 0x9E,
0x30, 0xA0, 0x81, 0x5C, 0x28, 0x34, 0x1B, 0x3A,
0x32, 0xBC, 0xDE, 0x52, 0x53, 0x25, 0x1E, 0xF6,
0xE2, 0x99, 0x12, 0x92, 0x07, 0x1D, 0xEB, 0x08,
0x36, 0xA7, 0xD5, 0x18, 0x1F, 0xDB, 0x44, 0xA7,
0xE1, 0x13, 0x06, 0xB0, 0xDF, 0x63, 0x82, 0x68,
0xEF, 0xF5, 0x2B, 0x04, 0x0B, 0x93, 0xE8, 0xB0,
0x92, 0x7B, 0xDE, 0x1F, 0xC9, 0x39, 0x8F, 0x42,
0x9D, 0x06, 0x22, 0x13, 0xC9, 0x97, 0x2F, 0x43,
0x8A, 0xBA, 0xAF, 0xF9, 0x71, 0xE3, 0x55, 0x5D,
0x06, 0x77, 0x38, 0x39, 0xA3, 0xED, 0x41, 0x63,
0xFE, 0x2A, 0xB3, 0x23, 0x43, 0x0C, 0xF3, 0x17,
0x3B, 0x69, 0xED, 0x32, 0x0A, 0x54, 0xF3, 0x8D,
0x76, 0xC6, 0x09, 0xDD, 0x88, 0x5B, 0x23, 0x57,
0x72, 0xC4, 0x87, 0xB8, 0x9D, 0xF7, 0xCA, 0xFB,
0x7C, 0x61, 0x67, 0x5C, 0x65, 0xF8, 0xD6, 0xD7,
0x1E, 0x95, 0xB9, 0x73, 0x4D, 0x2E, 0x1F, 0x43,
0x3E, 0x2B, 0x58, 0x92, 0x15, 0x2E, 0xAA, 0x51,
0xF0, 0xD4, 0xF2, 0xA6, 0xCD, 0x12, 0x21, 0xD6,
0xCA, 0x46, 0x2A, 0xFF, 0xCB, 0x1B, 0x6B, 0xB4,
0x09, 0x17, 0x3B, 0xA2, 0x94, 0xDF, 0x1D, 0x68,
0x8B, 0x75, 0xEA, 0x11, 0xD6, 0x99, 0x04, 0xD1,
0x00, 0xDB, 0x61, 0xBC, 0xF2, 0x3B, 0x88, 0x4B,
0x33, 0xDF, 0x0F, 0xD4, 0xFB, 0x14, 0x0C, 0x6A,
0x53, 0x61, 0x1F, 0xBD, 0x28, 0xB2, 0x11, 0x19,
0x38, 0x71, 0x17, 0x76, 0x4D, 0xEE, 0x01, 0xC4,
0x77, 0x53, 0x2A, 0xAF, 0xD3, 0x78, 0xFF, 0x45,
0x7F, 0x97, 0x9D, 0x26, 0x92, 0x0E, 0xD9, 0x4E,
0x34, 0x1D, 0xE8, 0xDD, 0xBF, 0x5F, 0x87, 0xE6,
0x35, 0x9A, 0x39, 0x71, 0x59, 0x20, 0x01, 0xFB,
0x53, 0x2C, 0x61, 0x38, 0x0C, 0x8C, 0x02, 0xD3,
0xA0, 0x53, 0x95, 0x02, 0xED, 0x5C, 0xFE, 0x9B,
0xD3, 0x6A, 0xF3, 0x3F, 0x92, 0x6F, 0x33, 0x37,
0x19, 0x97, 0x81, 0x3A, 0x50, 0xE1, 0xD9, 0x27,
0x7E, 0x64, 0xF8, 0x01, 0x52, 0x26, 0x51, 0xD1,
0x06, 0xAF, 0x20, 0xA0, 0x28, 0x0F, 0x3F, 0xCB,
0x21, 0xB7, 0x55, 0x1A, 0x76, 0xB8, 0x9B, 0x4D,
0xED, 0x2A, 0x05, 0x0E, 0x6E, 0xAF, 0xCC, 0xA1,
0x08, 0x9C, 0xBE, 0x3F, 0x98, 0xE6, 0xB4, 0xB9,
0x83, 0xC9, 0x08, 0x41, 0x96, 0xDD, 0xD9, 0x0D,
0x52, 0x66, 0x94, 0xA4, 0xEA, 0xFC, 0xE5, 0x48,
0x04, 0x73, 0x64, 0x79, 0x68, 0xC9, 0x4A, 0x81,
0xA8, 0x07, 0xF8, 0xD9, 0x4E, 0x07, 0x1E, 0xC1,
0x8F, 0x62, 0xAB, 0xA6, 0xD7, 0x68, 0xFC, 0x57,
0x5E, 0x75, 0x1B, 0xBF, 0x3D, 0xA6, 0x91, 0xC5,
0x08, 0x14, 0x5E, 0xF2, 0x4C, 0x22, 0x8B, 0x4E,
0x29, 0x2D, 0xC0, 0x46, 0x3A, 0x9C, 0x9D, 0x86,
0xCF, 0x51, 0x85, 0x9D, 0x93, 0x23, 0xA1, 0xA1,
0xF3, 0x76, 0xB1, 0x56, 0xB0, 0xF4, 0x1F, 0x39,
0xDA, 0xDB, 0x13, 0x70, 0x29, 0x89, 0x95, 0xD2,
0xC5, 0xF3, 0x76, 0xFE, 0xEE, 0x99, 0xCF, 0xA0,
0x84, 0xEC, 0x70, 0xF0, 0xD3, 0xFA, 0x42, 0xDB,
0xFD, 0x99, 0x65, 0x2F, 0x84, 0x11, 0x99, 0xCD,
0x38, 0xB3, 0x1B, 0xAB, 0x8C, 0x2D, 0x33, 0x04,
0xCA, 0xE1, 0xB3, 0x05, 0x9A, 0x20, 0x80, 0xDB,
0xED, 0x59, 0x42, 0x30, 0x48, 0x37, 0xB3, 0x85,
0x5C, 0xEE, 0x54, 0x06, 0x92, 0x97, 0x4E, 0xFC,
0xFA, 0xF7, 0x25, 0xE0, 0x4E, 0x57, 0xC4, 0x72,
0x38, 0x59, 0xCA, 0x3C, 0x4A, 0x3F, 0x09, 0xD6,
0x09, 0x15, 0x83, 0xEF, 0x24, 0x21, 0xDD, 0xFD,
0x66, 0x9E, 0xBF, 0xEE, 0xCC, 0xBF, 0x86, 0x20,
0x29, 0x40, 0x5E, 0x42, 0xD2, 0xC0, 0x24, 0x2D,
0x76, 0xE6, 0x64, 0xF9, 0x5D, 0xC2, 0x85, 0xB6,
0x09, 0x41, 0x04, 0x62, 0x17, 0xDC, 0xF8, 0xFA,
0x2A, 0x4C, 0xD1, 0x82, 0x31, 0x57, 0xB7, 0x2B,
0x49, 0xE8, 0x40, 0x13, 0x2A, 0xA1, 0x86, 0xD2,
0x9A, 0xB8, 0xA9, 0xBE, 0x39, 0xBE, 0xE9, 0xA5,
0x35, 0x12, 0x08, 0xF1, 0xA9, 0x9E, 0x57, 0x46,
0x3A, 0x55, 0x16, 0xA7, 0x41, 0xD9, 0x25, 0xB8,
0x2F, 0xAF, 0xA8, 0x81, 0x5F, 0x5F, 0x46, 0xA4,
0x3B, 0xB3, 0xE9, 0x1B, 0x74, 0xEF, 0x5D, 0x57,
0x48, 0x4A, 0x72, 0x08, 0xDA, 0xFE, 0x1D, 0x55,
0x6B, 0xAB, 0x8B, 0x13, 0x18, 0xBF, 0xDD, 0xF4,
0x4E, 0x01, 0x5F, 0x4B, 0xF6, 0x80, 0xD4, 0x16,
0x4B, 0x2F, 0x03, 0x4B, 0xF8, 0x93, 0x20, 0x21,
0x55, 0x52, 0x49, 0x4A, 0x6C, 0x1F, 0x7D, 0xAD,
0x04, 0xEF, 0xB3, 0x74, 0xEE, 0xC5, 0xB6, 0xBC,
0x33, 0x7A, 0xCF, 0x64, 0xB9, 0xF9, 0x41, 0x70,
0xAF, 0xE9, 0xC7, 0xD6, 0x25, 0x18, 0x17, 0xAB,
0xBA, 0xC9, 0x05, 0xEF, 0x40, 0x89, 0xD5, 0x69,
0x76, 0xAA, 0xA0, 0x3E, 0x4D, 0x1C, 0xE7, 0x9D,
0x9E, 0x74, 0xF4, 0xF2, 0x7B, 0x40, 0xF6, 0x57,
0x78, 0x66, 0xFC, 0xDA, 0xE3, 0x6B, 0xD2, 0x6E,
0xC7, 0x9D, 0x65, 0x84, 0xAF, 0x7A, 0x1F, 0xE4,
0x34, 0xD4, 0x1A, 0x17, 0xA2, 0x72, 0xB0, 0xEE,
0x5A, 0x0C, 0xF4, 0x02, 0xAC, 0x1D, 0x6F, 0x4A,
0xD0, 0xB2, 0x02, 0x3A, 0x7D, 0x2C, 0xF1, 0x43,
0x0E, 0x1E, 0x96, 0xEB, 0x42, 0xF8, 0x3A, 0xF5,
0x0B, 0x5D, 0xA9, 0x23, 0x02, 0x28, 0xE5, 0x26,
0x5E, 0x69, 0x38, 0x2F, 0x85, 0x34, 0x32, 0x5E,
0x5E, 0x29, 0x33, 0x94, 0x05, 0xBD, 0x58, 0xF8,
0xE8, 0x9C, 0xBF, 0xB1, 0x5A, 0x05, 0xC6, 0x23,
0x9B, 0xBB, 0x57, 0x69, 0x8C, 0xE6, 0x41, 0x97,
0x48, 0x01, 0x95, 0xAF, 0xE9, 0x62, 0x8C, 0x6F,
0x09, 0x43, 0xF3, 0x64, 0x50, 0x90, 0x2F, 0x14,
0xF7, 0x30, 0x07, 0xE0, 0x4B, 0xA8, 0x39, 0xAC,
0x21, 0xC4, 0x07, 0x45, 0x5F, 0xD9, 0x87, 0xB1,
0x57, 0x47, 0x07, 0x66, 0xFF, 0xC7, 0xAB, 0xEE,
0x1F, 0x55, 0x71, 0x50, 0x63, 0xCF, 0x58, 0x3B,
0xC8, 0x1B, 0xEA, 0xA5, 0xE2, 0xF1, 0x57, 0xB3,
0x77, 0x65, 0xA9, 0xBD, 0x23, 0xC8, 0x30, 0x86,
0xC3, 0x5F, 0xBF, 0x16, 0x3F, 0x42, 0x28, 0x0A,
0xC6, 0x5A, 0x57, 0x15, 0x2F, 0xA1, 0x96, 0xA9,
0x25, 0xC5, 0x8E, 0x32, 0x11, 0x62, 0xB3, 0x54,
0x18, 0x00, 0xA4, 0xA6, 0xD4, 0x0F, 0x68, 0x27,
0x8F, 0x21, 0x78, 0x02, 0x37, 0x98, 0xBD, 0xCE,
0x3F, 0xBC, 0xF2, 0x9C, 0x66, 0x8E, 0x79, 0xA1,
0x54, 0x12, 0x55, 0x2E, 0xC0, 0x59, 0xC7, 0x18,
0x18, 0x22, 0x4D, 0x27, 0x8B, 0x8D, 0xF3, 0x08,
0x99, 0xE6, 0x35, 0x14, 0xB1, 0xE3, 0xB8, 0x7A,
0x40, 0x7B, 0x68, 0x7B, 0xFF, 0xDC, 0x54, 0x41,
0x06, 0xCA, 0x91, 0xFE, 0xDB, 0x2B, 0xDA, 0x9E,
0xC5, 0x20, 0xD8, 0xBF, 0x42, 0xBC, 0xE6, 0x39,
0xC4, 0x26, 0x9E, 0xF3, 0x82, 0xD9, 0xF1, 0xA0,
0x04, 0xAF, 0xFB, 0x77, 0x13, 0x36, 0xAF, 0xD7,
0x91, 0x9B, 0x3A, 0x57, 0x98, 0xFE, 0xAD, 0xCD,
0x46, 0xF8, 0xF8, 0xF1, 0x87, 0x53, 0xBD, 0x57,
0x3F, 0x99, 0xBC, 0xA6, 0xBD, 0x9B, 0x6E, 0xF4,
0x17, 0x7A, 0x78, 0x30, 0x70, 0xA3, 0x43, 0xFF,
0x92, 0xCD, 0x99, 0x73, 0xAE, 0x65, 0x6A, 0x10,
0xFF, 0x70, 0x47, 0x0F, 0x16, 0x4C, 0x4A, 0x90,
0xF4, 0x52, 0x05, 0x79, 0x33, 0x63, 0xDE, 0x14,
0x65, 0xAF, 0x8A, 0x5E, 0x67, 0x20, 0x03, 0x9F,
0xE6, 0x70, 0x13, 0x6B, 0xE0, 0xF3, 0x6A, 0x4C,
0x6B, 0x5B, 0xCB, 0xE1, 0x7C, 0x5D, 0x7D, 0xE3,
0x23, 0xFD, 0xB8, 0x6A, 0xDA, 0x56, 0x1E, 0xA8,
0x36, 0xC4, 0x29, 0x2D, 0x70, 0x41, 0x03, 0x18,
0x31, 0x40, 0x79, 0x2E, 0xC8, 0x22, 0x98, 0x5E,
0x11, 0xED, 0xA6, 0xDD, 0xB9, 0xAF, 0x8C, 0x27,
0x5C, 0x1B, 0x2E, 0xEA, 0xB8, 0xC6, 0x2F, 0xA0,
0x40, 0xB2, 0x64, 0x61, 0xFC, 0x0A, 0x3A, 0x10,
0x88, 0xC2, 0x58, 0xEC, 0xA5, 0x8D, 0x14, 0xE9,
0x9D, 0x21, 0xAF, 0x64, 0xD6, 0xC2, 0x5D, 0xAA,
0x0B, 0x8A, 0x57, 0x0F, 0x84, 0x3E, 0x60, 0x8D,
0xED, 0x05, 0x1D, 0x98, 0xED, 0xAE, 0x11, 0xD9,
0x27, 0x03, 0x55, 0xED, 0xF5, 0x34, 0x92, 0x52,
0xF2, 0x6F, 0x30, 0x3E, 0x69, 0xA5, 0x54, 0xA7,
0x2E, 0x1B, 0x85, 0xAB, 0xA2, 0x3B, 0xEC, 0xC8,
0x9D, 0xA9, 0xA3, 0xE4, 0xEF, 0x58, 0xB5, 0x33,
0x88, 0x55, 0x16, 0x5E, 0x7D, 0x7E, 0x69, 0xFC,
0xCA, 0xBD, 0x9C, 0x65, 0xFA, 0x0B, 0xBD, 0x7B,
0x16, 0xC4, 0xE2, 0x9C, 0xB4, 0xF1, 0x6A, 0x25,
0x70, 0x30, 0x32, 0xED, 0xEA, 0xD3, 0x1D, 0xDB,
0x6F, 0x29, 0x2E, 0x42, 0x14, 0xBE, 0x03, 0x29,
0x0A, 0x8A, 0x98, 0x9A, 0xD7, 0xB7, 0x0C, 0xF8,
0xB9, 0xCF, 0x37, 0xC6, 0xAC, 0xAC, 0x6D, 0xCC,
0x03, 0x23, 0x9F, 0x66, 0x85, 0x4B, 0x70, 0x45
};
#endif /* WOLFSSL_NO_ML_DSA_87 */
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
ExpectIntEQ(wc_dilithium_init_ex(key, NULL, INVALID_DEVID), 0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_44), 0);
ExpectIntEQ(XMEMCMP(key->p, pk_44, sizeof(pk_44)), 0);
ExpectIntEQ(XMEMCMP(key->k, sk_44, sizeof(sk_44)), 0);
#endif
#ifndef WOLFSSL_NO_ML_DSA_65
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_65), 0);
ExpectIntEQ(XMEMCMP(key->p, pk_65, sizeof(pk_65)), 0);
ExpectIntEQ(XMEMCMP(key->k, sk_65, sizeof(sk_65)), 0);
#endif
#ifndef WOLFSSL_NO_ML_DSA_87
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
ExpectIntEQ(wc_dilithium_make_key_from_seed(key, seed_87), 0);
ExpectIntEQ(XMEMCMP(key->p, pk_87, sizeof(pk_87)), 0);
ExpectIntEQ(XMEMCMP(key->k, sk_87, sizeof(sk_87)), 0);
#endif
wc_dilithium_free(key);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wc_dilithium_verify_kats(void)
{
EXPECT_DECLS;
#if defined(HAVE_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
dilithium_key* key;
int res;
#ifndef WOLFSSL_NO_ML_DSA_44
static const byte pk_44[] = {
0x35, 0x07, 0x31, 0x3A, 0xE3, 0x7A, 0xF6, 0x96,
0x6C, 0x11, 0xA9, 0xE4, 0x0B, 0xEB, 0xEC, 0xE9,
0x2B, 0x67, 0x3F, 0xD2, 0x67, 0x3C, 0x1C, 0x4C,
0x08, 0xF0, 0x45, 0xA9, 0xDD, 0x5A, 0xB8, 0x8C,
0x0A, 0x51, 0xA9, 0xBA, 0x89, 0x0F, 0x4C, 0xCB,
0x9D, 0x0A, 0x41, 0x3F, 0x9C, 0xF4, 0x13, 0x36,
0x79, 0x49, 0x00, 0x90, 0xBB, 0x57, 0x3B, 0xBD,
0x2E, 0x18, 0xB3, 0xD0, 0xA5, 0x0E, 0x6B, 0x67,
0xFF, 0x98, 0x8C, 0xDD, 0x07, 0xE8, 0xA7, 0xA1,
0x3F, 0xAE, 0xFB, 0xD6, 0xC0, 0xF8, 0xF3, 0x34,
0xA5, 0x17, 0xC2, 0x34, 0x88, 0x92, 0x65, 0xA6,
0xE8, 0x66, 0x57, 0xFE, 0x86, 0x08, 0xF7, 0xDF,
0xA0, 0x5B, 0x70, 0x3E, 0x91, 0x6C, 0x63, 0xA0,
0xA3, 0x75, 0x55, 0xF8, 0xB6, 0xAA, 0xD4, 0x1B,
0x78, 0x5E, 0x42, 0x9F, 0x96, 0xE4, 0xA0, 0x50,
0xB6, 0x94, 0x2D, 0xC3, 0xE3, 0x36, 0x2B, 0x9D,
0x6B, 0x7A, 0xEF, 0xF5, 0x68, 0xF2, 0x11, 0xDF,
0x87, 0xA0, 0x9A, 0xC4, 0x61, 0xFB, 0xA4, 0x1C,
0x98, 0x3F, 0xC9, 0x52, 0x59, 0x3B, 0x47, 0x4D,
0xF5, 0x24, 0xA3, 0xD8, 0x63, 0xE1, 0xED, 0xDC,
0xFD, 0xEB, 0x96, 0xFB, 0xF3, 0xE7, 0x50, 0x9C,
0x72, 0x61, 0xC7, 0x3C, 0xCE, 0xF2, 0xEB, 0x22,
0x55, 0x6B, 0x9F, 0x25, 0xE4, 0x45, 0xE1, 0xFB,
0x3E, 0x2E, 0x4E, 0x92, 0x4F, 0x8A, 0x85, 0xEB,
0x63, 0x2C, 0x05, 0x0F, 0x9A, 0xEC, 0x0E, 0x9D,
0x05, 0x81, 0x46, 0x82, 0xEA, 0x74, 0x91, 0xD5,
0x2A, 0xBC, 0xCC, 0xBB, 0xD6, 0x7F, 0x5F, 0x9A,
0xD3, 0xBD, 0xEB, 0x14, 0xBA, 0x84, 0x27, 0x13,
0x32, 0xB5, 0xF3, 0x71, 0xAC, 0x47, 0x19, 0x6B,
0x5E, 0x43, 0x50, 0xC2, 0xA8, 0x82, 0xF5, 0x97,
0x9B, 0x27, 0x62, 0xFB, 0xB7, 0xFF, 0x6B, 0xC8,
0x52, 0x1E, 0xFB, 0x97, 0x39, 0x1E, 0x7F, 0x01,
0xF8, 0x34, 0x47, 0xAA, 0xB2, 0x64, 0xB5, 0x9E,
0x28, 0x18, 0xCB, 0x4A, 0x94, 0xBE, 0x6A, 0x43,
0x5B, 0xAE, 0x21, 0xA4, 0x63, 0x64, 0x46, 0x0C,
0x6B, 0x36, 0x1C, 0x2A, 0x3B, 0x64, 0xFA, 0xA0,
0xAB, 0xE3, 0x3B, 0x7D, 0xB0, 0x23, 0x99, 0x21,
0x55, 0x59, 0xBF, 0xD6, 0xDB, 0xB8, 0xDB, 0x09,
0x5E, 0xBC, 0x32, 0x3C, 0xAC, 0xAB, 0x1A, 0x63,
0x32, 0x21, 0x10, 0xD5, 0x8D, 0x7A, 0x5F, 0xCE,
0x72, 0x8D, 0x2A, 0xED, 0x1D, 0x30, 0x38, 0x5D,
0x3E, 0x62, 0xC2, 0x8E, 0xC9, 0x9F, 0x8C, 0x50,
0x3F, 0xC6, 0xCE, 0x86, 0x4D, 0x67, 0x3D, 0x09,
0xB6, 0x27, 0x14, 0x57, 0x14, 0xED, 0xC9, 0x8F,
0xAC, 0x9E, 0xAC, 0x6F, 0xB5, 0xB2, 0xE6, 0x8D,
0x9D, 0x5E, 0xE6, 0x78, 0x77, 0x09, 0x94, 0x35,
0x5E, 0x3B, 0x64, 0x04, 0x38, 0xD4, 0x5B, 0x04,
0xB8, 0x6C, 0x33, 0x97, 0xE1, 0x58, 0x54, 0x32,
0xB3, 0x0F, 0x37, 0x69, 0x39, 0xCE, 0x57, 0x31,
0x5C, 0x75, 0xA8, 0x94, 0xD0, 0x39, 0x2D, 0xB4,
0x73, 0xA7, 0xA4, 0x7C, 0xBE, 0x34, 0x03, 0x2D,
0x99, 0x1D, 0xDF, 0x32, 0x26, 0xB7, 0x45, 0x1B,
0x03, 0xCD, 0xEE, 0x9D, 0x58, 0xA8, 0xA7, 0x76,
0x1B, 0x17, 0x42, 0xD9, 0x69, 0x0F, 0x26, 0x3A,
0x9D, 0x70, 0x9B, 0x4E, 0x81, 0xEB, 0x96, 0x02,
0xB5, 0xB3, 0x92, 0x31, 0xFE, 0xBC, 0x38, 0x11,
0x5A, 0x47, 0xED, 0x0A, 0x2A, 0xE2, 0xB8, 0x47,
0x13, 0x5E, 0x43, 0x97, 0xD5, 0xFA, 0x31, 0x02,
0x58, 0xE9, 0x9E, 0xB5, 0x3F, 0x85, 0x92, 0x0E,
0xB9, 0xDB, 0xE0, 0xEE, 0x56, 0x76, 0x64, 0x8F,
0xF2, 0xE2, 0x47, 0x81, 0xD4, 0xA4, 0x82, 0x43,
0x69, 0xAE, 0x8E, 0x48, 0x50, 0x84, 0x93, 0x3B,
0x9C, 0x65, 0xD3, 0x6F, 0xCD, 0x90, 0xA0, 0xD8,
0xA0, 0xE1, 0x79, 0xCC, 0xD5, 0x1F, 0x71, 0x73,
0x93, 0xE7, 0xB2, 0xB0, 0x78, 0x17, 0xD7, 0x79,
0xDE, 0xCC, 0x83, 0x7D, 0x5A, 0xF2, 0x0E, 0xA6,
0xB1, 0x76, 0x61, 0x15, 0x88, 0x8E, 0xD7, 0xA6,
0x51, 0xBF, 0x9C, 0xD1, 0x0A, 0xFC, 0xDA, 0x65,
0xA5, 0x65, 0xFE, 0xB2, 0xED, 0x07, 0x74, 0x42,
0x4C, 0xF5, 0x42, 0x3D, 0xAF, 0x5F, 0x4D, 0x72,
0x51, 0xE6, 0x3F, 0x68, 0xCC, 0xC5, 0x2D, 0x89,
0x01, 0xD8, 0x80, 0xB4, 0xFC, 0xEB, 0x3B, 0xBE,
0x7C, 0xFA, 0x24, 0x27, 0xE1, 0x05, 0x94, 0x67,
0xAD, 0xB3, 0x47, 0x7D, 0x28, 0x18, 0xC1, 0xC9,
0xB8, 0xA1, 0x2A, 0x95, 0xBB, 0x5D, 0xC9, 0x42,
0x4F, 0x64, 0x94, 0x07, 0x5F, 0x65, 0xD3, 0xA5,
0x65, 0xEE, 0x67, 0x2C, 0x10, 0x65, 0x81, 0x4D,
0x7F, 0xAF, 0x2E, 0x97, 0x9E, 0x11, 0xA3, 0xF5,
0x3E, 0xDE, 0xB1, 0x1D, 0x44, 0x72, 0x90, 0x74,
0xFD, 0x47, 0x82, 0xA6, 0x04, 0x3E, 0x28, 0x3C,
0x15, 0xDF, 0xC4, 0x7A, 0x7C, 0xF5, 0x5A, 0xC6,
0xFB, 0xE4, 0xC2, 0xE0, 0x6E, 0x4C, 0x09, 0x2E,
0xE3, 0xE6, 0x3A, 0xEF, 0xF6, 0x54, 0xDC, 0x92,
0xBE, 0x8F, 0x24, 0x8E, 0x70, 0x53, 0x90, 0x3D,
0x06, 0xA5, 0x0A, 0x72, 0xA0, 0x7B, 0x22, 0x14,
0x80, 0x43, 0xAD, 0xDC, 0x11, 0xFC, 0xFF, 0xCF,
0x5E, 0xA4, 0x69, 0x1C, 0x09, 0x09, 0xC3, 0x3D,
0xF5, 0xE7, 0x05, 0x6F, 0x16, 0x33, 0x75, 0xB4,
0x9B, 0x7B, 0x26, 0xDB, 0xE7, 0x27, 0x56, 0xD3,
0x91, 0x82, 0x9D, 0xEB, 0x96, 0x3E, 0xE8, 0x40,
0xAB, 0x5D, 0x6C, 0xB7, 0xA6, 0x36, 0x07, 0xD4,
0xE7, 0x7C, 0xD4, 0x5C, 0x36, 0xE4, 0xFC, 0x7C,
0x8A, 0x36, 0x8D, 0x53, 0x43, 0xD4, 0xAC, 0x0B,
0x1B, 0xBA, 0x32, 0x88, 0xFA, 0xCE, 0xC1, 0xB9,
0x34, 0x3C, 0xAC, 0xA0, 0xF4, 0xF2, 0x83, 0xA8,
0xBB, 0x6F, 0x12, 0xC6, 0xB5, 0x3C, 0xDE, 0xA8,
0x49, 0x66, 0x97, 0xD7, 0x7E, 0x37, 0xF7, 0xCE,
0x7C, 0xF8, 0xC8, 0xBB, 0x8C, 0xB5, 0x3B, 0x3F,
0xB9, 0x51, 0x68, 0x00, 0xD7, 0x2E, 0x1C, 0x10,
0xAF, 0x9F, 0x3C, 0xD2, 0xAC, 0xE5, 0xBE, 0x94,
0xB9, 0x60, 0xF5, 0xB2, 0x70, 0x24, 0xE8, 0x8A,
0x2C, 0xD8, 0x95, 0xAF, 0xAA, 0xA9, 0xA5, 0x2B,
0xCA, 0xE0, 0x58, 0x44, 0x02, 0x3F, 0xF8, 0x21,
0x0C, 0x29, 0xB7, 0xD5, 0x08, 0x9E, 0x69, 0x81,
0xD4, 0x6C, 0xC5, 0x0B, 0xF6, 0xEF, 0xAB, 0x01,
0xEA, 0xDF, 0x36, 0x2C, 0x5C, 0xFB, 0xEB, 0xC8,
0x4F, 0x71, 0x80, 0xD7, 0x00, 0xC9, 0x32, 0x5D,
0x02, 0x4F, 0x96, 0x94, 0x71, 0xCD, 0x98, 0xC4,
0x25, 0x7A, 0x92, 0xF1, 0x9B, 0xA0, 0x34, 0x30,
0x6C, 0x41, 0x59, 0xD5, 0x01, 0x5D, 0xD6, 0x56,
0xEA, 0x05, 0xF2, 0xFC, 0xF8, 0x58, 0xFA, 0x12,
0x9C, 0x5A, 0x5C, 0xD5, 0x3D, 0xC7, 0x5D, 0x1B,
0x99, 0x2A, 0x6A, 0x4C, 0xF9, 0xEA, 0x9D, 0x70,
0x53, 0xBC, 0xBE, 0xAD, 0x61, 0xC7, 0x2D, 0x77,
0xEF, 0x61, 0xC7, 0xBE, 0x9C, 0x73, 0xC1, 0xD5,
0xD4, 0x5C, 0x5F, 0x21, 0x6A, 0x5C, 0xEE, 0x78,
0xAA, 0xC6, 0x6C, 0x56, 0xDB, 0x38, 0x5A, 0x94,
0x12, 0xB8, 0x73, 0x7C, 0xDF, 0x9A, 0x27, 0xCD,
0xC5, 0xD1, 0xD3, 0xCA, 0x0E, 0x37, 0x0A, 0xC1,
0x6F, 0xAD, 0xE3, 0x32, 0x94, 0x6C, 0x20, 0xB5,
0xED, 0xE6, 0x2D, 0x34, 0x39, 0x58, 0xD2, 0x1E,
0x63, 0x8D, 0xFA, 0xFF, 0xB5, 0xE8, 0x40, 0xC8,
0x42, 0x38, 0x7A, 0x01, 0x80, 0xFF, 0x52, 0x3F,
0xE9, 0x89, 0x63, 0xAD, 0x91, 0x5F, 0xCE, 0x0A,
0x47, 0x87, 0xF9, 0x6D, 0xD7, 0x79, 0xEF, 0xCE,
0x10, 0x7B, 0x73, 0x43, 0xBE, 0x51, 0xA0, 0xDF,
0xE5, 0xEC, 0xA9, 0x63, 0xF6, 0x5E, 0x72, 0x36,
0x22, 0x86, 0xEE, 0x4E, 0x4A, 0x76, 0xFD, 0x86,
0xBA, 0xE6, 0xD6, 0xC4, 0xD2, 0xE6, 0xFF, 0xB2,
0x5B, 0x39, 0xF9, 0xC3, 0x29, 0xA8, 0x61, 0x3A,
0x33, 0x34, 0x89, 0xC9, 0x83, 0xF9, 0xB2, 0x70,
0x21, 0x54, 0x44, 0x94, 0x70, 0xAD, 0x70, 0x18,
0x84, 0x38, 0x91, 0xFB, 0xDE, 0x5E, 0x3D, 0xE3,
0xB2, 0xA7, 0x3C, 0x1D, 0x49, 0xA6, 0x66, 0x7C,
0x4B, 0xEB, 0xB0, 0xA7, 0x7C, 0xC5, 0xAE, 0x45,
0x1F, 0xBE, 0x0E, 0x2F, 0x11, 0xDC, 0x92, 0x08,
0xAA, 0x18, 0x38, 0xFE, 0x61, 0xBE, 0x9D, 0xC3,
0x3A, 0x1F, 0x2F, 0xB6, 0x6E, 0xB6, 0x54, 0x97,
0x74, 0x06, 0xBC, 0x12, 0x2D, 0x64, 0x18, 0x14,
0x25, 0x5A, 0xCB, 0x7B, 0xD7, 0x9D, 0xC3, 0x2C,
0xC2, 0x0B, 0x19, 0x10, 0xD2, 0x57, 0xF0, 0xDF,
0xA4, 0x95, 0xA4, 0x5A, 0xA0, 0x2D, 0x0F, 0xA0,
0xBC, 0xF7, 0x60, 0x7F, 0x38, 0xE1, 0x17, 0x0D,
0x36, 0x08, 0xF5, 0xF9, 0x75, 0x28, 0x75, 0xAC,
0xA9, 0x2B, 0x75, 0xC4, 0x41, 0xE0, 0x0D, 0x5C,
0xBC, 0x5F, 0x49, 0x16, 0x25, 0x38, 0x16, 0xE1,
0x0C, 0x2C, 0x9C, 0x63, 0xA8, 0x5F, 0x70, 0xF4,
0x64, 0xC7, 0x10, 0x19, 0x52, 0x19, 0x6E, 0x9B,
0x5C, 0x09, 0x4F, 0xEE, 0xB6, 0x7C, 0x85, 0xC9,
0x6E, 0xCB, 0x33, 0x32, 0x42, 0x9D, 0x57, 0x18,
0xE6, 0x55, 0x94, 0x74, 0x02, 0xEE, 0xEB, 0xAA,
0xF7, 0xD3, 0x45, 0x7A, 0x49, 0x6F, 0x83, 0x89,
0x00, 0xE4, 0xAA, 0x20, 0x87, 0x10, 0xAD, 0xC0,
0x0E, 0xF5, 0x93, 0x57, 0xE5, 0x45, 0x7A, 0xBD,
0x82, 0x87, 0x50, 0x0F, 0xE1, 0x2C, 0x0C, 0x6D,
0xEE, 0xC8, 0x94, 0xB8, 0x39, 0xF3, 0x3C, 0xFE,
0x7E, 0xC1, 0x0F, 0xB4, 0x67, 0xA2, 0xDF, 0xC6,
0x9D, 0xB5, 0x9D, 0xB8, 0x72, 0x50, 0xBD, 0xB3,
0xDB, 0xF6, 0x87, 0x5E, 0x26, 0x93, 0xF0, 0xD4,
0x0D, 0x68, 0xA4, 0x8B, 0xBD, 0x2C, 0x6E, 0xD8,
0x4F, 0x81, 0x5D, 0x0D, 0xAC, 0x72, 0x65, 0xEC,
0x4E, 0xF2, 0x4E, 0x5F, 0x67, 0x04, 0xF3, 0x08,
0x29, 0x4D, 0xB2, 0xE2, 0xD5, 0x9F, 0xD4, 0xB9,
0x13, 0xB4, 0x33, 0x80, 0x27, 0x84, 0x7E, 0xF4
};
static const byte msg_44[] = {
0x5C, 0x70, 0x7F, 0xBF, 0xF4, 0xFF, 0xE5, 0x9B,
0x09, 0xAA, 0xF8, 0xDB, 0x21, 0xAD, 0xBE, 0xBA,
0xC6, 0xB2, 0x65, 0x37, 0x9A, 0x9A, 0x43, 0x3A,
0xA8, 0x23, 0x2B, 0x13, 0x9B, 0xBD, 0x46, 0x37,
0x30, 0x60, 0xA7, 0x5B, 0xC4, 0x48, 0x63, 0x5F,
0x41, 0x35, 0x38, 0x69, 0xF9, 0x6F, 0xB5, 0x65,
0x26, 0xDB, 0xAE, 0xB7, 0x5C, 0xFE, 0x2C, 0x03,
0xCB, 0x43, 0x08, 0x58, 0x5E, 0x27, 0xD1, 0x42,
0x14, 0xF2, 0x4B, 0xD7, 0x13, 0xE4, 0x96, 0x74,
0x6A, 0xC1, 0x36, 0xC7, 0x9D, 0x0F, 0x7D, 0xB0,
0x7B, 0x8A, 0x3A, 0x6D, 0x00, 0x5B, 0x29, 0x7B,
0x37, 0xBA, 0x3F, 0x5B, 0xBD, 0xCE, 0x21, 0x77,
0xFD, 0xD6, 0x78, 0x77, 0x20, 0x31, 0xF0, 0x60,
0x49, 0xAE, 0x12, 0x86, 0x7A, 0x64, 0xBD, 0x0B,
0x9E, 0xC6, 0x26, 0x80, 0x9E, 0xCE, 0x19, 0x8D,
0x6A, 0x6B, 0x09, 0x03, 0x45, 0xDF, 0x22, 0x7D
};
static const byte sig_44[] = {
0x08, 0xF0, 0x10, 0xFA, 0x63, 0x3F, 0x2B, 0xA1,
0x46, 0x81, 0x34, 0xC4, 0xBC, 0xAB, 0x62, 0x17,
0x0B, 0x64, 0xEA, 0x00, 0x2D, 0xD6, 0x8A, 0xE5,
0xC2, 0x45, 0x29, 0xB9, 0xEC, 0x6F, 0x3B, 0xF2,
0xDC, 0x2F, 0xC7, 0x34, 0x5A, 0x1E, 0xFE, 0x0C,
0xCA, 0xB9, 0x6A, 0xD8, 0xDA, 0xBA, 0xAA, 0x80,
0x90, 0xDC, 0x8C, 0x6C, 0x22, 0xFF, 0xC4, 0x90,
0x9E, 0xE9, 0xA5, 0x45, 0xFC, 0xE8, 0x64, 0x53,
0x9E, 0xC4, 0x17, 0xE1, 0xB2, 0x1A, 0x31, 0x40,
0x26, 0x9D, 0x5E, 0x03, 0x6A, 0xC6, 0x09, 0x19,
0xDD, 0xB3, 0x63, 0xE0, 0x35, 0xCD, 0xB4, 0x2E,
0x25, 0x38, 0x6E, 0x6C, 0x76, 0xA9, 0x19, 0x75,
0x68, 0x6E, 0xB7, 0xAB, 0xAD, 0x8F, 0x63, 0x64,
0x97, 0x4E, 0x56, 0x82, 0x30, 0x45, 0x86, 0x22,
0x64, 0xDA, 0xD2, 0xAE, 0x54, 0x70, 0x5C, 0xF1,
0xEB, 0xD1, 0x84, 0x8D, 0xFF, 0x86, 0x15, 0xE6,
0x20, 0xCE, 0x14, 0x89, 0xEF, 0xFA, 0x2E, 0xF8,
0x60, 0xCA, 0x53, 0x52, 0xE4, 0xD5, 0xC8, 0x2E,
0x50, 0xD5, 0x9D, 0x90, 0xA6, 0x12, 0xC7, 0xF1,
0x70, 0x0D, 0xE2, 0x89, 0x5B, 0x31, 0x6A, 0x21,
0x79, 0x9C, 0xBE, 0x77, 0x6E, 0xA6, 0xBF, 0x51,
0x05, 0x2A, 0x83, 0x50, 0x7E, 0x86, 0x14, 0xD1,
0x50, 0x53, 0x1F, 0x1C, 0x5E, 0x50, 0x24, 0x69,
0x6C, 0x91, 0x55, 0x35, 0x19, 0x6F, 0xE0, 0xDC,
0xB5, 0xD6, 0x48, 0x7E, 0x78, 0x61, 0x59, 0x2C,
0xD0, 0x1B, 0x42, 0x58, 0xAF, 0x7A, 0x39, 0xCA,
0x02, 0x1C, 0x50, 0xEF, 0xE9, 0xE1, 0xDE, 0x31,
0x8D, 0x09, 0x51, 0xC9, 0xDB, 0x16, 0xF9, 0xB9,
0x45, 0x54, 0x81, 0x16, 0xD7, 0x14, 0xD8, 0xBE,
0x9C, 0xCA, 0x53, 0xFE, 0x8F, 0x24, 0x99, 0x0D,
0xBA, 0x7F, 0x99, 0x42, 0x11, 0x9B, 0x32, 0xDD,
0x93, 0x5C, 0xBA, 0x2D, 0xD3, 0xB3, 0xF2, 0x48,
0x13, 0x9C, 0x80, 0xBB, 0x8D, 0xF4, 0xC7, 0xAA,
0xEB, 0xC6, 0xFD, 0xB8, 0x35, 0x95, 0x87, 0x2B,
0x9E, 0xCF, 0x48, 0xF3, 0x2D, 0xFF, 0x70, 0xF4,
0xCE, 0x35, 0x68, 0x7E, 0x9D, 0xDF, 0xD5, 0x0C,
0xCD, 0xE3, 0x51, 0xB0, 0x90, 0x86, 0xE5, 0xD1,
0xF1, 0x3B, 0x72, 0x42, 0x73, 0x07, 0x03, 0xE2,
0xFB, 0x40, 0x3F, 0xD4, 0xC8, 0x30, 0xB6, 0x86,
0x49, 0x8A, 0x17, 0xDB, 0x8F, 0x46, 0x6C, 0x3A,
0xC3, 0x49, 0xCD, 0x59, 0x68, 0x81, 0x66, 0x03,
0xD7, 0x24, 0xAF, 0x1F, 0x77, 0xC7, 0xFB, 0xF7,
0x83, 0xCD, 0xA2, 0x6D, 0x35, 0x0C, 0x8B, 0xBC,
0x29, 0x3A, 0x7F, 0xAC, 0xB9, 0xF9, 0x78, 0x50,
0x6A, 0x67, 0xFC, 0xDC, 0x6F, 0x01, 0x65, 0x06,
0x82, 0x81, 0xB0, 0x7D, 0x25, 0x5D, 0x74, 0x0B,
0x68, 0x5F, 0x51, 0x2C, 0x82, 0xF3, 0x1D, 0x92,
0xF6, 0xA9, 0xA9, 0x6A, 0x77, 0x57, 0x58, 0xAA,
0x7C, 0xBE, 0x35, 0xF4, 0x56, 0xDE, 0x42, 0x01,
0x2D, 0xB8, 0x28, 0x83, 0x7B, 0xA0, 0xA9, 0x7D,
0xC3, 0x30, 0x13, 0x52, 0xD0, 0xA1, 0xC8, 0xA1,
0x2C, 0x51, 0x49, 0xAE, 0xA8, 0x04, 0xCB, 0xA8,
0x66, 0x01, 0x26, 0xDF, 0x2D, 0x1C, 0x21, 0xA2,
0x4E, 0xBD, 0xA5, 0x48, 0x2A, 0x2D, 0x56, 0x60,
0x20, 0x98, 0x4D, 0x15, 0x7D, 0x02, 0xB6, 0x3A,
0xE4, 0x11, 0xAE, 0xF7, 0x3E, 0x5D, 0x56, 0x4F,
0x6A, 0xA3, 0x0A, 0xEA, 0xCC, 0x35, 0x8A, 0xB7,
0xC4, 0x8F, 0x25, 0x3E, 0x42, 0x41, 0x2B, 0xA5,
0x1F, 0xA7, 0x3B, 0x87, 0x22, 0x86, 0x79, 0xD5,
0xE5, 0x2A, 0xA2, 0xCD, 0x68, 0xCE, 0xB8, 0x18,
0x6D, 0xEF, 0x1C, 0x36, 0x7F, 0x75, 0x50, 0x36,
0x1B, 0x58, 0xEB, 0x32, 0xA1, 0xC8, 0xAF, 0x47,
0xE1, 0x26, 0x73, 0x1F, 0x5D, 0x73, 0x30, 0x13,
0x2F, 0xC7, 0x8B, 0xA3, 0x03, 0xB4, 0xA8, 0x86,
0x25, 0x29, 0xD1, 0x75, 0x10, 0xEE, 0x7F, 0x56,
0xBC, 0x0D, 0x59, 0xB4, 0xAE, 0xC9, 0x44, 0x0A,
0xF7, 0x0D, 0xBF, 0x17, 0x6A, 0x22, 0x9C, 0x75,
0x2B, 0x3E, 0x22, 0xB8, 0x2F, 0x4B, 0x68, 0xF1,
0x07, 0xE3, 0x47, 0x47, 0x21, 0x9C, 0xA3, 0x5B,
0x31, 0x0A, 0x14, 0xD9, 0x7C, 0xA8, 0xC0, 0xC6,
0x5C, 0xAD, 0x05, 0xD6, 0x15, 0xD3, 0xEC, 0xEC,
0x32, 0xC2, 0xFF, 0xF4, 0x96, 0x9C, 0xC8, 0x65,
0xA0, 0xB2, 0xD6, 0xF4, 0x98, 0xBB, 0xB1, 0x4E,
0xA5, 0x11, 0x3B, 0x4E, 0xA8, 0xEB, 0x90, 0xAB,
0xD8, 0x25, 0x10, 0xE3, 0x66, 0xB5, 0xA5, 0x11,
0x60, 0xA0, 0xCB, 0xDF, 0x77, 0x8A, 0x80, 0x4C,
0x07, 0x9B, 0x1B, 0x45, 0x95, 0x29, 0x1D, 0x88,
0x85, 0xAC, 0x32, 0x94, 0x26, 0x87, 0x12, 0x0A,
0x2F, 0x9E, 0xAE, 0x69, 0x79, 0x25, 0x5A, 0x50,
0xF4, 0xDB, 0x15, 0x20, 0x9F, 0x7A, 0x7A, 0xF2,
0xE5, 0x8A, 0x63, 0x6A, 0xDD, 0xBD, 0x06, 0xCB,
0x42, 0xF0, 0x20, 0xA9, 0x3B, 0x52, 0xD8, 0x68,
0x37, 0x71, 0x07, 0xB8, 0x5B, 0xFE, 0xA0, 0xEC,
0xBD, 0x75, 0xFF, 0x9C, 0x89, 0xDF, 0x01, 0xE7,
0x17, 0x7D, 0xA7, 0xE8, 0x27, 0x9E, 0xA2, 0x41,
0x66, 0xE6, 0xDB, 0x8B, 0x5A, 0x3F, 0x6C, 0xC9,
0xE3, 0x4F, 0x0D, 0xD0, 0x92, 0x1E, 0x27, 0x41,
0xF2, 0xB3, 0x08, 0x32, 0x03, 0x6D, 0x2C, 0x4F,
0x78, 0xEC, 0x99, 0xB3, 0x94, 0x6C, 0xC1, 0x89,
0xD9, 0x34, 0x0F, 0xEF, 0x10, 0xF0, 0xDA, 0xCE,
0x09, 0x69, 0x7A, 0x93, 0xC6, 0xFF, 0x19, 0x4F,
0xBD, 0xDE, 0xA6, 0x54, 0x8A, 0xE5, 0x81, 0x3F,
0x96, 0xD3, 0xA0, 0x77, 0x7C, 0xF2, 0x4B, 0xF1,
0x68, 0xA2, 0x23, 0x3D, 0xD4, 0x16, 0xC1, 0x66,
0xDA, 0x13, 0x53, 0xE1, 0x9F, 0x9A, 0x36, 0x09,
0x4D, 0x72, 0x08, 0x09, 0xEB, 0x87, 0x74, 0x9A,
0xB2, 0x8C, 0x60, 0x7F, 0xFB, 0x70, 0x17, 0x51,
0xB1, 0xAC, 0x18, 0xDF, 0xCB, 0x43, 0x2A, 0xD3,
0x89, 0xDA, 0x78, 0xAE, 0xDC, 0xEA, 0xB2, 0x22,
0xCA, 0x2F, 0xF1, 0xE4, 0xA7, 0xCC, 0xAF, 0xB1,
0x63, 0x1B, 0x5D, 0xDD, 0xD1, 0x49, 0xB8, 0x90,
0x2E, 0xC9, 0xC0, 0x83, 0x0D, 0xAB, 0x88, 0x88,
0x4C, 0x74, 0x72, 0x00, 0x7D, 0xFE, 0xF2, 0x46,
0x73, 0xFD, 0x99, 0xEC, 0x89, 0x8B, 0x3B, 0x0F,
0xCE, 0x35, 0x5A, 0xEA, 0x13, 0x4F, 0x67, 0x67,
0xFD, 0x0D, 0x87, 0xFC, 0xB1, 0x36, 0x48, 0x07,
0x33, 0x0B, 0xCA, 0xD4, 0xD7, 0xD0, 0xCC, 0xA1,
0x8F, 0xF0, 0x3F, 0x01, 0x8B, 0x6B, 0x74, 0x44,
0x2F, 0x1B, 0xE0, 0x65, 0x31, 0x1B, 0x4E, 0xDB,
0x67, 0x65, 0xA9, 0x34, 0xE8, 0x4D, 0x0C, 0xF3,
0x29, 0xED, 0x53, 0xAB, 0x8A, 0x98, 0x07, 0x2B,
0xE0, 0xCD, 0xC0, 0x08, 0x82, 0x4A, 0x72, 0x28,
0x72, 0xA2, 0xAC, 0xFE, 0xF7, 0xBF, 0x6E, 0x8E,
0xF8, 0x3E, 0x04, 0x58, 0xA4, 0x36, 0x46, 0x33,
0xAB, 0xDD, 0x0E, 0xBF, 0x01, 0xD2, 0xEF, 0x19,
0x5B, 0x78, 0x2B, 0x30, 0x51, 0x25, 0x50, 0xD0,
0xB5, 0x82, 0xC7, 0x20, 0x0D, 0xA1, 0x2C, 0x38,
0xAF, 0x44, 0xFC, 0xBD, 0x49, 0xB8, 0x7F, 0x89,
0xEF, 0xBE, 0x37, 0x5C, 0xCB, 0xA2, 0x11, 0x75,
0x7D, 0xDA, 0xA8, 0x7B, 0x3A, 0x3C, 0x10, 0x11,
0x4D, 0x9F, 0x99, 0xAB, 0x4B, 0xA2, 0x20, 0x7A,
0x5F, 0x96, 0xEF, 0x1C, 0x00, 0xD7, 0x27, 0x17,
0x77, 0x7C, 0x51, 0x58, 0x4B, 0x13, 0x97, 0x53,
0x2A, 0xC6, 0x86, 0x4D, 0x3B, 0x8E, 0xBB, 0x4F,
0xB8, 0xA0, 0x84, 0x87, 0xF6, 0xEF, 0x55, 0x12,
0x2B, 0xCF, 0x9E, 0x5C, 0xD0, 0x0E, 0xBC, 0x1E,
0x79, 0x53, 0xE7, 0x8C, 0x4D, 0x8B, 0xCB, 0x20,
0xF6, 0xEA, 0x72, 0x0A, 0x63, 0x2F, 0x0C, 0xCF,
0x57, 0x27, 0x26, 0xF4, 0x3A, 0x95, 0xCA, 0xBE,
0xB5, 0x7C, 0x47, 0x60, 0x10, 0xCD, 0x28, 0x9E,
0x02, 0x64, 0xC9, 0x8D, 0x82, 0x49, 0xD0, 0xD6,
0x60, 0xF8, 0xDC, 0xC8, 0x4B, 0x7D, 0xB5, 0xEF,
0x11, 0x17, 0xC7, 0x94, 0x5F, 0x0D, 0x99, 0xBE,
0x75, 0x48, 0x49, 0xC6, 0x58, 0x43, 0x64, 0x99,
0x1A, 0x5A, 0x41, 0xBA, 0xC2, 0x31, 0xB3, 0xE0,
0x45, 0x1B, 0x81, 0xD2, 0x12, 0xBE, 0x90, 0xDB,
0xFF, 0xBC, 0xCB, 0x99, 0xA3, 0xF0, 0x74, 0xE8,
0x2C, 0x48, 0x58, 0xB3, 0x17, 0xA4, 0x9A, 0xD2,
0x22, 0x46, 0xFB, 0xF5, 0x85, 0x8D, 0x07, 0xDF,
0xDB, 0x78, 0x07, 0xF4, 0x99, 0xA8, 0x6C, 0xEE,
0x6E, 0x96, 0x20, 0xB8, 0xC2, 0xA9, 0xFA, 0x8B,
0x6E, 0xA6, 0x79, 0x6D, 0xF9, 0xC3, 0x0C, 0x77,
0x74, 0xAE, 0xB0, 0x40, 0xA9, 0xE5, 0xA7, 0x0B,
0x30, 0x40, 0x4B, 0x4F, 0xB1, 0x0A, 0x0B, 0x7B,
0xEE, 0x1F, 0x69, 0xFA, 0xD0, 0xF0, 0x2D, 0x5D,
0x00, 0xB5, 0x4D, 0xEB, 0x32, 0x84, 0xB2, 0xB7,
0x60, 0xAA, 0x6C, 0xF9, 0x98, 0x18, 0xB3, 0xD9,
0xC1, 0x54, 0x8D, 0xAC, 0x12, 0xB0, 0x3A, 0x26,
0xB2, 0x23, 0x2D, 0x9B, 0xF8, 0x20, 0xEE, 0x90,
0xE0, 0x6D, 0x31, 0xDE, 0xF5, 0xCA, 0xBA, 0x6A,
0x53, 0x40, 0x29, 0x6C, 0x18, 0x62, 0xA5, 0x8A,
0xB8, 0x17, 0xA0, 0xAB, 0xCB, 0xDC, 0xE1, 0x3B,
0xD6, 0xC6, 0x29, 0xA3, 0x1C, 0x5F, 0x8D, 0x6E,
0x73, 0xF6, 0x98, 0x10, 0x0F, 0x9F, 0x7E, 0xCA,
0x4C, 0xD8, 0xEB, 0xE4, 0xB8, 0xDF, 0x72, 0x78,
0x65, 0xAF, 0x4A, 0x20, 0xFE, 0x7C, 0xB4, 0xCA,
0x07, 0x81, 0xFD, 0xC5, 0xC5, 0xFD, 0x33, 0x4D,
0xB8, 0x37, 0x37, 0xC4, 0x21, 0x81, 0x66, 0x45,
0xAE, 0x81, 0x34, 0x13, 0xA6, 0x40, 0x81, 0x39,
0x55, 0x90, 0xE6, 0xF1, 0x42, 0x56, 0x74, 0xFF,
0x06, 0x9B, 0x50, 0x1F, 0x0F, 0xDA, 0x6B, 0x31,
0xC6, 0x4B, 0xC5, 0xC2, 0x14, 0xE7, 0x01, 0x5E,
0xA9, 0xDA, 0x12, 0x2D, 0x6C, 0xE0, 0x8C, 0xEB,
0x2D, 0xF6, 0x2C, 0x45, 0xBC, 0x01, 0x73, 0x34,
0x6D, 0xAB, 0xBC, 0x15, 0x4C, 0x16, 0x03, 0x35,
0x9D, 0xD4, 0xF0, 0xAC, 0x49, 0x84, 0x4A, 0xEE,
0x46, 0x47, 0x64, 0x93, 0xF2, 0x49, 0x59, 0x86,
0x26, 0xFB, 0x24, 0x6B, 0x99, 0xB3, 0x9A, 0xCB,
0xB4, 0x2B, 0x28, 0x4E, 0x0C, 0x2D, 0x3F, 0x9E,
0xCE, 0x32, 0x71, 0xC4, 0xD5, 0xE0, 0x6C, 0x48,
0x25, 0xEA, 0x1A, 0x8F, 0x08, 0x57, 0x23, 0x85,
0x89, 0xCD, 0xC5, 0x48, 0x37, 0x19, 0x8E, 0xD4,
0x23, 0x4D, 0xD0, 0x31, 0x73, 0xA8, 0x8E, 0x43,
0xEE, 0x95, 0x67, 0xF5, 0x7A, 0x93, 0x27, 0xD3,
0x90, 0x36, 0x30, 0x4C, 0xA1, 0xCD, 0xB5, 0xF8,
0x65, 0xC5, 0x89, 0x54, 0x57, 0x2C, 0xAE, 0xF8,
0x75, 0xF1, 0x2E, 0x14, 0x14, 0x14, 0x0D, 0x97,
0x5B, 0x24, 0x52, 0x46, 0x7A, 0x57, 0x6D, 0x9C,
0x4C, 0x79, 0xDB, 0x0A, 0xE0, 0x23, 0x69, 0x52,
0x9B, 0xF8, 0x1B, 0x54, 0x40, 0x18, 0xDF, 0xE0,
0x1E, 0xF0, 0x61, 0xE4, 0x79, 0x81, 0xF9, 0x98,
0x9A, 0x8C, 0x48, 0xFF, 0x86, 0x93, 0x0B, 0x68,
0x96, 0x78, 0x2F, 0xF1, 0x2D, 0xDC, 0x60, 0x1F,
0x8B, 0x1C, 0x04, 0x43, 0x4E, 0x60, 0x96, 0x5B,
0x8A, 0xF6, 0x89, 0xCC, 0xC8, 0xB2, 0x9B, 0xBF,
0x87, 0x16, 0x2E, 0xA8, 0x6F, 0x9B, 0x4B, 0xFD,
0x74, 0x4E, 0x8F, 0x36, 0x33, 0x23, 0xDE, 0x94,
0xD2, 0xA1, 0x72, 0x4F, 0xB2, 0xE6, 0x75, 0x3D,
0x6E, 0x47, 0x9B, 0xDB, 0x58, 0xE5, 0x4A, 0x0C,
0x09, 0x8F, 0x9C, 0x83, 0x63, 0x98, 0x8B, 0xA4,
0xF7, 0x3D, 0x01, 0xA6, 0x8B, 0x93, 0x97, 0x48,
0x84, 0x75, 0x32, 0xC7, 0xD7, 0x03, 0xDF, 0x7E,
0x94, 0x8C, 0x8A, 0xA6, 0x78, 0x1A, 0xAE, 0xDE,
0x36, 0x8A, 0xAD, 0x13, 0x7E, 0xF0, 0x16, 0xC2,
0x3B, 0xAF, 0xF9, 0xD8, 0x66, 0x12, 0x30, 0x72,
0x76, 0x6D, 0x21, 0x4C, 0xF3, 0xEF, 0x0D, 0x8C,
0x11, 0xA4, 0x12, 0xBE, 0xF5, 0x7E, 0x8E, 0x6A,
0x11, 0x13, 0x48, 0x8D, 0xC2, 0x62, 0xCF, 0x45,
0x7C, 0xE3, 0x91, 0x88, 0x59, 0xFF, 0xB0, 0xF1,
0xC3, 0xBC, 0x1D, 0x2A, 0x3E, 0x9B, 0x78, 0xF3,
0xB1, 0x2E, 0xB0, 0x27, 0xD8, 0x16, 0xF8, 0x9B,
0x2A, 0xAF, 0xF1, 0xAB, 0xB0, 0xF1, 0x8C, 0x7F,
0x94, 0x31, 0x97, 0x85, 0xDA, 0xF0, 0xF4, 0x27,
0x51, 0x3E, 0x5A, 0xE1, 0xDD, 0x6D, 0x9E, 0x98,
0x39, 0xBB, 0xDF, 0xA2, 0xBA, 0x2C, 0x08, 0xAD,
0x1D, 0x3F, 0x86, 0xF6, 0xC2, 0x1A, 0x8C, 0xAD,
0xE0, 0xDC, 0xDD, 0x02, 0x47, 0x4C, 0x7E, 0x2D,
0xDA, 0x1D, 0x70, 0x92, 0x39, 0xAA, 0x4E, 0xBA,
0x14, 0xC7, 0xEC, 0x26, 0xBD, 0x9D, 0x1F, 0x6D,
0x91, 0x58, 0x3C, 0xB5, 0xEF, 0x37, 0xB9, 0x66,
0x4E, 0x04, 0x7C, 0x29, 0xCF, 0xD7, 0x8E, 0x47,
0x84, 0xF3, 0xD2, 0x21, 0x84, 0xC5, 0xF8, 0xDC,
0xC9, 0xF2, 0x52, 0xD5, 0x6A, 0xBF, 0xF1, 0xF1,
0xDE, 0x9E, 0x7A, 0xF1, 0xD5, 0x5A, 0xF6, 0xEF,
0x94, 0x66, 0xF9, 0x25, 0x44, 0x7F, 0x8D, 0x92,
0xA2, 0x25, 0x1C, 0x72, 0x92, 0x30, 0x2A, 0xB7,
0xEF, 0x18, 0xF3, 0x8C, 0xEF, 0x69, 0xA5, 0x5C,
0x19, 0x3E, 0xC5, 0xBD, 0xEE, 0x2C, 0x2D, 0x71,
0xDB, 0x89, 0xD4, 0x11, 0xA6, 0x27, 0x80, 0x8F,
0x5A, 0x39, 0x9A, 0x04, 0x28, 0x4F, 0x9F, 0x00,
0xBE, 0xF9, 0xF7, 0x9B, 0x46, 0x69, 0xD6, 0xAC,
0x12, 0xE9, 0xA7, 0xC2, 0xD1, 0xC8, 0xAD, 0x5D,
0xF7, 0xCB, 0x0C, 0x98, 0x78, 0x2D, 0x04, 0x4D,
0x2D, 0x41, 0xAB, 0xC6, 0x3F, 0x81, 0x1D, 0xB9,
0x2C, 0x1F, 0x3F, 0x59, 0x11, 0xF4, 0x80, 0x4F,
0x0B, 0xCA, 0x9F, 0x81, 0x6E, 0x9C, 0xD1, 0xB4,
0x74, 0x06, 0x48, 0x0A, 0x87, 0x2C, 0xFD, 0x4D,
0x85, 0xD4, 0x21, 0x65, 0x7C, 0x96, 0x69, 0x53,
0x51, 0xC0, 0xC4, 0xB0, 0xEB, 0x20, 0xDB, 0xE0,
0x41, 0x09, 0xA7, 0x62, 0xB2, 0xF3, 0xC7, 0x6A,
0x1D, 0x53, 0xA0, 0x39, 0xBA, 0xCF, 0x78, 0x9E,
0xBF, 0x1D, 0xA5, 0x98, 0x09, 0x8E, 0xA7, 0x1A,
0xE7, 0x95, 0xFF, 0x10, 0x38, 0xCC, 0x8F, 0x44,
0xCB, 0xE7, 0xF6, 0xD6, 0x2C, 0xFF, 0xA8, 0x1C,
0xFF, 0xA3, 0x65, 0xE8, 0x4E, 0xAE, 0xC7, 0xEF,
0x61, 0xE1, 0x16, 0x4B, 0x8C, 0xA8, 0xC8, 0xFB,
0xA5, 0x2C, 0xD1, 0x0A, 0x39, 0xAB, 0x4A, 0xF9,
0xEE, 0x0B, 0x9B, 0xB4, 0x33, 0x5E, 0x25, 0x15,
0xD0, 0xAA, 0x93, 0xC4, 0x53, 0x42, 0x91, 0xC5,
0x98, 0x15, 0x34, 0x9A, 0x22, 0x1D, 0x9A, 0xE7,
0x0E, 0x81, 0xF6, 0x99, 0x55, 0xB3, 0xD6, 0x49,
0x1B, 0xB8, 0xA8, 0xBE, 0xDF, 0x54, 0xF0, 0x78,
0xF7, 0x02, 0x97, 0x74, 0x84, 0x67, 0x6B, 0xAE,
0x2F, 0xEC, 0x6E, 0x59, 0x20, 0x68, 0xD8, 0xE3,
0x5A, 0x07, 0x48, 0xE1, 0x99, 0x90, 0xEE, 0xCD,
0x17, 0x2B, 0xB6, 0xD6, 0xAA, 0x1A, 0xF8, 0x97,
0x4E, 0xE0, 0x67, 0x9E, 0x4C, 0x35, 0xFE, 0x68,
0x71, 0x54, 0x43, 0x5D, 0x43, 0x59, 0x19, 0xEB,
0x58, 0x8E, 0x9A, 0xF6, 0xBD, 0x88, 0x71, 0xEE,
0x89, 0xC6, 0xF2, 0x10, 0x04, 0x33, 0x13, 0x88,
0xCD, 0x08, 0xB5, 0xE3, 0x5D, 0xA8, 0xBC, 0x43,
0xB3, 0x84, 0x5F, 0x70, 0x94, 0xD9, 0xAC, 0xAE,
0x74, 0x70, 0x13, 0x1E, 0x21, 0xFB, 0xD5, 0x7F,
0xEC, 0x66, 0x2F, 0xA0, 0xB1, 0x1D, 0xE3, 0xF8,
0xB9, 0x36, 0x48, 0x25, 0x3D, 0xBA, 0x7D, 0x44,
0x08, 0xC5, 0x71, 0x74, 0xDA, 0xD3, 0x4F, 0x97,
0x86, 0xF1, 0x16, 0x38, 0xD8, 0xC9, 0xE3, 0x3A,
0xA7, 0x2E, 0x06, 0x4D, 0x9D, 0xE8, 0xFC, 0x38,
0x58, 0x2A, 0x8D, 0x2D, 0x07, 0x99, 0xEA, 0xDF,
0xF3, 0x00, 0x3B, 0xBC, 0x5F, 0x67, 0x1E, 0x4B,
0x6C, 0xF1, 0x4A, 0x47, 0xB0, 0x71, 0x90, 0x5A,
0x3B, 0x75, 0x93, 0x75, 0x56, 0x50, 0x4C, 0x70,
0xF3, 0xC7, 0x95, 0xD5, 0xEA, 0xCB, 0x4C, 0x92,
0x4F, 0x22, 0x4F, 0xD9, 0x34, 0x46, 0x76, 0xFB,
0x79, 0xD6, 0xBD, 0x4E, 0x84, 0xEE, 0xE7, 0x78,
0x7C, 0xB8, 0x92, 0x9F, 0xAD, 0xF2, 0x17, 0x5D,
0x38, 0xB1, 0x88, 0x2E, 0xE9, 0x65, 0xAC, 0x4C,
0x24, 0x27, 0x1D, 0x7B, 0xA3, 0x69, 0x96, 0x55,
0x5C, 0x26, 0x40, 0xAF, 0x04, 0xB1, 0xCE, 0xA8,
0x5D, 0x1E, 0x1F, 0xE5, 0x5A, 0xC3, 0xAE, 0xF9,
0x14, 0x03, 0x58, 0x10, 0x1C, 0x8B, 0x1F, 0xDB,
0x6C, 0x71, 0x68, 0x60, 0x13, 0x32, 0xF1, 0xA9,
0x69, 0x45, 0x28, 0x69, 0x7C, 0xE3, 0xC9, 0x56,
0xAF, 0xF3, 0xBD, 0x4B, 0x9E, 0x0A, 0x06, 0x6A,
0x62, 0x20, 0x40, 0x65, 0xBD, 0xBC, 0xBF, 0xC7,
0x0A, 0x2A, 0xCF, 0x56, 0x7C, 0x0E, 0x64, 0xBB,
0x64, 0x71, 0x2D, 0x90, 0xBB, 0x32, 0x00, 0x0A,
0x4A, 0x45, 0x44, 0x08, 0x75, 0x2C, 0x86, 0x13,
0x86, 0x52, 0x8D, 0x3D, 0xFC, 0xF3, 0x5E, 0x5B,
0x3F, 0x7A, 0xAA, 0x98, 0x84, 0xCF, 0x92, 0xF9,
0x0B, 0x40, 0x8F, 0xC0, 0xA3, 0x71, 0x84, 0xAD,
0xEE, 0xDF, 0xC4, 0x91, 0x7E, 0x87, 0x7D, 0x06,
0xCA, 0x65, 0x8C, 0xE4, 0x8E, 0x03, 0xF0, 0x59,
0x3E, 0xB4, 0x90, 0x4C, 0xEE, 0x88, 0x29, 0xE4,
0x26, 0x7D, 0xA6, 0x54, 0x82, 0x49, 0xC1, 0x9D,
0x80, 0xAB, 0x6B, 0xD7, 0xBE, 0x7D, 0x09, 0x80,
0x5E, 0xB6, 0xD1, 0x1E, 0xD1, 0x1B, 0xE9, 0x8D,
0xFC, 0x6E, 0x9C, 0x14, 0x0C, 0x15, 0x02, 0x87,
0xF3, 0x9D, 0x21, 0xF8, 0xCB, 0xC8, 0xB9, 0xBD,
0xE1, 0x70, 0xEA, 0xE4, 0x86, 0x4C, 0x97, 0xC1,
0xEE, 0x4C, 0x18, 0x95, 0xEC, 0xD2, 0x4D, 0x35,
0x9F, 0xC6, 0x56, 0x10, 0x3E, 0xC0, 0xB9, 0x7B,
0x13, 0x1A, 0x37, 0x3D, 0x40, 0x4C, 0x88, 0x8B,
0x9A, 0xA5, 0xB2, 0xB8, 0xB9, 0xC3, 0xEC, 0xF1,
0x14, 0x33, 0x63, 0x67, 0x84, 0x98, 0xC8, 0xF4,
0x06, 0x0C, 0x0E, 0x0F, 0x10, 0x12, 0x15, 0x16,
0x45, 0x4E, 0x55, 0x5A, 0x5F, 0x8A, 0x94, 0x97,
0xA8, 0xAF, 0xB2, 0xCC, 0xD4, 0xDC, 0xE7, 0xF1,
0xFE, 0xFF, 0x11, 0x24, 0x53, 0x62, 0x94, 0xB7,
0xB9, 0xD3, 0xD9, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x10, 0x18, 0x32, 0x3B
};
#endif
#ifndef WOLFSSL_NO_ML_DSA_65
static const byte pk_65[] = {
0x6C, 0x84, 0x14, 0x38, 0x08, 0x56, 0xCB, 0x52,
0xD7, 0x9C, 0x4B, 0x29, 0x13, 0x9F, 0xB1, 0x83,
0x9B, 0x86, 0x06, 0xF5, 0x94, 0x8B, 0x9D, 0x72,
0xA9, 0x56, 0xDC, 0xF1, 0x01, 0x16, 0xDA, 0x9E,
0x2D, 0x79, 0x77, 0x01, 0x86, 0xFC, 0x74, 0xD9,
0x42, 0xC0, 0xF4, 0xA3, 0xB5, 0x95, 0xFF, 0x6C,
0x19, 0x80, 0x4B, 0x49, 0x90, 0x1C, 0x6A, 0xD5,
0xFA, 0xF7, 0x16, 0x01, 0xC2, 0xB6, 0x00, 0x31,
0x5E, 0x1F, 0x40, 0xC2, 0x05, 0x47, 0x67, 0xB0,
0x09, 0x25, 0xDF, 0x3A, 0xA4, 0x90, 0xE8, 0xC7,
0x6F, 0x05, 0xFB, 0xFB, 0x74, 0x91, 0x10, 0x75,
0xE6, 0x51, 0x8C, 0x5F, 0x1D, 0x91, 0xB8, 0xA0,
0xE5, 0xB5, 0x98, 0x30, 0xD3, 0xDF, 0x39, 0x94,
0x76, 0x04, 0x11, 0xEB, 0xB9, 0x11, 0xED, 0x4C,
0xC2, 0xC1, 0x60, 0xE3, 0x84, 0x9A, 0x93, 0x76,
0x2D, 0xFC, 0xA7, 0xB9, 0x81, 0x2B, 0xC7, 0xAE,
0xB2, 0xDD, 0xB2, 0x76, 0x7B, 0xEF, 0x36, 0x50,
0x56, 0x05, 0xAE, 0x06, 0x92, 0x60, 0xBC, 0xC8,
0xDC, 0x47, 0x87, 0xC4, 0x28, 0xCB, 0x3C, 0x07,
0x6E, 0xF2, 0xA6, 0xB9, 0x35, 0x61, 0xD8, 0x94,
0x3F, 0x45, 0xCA, 0xBE, 0x8F, 0x05, 0x53, 0xFF,
0x2E, 0xA1, 0xAC, 0x95, 0xC1, 0xCE, 0x21, 0x59,
0x3A, 0x17, 0x54, 0x59, 0xD7, 0xDF, 0x12, 0xC4,
0x07, 0x0A, 0xDB, 0x0E, 0xEE, 0x55, 0xB4, 0xAB,
0xAE, 0x59, 0xBE, 0x69, 0xC3, 0xFF, 0x0D, 0xE5,
0xA9, 0xB0, 0x27, 0xFC, 0x7D, 0x8E, 0x6E, 0x05,
0x7B, 0x71, 0x52, 0xEE, 0x6A, 0xB4, 0x80, 0xD1,
0x05, 0xD3, 0x0B, 0x0F, 0x50, 0x51, 0xB6, 0x0C,
0x79, 0x01, 0xC5, 0x25, 0xC4, 0x63, 0x5F, 0xE6,
0x68, 0xCC, 0x00, 0xE9, 0xD3, 0x09, 0x7D, 0xB9,
0x9D, 0x66, 0x32, 0x37, 0x15, 0xCE, 0x4F, 0x0B,
0x79, 0xB4, 0x26, 0xB4, 0x54, 0x5E, 0x09, 0xF4,
0xDE, 0x39, 0x32, 0x3D, 0xD1, 0x4C, 0xCB, 0x0D,
0x17, 0x10, 0x8C, 0xD4, 0x6D, 0xEC, 0x61, 0x38,
0xCD, 0xFA, 0x28, 0x72, 0xC1, 0xC4, 0xC8, 0xAE,
0xAD, 0x5C, 0x8C, 0xE0, 0x41, 0x57, 0xE5, 0x53,
0xA3, 0x75, 0x58, 0xC2, 0x34, 0x6A, 0x06, 0x19,
0x4C, 0xB5, 0x0B, 0x49, 0x81, 0xBF, 0x4D, 0x09,
0x0C, 0xE4, 0xE8, 0x60, 0x12, 0x6A, 0x82, 0x54,
0xA4, 0xD4, 0xC0, 0x84, 0xC3, 0xE2, 0x02, 0x0B,
0xC0, 0x75, 0x35, 0x21, 0x04, 0x9B, 0x0F, 0xD8,
0x89, 0x97, 0xE0, 0x27, 0xAC, 0x51, 0xE7, 0x5C,
0xF1, 0x35, 0x0C, 0x3F, 0x30, 0x3A, 0x0E, 0xCE,
0x42, 0x64, 0x87, 0x15, 0x3D, 0xAF, 0x1F, 0xAA,
0xD6, 0x80, 0x8B, 0x9D, 0x99, 0x07, 0xDA, 0x9F,
0x35, 0x18, 0x5B, 0xD3, 0xBE, 0x8D, 0x9C, 0xEB,
0xE9, 0x16, 0xCE, 0xD1, 0xFA, 0x29, 0x28, 0xD8,
0x85, 0xA9, 0xCB, 0xA8, 0x81, 0x49, 0x70, 0x3F,
0x5E, 0x47, 0x72, 0xE4, 0x85, 0x23, 0x12, 0x5D,
0xDD, 0x02, 0x6E, 0x71, 0x4C, 0x49, 0xF4, 0xFB,
0x4E, 0x54, 0x4B, 0xBF, 0x61, 0x7A, 0x40, 0xB0,
0x0B, 0x68, 0xDF, 0x8F, 0x15, 0x5F, 0x58, 0x80,
0xD4, 0x11, 0x87, 0x7E, 0x25, 0xB4, 0x2B, 0x24,
0x48, 0xB3, 0x6B, 0xEC, 0x2F, 0x1F, 0x8F, 0x9A,
0x77, 0x0C, 0x54, 0x51, 0x50, 0xA0, 0x27, 0x8E,
0x9B, 0x72, 0x45, 0x00, 0xAE, 0xAA, 0xEA, 0x47,
0x1C, 0x11, 0xCF, 0xF0, 0x4E, 0x30, 0xEA, 0xB2,
0xF4, 0x73, 0xBC, 0x04, 0x8E, 0x32, 0xCD, 0x31,
0xAE, 0xF2, 0x15, 0x79, 0xB6, 0x99, 0x22, 0x5B,
0xF9, 0xE1, 0xB6, 0x70, 0x0C, 0x57, 0xE5, 0x09,
0xFC, 0xA1, 0xF2, 0x36, 0x29, 0x4A, 0x59, 0x74,
0xDA, 0xA1, 0x5F, 0xBC, 0xAD, 0x62, 0xD4, 0xBD,
0xDC, 0x45, 0x32, 0xB2, 0x61, 0x41, 0x44, 0xDB,
0xE2, 0x88, 0x07, 0x36, 0x8C, 0x28, 0x1A, 0x77,
0x0E, 0xA2, 0x2B, 0x1E, 0x5A, 0x3F, 0xA5, 0xBA,
0x14, 0x92, 0x6D, 0xC5, 0x5A, 0x54, 0xF8, 0x4A,
0x2A, 0x77, 0xC5, 0xA7, 0x08, 0x41, 0xF0, 0x7B,
0xC1, 0xDE, 0xEF, 0x74, 0x03, 0xB2, 0x47, 0xAB,
0x42, 0xB8, 0x4A, 0xDF, 0x14, 0x1E, 0x03, 0x0C,
0x98, 0x46, 0x84, 0x24, 0xDA, 0xAE, 0xB9, 0x9D,
0x25, 0x77, 0xF9, 0x50, 0xC2, 0x37, 0x3C, 0xCA,
0x1E, 0x2D, 0xC2, 0x76, 0x1B, 0x8E, 0xDD, 0x6D,
0x08, 0xFF, 0x79, 0xE5, 0x28, 0x88, 0x0F, 0xFB,
0x51, 0xC3, 0x6E, 0xD4, 0x20, 0xAC, 0x5D, 0x50,
0xF2, 0x58, 0x2A, 0xA6, 0x64, 0xE5, 0x4E, 0xA5,
0xF4, 0x18, 0x9E, 0xA0, 0x17, 0x6D, 0xAA, 0x61,
0x22, 0xF6, 0x23, 0x5A, 0x70, 0xB1, 0x5C, 0xEB,
0x4D, 0xDD, 0x65, 0xD3, 0xBE, 0x6E, 0xBF, 0x3D,
0xC4, 0x31, 0x89, 0xEE, 0x0A, 0x2E, 0x31, 0x05,
0x63, 0x8F, 0x23, 0x87, 0x36, 0x95, 0x28, 0x0F,
0x1B, 0x74, 0x27, 0x43, 0x52, 0xD6, 0x0A, 0x48,
0xE5, 0xD3, 0xDD, 0x02, 0xFB, 0x7A, 0x5E, 0xD8,
0x3F, 0xE2, 0x7A, 0x69, 0x82, 0x51, 0x42, 0x1C,
0x8E, 0x9C, 0x98, 0x80, 0x61, 0x02, 0x39, 0x6E,
0x53, 0x73, 0x90, 0xAC, 0xFD, 0x8C, 0x1D, 0x0B,
0x4F, 0x99, 0xB7, 0x02, 0xA9, 0xEA, 0x65, 0x98,
0x78, 0x58, 0x3D, 0x92, 0x75, 0x89, 0x41, 0xB3,
0x0E, 0xCE, 0x50, 0x7C, 0x10, 0x4B, 0x2C, 0xE4,
0x87, 0x67, 0x9E, 0xCF, 0x68, 0xB4, 0xD8, 0xB9,
0x80, 0x69, 0x8A, 0xCF, 0x6A, 0xA6, 0xA5, 0x7E,
0x8E, 0xD6, 0xAF, 0x3F, 0xF1, 0x8D, 0x26, 0x68,
0x95, 0x04, 0x28, 0xB5, 0x7D, 0x18, 0x2F, 0x73,
0xBB, 0x49, 0xB9, 0xB0, 0x38, 0xCC, 0xC8, 0x2D,
0x56, 0x12, 0x78, 0xA3, 0x86, 0xD5, 0x66, 0x45,
0xEC, 0x3F, 0xAF, 0xFB, 0x41, 0x25, 0xE0, 0xE7,
0xF3, 0x6B, 0x48, 0xB1, 0x4B, 0x45, 0x25, 0x47,
0xA0, 0xB4, 0x81, 0xAA, 0x6B, 0x33, 0x42, 0x29,
0x24, 0x91, 0x53, 0xE4, 0x2E, 0xDF, 0x7E, 0x49,
0xDD, 0x6E, 0x76, 0x36, 0xBF, 0xC6, 0x15, 0xA2,
0x3A, 0x40, 0x1E, 0xFD, 0x40, 0x34, 0xC8, 0x1B,
0x4D, 0xCE, 0xF0, 0x27, 0xD3, 0x44, 0xDD, 0xCC,
0xE0, 0xA7, 0x16, 0x18, 0xEB, 0x59, 0x10, 0xCE,
0xC6, 0x22, 0x28, 0x81, 0x93, 0x85, 0x03, 0x3E,
0x8D, 0x0A, 0xBD, 0x49, 0x3D, 0x98, 0x3E, 0x4F,
0xC0, 0x87, 0xD7, 0x2B, 0x45, 0x5E, 0x4D, 0xB6,
0x3A, 0x2F, 0x82, 0xCE, 0xFF, 0x65, 0xC1, 0xE6,
0x28, 0xEA, 0xE6, 0x30, 0x59, 0x6D, 0xEC, 0x27,
0xFB, 0x98, 0xB8, 0x4D, 0xBF, 0xDC, 0xDF, 0xAB,
0x40, 0xE4, 0x72, 0x24, 0x49, 0x14, 0xAF, 0xF1,
0x79, 0x32, 0x6D, 0x54, 0x2D, 0x40, 0x1A, 0x3C,
0xBB, 0x86, 0xE5, 0xFF, 0x83, 0x51, 0xEF, 0xE5,
0x3A, 0x73, 0xC5, 0x1A, 0xBB, 0x63, 0xFF, 0x55,
0x3E, 0x7D, 0x79, 0x57, 0xEF, 0x89, 0x13, 0x5E,
0x0F, 0x5B, 0xB1, 0xBD, 0x0C, 0x24, 0xF9, 0xE4,
0x5E, 0x32, 0x36, 0x41, 0x3C, 0x60, 0xE1, 0x39,
0x6A, 0x47, 0x56, 0x7C, 0x94, 0x39, 0x51, 0x0F,
0x00, 0xD4, 0xA4, 0x3C, 0x14, 0x9A, 0x5C, 0xCC,
0x04, 0xF3, 0xD4, 0x7E, 0x67, 0xA8, 0xE2, 0x94,
0xA4, 0x61, 0xA5, 0xF6, 0x93, 0xDB, 0x0C, 0xAE,
0x22, 0xCF, 0xAC, 0x61, 0xE8, 0x53, 0x47, 0x7D,
0x33, 0x9A, 0x4E, 0x45, 0xF7, 0xB1, 0x7C, 0x3C,
0x11, 0x6D, 0x56, 0xF3, 0xA0, 0x68, 0xFC, 0x5A,
0xDF, 0xEF, 0x38, 0xFF, 0x85, 0x33, 0x2B, 0xD5,
0x15, 0x3C, 0x4D, 0x8F, 0xB8, 0xF1, 0x48, 0xF1,
0x17, 0x65, 0x9C, 0x2E, 0xA9, 0x4D, 0xB4, 0x2A,
0xA0, 0xB0, 0xBE, 0xBB, 0x47, 0x5A, 0x11, 0x04,
0x12, 0xF3, 0xCD, 0x33, 0x49, 0xFC, 0x1A, 0xD0,
0x41, 0xB7, 0xD5, 0x30, 0x4A, 0x85, 0x93, 0x14,
0x4E, 0xFA, 0x3A, 0x36, 0x1D, 0x1B, 0x0C, 0x76,
0x13, 0xB8, 0x2C, 0x08, 0x6E, 0xA7, 0x12, 0x6E,
0x43, 0xC6, 0x16, 0xCE, 0xE8, 0xF1, 0x44, 0x4E,
0x99, 0x56, 0xE8, 0x7F, 0x5C, 0xAB, 0x95, 0xC7,
0xC7, 0xFB, 0x17, 0x58, 0xEC, 0x7D, 0x97, 0x01,
0x9E, 0x5B, 0xA9, 0x35, 0x43, 0xEF, 0x3B, 0xAC,
0x1A, 0x17, 0x42, 0x99, 0xCA, 0x48, 0xBF, 0x78,
0x59, 0xDB, 0xFB, 0xDF, 0xF2, 0x43, 0xB1, 0x14,
0xF6, 0xBF, 0x42, 0x3C, 0xE9, 0x8B, 0x4D, 0x4D,
0x09, 0x1D, 0xA4, 0x4F, 0x32, 0x74, 0xD5, 0x73,
0xFD, 0xC9, 0x04, 0xBD, 0x88, 0x5E, 0x35, 0xC9,
0x15, 0x2A, 0x65, 0x35, 0x48, 0x88, 0xF1, 0x1E,
0xD4, 0xF3, 0xD6, 0x3F, 0x26, 0xA7, 0xBE, 0x2F,
0x57, 0x26, 0xEA, 0xDA, 0xF4, 0x85, 0x86, 0x59,
0x2B, 0xBD, 0xF6, 0xCE, 0xE2, 0x46, 0x76, 0x9E,
0x0E, 0xDA, 0x2A, 0x80, 0x77, 0x1F, 0xED, 0x34,
0x7D, 0x67, 0xAF, 0xEE, 0xC6, 0x8B, 0x89, 0x46,
0x3F, 0xA0, 0x49, 0x6D, 0xBC, 0x15, 0xC8, 0x9E,
0x8D, 0x56, 0x99, 0x83, 0xD1, 0xD6, 0x74, 0x73,
0x3F, 0x2B, 0xF9, 0xDF, 0x4A, 0x98, 0x0E, 0xA8,
0xC5, 0xE3, 0xAF, 0x15, 0x56, 0x0A, 0x0E, 0x28,
0xD6, 0x72, 0xB5, 0x80, 0xAB, 0x65, 0x52, 0xED,
0x76, 0xAA, 0xCB, 0x5F, 0x80, 0x26, 0x0B, 0x97,
0x03, 0x76, 0x9D, 0x33, 0xF4, 0x13, 0x8A, 0xBC,
0x10, 0xBF, 0x5B, 0x05, 0x82, 0xDC, 0xC6, 0x2D,
0xBE, 0x58, 0xC8, 0x90, 0xF5, 0x1B, 0x41, 0x00,
0x12, 0x77, 0x34, 0xFB, 0x7D, 0xB7, 0x44, 0x7A,
0x72, 0x0A, 0xAE, 0x00, 0x9D, 0x00, 0xBE, 0x8C,
0x61, 0x07, 0x92, 0xC6, 0x4F, 0x13, 0x1F, 0x2D,
0x72, 0x11, 0x5C, 0x7E, 0x05, 0x8E, 0x48, 0xB9,
0xDE, 0x64, 0xF5, 0x5B, 0x4D, 0x61, 0x0C, 0x36,
0xD1, 0x12, 0x71, 0x6A, 0x31, 0xA3, 0xDF, 0xE2,
0x66, 0x99, 0xE9, 0xC2, 0xAB, 0xA0, 0x56, 0x58,
0xCE, 0xF1, 0xB2, 0xB0, 0x86, 0x7C, 0xF8, 0xD5,
0x23, 0x3D, 0xB7, 0x4F, 0xA8, 0xDC, 0x3A, 0xD1,
0x45, 0xF5, 0xD2, 0x85, 0x74, 0x36, 0x0A, 0x85,
0xE3, 0xB0, 0xB1, 0x0A, 0xC0, 0xA6, 0x46, 0x7A,
0x7B, 0x05, 0x98, 0x46, 0x28, 0xEC, 0xA1, 0x04,
0x63, 0xF3, 0x48, 0xA3, 0x11, 0x1E, 0x00, 0x57,
0x8D, 0x3C, 0xE5, 0x48, 0x0F, 0x53, 0x75, 0xA1,
0xEE, 0x23, 0xEE, 0x82, 0x08, 0x7B, 0xAC, 0x41,
0x23, 0x3A, 0x14, 0xAA, 0xA7, 0x24, 0x73, 0x4B,
0x18, 0x74, 0xA4, 0xAC, 0xE1, 0x13, 0x37, 0x06,
0x25, 0x8F, 0x5F, 0xEA, 0x3A, 0x0C, 0x16, 0x09,
0xE3, 0x0C, 0x7F, 0xD2, 0x10, 0xDA, 0x0C, 0x4F,
0xDE, 0x91, 0x62, 0xDF, 0x66, 0xFB, 0xAF, 0x79,
0x2F, 0xA2, 0xAE, 0xAA, 0x51, 0x2F, 0x0F, 0xF7,
0x83, 0x7B, 0x9C, 0xC0, 0x2E, 0xE9, 0xBD, 0x95,
0x53, 0x9F, 0x00, 0x1B, 0xBD, 0x60, 0xDD, 0x8B,
0x42, 0xD6, 0x16, 0xB2, 0xCA, 0x95, 0xF3, 0x83,
0x5F, 0x5E, 0x47, 0xD4, 0x3B, 0x14, 0x34, 0xC4,
0x56, 0x3F, 0xD8, 0x1C, 0x15, 0xBE, 0xFA, 0x20,
0x2C, 0xF3, 0xD9, 0x54, 0x08, 0x73, 0xF6, 0x84,
0xAF, 0xE1, 0x9A, 0xB5, 0xC0, 0x1F, 0xA9, 0x2E,
0x95, 0xA8, 0xCD, 0x6F, 0x36, 0x07, 0x30, 0x85,
0x6E, 0x59, 0xC9, 0xC6, 0xAB, 0x77, 0x0D, 0x65,
0x75, 0x96, 0x2A, 0xF7, 0x58, 0x78, 0x57, 0x2A,
0x2A, 0x26, 0x41, 0x3D, 0x01, 0xAB, 0x31, 0x8C,
0x10, 0x0D, 0xFC, 0x34, 0xDC, 0x1D, 0xEF, 0xA5,
0x92, 0x7C, 0x4B, 0x45, 0x99, 0x25, 0xD7, 0x3E,
0x1E, 0xB9, 0x14, 0x70, 0xE3, 0x7A, 0x58, 0x45,
0x5C, 0x22, 0xA9, 0x61, 0xFD, 0x53, 0xF7, 0xD9,
0x90, 0x26, 0xFF, 0x88, 0x4B, 0xF4, 0xA2, 0x57,
0x9F, 0x70, 0x63, 0x35, 0xEF, 0xB6, 0xFB, 0x22,
0x50, 0xD5, 0x2A, 0xE5, 0x61, 0x89, 0x8B, 0xA1,
0x60, 0x6E, 0x51, 0xE9, 0x6D, 0x37, 0xC9, 0xED,
0x3E, 0xC6, 0xCF, 0xCB, 0x33, 0xBF, 0xBE, 0x9C,
0x31, 0x43, 0xFD, 0x3B, 0x6B, 0x33, 0x4D, 0x5F,
0x61, 0x92, 0x2B, 0x36, 0x9A, 0xFB, 0xB3, 0x1C,
0x3E, 0x6E, 0x9B, 0x5F, 0x3A, 0xEB, 0xF9, 0x5C,
0xB7, 0x08, 0x34, 0x6F, 0xEC, 0xF7, 0x15, 0x9C,
0xAD, 0x94, 0xA9, 0x3D, 0x8C, 0xD4, 0xB8, 0xC4,
0x89, 0x41, 0x92, 0xDF, 0xE5, 0x3E, 0xA4, 0x36,
0xFB, 0xF3, 0xAF, 0x4E, 0x86, 0x4E, 0x8C, 0x39,
0x91, 0xEA, 0x02, 0x0A, 0x81, 0x1F, 0x0A, 0xF5,
0x0B, 0x42, 0x57, 0x43, 0x6A, 0x3F, 0xF5, 0x22,
0xBE, 0x73, 0x67, 0x39, 0x1D, 0x0F, 0x95, 0x0B,
0xA6, 0x45, 0x2F, 0xBF, 0xD8, 0xFD, 0x87, 0x28,
0xF4, 0x0B, 0xD2, 0xFC, 0xB8, 0x94, 0x52, 0x99,
0x85, 0xB4, 0x32, 0xDF, 0xEF, 0x62, 0x30, 0xEB,
0x4D, 0xEE, 0x73, 0x7A, 0x8D, 0x10, 0xA3, 0xBC,
0xDF, 0xB7, 0x63, 0xE0, 0x86, 0x9B, 0x22, 0x5C,
0x1A, 0x8D, 0x0E, 0x1F, 0xBF, 0x2D, 0x16, 0x1C,
0x2C, 0x65, 0xD6, 0xDF, 0xB9, 0x58, 0xE9, 0x82,
0xD1, 0x17, 0x77, 0xAC, 0xBE, 0xAD, 0x8D, 0xFB,
0x6B, 0x1F, 0x5E, 0xB2, 0x1E, 0xA9, 0x42, 0xF7,
0xC4, 0x0D, 0xC2, 0x0D, 0x2E, 0x4E, 0xB3, 0xE7,
0x29, 0xB4, 0xE2, 0x9F, 0x75, 0x01, 0xDA, 0x34,
0x23, 0x45, 0x61, 0xF6, 0x28, 0x88, 0x12, 0xD6,
0x12, 0xD4, 0x1D, 0xFA, 0x83, 0xC5, 0xB8, 0xD9,
0x0F, 0xF3, 0x8B, 0xA5, 0x48, 0x20, 0x1B, 0x57,
0x5B, 0x52, 0x93, 0xAD, 0x78, 0x12, 0x0D, 0x91,
0xCE, 0xC0, 0x59, 0xCA, 0xE2, 0xE7, 0x6A, 0x9A,
0xB4, 0x3E, 0xF1, 0x28, 0x1E, 0x2B, 0xEF, 0x3E,
0x34, 0x8D, 0x28, 0xF2, 0x19, 0x47, 0xC8, 0x88,
0x48, 0x96, 0x04, 0x59, 0x48, 0x97, 0x75, 0x17,
0x6F, 0x8E, 0x40, 0xEE, 0x06, 0x42, 0x79, 0x53,
0x68, 0x7F, 0xB6, 0x3E, 0x47, 0x0F, 0x7D, 0x59,
0xFB, 0x60, 0xDF, 0x56, 0x9F, 0x8A, 0x11, 0xE2,
0x8E, 0x09, 0x37, 0x16, 0x2C, 0x46, 0xAF, 0xC7,
0xD2, 0x21, 0x0A, 0x88, 0x5F, 0xFA, 0x21, 0xB3,
0xDB, 0xF5, 0x35, 0x4B, 0x29, 0x41, 0xF4, 0xED,
0x5D, 0x50, 0x79, 0x08, 0x90, 0x84, 0x0C, 0xC3,
0xB9, 0x73, 0xD2, 0xC3, 0xD0, 0x26, 0x02, 0xB2,
0x9B, 0xAC, 0xCB, 0x6C, 0xE1, 0x7C, 0xED, 0xB9,
0x7B, 0x08, 0x5A, 0x2A, 0xB3, 0x10, 0x57, 0x2B,
0xA7, 0x37, 0x1D, 0x1F, 0x81, 0x20, 0xFF, 0xE3,
0x7D, 0x0B, 0x0F, 0xCA, 0x35, 0xAF, 0xC5, 0xB5,
0x62, 0xAA, 0x84, 0x99, 0x71, 0x5A, 0x29, 0x9C,
0xE0, 0x59, 0xCC, 0xE3, 0xB0, 0xD1, 0x1C, 0xEF,
0x0D, 0x92, 0x38, 0x96, 0x1A, 0xD4, 0xBE, 0x11,
0xE9, 0xA6, 0xD1, 0xA4, 0x69, 0x21, 0x77, 0xC8,
0xB0, 0xC5, 0x3F, 0x11, 0xA8, 0xED, 0x26, 0x50,
0x21, 0x2E, 0x7A, 0x2F, 0x80, 0xEB, 0xFF, 0x6D,
0xCF, 0xE4, 0x67, 0x21, 0x03, 0x65, 0x84, 0x34,
0xD0, 0x32, 0x7A, 0xDD, 0xCD, 0x66, 0xBC, 0xB6
};
static const byte msg_65[] = {
0xDB, 0x84, 0x94, 0xBA, 0x19, 0xC4, 0x11, 0x8F,
0xB1, 0x5D, 0x0A, 0xCF, 0x42, 0x54, 0xFD, 0x37,
0x48, 0x3F, 0xCF, 0x47, 0x48, 0xFD, 0x18, 0x44,
0xF7, 0x17, 0xCE, 0x6F, 0x69, 0x58, 0x9E, 0x61,
0x77, 0x2C, 0xFE, 0xFA, 0x7F, 0x97, 0x58, 0x65,
0x34, 0x09, 0xD4, 0xEE, 0x5A, 0x26, 0x4B, 0x83,
0x4E, 0x60, 0xD6, 0xBB, 0x96, 0x49, 0x9E, 0xBE,
0xB2, 0xB0, 0x6B, 0x0B, 0xA8, 0x74, 0xBF, 0x31,
0xE6, 0x41, 0x39, 0x4C, 0xFA, 0xA6, 0xA2, 0xD3,
0x0D, 0xDB, 0x8F, 0x04, 0x58, 0x76, 0x20, 0x8D,
0x2F, 0x51, 0xDE, 0x15, 0xE2, 0x05, 0xE8, 0xC9,
0x1B, 0x87, 0xEC, 0xEB, 0x05, 0xFF, 0x31, 0x83,
0x27, 0x1B, 0x26, 0x49, 0x66, 0x5D, 0xD3, 0xCC,
0x49, 0xBF, 0xDB, 0x99, 0x8D, 0x53, 0x9D, 0xA8,
0x09, 0x30, 0x55, 0x16, 0xBB, 0xBE, 0x9C, 0x90,
0x60, 0x21, 0x19, 0x1C, 0x52, 0x23, 0xE5, 0x25,
0xA8, 0xFC, 0x36, 0x16, 0xA1, 0x76, 0x5E, 0xC3,
0xF9, 0xC5, 0xDB, 0x53, 0xCC, 0x33, 0x7E, 0x03,
0x9F, 0x18, 0x6A, 0xCF, 0xEA, 0x91, 0x14, 0x8E,
0xE2, 0xA7, 0x9C, 0xCA, 0x36, 0x89, 0xED, 0xB6,
0x2A, 0xAF, 0x28, 0xB5, 0xD7, 0x52, 0xFD, 0xE2,
0x65, 0xEE, 0x52, 0x80, 0xB5, 0x19, 0x72, 0x6C,
0x1C, 0xA9, 0x80, 0x32, 0x95, 0xC6, 0x74, 0xB7,
0xEF, 0xAF, 0xA4, 0xD6, 0x1B, 0x30, 0x6A, 0x79,
0xE3, 0xF6, 0xE7, 0xA8, 0x87, 0xC2, 0xFB, 0x53,
0x5B, 0x3B, 0x0F, 0xB3, 0xD9, 0xEB, 0xC8, 0x76,
0x03, 0xEA, 0xFE, 0xF1, 0x70, 0xC1, 0xF1, 0xD2,
0x8E, 0x99, 0xBB
};
static const byte sig_65[] = {
0xF7, 0x78, 0x9A, 0x45, 0xA3, 0x58, 0x73, 0x30,
0xE7, 0xFC, 0xF7, 0x06, 0x95, 0xF7, 0xF6, 0x96,
0x88, 0xA2, 0xB8, 0xD0, 0xCE, 0x54, 0xF0, 0x90,
0x21, 0x4F, 0x10, 0x9F, 0x56, 0x48, 0x4F, 0x98,
0xC3, 0xAD, 0x1A, 0x53, 0xA5, 0x44, 0x1C, 0x2C,
0xA7, 0x2A, 0x3B, 0x31, 0x91, 0xBC, 0x04, 0x6F,
0x46, 0x37, 0x30, 0x45, 0xB9, 0xE5, 0x40, 0xC7,
0x3D, 0xFE, 0x91, 0xB6, 0x1F, 0x05, 0x88, 0xD6,
0x13, 0x59, 0x3F, 0xCE, 0x1B, 0x00, 0xEE, 0xF1,
0xB2, 0x27, 0x03, 0x4C, 0x6F, 0xD3, 0xB1, 0x8B,
0x3F, 0x22, 0x11, 0x10, 0xFB, 0x34, 0x5A, 0xA7,
0x86, 0x31, 0xB8, 0xB5, 0x9F, 0xBD, 0xFD, 0xCC,
0xDA, 0xE6, 0xA2, 0x4D, 0x25, 0x9D, 0x34, 0xAA,
0xBA, 0xD2, 0x18, 0xB3, 0xAE, 0x4E, 0x77, 0x18,
0x66, 0x53, 0xB8, 0x56, 0x3A, 0xA6, 0x12, 0x0A,
0x0A, 0x53, 0x1A, 0x4E, 0x91, 0x37, 0x30, 0xDC,
0x91, 0x4F, 0xE5, 0xE0, 0x08, 0xBE, 0xCE, 0x68,
0x69, 0xB0, 0x2B, 0x07, 0xFD, 0xC1, 0x62, 0x14,
0x54, 0x0D, 0x31, 0x6C, 0x43, 0xFA, 0x0C, 0x21,
0x1B, 0x41, 0xAC, 0x7E, 0x52, 0x65, 0x67, 0x29,
0xC7, 0x73, 0xE4, 0xC4, 0xB8, 0x8E, 0xD3, 0x11,
0x88, 0x6D, 0xD4, 0xD2, 0x75, 0x41, 0x7D, 0x70,
0x19, 0x66, 0x44, 0xEE, 0xD1, 0x5F, 0xA3, 0x15,
0x06, 0x60, 0x03, 0xE3, 0x09, 0xF8, 0x32, 0xAF,
0x91, 0x26, 0x2C, 0x94, 0x90, 0x11, 0xFC, 0xB0,
0xAD, 0x2C, 0xCE, 0x65, 0xDD, 0x9E, 0xFF, 0x56,
0x7E, 0xE2, 0x9C, 0xC4, 0x0A, 0x6F, 0xE0, 0x66,
0x4E, 0x7D, 0x9F, 0x23, 0x65, 0x68, 0xFC, 0x94,
0x29, 0x5D, 0xBB, 0x34, 0x28, 0x82, 0x33, 0xE8,
0xC5, 0x11, 0xD2, 0x88, 0x15, 0xEC, 0x72, 0x10,
0x32, 0x29, 0x6E, 0x1E, 0xDE, 0xCA, 0x7F, 0x72,
0x6A, 0x6E, 0xB0, 0xF7, 0x6C, 0xC5, 0x82, 0x80,
0x11, 0xC0, 0xE4, 0x01, 0x3C, 0xC7, 0xEE, 0x43,
0x29, 0xB8, 0x1E, 0xCC, 0x0D, 0x52, 0xED, 0x1E,
0x49, 0x1D, 0xD6, 0xD5, 0x5C, 0x52, 0x65, 0x66,
0x5E, 0xD8, 0xAD, 0x21, 0x9B, 0x89, 0x4F, 0x31,
0xC6, 0x8C, 0x61, 0x9A, 0xFC, 0xDB, 0x73, 0x58,
0xE5, 0x55, 0x4C, 0x49, 0x5B, 0x8B, 0x6E, 0x33,
0x25, 0x68, 0x8F, 0xB8, 0xC1, 0xA2, 0x53, 0x31,
0xD5, 0x7B, 0xD3, 0x48, 0xA2, 0x7D, 0x39, 0x09,
0x29, 0xBC, 0x46, 0xA1, 0x49, 0x6A, 0xB3, 0x5B,
0x46, 0xBA, 0x61, 0xB6, 0xB9, 0xD2, 0x3C, 0xD0,
0x63, 0x15, 0xFB, 0x72, 0xC2, 0x47, 0x76, 0x01,
0x61, 0x30, 0xAD, 0xB1, 0xCF, 0x2D, 0xC7, 0x29,
0x59, 0xEA, 0x9C, 0xAD, 0x96, 0xAF, 0x5D, 0xA9,
0x96, 0x12, 0x6C, 0xDD, 0x85, 0xB1, 0x34, 0xCC,
0x92, 0x7A, 0x51, 0xFD, 0x23, 0xF8, 0x47, 0x91,
0xA3, 0xFC, 0xDA, 0x07, 0x7E, 0x15, 0x99, 0x17,
0x48, 0xA0, 0x39, 0x4F, 0x33, 0x4E, 0xB8, 0xBC,
0x48, 0xA9, 0x9A, 0xB9, 0xDF, 0xBB, 0x0F, 0x2A,
0xAD, 0x6F, 0xBE, 0x48, 0x49, 0x61, 0xD3, 0xA4,
0xE8, 0xF8, 0xB2, 0x1A, 0x6A, 0xC0, 0x92, 0xB2,
0x26, 0xD6, 0xE1, 0x19, 0xFA, 0xD4, 0x4D, 0x8E,
0x57, 0x6F, 0xE9, 0x6C, 0x6C, 0xDB, 0x68, 0x40,
0xEA, 0x61, 0x4B, 0xAF, 0xC7, 0x07, 0x86, 0xC5,
0x19, 0xE1, 0xD5, 0xDC, 0x0F, 0x98, 0x44, 0x43,
0xC8, 0xB1, 0xE5, 0x4F, 0x8E, 0xE1, 0x76, 0xD9,
0x8B, 0x2C, 0x70, 0x27, 0xF5, 0x7D, 0x7E, 0x3D,
0xE9, 0xB2, 0xA0, 0xA3, 0x69, 0x11, 0xB8, 0xE4,
0x71, 0x21, 0xDE, 0x0C, 0x07, 0xEB, 0xBA, 0x5D,
0x7B, 0x59, 0x4E, 0xF2, 0x44, 0xC6, 0x83, 0x27,
0xEC, 0x6C, 0x6D, 0x1D, 0xD5, 0x01, 0xF4, 0x83,
0xFE, 0x9B, 0x95, 0x70, 0x59, 0x7E, 0x70, 0xDF,
0x41, 0x3E, 0x7A, 0xF0, 0x38, 0x47, 0xF4, 0x09,
0xED, 0x61, 0xE2, 0x84, 0x6E, 0x6C, 0x64, 0x1E,
0x6A, 0x7F, 0xFA, 0x79, 0xDE, 0x6B, 0xFA, 0x37,
0x3A, 0x06, 0x44, 0xB0, 0x0B, 0xF4, 0x1A, 0x03,
0x49, 0x92, 0xA7, 0x94, 0xDA, 0x17, 0xC8, 0x88,
0x85, 0x23, 0x90, 0x32, 0xC8, 0x51, 0x76, 0x4E,
0x3E, 0x4D, 0xBD, 0xE7, 0xF1, 0x2A, 0x16, 0xC5,
0xA2, 0x63, 0xE9, 0x64, 0xC1, 0xE7, 0xFD, 0xD3,
0xCC, 0xE5, 0x76, 0xDD, 0x6D, 0x56, 0xB1, 0x81,
0x82, 0x84, 0x8B, 0x75, 0x63, 0x64, 0x5D, 0x4E,
0x42, 0xFF, 0x22, 0x74, 0x2A, 0x99, 0x67, 0x85,
0x16, 0x9D, 0x7F, 0x50, 0x3B, 0x48, 0xA7, 0x15,
0x8B, 0x3C, 0xBD, 0x29, 0x93, 0x5E, 0xD3, 0x20,
0x49, 0xBE, 0xA1, 0xAD, 0x95, 0x3E, 0xF7, 0x07,
0x32, 0x7B, 0x77, 0x8B, 0xFD, 0xDD, 0xFC, 0x60,
0x51, 0x1D, 0xA1, 0x13, 0xA3, 0x4F, 0x65, 0x57,
0x12, 0xE4, 0xE5, 0x9D, 0x6C, 0xCE, 0x40, 0x4E,
0x94, 0xAB, 0xA6, 0x1E, 0x81, 0x35, 0x38, 0x8F,
0xC2, 0x1C, 0x8E, 0x41, 0x34, 0x4F, 0x32, 0x4B,
0x01, 0xAC, 0x8C, 0x06, 0x9F, 0x92, 0x57, 0x5D,
0x34, 0xF8, 0x8B, 0xCA, 0x22, 0xCB, 0x30, 0x7E,
0x37, 0x07, 0x00, 0x63, 0x32, 0x02, 0x56, 0xB8,
0xBA, 0xD6, 0xEB, 0x7A, 0x81, 0xAF, 0xE9, 0xA2,
0x54, 0x01, 0x6E, 0x1C, 0x8A, 0x12, 0x50, 0x89,
0xAA, 0xA3, 0xED, 0xE8, 0x4E, 0x5B, 0x6C, 0x2E,
0xCF, 0xAE, 0xFA, 0xA5, 0x2B, 0x9F, 0x57, 0x09,
0x60, 0x2C, 0x06, 0xAE, 0xA4, 0xA0, 0x38, 0x4E,
0x9B, 0x09, 0xE5, 0xB8, 0x81, 0x64, 0xB2, 0x74,
0xEA, 0x32, 0x65, 0xFB, 0x51, 0x52, 0x39, 0x7D,
0xFF, 0x5A, 0x3A, 0x08, 0x61, 0xE2, 0xBC, 0x12,
0xD2, 0x10, 0x92, 0x89, 0x72, 0x97, 0x47, 0xE8,
0x3F, 0xDF, 0x24, 0x3A, 0x1D, 0x17, 0xB9, 0x83,
0x48, 0x37, 0x98, 0x45, 0xA9, 0xE9, 0x55, 0xE2,
0xD6, 0xF9, 0x38, 0xDA, 0xA5, 0x91, 0x8E, 0x2A,
0x14, 0xF9, 0x7B, 0xA2, 0xBE, 0x50, 0x1C, 0xCC,
0xAF, 0xD6, 0x81, 0x91, 0x0F, 0x4A, 0x4F, 0x06,
0x71, 0x5C, 0xE8, 0x40, 0x96, 0xF3, 0x7A, 0x91,
0xDC, 0xCA, 0x2A, 0x8A, 0x4B, 0xE8, 0xDA, 0x79,
0x21, 0xDB, 0xF8, 0xD3, 0xF4, 0xEF, 0xB9, 0x8C,
0x6B, 0x4F, 0x94, 0x0E, 0xCE, 0xF8, 0x32, 0xB5,
0x49, 0xD0, 0x68, 0x94, 0x7C, 0x3D, 0xFB, 0x58,
0x09, 0xCB, 0x7B, 0x06, 0x0A, 0x3A, 0x0E, 0xF3,
0xB2, 0x1C, 0x01, 0x64, 0x50, 0x1D, 0xDE, 0xA7,
0xC9, 0xE5, 0xE7, 0x89, 0x7C, 0x6B, 0x1C, 0x46,
0x34, 0x8B, 0x2C, 0x3E, 0x80, 0x5F, 0x6F, 0x22,
0x87, 0xBA, 0x15, 0x8C, 0xF9, 0x25, 0xA7, 0xBA,
0x7F, 0x08, 0x25, 0x49, 0x89, 0xC8, 0x7D, 0x24,
0x97, 0x9A, 0xD9, 0x86, 0xAA, 0x97, 0xC5, 0x1B,
0x01, 0xF4, 0x5D, 0x4A, 0x1F, 0x24, 0x75, 0x29,
0x91, 0xF0, 0x42, 0x05, 0xEB, 0x55, 0x1F, 0xD0,
0x2D, 0x41, 0x5F, 0x2D, 0xD1, 0xEF, 0xF1, 0x42,
0xB0, 0xD7, 0x04, 0x16, 0xC6, 0xD8, 0x15, 0xEB,
0x91, 0x73, 0x2B, 0x26, 0x8F, 0xB2, 0x0D, 0x08,
0x67, 0x44, 0x2D, 0x71, 0xDE, 0xC0, 0x57, 0xB2,
0x86, 0xCD, 0x93, 0x81, 0x1F, 0xF3, 0xF6, 0x46,
0xEB, 0xD5, 0x65, 0xD5, 0x1D, 0x09, 0xA4, 0x2D,
0x3A, 0xBA, 0xAC, 0x0F, 0x34, 0xCC, 0x81, 0x7B,
0x18, 0x93, 0x8E, 0xCC, 0xBB, 0x1F, 0xEF, 0x05,
0xBD, 0x3C, 0x2B, 0x49, 0x4F, 0xA5, 0x29, 0xED,
0x4C, 0x63, 0x4C, 0x93, 0x25, 0xA4, 0x81, 0x73,
0xF2, 0x0F, 0xFA, 0xC3, 0x2D, 0xC1, 0x01, 0xE6,
0xEE, 0x03, 0xB2, 0xFC, 0xBE, 0xC2, 0x46, 0x8D,
0xBC, 0x8F, 0x76, 0x75, 0x8C, 0x32, 0x15, 0x47,
0x4F, 0x7E, 0xF2, 0x40, 0x65, 0xF7, 0x90, 0x60,
0xAC, 0xA3, 0xC8, 0xD5, 0xD7, 0x4A, 0xF7, 0x0F,
0x48, 0x30, 0x1D, 0xDB, 0x30, 0xC0, 0x5D, 0xB3,
0xEF, 0xA7, 0x26, 0xCF, 0x88, 0x55, 0x59, 0x01,
0x84, 0x12, 0x82, 0xAA, 0x08, 0xF6, 0x66, 0xA6,
0x53, 0x51, 0xA6, 0xA2, 0x4E, 0xED, 0x6B, 0xE2,
0x11, 0x77, 0x31, 0x07, 0xE1, 0x85, 0xE1, 0xB4,
0x88, 0xA2, 0xE4, 0x91, 0xB6, 0xC1, 0x41, 0x52,
0x84, 0x62, 0xA8, 0x64, 0x94, 0xB5, 0x4F, 0xDC,
0xCE, 0xCC, 0xB6, 0xAA, 0x21, 0x25, 0x36, 0x86,
0x69, 0x3A, 0xE7, 0x98, 0xC9, 0xCE, 0x9E, 0x0B,
0xDD, 0xC6, 0xAE, 0x53, 0xD9, 0xB7, 0x06, 0xDC,
0x4F, 0x4D, 0x81, 0xB9, 0xC7, 0x3C, 0x46, 0x1E,
0xCD, 0x70, 0x35, 0xC5, 0x17, 0x2E, 0xFA, 0xE5,
0x60, 0x2C, 0xAF, 0x88, 0xC6, 0x4E, 0x79, 0xE5,
0x32, 0x40, 0x30, 0x55, 0x5D, 0xE2, 0x11, 0xF8,
0x9F, 0xD4, 0x24, 0xC3, 0x38, 0xC3, 0x88, 0x3C,
0x83, 0xCA, 0x94, 0x05, 0xC2, 0xB5, 0xD1, 0x44,
0x5F, 0x7C, 0x98, 0xC4, 0x3E, 0xD3, 0xD2, 0xBE,
0xCB, 0xE2, 0x5F, 0x5F, 0x3F, 0x54, 0x4C, 0xCC,
0x5B, 0x5A, 0xEA, 0xE4, 0x7D, 0xDF, 0x3F, 0xB5,
0x64, 0x9F, 0xF5, 0xD6, 0x1E, 0xAA, 0x02, 0xED,
0xEB, 0xC7, 0x5C, 0xE4, 0x78, 0xBA, 0x00, 0x42,
0x6C, 0xAF, 0x47, 0x4F, 0xA7, 0x9E, 0x5B, 0x08,
0x9E, 0xB1, 0xA8, 0x82, 0xF1, 0x53, 0x54, 0x59,
0x26, 0x95, 0x95, 0x2B, 0xA0, 0xA8, 0xEE, 0x91,
0xE6, 0x49, 0xE3, 0xF2, 0xC3, 0x82, 0x26, 0x4D,
0xAA, 0x30, 0xF6, 0xA6, 0xD2, 0x17, 0xF6, 0x12,
0x9C, 0x19, 0x39, 0xB6, 0xDC, 0xAC, 0xCD, 0xA5,
0xB6, 0x37, 0x32, 0x6E, 0x8A, 0x83, 0x61, 0xC3,
0xB5, 0x6F, 0xCF, 0xFC, 0x48, 0x50, 0x36, 0x86,
0x58, 0x22, 0xB9, 0xBB, 0x87, 0xB4, 0x35, 0x10,
0xBC, 0xDD, 0x55, 0xBC, 0x35, 0x0D, 0xE7, 0xB2,
0xAE, 0x90, 0xA2, 0x1E, 0x9E, 0x19, 0x97, 0x8E,
0xDA, 0x10, 0xDF, 0x66, 0x76, 0x14, 0xA4, 0x4F,
0xE2, 0xA8, 0x4D, 0x16, 0xBE, 0x04, 0x3E, 0xA8,
0x77, 0x36, 0x33, 0xEA, 0x6B, 0xAD, 0xF6, 0x57,
0x10, 0x05, 0x2F, 0x34, 0x1F, 0x65, 0xCB, 0xE9,
0x28, 0xD3, 0x96, 0x2A, 0x5A, 0x2F, 0xE6, 0x4E,
0x46, 0xD6, 0xBF, 0xB8, 0xFD, 0x0D, 0x99, 0x78,
0xF0, 0x42, 0x3C, 0xBD, 0x19, 0x5F, 0x72, 0xF3,
0xCB, 0x19, 0xD7, 0xEF, 0xD9, 0xEB, 0xE3, 0x3C,
0xD2, 0xF5, 0x70, 0x9A, 0x57, 0x80, 0x7D, 0xF9,
0x44, 0xEC, 0xE5, 0x68, 0xAA, 0xCA, 0x43, 0x36,
0x42, 0x20, 0x83, 0xB0, 0x69, 0x7B, 0x6A, 0xA0,
0x05, 0x86, 0xE4, 0xBF, 0x7D, 0xD6, 0x73, 0xA3,
0xD5, 0x96, 0xB8, 0x61, 0x8A, 0xC3, 0xB4, 0x06,
0x17, 0x50, 0xC6, 0xBE, 0x97, 0xCB, 0x53, 0x75,
0x3D, 0x02, 0x39, 0x55, 0x56, 0x07, 0x5A, 0x26,
0xF1, 0x40, 0xB9, 0x3F, 0x57, 0x7D, 0xAD, 0x50,
0x5E, 0x1C, 0xF2, 0xB5, 0x51, 0xA0, 0x4C, 0x98,
0xC7, 0xF0, 0x90, 0x18, 0x31, 0xB3, 0xCA, 0x61,
0xD7, 0x5D, 0xA7, 0x93, 0xAC, 0x72, 0xA4, 0x4C,
0x7A, 0x07, 0xF7, 0xDB, 0xBA, 0xD6, 0x0A, 0x55,
0xF4, 0x9C, 0xBD, 0x79, 0xDE, 0xE4, 0x73, 0x9F,
0xFD, 0x36, 0x77, 0x8E, 0xBD, 0x08, 0xEB, 0xDB,
0x79, 0xEC, 0x07, 0xA1, 0x62, 0x39, 0xC5, 0xB9,
0x21, 0x59, 0x9F, 0xEB, 0xFE, 0xA4, 0x6D, 0xDF,
0x96, 0x6A, 0xA4, 0xA0, 0x15, 0x12, 0xE6, 0x10,
0x94, 0x3F, 0x5D, 0xC5, 0x4B, 0x4C, 0x76, 0xB7,
0x64, 0xB3, 0x80, 0xBF, 0x2F, 0x84, 0xED, 0xE3,
0x21, 0x24, 0x91, 0x2F, 0x54, 0xF7, 0xB6, 0xE2,
0x07, 0xB7, 0x38, 0x1F, 0x67, 0x0F, 0x7A, 0xA0,
0xF3, 0xC3, 0xED, 0x10, 0x15, 0x74, 0x03, 0x84,
0xDD, 0x61, 0xA9, 0x76, 0x5E, 0xE4, 0x69, 0x6E,
0xAC, 0xF8, 0x2E, 0xA4, 0x10, 0x69, 0x18, 0x05,
0xCB, 0x68, 0x89, 0x03, 0x53, 0x5D, 0x70, 0x46,
0x10, 0x0D, 0xCC, 0x2B, 0xA7, 0xD8, 0x30, 0x2A,
0xCB, 0x04, 0x30, 0xD5, 0x06, 0xCC, 0xC1, 0xC0,
0xDD, 0xEA, 0x71, 0x11, 0xA7, 0x6F, 0x45, 0xB4,
0x54, 0xE2, 0x5C, 0xDD, 0xFB, 0x63, 0x9B, 0x3D,
0x66, 0x4C, 0x36, 0xD8, 0x84, 0x35, 0x13, 0xA3,
0xFC, 0xAF, 0x9E, 0x60, 0x57, 0xE9, 0xBC, 0x06,
0x82, 0x37, 0xFE, 0x24, 0x19, 0xA2, 0xD2, 0xD9,
0x0B, 0x4A, 0x1F, 0xC2, 0xA7, 0x1A, 0x14, 0x6D,
0x2B, 0xD0, 0x43, 0x64, 0xC7, 0x9B, 0x8E, 0xBA,
0x8E, 0x3E, 0x88, 0xCE, 0x11, 0xE9, 0x16, 0xE4,
0xA7, 0x52, 0x84, 0x21, 0x32, 0x8C, 0xF5, 0x4F,
0xAA, 0xB2, 0xB1, 0x9F, 0x44, 0x46, 0x87, 0x81,
0xF8, 0xAB, 0x84, 0xB7, 0xDD, 0x97, 0x2F, 0xF5,
0x61, 0x50, 0x71, 0x43, 0x0A, 0x43, 0x74, 0xDA,
0xFC, 0xAE, 0x1E, 0x60, 0x44, 0xAA, 0x98, 0xE9,
0x85, 0x94, 0x1B, 0xA6, 0xB9, 0xDB, 0x8C, 0x02,
0xF5, 0x89, 0x60, 0x3E, 0xEB, 0x8B, 0xE9, 0x0A,
0x70, 0xEF, 0xC0, 0x88, 0xD7, 0x95, 0xE6, 0xDA,
0x1F, 0x1F, 0x2E, 0x6E, 0xCE, 0xDD, 0x03, 0x1D,
0x81, 0x99, 0xE6, 0x59, 0x12, 0xD4, 0x34, 0xD0,
0x9B, 0xFB, 0xE5, 0x94, 0x40, 0x6D, 0xC1, 0x15,
0x0E, 0x99, 0x35, 0x8C, 0xEA, 0x7F, 0xAD, 0x2E,
0x7C, 0x44, 0xC3, 0x8B, 0x6E, 0x0C, 0xEE, 0xAB,
0x9B, 0xDE, 0x0D, 0xB9, 0x7B, 0xCF, 0x5A, 0xC9,
0x94, 0x10, 0xC9, 0x47, 0x0E, 0x26, 0x6B, 0x8B,
0xE4, 0x5F, 0x66, 0x90, 0x83, 0x1F, 0x41, 0x45,
0xE2, 0x63, 0x79, 0xDB, 0x80, 0x7C, 0x26, 0xDD,
0xF9, 0x1E, 0x30, 0x9D, 0x4F, 0x4A, 0x3E, 0x7E,
0xCA, 0xB7, 0x36, 0x2F, 0x15, 0xD2, 0x0E, 0xA4,
0x33, 0xB7, 0xE7, 0x0A, 0x7D, 0xDE, 0x74, 0x16,
0xCE, 0xA8, 0x71, 0x49, 0x8B, 0x2C, 0xE3, 0xF5,
0x8D, 0x29, 0xD8, 0x62, 0x8C, 0x53, 0x18, 0x40,
0xF0, 0x22, 0xDD, 0x3B, 0xD2, 0xF3, 0x80, 0x9B,
0x11, 0x68, 0xD3, 0x8E, 0x63, 0xC7, 0xF6, 0x93,
0x08, 0xA3, 0x1A, 0x2D, 0x4D, 0x5E, 0xEB, 0x97,
0x42, 0x39, 0xB3, 0x4A, 0x62, 0xBC, 0x85, 0xE4,
0xEC, 0xF9, 0x0C, 0x33, 0x6A, 0x0C, 0x37, 0xBD,
0x9E, 0x0E, 0xF4, 0x26, 0x6B, 0x83, 0x5A, 0xC8,
0x90, 0x6A, 0x83, 0xCF, 0x0B, 0x35, 0x13, 0x8A,
0x65, 0xE5, 0xD9, 0xA6, 0x1F, 0xCC, 0x9B, 0x2D,
0x5A, 0x33, 0x7B, 0x8A, 0xBE, 0xF8, 0x8A, 0x7F,
0xB3, 0xC0, 0x94, 0x5D, 0x7C, 0xAF, 0x35, 0x61,
0x1A, 0xE0, 0xE4, 0x46, 0x93, 0xA5, 0xBC, 0xE0,
0xA6, 0xE2, 0xFE, 0xCA, 0xE9, 0xBD, 0xF4, 0xE3,
0x56, 0xD6, 0x53, 0x6B, 0x58, 0x1A, 0x18, 0xF0,
0x3A, 0x59, 0x16, 0x4E, 0xD5, 0x44, 0x7C, 0x7E,
0xC8, 0xBD, 0x99, 0x7B, 0xE9, 0x53, 0xDE, 0xD9,
0x32, 0x53, 0x5B, 0x5F, 0x43, 0x8A, 0x04, 0x31,
0x9F, 0x5E, 0x0D, 0x8B, 0x0F, 0xEB, 0xC8, 0xDE,
0x81, 0x46, 0x65, 0x8E, 0x52, 0xB9, 0x75, 0x9C,
0x73, 0x93, 0x5B, 0x12, 0x0D, 0xC9, 0xB8, 0x54,
0xF3, 0xC8, 0xF9, 0x4E, 0xC9, 0x33, 0x90, 0x57,
0xD7, 0xD7, 0xCD, 0x91, 0xF7, 0xE0, 0xB9, 0x8D,
0x84, 0xEC, 0x7B, 0x2F, 0x92, 0x32, 0x8D, 0x73,
0x60, 0x18, 0xB0, 0x31, 0x65, 0xA8, 0x74, 0x5F,
0x8E, 0x77, 0xEB, 0x80, 0x29, 0xF9, 0x78, 0x26,
0x70, 0xCB, 0xD8, 0x6B, 0x43, 0x16, 0xC7, 0xBE,
0x4A, 0x88, 0x03, 0x38, 0xBA, 0xCF, 0xB0, 0x15,
0x69, 0x9B, 0xF3, 0x0D, 0x3A, 0x4B, 0x05, 0x32,
0x54, 0x35, 0xBA, 0x5F, 0xA3, 0xB9, 0xD2, 0xB2,
0xFE, 0x0B, 0x51, 0x9C, 0x2C, 0xB2, 0x46, 0xE5,
0x3D, 0x1A, 0x34, 0x3D, 0x66, 0x1A, 0x66, 0x14,
0x3C, 0x6F, 0x46, 0x8C, 0x55, 0x38, 0x64, 0x5C,
0xC2, 0x6D, 0x4E, 0x2A, 0x87, 0x03, 0xEC, 0x9B,
0x10, 0xFC, 0x89, 0xBE, 0x6F, 0x85, 0x99, 0x97,
0x70, 0x8F, 0x31, 0x19, 0x4F, 0x0D, 0xFE, 0xE9,
0x29, 0x98, 0xB2, 0x5E, 0x93, 0xB9, 0x70, 0x70,
0xDE, 0x14, 0x40, 0x9D, 0x5B, 0xA4, 0x3D, 0xF8,
0x8D, 0x15, 0xC2, 0xFB, 0xA9, 0x7B, 0xDD, 0xE6,
0x18, 0xCC, 0x3F, 0xC0, 0x42, 0xF7, 0x74, 0x81,
0x84, 0xBA, 0x9E, 0xC9, 0xCB, 0xA1, 0xB2, 0x00,
0x68, 0x81, 0xD0, 0x51, 0x42, 0x64, 0x19, 0x8F,
0xB6, 0x91, 0xC5, 0xC0, 0x38, 0xE0, 0x49, 0x50,
0xCF, 0x69, 0x09, 0x93, 0x77, 0xFE, 0x66, 0xBA,
0x64, 0xE2, 0x19, 0x52, 0xA4, 0x45, 0x81, 0x71,
0x96, 0x64, 0xF5, 0xD9, 0x23, 0x97, 0xD2, 0x2A,
0xA7, 0x03, 0x2B, 0xF5, 0x89, 0xAF, 0x8A, 0xCA,
0x48, 0xDF, 0x6D, 0x14, 0xEB, 0x43, 0xCE, 0xF0,
0xA9, 0xC8, 0xA8, 0xF9, 0xAD, 0x32, 0x95, 0x25,
0xEF, 0x0A, 0xAA, 0x4F, 0x9E, 0x09, 0xC3, 0x51,
0x3C, 0xF0, 0x29, 0xF3, 0xDE, 0xFC, 0xBB, 0x41,
0x14, 0xFA, 0x0F, 0x66, 0x8D, 0xB4, 0x72, 0x2F,
0xCC, 0xD9, 0xC2, 0x07, 0xB6, 0x6F, 0x10, 0x9E,
0xD9, 0x5B, 0x45, 0x4B, 0xB6, 0x19, 0x5D, 0x59,
0xC4, 0xA6, 0x78, 0xBA, 0x6F, 0x5A, 0x9B, 0x23,
0x41, 0x21, 0xAD, 0x05, 0x16, 0xA1, 0xD4, 0x12,
0x3D, 0x38, 0x26, 0xD9, 0x2A, 0x61, 0xB3, 0x5D,
0xEB, 0x29, 0x5B, 0xAA, 0x2F, 0xE1, 0xB5, 0xEE,
0x25, 0x02, 0x1D, 0xAE, 0xF8, 0x57, 0xB5, 0xDF,
0x19, 0x2E, 0x17, 0x5E, 0x3A, 0x2A, 0x0D, 0x3F,
0x08, 0x2F, 0x21, 0x1C, 0xB5, 0xBD, 0xC2, 0x36,
0x27, 0x4F, 0x86, 0xC5, 0xDC, 0x74, 0xC3, 0x9B,
0xE9, 0x7C, 0xCF, 0x5F, 0x57, 0x94, 0xEB, 0x64,
0xEC, 0x64, 0x55, 0x45, 0x21, 0x0F, 0xC6, 0x67,
0xD1, 0xE0, 0x74, 0x0E, 0x66, 0xCB, 0xED, 0xC2,
0x06, 0x48, 0xCA, 0x1F, 0xA7, 0x34, 0x14, 0x59,
0x6B, 0xA0, 0x89, 0x17, 0xA1, 0x9A, 0x46, 0x3A,
0xD3, 0x02, 0x7C, 0x81, 0x83, 0x6B, 0x8F, 0x4F,
0x02, 0xB9, 0x9F, 0xC5, 0x08, 0x3F, 0x06, 0xF3,
0x4B, 0xD2, 0x30, 0x9C, 0x23, 0x42, 0xAD, 0x88,
0xA8, 0x4F, 0xA9, 0x6E, 0x20, 0x7C, 0x01, 0x08,
0xF6, 0x82, 0x54, 0x14, 0x94, 0x4F, 0x26, 0x4E,
0xD6, 0xC4, 0x66, 0x7C, 0x78, 0x8D, 0x61, 0xA6,
0xBC, 0x2C, 0x45, 0x6A, 0xF6, 0x6C, 0x2F, 0x76,
0x9E, 0x16, 0x90, 0x17, 0x06, 0x91, 0x2C, 0xC9,
0x0D, 0x4B, 0x6C, 0x90, 0xDC, 0xA1, 0x6C, 0xAC,
0x8F, 0xFE, 0xD8, 0x39, 0x70, 0x20, 0xE2, 0x97,
0x5E, 0x24, 0xFF, 0x4C, 0x80, 0x7C, 0x8A, 0xB7,
0x31, 0xC8, 0x1D, 0x36, 0xCA, 0x84, 0xC9, 0x12,
0x1A, 0x85, 0x13, 0xE0, 0xC9, 0xD0, 0xF4, 0x1B,
0xC6, 0x8F, 0x88, 0xEA, 0xCA, 0xA3, 0x55, 0x99,
0xFA, 0xE3, 0xBB, 0xA6, 0xFC, 0xC6, 0x52, 0x8D,
0x47, 0xE4, 0x0C, 0x07, 0x64, 0xCF, 0x9C, 0x83,
0x83, 0xB3, 0xA4, 0x45, 0x15, 0xE6, 0x1D, 0x92,
0xCD, 0xAE, 0xC9, 0xCB, 0x90, 0x82, 0xB5, 0xA0,
0xC0, 0x37, 0x94, 0x60, 0xD9, 0x17, 0x9A, 0x7D,
0x9D, 0xF2, 0x9E, 0x0B, 0x4B, 0x6A, 0x41, 0x18,
0x28, 0x52, 0x15, 0xE8, 0x7B, 0x6F, 0x11, 0x8E,
0x97, 0x31, 0xE4, 0x66, 0xFB, 0x3F, 0xEB, 0xD1,
0x95, 0xE1, 0x44, 0xFD, 0x20, 0x37, 0xD1, 0x16,
0x62, 0x75, 0x79, 0xAC, 0x55, 0xFE, 0xD5, 0xE3,
0x25, 0x85, 0xEC, 0x66, 0x38, 0xA0, 0xDF, 0xBE,
0x6E, 0xD6, 0xC5, 0x87, 0x6C, 0xF8, 0x11, 0x4C,
0x90, 0x2A, 0xEF, 0xA3, 0x63, 0xF4, 0xC9, 0xB7,
0x2E, 0x7D, 0x5C, 0x85, 0x2D, 0xCC, 0x1A, 0xF2,
0xB8, 0x85, 0x2A, 0x9D, 0x0F, 0x99, 0x59, 0x38,
0x86, 0x50, 0x84, 0xCE, 0x52, 0x13, 0xB3, 0x08,
0xA9, 0xCB, 0x37, 0xF6, 0x81, 0x96, 0x0D, 0x84,
0xEF, 0xE1, 0xDF, 0x51, 0x34, 0xA5, 0x91, 0x5A,
0xE5, 0x87, 0x8B, 0x10, 0xDA, 0x0F, 0xD4, 0xD9,
0xAC, 0x2A, 0xEF, 0x0C, 0x7E, 0x01, 0xC2, 0xE9,
0xE7, 0xC0, 0x17, 0xE7, 0xBA, 0x74, 0x0C, 0xEE,
0x1A, 0x89, 0x94, 0x59, 0xBB, 0x75, 0x03, 0x3E,
0xEA, 0xF3, 0x19, 0x0D, 0x67, 0x79, 0xED, 0x9E,
0xDD, 0x84, 0x6A, 0x74, 0xE3, 0x21, 0x52, 0x8C,
0x03, 0x08, 0x4A, 0x5D, 0x30, 0x87, 0x48, 0x39,
0x71, 0x8A, 0x53, 0x54, 0x9B, 0x2E, 0xC6, 0xB2,
0xB7, 0x30, 0xAA, 0x93, 0x5C, 0xA6, 0xE1, 0xC4,
0xFD, 0x8B, 0xE0, 0x35, 0x7D, 0x93, 0xF6, 0x21,
0x74, 0xEE, 0xED, 0xF8, 0xDA, 0xB7, 0x75, 0x5B,
0x46, 0x65, 0x7E, 0x59, 0xD7, 0xAA, 0x00, 0xB9,
0xF2, 0xF8, 0x5E, 0x4C, 0x0F, 0x77, 0xFA, 0x11,
0xA5, 0xD6, 0x9A, 0x23, 0xB1, 0xEF, 0x3A, 0x09,
0xF2, 0x19, 0xD8, 0x3B, 0x1F, 0x39, 0x1F, 0x84,
0x13, 0x18, 0xEE, 0xF3, 0x5A, 0x32, 0x63, 0x67,
0xBF, 0xA2, 0xB1, 0x5F, 0xD7, 0x14, 0x03, 0x20,
0x92, 0xB9, 0xD0, 0x2B, 0xF6, 0x13, 0xAF, 0xF7,
0x69, 0x6F, 0xAD, 0xF1, 0xDE, 0x2C, 0x81, 0x70,
0x77, 0xCB, 0x7C, 0x99, 0x67, 0x76, 0xD6, 0x9E,
0xC2, 0x41, 0xA2, 0x42, 0x54, 0xDA, 0x2D, 0x13,
0x98, 0x76, 0x91, 0xEA, 0xC7, 0xEB, 0xA8, 0xCD,
0x8D, 0xCF, 0xB3, 0x94, 0x7B, 0x1D, 0x99, 0xED,
0xF9, 0x62, 0xD2, 0x15, 0xB3, 0x18, 0xBB, 0x5F,
0x9A, 0xA0, 0x4D, 0x1C, 0x82, 0x62, 0x6A, 0x41,
0x73, 0xD0, 0x2D, 0x41, 0x0C, 0x58, 0x6B, 0xCA,
0x4E, 0x51, 0xCA, 0x4F, 0x3E, 0x15, 0x1B, 0x54,
0xF1, 0x7A, 0x6B, 0xC9, 0x67, 0x76, 0x09, 0xBB,
0xAF, 0x6C, 0x30, 0x38, 0xA6, 0x7C, 0xAD, 0xA6,
0x6B, 0x4F, 0xDF, 0xB5, 0x10, 0x29, 0xE0, 0x78,
0x07, 0xD7, 0x05, 0x96, 0x9D, 0x96, 0xC9, 0xAB,
0xFB, 0x71, 0x62, 0xE4, 0x58, 0x10, 0xA1, 0xDC,
0x4B, 0x56, 0xDA, 0x14, 0x77, 0xED, 0x90, 0x0A,
0x89, 0xCC, 0xAC, 0x29, 0x8E, 0x17, 0x88, 0x42,
0x69, 0xC3, 0x9E, 0x8D, 0x7A, 0xB9, 0x66, 0xF3,
0x3D, 0xDA, 0xDB, 0xE5, 0x6A, 0x38, 0x4C, 0xA2,
0x0A, 0x7B, 0x18, 0x99, 0xEC, 0x18, 0xE2, 0xAE,
0x54, 0x70, 0x00, 0xB9, 0x04, 0xE3, 0x4E, 0x46,
0x80, 0x1D, 0x85, 0x74, 0xDB, 0x00, 0x84, 0x17,
0xBC, 0xFD, 0xD1, 0xA7, 0x4D, 0xC0, 0x18, 0xE5,
0x07, 0xB7, 0x6B, 0x0F, 0xA0, 0x86, 0x26, 0x23,
0x5B, 0x1C, 0xE2, 0x4B, 0xCF, 0xC3, 0x20, 0xFA,
0xE3, 0x55, 0x1C, 0x1C, 0x92, 0x9B, 0x94, 0xC7,
0xC4, 0x96, 0x53, 0x41, 0x82, 0x9D, 0x8A, 0x13,
0x47, 0xD6, 0xA7, 0x38, 0x58, 0x03, 0xB0, 0x8B,
0xCD, 0xA8, 0x4A, 0x27, 0xEA, 0x5E, 0x49, 0xCA,
0x1E, 0x60, 0x06, 0xEA, 0x23, 0x2A, 0x53, 0xEE,
0x41, 0x7E, 0xC8, 0x81, 0xD3, 0x32, 0x8A, 0x15,
0x63, 0x82, 0xA6, 0xB2, 0x93, 0x89, 0x4D, 0xDF,
0x9B, 0x36, 0x9C, 0xDE, 0x6B, 0x2F, 0xF5, 0x9C,
0xB6, 0xA5, 0x64, 0xE2, 0x1C, 0x92, 0x79, 0xEC,
0xA0, 0x31, 0x1F, 0x5D, 0x80, 0xCE, 0x39, 0xB9,
0x8B, 0xF9, 0x0D, 0xB3, 0x27, 0xF7, 0x4D, 0x3F,
0x76, 0x2D, 0x11, 0x7D, 0xF5, 0xF9, 0x13, 0x20,
0x84, 0xFF, 0xB5, 0x55, 0xA5, 0xD1, 0x47, 0x22,
0x1A, 0xF8, 0x63, 0xAB, 0xF7, 0x87, 0x15, 0xB7,
0x21, 0x94, 0x52, 0x9A, 0x0E, 0x33, 0x4D, 0x4A,
0x19, 0x1D, 0x42, 0xA9, 0x9B, 0xEA, 0x52, 0xAD,
0xA2, 0xC7, 0xCC, 0x4A, 0x97, 0x74, 0xD5, 0xCB,
0x28, 0xD4, 0xED, 0x82, 0xB6, 0x1F, 0x94, 0xE8,
0x9F, 0x60, 0xF0, 0xC8, 0xEA, 0x52, 0xDC, 0x07,
0x9D, 0x46, 0x58, 0xBF, 0x8C, 0x85, 0x6D, 0x61,
0x52, 0xD9, 0x22, 0x51, 0x94, 0x8B, 0x3B, 0xA0,
0x14, 0xD8, 0xBA, 0xF3, 0xDC, 0xD3, 0x6B, 0xC7,
0x1F, 0x8E, 0x5B, 0x2C, 0xE6, 0xF5, 0x35, 0xB7,
0xB9, 0xAE, 0x13, 0xDA, 0x4A, 0x1E, 0xAF, 0xFC,
0x25, 0x3B, 0xE4, 0x3A, 0x9F, 0x60, 0x8E, 0xAC,
0xE7, 0x33, 0xCF, 0xCE, 0x52, 0xEA, 0x5C, 0xDA,
0x83, 0x59, 0xDB, 0x53, 0xFF, 0x3A, 0xF2, 0xCE,
0xFE, 0x87, 0x79, 0xBC, 0xC5, 0x3C, 0x24, 0xA4,
0xB1, 0x8D, 0x5E, 0x0D, 0x78, 0x1B, 0xEC, 0xF7,
0x5B, 0x54, 0x77, 0x47, 0x3A, 0x20, 0x24, 0xAD,
0x56, 0xC5, 0x4A, 0x7F, 0x99, 0x0E, 0xF6, 0xB1,
0xDF, 0xAC, 0x50, 0x10, 0x88, 0x50, 0x9D, 0x3A,
0x37, 0xF1, 0xC8, 0xD5, 0xC2, 0x64, 0x87, 0xE4,
0x20, 0xB7, 0xF4, 0x35, 0x8E, 0x92, 0x69, 0x76,
0x1F, 0xF1, 0xFA, 0x3A, 0xFC, 0xBE, 0xCA, 0xEB,
0x68, 0xF5, 0xDD, 0xDE, 0x3A, 0xA8, 0xFD, 0x07,
0x8C, 0xC4, 0x22, 0x4C, 0xEA, 0x67, 0x13, 0x2D,
0x7E, 0xBF, 0x5D, 0x23, 0x2E, 0x43, 0xBA, 0xDD,
0x21, 0x8C, 0x0B, 0x4D, 0xBE, 0x1E, 0x16, 0x52,
0x98, 0x66, 0xB9, 0xAB, 0x93, 0x58, 0x85, 0xAC,
0xB4, 0x15, 0xFB, 0xB1, 0xEE, 0xE6, 0x94, 0x08,
0xA5, 0x21, 0xB4, 0x62, 0xEC, 0x59, 0xCD, 0x0D,
0x3C, 0x54, 0x96, 0xD9, 0x85, 0xAE, 0xB0, 0xCE,
0x37, 0x4F, 0x67, 0x72, 0xA4, 0xE6, 0x39, 0x3A,
0x4E, 0xF0, 0x07, 0x43, 0x80, 0x90, 0xA8, 0xA9,
0xE5, 0x2D, 0x2F, 0x55, 0x66, 0x6D, 0x70, 0xF0,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04,
0x08, 0x0E, 0x12, 0x19, 0x20
};
#endif
#ifndef WOLFSSL_NO_ML_DSA_87
static const byte pk_87[] = {
0x2D, 0x1E, 0x6B, 0xED, 0x84, 0x52, 0xEB, 0xF1,
0x26, 0xED, 0xE7, 0x0C, 0xA0, 0xA2, 0xB5, 0x0D,
0x03, 0x34, 0x2D, 0x5B, 0x13, 0xB2, 0xAE, 0x21,
0x0F, 0x45, 0x62, 0xA3, 0xBF, 0x67, 0x0C, 0xB1,
0x5C, 0xE9, 0x25, 0xFD, 0x22, 0xF2, 0x62, 0x42,
0xBA, 0xE3, 0x10, 0xB3, 0xAA, 0x41, 0x3B, 0x6E,
0x78, 0xD4, 0x42, 0xD9, 0x35, 0xD1, 0x72, 0x8A,
0x32, 0x48, 0xCC, 0x20, 0x5C, 0xCD, 0x8D, 0x3F,
0xD8, 0x34, 0x95, 0x55, 0x20, 0xCD, 0xFB, 0x2C,
0x73, 0xE9, 0x0E, 0x60, 0x8B, 0x2C, 0x3F, 0xA8,
0xB7, 0xD1, 0x79, 0xFD, 0xDC, 0xC8, 0x81, 0x11,
0xC9, 0xE8, 0x41, 0x71, 0xE9, 0x70, 0x9B, 0x53,
0x59, 0x33, 0xE4, 0x92, 0xB6, 0x81, 0x9C, 0x6A,
0x92, 0xED, 0xA2, 0x5A, 0xC4, 0x07, 0x77, 0x1A,
0x8F, 0xED, 0xB4, 0xE7, 0x11, 0xFB, 0x89, 0xEB,
0x7B, 0xDF, 0xCC, 0xEA, 0xC5, 0x3B, 0x4E, 0xF4,
0x6B, 0x6F, 0xBE, 0xE1, 0x32, 0xA9, 0xD7, 0xAD,
0xB4, 0x36, 0xE7, 0x4A, 0x6D, 0x67, 0x11, 0x83,
0xAF, 0x31, 0x1A, 0x7A, 0x31, 0x42, 0x9B, 0x01,
0x21, 0x17, 0x52, 0x75, 0x85, 0xF7, 0x92, 0x0F,
0x34, 0x8A, 0x69, 0x11, 0x88, 0x5A, 0x02, 0x08,
0xB6, 0x6D, 0xE3, 0x07, 0x93, 0xB1, 0x3F, 0xE1,
0xD5, 0x7B, 0xD9, 0x51, 0xF7, 0xAA, 0xC0, 0x34,
0x9A, 0x78, 0x5D, 0x26, 0xDB, 0xF1, 0xF0, 0xA9,
0x1E, 0x5C, 0x9F, 0x4F, 0xA7, 0x43, 0x5C, 0x44,
0xA9, 0x43, 0xF1, 0x38, 0x11, 0x45, 0xED, 0xEB,
0x1C, 0x8A, 0x05, 0xEE, 0xFF, 0xAB, 0x20, 0x2C,
0xF6, 0x2C, 0xEE, 0x77, 0x42, 0x36, 0x3E, 0xE6,
0x9D, 0x8E, 0x45, 0x0F, 0xF6, 0x7C, 0x39, 0x62,
0xD6, 0xFF, 0x97, 0xBC, 0x3D, 0x02, 0xD6, 0xDF,
0x4A, 0x35, 0xDA, 0x3F, 0x89, 0xA4, 0x88, 0x33,
0xCD, 0xF2, 0x90, 0xF0, 0xE9, 0x37, 0x2F, 0x65,
0xA5, 0x88, 0x65, 0xFD, 0x40, 0x44, 0xAD, 0x09,
0x09, 0x92, 0xAA, 0x15, 0x9E, 0xEE, 0xF7, 0x2B,
0x0D, 0xA7, 0xCB, 0x3A, 0x5E, 0x0A, 0xED, 0xD6,
0x7D, 0x82, 0x8B, 0xBA, 0xCF, 0xE5, 0x9E, 0xE4,
0x62, 0xAB, 0x69, 0x6B, 0xBA, 0xD0, 0xE5, 0xA9,
0xBB, 0x1F, 0x5A, 0x51, 0xE0, 0xFA, 0x5D, 0xD4,
0x4D, 0x8E, 0xC0, 0xDC, 0x43, 0x06, 0xDF, 0x23,
0x67, 0xB2, 0x4A, 0xA2, 0xFB, 0x75, 0x2F, 0x82,
0xD8, 0x44, 0xE4, 0xC0, 0xCE, 0x15, 0x9E, 0x3F,
0xD6, 0xB4, 0x70, 0x5F, 0x3B, 0xD0, 0x56, 0x3E,
0x0A, 0x7A, 0x4B, 0x94, 0xBF, 0xBA, 0x01, 0x2B,
0x9C, 0x8B, 0x91, 0x35, 0xF2, 0xDB, 0x4C, 0x8C,
0x8D, 0xD6, 0xEE, 0xC8, 0x65, 0x8D, 0xF3, 0x05,
0x59, 0xBE, 0x3A, 0x17, 0xA7, 0x72, 0x10, 0x56,
0x14, 0xEF, 0xB8, 0xC1, 0xBE, 0x18, 0x11, 0x0B,
0xE6, 0x70, 0xF8, 0x39, 0xA5, 0x72, 0x7D, 0xF9,
0x47, 0xFB, 0xAC, 0xFD, 0x1F, 0xC3, 0x71, 0x33,
0x58, 0x44, 0x15, 0xD3, 0x7C, 0x93, 0x2E, 0x70,
0x92, 0xFA, 0xBB, 0xF2, 0xD0, 0x9D, 0x25, 0xC4,
0xCF, 0x4A, 0xB8, 0xEC, 0xBE, 0x5D, 0x8B, 0x7F,
0xA4, 0x7C, 0xAB, 0xAD, 0xE7, 0x1E, 0x93, 0x83,
0x92, 0x86, 0x1E, 0x8D, 0x15, 0xA4, 0x1C, 0x5B,
0x42, 0x25, 0xDA, 0x3D, 0x16, 0xD3, 0x93, 0xF2,
0x85, 0x50, 0x86, 0x0A, 0x86, 0x35, 0x6B, 0x14,
0xAB, 0x5F, 0x22, 0xD0, 0xCF, 0x03, 0x7C, 0xEB,
0xB4, 0x0E, 0xAC, 0x87, 0xA2, 0x41, 0x42, 0xA0,
0x21, 0x93, 0x00, 0xB6, 0x47, 0x6F, 0x96, 0xD0,
0x41, 0xD1, 0xC3, 0x0E, 0x3C, 0x52, 0xD2, 0x45,
0xAB, 0x6A, 0xE7, 0xA1, 0xE5, 0xFD, 0x73, 0xC5,
0x82, 0x9D, 0x60, 0x62, 0x8B, 0x6D, 0x87, 0xFC,
0x88, 0x9C, 0x3E, 0xEF, 0xAE, 0xAA, 0xB6, 0x1C,
0x18, 0xEE, 0xD7, 0x51, 0x1A, 0x96, 0xC4, 0x93,
0x25, 0x05, 0xD3, 0x83, 0x3D, 0xD8, 0x33, 0x16,
0x14, 0x44, 0x88, 0xE2, 0xAF, 0xC4, 0xEC, 0x59,
0x18, 0x12, 0xB9, 0x99, 0xC1, 0xC9, 0x5F, 0x31,
0x79, 0x00, 0x03, 0xF6, 0xC9, 0x55, 0x14, 0xAA,
0x29, 0x08, 0x78, 0x24, 0xAF, 0x1D, 0x99, 0x12,
0x36, 0xD9, 0x4A, 0xD9, 0x50, 0xEF, 0x66, 0xFC,
0x7F, 0xF4, 0xBC, 0x3B, 0xA0, 0xF6, 0xFD, 0xF2,
0x62, 0xCA, 0xA5, 0x9D, 0x2B, 0x55, 0xB8, 0x33,
0xBC, 0xA6, 0x7A, 0xA5, 0x1E, 0xE1, 0x14, 0x5F,
0x94, 0xE2, 0xDC, 0xF0, 0x5B, 0xBD, 0x43, 0x07,
0xD8, 0xB1, 0xE0, 0x81, 0x3F, 0x84, 0x54, 0x90,
0xBF, 0x23, 0x59, 0x92, 0x3C, 0xA5, 0x98, 0xAB,
0x7D, 0x99, 0xD2, 0xF0, 0xED, 0x8E, 0x0B, 0xC9,
0x9F, 0xAF, 0xB0, 0x13, 0xED, 0xC7, 0xDD, 0xB8,
0x61, 0x72, 0x07, 0x3D, 0xCC, 0x35, 0x73, 0xA0,
0xCF, 0x0C, 0xD9, 0x7E, 0x93, 0xDC, 0x63, 0xB8,
0x82, 0xEC, 0xF4, 0x30, 0xCE, 0x43, 0x92, 0xEA,
0x5E, 0xD8, 0xC8, 0xA1, 0xEC, 0x79, 0xDC, 0xAE,
0x64, 0xD4, 0x33, 0xEB, 0x53, 0x8C, 0xFC, 0x49,
0x79, 0xBF, 0x7A, 0x28, 0x65, 0x1E, 0x8C, 0xD5,
0x21, 0xB0, 0x8E, 0xCA, 0xAD, 0xF8, 0x96, 0x9A,
0x98, 0x10, 0x00, 0x35, 0x6D, 0x58, 0x9A, 0xEF,
0x84, 0x84, 0x86, 0x72, 0xBA, 0xCD, 0x38, 0x66,
0x96, 0x9B, 0xC2, 0x83, 0xB0, 0x65, 0xC1, 0xAB,
0xCF, 0x63, 0x8C, 0x2D, 0xC3, 0x42, 0xB2, 0x7D,
0xF6, 0xB8, 0xF0, 0x3D, 0x26, 0x21, 0x8F, 0xAE,
0x4E, 0x96, 0xF2, 0x55, 0x66, 0xBC, 0x6F, 0xED,
0xE7, 0x19, 0xD3, 0x8D, 0xC0, 0xCD, 0x55, 0x20,
0x5F, 0x10, 0xCA, 0xDA, 0x09, 0xED, 0x91, 0x4A,
0x43, 0x33, 0xD3, 0x82, 0x11, 0x5C, 0x2F, 0x5D,
0xEC, 0xCD, 0x54, 0xF9, 0x6C, 0xE4, 0xE5, 0xF2,
0x68, 0xBC, 0xE9, 0x27, 0xB2, 0x1D, 0xCA, 0xB5,
0xCD, 0x04, 0x01, 0x1E, 0x92, 0xF5, 0xF6, 0x01,
0x86, 0x2B, 0x20, 0x20, 0x9B, 0xB0, 0xF9, 0x56,
0xD9, 0x33, 0xD5, 0x0A, 0xEC, 0x1B, 0xF4, 0xCE,
0xD2, 0xB2, 0xC2, 0xD4, 0x3F, 0x9A, 0x25, 0x76,
0x8E, 0x29, 0x87, 0x52, 0x64, 0x86, 0x4A, 0xA5,
0x7B, 0x5A, 0x91, 0x72, 0x6E, 0xBE, 0x6D, 0x73,
0x0A, 0x8D, 0x89, 0x53, 0x82, 0x33, 0x70, 0x44,
0x20, 0xBE, 0xE0, 0xB0, 0x1B, 0x76, 0x30, 0x43,
0xA5, 0x5B, 0x8F, 0xAB, 0x7E, 0xB8, 0x61, 0x5F,
0x43, 0x70, 0x1B, 0x1A, 0x71, 0x61, 0x56, 0xF9,
0x13, 0x31, 0x2A, 0x64, 0x33, 0x14, 0x00, 0x98,
0x72, 0xEC, 0x32, 0x88, 0x09, 0xFB, 0x64, 0x46,
0x3D, 0x56, 0x02, 0xD9, 0x76, 0xD3, 0xAA, 0x90,
0x0F, 0xBD, 0xF0, 0xF9, 0x96, 0x43, 0x7B, 0x62,
0x19, 0x26, 0x22, 0x6A, 0x93, 0x91, 0xEC, 0x07,
0x34, 0xF5, 0x22, 0x32, 0xB3, 0x65, 0x66, 0xE0,
0x6B, 0x11, 0x7F, 0x97, 0x9F, 0x1A, 0x89, 0x46,
0xCE, 0x8F, 0xBD, 0xFD, 0x2F, 0xCC, 0x3D, 0xBF,
0xF2, 0x83, 0xA4, 0x30, 0xE1, 0x02, 0x72, 0xF8,
0x74, 0xE6, 0x21, 0x96, 0x77, 0xE1, 0x57, 0x8A,
0xF7, 0x9E, 0xB3, 0x31, 0xAF, 0xD8, 0xC5, 0xD7,
0x20, 0xDC, 0xFD, 0xCF, 0x79, 0x06, 0x0F, 0x1F,
0xE5, 0x84, 0x3D, 0x0B, 0x9C, 0xB3, 0xC7, 0xAB,
0xB8, 0xF1, 0xC0, 0xD0, 0xB5, 0xC7, 0x01, 0xE2,
0x0E, 0x3B, 0xAF, 0x7E, 0xAC, 0x44, 0x5A, 0x75,
0x50, 0x0A, 0x76, 0x1C, 0x13, 0xDB, 0x25, 0xD4,
0x0D, 0x19, 0x75, 0x4C, 0x02, 0xD9, 0xF3, 0xDF,
0x6D, 0xBB, 0xCF, 0x47, 0xA6, 0xAE, 0xF6, 0xD1,
0xFB, 0xF4, 0xB4, 0x55, 0xD3, 0xA5, 0x87, 0xA1,
0x55, 0xFB, 0xBF, 0xCD, 0xF6, 0xA1, 0x64, 0x57,
0x12, 0x75, 0x9A, 0x11, 0xA3, 0xCE, 0x42, 0x70,
0x84, 0x54, 0x93, 0x12, 0xE1, 0x3A, 0x0F, 0xFA,
0xCA, 0xF2, 0x25, 0x91, 0xF1, 0x4D, 0x8F, 0x84,
0xB1, 0xB5, 0x35, 0xAC, 0xE9, 0x81, 0x77, 0x34,
0x4D, 0x6F, 0x5D, 0x14, 0x9D, 0xB9, 0xE1, 0xF0,
0x3F, 0x3C, 0xE7, 0xAD, 0x48, 0xE6, 0x8C, 0x51,
0x86, 0xF4, 0x4A, 0xB4, 0xD0, 0x98, 0xEC, 0x3A,
0x4E, 0xAB, 0x58, 0x2F, 0x08, 0x9E, 0x5A, 0x9D,
0x45, 0x30, 0xB0, 0x85, 0xDF, 0x4A, 0xE7, 0x92,
0xC6, 0xC8, 0x18, 0x93, 0x08, 0xCE, 0x9A, 0x8C,
0xE2, 0x91, 0x8D, 0x91, 0x57, 0x7B, 0x37, 0xC8,
0x80, 0xA2, 0x31, 0x10, 0x0D, 0x4E, 0xEF, 0x51,
0x07, 0x94, 0x8E, 0xF8, 0x3C, 0x3C, 0x2E, 0xD5,
0x03, 0x26, 0xB8, 0x72, 0x7F, 0xB9, 0xBC, 0xD7,
0x95, 0xC4, 0x31, 0x08, 0xEC, 0x6F, 0xEE, 0x11,
0xAF, 0xC0, 0xA2, 0xEC, 0xD7, 0xC8, 0x0B, 0xBE,
0x15, 0xAE, 0xC9, 0x17, 0xBE, 0x37, 0xE2, 0x40,
0x83, 0x65, 0xDE, 0xB3, 0x4E, 0xB4, 0x15, 0xB3,
0x5C, 0x14, 0xF6, 0x5F, 0xA9, 0x1F, 0x70, 0xB5,
0x23, 0x93, 0x78, 0xB9, 0x47, 0xF9, 0x1D, 0x2B,
0x1E, 0x8D, 0xB1, 0x25, 0x7E, 0xE5, 0x85, 0x3C,
0x16, 0x9F, 0xD0, 0xC2, 0x67, 0x8B, 0x0D, 0xD2,
0x72, 0x4E, 0x74, 0x30, 0xE1, 0xAF, 0xB8, 0x66,
0xCB, 0x53, 0xDF, 0xC4, 0xFB, 0xA5, 0x6D, 0x03,
0xF2, 0xAE, 0xEE, 0x90, 0xFE, 0xD7, 0x30, 0xAF,
0x33, 0x98, 0x09, 0xEB, 0x75, 0xC7, 0x3E, 0xC8,
0x2F, 0xE7, 0x22, 0x5F, 0x2F, 0x0A, 0xBD, 0xA4,
0x22, 0x88, 0x28, 0x19, 0x35, 0x83, 0x12, 0x86,
0xEE, 0x72, 0xB4, 0x26, 0x89, 0x2F, 0xC7, 0x11,
0x6E, 0xDD, 0x14, 0x98, 0x22, 0xE7, 0x73, 0x3E,
0xFA, 0x46, 0x75, 0xF9, 0x40, 0xC1, 0x84, 0x22,
0xBC, 0x75, 0x36, 0xC7, 0x82, 0xD3, 0xAE, 0x6E,
0x0D, 0xBF, 0x6F, 0xC3, 0x4B, 0x67, 0x49, 0x19,
0xF3, 0x4B, 0x12, 0xF2, 0x83, 0xFD, 0x39, 0x56,
0x44, 0x05, 0x3A, 0x24, 0x6A, 0x35, 0x69, 0x12,
0xCF, 0xE4, 0x93, 0xFE, 0x26, 0xCC, 0xD6, 0x01,
0xA0, 0x4A, 0x84, 0xA8, 0x1D, 0x85, 0xE6, 0x83,
0x0F, 0x3C, 0xE6, 0x6D, 0xD2, 0xCB, 0xB1, 0x14,
0x8C, 0xEC, 0x10, 0xB3, 0x63, 0x4B, 0x9C, 0xF5,
0x11, 0xE0, 0xF9, 0x86, 0x6F, 0xA7, 0xC0, 0x3B,
0x9D, 0x25, 0xD7, 0x54, 0xCA, 0x40, 0x4D, 0x26,
0xBA, 0x71, 0x8E, 0x25, 0xF5, 0xA7, 0xE3, 0x9B,
0x25, 0x20, 0x7F, 0x29, 0x05, 0xB6, 0x27, 0x14,
0x17, 0x67, 0x26, 0x10, 0xAD, 0xA3, 0x06, 0x03,
0xFE, 0x82, 0x85, 0x5D, 0x01, 0x04, 0x4D, 0xE0,
0x64, 0x38, 0x38, 0x5E, 0x83, 0x1E, 0x21, 0x9A,
0x39, 0x02, 0xF8, 0xF9, 0x69, 0x85, 0x52, 0xE5,
0xEC, 0x6A, 0xAC, 0x96, 0x86, 0xA7, 0x88, 0x69,
0xB5, 0xB5, 0x7E, 0x03, 0x1D, 0xA9, 0x68, 0xCA,
0x45, 0x0F, 0xF9, 0x14, 0xD6, 0x7B, 0xCF, 0x9C,
0x03, 0x6F, 0xD1, 0xD9, 0x6F, 0x01, 0x3D, 0xF8,
0xF3, 0x11, 0xF3, 0x29, 0x17, 0x90, 0xE8, 0x9B,
0xED, 0x58, 0x9B, 0xF0, 0xBC, 0xC7, 0xBA, 0xF4,
0x60, 0xC8, 0xAA, 0x30, 0xB4, 0x2F, 0x22, 0x8F,
0xD3, 0xAC, 0x18, 0xC2, 0xB7, 0xC4, 0x7B, 0x31,
0x9E, 0x0F, 0x7E, 0x9D, 0xBF, 0xD4, 0x63, 0xC2,
0x8B, 0x1B, 0x58, 0x50, 0x33, 0x53, 0x6D, 0x79,
0xBB, 0xF8, 0x0D, 0x91, 0x33, 0xD9, 0x07, 0xE7,
0xB0, 0x81, 0xD4, 0xB4, 0x47, 0x61, 0x93, 0xF0,
0xFB, 0x68, 0xBC, 0x1B, 0x41, 0xC2, 0xF5, 0x43,
0x30, 0x7E, 0x76, 0xF9, 0xB1, 0xA3, 0xD6, 0xD4,
0x26, 0xEA, 0x77, 0x75, 0x12, 0x7A, 0xC8, 0x30,
0x9B, 0xCF, 0x45, 0xBE, 0x74, 0x7D, 0x8A, 0x8B,
0xEC, 0xED, 0x11, 0xE6, 0xA1, 0xD1, 0xB8, 0xF1,
0x90, 0xAD, 0x6D, 0x6A, 0xC6, 0x54, 0xE9, 0xDB,
0xAD, 0x4C, 0x97, 0x39, 0xC8, 0xD8, 0x44, 0xA9,
0x1A, 0x37, 0x16, 0x7E, 0x68, 0x45, 0x0C, 0xBB,
0x10, 0xF4, 0xAE, 0x8E, 0x2B, 0x69, 0xFA, 0x95,
0x3E, 0xA5, 0xC9, 0x91, 0xD3, 0xF1, 0xA3, 0x89,
0x3F, 0x90, 0x86, 0x93, 0x1B, 0xF1, 0xA0, 0x89,
0xC7, 0xF2, 0x23, 0x57, 0xD4, 0x8E, 0x2F, 0xD5,
0x71, 0xCD, 0x36, 0xF1, 0x90, 0xB3, 0x98, 0x3E,
0x19, 0xEA, 0xC8, 0x0F, 0x12, 0x9D, 0xBF, 0x58,
0xED, 0xDC, 0x6B, 0x9A, 0x79, 0x84, 0xFC, 0xF0,
0x4C, 0xC3, 0xB4, 0x0D, 0xB8, 0x7A, 0x8D, 0xAD,
0x75, 0x40, 0xD5, 0xD5, 0xDE, 0xC8, 0xCA, 0x39,
0x3E, 0x45, 0xE4, 0xBC, 0xF4, 0x33, 0xEA, 0x64,
0xE1, 0x5E, 0x94, 0x42, 0x91, 0xAB, 0xBC, 0x42,
0x2A, 0xB3, 0xD0, 0x60, 0x23, 0xCE, 0x57, 0x8E,
0xFF, 0xAD, 0xA2, 0x2B, 0x64, 0xD9, 0x94, 0xA0,
0x80, 0x0F, 0x8E, 0x50, 0x17, 0x08, 0x1D, 0x16,
0xCF, 0x51, 0xD0, 0xB9, 0x28, 0xB6, 0x59, 0xEF,
0x78, 0xCC, 0xC9, 0x96, 0xF9, 0xCA, 0x87, 0x7A,
0xEE, 0xD9, 0x15, 0x5E, 0xDF, 0x5D, 0xBC, 0xC2,
0x58, 0xE6, 0x04, 0xEE, 0x17, 0xDC, 0xB3, 0xF9,
0x90, 0xF9, 0x88, 0x32, 0x9E, 0xA1, 0xDB, 0x1C,
0x38, 0x56, 0x53, 0x90, 0x30, 0x69, 0x2E, 0x52,
0x00, 0x2C, 0xF3, 0x0F, 0xD5, 0x80, 0x2E, 0x02,
0x5B, 0x99, 0xBF, 0xCD, 0x11, 0x12, 0x64, 0x5B,
0x56, 0xC6, 0x0A, 0xE6, 0x38, 0xE7, 0x4D, 0x21,
0xE5, 0x98, 0x78, 0x9D, 0xE6, 0xCB, 0x60, 0xB4,
0x2E, 0xE4, 0x98, 0x56, 0xCB, 0xAD, 0xE6, 0xDD,
0x53, 0xF4, 0xC5, 0x67, 0xA2, 0x9F, 0xA0, 0x5C,
0x7C, 0xFB, 0x24, 0x5A, 0xA7, 0x72, 0xD0, 0xE7,
0x63, 0xF2, 0x5D, 0xBF, 0xD8, 0xE9, 0xF1, 0x6B,
0xB4, 0x29, 0xA6, 0x28, 0xE6, 0x93, 0xD3, 0x87,
0xB6, 0xD9, 0x3C, 0x39, 0x8D, 0xEA, 0x28, 0xC0,
0x96, 0x3D, 0xF5, 0xC2, 0x3C, 0x29, 0xF2, 0x80,
0x21, 0x8A, 0x03, 0x9D, 0x64, 0xF8, 0xBA, 0x81,
0xC1, 0xDD, 0xA2, 0x88, 0x2A, 0x84, 0x2E, 0x3C,
0xB5, 0x03, 0x95, 0xED, 0xAA, 0x6E, 0xE2, 0x6F,
0x5E, 0x99, 0x3C, 0x63, 0xEE, 0xB8, 0x4F, 0x66,
0x32, 0x77, 0x42, 0x23, 0x36, 0x29, 0x89, 0xB0,
0xED, 0x5F, 0xF2, 0x5A, 0x65, 0x66, 0x3F, 0xD2,
0x8B, 0x48, 0x68, 0x65, 0xDC, 0xE0, 0xB0, 0xC2,
0x72, 0x73, 0xF1, 0xA4, 0xC6, 0x56, 0x2C, 0x5D,
0xD8, 0xC6, 0x5C, 0x41, 0xCE, 0x30, 0x89, 0x59,
0xA9, 0xD6, 0x45, 0x96, 0xD0, 0x8E, 0x7B, 0x25,
0xE0, 0x13, 0xFB, 0xFE, 0x7C, 0xEA, 0xF3, 0x67,
0x0D, 0xB2, 0x9A, 0x21, 0x3C, 0xCE, 0x99, 0x75,
0xA9, 0x13, 0xCE, 0xF4, 0x23, 0x6E, 0x64, 0x00,
0x30, 0x87, 0x70, 0x9C, 0xAD, 0x61, 0x81, 0x71,
0x0E, 0x95, 0x19, 0x26, 0xCA, 0x55, 0x29, 0x71,
0x99, 0xA6, 0x08, 0xAE, 0x54, 0x58, 0x75, 0xCD,
0xC3, 0x8F, 0xE3, 0x83, 0xC1, 0x45, 0x62, 0xB4,
0x8D, 0xCA, 0x66, 0x02, 0xEA, 0x34, 0x05, 0x5D,
0x98, 0x3F, 0x38, 0xE6, 0x1C, 0xCE, 0x53, 0x1A,
0xD9, 0x3F, 0x58, 0xEC, 0x16, 0x28, 0x45, 0xF5,
0x38, 0xCE, 0x48, 0x43, 0x87, 0x1D, 0x3C, 0x4A,
0xDF, 0x05, 0xF3, 0x5E, 0x29, 0x7E, 0xA6, 0x2E,
0xFC, 0xDD, 0x5E, 0xF9, 0x40, 0x1B, 0xA0, 0x42,
0xA2, 0x35, 0x15, 0x0A, 0x09, 0xD9, 0x47, 0x4A,
0x3F, 0xB0, 0x3A, 0xAA, 0x19, 0xE7, 0xE3, 0x7A,
0x22, 0x8D, 0x5F, 0x5B, 0x07, 0x41, 0x4C, 0x3D,
0xA2, 0xAD, 0x2E, 0x5C, 0x75, 0xEC, 0xF0, 0x4C,
0x11, 0x2B, 0x90, 0x76, 0x9E, 0x19, 0x96, 0x0E,
0x97, 0x5E, 0x8D, 0x19, 0x17, 0xB3, 0xBF, 0xDA,
0x84, 0xFD, 0xC6, 0xD2, 0x32, 0x6F, 0xB8, 0xA3,
0xB0, 0x0F, 0x95, 0xD9, 0xC5, 0x26, 0x50, 0x11,
0x15, 0x72, 0xBE, 0xC2, 0x1B, 0x12, 0x12, 0x7C,
0xA5, 0x70, 0xD8, 0xA9, 0x8A, 0xB9, 0x77, 0xEB,
0xD8, 0xD7, 0x9A, 0x59, 0x37, 0x5E, 0xE1, 0x4F,
0x64, 0xB5, 0xB0, 0x4F, 0xD9, 0x69, 0xFE, 0xB0,
0x3D, 0x0A, 0xF7, 0x34, 0x89, 0xE3, 0xBA, 0xEF,
0xE7, 0xC7, 0xBC, 0x8D, 0xC7, 0xE8, 0x54, 0x83,
0xEE, 0x62, 0xF0, 0x23, 0x98, 0x58, 0x0F, 0x83,
0xB9, 0x6D, 0xD8, 0x44, 0x77, 0xB9, 0xC4, 0x8F,
0x0B, 0xB3, 0x9F, 0x54, 0x06, 0xA3, 0x70, 0x36,
0xD6, 0xF3, 0x6E, 0x2B, 0x1B, 0x6B, 0x53, 0xFE,
0x6F, 0xF6, 0x1C, 0x32, 0x7B, 0x29, 0xD4, 0xE0,
0x5D, 0xD2, 0xB8, 0x11, 0x74, 0xC6, 0x0B, 0x59,
0xC7, 0x9C, 0xB1, 0x97, 0x6B, 0xC0, 0x6E, 0x7A,
0xC3, 0x4D, 0xF3, 0xE3, 0x8F, 0x7D, 0x2C, 0x1C,
0x0E, 0x31, 0x51, 0xB7, 0x14, 0x7A, 0xB8, 0x31,
0x77, 0x47, 0x70, 0x14, 0x3B, 0x92, 0x7B, 0x5F,
0xEC, 0x5D, 0xF7, 0x76, 0xC1, 0xD7, 0x2D, 0xB6,
0xBC, 0x99, 0x81, 0xD6, 0x58, 0x67, 0x71, 0x3C,
0xF2, 0x97, 0xC8, 0xB0, 0xF1, 0xE9, 0x8D, 0x0E,
0x16, 0xF0, 0xCC, 0x22, 0x7A, 0x39, 0xE4, 0x7E,
0x50, 0xBA, 0x01, 0x16, 0x15, 0x6D, 0x5B, 0x54,
0x67, 0x53, 0x66, 0x04, 0xBE, 0x05, 0xCC, 0x2E,
0xF4, 0x0A, 0xBC, 0xE8, 0x52, 0xF1, 0x5D, 0xFA,
0x2C, 0xAC, 0xF8, 0x6A, 0x78, 0x9E, 0x5B, 0x7B,
0x0E, 0x5B, 0xB4, 0xB7, 0x77, 0xCD, 0x7C, 0xC9,
0xF6, 0x54, 0x77, 0x9B, 0x10, 0x2F, 0x78, 0xB5,
0xAA, 0x4B, 0x94, 0xC3, 0xB4, 0xFD, 0xE5, 0x5F,
0xA7, 0xF7, 0xBF, 0x54, 0xAC, 0x22, 0x5E, 0x1F,
0x26, 0x16, 0x5B, 0x65, 0xF1, 0x6D, 0x03, 0x21,
0x66, 0x9F, 0xD9, 0xF6, 0xE4, 0x7F, 0xCA, 0x1D,
0xD3, 0x47, 0x09, 0x6D, 0xF5, 0xDD, 0xA8, 0x64,
0x66, 0xA5, 0x7C, 0x5B, 0x06, 0x8D, 0x9C, 0x67,
0xB7, 0x32, 0x03, 0x66, 0xEA, 0x19, 0xC8, 0x99,
0x3F, 0xF9, 0x0B, 0xD8, 0xFB, 0x06, 0x93, 0xFB,
0xA3, 0x70, 0xE6, 0x6D, 0x2B, 0x20, 0x3B, 0x99,
0x70, 0x11, 0xB0, 0xD1, 0x5B, 0x94, 0xE2, 0x8B,
0xAA, 0x2E, 0xBF, 0x01, 0x77, 0x4F, 0x7A, 0xE7,
0x8F, 0x84, 0xED, 0xBD, 0xAD, 0x9F, 0x65, 0xA4,
0x50, 0x42, 0x7A, 0x47, 0x74, 0xC6, 0x0C, 0xC8,
0x9A, 0x02, 0x0B, 0x37, 0xDA, 0x21, 0xC7, 0x91,
0xDA, 0xC8, 0xF7, 0xA7, 0x45, 0x7E, 0x30, 0xD0,
0x8B, 0x01, 0x37, 0x51, 0x60, 0x03, 0x9C, 0x30,
0x1B, 0x60, 0x51, 0xA9, 0x65, 0xE8, 0xA7, 0xCC,
0xA2, 0xAE, 0xF9, 0x3B, 0xD5, 0x2F, 0x82, 0xC0,
0x20, 0xBE, 0xCE, 0x90, 0xA1, 0x29, 0x02, 0x4E,
0xFE, 0xA4, 0xB2, 0xFA, 0x21, 0x27, 0x0F, 0x8E,
0xB5, 0xED, 0x6A, 0xAA, 0xE5, 0x59, 0x29, 0xAA,
0xC5, 0x99, 0xA5, 0x77, 0x97, 0x29, 0x57, 0x66,
0x0C, 0xC4, 0x7A, 0xC4, 0xE3, 0xCE, 0x77, 0x2B,
0xBF, 0x10, 0x05, 0x2D, 0xE7, 0xED, 0xB1, 0xB8,
0xA4, 0x49, 0x41, 0xF8, 0x84, 0xC9, 0xF8, 0xBE,
0x13, 0x17, 0x46, 0x69, 0x94, 0x56, 0x29, 0xF4,
0x6D, 0xE2, 0x46, 0x74, 0x44, 0xF3, 0x10, 0x6A,
0x73, 0xFA, 0x27, 0x9C, 0xF0, 0x2A, 0x80, 0x0A,
0x04, 0x7E, 0x20, 0xBD, 0x4D, 0x82, 0x0B, 0x38,
0x9C, 0x3B, 0xB6, 0xA8, 0x68, 0xA5, 0x38, 0x4C,
0xF5, 0x72, 0x4C, 0x20, 0x4C, 0xEF, 0xB1, 0xA6,
0xA1, 0xBE, 0xB9, 0x72, 0x3E, 0x36, 0xDD, 0xDD,
0xD9, 0xC7, 0x07, 0xC8, 0xF6, 0x3E, 0x8B, 0xC2,
0x66, 0x83, 0xCC, 0x8B, 0x43, 0xC7, 0xDF, 0xDA,
0xA4, 0x08, 0xAC, 0x4D, 0xD2, 0xBA, 0x9A, 0xEC,
0xBC, 0x3B, 0x6D, 0xDA, 0xED, 0xCE, 0x09, 0x4A,
0xAB, 0x58, 0xFF, 0x73, 0x2B, 0x19, 0x66, 0x38,
0xD8, 0xB8, 0xEF, 0xC4, 0x28, 0xBB, 0xA9, 0x61,
0x57, 0x93, 0xC4, 0xDD, 0x9F, 0x00, 0xF9, 0x0D,
0x62, 0xC6, 0x76, 0xD1, 0x27, 0xA0, 0xE1, 0x8C,
0x14, 0xC6, 0xEE, 0x9C, 0x99, 0x05, 0x10, 0xB0,
0x54, 0xAD, 0xB4, 0xB4, 0x17, 0x0A, 0xC7, 0x12,
0x7F, 0x93, 0x17, 0x5C, 0x1E, 0xB2, 0x25, 0x12
};
static const byte msg_87[] = {
0x14, 0x42, 0x63, 0x34, 0x94, 0x09, 0x60, 0x77,
0x3B, 0xFF, 0x65, 0xF0, 0x8D, 0x1D, 0xE4, 0x89,
0xC4, 0xC3, 0xED, 0x36
};
static const byte sig_87[] = {
0x13, 0xE8, 0x99, 0xEE, 0xDC, 0xCC, 0x0F, 0xBA,
0x62, 0x91, 0x44, 0xE4, 0xAC, 0x06, 0x79, 0x06,
0xB5, 0x32, 0x6B, 0x8F, 0x9A, 0x6C, 0xCB, 0xAB,
0xE1, 0x44, 0x4A, 0xDD, 0x46, 0x45, 0x16, 0x0D,
0x22, 0x57, 0x82, 0x87, 0x10, 0xD1, 0xEE, 0x10,
0x60, 0x21, 0xB5, 0x64, 0x1E, 0x78, 0x81, 0x55,
0x75, 0xD4, 0xF0, 0x95, 0xD0, 0x15, 0xD8, 0x46,
0x5C, 0x92, 0xD2, 0xDD, 0xF4, 0xAB, 0xDF, 0xBE,
0xB1, 0x1E, 0xE5, 0xE0, 0x70, 0xE6, 0xDA, 0x52,
0xE5, 0x48, 0xDC, 0x04, 0xFD, 0xEF, 0x54, 0x72,
0xE7, 0xE5, 0xF1, 0x82, 0x10, 0xAA, 0xCB, 0xA0,
0x4F, 0x4F, 0x18, 0xAE, 0x66, 0x86, 0xB9, 0xAF,
0x96, 0x57, 0xE3, 0x8E, 0x3B, 0x9B, 0xDD, 0xB4,
0xAA, 0x84, 0xE6, 0x7B, 0x4D, 0x81, 0x92, 0xD0,
0x03, 0x87, 0x3D, 0xD3, 0xEE, 0xE7, 0x47, 0x00,
0xFB, 0xD8, 0x1E, 0x38, 0x1C, 0x21, 0x98, 0xB7,
0xCC, 0xC1, 0x37, 0xC1, 0x71, 0xB2, 0x2F, 0x93,
0x53, 0x41, 0x9C, 0x48, 0xC1, 0x4B, 0x8D, 0x63,
0x0F, 0x99, 0x63, 0x40, 0x27, 0x5F, 0x6E, 0x60,
0x4B, 0x95, 0xC4, 0x35, 0x20, 0x8A, 0xED, 0x2B,
0xCA, 0x1B, 0x41, 0x9F, 0x83, 0x63, 0xF0, 0x95,
0x0E, 0x24, 0x0D, 0x6F, 0x9E, 0xAB, 0x11, 0x8E,
0x4B, 0xD3, 0xDA, 0x0E, 0xC3, 0xA2, 0xBE, 0x26,
0xA8, 0xA0, 0x98, 0x57, 0x71, 0x3C, 0x36, 0xDD,
0x69, 0xC3, 0x4E, 0xDD, 0x2C, 0x61, 0x9E, 0x88,
0x26, 0x70, 0x71, 0xCF, 0x9E, 0xE5, 0xA6, 0x0C,
0xA3, 0x14, 0x2D, 0xF1, 0x63, 0xF0, 0x1D, 0x8D,
0x79, 0x6A, 0xC8, 0x50, 0xCF, 0xF3, 0x66, 0x60,
0x78, 0xB3, 0x18, 0xFB, 0x5B, 0xD1, 0x73, 0x60,
0xC8, 0x76, 0xC9, 0xC9, 0x0D, 0x8A, 0x7F, 0x41,
0x2C, 0x8A, 0x31, 0x61, 0x6B, 0xE7, 0xA3, 0x74,
0x58, 0x71, 0x54, 0x84, 0x86, 0x71, 0x5C, 0x94,
0x26, 0x3A, 0x17, 0xB3, 0x6C, 0xA4, 0x99, 0x25,
0x45, 0x0C, 0x57, 0x8A, 0xD9, 0xD4, 0xB1, 0xC2,
0x00, 0x43, 0xF4, 0x5E, 0x84, 0x31, 0x99, 0x4F,
0xA6, 0xD2, 0x6A, 0x14, 0x1B, 0xAD, 0x9E, 0x49,
0x6E, 0x00, 0x9E, 0x91, 0x46, 0x16, 0xCA, 0x57,
0x0C, 0x09, 0xF6, 0x38, 0xD0, 0x62, 0xBE, 0xC6,
0x87, 0x33, 0x3A, 0xC7, 0x28, 0x38, 0x34, 0x53,
0x7E, 0xFB, 0x60, 0x42, 0xF3, 0x7D, 0x83, 0xF7,
0x29, 0x5D, 0xEA, 0x30, 0xD5, 0x00, 0x90, 0xB6,
0x38, 0x4C, 0x17, 0x29, 0xEF, 0x17, 0xA0, 0xD5,
0x87, 0x50, 0xC0, 0x03, 0x75, 0x14, 0xE5, 0xE1,
0x22, 0x78, 0x53, 0xBC, 0x5A, 0xA3, 0x1E, 0x95,
0xBE, 0xEC, 0x37, 0xB1, 0x51, 0x82, 0x69, 0x26,
0x2E, 0xA3, 0x5A, 0xDA, 0x4F, 0xDA, 0x77, 0x62,
0x7E, 0xED, 0xDA, 0xAF, 0x57, 0x97, 0x1B, 0xA3,
0x6D, 0x46, 0x7B, 0x19, 0xA9, 0x0B, 0x99, 0x1C,
0xD2, 0x55, 0xDB, 0x79, 0xB0, 0x15, 0x48, 0x86,
0x52, 0x30, 0x31, 0xD6, 0xC5, 0xB1, 0xAE, 0x8F,
0xCF, 0x9A, 0x43, 0x10, 0xBB, 0xC8, 0x19, 0x74,
0x84, 0xB2, 0x92, 0x3B, 0xFE, 0x0B, 0x12, 0x15,
0xA1, 0xC4, 0xD8, 0xC6, 0x83, 0x90, 0x89, 0x8A,
0xD5, 0x3E, 0x33, 0x69, 0xB7, 0x05, 0x3F, 0xB1,
0x8B, 0x0D, 0x87, 0x40, 0x70, 0x90, 0x2A, 0x5D,
0x3B, 0x3D, 0x91, 0xD8, 0x1D, 0x4D, 0xF1, 0x08,
0x7E, 0xF7, 0xDC, 0x05, 0x84, 0xEB, 0xDC, 0x63,
0xD7, 0xBA, 0x3C, 0x0D, 0x31, 0xF8, 0x6D, 0xA6,
0xC0, 0xFD, 0x08, 0x11, 0x5C, 0x53, 0xF6, 0xAE,
0xFE, 0xC0, 0x82, 0x9A, 0x68, 0xD2, 0xA3, 0x44,
0x2E, 0xEE, 0x47, 0x36, 0x70, 0x2D, 0x66, 0x81,
0x0D, 0x62, 0x30, 0x8A, 0x8C, 0xC8, 0x2A, 0xA6,
0x21, 0x82, 0xF5, 0x98, 0xF4, 0x4E, 0x25, 0x37,
0x11, 0xB5, 0xD6, 0x07, 0x88, 0xBD, 0x0D, 0x69,
0x0E, 0xF9, 0x8F, 0x9A, 0xD5, 0x93, 0xE0, 0x3C,
0xEF, 0x38, 0xB9, 0xC9, 0x77, 0x98, 0x3F, 0x69,
0x11, 0xBA, 0x1A, 0xB9, 0xF7, 0x35, 0xE9, 0x28,
0xCD, 0xA3, 0x8C, 0x03, 0xE6, 0xAD, 0x83, 0x62,
0xF4, 0x60, 0xAE, 0x4C, 0xD0, 0xF4, 0x6E, 0x00,
0xEE, 0xEC, 0x74, 0xB6, 0x12, 0x34, 0x98, 0xAB,
0x31, 0xE7, 0xA7, 0x9D, 0x33, 0x4D, 0x72, 0xA7,
0xA7, 0xEE, 0xF3, 0xB5, 0x51, 0xE7, 0x8D, 0x31,
0xBC, 0x2C, 0xAF, 0xFB, 0x13, 0x9C, 0xAC, 0xA4,
0xD7, 0x9C, 0x8B, 0xBD, 0x52, 0xBD, 0x78, 0xF4,
0x90, 0x65, 0x09, 0xBE, 0x42, 0xE7, 0x76, 0x3A,
0xE6, 0xAC, 0xB8, 0x98, 0x28, 0x5E, 0xC9, 0x32,
0x3E, 0x68, 0x67, 0x6A, 0x8C, 0xC7, 0x4A, 0x58,
0xC8, 0xDA, 0x8B, 0xE9, 0x11, 0xED, 0x6F, 0x51,
0x3B, 0x66, 0x08, 0x70, 0x73, 0x10, 0xFB, 0x45,
0xCB, 0xD9, 0x7D, 0x5F, 0xF0, 0xD2, 0xAB, 0xA3,
0x6F, 0xCE, 0xF7, 0x3D, 0x46, 0xCB, 0x7F, 0x01,
0xC2, 0xCF, 0xE3, 0x8E, 0x68, 0xE8, 0x4F, 0x4A,
0x30, 0x19, 0x16, 0xD2, 0xF5, 0x10, 0xD8, 0x2B,
0x49, 0x69, 0xBE, 0x7A, 0x0E, 0x9C, 0xC6, 0x0E,
0xFF, 0x5C, 0x0A, 0x87, 0x17, 0xB8, 0x22, 0x83,
0x8C, 0x77, 0xAF, 0x42, 0x06, 0xB1, 0x25, 0x45,
0x08, 0x9B, 0xB2, 0xDD, 0x6A, 0x3F, 0xF0, 0x12,
0xC8, 0x64, 0x15, 0xBB, 0xA0, 0x4F, 0xD7, 0xD4,
0xEC, 0x70, 0x7A, 0xF3, 0xB1, 0x7F, 0x25, 0x57,
0x47, 0x66, 0xF1, 0xE9, 0x27, 0x38, 0xE0, 0x62,
0x10, 0xF4, 0x8A, 0x5E, 0xF2, 0x55, 0x0E, 0xBD,
0xF8, 0x5A, 0x5C, 0xA3, 0x44, 0x97, 0xCF, 0x1D,
0x4D, 0x3A, 0x75, 0x86, 0x48, 0xEC, 0x41, 0x17,
0x24, 0x43, 0x83, 0x5E, 0x50, 0x91, 0xBE, 0x8F,
0x04, 0x78, 0x23, 0xD9, 0x62, 0x0C, 0x2A, 0xD5,
0x1C, 0x96, 0x11, 0xAA, 0xEE, 0x39, 0xB2, 0x1E,
0x6D, 0x6A, 0xEC, 0x87, 0x0C, 0x89, 0x15, 0xE2,
0x66, 0x47, 0x6A, 0x50, 0xEE, 0xCA, 0x59, 0x96,
0x22, 0xF7, 0x09, 0x1A, 0x34, 0xC2, 0x3F, 0x14,
0xB4, 0x04, 0x29, 0xD9, 0x5E, 0x3E, 0xF9, 0x8F,
0xED, 0x3E, 0x74, 0x94, 0x37, 0xF0, 0x4B, 0xB4,
0xA3, 0x37, 0x52, 0x2E, 0x68, 0x09, 0xFC, 0x10,
0x45, 0x03, 0xE2, 0x53, 0xB4, 0x1C, 0x4F, 0x03,
0x01, 0xAF, 0x46, 0x7F, 0x74, 0xD3, 0x31, 0x25,
0xFA, 0x83, 0xEF, 0x71, 0x24, 0x45, 0xA1, 0x71,
0xFA, 0x40, 0xEB, 0xF4, 0xE6, 0x55, 0x3E, 0x45,
0x4A, 0xFE, 0x25, 0x68, 0x02, 0x1D, 0x2B, 0x2A,
0x19, 0x8D, 0xEC, 0x9B, 0xF7, 0x20, 0xF9, 0xD7,
0x2F, 0x81, 0x52, 0x0B, 0xE8, 0x74, 0x66, 0xAF,
0x70, 0xD0, 0x0E, 0x0E, 0x86, 0x0F, 0xF9, 0xAB,
0xD0, 0x39, 0x78, 0xC3, 0xE4, 0x29, 0xB5, 0xAA,
0x17, 0xB9, 0x7F, 0x9A, 0xE9, 0x34, 0x48, 0x85,
0x3D, 0x6E, 0xFD, 0x16, 0x8A, 0x30, 0xC6, 0xCB,
0xE8, 0xDE, 0x2D, 0x28, 0x8D, 0x9A, 0x24, 0xEA,
0x5D, 0x2A, 0x58, 0x23, 0x33, 0x2B, 0x84, 0xFD,
0x2C, 0xE7, 0x93, 0xA2, 0x2B, 0xEC, 0x43, 0x98,
0x48, 0xD4, 0xE6, 0x0F, 0x3B, 0xB9, 0xC7, 0x5D,
0x7E, 0xB0, 0x87, 0x1E, 0x80, 0x3D, 0x61, 0xB0,
0x7E, 0x74, 0x9E, 0xD7, 0x60, 0x72, 0xB2, 0x7C,
0x87, 0xB6, 0x9D, 0x6C, 0x01, 0x42, 0x61, 0xF6,
0x47, 0xAF, 0xA8, 0x8C, 0x4F, 0x1E, 0xC5, 0x5A,
0x75, 0xA5, 0x0F, 0xB4, 0xC7, 0x9D, 0x2C, 0x94,
0xC0, 0x50, 0x3D, 0xB2, 0x0D, 0xFD, 0xF7, 0x1F,
0x62, 0x88, 0x74, 0x18, 0x8C, 0xDD, 0x73, 0x85,
0xC0, 0x33, 0x81, 0xDA, 0xBB, 0x85, 0x4D, 0x4A,
0xA9, 0xF4, 0x7B, 0x66, 0x43, 0x8C, 0x43, 0xFF,
0x53, 0xEF, 0x5E, 0x78, 0xAB, 0x45, 0x0B, 0x45,
0x01, 0x91, 0x27, 0x8A, 0xF6, 0xE2, 0x6A, 0x7B,
0x5E, 0x64, 0x61, 0xF5, 0x77, 0xF9, 0x85, 0x2F,
0x81, 0xC9, 0x02, 0x03, 0xC7, 0x13, 0xF5, 0xB1,
0xF6, 0xC3, 0xEF, 0x55, 0x8C, 0x90, 0x32, 0x51,
0x6D, 0x8D, 0x62, 0xFD, 0x5E, 0x24, 0xE4, 0xF0,
0xF5, 0x07, 0x18, 0xF5, 0x6B, 0x5A, 0x59, 0xA0,
0x09, 0xD5, 0x93, 0x8D, 0xAD, 0x55, 0x91, 0xF6,
0x1F, 0x4C, 0x65, 0x9A, 0x76, 0x05, 0x26, 0xEF,
0x41, 0x20, 0x2F, 0xA7, 0xE5, 0xF6, 0xC7, 0xD5,
0xE0, 0xB0, 0xC0, 0xC4, 0x3B, 0x52, 0x4B, 0x66,
0x71, 0x2C, 0x5A, 0x7C, 0x53, 0xC8, 0x4C, 0x50,
0xB8, 0x3E, 0xB9, 0xC9, 0x8D, 0x2F, 0xD0, 0x84,
0xC9, 0xC5, 0xF2, 0x1F, 0xEE, 0x77, 0x42, 0xE6,
0xEF, 0xC8, 0xCB, 0xBE, 0x57, 0x18, 0xB7, 0x0C,
0x06, 0x2D, 0x82, 0xE2, 0xF9, 0x86, 0xF3, 0x8D,
0xF1, 0xE7, 0x15, 0x89, 0xDC, 0x79, 0x87, 0x24,
0x35, 0x62, 0xA2, 0x31, 0x9D, 0x7C, 0x00, 0xB2,
0x6E, 0x53, 0x1E, 0x93, 0xC3, 0x84, 0x44, 0x61,
0x8C, 0xE7, 0x58, 0x73, 0x4F, 0xDE, 0xCF, 0xD0,
0xC6, 0x85, 0x37, 0x28, 0xC6, 0x10, 0x00, 0x78,
0x4E, 0xDF, 0xFE, 0xD7, 0xB3, 0x30, 0x86, 0xE1,
0x68, 0xD6, 0xCB, 0x63, 0xE3, 0xDA, 0xCA, 0xF3,
0x55, 0x2F, 0x88, 0x5B, 0x47, 0x82, 0x62, 0xDE,
0x5E, 0x1E, 0x63, 0xCE, 0x7A, 0x4C, 0x66, 0x95,
0xD1, 0x19, 0x38, 0x35, 0xE4, 0x5A, 0x67, 0x91,
0x8C, 0x42, 0xD3, 0x9B, 0xF8, 0x80, 0x38, 0x53,
0x30, 0x31, 0x0F, 0x2C, 0x7B, 0xF9, 0x1E, 0x6C,
0x3E, 0x29, 0xB7, 0x81, 0xD0, 0x98, 0x70, 0xC2,
0x6D, 0x76, 0xBD, 0x8A, 0xE2, 0x09, 0xC4, 0x2B,
0xC7, 0x43, 0x2D, 0xBB, 0x4C, 0x16, 0x52, 0x63,
0x57, 0xA5, 0x63, 0x4E, 0xEC, 0xDE, 0x93, 0xC5,
0x1D, 0xD4, 0xD6, 0xF0, 0x06, 0x5B, 0x2E, 0xC5,
0x7A, 0xD3, 0xB5, 0x82, 0x66, 0x53, 0x95, 0x97,
0xC8, 0xF4, 0x2B, 0x55, 0x27, 0x1D, 0x6F, 0x90,
0xE9, 0x86, 0xF6, 0x82, 0x8D, 0x95, 0x9E, 0xE8,
0x00, 0xDB, 0xEB, 0xCF, 0x48, 0x23, 0x6B, 0xA3,
0xDE, 0x25, 0x27, 0xE0, 0xEC, 0xA4, 0xA3, 0xC2,
0xA3, 0x4B, 0xBC, 0xDD, 0x6C, 0xBB, 0x3A, 0x9C,
0x96, 0xDC, 0x3B, 0xE1, 0x10, 0xD3, 0x49, 0x94,
0x66, 0xE2, 0x85, 0x7F, 0xBA, 0x98, 0x12, 0x3A,
0x6D, 0xBA, 0x90, 0x14, 0x87, 0x7E, 0x24, 0xEA,
0xDC, 0xCA, 0x40, 0xF8, 0xAE, 0x94, 0xB2, 0xFE,
0xD2, 0x36, 0xCB, 0xE5, 0xBC, 0xA9, 0xDF, 0xE0,
0xCB, 0xA9, 0xA0, 0xF8, 0x62, 0x41, 0x33, 0x18,
0x59, 0xF9, 0xD6, 0xC0, 0x87, 0xB2, 0x76, 0xDE,
0xC9, 0x35, 0x6F, 0x1F, 0xEF, 0x69, 0xB3, 0x59,
0xF9, 0xFB, 0x38, 0x4A, 0x84, 0x02, 0x2D, 0xEC,
0xB7, 0x01, 0x08, 0xDA, 0xC8, 0xE9, 0x3B, 0xB6,
0xC3, 0x00, 0xC0, 0x34, 0x5F, 0xC6, 0x40, 0xC0,
0x06, 0xEA, 0xEB, 0xC1, 0x51, 0x13, 0x81, 0x2F,
0xB3, 0x7D, 0xD9, 0x6E, 0x2A, 0x06, 0xA4, 0x63,
0xAF, 0xCE, 0x66, 0xC5, 0x9F, 0x8D, 0x71, 0x4A,
0xA1, 0xFF, 0x49, 0x4F, 0x08, 0x6F, 0xB9, 0xEA,
0xDA, 0x18, 0x45, 0x63, 0xCA, 0x9D, 0x88, 0x08,
0xB1, 0x6C, 0x19, 0xA8, 0x24, 0xAD, 0x85, 0x7D,
0xDE, 0x51, 0xE5, 0x08, 0xB7, 0x04, 0x12, 0x35,
0xF3, 0x00, 0xED, 0x2C, 0x79, 0x9C, 0x18, 0x23,
0x05, 0x38, 0x95, 0x76, 0xCF, 0x39, 0x3C, 0xAE,
0xB0, 0xD3, 0xBA, 0x3E, 0x4E, 0xE4, 0xB5, 0x77,
0xA3, 0xE3, 0x7B, 0x27, 0x5F, 0xD8, 0x05, 0x19,
0x42, 0xAE, 0x91, 0x54, 0xE5, 0xBD, 0x7C, 0x35,
0xE0, 0xF8, 0x95, 0x52, 0x3A, 0x29, 0xB0, 0xE6,
0xB7, 0xAE, 0x20, 0xBE, 0x21, 0xDF, 0xF5, 0x67,
0xEC, 0x82, 0x52, 0xFF, 0x5B, 0xD0, 0xAA, 0x14,
0x50, 0x15, 0xE1, 0x1C, 0x6A, 0x1B, 0x94, 0x1B,
0xCC, 0x76, 0x01, 0xBF, 0x03, 0x94, 0x42, 0xF2,
0x00, 0x61, 0x96, 0x58, 0xD9, 0xD0, 0x40, 0x21,
0xFA, 0xCE, 0x6B, 0xAB, 0x5D, 0x49, 0xD8, 0xD7,
0xBC, 0x9A, 0x66, 0xC2, 0xBA, 0x3F, 0xDC, 0x49,
0x0D, 0xA5, 0x5C, 0xB4, 0x67, 0x08, 0x38, 0xEB,
0x2D, 0x07, 0x24, 0x5B, 0xB1, 0x22, 0x7B, 0x02,
0x4A, 0x8A, 0x53, 0x38, 0xE9, 0x42, 0x8E, 0xA5,
0x57, 0x41, 0xD6, 0x71, 0xA7, 0x9D, 0x6A, 0x14,
0xD2, 0x7D, 0x13, 0xFB, 0x59, 0xD0, 0xDA, 0xE5,
0x23, 0x9E, 0x1B, 0xC4, 0x21, 0x87, 0xBB, 0x78,
0xE0, 0x38, 0x01, 0x1D, 0xA0, 0xD1, 0x36, 0x3F,
0xD0, 0xA7, 0x8F, 0x86, 0x26, 0x1E, 0xB0, 0x26,
0xDE, 0x7E, 0x17, 0x3A, 0x90, 0xFC, 0xC0, 0x17,
0xDD, 0x78, 0xF5, 0xA3, 0x2D, 0x3E, 0x29, 0xCE,
0x38, 0x45, 0x76, 0xA9, 0x55, 0x11, 0xB6, 0xB4,
0xE5, 0x6E, 0xDD, 0x01, 0x4B, 0x16, 0x07, 0x99,
0xBD, 0x19, 0x77, 0xF5, 0xD7, 0x9E, 0x39, 0x9E,
0xAA, 0x8E, 0x2B, 0x75, 0xC5, 0xEB, 0x33, 0x56,
0x6C, 0xD8, 0xB6, 0x3F, 0x3F, 0x4E, 0x81, 0x7E,
0x29, 0x0A, 0x68, 0xED, 0x1E, 0x9F, 0xDC, 0x6B,
0xFA, 0x18, 0xE3, 0xE5, 0x7D, 0x05, 0x7F, 0x22,
0xFA, 0xA2, 0xF6, 0x0F, 0xB6, 0x34, 0x56, 0x72,
0x55, 0x16, 0x5E, 0xF4, 0x18, 0xD1, 0x82, 0xFA,
0xDD, 0xF7, 0xB8, 0x9F, 0x7D, 0x30, 0x10, 0x69,
0xC4, 0x85, 0xD8, 0xE8, 0x34, 0x89, 0xD4, 0x93,
0xBE, 0x56, 0xEE, 0xDC, 0x43, 0xD4, 0x82, 0x00,
0xFD, 0x1E, 0x2B, 0x06, 0x69, 0x07, 0x1B, 0xBF,
0x33, 0x61, 0x39, 0x28, 0xCA, 0x31, 0x91, 0x0B,
0xF2, 0xEA, 0x32, 0x8E, 0xA8, 0x64, 0x13, 0x9A,
0xEF, 0x79, 0x1A, 0x9A, 0xBE, 0x52, 0x13, 0x32,
0x49, 0x93, 0x7D, 0xA8, 0x8C, 0x48, 0xD4, 0xC0,
0x1D, 0x10, 0x8A, 0x46, 0x85, 0xAD, 0x29, 0xDF,
0x2E, 0xCD, 0x41, 0x83, 0x82, 0x01, 0x28, 0x44,
0x0E, 0xE5, 0x37, 0x8D, 0x6B, 0xCA, 0x61, 0x98,
0xDE, 0x89, 0xA9, 0x7B, 0xBB, 0x44, 0x48, 0xA2,
0x8D, 0x82, 0x3A, 0x57, 0x40, 0x60, 0x7C, 0x6E,
0x69, 0x98, 0x98, 0x93, 0xFA, 0x7E, 0x29, 0x9A,
0x74, 0x53, 0xD8, 0xDC, 0xB3, 0x4B, 0xDB, 0x7E,
0xFE, 0x95, 0xB0, 0xC7, 0x23, 0x14, 0xEF, 0xCB,
0x49, 0x3C, 0x09, 0xD7, 0x7B, 0xD0, 0x11, 0x9B,
0xAC, 0xF2, 0xC2, 0x2E, 0x7C, 0xCB, 0xCD, 0x59,
0x7F, 0x6A, 0x09, 0xFE, 0xFE, 0xDF, 0xA0, 0xA7,
0xAC, 0x3C, 0x90, 0xBA, 0x75, 0x19, 0xF4, 0x01,
0x60, 0x56, 0xD5, 0xFB, 0x41, 0x2B, 0xA0, 0x2D,
0x0D, 0x45, 0xCF, 0xF3, 0xA6, 0x3D, 0x36, 0xEE,
0xE1, 0xE4, 0x68, 0xE6, 0xEA, 0x2F, 0x67, 0x3A,
0x7A, 0x02, 0x92, 0x6B, 0xB3, 0x18, 0xBA, 0x73,
0xEE, 0x1B, 0x2C, 0x13, 0x7D, 0xEF, 0x4A, 0x39,
0xE8, 0x03, 0xFF, 0x57, 0x35, 0x53, 0xE9, 0xA5,
0xC6, 0xAA, 0x1A, 0x17, 0x21, 0xCA, 0x54, 0x38,
0x7C, 0xB1, 0xDF, 0xB8, 0xFA, 0x7D, 0xA7, 0x26,
0xB2, 0xAE, 0x7A, 0x05, 0x45, 0x3B, 0x40, 0x0A,
0x19, 0xE5, 0x32, 0x52, 0x78, 0x9D, 0xC3, 0x20,
0x63, 0x24, 0xB2, 0x58, 0x4B, 0x86, 0x1F, 0x00,
0xA2, 0x50, 0xF9, 0x9F, 0xD9, 0xDC, 0x7D, 0x51,
0x3D, 0xD7, 0xA6, 0x5A, 0x04, 0x03, 0x4E, 0xB3,
0x3D, 0x2D, 0x56, 0xA4, 0x96, 0xB3, 0x6A, 0xBA,
0x0A, 0x30, 0x08, 0xE3, 0x0F, 0xC1, 0x38, 0x24,
0x88, 0x5D, 0x9E, 0x6F, 0x68, 0x1A, 0x7D, 0xB6,
0x2D, 0xDD, 0xE3, 0x50, 0x1B, 0xD4, 0x07, 0x75,
0xE2, 0xE2, 0xCC, 0x09, 0xCC, 0x8E, 0x4E, 0x67,
0x02, 0x72, 0x02, 0xA8, 0x11, 0x70, 0xA5, 0x7F,
0x4A, 0xC1, 0x98, 0xC1, 0x7F, 0xBF, 0x95, 0xBB,
0xCE, 0xD3, 0x6D, 0x49, 0x30, 0xB9, 0x50, 0x8C,
0xFA, 0x3E, 0x8B, 0xF6, 0xE5, 0x54, 0xE9, 0x1B,
0xD7, 0xD6, 0xE5, 0x32, 0x33, 0xBB, 0x91, 0xAD,
0xC8, 0x15, 0x76, 0x1A, 0x04, 0x35, 0xDE, 0xCC,
0xE1, 0x67, 0x26, 0x4C, 0x2F, 0x4E, 0x34, 0x34,
0x3D, 0x1E, 0x5A, 0xF7, 0xBC, 0xE6, 0x0C, 0x9B,
0x7B, 0x7E, 0xE5, 0xDF, 0x72, 0x9A, 0x0D, 0xDD,
0x4B, 0xE6, 0x6F, 0x82, 0xFB, 0x5E, 0x2C, 0xC0,
0x7B, 0x03, 0x85, 0x76, 0x11, 0x0E, 0xFD, 0xC7,
0xD5, 0x50, 0x26, 0xBE, 0x75, 0x5E, 0xC1, 0xF0,
0x2E, 0x47, 0x62, 0xD6, 0xF1, 0xDA, 0xDF, 0xF4,
0x1C, 0xEE, 0x63, 0x52, 0xC4, 0x45, 0x37, 0xE6,
0x85, 0xA5, 0x0A, 0x07, 0x54, 0x63, 0x21, 0x7B,
0x92, 0xF7, 0x33, 0x0C, 0xD9, 0x29, 0xCF, 0xE3,
0xAB, 0xB5, 0xFC, 0xAA, 0x26, 0x20, 0x93, 0x55,
0x8A, 0x07, 0x33, 0xB2, 0x7D, 0x95, 0x02, 0x7A,
0x76, 0x9E, 0x7D, 0xBB, 0xC1, 0xF3, 0x6E, 0x84,
0x10, 0x30, 0x4B, 0x5D, 0x59, 0x73, 0x68, 0xEC,
0x2A, 0x63, 0x2D, 0x46, 0xE8, 0xC2, 0xF8, 0xEA,
0x2B, 0xC4, 0x4F, 0xA7, 0x6E, 0xF4, 0x74, 0xEB,
0x96, 0xA3, 0x64, 0x40, 0x9B, 0x23, 0x63, 0x42,
0x4B, 0x8F, 0x85, 0x00, 0x43, 0x04, 0xAD, 0x61,
0x76, 0x93, 0xBD, 0xC3, 0x88, 0xC3, 0xFC, 0x29,
0x61, 0xBD, 0xB1, 0x5A, 0x1F, 0x5B, 0x20, 0xEF,
0x95, 0xED, 0x99, 0x84, 0x96, 0xB2, 0x93, 0x81,
0x82, 0xFF, 0xE3, 0xB9, 0x27, 0xEA, 0x9A, 0x23,
0xF6, 0x42, 0x8D, 0xD3, 0x5C, 0x86, 0x11, 0xC8,
0x39, 0xE3, 0x16, 0xE9, 0xA5, 0x32, 0x7C, 0xC9,
0xEA, 0x82, 0x50, 0x9B, 0x21, 0x5C, 0xC9, 0x66,
0xBE, 0x1C, 0x78, 0x48, 0xEF, 0x39, 0x2D, 0xA1,
0xC6, 0xF3, 0x69, 0xA3, 0x36, 0x25, 0x3A, 0xA1,
0x15, 0x2B, 0x6D, 0xCF, 0xDA, 0xA7, 0xCA, 0xDD,
0x4D, 0x9A, 0x1D, 0x58, 0x9F, 0x73, 0xD3, 0xEF,
0x0F, 0xBF, 0x03, 0x88, 0x2F, 0xDE, 0xB9, 0x44,
0xB5, 0xB6, 0xCF, 0xE2, 0x6F, 0x6A, 0xB5, 0x12,
0x38, 0x29, 0x55, 0x8C, 0x4C, 0x73, 0x6F, 0x0B,
0x68, 0x7A, 0xC7, 0x06, 0x83, 0x80, 0xFE, 0x7F,
0x61, 0xBE, 0x6B, 0x40, 0xE3, 0xF0, 0x4D, 0x7B,
0x36, 0x82, 0x0F, 0xD8, 0x63, 0x29, 0xB3, 0x10,
0x9D, 0x02, 0xEC, 0x63, 0x90, 0xEA, 0xFC, 0x8C,
0xA7, 0x30, 0x56, 0x2B, 0x68, 0x08, 0x24, 0x24,
0xFD, 0xA9, 0x8D, 0x0B, 0x64, 0xBC, 0x97, 0x34,
0xB4, 0x0B, 0x63, 0xF7, 0xE3, 0x7A, 0xF6, 0x89,
0x0A, 0xF7, 0xC2, 0xD9, 0x2F, 0x79, 0xEE, 0xA3,
0xCC, 0xEA, 0xC6, 0x0A, 0x6F, 0x38, 0x06, 0x92,
0xF8, 0x02, 0xB1, 0x55, 0x6A, 0x78, 0xFE, 0x55,
0x83, 0xFF, 0x20, 0xA9, 0xC6, 0xA7, 0xBF, 0xCC,
0x86, 0x3A, 0x9E, 0x7B, 0x62, 0x01, 0x4D, 0x16,
0x05, 0xDE, 0x89, 0x4F, 0xB5, 0x85, 0xE2, 0xD4,
0xF9, 0x41, 0x15, 0xE0, 0x29, 0xE5, 0x85, 0x7E,
0x6A, 0x0A, 0x73, 0x89, 0x27, 0x5F, 0x53, 0x0D,
0x3D, 0x80, 0xCF, 0xAB, 0x1F, 0x22, 0x5D, 0x38,
0x33, 0x5D, 0x24, 0x67, 0x91, 0x97, 0xD4, 0x8A,
0x01, 0x8A, 0x34, 0x18, 0x7D, 0xE3, 0xBC, 0xCE,
0xDE, 0x94, 0xFF, 0x8E, 0xC5, 0x34, 0xC0, 0x2D,
0xA7, 0x24, 0xD4, 0x59, 0x8D, 0x66, 0x9E, 0x85,
0xA9, 0xC6, 0x0E, 0x45, 0x21, 0x4F, 0xAA, 0x65,
0x44, 0xD6, 0xA4, 0x7D, 0x1C, 0x4E, 0xD7, 0x40,
0x9D, 0x55, 0xB1, 0xA7, 0xF1, 0x15, 0xAE, 0x15,
0x44, 0x3A, 0x1C, 0x31, 0x06, 0x40, 0xD1, 0x16,
0x23, 0x84, 0x93, 0xEF, 0x3E, 0xE2, 0x87, 0x9B,
0xB8, 0x46, 0x1F, 0x7D, 0x68, 0x73, 0x64, 0x70,
0xD4, 0xB5, 0x73, 0xAE, 0x45, 0x49, 0x93, 0xF5,
0x32, 0x30, 0x1E, 0x35, 0xCB, 0x9E, 0xEE, 0xDF,
0xFE, 0xA8, 0x2F, 0xAC, 0x49, 0x77, 0x53, 0xF7,
0x50, 0x19, 0xF2, 0xB3, 0xB0, 0x2C, 0x70, 0xB6,
0x4A, 0x57, 0x95, 0x31, 0xC3, 0x26, 0x07, 0x2A,
0xCF, 0x1B, 0xD0, 0xAA, 0xA0, 0x9F, 0x0A, 0x97,
0x8B, 0x78, 0xAB, 0x22, 0xBD, 0x61, 0x19, 0xF8,
0x8D, 0xD2, 0xD5, 0x72, 0xF8, 0x91, 0x9D, 0x47,
0x4F, 0x59, 0x1D, 0xAE, 0x9F, 0xCE, 0x47, 0x53,
0xC9, 0x85, 0xFB, 0x25, 0x04, 0x25, 0xF2, 0x65,
0x61, 0xFF, 0xA9, 0x44, 0x3F, 0x23, 0x76, 0x68,
0x9F, 0xEB, 0x48, 0xC4, 0xCE, 0x51, 0x46, 0x04,
0x52, 0x6A, 0x10, 0x0A, 0xF3, 0x3F, 0x0D, 0x43,
0x37, 0xD1, 0x60, 0x42, 0x22, 0xC4, 0xD9, 0xF9,
0x3A, 0x8E, 0x69, 0xE4, 0xCC, 0xD3, 0x66, 0x69,
0x09, 0x0C, 0x5D, 0xFB, 0x0E, 0x95, 0x49, 0x42,
0x29, 0xFF, 0x9B, 0x20, 0xCC, 0xB1, 0xAC, 0x81,
0xB8, 0x1A, 0x36, 0xD6, 0x3A, 0x85, 0x0D, 0xDB,
0x33, 0x33, 0x4D, 0xAA, 0x51, 0x46, 0xBF, 0x36,
0xFE, 0x18, 0x80, 0x1E, 0x3B, 0xEB, 0xD0, 0xE9,
0x1B, 0x5E, 0x1C, 0xFE, 0x7A, 0x98, 0x26, 0x85,
0x0A, 0xF4, 0x39, 0x7D, 0x1B, 0x07, 0xD3, 0xB7,
0x19, 0xE5, 0x7B, 0xB8, 0x32, 0xAF, 0x42, 0x34,
0xC0, 0xCD, 0x9F, 0xD4, 0x0B, 0x88, 0x2F, 0xCE,
0xDA, 0x93, 0x7E, 0xF9, 0xA2, 0xDA, 0x24, 0x59,
0x2B, 0xCB, 0x5D, 0x1B, 0xE8, 0x3E, 0xC5, 0xF0,
0x3D, 0xBD, 0xFB, 0xCB, 0x33, 0x5D, 0x90, 0xD5,
0xC8, 0xA0, 0x2E, 0xE5, 0x3D, 0x50, 0x8E, 0xB5,
0xDE, 0x4A, 0x96, 0x1B, 0x95, 0x8F, 0x75, 0x1E,
0x5F, 0x89, 0xA1, 0xD2, 0x88, 0x95, 0xA3, 0xDB,
0x7B, 0x62, 0xEF, 0x4A, 0xE1, 0x6D, 0x28, 0xFB,
0x78, 0x9B, 0x32, 0x03, 0xAD, 0x24, 0x63, 0xD6,
0xEA, 0xB8, 0x3A, 0x6D, 0x20, 0xCE, 0xA1, 0x31,
0x4A, 0xE0, 0x2A, 0x3F, 0xF6, 0xF6, 0x53, 0x15,
0x4A, 0xE1, 0x44, 0x23, 0x81, 0x86, 0x21, 0x47,
0x41, 0xC2, 0x36, 0x14, 0x81, 0x83, 0xBC, 0x39,
0xAE, 0xDF, 0x44, 0xDA, 0x97, 0xF7, 0x31, 0xCE,
0x3D, 0xCB, 0x61, 0xA4, 0xCF, 0xE1, 0x4F, 0x9E,
0x84, 0xAA, 0x05, 0xAB, 0x1C, 0x1B, 0x95, 0x1D,
0x20, 0x15, 0x52, 0x33, 0xFA, 0xFA, 0xF1, 0x6C,
0xF1, 0xBD, 0x0B, 0xAF, 0xE1, 0x99, 0xE6, 0x5D,
0x56, 0x34, 0x53, 0xBF, 0xE5, 0x5D, 0x5F, 0x47,
0x4A, 0xB1, 0x05, 0x94, 0xD7, 0x38, 0xA8, 0xC1,
0x06, 0x28, 0x8D, 0x69, 0xD0, 0x7A, 0x16, 0x88,
0x60, 0x14, 0x63, 0xF3, 0xBD, 0x21, 0x46, 0x81,
0x9C, 0x83, 0x72, 0x6D, 0x14, 0xC6, 0xA8, 0x08,
0x39, 0xB8, 0x79, 0x0B, 0x57, 0x16, 0xE7, 0x72,
0xF6, 0xC2, 0x4C, 0x2B, 0xEB, 0x7E, 0x2C, 0xF3,
0x7B, 0x3F, 0x42, 0xAC, 0xDD, 0x47, 0x3E, 0x8C,
0xCD, 0xBE, 0x48, 0x4D, 0x6E, 0x07, 0xB0, 0x73,
0xDE, 0xCB, 0x17, 0x4A, 0xC3, 0xB8, 0xBB, 0x2E,
0xF5, 0x4E, 0x6D, 0xF9, 0xE0, 0x20, 0x71, 0xFA,
0x60, 0x0A, 0xE5, 0x59, 0x67, 0xEB, 0x6F, 0x70,
0x2F, 0x71, 0x91, 0x59, 0xF0, 0xEB, 0x06, 0x5C,
0xC4, 0x60, 0x48, 0xE8, 0x75, 0xE7, 0xCF, 0x42,
0x71, 0xAD, 0x2E, 0xDA, 0xF9, 0x10, 0x82, 0x9A,
0xF6, 0x13, 0xBA, 0x89, 0xFC, 0x61, 0x2A, 0x00,
0xFD, 0xAE, 0x53, 0x7B, 0x09, 0x3A, 0xE8, 0xCB,
0xE6, 0xB7, 0x0D, 0x03, 0x01, 0xFA, 0x2E, 0x13,
0xA9, 0x16, 0x38, 0x1C, 0x92, 0xEC, 0xB4, 0x51,
0xA3, 0x6E, 0x3F, 0xA8, 0xB7, 0x37, 0x36, 0x20,
0xC0, 0x71, 0xA3, 0x05, 0x34, 0xED, 0xCB, 0x4A,
0x3F, 0x11, 0x31, 0x17, 0xA5, 0x02, 0xD6, 0xA7,
0x2D, 0xE6, 0xC7, 0x7B, 0xBB, 0xF6, 0xAE, 0x99,
0x85, 0x9A, 0xAC, 0xE6, 0x4A, 0x92, 0x8C, 0x37,
0x4B, 0xD2, 0xC4, 0x65, 0x2A, 0xC9, 0x7E, 0xB7,
0x44, 0xD2, 0x9A, 0x70, 0xCE, 0xA9, 0xA1, 0x9D,
0x70, 0x13, 0x49, 0x7B, 0xCA, 0xB6, 0x96, 0x31,
0x43, 0x3F, 0x9E, 0xD1, 0xFE, 0x20, 0xF8, 0x0B,
0x59, 0x83, 0xE1, 0x28, 0x8B, 0xB6, 0xA2, 0xBE,
0x91, 0x54, 0x3E, 0xD4, 0x79, 0x28, 0xBB, 0x5E,
0x46, 0x2D, 0x01, 0xE9, 0xC0, 0xB7, 0xFF, 0xFA,
0xC0, 0x6C, 0x10, 0xF1, 0x52, 0xF4, 0x3C, 0x32,
0x9E, 0x89, 0xDF, 0x8A, 0x79, 0x99, 0x6A, 0x09,
0x79, 0x8A, 0x36, 0x76, 0x40, 0xBE, 0x9F, 0xB5,
0x3D, 0xCE, 0x27, 0xBD, 0x0B, 0xAA, 0x9B, 0xF0,
0x21, 0xBF, 0x10, 0xD2, 0xFC, 0xFE, 0x5B, 0x13,
0xFD, 0x7D, 0x84, 0xD1, 0xC1, 0xEB, 0xC0, 0xBC,
0xEC, 0x26, 0xD0, 0x87, 0x80, 0xD1, 0x3B, 0x99,
0x47, 0x67, 0x26, 0x61, 0xE0, 0xFA, 0x5F, 0xAE,
0x6F, 0x31, 0x5B, 0x6D, 0xE4, 0x01, 0x68, 0xC2,
0x35, 0x1D, 0xE3, 0x1F, 0x41, 0xFF, 0x6C, 0x53,
0x32, 0x26, 0xE1, 0xBC, 0xE3, 0xF8, 0xE2, 0x16,
0xAF, 0x3B, 0xE6, 0x4C, 0x69, 0x33, 0x72, 0xA0,
0x66, 0xB1, 0x75, 0xF7, 0x26, 0xCF, 0xCD, 0x64,
0x2B, 0xAE, 0x98, 0x02, 0x92, 0xC1, 0xCB, 0x65,
0xE0, 0x1F, 0x07, 0x29, 0x64, 0x0A, 0xB0, 0x09,
0xCB, 0x98, 0x89, 0x2D, 0x6C, 0xFE, 0x40, 0x03,
0x34, 0x55, 0xDE, 0xE7, 0x30, 0x33, 0xB6, 0xD5,
0xE1, 0x9C, 0x59, 0x9F, 0x8A, 0x40, 0x0E, 0xB1,
0x41, 0x52, 0x7D, 0xF2, 0xBB, 0xDD, 0xEF, 0x50,
0xBB, 0xD5, 0xFB, 0x55, 0xAA, 0x5E, 0xFD, 0xB3,
0x5D, 0x08, 0x56, 0x9B, 0x02, 0x97, 0xE2, 0x48,
0x14, 0x69, 0xF1, 0x7B, 0x87, 0xB5, 0x08, 0x93,
0x6A, 0x9C, 0x5C, 0x11, 0x08, 0x9A, 0xE9, 0xE4,
0xB0, 0xCA, 0xC5, 0x74, 0x93, 0x93, 0xC8, 0x03,
0xE4, 0x70, 0x39, 0xF5, 0x1B, 0x5C, 0xBD, 0x42,
0xA6, 0xC9, 0xE1, 0x9E, 0xC3, 0xF6, 0x3C, 0x23,
0x32, 0xE8, 0x77, 0x68, 0xA9, 0x60, 0xFA, 0x02,
0x18, 0x6B, 0x7A, 0x2B, 0x02, 0x92, 0x65, 0x09,
0x11, 0x46, 0x73, 0x04, 0x63, 0xDF, 0x8B, 0x37,
0x5F, 0x24, 0xAA, 0x83, 0xBD, 0xD4, 0x1D, 0x13,
0x04, 0xFC, 0x2F, 0xB5, 0x2D, 0xA1, 0x0F, 0x1F,
0xED, 0x65, 0x29, 0x08, 0xCF, 0x8C, 0x52, 0x8F,
0xB2, 0x62, 0x5F, 0x39, 0x3F, 0xC8, 0xC7, 0xB3,
0x3F, 0xAD, 0x45, 0xBA, 0xD4, 0x7D, 0x38, 0x3D,
0x2C, 0x04, 0xCF, 0x32, 0xE8, 0x07, 0x42, 0x5F,
0x93, 0xD2, 0x35, 0x07, 0x21, 0xB7, 0xB2, 0xF5,
0x96, 0x64, 0x8E, 0xB5, 0xE1, 0x38, 0x6B, 0x43,
0xD1, 0x2E, 0xFD, 0xDB, 0x8F, 0xE2, 0x43, 0x6A,
0xEC, 0x27, 0x8E, 0xE7, 0x68, 0x75, 0xB5, 0x23,
0xC5, 0x43, 0x1D, 0x99, 0x48, 0x57, 0x73, 0xD9,
0xAD, 0xBC, 0xD0, 0x14, 0xDD, 0x87, 0xBC, 0x68,
0xFB, 0x82, 0xEE, 0x47, 0x4B, 0x22, 0xA5, 0x43,
0x3A, 0xF9, 0xF9, 0x91, 0xFC, 0x34, 0xB2, 0x58,
0x34, 0xDF, 0x13, 0x09, 0x9A, 0x46, 0xF5, 0x68,
0xAF, 0xD1, 0x15, 0x5F, 0x32, 0x1B, 0x9D, 0xA9,
0xE9, 0xC0, 0x63, 0x47, 0xAB, 0x3C, 0x1F, 0x59,
0xF7, 0xEA, 0x0E, 0xD6, 0xCF, 0x47, 0xB3, 0xE9,
0xAF, 0x65, 0x7A, 0xA7, 0xAE, 0x9B, 0xF8, 0x26,
0x0B, 0x96, 0x9D, 0xE4, 0xAD, 0x24, 0xD3, 0xA8,
0xCE, 0x95, 0xE5, 0x77, 0xD0, 0x44, 0x13, 0x05,
0x06, 0x4E, 0x07, 0xB9, 0xA2, 0xC7, 0x5C, 0x3C,
0x43, 0x80, 0x1F, 0xCE, 0xB7, 0x36, 0xFE, 0x3D,
0x27, 0x1B, 0xE1, 0xF3, 0x6B, 0xFF, 0xC8, 0xE4,
0x3D, 0xB1, 0x4A, 0x16, 0x24, 0x76, 0xBA, 0xEA,
0x9D, 0x34, 0x6B, 0x52, 0x11, 0xAB, 0xD0, 0x06,
0x08, 0xB1, 0x5A, 0xF3, 0xB5, 0xE6, 0x3A, 0x00,
0xFF, 0x92, 0x8D, 0x1E, 0xA1, 0xA1, 0x8D, 0x75,
0xFA, 0x7C, 0x6C, 0x1B, 0x0F, 0xB6, 0x27, 0x2E,
0x55, 0xC3, 0xFE, 0x7E, 0x4D, 0x42, 0x05, 0xE5,
0xCF, 0x0A, 0x1F, 0x87, 0x18, 0x30, 0x4E, 0x14,
0xF2, 0xB4, 0xCC, 0x54, 0x3D, 0x04, 0x37, 0x34,
0x1A, 0x4A, 0x31, 0x16, 0x01, 0xA9, 0x2E, 0x92,
0x56, 0x6B, 0x7D, 0xFB, 0x42, 0x64, 0xE8, 0x70,
0xE1, 0xB3, 0xA8, 0x75, 0xED, 0xBC, 0x00, 0x3A,
0x56, 0x19, 0x70, 0xCF, 0x8A, 0x66, 0x9F, 0x3D,
0x1B, 0x69, 0x28, 0x8C, 0xC6, 0xE3, 0x59, 0xCE,
0x28, 0xCA, 0x65, 0xF9, 0xDA, 0xE8, 0xCE, 0xCA,
0x74, 0x3C, 0x1C, 0x8D, 0x9F, 0xFB, 0x55, 0x08,
0x82, 0x4A, 0x83, 0x61, 0xE3, 0x3B, 0x43, 0x1A,
0x2E, 0x9E, 0x9A, 0x99, 0x78, 0x47, 0xD2, 0xE6,
0xE4, 0x3C, 0x83, 0xF0, 0x22, 0x62, 0xE2, 0x94,
0x6D, 0xF7, 0x72, 0x6D, 0x54, 0xE3, 0xE6, 0xC9,
0xCC, 0xDB, 0x6D, 0x3F, 0x13, 0x63, 0x46, 0xC1,
0x1E, 0x59, 0x42, 0xE7, 0xA1, 0xBF, 0x85, 0x0C,
0x2E, 0x99, 0xB4, 0xFA, 0xCE, 0x75, 0xFD, 0x40,
0x88, 0x69, 0x33, 0x90, 0x7C, 0xCD, 0xFC, 0x0D,
0xE1, 0x17, 0x70, 0x20, 0x31, 0x94, 0x1D, 0x00,
0x1E, 0x2A, 0x68, 0x3C, 0x55, 0x78, 0xFD, 0x33,
0x54, 0x21, 0x2C, 0xEA, 0xD9, 0x69, 0xBF, 0x1C,
0x81, 0x23, 0x9E, 0xEC, 0xC7, 0x74, 0xFD, 0x0B,
0x88, 0x3D, 0x0E, 0xEE, 0x82, 0x4B, 0x10, 0xB8,
0x79, 0xCF, 0x70, 0x7C, 0xB2, 0x68, 0x47, 0x45,
0x22, 0x06, 0x1E, 0x92, 0x7B, 0x12, 0x43, 0x24,
0x41, 0x15, 0xC6, 0x69, 0xE9, 0xEB, 0x27, 0x2B,
0x60, 0xA6, 0x44, 0xF5, 0x19, 0xEF, 0xEC, 0x06,
0x34, 0x08, 0xB6, 0x58, 0x47, 0x2E, 0x91, 0x61,
0xA1, 0xF7, 0x44, 0xFD, 0x66, 0x16, 0x9F, 0x0C,
0xAE, 0x36, 0xB4, 0x2E, 0x23, 0x79, 0xCB, 0xE8,
0x1E, 0x6E, 0x51, 0xA0, 0xF5, 0x34, 0x15, 0x18,
0x4E, 0xA0, 0x06, 0xB2, 0x27, 0x0B, 0x33, 0xE2,
0xCA, 0x36, 0x4C, 0xDB, 0x33, 0xAA, 0xAE, 0x77,
0xFF, 0xD9, 0x53, 0xDB, 0x39, 0x70, 0x4D, 0x49,
0x0C, 0xE9, 0xAC, 0x6F, 0x2D, 0xD1, 0xC7, 0xA1,
0x8E, 0x61, 0x74, 0x19, 0xA9, 0xAA, 0xFB, 0x37,
0xE7, 0x23, 0x9B, 0x23, 0x6A, 0x4B, 0x74, 0xCE,
0x63, 0xE4, 0xA0, 0xAD, 0xFF, 0x85, 0x5D, 0xCD,
0x78, 0xF6, 0x45, 0x8E, 0x76, 0x0B, 0xFD, 0x1D,
0x2A, 0xB9, 0x5E, 0x83, 0xC0, 0x3B, 0x6F, 0xAE,
0x0C, 0xD3, 0xC5, 0xCE, 0xEE, 0xEE, 0x1C, 0x69,
0x51, 0x59, 0x65, 0xA3, 0x35, 0xFC, 0xF7, 0x8E,
0x80, 0xAA, 0x73, 0x93, 0x39, 0x54, 0x21, 0x27,
0x17, 0x0B, 0x2C, 0x3E, 0xE1, 0x0B, 0x0E, 0xAA,
0x09, 0x9A, 0xC7, 0xAD, 0x4C, 0xD7, 0x6E, 0x7F,
0xE4, 0xC1, 0x16, 0x4E, 0x62, 0xF4, 0xE5, 0x80,
0x7D, 0xC0, 0x06, 0x1F, 0x77, 0xE4, 0xA8, 0xA5,
0x28, 0xD7, 0x10, 0x37, 0x59, 0x30, 0xCB, 0x75,
0x5B, 0x28, 0xBF, 0xFD, 0x92, 0x8C, 0xB0, 0x7B,
0xB4, 0xA1, 0x07, 0xCD, 0xCA, 0xBB, 0x30, 0x8A,
0x48, 0x65, 0x0D, 0xA4, 0xE5, 0x74, 0xD9, 0xBF,
0x56, 0x07, 0xF5, 0x83, 0xDA, 0xC3, 0x40, 0xD7,
0x20, 0x93, 0xEF, 0xB1, 0x2B, 0xBF, 0x93, 0x41,
0x0F, 0x1E, 0xF5, 0xC9, 0x51, 0x6C, 0x74, 0x4D,
0x23, 0x15, 0xEC, 0x9E, 0x00, 0x0A, 0x8D, 0xC5,
0xD1, 0x7A, 0x7B, 0x6F, 0x0D, 0x07, 0x9D, 0x78,
0x4B, 0x6D, 0x90, 0x19, 0x3F, 0x6E, 0x3E, 0xE7,
0xEA, 0x0E, 0xAB, 0xFC, 0x6F, 0x68, 0xC5, 0x2B,
0x37, 0xCB, 0xCE, 0x82, 0x18, 0xAF, 0xA3, 0x67,
0x0A, 0x80, 0xBC, 0x17, 0xB9, 0x5D, 0x7B, 0x40,
0x53, 0x62, 0x26, 0x35, 0x8F, 0x04, 0xAC, 0xD9,
0x2A, 0x1B, 0xE1, 0x5B, 0x26, 0xA4, 0xE5, 0x81,
0x7E, 0x62, 0x8B, 0xA6, 0x79, 0xB3, 0x52, 0x72,
0x03, 0xCD, 0x36, 0x32, 0x62, 0x8E, 0xC8, 0x3A,
0xA4, 0xF2, 0x18, 0x6D, 0x2F, 0x00, 0x5D, 0x5D,
0xFE, 0x6F, 0x7F, 0xDB, 0x4F, 0xED, 0xAC, 0x9E,
0x89, 0xD6, 0x66, 0xE3, 0x03, 0xBB, 0x56, 0x83,
0x06, 0x15, 0x6C, 0x56, 0xF0, 0x95, 0x34, 0xE2,
0x5C, 0x61, 0x9A, 0xB3, 0xB9, 0x50, 0x18, 0xF4,
0x89, 0x6B, 0xAC, 0xAA, 0x48, 0x34, 0xF6, 0xD2,
0xD8, 0xFE, 0x14, 0xA9, 0x38, 0xAA, 0x10, 0xE5,
0x30, 0x54, 0xF0, 0x00, 0x84, 0x44, 0xAC, 0x2E,
0xEA, 0x25, 0x38, 0xC1, 0x23, 0x0E, 0x6A, 0x18,
0xC9, 0x2B, 0x01, 0xD9, 0x14, 0x7F, 0xDC, 0xEF,
0xC9, 0xC8, 0xDA, 0xC1, 0xD4, 0xEC, 0xC8, 0xCF,
0x1F, 0x96, 0x2E, 0xFA, 0x1B, 0x8C, 0xD3, 0xC9,
0x69, 0x00, 0x0B, 0x7E, 0xBA, 0xC5, 0x98, 0xDC,
0xA4, 0x5E, 0xB4, 0x0B, 0xCF, 0xB1, 0x98, 0x51,
0x48, 0x38, 0x51, 0xCF, 0x34, 0x0F, 0x3E, 0x8C,
0x23, 0x7A, 0x9E, 0xFF, 0x1C, 0x9F, 0x21, 0xE4,
0x97, 0x55, 0x41, 0xC6, 0x1A, 0x8F, 0xEF, 0x2A,
0xC6, 0x05, 0x7F, 0x59, 0xDC, 0xB2, 0x3A, 0x80,
0xE8, 0x06, 0x10, 0xCD, 0x85, 0xDB, 0x20, 0x3C,
0x35, 0xD2, 0x4B, 0xC8, 0x2B, 0x9C, 0xD7, 0x82,
0x46, 0xF5, 0x9F, 0xEB, 0xB2, 0x48, 0x32, 0xD7,
0xCD, 0x66, 0x4C, 0x99, 0x51, 0x88, 0xE0, 0x28,
0x1C, 0xD7, 0x86, 0x79, 0x00, 0xDC, 0x0D, 0xF4,
0x4D, 0x40, 0x90, 0x80, 0x26, 0x8B, 0x79, 0xE9,
0x56, 0x82, 0x88, 0x5F, 0x22, 0x87, 0x70, 0x73,
0x4F, 0xA5, 0x35, 0x18, 0xEC, 0x80, 0xCE, 0x23,
0x06, 0xCE, 0x14, 0x48, 0x52, 0x4E, 0xF0, 0x18,
0x43, 0x03, 0xD4, 0x50, 0xC7, 0x6E, 0xA6, 0x3B,
0x73, 0x3E, 0xB0, 0xC8, 0xDC, 0x48, 0xBF, 0x12,
0x42, 0x3A, 0xD2, 0x38, 0x89, 0xCF, 0xCD, 0xD8,
0x91, 0xE5, 0x95, 0x00, 0x47, 0x24, 0x0D, 0xC0,
0xC3, 0x8A, 0xB2, 0xDB, 0xC1, 0x65, 0xB8, 0x1E,
0x63, 0x10, 0x02, 0xEA, 0x6F, 0x74, 0x11, 0x9E,
0x27, 0xF9, 0xF8, 0x60, 0x73, 0xBF, 0x2D, 0xF7,
0x10, 0x81, 0x86, 0x76, 0x98, 0x0C, 0x4C, 0xB6,
0xBD, 0x53, 0xF9, 0xA5, 0x72, 0x17, 0x78, 0xB8,
0x9F, 0x59, 0xC6, 0x8C, 0x89, 0x35, 0xF5, 0x03,
0x1C, 0x8A, 0x93, 0x36, 0x7D, 0x71, 0x70, 0x57,
0xFD, 0x4D, 0x5E, 0xFA, 0xBE, 0xDE, 0x70, 0x2C,
0xC6, 0x45, 0xEF, 0xB6, 0xD7, 0xF4, 0x4C, 0x86,
0x0F, 0xFF, 0x76, 0x37, 0xAA, 0xD9, 0x72, 0x24,
0x8C, 0x84, 0x4D, 0x15, 0x13, 0x39, 0x20, 0x07,
0x38, 0x91, 0xC3, 0x13, 0x5D, 0x29, 0x78, 0x68,
0xB7, 0xDA, 0x86, 0xF0, 0x97, 0xD8, 0xFB, 0x39,
0xC1, 0x3B, 0xA1, 0x4C, 0x4F, 0x24, 0x75, 0x16,
0xAB, 0xA4, 0xC5, 0xF8, 0xCE, 0x38, 0x18, 0x48,
0x2C, 0x8F, 0xF6, 0x0C, 0xCA, 0x51, 0xFD, 0xB2,
0xCE, 0xE9, 0x6B, 0xC1, 0x13, 0x8D, 0xC0, 0x4A,
0x86, 0xF8, 0x57, 0x72, 0x75, 0x91, 0xAA, 0xE6,
0xF8, 0x7C, 0x30, 0x05, 0x9B, 0x3E, 0x81, 0xB6,
0x80, 0x55, 0xB2, 0x4E, 0xA2, 0xFA, 0x98, 0x36,
0x86, 0x49, 0x8B, 0xFC, 0x9D, 0x9E, 0x7D, 0x59,
0x50, 0x79, 0xEB, 0x64, 0x6E, 0x85, 0xB2, 0x12,
0xCE, 0xDD, 0x21, 0xD0, 0x08, 0x7E, 0x0F, 0x2A,
0xF6, 0x63, 0xEB, 0x77, 0x2A, 0x98, 0x47, 0xB1,
0xDF, 0x21, 0x97, 0xAF, 0x13, 0x62, 0x6B, 0x89,
0x7C, 0x24, 0x63, 0x7A, 0xF5, 0xBF, 0xE8, 0x18,
0x16, 0xA8, 0xC9, 0x0D, 0x30, 0x48, 0x37, 0x5B,
0x69, 0x94, 0x97, 0x14, 0x3E, 0x57, 0x71, 0x85,
0xA7, 0x0E, 0x11, 0x50, 0x58, 0xA3, 0xA9, 0x11,
0x2B, 0x2C, 0x43, 0x51, 0xB6, 0xCA, 0xD0, 0x09,
0x28, 0x2B, 0x4F, 0x7C, 0xB8, 0xBD, 0xFC, 0x28,
0x57, 0x77, 0xD7, 0xDF, 0xE8, 0xF5, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x03, 0x06, 0x0B, 0x11, 0x17,
0x1F, 0x27, 0x2E
};
#endif
key = (dilithium_key*)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(key);
if (key != NULL) {
XMEMSET(key, 0, sizeof(*key));
}
ExpectIntEQ(wc_dilithium_init_ex(key, NULL, INVALID_DEVID), 0);
#ifndef WOLFSSL_NO_ML_DSA_44
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
ExpectIntEQ(wc_dilithium_import_public(pk_44, (word32)sizeof(pk_44), key),
0);
ExpectIntEQ(wc_dilithium_verify_msg(sig_44, (word32)sizeof(sig_44), msg_44,
(word32)sizeof(msg_44), &res, key), 0);
ExpectIntEQ(res, 1);
#endif
#ifndef WOLFSSL_NO_ML_DSA_65
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_65), 0);
ExpectIntEQ(wc_dilithium_import_public(pk_65, (word32)sizeof(pk_65), key),
0);
ExpectIntEQ(wc_dilithium_verify_msg(sig_65, (word32)sizeof(sig_65), msg_65,
(word32)sizeof(msg_65), &res, key), 0);
ExpectIntEQ(res, 1);
#endif
#ifndef WOLFSSL_NO_ML_DSA_87
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_87), 0);
ExpectIntEQ(wc_dilithium_import_public(pk_87, (word32)sizeof(pk_87), key),
0);
ExpectIntEQ(wc_dilithium_verify_msg(sig_87, (word32)sizeof(sig_87), msg_87,
(word32)sizeof(msg_87), &res, key), 0);
ExpectIntEQ(res, 1);
#endif
wc_dilithium_free(key);
XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
/*
* Testing wc_SetSubjectBuffer
*/
static int test_wc_SetSubjectBuffer(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
Cert cert;
XFILE file = XBADFILE;
byte* der = NULL;
word32 derSz;
derSz = FOURK_BUF;
ExpectNotNull(der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectTrue((file = XFOPEN("./certs/ca-cert.der", "rb")) != XBADFILE);
ExpectTrue((derSz = (word32)XFREAD(der, 1, FOURK_BUF, file)) > 0);
if (file != XBADFILE)
XFCLOSE(file);
ExpectIntEQ(wc_InitCert(&cert), 0);
ExpectIntEQ(wc_SetSubjectBuffer(&cert, der, (int)derSz), 0);
ExpectIntEQ(wc_SetSubjectBuffer(NULL, der, (int)derSz), BAD_FUNC_ARG);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
} /* End test_wc_SetSubjectBuffer*/
/*
* Testing wc_SetSubjectKeyIdFromPublicKey_ex
*/
static int test_wc_SetSubjectKeyIdFromPublicKey_ex(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
WC_RNG rng;
Cert cert;
#if !defined(NO_RSA) && defined(HAVE_RSA)
RsaKey rsaKey;
int bits = 2048;
#endif
#if defined(HAVE_ECC)
ecc_key eccKey;
int ret;
#endif
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
ed25519_key ed25519Key;
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
ed448_key ed448Key;
#endif
#ifndef HAVE_FIPS
ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
#else
ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
ExpectIntEQ(wc_InitCert(&cert), 0);
#if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN)
/* RSA */
XMEMSET(&rsaKey, 0, sizeof(RsaKey));
ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0);
ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0);
ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey),
0);
DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0);
#endif
#if defined(HAVE_ECC)
/* ECC */
XMEMSET(&eccKey, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&eccKey), 0);
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey),
0);
DoExpectIntEQ(wc_ecc_free(&eccKey), 0);
#endif
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
/* ED25519 */
XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
&ed25519Key), 0);
wc_ed25519_free(&ed25519Key);
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
/* ED448 */
XMEMSET(&ed448Key, 0, sizeof(ed448_key));
ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
&ed448Key), 0);
wc_ed448_free(&ed448Key);
#endif
wc_FreeRng(&rng);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif /* WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */
return EXPECT_RESULT();
} /* End test_wc_SetSubjectKeyIdFromPublicKey_ex*/
/*
* Testing wc_SetAuthKeyIdFromPublicKey_ex
*/
static int test_wc_SetAuthKeyIdFromPublicKey_ex(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
WC_RNG rng;
Cert cert;
#if !defined(NO_RSA) && defined(HAVE_RSA)
RsaKey rsaKey;
int bits = 2048;
#endif
#if defined(HAVE_ECC)
ecc_key eccKey;
int ret;
#endif
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
ed25519_key ed25519Key;
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
ed448_key ed448Key;
#endif
#ifndef HAVE_FIPS
ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
#else
ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
ExpectIntEQ(wc_InitCert(&cert), 0);
#if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN)
/* RSA */
XMEMSET(&rsaKey, 0, sizeof(RsaKey));
ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0);
ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0);
ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey), 0);
DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0);
#endif
#if defined(HAVE_ECC)
/* ECC */
XMEMSET(&eccKey, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&eccKey), 0);
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey), 0);
DoExpectIntEQ(wc_ecc_free(&eccKey), 0);
#endif
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
/* ED25519 */
XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
&ed25519Key), 0);
wc_ed25519_free(&ed25519Key);
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
/* ED448 */
XMEMSET(&ed448Key, 0, sizeof(ed448_key));
ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED448_TYPE, &ed448Key),
0);
wc_ed448_free(&ed448Key);
#endif
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif /* defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)*/
return EXPECT_RESULT();
} /* End test_wc_SetAuthKeyIdFromPublicKey_ex*/
/*
* Testing wc_PKCS7_New()
*/
static int test_wc_PKCS7_New(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
PKCS7* pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, testDevId));
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
} /* END test-wc_PKCS7_New */
/*
* Testing wc_PKCS7_Init()
*/
static int test_wc_PKCS7_Init(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
PKCS7* pkcs7 = NULL;
void* heap = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_PKCS7_Init(NULL, heap, testDevId), BAD_FUNC_ARG);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
} /* END test-wc_PKCS7_Init */
/*
* Testing wc_PKCS7_InitWithCert()
*/
static int test_wc_PKCS7_InitWithCert(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
PKCS7* pkcs7 = NULL;
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
unsigned char cert[sizeof(client_cert_der_2048)];
int certSz = (int)sizeof(cert);
XMEMSET(cert, 0, certSz);
XMEMCPY(cert, client_cert_der_2048, sizeof(client_cert_der_2048));
#elif defined(USE_CERT_BUFFERS_1024)
unsigned char cert[sizeof(client_cert_der_1024)];
int certSz = (int)sizeof(cert);
XMEMSET(cert, 0, certSz);
XMEMCPY(cert, client_cert_der_1024, sizeof_client_cert_der_1024);
#else
unsigned char cert[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
unsigned char cert[sizeof(cliecc_cert_der_256)];
int certSz = (int)sizeof(cert);
XMEMSET(cert, 0, certSz);
XMEMCPY(cert, cliecc_cert_der_256, sizeof(cliecc_cert_der_256));
#else
unsigned char cert[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof(cliecc_cert_der_256),
fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#else
#error PKCS7 requires ECC or RSA
#endif
#ifdef HAVE_ECC
{
/* bad test case from ZD 11011, malformed cert gives bad ECC key */
static unsigned char certWithInvalidEccKey[] = {
0x30, 0x82, 0x03, 0x5F, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, 0x68, 0x6C, 0xA4, 0x79,
0x42, 0x83, 0x2F, 0x1A, 0x50, 0x71, 0x03, 0xBE, 0x31, 0xAA, 0x2C, 0x30,
0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30,
0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08,
0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D,
0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43,
0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30,
0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74,
0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77,
0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30,
0x1E, 0x17, 0x0D, 0x32, 0x30, 0x30, 0x36, 0x31, 0x39, 0x31, 0x33, 0x32,
0x33, 0x34, 0x31, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x33, 0x31, 0x36,
0x31, 0x33, 0x32, 0x33, 0x34, 0x31, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B,
0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72,
0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04,
0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11,
0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E,
0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55,
0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x26,
0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F,
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, 0x06,
0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86,
0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x02, 0x00, 0x04, 0x55, 0xBF,
0xF4, 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D,
0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C,
0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, 0x43,
0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6,
0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D,
0x7F, 0xB4, 0xA3, 0x82, 0x01, 0x3E, 0x30, 0x82, 0x01, 0x3A, 0x30, 0x1D,
0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B,
0x59, 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41,
0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xCD, 0x06, 0x03, 0x55, 0x1D,
0x23, 0x04, 0x81, 0xC5, 0x30, 0x81, 0xC2, 0x80, 0x14, 0xEB, 0xD4, 0x4B,
0x59, 0x72, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41,
0x88, 0x44, 0x5C, 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30,
0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x08, 0x08,
0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D,
0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43,
0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30,
0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74,
0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77,
0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x30, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
0x14, 0x61, 0xB3, 0x1E, 0x59, 0xF3, 0x68, 0x6C, 0xA4, 0x79, 0x42, 0x83,
0x2F, 0x1A, 0x50, 0x71, 0x03, 0xBE, 0x32, 0xAA, 0x2C, 0x30, 0x0C, 0x06,
0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30,
0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B,
0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87,
0x04, 0x23, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25,
0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02,
0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xE4, 0xA0, 0x23, 0x26,
0x2B, 0x0B, 0x42, 0x0F, 0x97, 0x37, 0x6D, 0xCB, 0x14, 0x23, 0xC3, 0xC3,
0xE6, 0x44, 0xCF, 0x5F, 0x4C, 0x26, 0xA3, 0x72, 0x64, 0x7A, 0x9C, 0xCB,
0x64, 0xAB, 0xA6, 0xBE, 0x02, 0x21, 0x00, 0xAA, 0xC5, 0xA3, 0x50, 0xF6,
0xF1, 0xA5, 0xDB, 0x05, 0xE0, 0x75, 0xD2, 0xF7, 0xBA, 0x49, 0x5F, 0x8F,
0x7D, 0x1C, 0x44, 0xB1, 0x6E, 0xDF, 0xC8, 0xDA, 0x10, 0x48, 0x2D, 0x53,
0x08, 0xA8, 0xB4
};
#endif
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
/* If initialization is not successful, it's free'd in init func. */
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz),
0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
/* Valid initialization usage. */
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* Pass in bad args. No need free for null checks, free at end.*/
ExpectIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, (word32)certSz),
BAD_FUNC_ARG);
#ifdef HAVE_ECC
ExpectIntLT(wc_PKCS7_InitWithCert(pkcs7, certWithInvalidEccKey,
sizeof(certWithInvalidEccKey)), 0);
}
#endif
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_InitWithCert */
/*
* Testing wc_PKCS7_EncodeData()
*/
static int test_wc_PKCS7_EncodeData(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
PKCS7* pkcs7 = NULL;
byte output[FOURK_BUF];
byte data[] = "My encoded DER cert.";
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
unsigned char cert[sizeof(client_cert_der_2048)];
unsigned char key[sizeof(client_key_der_2048)];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, client_cert_der_2048, certSz);
XMEMCPY(key, client_key_der_2048, keySz);
#elif defined(USE_CERT_BUFFERS_1024)
unsigned char cert[sizeof(sizeof_client_cert_der_1024)];
unsigned char key[sizeof_client_key_der_1024];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, client_cert_der_1024, certSz);
XMEMCPY(key, client_key_der_1024, keySz);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
int keySz;
ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
unsigned char cert[sizeof(cliecc_cert_der_256)];
unsigned char key[sizeof(ecc_clikey_der_256)];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz, keySz;
ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#endif
XMEMSET(output, 0, sizeof(output));
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = sizeof(data);
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)keySz;
}
ExpectIntGT(wc_PKCS7_EncodeData(pkcs7, output, (word32)sizeof(output)), 0);
/* Test bad args. */
ExpectIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, NULL, (word32)sizeof(output)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, output, 5), BUFFER_E);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeData */
#if defined(HAVE_PKCS7) && defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && \
!defined(NO_RSA) && !defined(NO_SHA256)
/* RSA sign raw digest callback */
static int rsaSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz,
byte* out, word32 outSz, byte* privateKey,
word32 privateKeySz, int devid, int hashOID)
{
/* specific DigestInfo ASN.1 encoding prefix for a SHA2565 digest */
byte digInfoEncoding[] = {
0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
0x00, 0x04, 0x20
};
int ret;
byte digestInfo[ONEK_BUF];
byte sig[FOURK_BUF];
word32 digestInfoSz = 0;
word32 idx = 0;
RsaKey rsa;
/* SHA-256 required only for this example callback due to above
* digInfoEncoding[] */
if (pkcs7 == NULL || digest == NULL || out == NULL ||
(sizeof(digestInfo) < sizeof(digInfoEncoding) + digestSz) ||
(hashOID != SHA256h)) {
return -1;
}
/* build DigestInfo */
XMEMCPY(digestInfo, digInfoEncoding, sizeof(digInfoEncoding));
digestInfoSz += sizeof(digInfoEncoding);
XMEMCPY(digestInfo + digestInfoSz, digest, digestSz);
digestInfoSz += digestSz;
/* set up RSA key */
ret = wc_InitRsaKey_ex(&rsa, pkcs7->heap, devid);
if (ret != 0) {
return ret;
}
ret = wc_RsaPrivateKeyDecode(privateKey, &idx, &rsa, privateKeySz);
/* sign DigestInfo */
if (ret == 0) {
ret = wc_RsaSSL_Sign(digestInfo, digestInfoSz, sig, sizeof(sig),
&rsa, pkcs7->rng);
if (ret > 0) {
if (ret > (int)outSz) {
/* output buffer too small */
ret = -1;
}
else {
/* success, ret holds sig size */
XMEMCPY(out, sig, ret);
}
}
}
wc_FreeRsaKey(&rsa);
return ret;
}
#endif
#if defined(HAVE_PKCS7) && defined(ASN_BER_TO_DER)
typedef struct encodeSignedDataStream {
byte out[FOURK_BUF*3];
int idx;
word32 outIdx;
} encodeSignedDataStream;
/* content is 8k of partially created bundle */
static int GetContentCB(PKCS7* pkcs7, byte** content, void* ctx)
{
int ret = 0;
encodeSignedDataStream* strm = (encodeSignedDataStream*)ctx;
if (strm->outIdx < pkcs7->contentSz) {
ret = (pkcs7->contentSz > strm->outIdx + FOURK_BUF)?
FOURK_BUF : pkcs7->contentSz - strm->outIdx;
*content = strm->out + strm->outIdx;
strm->outIdx += ret;
}
(void)pkcs7;
return ret;
}
static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz,
void* ctx)
{
encodeSignedDataStream* strm = (encodeSignedDataStream*)ctx;
XMEMCPY(strm->out + strm->idx, output, outputSz);
strm->idx += outputSz;
(void)pkcs7;
return 0;
}
#endif
/*
* Testing wc_PKCS7_EncodeSignedData()
*/
static int test_wc_PKCS7_EncodeSignedData(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
PKCS7* pkcs7 = NULL;
WC_RNG rng;
byte output[FOURK_BUF];
byte badOut[1];
word32 outputSz = (word32)sizeof(output);
word32 badOutSz = 0;
byte data[] = "Test data to encode.";
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
byte key[sizeof(client_key_der_2048)];
byte cert[sizeof(client_cert_der_2048)];
word32 keySz = (word32)sizeof(key);
word32 certSz = (word32)sizeof(cert);
XMEMSET(key, 0, keySz);
XMEMSET(cert, 0, certSz);
XMEMCPY(key, client_key_der_2048, keySz);
XMEMCPY(cert, client_cert_der_2048, certSz);
#elif defined(USE_CERT_BUFFERS_1024)
byte key[sizeof_client_key_der_1024];
byte cert[sizeof(sizeof_client_cert_der_1024)];
word32 keySz = (word32)sizeof(key);
word32 certSz = (word32)sizeof(cert);
XMEMSET(key, 0, keySz);
XMEMSET(cert, 0, certSz);
XMEMCPY(key, client_key_der_1024, keySz);
XMEMCPY(cert, client_cert_der_1024, certSz);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
int keySz;
ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
unsigned char cert[sizeof(cliecc_cert_der_256)];
unsigned char key[sizeof(ecc_clikey_der_256)];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, cliecc_cert_der_256, certSz);
XMEMCPY(key, ecc_clikey_der_256, keySz);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
int keySz;
ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, ONEK_BUF, fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#endif
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(output, 0, outputSz);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = (word32)sizeof(data);
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
pkcs7->rng = &rng;
}
ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
#ifdef ASN_BER_TO_DER
wc_PKCS7_Free(pkcs7);
/* reinitialize and test setting stream mode */
{
int signedSz = 0;
encodeSignedDataStream strm;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = (word32)sizeof(data);
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
pkcs7->rng = &rng;
}
ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 0);
ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL, NULL), 0);
ExpectIntEQ(wc_PKCS7_SetStreamMode(NULL, 1, NULL, NULL, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 1);
ExpectIntGT(signedSz = wc_PKCS7_EncodeSignedData(pkcs7, output,
outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* use exact signed buffer size since BER encoded */
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, (word32)signedSz), 0);
wc_PKCS7_Free(pkcs7);
/* now try with using callbacks for IO */
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (pkcs7 != NULL) {
pkcs7->contentSz = FOURK_BUF*2;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
pkcs7->rng = &rng;
}
XMEMSET(&strm, 0, sizeof(strm));
ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB,
StreamOutputCB, (void*)&strm), 0);
ExpectIntGT(signedSz = wc_PKCS7_EncodeSignedData(pkcs7, NULL, 0), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* use exact signed buffer size since BER encoded */
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, strm.out, (word32)signedSz), 0);
}
#endif
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
{
word32 z;
int ret;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming mode */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
}
#endif /* !NO_PKCS7_STREAM */
/* Pass in bad args. */
ExpectIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, badOut,
badOutSz), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->hashOID = 0; /* bad hashOID */
}
ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz),
BAD_FUNC_ARG);
#if defined(HAVE_PKCS7) && defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && \
!defined(NO_RSA) && !defined(NO_SHA256)
/* test RSA sign raw digest callback, if using RSA and compiled in.
* Example callback assumes SHA-256, so only run test if compiled in. */
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = (word32)sizeof(data);
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
pkcs7->hashOID = SHA256h;
pkcs7->rng = &rng;
}
ExpectIntEQ(wc_PKCS7_SetRsaSignRawDigestCb(pkcs7, rsaSignRawDigestCb), 0);
ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
#endif
wc_PKCS7_Free(pkcs7);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeSignedData */
/*
* Testing wc_PKCS7_EncodeSignedData_ex() and wc_PKCS7_VerifySignedData_ex()
*/
static int test_wc_PKCS7_EncodeSignedData_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
int i;
PKCS7* pkcs7 = NULL;
WC_RNG rng;
byte outputHead[FOURK_BUF/2];
byte outputFoot[FOURK_BUF/2];
word32 outputHeadSz = (word32)sizeof(outputHead);
word32 outputFootSz = (word32)sizeof(outputFoot);
byte data[FOURK_BUF];
wc_HashAlg hash;
#ifdef NO_SHA
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
#endif
byte hashBuf[WC_MAX_DIGEST_SIZE];
word32 hashSz = (word32)wc_HashGetDigestSize(hashType);
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
byte key[sizeof(client_key_der_2048)];
byte cert[sizeof(client_cert_der_2048)];
word32 keySz = (word32)sizeof(key);
word32 certSz = (word32)sizeof(cert);
XMEMSET(key, 0, keySz);
XMEMSET(cert, 0, certSz);
XMEMCPY(key, client_key_der_2048, keySz);
XMEMCPY(cert, client_cert_der_2048, certSz);
#elif defined(USE_CERT_BUFFERS_1024)
byte key[sizeof_client_key_der_1024];
byte cert[sizeof(sizeof_client_cert_der_1024)];
word32 keySz = (word32)sizeof(key);
word32 certSz = (word32)sizeof(cert);
XMEMSET(key, 0, keySz);
XMEMSET(cert, 0, certSz);
XMEMCPY(key, client_key_der_1024, keySz);
XMEMCPY(cert, client_cert_der_1024, certSz);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
int keySz;
ExpectTure((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
unsigned char cert[sizeof(cliecc_cert_der_256)];
unsigned char key[sizeof(ecc_clikey_der_256)];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
int keySz;
ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
#endif
XMEMSET(&rng, 0, sizeof(WC_RNG));
/* initialize large data with sequence */
for (i=0; i<(int)sizeof(data); i++)
data[i] = i & 0xff;
XMEMSET(outputHead, 0, outputHeadSz);
XMEMSET(outputFoot, 0, outputFootSz);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = NULL; /* not used for ex */
pkcs7->contentSz = (word32)sizeof(data);
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
pkcs7->rng = &rng;
}
/* calculate hash for content */
XMEMSET(&hash, 0, sizeof(wc_HashAlg));
ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
DoExpectIntEQ(wc_HashFree(&hash, hashType), 0);
/* Perform PKCS7 sign using hash directly */
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, &outputFootSz), 0);
ExpectIntGT(outputHeadSz, 0);
ExpectIntGT(outputFootSz, 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* required parameter even on verify when using _ex, if using outputHead
* and outputFoot */
if (pkcs7 != NULL) {
pkcs7->contentSz = (word32)sizeof(data);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, outputFoot, outputFootSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* assembly complete PKCS7 sign and use normal verify */
{
byte* output = NULL;
word32 outputSz = 0;
#ifndef NO_PKCS7_STREAM
word32 z;
int ret;
#endif /* !NO_PKCS7_STREAM */
ExpectNotNull(output = (byte*)XMALLOC(
outputHeadSz + sizeof(data) + outputFootSz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (output != NULL) {
XMEMCPY(&output[outputSz], outputHead, outputHeadSz);
outputSz += outputHeadSz;
XMEMCPY(&output[outputSz], data, sizeof(data));
outputSz += sizeof(data);
XMEMCPY(&output[outputSz], outputFoot, outputFootSz);
outputSz += outputFootSz;
}
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming mode */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
#endif /* !NO_PKCS7_STREAM */
XFREE(output, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
/* Pass in bad args. */
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(NULL, hashBuf, hashSz, outputHead,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, NULL, hashSz, outputHead,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, 0, outputHead,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, NULL,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, NULL, outputFoot, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, NULL, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, NULL), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->hashOID = 0; /* bad hashOID */
}
ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead,
outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead,
outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
outputHeadSz, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
#else
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
outputHeadSz, outputFoot, outputFootSz), BUFFER_E);
#endif
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL,
outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
/* can pass in 0 buffer length with streaming API */
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, 0, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
#else
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, 0, outputFoot, outputFootSz), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, NULL, outputFootSz), BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, outputFoot, 0), WC_PKCS7_WANT_READ_E);
#else
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, outputFoot, 0), BUFFER_E);
#endif
wc_PKCS7_Free(pkcs7);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeSignedData_ex */
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
/**
* Loads certs/keys from files or buffers into the argument buffers,
* helper function called by CreatePKCS7SignedData().
*
* Returns 0 on success, negative on error.
*/
static int LoadPKCS7SignedDataCerts(
int useIntermediateCertChain, int pkAlgoType,
byte* intCARoot, word32* intCARootSz,
byte* intCA1, word32* intCA1Sz,
byte* intCA2, word32* intCA2Sz,
byte* cert, word32* certSz,
byte* key, word32* keySz)
{
EXPECT_DECLS;
int ret = 0;
XFILE fp = XBADFILE;
#ifndef NO_RSA
const char* intCARootRSA = "./certs/ca-cert.der";
const char* intCA1RSA = "./certs/intermediate/ca-int-cert.der";
const char* intCA2RSA = "./certs/intermediate/ca-int2-cert.der";
const char* intServCertRSA = "./certs/intermediate/server-int-cert.der";
const char* intServKeyRSA = "./certs/server-key.der";
#if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024)
const char* cli1024Cert = "./certs/1024/client-cert.der";
const char* cli1024Key = "./certs/1024/client-key.der";
#endif
#endif
#ifdef HAVE_ECC
const char* intCARootECC = "./certs/ca-ecc-cert.der";
const char* intCA1ECC = "./certs/intermediate/ca-int-ecc-cert.der";
const char* intCA2ECC = "./certs/intermediate/ca-int2-ecc-cert.der";
const char* intServCertECC = "./certs/intermediate/server-int-ecc-cert.der";
const char* intServKeyECC = "./certs/ecc-key.der";
#ifndef USE_CERT_BUFFERS_256
const char* cliEccCert = "./certs/client-ecc-cert.der";
const char* cliEccKey = "./certs/client-ecc-key.der";
#endif
#endif
if (cert == NULL || certSz == NULL || key == NULL || keySz == NULL ||
((useIntermediateCertChain == 1) &&
(intCARoot == NULL || intCARootSz == NULL || intCA1 == NULL ||
intCA1Sz == NULL || intCA2 == NULL || intCA2Sz == NULL))) {
return BAD_FUNC_ARG;
}
/* Read/load certs and keys to use for signing based on PK type and chain */
switch (pkAlgoType) {
#ifndef NO_RSA
case RSA_TYPE:
if (useIntermediateCertChain == 1) {
ExpectTrue((fp = XFOPEN(intCARootRSA, "rb")) != XBADFILE);
*intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*intCARootSz, 0);
ExpectTrue((fp = XFOPEN(intCA1RSA, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*intCA1Sz, 0);
ExpectTrue((fp = XFOPEN(intCA2RSA, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*intCA2Sz, 0);
ExpectTrue((fp = XFOPEN(intServCertRSA, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*certSz = (word32)XFREAD(cert, 1, *certSz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*certSz, 0);
ExpectTrue((fp = XFOPEN(intServKeyRSA, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*keySz = (word32)XFREAD(key, 1, *keySz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*keySz, 0);
}
else {
#if defined(USE_CERT_BUFFERS_2048)
*keySz = sizeof_client_key_der_2048;
*certSz = sizeof_client_cert_der_2048;
XMEMCPY(key, client_key_der_2048, *keySz);
XMEMCPY(cert, client_cert_der_2048, *certSz);
#elif defined(USE_CERT_BUFFERS_1024)
*keySz = sizeof_client_key_der_1024;
*certSz = sizeof_client_cert_der_1024;
XMEMCPY(key, client_key_der_1024, *keySz);
XMEMCPY(cert, client_cert_der_1024, *certSz);
#else
ExpectTrue((fp = XFOPEN(cli1024Key, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*keySz = (word32)XFREAD(key, 1, *keySz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*keySz, 0);
ExpectTrue((fp = XFOPEN(cli1024Cert, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*certSz = (word32)XFREAD(cert, 1, *certSz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*certSz, 0);
#endif /* USE_CERT_BUFFERS_2048 */
}
break;
#endif /* !NO_RSA */
#ifdef HAVE_ECC
case ECC_TYPE:
if (useIntermediateCertChain == 1) {
ExpectTrue((fp = XFOPEN(intCARootECC, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz,
fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*intCARootSz, 0);
ExpectTrue((fp = XFOPEN(intCA1ECC, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*intCA1Sz, 0);
ExpectTrue((fp = XFOPEN(intCA2ECC, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*intCA2Sz, 0);
ExpectTrue((fp = XFOPEN(intServCertECC, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*certSz = (word32)XFREAD(cert, 1, *certSz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*certSz, 0);
ExpectTrue((fp = XFOPEN(intServKeyECC, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*keySz = (word32)XFREAD(key, 1, *keySz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*keySz, 0);
}
else {
#if defined(USE_CERT_BUFFERS_256)
*keySz = sizeof_ecc_clikey_der_256;
*certSz = sizeof_cliecc_cert_der_256;
XMEMCPY(key, ecc_clikey_der_256, *keySz);
XMEMCPY(cert, cliecc_cert_der_256, *certSz);
#else
ExpectTrue((fp = XFOPEN(cliEccKey, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*keySz = (word32)XFREAD(key, 1, *keySz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*keySz, 0);
ExpectTrue((fp = XFOPEN(cliEccCert, "rb")) != XBADFILE);
if (fp != XBADFILE) {
*certSz = (word32)XFREAD(cert, 1, *certSz, fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntGT(*certSz, 0);
#endif /* USE_CERT_BUFFERS_256 */
}
break;
#endif /* HAVE_ECC */
default:
WOLFSSL_MSG("Unsupported SignedData PK type");
ret = BAD_FUNC_ARG;
break;
}
if (EXPECT_FAIL() && (ret == 0)) {
ret = BAD_FUNC_ARG;
}
return ret;
}
/**
* Creates a PKCS7/CMS SignedData bundle to use for testing.
*
* output output buffer to place SignedData
* outputSz size of output buffer
* data data buffer to be signed
* dataSz size of data buffer
* withAttribs [1/0] include attributes in SignedData message
* detachedSig [1/0] create detached signature, no content
* useIntCertChain [1/0] use certificate chain and include intermediate and
* root CAs in bundle
* pkAlgoType RSA_TYPE or ECC_TYPE, choose what key/cert type to use
*
* Return size of bundle created on success, negative on error */
static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
byte* data, word32 dataSz,
int withAttribs, int detachedSig,
int useIntermediateCertChain,
int pkAlgoType)
{
EXPECT_DECLS;
int ret = 0;
WC_RNG rng;
PKCS7* pkcs7 = NULL;
static byte messageTypeOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x02 };
static byte messageType[] = { 0x13, 2, '1', '9' };
PKCS7Attrib attribs[] =
{
{ messageTypeOid, sizeof(messageTypeOid), messageType,
sizeof(messageType) }
};
byte intCARoot[TWOK_BUF];
byte intCA1[TWOK_BUF];
byte intCA2[TWOK_BUF];
byte cert[TWOK_BUF];
byte key[TWOK_BUF];
word32 intCARootSz = sizeof(intCARoot);
word32 intCA1Sz = sizeof(intCA1);
word32 intCA2Sz = sizeof(intCA2);
word32 certSz = sizeof(cert);
word32 keySz = sizeof(key);
XMEMSET(intCARoot, 0, intCARootSz);
XMEMSET(intCA1, 0, intCA1Sz);
XMEMSET(intCA2, 0, intCA2Sz);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
ret = LoadPKCS7SignedDataCerts(useIntermediateCertChain, pkAlgoType,
intCARoot, &intCARootSz, intCA1, &intCA1Sz, intCA2, &intCA2Sz,
cert, &certSz, key, &keySz);
ExpectIntEQ(ret, 0);
XMEMSET(output, 0, outputSz);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (useIntermediateCertChain == 1) {
/* Add intermediate and root CA certs into SignedData Certs SET */
ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA2, intCA2Sz), 0);
ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA1, intCA1Sz), 0);
ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCARoot, intCARootSz), 0);
}
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = dataSz;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
if (pkAlgoType == RSA_TYPE) {
pkcs7->encryptOID = RSAk;
}
else {
pkcs7->encryptOID = ECDSAk;
}
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
pkcs7->rng = &rng;
if (withAttribs) {
/* include a signed attribute */
pkcs7->signedAttribs = attribs;
pkcs7->signedAttribsSz = (sizeof(attribs)/sizeof(PKCS7Attrib));
}
}
if (detachedSig) {
ExpectIntEQ(wc_PKCS7_SetDetached(pkcs7, 1), 0);
}
outputSz = wc_PKCS7_EncodeSignedData(pkcs7, output, (word32)outputSz);
ExpectIntGT(outputSz, 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (detachedSig && (pkcs7 != NULL)) {
pkcs7->content = data;
pkcs7->contentSz = dataSz;
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, (word32)outputSz), 0);
wc_PKCS7_Free(pkcs7);
wc_FreeRng(&rng);
if (EXPECT_FAIL()) {
outputSz = 0;
}
return outputSz;
}
#endif
/*
* Testing wc_PKCS_VerifySignedData()
*/
static int test_wc_PKCS7_VerifySignedData_RSA(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
PKCS7* pkcs7 = NULL;
byte output[6000]; /* Large size needed for bundles with int CA certs */
word32 outputSz = sizeof(output);
byte data[] = "Test data to encode.";
byte badOut[1];
word32 badOutSz = 0;
byte badContent[] = "This is different content than was signed";
wc_HashAlg hash;
#ifdef NO_SHA
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
#endif
byte hashBuf[WC_MAX_DIGEST_SIZE];
word32 hashSz = (word32)wc_HashGetDigestSize(hashType);
#ifndef NO_RSA
PKCS7DecodedAttrib* decodedAttrib = NULL;
/* contentType OID (1.2.840.113549.1.9.3) */
static const byte contentTypeOid[] =
{ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x09, 0x03 };
/* PKCS#7 DATA content type (contentType defaults to DATA) */
static const byte dataType[] =
{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 };
/* messageDigest OID (1.2.840.113549.1.9.4) */
static const byte messageDigestOid[] =
{ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04 };
#ifndef NO_ASN_TIME
/* signingTime OID () */
static const byte signingTimeOid[] =
{ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05};
#endif
#if !defined(NO_ASN) && !defined(NO_ASN_TIME)
int dateLength = 0;
byte dateFormat;
const byte* datePart = NULL;
struct tm timearg;
time_t now;
struct tm* nowTm = NULL;
#ifdef NEED_TMP_TIME
struct tm tmpTimeStorage;
struct tm* tmpTime = &tmpTimeStorage;
#endif
#endif /* !NO_ASN && !NO_ASN_TIME */
#ifndef NO_PKCS7_STREAM
word32 z;
int ret;
#endif /* !NO_PKCS7_STREAM */
XMEMSET(&hash, 0, sizeof(wc_HashAlg));
/* Success test with RSA certs/key */
ExpectIntGT((outputSz = (word32)CreatePKCS7SignedData(output, (int)outputSz, data,
(word32)sizeof(data), 0, 0, 0, RSA_TYPE)), 0);
/* calculate hash for content, used later */
ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
DoExpectIntEQ(wc_HashFree(&hash, hashType), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
#endif /* !NO_PKCS7_STREAM */
/* Check that decoded signed attributes are correct */
/* messageDigest should be first */
if (pkcs7 != NULL) {
decodedAttrib = pkcs7->decodedAttrib;
}
ExpectNotNull(decodedAttrib);
ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(messageDigestOid));
ExpectIntEQ(XMEMCMP(decodedAttrib->oid, messageDigestOid,
decodedAttrib->oidSz), 0);
/* + 2 for OCTET STRING and length bytes */
ExpectIntEQ(decodedAttrib->valueSz, hashSz + 2);
ExpectNotNull(decodedAttrib->value);
ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, hashBuf, hashSz), 0);
#ifndef NO_ASN_TIME
/* signingTime should be second */
if (decodedAttrib != NULL) {
decodedAttrib = decodedAttrib->next;
}
ExpectNotNull(decodedAttrib);
ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(signingTimeOid));
ExpectIntEQ(XMEMCMP(decodedAttrib->oid, signingTimeOid,
decodedAttrib->oidSz), 0);
ExpectIntGT(decodedAttrib->valueSz, 0);
ExpectNotNull(decodedAttrib->value);
#endif
/* Verify signingTime if ASN and time are available */
#if !defined(NO_ASN) && !defined(NO_ASN_TIME)
ExpectIntEQ(wc_GetDateInfo(decodedAttrib->value, decodedAttrib->valueSz,
&datePart, &dateFormat, &dateLength), 0);
ExpectNotNull(datePart);
ExpectIntGT(dateLength, 0);
XMEMSET(&timearg, 0, sizeof(timearg));
ExpectIntEQ(wc_GetDateAsCalendarTime(datePart, dateLength, dateFormat,
&timearg), 0);
/* Get current time and compare year/month/day against attribute value */
ExpectIntEQ(wc_GetTime(&now, sizeof(now)), 0);
nowTm = (struct tm*)XGMTIME((time_t*)&now, tmpTime);
ExpectNotNull(nowTm);
ExpectIntEQ(timearg.tm_year, nowTm->tm_year);
ExpectIntEQ(timearg.tm_mon, nowTm->tm_mon);
ExpectIntEQ(timearg.tm_mday, nowTm->tm_mday);
#endif /* !NO_ASN && !NO_ASN_TIME */
/* contentType should be third */
if (decodedAttrib != NULL) {
decodedAttrib = decodedAttrib->next;
}
ExpectNotNull(decodedAttrib);
ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(contentTypeOid));
ExpectIntEQ(XMEMCMP(decodedAttrib->oid, contentTypeOid,
decodedAttrib->oidSz), 0);
ExpectIntEQ(decodedAttrib->valueSz, (int)sizeof(dataType) + 2);
ExpectNotNull(decodedAttrib->value);
ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, dataType, sizeof(dataType)),
0);
#endif /* !NO_RSA */
/* Test bad args. */
ExpectIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, NULL, outputSz),
BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
/* can pass in 0 buffer length with streaming API */
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
badOutSz), WC_PKCS7_WANT_READ_E);
#else
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
badOutSz), BAD_FUNC_ARG);
#endif
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_RSA
/* Try RSA certs/key/sig first */
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
ExpectIntGT((outputSz = (word32)CreatePKCS7SignedData(output, (int)outputSz, data,
(word32)sizeof(data),
1, 1, 0, RSA_TYPE)), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = badContent;
pkcs7->contentSz = sizeof(badContent);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
SIG_VERIFY_E);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = badContent;
pkcs7->contentSz = sizeof(badContent);
}
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret == WC_PKCS7_WANT_READ_E){
continue;
}
else if (ret < 0) {
break;
}
}
ExpectIntEQ(ret, SIG_VERIFY_E);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
/* Test success case with detached signature and valid content */
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = sizeof(data);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = sizeof(data);
}
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
/* verify using pre-computed content digest only (no content) */
{
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
output, outputSz, NULL, 0), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
#endif /* !NO_RSA */
/* Test verify on signedData containing intermediate/root CA certs */
#ifndef NO_RSA
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
ExpectIntGT((outputSz = (word32)CreatePKCS7SignedData(output, (int)outputSz, data,
(word32)sizeof(data),
0, 0, 1, RSA_TYPE)), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
#endif /* !NO_RSA */
#if defined(ASN_BER_TO_DER) && !defined(NO_PKCS7_STREAM) && \
!defined(NO_FILESYSTEM)
{
XFILE signedBundle = XBADFILE;
int signedBundleSz = 0;
int chunkSz = 1;
int i, rc = 0;
byte* buf = NULL;
ExpectTrue((signedBundle = XFOPEN("./certs/test-stream-sign.p7b",
"rb")) != XBADFILE);
ExpectTrue(XFSEEK(signedBundle, 0, XSEEK_END) == 0);
ExpectIntGT(signedBundleSz = (int)XFTELL(signedBundle), 0);
ExpectTrue(XFSEEK(signedBundle, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(signedBundleSz, HEAP_HINT,
DYNAMIC_TYPE_FILE));
if (buf != NULL) {
ExpectIntEQ(XFREAD(buf, 1, (size_t)signedBundleSz, signedBundle),
signedBundleSz);
}
if (signedBundle != XBADFILE) {
XFCLOSE(signedBundle);
signedBundle = XBADFILE;
}
if (buf != NULL) {
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
for (i = 0; i < signedBundleSz;) {
int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i :
chunkSz;
rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, (word32)sz);
if (rc < 0 ) {
if (rc == WC_PKCS7_WANT_READ_E) {
i += sz;
continue;
}
break;
}
else {
break;
}
}
ExpectIntEQ(rc, PKCS7_SIGNEEDS_CHECK);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
/* now try with malformed bundle */
if (buf != NULL) {
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
buf[signedBundleSz - 2] = buf[signedBundleSz - 2] + 1;
for (i = 0; i < signedBundleSz;) {
int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i :
chunkSz;
rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, (word32)sz);
if (rc < 0 ) {
if (rc == WC_PKCS7_WANT_READ_E) {
i += sz;
continue;
}
break;
}
else {
break;
}
}
ExpectIntEQ(rc, ASN_PARSE_E);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
if (buf != NULL)
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
}
#endif /* BER and stream */
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_VerifySignedData()_RSA */
/*
* Testing wc_PKCS_VerifySignedData()
*/
static int test_wc_PKCS7_VerifySignedData_ECC(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
PKCS7* pkcs7 = NULL;
byte output[6000]; /* Large size needed for bundles with int CA certs */
word32 outputSz = sizeof(output);
byte data[] = "Test data to encode.";
byte badContent[] = "This is different content than was signed";
wc_HashAlg hash;
#ifndef NO_PKCS7_STREAM
word32 z;
int ret;
#endif /* !NO_PKCS7_STREAM */
#ifdef NO_SHA
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
#endif
byte hashBuf[WC_MAX_DIGEST_SIZE];
word32 hashSz = (word32)wc_HashGetDigestSize(hashType);
XMEMSET(&hash, 0, sizeof(wc_HashAlg));
/* Success test with ECC certs/key */
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
ExpectIntGT((outputSz = (word32)CreatePKCS7SignedData(output, (int)outputSz, data,
(word32)sizeof(data), 0, 0, 0, ECC_TYPE)), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
/* Invalid content should error, use detached signature so we can
* easily change content */
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
ExpectIntGT((outputSz = (word32)CreatePKCS7SignedData(output, (int)outputSz, data,
(word32)sizeof(data), 1, 1, 0, ECC_TYPE)), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = badContent;
pkcs7->contentSz = sizeof(badContent);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
SIG_VERIFY_E);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = badContent;
pkcs7->contentSz = sizeof(badContent);
}
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret == WC_PKCS7_WANT_READ_E){
continue;
}
else if (ret < 0) {
break;
}
}
ExpectIntEQ(ret, SIG_VERIFY_E);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
/* Test success case with detached signature and valid content */
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = sizeof(data);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
if (pkcs7 != NULL) {
pkcs7->content = data;
pkcs7->contentSz = sizeof(data);
}
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
/* verify using pre-computed content digest only (no content) */
{
/* calculate hash for content */
ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
ExpectIntEQ(wc_HashFree(&hash, hashType), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
output, outputSz, NULL, 0), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
/* Test verify on signedData containing intermediate/root CA certs */
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
ExpectIntGT((outputSz = (word32)CreatePKCS7SignedData(output, (int)outputSz, data,
(word32)sizeof(data), 0, 0, 1, ECC_TYPE)), 0);
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < outputSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, output + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectIntNE(pkcs7->contentSz, 0);
ExpectNotNull(pkcs7->contentDynamic);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_VerifySignedData_ECC() */
#if defined(HAVE_PKCS7) && !defined(NO_AES) && defined(HAVE_AES_CBC) && \
!defined(NO_AES_256)
static const byte defKey[] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
};
static byte aesHandle[32]; /* simulated hardware key handle */
/* return 0 on success */
static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
byte* aad, word32 aadSz, byte* authTag, word32 authTagSz,
byte* in, int inSz, byte* out, void* usrCtx)
{
int ret;
Aes aes;
if (usrCtx == NULL) {
/* no simulated handle passed in */
return -1;
}
switch (encryptOID) {
case AES256CBCb:
if (ivSz != AES_BLOCK_SIZE)
return BAD_FUNC_ARG;
break;
default:
WOLFSSL_MSG("Unsupported content cipher type for test");
return ALGO_ID_E;
};
/* simulate using handle to get key */
ret = wc_AesInit(&aes, HEAP_HINT, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesSetKey(&aes, (byte*)usrCtx, 32, iv, AES_DECRYPTION);
if (ret == 0)
ret = wc_AesCbcDecrypt(&aes, out, in, (word32)inSz);
wc_AesFree(&aes);
}
(void)aad;
(void)aadSz;
(void)authTag;
(void)authTagSz;
(void)pkcs7;
return ret;
}
/* returns key size on success */
static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
word32 keyIdSz, byte* orginKey, word32 orginKeySz,
byte* out, word32 outSz, int keyWrapAlgo, int type, int direction)
{
int ret = -1;
(void)cekSz;
(void)cek;
(void)outSz;
(void)keyIdSz;
(void)direction;
(void)orginKey; /* used with KAKRI */
(void)orginKeySz;
if (out == NULL)
return BAD_FUNC_ARG;
if (keyId[0] != 0x00) {
return -1;
}
if (type != (int)PKCS7_KEKRI) {
return -1;
}
switch (keyWrapAlgo) {
case AES256_WRAP:
/* simulate setting a handle for later decryption but use key
* as handle in the test case here */
ret = wc_AesKeyUnWrap(defKey, sizeof(defKey), cek, cekSz,
aesHandle, sizeof(aesHandle), NULL);
if (ret < 0)
return ret;
ret = wc_PKCS7_SetDecodeEncryptedCtx(pkcs7, (void*)aesHandle);
if (ret < 0)
return ret;
/* return key size on success */
return sizeof(defKey);
default:
WOLFSSL_MSG("Unsupported key wrap algorithm in example");
return BAD_KEYWRAP_ALG_E;
};
}
#endif /* HAVE_PKCS7 && !NO_AES && HAVE_AES_CBC && !NO_AES_256 */
/*
* Testing wc_PKCS7_EncodeEnvelopedData()
*/
static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7)
PKCS7* pkcs7 = NULL;
#ifdef ASN_BER_TO_DER
int encodedSz = 0;
#endif
#ifdef ECC_TIMING_RESISTANT
WC_RNG rng;
#endif
word32 tempWrd32 = 0;
byte* tmpBytePtr = NULL;
const char input[] = "Test data to encode.";
int i;
int testSz = 0;
#if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) || \
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
byte* rsaCert = NULL;
byte* rsaPrivKey = NULL;
word32 rsaCertSz;
word32 rsaPrivKeySz;
#if !defined(NO_FILESYSTEM) && (!defined(USE_CERT_BUFFERS_1024) && \
!defined(USE_CERT_BUFFERS_2048) )
static const char* rsaClientCert = "./certs/client-cert.der";
static const char* rsaClientKey = "./certs/client-key.der";
rsaCertSz = (word32)sizeof(rsaClientCert);
rsaPrivKeySz = (word32)sizeof(rsaClientKey);
#endif
#endif
#if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
byte* eccCert = NULL;
byte* eccPrivKey = NULL;
word32 eccCertSz;
word32 eccPrivKeySz;
#if !defined(NO_FILESYSTEM) && !defined(USE_CERT_BUFFERS_256)
static const char* eccClientCert = "./certs/client-ecc-cert.der";
static const char* eccClientKey = "./certs/ecc-client-key.der";
#endif
#endif
/* Generic buffer size. */
byte output[ONEK_BUF];
byte decoded[sizeof(input)/sizeof(char)];
int decodedSz = 0;
#ifndef NO_FILESYSTEM
XFILE certFile = XBADFILE;
XFILE keyFile = XBADFILE;
#endif
#ifdef ECC_TIMING_RESISTANT
XMEMSET(&rng, 0, sizeof(WC_RNG));
#endif
#if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
/* RSA certs and keys. */
#if defined(USE_CERT_BUFFERS_1024)
rsaCertSz = (word32)sizeof_client_cert_der_1024;
/* Allocate buffer space. */
ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */
if (rsaCert != NULL) {
XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
}
rsaPrivKeySz = (word32)sizeof_client_key_der_1024;
ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (rsaPrivKey != NULL) {
XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
}
#elif defined(USE_CERT_BUFFERS_2048)
rsaCertSz = (word32)sizeof_client_cert_der_2048;
/* Allocate buffer */
ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */
if (rsaCert != NULL) {
XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
}
rsaPrivKeySz = (word32)sizeof_client_key_der_2048;
ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (rsaPrivKey != NULL) {
XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
}
#else
/* File system. */
ExpectTrue((certFile = XFOPEN(rsaClientCert, "rb")) != XBADFILE);
rsaCertSz = (word32)FOURK_BUF;
ExpectNotNull(rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectTrue((rsaCertSz = (word32)XFREAD(rsaCert, 1, rsaCertSz,
certFile)) > 0);
if (certFile != XBADFILE)
XFCLOSE(certFile);
ExpectTrue((keyFile = XFOPEN(rsaClientKey, "rb")) != XBADFILE);
ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
rsaPrivKeySz = (word32)FOURK_BUF;
ExpectTrue((rsaPrivKeySz = (word32)XFREAD(rsaPrivKey, 1, rsaPrivKeySz,
keyFile)) > 0);
if (keyFile != XBADFILE)
XFCLOSE(keyFile);
#endif /* USE_CERT_BUFFERS */
#endif /* NO_RSA */
/* ECC */
#if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
#ifdef USE_CERT_BUFFERS_256
ExpectNotNull(eccCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */
eccCertSz = (word32)sizeof_cliecc_cert_der_256;
if (eccCert != NULL) {
XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
}
ExpectNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256;
if (eccPrivKey != NULL) {
XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
}
#else /* File system. */
ExpectTrue((certFile = XFOPEN(eccClientCert, "rb")) != XBADFILE);
eccCertSz = (word32)FOURK_BUF;
ExpectNotNull(eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectTrue((eccCertSz = (word32)XFREAD(eccCert, 1, eccCertSz,
certFile)) > 0);
if (certFile != XBADFILE) {
XFCLOSE(certFile);
}
ExpectTrue((keyFile = XFOPEN(eccClientKey, "rb")) != XBADFILE);
eccPrivKeySz = (word32)FOURK_BUF;
ExpectNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectTrue((eccPrivKeySz = (word32)XFREAD(eccPrivKey, 1, eccPrivKeySz,
keyFile)) > 0);
if (keyFile != XBADFILE) {
XFCLOSE(keyFile);
}
#endif /* USE_CERT_BUFFERS_256 */
#endif /* END HAVE_ECC */
#ifndef NO_FILESYSTEM
/* Silence. */
(void)keyFile;
(void)certFile;
#endif
{
const pkcs7EnvelopedVector testVectors[] = {
/* DATA is a global variable defined in the makefile. */
#if !defined(NO_RSA)
#ifndef NO_DES3
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, DES3b, 0, 0,
rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
#endif /* NO_DES3 */
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#ifndef NO_AES_128
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb,
0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
#endif
#ifndef NO_AES_192
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES192CBCb,
0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
#endif
#ifndef NO_AES_256
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz},
#endif
#endif /* NO_AES && HAVE_AES_CBC */
#endif /* NO_RSA */
#if defined(HAVE_ECC)
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#if !defined(NO_SHA) && !defined(NO_AES_128)
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
AES128CBCb, AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme,
eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
#endif
#if !defined(NO_SHA256) && !defined(NO_AES_256)
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme,
eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
#endif
#if defined(WOLFSSL_SHA512) && !defined(NO_AES_256)
{(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme,
eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
#endif
#endif /* NO_AES && HAVE_AES_CBC*/
#endif /* END HAVE_ECC */
}; /* END pkcs7EnvelopedVector */
#ifdef ECC_TIMING_RESISTANT
ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
testSz = (int)sizeof(testVectors)/(int)sizeof(pkcs7EnvelopedVector);
for (i = 0; i < testSz; i++) {
#ifdef ASN_BER_TO_DER
encodeSignedDataStream strm;
/* test setting stream mode, the first one using IO callbacks */
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert,
(word32)(testVectors + i)->certSz), 0);
if (pkcs7 != NULL) {
#ifdef ECC_TIMING_RESISTANT
pkcs7->rng = &rng;
#endif
if (i != 0)
pkcs7->content = (byte*)(testVectors + i)->content;
pkcs7->contentSz = (testVectors + i)->contentSz;
pkcs7->contentOID = (testVectors + i)->contentOID;
pkcs7->encryptOID = (testVectors + i)->encryptOID;
pkcs7->keyWrapOID = (testVectors + i)->keyWrapOID;
pkcs7->keyAgreeOID = (testVectors + i)->keyAgreeOID;
pkcs7->privateKey = (testVectors + i)->privateKey;
pkcs7->privateKeySz = (testVectors + i)->privateKeySz;
}
if (i == 0) {
XMEMSET(&strm, 0, sizeof(strm));
ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB,
StreamOutputCB, (void*)&strm), 0);
encodedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL, 0);
}
else {
ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL, NULL), 0);
encodedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
(word32)sizeof(output));
}
switch ((testVectors + i)->encryptOID) {
#ifndef NO_DES3
case DES3b:
case DESb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#ifdef HAVE_AESCCM
#ifdef WOLFSSL_AES_128
case AES128CCMb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#ifdef WOLFSSL_AES_192
case AES192CCMb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#ifdef WOLFSSL_AES_256
case AES256CCMb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#endif
default:
ExpectIntGE(encodedSz, 0);
}
if (encodedSz > 0) {
if (i == 0) {
decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7,
strm.out, (word32)encodedSz, decoded,
(word32)sizeof(decoded));
}
else {
decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)encodedSz, decoded, (word32)sizeof(decoded));
}
ExpectIntGE(decodedSz, 0);
/* Verify the size of each buffer. */
ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
}
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
#endif
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert,
(word32)(testVectors + i)->certSz), 0);
if (pkcs7 != NULL) {
#ifdef ECC_TIMING_RESISTANT
pkcs7->rng = &rng;
#endif
pkcs7->content = (byte*)(testVectors + i)->content;
pkcs7->contentSz = (testVectors + i)->contentSz;
pkcs7->contentOID = (testVectors + i)->contentOID;
pkcs7->encryptOID = (testVectors + i)->encryptOID;
pkcs7->keyWrapOID = (testVectors + i)->keyWrapOID;
pkcs7->keyAgreeOID = (testVectors + i)->keyAgreeOID;
pkcs7->privateKey = (testVectors + i)->privateKey;
pkcs7->privateKeySz = (testVectors + i)->privateKeySz;
}
#ifdef ASN_BER_TO_DER
/* test without setting stream mode */
ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 0);
#endif
ExpectIntGE(wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
(word32)sizeof(output)), 0);
decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded));
ExpectIntGE(decodedSz, 0);
/* Verify the size of each buffer. */
ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
/* Don't free the last time through the loop. */
if (i < testSz - 1) {
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
}
} /* END test loop. */
}
/* Test bad args. */
ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output,
(word32)sizeof(output)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL,
(word32)sizeof(output)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, 0), BAD_FUNC_ARG);
/* Decode. */
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), NULL, (word32)sizeof(decoded)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, 0), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, NULL,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, 0, decoded,
(word32)sizeof(decoded)), BAD_FUNC_ARG);
/* Should get a return of BAD_FUNC_ARG with structure data. Order matters.*/
#if defined(HAVE_ECC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
/* only a failure for KARI test cases */
if (pkcs7 != NULL) {
tempWrd32 = pkcs7->singleCertSz;
pkcs7->singleCertSz = 0;
}
#if defined(WOLFSSL_ASN_TEMPLATE)
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
BUFFER_E);
#else
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
ASN_PARSE_E);
#endif
if (pkcs7 != NULL) {
pkcs7->singleCertSz = tempWrd32;
tmpBytePtr = pkcs7->singleCert;
pkcs7->singleCert = NULL;
}
#ifndef NO_RSA
#if defined(NO_PKCS7_STREAM)
/* when none streaming mode is used and PKCS7 is in bad state buffer error
* is returned from kari parse which gets set to bad func arg */
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
BAD_FUNC_ARG);
#else
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
ASN_PARSE_E);
#endif
#endif /* !NO_RSA */
if (pkcs7 != NULL) {
pkcs7->singleCert = tmpBytePtr;
}
#endif
if (pkcs7 != NULL) {
tempWrd32 = pkcs7->privateKeySz;
pkcs7->privateKeySz = 0;
}
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->privateKeySz = tempWrd32;
tmpBytePtr = pkcs7->privateKey;
pkcs7->privateKey = NULL;
}
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, (word32)sizeof(decoded)),
BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->privateKey = tmpBytePtr;
}
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && !defined(NO_AES_256)
/* test of decrypt callback with KEKRI enveloped data */
{
int envelopedSz = 0;
const byte keyId[] = { 0x00 };
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
if (pkcs7 != NULL) {
pkcs7->content = (byte*)input;
pkcs7->contentSz = (word32)(sizeof(input)/sizeof(char));
pkcs7->contentOID = DATA;
pkcs7->encryptOID = AES256CBCb;
}
ExpectIntGT(wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP,
(byte*)defKey, sizeof(defKey), (byte*)keyId,
sizeof(keyId), NULL, NULL, 0, NULL, 0, 0), 0);
ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID), 0);
ExpectIntGT((envelopedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
(word32)sizeof(output))), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* decode envelopedData */
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_SetWrapCEKCb(pkcs7, myCEKwrapFunc), 0);
ExpectIntEQ(wc_PKCS7_SetDecodeEncryptedCb(pkcs7, myDecryptionFunc), 0);
ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)envelopedSz, decoded, sizeof(decoded))), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
#endif /* !NO_AES && !NO_AES_256 */
#ifndef NO_RSA
XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* NO_RSA */
#ifdef HAVE_ECC
XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* HAVE_ECC */
#ifdef ECC_TIMING_RESISTANT
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DES3) && \
!defined(NO_RSA) && !defined(NO_SHA)
{
byte out[7];
byte *cms = NULL;
word32 cmsSz;
XFILE cmsFile = XBADFILE;
XMEMSET(out, 0, sizeof(out));
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectTrue((cmsFile = XFOPEN("./certs/test/ktri-keyid-cms.msg", "rb"))
!= XBADFILE);
cmsSz = (word32)FOURK_BUF;
ExpectNotNull(cms = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectTrue((cmsSz = (word32)XFREAD(cms, 1, cmsSz, cmsFile)) > 0);
if (cmsFile != XBADFILE)
XFCLOSE(cmsFile);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048,
sizeof_client_cert_der_2048), 0);
if (pkcs7 != NULL) {
pkcs7->privateKey = (byte*)client_key_der_2048;
pkcs7->privateKeySz = sizeof_client_key_der_2048;
}
ExpectIntLT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
2), 0);
ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
sizeof(out)), 0);
XFREE(cms, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ExpectIntEQ(XMEMCMP(out, "test", 4), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
#endif /* USE_CERT_BUFFERS_2048 && !NO_DES3 && !NO_RSA && !NO_SHA */
#endif /* HAVE_PKCS7 */
return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeDecodeEnvelopedData() */
/*
* Testing wc_PKCS7_EncodeEncryptedData()
*/
static int test_wc_PKCS7_EncodeEncryptedData(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_PKCS7_ENCRYPTED_DATA)
PKCS7* pkcs7 = NULL;
byte* tmpBytePtr = NULL;
byte encrypted[TWOK_BUF];
byte decoded[TWOK_BUF];
word32 tmpWrd32 = 0;
int tmpInt = 0;
int decodedSz = 0;
int encryptedSz = 0;
int testSz = 0;
int i = 0;
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
#ifndef NO_DES3
byte desKey[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
};
byte des3Key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
#endif
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#ifndef NO_AES_128
byte aes128Key[] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
};
#endif
#ifndef NO_AES_192
byte aes192Key[] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
};
#endif
#ifndef NO_AES_256
byte aes256Key[] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
};
#endif
#endif /* !NO_AES && HAVE_AES_CBC */
const pkcs7EncryptedVector testVectors[] =
{
#ifndef NO_DES3
{data, (word32)sizeof(data), DATA, DES3b, des3Key, sizeof(des3Key)},
{data, (word32)sizeof(data), DATA, DESb, desKey, sizeof(desKey)},
#endif /* !NO_DES3 */
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#ifndef NO_AES_128
{data, (word32)sizeof(data), DATA, AES128CBCb, aes128Key,
sizeof(aes128Key)},
#endif
#ifndef NO_AES_192
{data, (word32)sizeof(data), DATA, AES192CBCb, aes192Key,
sizeof(aes192Key)},
#endif
#ifndef NO_AES_256
{data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key,
sizeof(aes256Key)},
#endif
#endif /* !NO_AES && HAVE_AES_CBC */
};
testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector);
for (i = 0; i < testSz; i++) {
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
if (pkcs7 != NULL) {
pkcs7->content = (byte*)testVectors[i].content;
pkcs7->contentSz = testVectors[i].contentSz;
pkcs7->contentOID = testVectors[i].contentOID;
pkcs7->encryptOID = testVectors[i].encryptOID;
pkcs7->encryptionKey = testVectors[i].encryptionKey;
pkcs7->encryptionKeySz = testVectors[i].encryptionKeySz;
pkcs7->heap = HEAP_HINT;
}
/* encode encryptedData */
ExpectIntGT(encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
sizeof(encrypted)), 0);
/* Decode encryptedData */
ExpectIntGT(decodedSz = wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted,
(word32)encryptedSz, decoded, sizeof(decoded)), 0);
ExpectIntEQ(XMEMCMP(decoded, data, decodedSz), 0);
/* Keep values for last itr. */
if (i < testSz - 1) {
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
}
}
if (pkcs7 == NULL || testSz == 0) {
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
}
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted,
sizeof(encrypted)),BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, NULL,
sizeof(encrypted)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
0), BAD_FUNC_ARG);
/* Testing the struct. */
if (pkcs7 != NULL) {
tmpBytePtr = pkcs7->content;
pkcs7->content = NULL;
}
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
sizeof(encrypted)), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->content = tmpBytePtr;
tmpWrd32 = pkcs7->contentSz;
pkcs7->contentSz = 0;
}
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
sizeof(encrypted)), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->contentSz = tmpWrd32;
tmpInt = pkcs7->encryptOID;
pkcs7->encryptOID = 0;
}
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
sizeof(encrypted)), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->encryptOID = tmpInt;
tmpBytePtr = pkcs7->encryptionKey;
pkcs7->encryptionKey = NULL;
}
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
sizeof(encrypted)), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->encryptionKey = tmpBytePtr;
tmpWrd32 = pkcs7->encryptionKeySz;
pkcs7->encryptionKeySz = 0;
}
ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
sizeof(encrypted)), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->encryptionKeySz = tmpWrd32;
}
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, (word32)encryptedSz,
decoded, sizeof(decoded)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, NULL, (word32)encryptedSz,
decoded, sizeof(decoded)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, 0,
decoded, sizeof(decoded)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, (word32)encryptedSz,
NULL, sizeof(decoded)), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, (word32)encryptedSz,
decoded, 0), BAD_FUNC_ARG);
/* Test struct fields */
if (pkcs7 != NULL) {
tmpBytePtr = pkcs7->encryptionKey;
pkcs7->encryptionKey = NULL;
}
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, (word32)encryptedSz,
decoded, sizeof(decoded)), BAD_FUNC_ARG);
if (pkcs7 != NULL) {
pkcs7->encryptionKey = tmpBytePtr;
pkcs7->encryptionKeySz = 0;
}
ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, (word32)encryptedSz,
decoded, sizeof(decoded)), BAD_FUNC_ARG);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeEncryptedData() */
/*
* Testing wc_PKCS7_Degenerate()
*/
static int test_wc_PKCS7_Degenerate(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
PKCS7* pkcs7 = NULL;
char fName[] = "./certs/test-degenerate.p7b";
XFILE f = XBADFILE;
byte der[4096];
word32 derSz = 0;
#ifndef NO_PKCS7_STREAM
word32 z;
int ret;
#endif /* !NO_PKCS7_STREAM */
ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
/* test degenerate success */
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
#ifndef NO_RSA
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < derSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, der + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
#endif /* !NO_PKCS7_STREAM */
#else
ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#endif /* NO_RSA */
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* test with turning off degenerate cases */
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
wc_PKCS7_AllowDegenerate(pkcs7, 0); /* override allowing degenerate case */
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz),
PKCS7_NO_SIGNER_E);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
wc_PKCS7_AllowDegenerate(pkcs7, 0); /* override allowing degenerate case */
/* test for streaming */
ret = -1;
for (z = 0; z < derSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, der + z, 1);
if (ret == WC_PKCS7_WANT_READ_E){
continue;
}
else
break;
}
ExpectIntEQ(ret, PKCS7_NO_SIGNER_E);
#endif /* !NO_PKCS7_STREAM */
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_Degenerate() */
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
defined(ASN_BER_TO_DER) && !defined(NO_DES3) && !defined(NO_SHA)
static byte berContent[] = {
0x30, 0x80, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x07, 0x03, 0xA0, 0x80, 0x30,
0x80, 0x02, 0x01, 0x00, 0x31, 0x82, 0x01, 0x48,
0x30, 0x82, 0x01, 0x44, 0x02, 0x01, 0x00, 0x30,
0x81, 0xAC, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E,
0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42,
0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15,
0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30,
0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10,
0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D,
0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34,
0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
0x63, 0x6F, 0x6D, 0x02, 0x09, 0x00, 0xBB, 0xD3,
0x10, 0x03, 0xE6, 0x9D, 0x28, 0x03, 0x30, 0x0D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x81, 0x80,
0x2F, 0xF9, 0x77, 0x4F, 0x04, 0x5C, 0x16, 0x62,
0xF0, 0x77, 0x8D, 0x95, 0x4C, 0xB1, 0x44, 0x9A,
0x8C, 0x3C, 0x8C, 0xE4, 0xD1, 0xC1, 0x14, 0x72,
0xD0, 0x4A, 0x1A, 0x94, 0x27, 0x0F, 0xAA, 0xE8,
0xD0, 0xA2, 0xE7, 0xED, 0x4C, 0x7F, 0x0F, 0xC7,
0x1B, 0xFB, 0x81, 0x0E, 0x76, 0x8F, 0xDD, 0x32,
0x11, 0x68, 0xA0, 0x13, 0xD2, 0x8D, 0x95, 0xEF,
0x80, 0x53, 0x81, 0x0E, 0x1F, 0xC8, 0xD6, 0x76,
0x5C, 0x31, 0xD3, 0x77, 0x33, 0x29, 0xA6, 0x1A,
0xD3, 0xC6, 0x14, 0x36, 0xCA, 0x8E, 0x7D, 0x72,
0xA0, 0x29, 0x4C, 0xC7, 0x3A, 0xAF, 0xFE, 0xF7,
0xFC, 0xD7, 0xE2, 0x8F, 0x6A, 0x20, 0x46, 0x09,
0x40, 0x22, 0x2D, 0x79, 0x38, 0x11, 0xB1, 0x4A,
0xE3, 0x48, 0xE8, 0x10, 0x37, 0xA0, 0x22, 0xF7,
0xB4, 0x79, 0xD1, 0xA9, 0x3D, 0xC2, 0xAB, 0x37,
0xAE, 0x82, 0x68, 0x1A, 0x16, 0xEF, 0x33, 0x0C,
0x30, 0x80, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x07, 0x01, 0x30, 0x14, 0x06,
0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03,
0x07, 0x04, 0x08, 0xAD, 0xD0, 0x38, 0x9B, 0x16,
0x4B, 0x7F, 0x99, 0xA0, 0x80, 0x04, 0x82, 0x03,
0xE8, 0x6D, 0x48, 0xFB, 0x8A, 0xBD, 0xED, 0x6C,
0xCD, 0xC6, 0x48, 0xFD, 0xB7, 0xB0, 0x7C, 0x86,
0x2C, 0x8D, 0xF0, 0x23, 0x12, 0xD8, 0xA3, 0x2A,
0x21, 0x6F, 0x8B, 0x75, 0xBB, 0x47, 0x7F, 0xC9,
0xBA, 0xBA, 0xFF, 0x91, 0x09, 0x01, 0x7A, 0x5C,
0x96, 0x02, 0xB8, 0x8E, 0xF8, 0x67, 0x7E, 0x8F,
0xF9, 0x51, 0x0E, 0xFF, 0x8E, 0xE2, 0x61, 0xC0,
0xDF, 0xFA, 0xE2, 0x4C, 0x50, 0x90, 0xAE, 0xA1,
0x15, 0x38, 0x3D, 0xBE, 0x88, 0xD7, 0x57, 0xC0,
0x11, 0x44, 0xA2, 0x61, 0x05, 0x49, 0x6A, 0x94,
0x04, 0x10, 0xD9, 0xC2, 0x2D, 0x15, 0x20, 0x0D,
0xBD, 0xA2, 0xEF, 0xE4, 0x68, 0xFA, 0x39, 0x75,
0x7E, 0xD8, 0x64, 0x44, 0xCB, 0xE0, 0x00, 0x6D,
0x57, 0x4E, 0x8A, 0x17, 0xA9, 0x83, 0x6C, 0x7F,
0xFE, 0x01, 0xEE, 0xDE, 0x99, 0x3A, 0xB2, 0xFF,
0xD3, 0x72, 0x78, 0xBA, 0xF1, 0x23, 0x54, 0x48,
0x02, 0xD8, 0x38, 0xA9, 0x54, 0xE5, 0x4A, 0x81,
0xB9, 0xC0, 0x67, 0xB2, 0x7D, 0x3C, 0x6F, 0xCE,
0xA4, 0xDD, 0x34, 0x5F, 0x60, 0xB1, 0xA3, 0x7A,
0xE4, 0x43, 0xF2, 0x89, 0x64, 0x35, 0x09, 0x32,
0x51, 0xFB, 0x5C, 0x67, 0x0C, 0x3B, 0xFC, 0x36,
0x6B, 0x37, 0x43, 0x6C, 0x03, 0xCD, 0x44, 0xC7,
0x2B, 0x62, 0xD6, 0xD1, 0xF4, 0x07, 0x7B, 0x19,
0x91, 0xF0, 0xD7, 0xF5, 0x54, 0xBC, 0x0F, 0x42,
0x6B, 0x69, 0xF7, 0xA3, 0xC8, 0xEE, 0xB9, 0x7A,
0x9E, 0x3D, 0xDF, 0x53, 0x47, 0xF7, 0x50, 0x67,
0x00, 0xCF, 0x2B, 0x3B, 0xE9, 0x85, 0xEE, 0xBD,
0x4C, 0x64, 0x66, 0x0B, 0x77, 0x80, 0x9D, 0xEF,
0x11, 0x32, 0x77, 0xA8, 0xA4, 0x5F, 0xEE, 0x2D,
0xE0, 0x43, 0x87, 0x76, 0x87, 0x53, 0x4E, 0xD7,
0x1A, 0x04, 0x7B, 0xE1, 0xD1, 0xE1, 0xF5, 0x87,
0x51, 0x13, 0xE0, 0xC2, 0xAA, 0xA3, 0x4B, 0xAA,
0x9E, 0xB4, 0xA6, 0x1D, 0x4E, 0x28, 0x57, 0x0B,
0x80, 0x90, 0x81, 0x4E, 0x04, 0xF5, 0x30, 0x8D,
0x51, 0xCE, 0x57, 0x2F, 0x88, 0xC5, 0x70, 0xC4,
0x06, 0x8F, 0xDD, 0x37, 0xC1, 0x34, 0x1E, 0x0E,
0x15, 0x32, 0x23, 0x92, 0xAB, 0x40, 0xEA, 0xF7,
0x43, 0xE2, 0x1D, 0xE2, 0x4B, 0xC9, 0x91, 0xF4,
0x63, 0x21, 0x34, 0xDB, 0xE9, 0x86, 0x83, 0x1A,
0xD2, 0x52, 0xEF, 0x7A, 0xA2, 0xEE, 0xA4, 0x11,
0x56, 0xD3, 0x6C, 0xF5, 0x6D, 0xE4, 0xA5, 0x2D,
0x99, 0x02, 0x10, 0xDF, 0x29, 0xC5, 0xE3, 0x0B,
0xC4, 0xA1, 0xEE, 0x5F, 0x4A, 0x10, 0xEE, 0x85,
0x73, 0x2A, 0x92, 0x15, 0x2C, 0xC8, 0xF4, 0x8C,
0xD7, 0x3D, 0xBC, 0xAD, 0x18, 0xE0, 0x59, 0xD3,
0xEE, 0x75, 0x90, 0x1C, 0xCC, 0x76, 0xC6, 0x64,
0x17, 0xD2, 0xD0, 0x91, 0xA6, 0xD0, 0xC1, 0x4A,
0xAA, 0x58, 0x22, 0xEC, 0x45, 0x98, 0xF2, 0xCC,
0x4C, 0xE4, 0xBF, 0xED, 0xF6, 0x44, 0x72, 0x36,
0x65, 0x3F, 0xE3, 0xB5, 0x8B, 0x3E, 0x54, 0x9C,
0x82, 0x86, 0x5E, 0xB0, 0xF2, 0x12, 0xE5, 0x69,
0xFA, 0x46, 0xA2, 0x54, 0xFC, 0xF5, 0x4B, 0xE0,
0x24, 0x3B, 0x99, 0x04, 0x1A, 0x7A, 0xF7, 0xD1,
0xFF, 0x68, 0x97, 0xB2, 0x85, 0x82, 0x95, 0x27,
0x2B, 0xF4, 0xE7, 0x1A, 0x74, 0x19, 0xEC, 0x8C,
0x4E, 0xA7, 0x0F, 0xAD, 0x4F, 0x5A, 0x02, 0x80,
0xC1, 0x6A, 0x9E, 0x54, 0xE4, 0x8E, 0xA3, 0x41,
0x3F, 0x6F, 0x9C, 0x82, 0x9F, 0x83, 0xB0, 0x44,
0x01, 0x5F, 0x10, 0x9D, 0xD3, 0xB6, 0x33, 0x5B,
0xAF, 0xAC, 0x6B, 0x57, 0x2A, 0x01, 0xED, 0x0E,
0x17, 0xB9, 0x80, 0x76, 0x12, 0x1C, 0x51, 0x56,
0xDD, 0x6D, 0x94, 0xAB, 0xD2, 0xE5, 0x15, 0x2D,
0x3C, 0xC5, 0xE8, 0x62, 0x05, 0x8B, 0x40, 0xB1,
0xC2, 0x83, 0xCA, 0xAC, 0x4B, 0x8B, 0x39, 0xF7,
0xA0, 0x08, 0x43, 0x5C, 0xF7, 0xE8, 0xED, 0x40,
0x72, 0x73, 0xE3, 0x6B, 0x18, 0x67, 0xA0, 0xB6,
0x0F, 0xED, 0x8F, 0x9A, 0xE4, 0x27, 0x62, 0x23,
0xAA, 0x6D, 0x6C, 0x31, 0xC9, 0x9D, 0x6B, 0xE0,
0xBF, 0x9D, 0x7D, 0x2E, 0x76, 0x71, 0x06, 0x39,
0xAC, 0x96, 0x1C, 0xAF, 0x30, 0xF2, 0x62, 0x9C,
0x84, 0x3F, 0x43, 0x5E, 0x19, 0xA8, 0xE5, 0x3C,
0x9D, 0x43, 0x3C, 0x43, 0x41, 0xE8, 0x82, 0xE7,
0x5B, 0xF3, 0xE2, 0x15, 0xE3, 0x52, 0x20, 0xFD,
0x0D, 0xB2, 0x4D, 0x48, 0xAD, 0x53, 0x7E, 0x0C,
0xF0, 0xB9, 0xBE, 0xC9, 0x58, 0x4B, 0xC8, 0xA8,
0xA3, 0x36, 0xF1, 0x2C, 0xD2, 0xE1, 0xC8, 0xC4,
0x3C, 0x48, 0x70, 0xC2, 0x6D, 0x6C, 0x3D, 0x99,
0xAC, 0x43, 0x19, 0x69, 0xCA, 0x67, 0x1A, 0xC9,
0xE1, 0x47, 0xFA, 0x0A, 0xE6, 0x5B, 0x6F, 0x61,
0xD0, 0x03, 0xE4, 0x03, 0x4B, 0xFD, 0xE2, 0xA5,
0x8D, 0x83, 0x01, 0x7E, 0xC0, 0x7B, 0x2E, 0x0B,
0x29, 0xDD, 0xD6, 0xDC, 0x71, 0x46, 0xBD, 0x9A,
0x40, 0x46, 0x1E, 0x0A, 0xB1, 0x00, 0xE7, 0x71,
0x29, 0x77, 0xFC, 0x9A, 0x76, 0x8A, 0x5F, 0x66,
0x9B, 0x63, 0x91, 0x12, 0x78, 0xBF, 0x67, 0xAD,
0xA1, 0x72, 0x9E, 0xC5, 0x3E, 0xE5, 0xCB, 0xAF,
0xD6, 0x5A, 0x0D, 0xB6, 0x9B, 0xA3, 0x78, 0xE8,
0xB0, 0x8F, 0x69, 0xED, 0xC1, 0x73, 0xD5, 0xE5,
0x1C, 0x18, 0xA0, 0x58, 0x4C, 0x49, 0xBD, 0x91,
0xCE, 0x15, 0x0D, 0xAA, 0x5A, 0x07, 0xEA, 0x1C,
0xA7, 0x4B, 0x11, 0x31, 0x80, 0xAF, 0xA1, 0x0A,
0xED, 0x6C, 0x70, 0xE4, 0xDB, 0x75, 0x86, 0xAE,
0xBF, 0x4A, 0x05, 0x72, 0xDE, 0x84, 0x8C, 0x7B,
0x59, 0x81, 0x58, 0xE0, 0xC0, 0x15, 0xB5, 0xF3,
0xD5, 0x73, 0x78, 0x83, 0x53, 0xDA, 0x92, 0xC1,
0xE6, 0x71, 0x74, 0xC7, 0x7E, 0xAA, 0x36, 0x06,
0xF0, 0xDF, 0xBA, 0xFB, 0xEF, 0x54, 0xE8, 0x11,
0xB2, 0x33, 0xA3, 0x0B, 0x9E, 0x0C, 0x59, 0x75,
0x13, 0xFA, 0x7F, 0x88, 0xB9, 0x86, 0xBD, 0x1A,
0xDB, 0x52, 0x12, 0xFB, 0x6D, 0x1A, 0xCB, 0x49,
0x94, 0x94, 0xC4, 0xA9, 0x99, 0xC0, 0xA4, 0xB6,
0x60, 0x36, 0x09, 0x94, 0x2A, 0xD5, 0xC4, 0x26,
0xF4, 0xA3, 0x6A, 0x0E, 0x57, 0x8B, 0x7C, 0xA4,
0x1D, 0x75, 0xE8, 0x2A, 0xF3, 0xC4, 0x3C, 0x7D,
0x45, 0x6D, 0xD8, 0x24, 0xD1, 0x3B, 0xF7, 0xCF,
0xE4, 0x45, 0x2A, 0x55, 0xE5, 0xA9, 0x1F, 0x1C,
0x8F, 0x55, 0x8D, 0xC1, 0xF7, 0x74, 0xCC, 0x26,
0xC7, 0xBA, 0x2E, 0x5C, 0xC1, 0x71, 0x0A, 0xAA,
0xD9, 0x6D, 0x76, 0xA7, 0xF9, 0xD1, 0x18, 0xCB,
0x5A, 0x52, 0x98, 0xA8, 0x0D, 0x3F, 0x06, 0xFC,
0x49, 0x11, 0x21, 0x5F, 0x86, 0x19, 0x33, 0x81,
0xB5, 0x7A, 0xDA, 0xA1, 0x47, 0xBF, 0x7C, 0xD7,
0x05, 0x96, 0xC7, 0xF5, 0xC1, 0x61, 0xE5, 0x18,
0xA5, 0x38, 0x68, 0xED, 0xB4, 0x17, 0x62, 0x0D,
0x01, 0x5E, 0xC3, 0x04, 0xA6, 0xBA, 0xB1, 0x01,
0x60, 0x5C, 0xC1, 0x3A, 0x34, 0x97, 0xD6, 0xDB,
0x67, 0x73, 0x4D, 0x33, 0x96, 0x01, 0x67, 0x44,
0xEA, 0x47, 0x5E, 0x44, 0xB5, 0xE5, 0xD1, 0x6C,
0x20, 0xA9, 0x6D, 0x4D, 0xBC, 0x02, 0xF0, 0x70,
0xE4, 0xDD, 0xE9, 0xD5, 0x5C, 0x28, 0x29, 0x0B,
0xB4, 0x60, 0x2A, 0xF1, 0xF7, 0x1A, 0xF0, 0x36,
0xAE, 0x51, 0x3A, 0xAE, 0x6E, 0x48, 0x7D, 0xC7,
0x5C, 0xF3, 0xDC, 0xF6, 0xED, 0x27, 0x4E, 0x8E,
0x48, 0x18, 0x3E, 0x08, 0xF1, 0xD8, 0x3D, 0x0D,
0xE7, 0x2F, 0x65, 0x8A, 0x6F, 0xE2, 0x1E, 0x06,
0xC1, 0x04, 0x58, 0x7B, 0x4A, 0x75, 0x60, 0x92,
0x13, 0xC6, 0x40, 0x2D, 0x3A, 0x8A, 0xD1, 0x03,
0x05, 0x1F, 0x28, 0x66, 0xC2, 0x57, 0x2A, 0x4C,
0xE1, 0xA3, 0xCB, 0xA1, 0x95, 0x30, 0x10, 0xED,
0xDF, 0xAE, 0x70, 0x49, 0x4E, 0xF6, 0xB4, 0x5A,
0xB6, 0x22, 0x56, 0x37, 0x05, 0xE7, 0x3E, 0xB2,
0xE3, 0x96, 0x62, 0xEC, 0x09, 0x53, 0xC0, 0x50,
0x3D, 0xA7, 0xBC, 0x9B, 0x39, 0x02, 0x26, 0x16,
0xB5, 0x34, 0x17, 0xD4, 0xCA, 0xFE, 0x1D, 0xE4,
0x5A, 0xDA, 0x4C, 0xC2, 0xCA, 0x8E, 0x79, 0xBF,
0xD8, 0x4C, 0xBB, 0xFA, 0x30, 0x7B, 0xA9, 0x3E,
0x52, 0x19, 0xB1, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00
};
#endif /* HAVE_PKCS7 && !NO_FILESYSTEM && ASN_BER_TO_DER &&
* !NO_DES3 && !NO_SHA
*/
/*
* Testing wc_PKCS7_BER()
*/
static int test_wc_PKCS7_BER(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
!defined(NO_SHA) && defined(ASN_BER_TO_DER)
PKCS7* pkcs7 = NULL;
char fName[] = "./certs/test-ber-exp02-05-2022.p7b";
XFILE f = XBADFILE;
byte der[4096];
#ifndef NO_DES3
byte decoded[2048];
#endif
word32 derSz = 0;
#ifndef NO_PKCS7_STREAM
word32 z;
int ret;
#endif /* !NO_PKCS7_STREAM */
ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
#ifndef NO_RSA
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < derSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, der + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
#endif /* !NO_PKCS7_STREAM */
#else
ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#endif
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_DES3
/* decode BER content */
ExpectTrue((f = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE);
ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
#ifndef NO_RSA
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
#else
ExpectIntNE(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
#endif
ExpectTrue((f = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE);
ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
if (pkcs7 != NULL) {
pkcs7->privateKey = der;
pkcs7->privateKeySz = derSz;
}
#ifndef NO_RSA
#ifdef WOLFSSL_SP_MATH
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
sizeof(berContent), decoded, sizeof(decoded)), WC_KEY_SIZE_E);
#else
ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
sizeof(berContent), decoded, sizeof(decoded)), 0);
#endif
#else
ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
sizeof(berContent), decoded, sizeof(decoded)), NOT_COMPILED_IN);
#endif
wc_PKCS7_Free(pkcs7);
#endif /* !NO_DES3 */
#endif
return EXPECT_RESULT();
} /* END test_wc_PKCS7_BER() */
static int test_wc_PKCS7_signed_enveloped(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_RSA) && !defined(NO_AES) && \
!defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
PKCS7* pkcs7 = NULL;
#ifdef HAVE_AES_CBC
PKCS7* inner = NULL;
#endif
WC_RNG rng;
unsigned char key[FOURK_BUF/2];
unsigned char cert[FOURK_BUF/2];
unsigned char env[FOURK_BUF];
int envSz = FOURK_BUF;
int keySz = 0;
int certSz = 0;
unsigned char sig[FOURK_BUF * 2];
int sigSz = FOURK_BUF * 2;
#ifdef HAVE_AES_CBC
unsigned char decoded[FOURK_BUF];
int decodedSz = FOURK_BUF;
#endif
#ifndef NO_PKCS7_STREAM
int z;
int ret;
#endif /* !NO_PKCS7_STREAM */
XMEMSET(&rng, 0, sizeof(WC_RNG));
/* load cert */
ExpectTrue((f = XFOPEN(cliCertDerFile, "rb")) != XBADFILE);
ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), f)), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
/* load key */
ExpectTrue((f = XFOPEN(cliKeyFile, "rb")) != XBADFILE);
ExpectIntGT((keySz = (int)XFREAD(key, 1, sizeof(key), f)), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntGT(keySz = wolfSSL_KeyPemToDer(key, keySz, key, keySz, NULL), 0);
/* sign cert for envelope */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = cert;
pkcs7->contentSz = (word32)certSz;
pkcs7->contentOID = DATA;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)keySz;
pkcs7->encryptOID = RSAk;
pkcs7->hashOID = SHA256h;
pkcs7->rng = &rng;
}
ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, (word32)sigSz)), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#ifdef HAVE_AES_CBC
/* create envelope */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = sig;
pkcs7->contentSz = (word32)sigSz;
pkcs7->contentOID = DATA;
pkcs7->encryptOID = AES256CBCb;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)keySz;
}
ExpectIntGT((envSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, env, (word32)envSz)), 0);
ExpectIntLT(wc_PKCS7_EncodeEnvelopedData(pkcs7, env, 2), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif
/* create bad signed enveloped data */
sigSz = FOURK_BUF * 2;
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz), 0);
if (pkcs7 != NULL) {
pkcs7->content = env;
pkcs7->contentSz = (word32)envSz;
pkcs7->contentOID = DATA;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)keySz;
pkcs7->encryptOID = RSAk;
pkcs7->hashOID = SHA256h;
pkcs7->rng = &rng;
}
/* Set no certs in bundle for this test. */
if (pkcs7 != NULL) {
ExpectIntEQ(wc_PKCS7_SetNoCerts(pkcs7, 1), 0);
ExpectIntEQ(wc_PKCS7_SetNoCerts(NULL, 1), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_GetNoCerts(pkcs7), 1);
}
ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, (word32)sigSz)), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* check verify fails */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, (word32)sigSz),
PKCS7_SIGNEEDS_CHECK);
/* try verifying the signature manually */
{
RsaKey rKey;
word32 idx = 0;
byte digest[MAX_SEQ_SZ + MAX_ALGO_SZ + MAX_OCTET_STR_SZ +
WC_MAX_DIGEST_SIZE];
int digestSz = 0;
ExpectIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, (word32)keySz), 0);
ExpectIntGT(digestSz = wc_RsaSSL_Verify(pkcs7->signature,
pkcs7->signatureSz, digest, sizeof(digest), &rKey), 0);
ExpectIntEQ(digestSz, pkcs7->pkcs7DigestSz);
ExpectIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0);
ExpectIntEQ(wc_FreeRsaKey(&rKey), 0);
/* verify was success */
}
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* initializing the PKCS7 struct with the signing certificate should pass */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, (word32)sigSz), 0);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < sigSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, sig + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
#endif /* !NO_PKCS7_STREAM */
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* create valid degenerate bundle */
sigSz = FOURK_BUF * 2;
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
if (pkcs7 != NULL) {
pkcs7->content = env;
pkcs7->contentSz = (word32)envSz;
pkcs7->contentOID = DATA;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)keySz;
pkcs7->encryptOID = RSAk;
pkcs7->hashOID = SHA256h;
pkcs7->rng = &rng;
}
ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0);
ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, (word32)sigSz)), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
wc_FreeRng(&rng);
/* check verify */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, (word32)sigSz), 0);
ExpectNotNull(pkcs7->content);
#ifndef NO_PKCS7_STREAM
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* create valid degenerate bundle */
sigSz = FOURK_BUF * 2;
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
if (pkcs7 != NULL) {
pkcs7->content = env;
pkcs7->contentSz = (word32)envSz;
pkcs7->contentOID = DATA;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)keySz;
pkcs7->encryptOID = RSAk;
pkcs7->hashOID = SHA256h;
pkcs7->rng = &rng;
}
ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0);
ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, (word32)sigSz)), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
wc_FreeRng(&rng);
/* check verify */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < sigSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, sig + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
#endif /* !NO_PKCS7_STREAM */
#ifdef HAVE_AES_CBC
/* check decode */
ExpectNotNull(inner = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_InitWithCert(inner, cert, (word32)certSz), 0);
if (inner != NULL) {
inner->privateKey = key;
inner->privateKeySz = (word32)keySz;
}
ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(inner, pkcs7->content,
pkcs7->contentSz, decoded, (word32)decodedSz)), 0);
wc_PKCS7_Free(inner);
inner = NULL;
#endif
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifdef HAVE_AES_CBC
/* check cert set */
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, decoded, (word32)decodedSz), 0);
ExpectNotNull(pkcs7->singleCert);
ExpectIntNE(pkcs7->singleCertSz, 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#ifndef NO_PKCS7_STREAM
ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < decodedSz && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(pkcs7, decoded + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectNotNull(pkcs7->singleCert);
ExpectIntNE(pkcs7->singleCertSz, 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
#endif /* !NO_PKCS7_STREAM */
#endif
#endif /* HAVE_PKCS7 && !NO_RSA && !NO_AES */
return EXPECT_RESULT();
}
static int test_wc_PKCS7_NoDefaultSignedAttribs(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES)
PKCS7* pkcs7 = NULL;
void* heap = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(pkcs7), 0);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
}
static int test_wc_PKCS7_SetOriEncryptCtx(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES)
PKCS7* pkcs7 = NULL;
void* heap = NULL;
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(NULL, ctx), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(pkcs7, ctx), 0);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
}
static int test_wc_PKCS7_SetOriDecryptCtx(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES)
PKCS7* pkcs7 = NULL;
void* heap = NULL;
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(NULL, ctx), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(pkcs7, ctx), 0);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
}
static int test_wc_PKCS7_DecodeCompressedData(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES) && defined(HAVE_LIBZ)
PKCS7* pkcs7 = NULL;
void* heap = NULL;
byte out[4096];
byte* decompressed = NULL;
int outSz;
int decompressedSz;
const char* cert = "./certs/client-cert.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0;
ExpectIntEQ(load_file(cert, &cert_buf, &cert_sz), 0);
ExpectNotNull((decompressed = (byte*)XMALLOC(cert_sz, heap,
DYNAMIC_TYPE_TMP_BUFFER)));
decompressedSz = (int)cert_sz;
ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
if (pkcs7 != NULL) {
pkcs7->content = (byte*)cert_buf;
pkcs7->contentSz = (word32)cert_sz;
pkcs7->contentOID = DATA;
}
ExpectIntGT((outSz = wc_PKCS7_EncodeCompressedData(pkcs7, out,
sizeof(out))), 0);
wc_PKCS7_Free(pkcs7);
pkcs7 = NULL;
/* compressed key should be smaller than when started */
ExpectIntLT(outSz, cert_sz);
/* test decompression */
ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
ExpectIntEQ(pkcs7->contentOID, 0);
/* fail case with out buffer too small */
ExpectIntLT(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
decompressed, outSz), 0);
/* success case */
ExpectIntEQ(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
decompressed, decompressedSz), cert_sz);
ExpectIntEQ(pkcs7->contentOID, DATA);
ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
decompressed = NULL;
/* test decompression function with different 'max' inputs */
outSz = sizeof(out);
ExpectIntGT((outSz = wc_Compress(out, outSz, cert_buf, (word32)cert_sz, 0)),
0);
ExpectIntLT(wc_DeCompressDynamic(&decompressed, 1, DYNAMIC_TYPE_TMP_BUFFER,
out, outSz, 0, heap), 0);
ExpectNull(decompressed);
ExpectIntGT(wc_DeCompressDynamic(&decompressed, -1, DYNAMIC_TYPE_TMP_BUFFER,
out, outSz, 0, heap), 0);
ExpectNotNull(decompressed);
ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
decompressed = NULL;
ExpectIntGT(wc_DeCompressDynamic(&decompressed, DYNAMIC_TYPE_TMP_BUFFER, 5,
out, outSz, 0, heap), 0);
ExpectNotNull(decompressed);
ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (cert_buf != NULL)
free(cert_buf);
wc_PKCS7_Free(pkcs7);
#endif
return EXPECT_RESULT();
}
static int test_wc_i2d_PKCS12(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_PWDBASED) && defined(HAVE_PKCS12) \
&& !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES) && !defined(NO_SHA)
WC_PKCS12* pkcs12 = NULL;
unsigned char der[FOURK_BUF * 2];
unsigned char* pt;
int derSz = 0;
unsigned char out[FOURK_BUF * 2];
int outSz = FOURK_BUF * 2;
const char p12_f[] = "./certs/test-servercert.p12";
XFILE f = XBADFILE;
ExpectTrue((f = XFOPEN(p12_f, "rb")) != XBADFILE);
ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(pkcs12 = wc_PKCS12_new());
ExpectIntEQ(wc_d2i_PKCS12(der, (word32)derSz, pkcs12), 0);
ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
ExpectIntEQ(outSz, derSz);
outSz = derSz - 1;
pt = out;
ExpectIntLE(wc_i2d_PKCS12(pkcs12, &pt, &outSz), 0);
outSz = derSz;
ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, &outSz), derSz);
ExpectIntEQ((pt == out), 0);
pt = NULL;
ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, NULL), derSz);
XFREE(pt, NULL, DYNAMIC_TYPE_PKCS);
wc_PKCS12_free(pkcs12);
pkcs12 = NULL;
/* Run the same test but use wc_d2i_PKCS12_fp. */
ExpectNotNull(pkcs12 = wc_PKCS12_new());
ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
ExpectIntEQ(outSz, derSz);
wc_PKCS12_free(pkcs12);
pkcs12 = NULL;
/* wc_d2i_PKCS12_fp can also allocate the PKCS12 object for the caller. */
ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
ExpectIntEQ(outSz, derSz);
wc_PKCS12_free(pkcs12);
pkcs12 = NULL;
#endif
return EXPECT_RESULT();
}
/* Testing wc_SignatureGetSize() for signature type ECC */
static int test_wc_SignatureGetSize_ecc(void)
{
EXPECT_DECLS;
#if !defined(NO_SIG_WRAPPER) && defined(HAVE_ECC) && !defined(NO_ECC256)
enum wc_SignatureType sig_type;
word32 key_len;
ecc_key ecc;
const char* qx =
"fa2737fb93488d19caef11ae7faf6b7f4bcd67b286e3fc54e8a65c2b74aeccb0";
const char* qy =
"d4ccd6dae698208aa8c3a6f39e45510d03be09b2f124bfc067856c324f9b4d09";
const char* d =
"be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
XMEMSET(&ecc, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&ecc), 0);
ExpectIntEQ(wc_ecc_import_raw(&ecc, qx, qy, d, "SECP256R1"), 0);
/* Input for signature type ECC */
sig_type = WC_SIGNATURE_TYPE_ECC;
key_len = sizeof(ecc_key);
ExpectIntGT(wc_SignatureGetSize(sig_type, &ecc, key_len), 0);
/* Test bad args */
/* // NOLINTBEGIN(clang-analyzer-optin.core.EnumCastOutOfRange) */
sig_type = (enum wc_SignatureType) 100;
/* // NOLINTEND(clang-analyzer-optin.core.EnumCastOutOfRange) */
ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG);
sig_type = WC_SIGNATURE_TYPE_ECC;
ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0);
key_len = (word32)0;
ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG);
DoExpectIntEQ(wc_ecc_free(&ecc), 0);
#endif /* !NO_SIG_WRAPPER && HAVE_ECC && !NO_ECC256 */
return EXPECT_RESULT();
} /* END test_wc_SignatureGetSize_ecc() */
/* Testing wc_SignatureGetSize() for signature type rsa */
static int test_wc_SignatureGetSize_rsa(void)
{
EXPECT_DECLS;
#if !defined(NO_SIG_WRAPPER) && !defined(NO_RSA)
enum wc_SignatureType sig_type;
word32 key_len;
word32 idx = 0;
RsaKey rsa_key;
byte* tmp = NULL;
size_t bytes;
XMEMSET(&rsa_key, 0, sizeof(RsaKey));
#ifdef USE_CERT_BUFFERS_1024
bytes = (size_t)sizeof_client_key_der_1024;
if (bytes < (size_t)sizeof_client_key_der_1024)
bytes = (size_t)sizeof_client_cert_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
bytes = (size_t)sizeof_client_key_der_2048;
if (bytes < (size_t)sizeof_client_cert_der_2048)
bytes = (size_t)sizeof_client_cert_der_2048;
#else
bytes = FOURK_BUF;
#endif
ExpectNotNull(tmp = (byte*)XMALLOC(bytes, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (tmp != NULL) {
#ifdef USE_CERT_BUFFERS_1024
XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024);
#elif defined(USE_CERT_BUFFERS_2048)
XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048);
#elif !defined(NO_FILESYSTEM)
XFILE file = XBADFILE;
ExpectTrue((file = XFOPEN(clientKey, "rb")) != XBADFILE);
ExpectIntGT(bytes = (size_t)XFREAD(tmp, 1, FOURK_BUF, file), 0);
if (file != XBADFILE)
XFCLOSE(file);
}
#else
ExpectFail();
#endif
}
ExpectIntEQ(wc_InitRsaKey_ex(&rsa_key, HEAP_HINT, testDevId), 0);
ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &rsa_key, (word32)bytes), 0);
/* Input for signature type RSA */
sig_type = WC_SIGNATURE_TYPE_RSA;
key_len = sizeof(RsaKey);
ExpectIntGT(wc_SignatureGetSize(sig_type, &rsa_key, key_len), 0);
/* Test bad args */
/* // NOLINTBEGIN(clang-analyzer-optin.core.EnumCastOutOfRange) */
sig_type = (enum wc_SignatureType)100;
/* // NOLINTEND(clang-analyzer-optin.core.EnumCastOutOfRange) */
ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG);
sig_type = WC_SIGNATURE_TYPE_RSA;
ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), BAD_FUNC_ARG);
key_len = (word32)0;
ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRsaKey(&rsa_key), 0);
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* !NO_SIG_WRAPPER && !NO_RSA */
return EXPECT_RESULT();
} /* END test_wc_SignatureGetSize_rsa(void) */
/*----------------------------------------------------------------------------*
| hash.h Tests
*----------------------------------------------------------------------------*/
static int test_wc_HashInit(void)
{
EXPECT_DECLS;
int i; /* 0 indicates tests passed, 1 indicates failure */
wc_HashAlg hash;
/* enum for holding supported algorithms, #ifndef's restrict if disabled */
enum wc_HashType enumArray[] = {
#ifndef NO_MD5
WC_HASH_TYPE_MD5,
#endif
#ifndef NO_SHA
WC_HASH_TYPE_SHA,
#endif
#ifdef WOLFSSL_SHA224
WC_HASH_TYPE_SHA224,
#endif
#ifndef NO_SHA256
WC_HASH_TYPE_SHA256,
#endif
#ifdef WOLFSSL_SHA384
WC_HASH_TYPE_SHA384,
#endif
#ifdef WOLFSSL_SHA512
WC_HASH_TYPE_SHA512,
#endif
};
/* dynamically finds the length */
int enumlen = (sizeof(enumArray)/sizeof(enum wc_HashType));
/* For loop to test various arguments... */
for (i = 0; i < enumlen; i++) {
/* check for bad args */
ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
wc_HashFree(&hash, enumArray[i]);
/* check for null ptr */
ExpectIntEQ(wc_HashInit(NULL, enumArray[i]), BAD_FUNC_ARG);
} /* end of for loop */
return EXPECT_RESULT();
} /* end of test_wc_HashInit */
/*
* Unit test function for wc_HashSetFlags()
*/
static int test_wc_HashSetFlags(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_HASH_FLAGS
wc_HashAlg hash;
word32 flags = 0;
int i, j;
int notSupportedLen;
/* enum for holding supported algorithms, #ifndef's restrict if disabled */
enum wc_HashType enumArray[] = {
#ifndef NO_MD5
WC_HASH_TYPE_MD5,
#endif
#ifndef NO_SHA
WC_HASH_TYPE_SHA,
#endif
#ifdef WOLFSSL_SHA224
WC_HASH_TYPE_SHA224,
#endif
#ifndef NO_SHA256
WC_HASH_TYPE_SHA256,
#endif
#ifdef WOLFSSL_SHA384
WC_HASH_TYPE_SHA384,
#endif
#ifdef WOLFSSL_SHA512
WC_HASH_TYPE_SHA512,
#endif
#ifdef WOLFSSL_SHA3
WC_HASH_TYPE_SHA3_224,
#endif
};
enum wc_HashType notSupported[] = {
WC_HASH_TYPE_MD5_SHA,
WC_HASH_TYPE_MD2,
WC_HASH_TYPE_MD4,
WC_HASH_TYPE_BLAKE2B,
WC_HASH_TYPE_BLAKE2S,
WC_HASH_TYPE_NONE,
};
/* dynamically finds the length */
int enumlen = (sizeof(enumArray)/sizeof(enum wc_HashType));
/* For loop to test various arguments... */
for (i = 0; i < enumlen; i++) {
ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
ExpectIntEQ(wc_HashSetFlags(&hash, enumArray[i], flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
ExpectIntEQ(wc_HashSetFlags(NULL, enumArray[i], flags), BAD_FUNC_ARG);
wc_HashFree(&hash, enumArray[i]);
}
/* For loop to test not supported cases */
notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType));
for (j = 0; j < notSupportedLen; j++) {
ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG);
ExpectIntEQ(wc_HashSetFlags(&hash, notSupported[j], flags),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG);
}
#endif
return EXPECT_RESULT();
} /* END test_wc_HashSetFlags */
/*
* Unit test function for wc_HashGetFlags()
*/
static int test_wc_HashGetFlags(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_HASH_FLAGS
wc_HashAlg hash;
word32 flags = 0;
int i, j;
/* enum for holding supported algorithms, #ifndef's restrict if disabled */
enum wc_HashType enumArray[] = {
#ifndef NO_MD5
WC_HASH_TYPE_MD5,
#endif
#ifndef NO_SHA
WC_HASH_TYPE_SHA,
#endif
#ifdef WOLFSSL_SHA224
WC_HASH_TYPE_SHA224,
#endif
#ifndef NO_SHA256
WC_HASH_TYPE_SHA256,
#endif
#ifdef WOLFSSL_SHA384
WC_HASH_TYPE_SHA384,
#endif
#ifdef WOLFSSL_SHA512
WC_HASH_TYPE_SHA512,
#endif
#ifdef WOLFSSL_SHA3
WC_HASH_TYPE_SHA3_224,
#endif
};
enum wc_HashType notSupported[] = {
WC_HASH_TYPE_MD5_SHA,
WC_HASH_TYPE_MD2,
WC_HASH_TYPE_MD4,
WC_HASH_TYPE_BLAKE2B,
WC_HASH_TYPE_BLAKE2S,
WC_HASH_TYPE_NONE,
};
int enumlen = (sizeof(enumArray)/sizeof(enum wc_HashType));
int notSupportedLen;
/* For loop to test various arguments... */
for (i = 0; i < enumlen; i++) {
ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
ExpectIntEQ(wc_HashGetFlags(&hash, enumArray[i], &flags), 0);
ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
ExpectIntEQ(wc_HashGetFlags(NULL, enumArray[i], &flags), BAD_FUNC_ARG);
wc_HashFree(&hash, enumArray[i]);
}
/* For loop to test not supported cases */
notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType));
for (j = 0; j < notSupportedLen; j++) {
ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG);
ExpectIntEQ(wc_HashGetFlags(&hash, notSupported[j], &flags),
BAD_FUNC_ARG);
ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG);
}
#endif
return EXPECT_RESULT();
} /* END test_wc_HashGetFlags */
/*----------------------------------------------------------------------------*
| Compatibility Tests
*----------------------------------------------------------------------------*/
/*----------------------------------------------------------------------------*
| ASN.1 Tests
*----------------------------------------------------------------------------*/
static int test_wolfSSL_ASN1_BIT_STRING(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(OPENSSL_ALL)
ASN1_BIT_STRING* str = NULL;
ExpectNotNull(str = ASN1_BIT_STRING_new());
/* Empty data testing. */
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 1), 0);
ASN1_BIT_STRING_free(str);
str = NULL;
ExpectNotNull(str = ASN1_BIT_STRING_new());
/* Invalid parameter testing. */
ExpectIntEQ(ASN1_BIT_STRING_set_bit(NULL, 42, 1), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, -1, 1), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 2), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, -1), 0);
/* No bit string - bit is always 0. */
ExpectIntEQ(ASN1_BIT_STRING_get_bit(NULL, 42), 0);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(NULL, -1), 0);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, -1), 0);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 0), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 1), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 42), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 41), 0);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, -1), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 84, 1), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 84), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 83), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 91, 0), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 91), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 89, 0), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 89), 0);
ExpectIntEQ(ASN1_BIT_STRING_set_bit(str, 42, 0), 1);
ExpectIntEQ(ASN1_BIT_STRING_get_bit(str, 42), 0);
ASN1_BIT_STRING_free(str);
ASN1_BIT_STRING_free(NULL);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER* a = NULL;
ASN1_INTEGER* dup = NULL;
const unsigned char invalidLenDer[] = {
0x02, 0x20, 0x00
};
const unsigned char longDer[] = {
0x02, 0x20,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
};
const unsigned char* p;
/* Invalid parameter testing. */
ASN1_INTEGER_free(NULL);
ExpectNull(wolfSSL_ASN1_INTEGER_dup(NULL));
ExpectNotNull(a = ASN1_INTEGER_new());
ExpectNotNull(dup = wolfSSL_ASN1_INTEGER_dup(a));
ASN1_INTEGER_free(dup);
dup = NULL;
ASN1_INTEGER_free(a);
a = NULL;
p = longDer;
ExpectNull(d2i_ASN1_INTEGER(NULL, &p, sizeof(invalidLenDer)));
p = longDer;
ExpectNotNull(a = d2i_ASN1_INTEGER(NULL, &p, sizeof(longDer)));
ExpectPtrNE(p, longDer);
ExpectNotNull(dup = wolfSSL_ASN1_INTEGER_dup(a));
ASN1_INTEGER_free(dup);
ASN1_INTEGER_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER_cmp(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER* a = NULL;
ASN1_INTEGER* b = NULL;
ExpectNotNull(a = ASN1_INTEGER_new());
ExpectNotNull(b = ASN1_INTEGER_new());
ExpectIntEQ(ASN1_INTEGER_set(a, 1), 1);
ExpectIntEQ(ASN1_INTEGER_set(b, 1), 1);
/* Invalid parameter testing. */
ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(NULL, NULL), -1);
ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, NULL), -1);
ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(NULL, b), -1);
ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, b), 0);
ExpectIntEQ(ASN1_INTEGER_set(b, -1), 1);
ExpectIntGT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0);
ExpectIntEQ(ASN1_INTEGER_set(a, -2), 1);
ExpectIntLT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0);
ExpectIntEQ(ASN1_INTEGER_set(b, 1), 1);
ExpectIntLT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0);
ExpectIntEQ(ASN1_INTEGER_set(a, 0x01), 1);
ExpectIntEQ(ASN1_INTEGER_set(b, 0x1000), 1);
ExpectIntLT(wolfSSL_ASN1_INTEGER_cmp(a, b), 0);
ExpectIntGT(wolfSSL_ASN1_INTEGER_cmp(b, a), 0);
ASN1_INTEGER_free(b);
ASN1_INTEGER_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER_BN(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER* ai = NULL;
ASN1_INTEGER* ai2 = NULL;
BIGNUM* bn = NULL;
BIGNUM* bn2 = NULL;
ExpectNotNull(ai = ASN1_INTEGER_new());
ExpectNotNull(bn2 = BN_new());
/* Invalid parameter testing. */
ExpectNull(bn = ASN1_INTEGER_to_BN(NULL, NULL));
ExpectNull(ai2 = BN_to_ASN1_INTEGER(NULL, NULL));
/* at the moment hard setting since no set function */
if (ai != NULL) {
ai->data[0] = 0xff; /* No DER encoding. */
ai->length = 1;
}
#if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, NULL));
BN_free(bn);
bn = NULL;
#else
ExpectNull(ASN1_INTEGER_to_BN(ai, NULL));
#endif
if (ai != NULL) {
ai->data[0] = 0x02; /* tag for ASN_INTEGER */
ai->data[1] = 0x04; /* bad length of integer */
ai->data[2] = 0x03;
ai->length = 3;
}
#if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
/* Interpreted as a number 0x020403. */
ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, NULL));
BN_free(bn);
bn = NULL;
#else
ExpectNull(ASN1_INTEGER_to_BN(ai, NULL));
#endif
if (ai != NULL) {
ai->data[0] = 0x02; /* tag for ASN_INTEGER */
ai->data[1] = 0x01; /* length of integer */
ai->data[2] = 0x03;
ai->length = 3;
}
ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, NULL));
ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, NULL));
ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0);
ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2));
ExpectIntEQ(BN_cmp(bn, bn2), 0);
if (ai != NULL) {
ai->data[0] = 0x02; /* tag for ASN_INTEGER */
ai->data[1] = 0x02; /* length of integer */
ai->data[2] = 0x00; /* padding byte to ensure positive */
ai->data[3] = 0xff;
ai->length = 4;
}
ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, bn));
ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, ai2));
ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0);
ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2));
ExpectIntEQ(BN_cmp(bn, bn2), 0);
if (ai != NULL) {
ai->data[0] = 0x02; /* tag for ASN_INTEGER */
ai->data[1] = 0x01; /* length of integer */
ai->data[2] = 0x00;
ai->length = 3;
}
ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, bn));
ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, ai2));
ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0);
ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2));
ExpectIntEQ(BN_cmp(bn, bn2), 0);
if (ai != NULL) {
ai->data[0] = 0x02; /* tag for ASN_INTEGER */
ai->data[1] = 0x01; /* length of integer */
ai->data[2] = 0x01;
ai->length = 3;
ai->negative = 1;
}
ExpectNotNull(bn = ASN1_INTEGER_to_BN(ai, bn));
ExpectNotNull(ai2 = BN_to_ASN1_INTEGER(bn, ai2));
ExpectIntEQ(ASN1_INTEGER_cmp(ai, ai2), 0);
ExpectNotNull(bn2 = ASN1_INTEGER_to_BN(ai2, bn2));
ExpectIntEQ(BN_cmp(bn, bn2), 0);
BN_free(bn2);
BN_free(bn);
ASN1_INTEGER_free(ai2);
ASN1_INTEGER_free(ai);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER_get_set(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER *a = NULL;
long val;
ExpectNotNull(a = ASN1_INTEGER_new());
/* Invalid parameter testing. */
ExpectIntEQ(ASN1_INTEGER_get(NULL), 0);
#if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
ExpectIntEQ(ASN1_INTEGER_get(a), 0);
#else
ExpectIntEQ(ASN1_INTEGER_get(a), -1);
#endif
ASN1_INTEGER_free(a);
a = NULL;
ExpectNotNull(a = ASN1_INTEGER_new());
val = 0;
ExpectIntEQ(ASN1_INTEGER_set(NULL, val), 0);
ASN1_INTEGER_free(a);
a = NULL;
/* 0 */
ExpectNotNull(a = ASN1_INTEGER_new());
val = 0;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* 40 */
ExpectNotNull(a = ASN1_INTEGER_new());
val = 40;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* -40 */
ExpectNotNull(a = ASN1_INTEGER_new());
val = -40;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* 128 */
ExpectNotNull(a = ASN1_INTEGER_new());
val = 128;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* -128 */
ExpectNotNull(a = ASN1_INTEGER_new());
val = -128;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* 200 */
ExpectNotNull(a = ASN1_INTEGER_new());
val = 200;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* int max (2147483647) */
ExpectNotNull(a = ASN1_INTEGER_new());
val = 2147483647;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* int min (-2147483648) */
ExpectNotNull(a = ASN1_INTEGER_new());
val = -2147483647 - 1;
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
a = NULL;
/* long max positive */
ExpectNotNull(a = ASN1_INTEGER_new());
val = (long)(((unsigned long)-1) >> 1);
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA)
typedef struct ASN1IntTestVector {
const byte* der;
const size_t derSz;
const long value;
} ASN1IntTestVector;
#endif
static int test_wolfSSL_d2i_ASN1_INTEGER(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
size_t i;
WOLFSSL_ASN1_INTEGER* a = NULL;
WOLFSSL_ASN1_INTEGER* b = NULL;
WOLFSSL_ASN1_INTEGER* c = NULL;
const byte* p = NULL;
byte* p2 = NULL;
byte* reEncoded = NULL;
int reEncodedSz = 0;
static const byte zeroDer[] = {
0x02, 0x01, 0x00
};
static const byte oneDer[] = {
0x02, 0x01, 0x01
};
static const byte negativeDer[] = {
0x02, 0x03, 0xC1, 0x16, 0x0D
};
static const byte positiveDer[] = {
0x02, 0x03, 0x01, 0x00, 0x01
};
static const byte primeDer[] = {
0x02, 0x82, 0x01, 0x01, 0x00, 0xc0, 0x95, 0x08, 0xe1, 0x57, 0x41,
0xf2, 0x71, 0x6d, 0xb7, 0xd2, 0x45, 0x41, 0x27, 0x01, 0x65, 0xc6,
0x45, 0xae, 0xf2, 0xbc, 0x24, 0x30, 0xb8, 0x95, 0xce, 0x2f, 0x4e,
0xd6, 0xf6, 0x1c, 0x88, 0xbc, 0x7c, 0x9f, 0xfb, 0xa8, 0x67, 0x7f,
0xfe, 0x5c, 0x9c, 0x51, 0x75, 0xf7, 0x8a, 0xca, 0x07, 0xe7, 0x35,
0x2f, 0x8f, 0xe1, 0xbd, 0x7b, 0xc0, 0x2f, 0x7c, 0xab, 0x64, 0xa8,
0x17, 0xfc, 0xca, 0x5d, 0x7b, 0xba, 0xe0, 0x21, 0xe5, 0x72, 0x2e,
0x6f, 0x2e, 0x86, 0xd8, 0x95, 0x73, 0xda, 0xac, 0x1b, 0x53, 0xb9,
0x5f, 0x3f, 0xd7, 0x19, 0x0d, 0x25, 0x4f, 0xe1, 0x63, 0x63, 0x51,
0x8b, 0x0b, 0x64, 0x3f, 0xad, 0x43, 0xb8, 0xa5, 0x1c, 0x5c, 0x34,
0xb3, 0xae, 0x00, 0xa0, 0x63, 0xc5, 0xf6, 0x7f, 0x0b, 0x59, 0x68,
0x78, 0x73, 0xa6, 0x8c, 0x18, 0xa9, 0x02, 0x6d, 0xaf, 0xc3, 0x19,
0x01, 0x2e, 0xb8, 0x10, 0xe3, 0xc6, 0xcc, 0x40, 0xb4, 0x69, 0xa3,
0x46, 0x33, 0x69, 0x87, 0x6e, 0xc4, 0xbb, 0x17, 0xa6, 0xf3, 0xe8,
0xdd, 0xad, 0x73, 0xbc, 0x7b, 0x2f, 0x21, 0xb5, 0xfd, 0x66, 0x51,
0x0c, 0xbd, 0x54, 0xb3, 0xe1, 0x6d, 0x5f, 0x1c, 0xbc, 0x23, 0x73,
0xd1, 0x09, 0x03, 0x89, 0x14, 0xd2, 0x10, 0xb9, 0x64, 0xc3, 0x2a,
0xd0, 0xa1, 0x96, 0x4a, 0xbc, 0xe1, 0xd4, 0x1a, 0x5b, 0xc7, 0xa0,
0xc0, 0xc1, 0x63, 0x78, 0x0f, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80,
0x32, 0x23, 0x95, 0xa1, 0x77, 0xba, 0x13, 0xd2, 0x97, 0x73, 0xe2,
0x5d, 0x25, 0xc9, 0x6a, 0x0d, 0xc3, 0x39, 0x60, 0xa4, 0xb4, 0xb0,
0x69, 0x42, 0x42, 0x09, 0xe9, 0xd8, 0x08, 0xbc, 0x33, 0x20, 0xb3,
0x58, 0x22, 0xa7, 0xaa, 0xeb, 0xc4, 0xe1, 0xe6, 0x61, 0x83, 0xc5,
0xd2, 0x96, 0xdf, 0xd9, 0xd0, 0x4f, 0xad, 0xd7
};
static const byte garbageDer[] = {0xDE, 0xAD, 0xBE, 0xEF};
static const ASN1IntTestVector testVectors[] = {
{zeroDer, sizeof(zeroDer), 0},
{oneDer, sizeof(oneDer), 1},
{negativeDer, sizeof(negativeDer), -4123123},
{positiveDer, sizeof(positiveDer), 65537},
{primeDer, sizeof(primeDer), 0}
};
static const size_t NUM_TEST_VECTORS =
sizeof(testVectors)/sizeof(testVectors[0]);
/* Check d2i error conditions */
/* NULL pointer to input. */
ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, NULL, 1)));
ExpectNull(b);
/* NULL input. */
ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, 1)));
ExpectNull(b);
/* 0 length. */
p = testVectors[0].der;
ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, 0)));
ExpectNull(b);
/* Negative length. */
p = testVectors[0].der;
ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, -1)));
ExpectNull(b);
/* Garbage DER input. */
p = garbageDer;
ExpectNull((a = wolfSSL_d2i_ASN1_INTEGER(&b, &p, sizeof(garbageDer))));
ExpectNull(b);
/* Check i2d error conditions */
/* NULL input. */
ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(NULL, &p2), 0);
/* 0 length input data buffer (a->length == 0). */
ExpectNotNull((a = wolfSSL_ASN1_INTEGER_new()));
ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, &p2), 0);
if (a != NULL)
a->data = NULL;
/* NULL input data buffer. */
ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, &p2), 0);
if (a != NULL) {
/* Reset a->data. */
a->data = a->intData;
}
/* Set a to valid value. */
ExpectIntEQ(wolfSSL_ASN1_INTEGER_set(a, 1), WOLFSSL_SUCCESS);
/* NULL output buffer. */
ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, NULL), 0);
wolfSSL_ASN1_INTEGER_free(a);
a = NULL;
for (i = 0; i < NUM_TEST_VECTORS; ++i) {
p = testVectors[i].der;
ExpectNotNull(a = wolfSSL_d2i_ASN1_INTEGER(&b, &p,
testVectors[i].derSz));
ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, b), 0);
if (testVectors[i].derSz <= sizeof(long)) {
ExpectNotNull(c = wolfSSL_ASN1_INTEGER_new());
ExpectIntEQ(wolfSSL_ASN1_INTEGER_set(c, testVectors[i].value), 1);
ExpectIntEQ(wolfSSL_ASN1_INTEGER_cmp(a, c), 0);
wolfSSL_ASN1_INTEGER_free(c);
c = NULL;
}
/* Convert to DER without a pre-allocated output buffer. */
ExpectIntGT((reEncodedSz = wolfSSL_i2d_ASN1_INTEGER(a, &reEncoded)), 0);
ExpectIntEQ(reEncodedSz, testVectors[i].derSz);
ExpectIntEQ(XMEMCMP(reEncoded, testVectors[i].der, reEncodedSz), 0);
/* Convert to DER with a pre-allocated output buffer. In this case, the
* output buffer pointer should be incremented just past the end of the
* encoded data. */
p2 = reEncoded;
ExpectIntGT((reEncodedSz = wolfSSL_i2d_ASN1_INTEGER(a, &p2)), 0);
ExpectIntEQ(reEncodedSz, testVectors[i].derSz);
ExpectPtrEq(reEncoded, p2 - reEncodedSz);
ExpectIntEQ(XMEMCMP(reEncoded, testVectors[i].der, reEncodedSz), 0);
XFREE(reEncoded, NULL, DYNAMIC_TYPE_ASN1);
reEncoded = NULL;
wolfSSL_ASN1_INTEGER_free(a);
a = NULL;
}
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_a2i_ASN1_INTEGER(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
BIO* bio = NULL;
BIO* out = NULL;
BIO* fixed = NULL;
ASN1_INTEGER* ai = NULL;
char buf[] = "123456\n12345\n1123456789123456\\\n78901234567890 \r\n\n";
char tmp[1024];
int tmpSz;
const char expected1[] = "123456";
const char expected2[] = "112345678912345678901234567890";
char longStr[] = "123456781234567812345678123456781234567812345678\n"
"123456781234567812345678123456781234567812345678\\\n12345678\n";
ExpectNotNull(out = BIO_new(BIO_s_mem()));
ExpectNotNull(ai = ASN1_INTEGER_new());
ExpectNotNull(bio = BIO_new_mem_buf(buf, -1));
/* Invalid parameter testing. */
ExpectIntEQ(a2i_ASN1_INTEGER(NULL, NULL, NULL, -1), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(bio, NULL, NULL, -1), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(NULL, ai, NULL, -1), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(NULL, NULL, tmp, -1), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(NULL, NULL, NULL, 1024), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(NULL, ai, tmp, 1024), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(bio, NULL, tmp, 1024), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, NULL, 1024), 0);
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, -1), 0);
ExpectIntEQ(i2a_ASN1_INTEGER(NULL, NULL), 0);
ExpectIntEQ(i2a_ASN1_INTEGER(bio, NULL), 0);
ExpectIntEQ(i2a_ASN1_INTEGER(NULL, ai), 0);
/* No data to read from BIO. */
ExpectIntEQ(a2i_ASN1_INTEGER(out, ai, tmp, 1024), 0);
/* read first line */
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 6);
XMEMSET(tmp, 0, 1024);
tmpSz = BIO_read(out, tmp, 1024);
ExpectIntEQ(tmpSz, 6);
ExpectIntEQ(XMEMCMP(tmp, expected1, tmpSz), 0);
/* fail on second line (not % 2) */
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 0);
/* read 3rd long line */
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 30);
XMEMSET(tmp, 0, 1024);
tmpSz = BIO_read(out, tmp, 1024);
ExpectIntEQ(tmpSz, 30);
ExpectIntEQ(XMEMCMP(tmp, expected2, tmpSz), 0);
/* fail on empty line */
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 0);
BIO_free(bio);
bio = NULL;
/* Make long integer, requiring dynamic memory, even longer. */
ExpectNotNull(bio = BIO_new_mem_buf(longStr, -1));
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 48);
XMEMSET(tmp, 0, 1024);
tmpSz = BIO_read(out, tmp, 1024);
ExpectIntEQ(tmpSz, 48);
ExpectIntEQ(a2i_ASN1_INTEGER(bio, ai, tmp, 1024), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(out, ai), 56);
XMEMSET(tmp, 0, 1024);
tmpSz = BIO_read(out, tmp, 1024);
ExpectIntEQ(tmpSz, 56);
ExpectIntEQ(wolfSSL_ASN1_INTEGER_set(ai, 1), 1);
BIO_free(bio);
BIO_free(out);
ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, tmp, 1), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(fixed, ai), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(fixed, ai), 0);
BIO_free(fixed);
ASN1_INTEGER_free(ai);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2c_ASN1_INTEGER(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER *a = NULL;
unsigned char *pp = NULL,*tpp = NULL;
int ret = 0;
ExpectNotNull(a = wolfSSL_ASN1_INTEGER_new());
/* Invalid parameter testing. */
/* Set pp to an invalid value. */
pp = NULL;
ExpectIntEQ(i2c_ASN1_INTEGER(NULL, &pp), 0);
ExpectIntEQ(i2c_ASN1_INTEGER(a, &pp), 0);
ExpectIntEQ(i2c_ASN1_INTEGER(NULL, NULL), 0);
/* 40 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 40;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1);
tpp--;
ExpectIntEQ(*tpp, 40);
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* 128 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 128;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2);
tpp--;
ExpectIntEQ(*(tpp--), 128);
ExpectIntEQ(*tpp, 0);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* -40 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 40;
a->negative = 1;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1);
tpp--;
ExpectIntEQ(*tpp, 216);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* -128 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 128;
a->negative = 1;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1);
tpp--;
ExpectIntEQ(*tpp, 128);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* -200 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 200;
a->negative = 1;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2);
tpp--;
ExpectIntEQ(*(tpp--), 56);
ExpectIntEQ(*tpp, 255);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* Empty */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 0;
a->negative = 0;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1);
tpp--;
ExpectIntEQ(*tpp, 0);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* 0 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 0;
a->negative = 1;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 1);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
if (tpp != NULL) {
tpp = pp;
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 1);
tpp--;
ExpectIntEQ(*tpp, 0);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* 0x100 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 2;
a->intData[2] = 0x01;
a->intData[3] = 0x00;
a->negative = 0;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
if (tpp != NULL) {
tpp = pp;
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2);
tpp -= 2;
ExpectIntEQ(tpp[0], 0x01);
ExpectIntEQ(tpp[1], 0x00);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* -0x8000 => 0x8000 */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 2;
a->intData[2] = 0x80;
a->intData[3] = 0x00;
a->negative = 1;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 2);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 2);
tpp -= 2;
ExpectIntEQ(tpp[0], 0x80);
ExpectIntEQ(tpp[1], 0x00);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pp = NULL;
/* -0x8001 => 0xFF7FFF */
if (a != NULL) {
a->intData[0] = ASN_INTEGER;
a->intData[1] = 2;
a->intData[2] = 0x80;
a->intData[3] = 0x01;
a->negative = 1;
}
ExpectIntEQ(ret = i2c_ASN1_INTEGER(a, NULL), 3);
ExpectNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp;
if (tpp != NULL) {
ExpectNotNull(XMEMSET(tpp, 0, ret + 1));
ExpectIntEQ(i2c_ASN1_INTEGER(a, &tpp), 3);
tpp -= 3;
ExpectIntEQ(tpp[0], 0xFF);
ExpectIntEQ(tpp[1], 0x7F);
ExpectIntEQ(tpp[2], 0xFF);
}
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_ASN1_INTEGER_free(a);
#endif /* OPENSSL_EXTRA && !NO_ASN */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_OBJECT(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
ASN1_OBJECT* a = NULL;
ASN1_OBJECT s;
const unsigned char der[] = { 0x06, 0x01, 0x00 };
/* Invalid parameter testing. */
ASN1_OBJECT_free(NULL);
ExpectNull(wolfSSL_ASN1_OBJECT_dup(NULL));
/* Test that a static ASN1_OBJECT can be freed. */
XMEMSET(&s, 0, sizeof(ASN1_OBJECT));
ASN1_OBJECT_free(&s);
ExpectNotNull(a = wolfSSL_ASN1_OBJECT_dup(&s));
ASN1_OBJECT_free(a);
a = NULL;
s.obj = der;
s.objSz = sizeof(der);
ExpectNotNull(a = wolfSSL_ASN1_OBJECT_dup(&s));
ASN1_OBJECT_free(a);
ASN1_OBJECT_free(&s);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_get_object(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
const unsigned char* derBuf = cliecc_cert_der_256;
const unsigned char* nullPtr = NULL;
const unsigned char objDerInvalidLen[] = { 0x30, 0x81 };
const unsigned char objDerBadLen[] = { 0x30, 0x04 };
const unsigned char objDerNotObj[] = { 0x02, 0x01, 0x00 };
const unsigned char objDerNoData[] = { 0x06, 0x00 };
const unsigned char* p;
unsigned char objDer[8];
unsigned char* der;
unsigned char* derPtr;
int len = sizeof_cliecc_cert_der_256;
long asnLen = 0;
int tag = 0;
int cls = 0;
ASN1_OBJECT* a = NULL;
ASN1_OBJECT s;
XMEMSET(&s, 0, sizeof(ASN1_OBJECT));
/* Invalid encoding at length. */
p = objDerInvalidLen;
ExpectIntEQ(ASN1_get_object(&p, &asnLen, &tag, &cls, sizeof(objDerBadLen)),
0x80);
p = objDerBadLen;
/* Error = 0x80, Constructed = 0x20 */
ExpectIntEQ(ASN1_get_object(&p, &asnLen, &tag, &cls, sizeof(objDerBadLen)),
0x80 | 0x20);
/* Read a couple TLV triplets and make sure they match the expected values
*/
/* SEQUENCE */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len) & 0x80, 0);
ExpectIntEQ(asnLen, 861);
ExpectIntEQ(tag, 0x10);
ExpectIntEQ(cls, 0);
/* SEQUENCE */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
ExpectIntEQ(asnLen, 772);
ExpectIntEQ(tag, 0x10);
ExpectIntEQ(cls, 0);
/* [0] */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
ExpectIntEQ(asnLen, 3);
ExpectIntEQ(tag, 0);
ExpectIntEQ(cls, 0x80);
/* INTEGER */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
ExpectIntEQ(asnLen, 1);
ExpectIntEQ(tag, 0x2);
ExpectIntEQ(cls, 0);
derBuf += asnLen;
/* INTEGER */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
ExpectIntEQ(asnLen, 20);
ExpectIntEQ(tag, 0x2);
ExpectIntEQ(cls, 0);
derBuf += asnLen;
/* SEQUENCE */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
ExpectIntEQ(asnLen, 10);
ExpectIntEQ(tag, 0x10);
ExpectIntEQ(cls, 0);
/* Found OBJECT_ID. */
/* Invalid parameter testing. */
ExpectIntEQ(ASN1_get_object(NULL, NULL, NULL, NULL, 0), 0x80);
ExpectIntEQ(ASN1_get_object(&nullPtr, NULL, NULL, NULL, 0), 0x80);
ExpectIntEQ(ASN1_get_object(NULL, &asnLen, &tag, &cls, len), 0x80);
ExpectIntEQ(ASN1_get_object(&nullPtr, &asnLen, &tag, &cls, len), 0x80);
ExpectIntEQ(ASN1_get_object(&derBuf, NULL, &tag, &cls, len), 0x80);
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, NULL, &cls, len), 0x80);
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, NULL, len), 0x80);
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, 0), 0x80);
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, -1), 0x80);
ExpectNull(d2i_ASN1_OBJECT(NULL, NULL, -1));
ExpectNull(d2i_ASN1_OBJECT(NULL, &nullPtr, -1));
ExpectNull(d2i_ASN1_OBJECT(NULL, &derBuf, -1));
ExpectNull(d2i_ASN1_OBJECT(NULL, NULL, 0));
ExpectNull(d2i_ASN1_OBJECT(&a, NULL, len));
ExpectNull(d2i_ASN1_OBJECT(&a, &nullPtr, len));
ExpectNull(d2i_ASN1_OBJECT(&a, &derBuf, -1));
ExpectNull(c2i_ASN1_OBJECT(NULL, NULL, -1));
ExpectNull(c2i_ASN1_OBJECT(NULL, &nullPtr, -1));
ExpectNull(c2i_ASN1_OBJECT(NULL, &derBuf, -1));
ExpectNull(c2i_ASN1_OBJECT(NULL, NULL, 1));
ExpectNull(c2i_ASN1_OBJECT(NULL, &nullPtr, 1));
/* Invalid encoding at length. */
p = objDerInvalidLen;
ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerInvalidLen)));
p = objDerBadLen;
ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerBadLen)));
p = objDerNotObj;
ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerNotObj)));
p = objDerNoData;
ExpectNull(d2i_ASN1_OBJECT(&a, &p, sizeof(objDerNoData)));
/* Create an ASN OBJECT from content */
p = derBuf + 2;
ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 8));
ASN1_OBJECT_free(a);
a = NULL;
/* Create an ASN OBJECT from DER */
ExpectNotNull(d2i_ASN1_OBJECT(&a, &derBuf, len));
/* Invalid parameter testing. */
ExpectIntEQ(i2d_ASN1_OBJECT(NULL, NULL), 0);
ExpectIntEQ(i2d_ASN1_OBJECT(&s, NULL), 0);
ExpectIntEQ(i2d_ASN1_OBJECT(a, NULL), 8);
der = NULL;
ExpectIntEQ(i2d_ASN1_OBJECT(a, &der), 8);
derPtr = objDer;
ExpectIntEQ(i2d_ASN1_OBJECT(a, &derPtr), 8);
ExpectPtrNE(derPtr, objDer);
ExpectIntEQ(XMEMCMP(der, objDer, 8), 0);
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
ASN1_OBJECT_free(a);
#endif /* OPENSSL_EXTRA && HAVE_ECC && USE_CERT_BUFFERS_256 */
return EXPECT_RESULT();
}
static int test_wolfSSL_i2a_ASN1_OBJECT(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
ASN1_OBJECT* obj = NULL;
ASN1_OBJECT* a = NULL;
BIO *bio = NULL;
const unsigned char notObjDer[] = { 0x04, 0x01, 0xff };
const unsigned char badLenDer[] = { 0x06, 0x04, 0x01 };
const unsigned char goodDer[] = { 0x06, 0x01, 0x01 };
const unsigned char* p;
ExpectNotNull(obj = OBJ_nid2obj(NID_sha256));
ExpectTrue((bio = BIO_new(BIO_s_mem())) != NULL);
ExpectIntGT(wolfSSL_i2a_ASN1_OBJECT(bio, obj), 0);
ExpectIntGT(wolfSSL_i2a_ASN1_OBJECT(bio, NULL), 0);
ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(NULL, obj), 0);
/* No DER encoding in ASN1_OBJECT. */
ExpectNotNull(a = wolfSSL_ASN1_OBJECT_new());
ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0);
ASN1_OBJECT_free(a);
a = NULL;
/* DER encoding - not OBJECT_ID */
p = notObjDer;
ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 3));
ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0);
ASN1_OBJECT_free(a);
a = NULL;
/* Bad length encoding. */
p = badLenDer;
ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 3));
ExpectIntEQ(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0);
ASN1_OBJECT_free(a);
a = NULL;
/* Good encoding - but unknown. */
p = goodDer;
ExpectNotNull(a = c2i_ASN1_OBJECT(NULL, &p, 3));
ExpectIntGT(wolfSSL_i2a_ASN1_OBJECT(bio, a), 0);
ASN1_OBJECT_free(a);
BIO_free(bio);
ASN1_OBJECT_free(obj);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2t_ASN1_OBJECT(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
char buf[50] = {0};
ASN1_OBJECT* obj;
const char* oid = "2.5.29.19";
const char* ln = "X509v3 Basic Constraints";
obj = NULL;
ExpectIntEQ(i2t_ASN1_OBJECT(NULL, sizeof(buf), obj), 0);
ExpectIntEQ(i2t_ASN1_OBJECT(buf, sizeof(buf), NULL), 0);
ExpectIntEQ(i2t_ASN1_OBJECT(buf, 0, NULL), 0);
ExpectNotNull(obj = OBJ_txt2obj(oid, 0));
XMEMSET(buf, 0, sizeof(buf));
ExpectIntEQ(i2t_ASN1_OBJECT(buf, sizeof(buf), obj), XSTRLEN(ln));
ExpectIntEQ(XSTRNCMP(buf, ln, XSTRLEN(ln)), 0);
ASN1_OBJECT_free(obj);
#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */
return EXPECT_RESULT();
}
static int test_wolfSSL_sk_ASN1_OBJECT(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
WOLFSSL_STACK* sk = NULL;
WOLFSSL_ASN1_OBJECT* obj;
ExpectNotNull(obj = wolfSSL_ASN1_OBJECT_new());
ExpectNotNull(sk = wolfSSL_sk_new_asn1_obj());
wolfSSL_sk_ASN1_OBJECT_free(sk);
sk = NULL;
ExpectNotNull(sk = wolfSSL_sk_new_asn1_obj());
ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(sk, NULL), 0);
ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(NULL, obj), 0);
ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(sk, obj), 1);
wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL);
sk = NULL;
/* obj freed in pop_free call. */
ExpectNotNull(obj = wolfSSL_ASN1_OBJECT_new());
ExpectNotNull(sk = wolfSSL_sk_new_asn1_obj());
ExpectIntEQ(wolfSSL_sk_ASN1_OBJECT_push(sk, obj), 1);
ExpectPtrEq(obj, wolfSSL_sk_ASN1_OBJECT_pop(sk));
wolfSSL_sk_ASN1_OBJECT_free(sk);
wolfSSL_ASN1_OBJECT_free(obj);
#endif /* !NO_ASN && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
ASN1_STRING* str = NULL;
ASN1_STRING* c = NULL;
const char data[] = "hello wolfSSL";
const char data2[] = "Same len data";
const char longData[] =
"This string must be longer than CTC_NAME_SIZE that is defined as 64.";
ExpectNotNull(str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
ASN1_STRING_free(str);
str = NULL;
ExpectNotNull(str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
ExpectIntEQ(ASN1_STRING_type(str), V_ASN1_OCTET_STRING);
ExpectIntEQ(ASN1_STRING_type(NULL), 0);
/* Check setting to NULL works. */
ExpectIntEQ(ASN1_STRING_set(str, NULL, 0), 1);
ExpectIntEQ(ASN1_STRING_set(str, (const void*)data, sizeof(data)), 1);
ExpectIntEQ(ASN1_STRING_set(str, (const void*)data, -1), 1);
ExpectIntEQ(ASN1_STRING_set(str, NULL, -1), 0);
ExpectIntEQ(ASN1_STRING_set(NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_copy(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_copy(str, NULL), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_copy(NULL, str), 0);
ExpectNull(wolfSSL_ASN1_STRING_dup(NULL));
ExpectNotNull(c = wolfSSL_ASN1_STRING_dup(str));
ExpectIntEQ(ASN1_STRING_cmp(NULL, NULL), -1);
ExpectIntEQ(ASN1_STRING_cmp(str, NULL), -1);
ExpectIntEQ(ASN1_STRING_cmp(NULL, c), -1);
ExpectIntEQ(ASN1_STRING_cmp(str, c), 0);
ExpectIntEQ(ASN1_STRING_set(c, (const void*)data2, -1), 1);
ExpectIntGT(ASN1_STRING_cmp(str, c), 0);
ExpectIntEQ(ASN1_STRING_set(str, (const void*)longData, -1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_copy(c, str), 1);
ExpectIntEQ(ASN1_STRING_cmp(str, c), 0);
/* Check setting back to smaller size frees dynamic data. */
ExpectIntEQ(ASN1_STRING_set(str, (const void*)data, -1), 1);
ExpectIntLT(ASN1_STRING_cmp(str, c), 0);
ExpectIntGT(ASN1_STRING_cmp(c, str), 0);
ExpectNull(ASN1_STRING_get0_data(NULL));
ExpectNotNull(ASN1_STRING_get0_data(str));
ExpectNull(ASN1_STRING_data(NULL));
ExpectNotNull(ASN1_STRING_data(str));
ExpectIntEQ(ASN1_STRING_length(NULL), 0);
ExpectIntGT(ASN1_STRING_length(str), 0);
ASN1_STRING_free(c);
ASN1_STRING_free(str);
ASN1_STRING_free(NULL);
#ifndef NO_WOLFSSL_STUB
ExpectNull(d2i_DISPLAYTEXT(NULL, NULL, 0));
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_to_UTF8(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_RSA) && \
!defined(NO_FILESYSTEM)
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_NAME* subject = NULL;
WOLFSSL_X509_NAME_ENTRY* e = NULL;
WOLFSSL_ASN1_STRING* a = NULL;
FILE* file = XBADFILE;
int idx = 0;
char targetOutput[16] = "www.wolfssl.com";
unsigned char* actual_output = NULL;
int len = 0;
ExpectNotNull(file = fopen("./certs/server-cert.pem", "rb"));
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
if (file != XBADFILE)
fclose(file);
/* wolfSSL_ASN1_STRING_to_UTF8(): NID_commonName */
ExpectNotNull(subject = wolfSSL_X509_get_subject_name(x509));
ExpectIntEQ((idx = wolfSSL_X509_NAME_get_index_by_NID(subject,
NID_commonName, -1)), 5);
ExpectNotNull(e = wolfSSL_X509_NAME_get_entry(subject, idx));
ExpectNotNull(a = wolfSSL_X509_NAME_ENTRY_get_data(e));
ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(&actual_output, a)), 15);
ExpectIntEQ(strncmp((const char*)actual_output, targetOutput, (size_t)len), 0);
a = NULL;
/* wolfSSL_ASN1_STRING_to_UTF8(NULL, valid) */
ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(NULL, a)), -1);
/* wolfSSL_ASN1_STRING_to_UTF8(valid, NULL) */
ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(&actual_output, NULL)), -1);
/* wolfSSL_ASN1_STRING_to_UTF8(NULL, NULL) */
ExpectIntEQ((len = wolfSSL_ASN1_STRING_to_UTF8(NULL, NULL)), -1);
wolfSSL_X509_free(x509);
XFREE(actual_output, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ExpectNotNull(a = ASN1_STRING_new());
ExpectIntEQ(wolfSSL_ASN1_STRING_to_UTF8(&actual_output, a), -1);
ASN1_STRING_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2s_ASN1_STRING(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
WOLFSSL_ASN1_STRING* str = NULL;
const char* data = "test_wolfSSL_i2s_ASN1_STRING";
char* ret = NULL;
ExpectNotNull(str = ASN1_STRING_new());
ExpectNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, NULL));
XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ret = NULL;
/* No data. */
ExpectNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, str));
XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ret = NULL;
ExpectIntEQ(ASN1_STRING_set(str, data, 0), 1);
ExpectNotNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, str));
XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ret = NULL;
ExpectIntEQ(ASN1_STRING_set(str, data, -1), 1);
/* No type. */
ExpectNotNull(ret = wolfSSL_i2s_ASN1_STRING(NULL, str));
XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ASN1_STRING_free(str);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_canon(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_TEST_STATIC_BUILD)
#if !defined(NO_CERTS) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
WOLFSSL_ASN1_STRING* orig = NULL;
WOLFSSL_ASN1_STRING* canon = NULL;
const char* data = "test_wolfSSL_ASN1_STRING_canon";
const char* whitespaceOnly = "\t\r\n";
const char* modData = " \x01\f\t\x02\r\n\v\xff\nTt \n";
const char* canonData = "\x01 \x02 \xff tt";
const char longData[] =
"This string must be longer than CTC_NAME_SIZE that is defined as 64.";
ExpectNotNull(orig = ASN1_STRING_new());
ExpectNotNull(canon = ASN1_STRING_new());
/* Invalid parameter testing. */
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(NULL, orig), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1);
ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0);
ExpectIntEQ(ASN1_STRING_set(orig, longData, (int)XSTRLEN(data)), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1);
ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0);
ExpectIntEQ(ASN1_STRING_set(orig, data, (int)XSTRLEN(data)), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1);
ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0);
ASN1_STRING_free(orig);
orig = NULL;
ExpectNotNull(orig = ASN1_STRING_type_new(MBSTRING_UTF8));
ExpectIntEQ(ASN1_STRING_set(orig, modData, 15), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1);
ExpectIntEQ(ASN1_STRING_set(orig, canonData, 8), 1);
ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0);
ASN1_STRING_free(orig);
orig = NULL;
ExpectNotNull(orig = ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING));
ExpectIntEQ(ASN1_STRING_set(orig, whitespaceOnly, 3), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_canon(canon, orig), 1);
ASN1_STRING_free(orig);
orig = NULL;
ExpectNotNull(orig = ASN1_STRING_type_new(MBSTRING_UTF8));
ExpectIntEQ(ASN1_STRING_cmp(orig, canon), 0);
ASN1_STRING_free(orig);
ASN1_STRING_free(canon);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_CERTS) && \
!defined(NO_BIO)
ASN1_STRING* asnStr = NULL;
const char HELLO_DATA[]= \
{'H','e','l','l','o',' ','w','o','l','f','S','S','L','!'};
#define MAX_UNPRINTABLE_CHAR 32
#define MAX_BUF 255
unsigned char unprintableData[MAX_UNPRINTABLE_CHAR + sizeof(HELLO_DATA)];
unsigned char expected[sizeof(unprintableData)+1];
unsigned char rbuf[MAX_BUF];
BIO *bio = NULL;
int p_len;
int i;
/* setup */
for (i = 0; i < (int)sizeof(HELLO_DATA); i++) {
unprintableData[i] = (unsigned char)HELLO_DATA[i];
expected[i] = (unsigned char)HELLO_DATA[i];
}
for (i = 0; i < (int)MAX_UNPRINTABLE_CHAR; i++) {
unprintableData[sizeof(HELLO_DATA)+i] = i;
if (i == (int)'\n' || i == (int)'\r')
expected[sizeof(HELLO_DATA)+i] = i;
else
expected[sizeof(HELLO_DATA)+i] = '.';
}
unprintableData[sizeof(unprintableData)-1] = '\0';
expected[sizeof(expected)-1] = '\0';
XMEMSET(rbuf, 0, MAX_BUF);
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, MAX_BUF), 0);
ExpectNotNull(asnStr = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
ExpectIntEQ(ASN1_STRING_set(asnStr,(const void*)unprintableData,
(int)sizeof(unprintableData)), 1);
/* test */
ExpectIntEQ(wolfSSL_ASN1_STRING_print(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, NULL), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_print(NULL, asnStr), 0);
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print(bio, asnStr), 46);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 46), 46);
ExpectStrEQ((char*)rbuf, (const char*)expected);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(bio, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0);
ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0);
ExpectIntEQ(BIO_set_write_buf_size(bio, 45), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0);
BIO_free(bio);
ASN1_STRING_free(asnStr);
#endif /* OPENSSL_EXTRA && !NO_ASN && !NO_CERTS && !NO_BIO */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_print_ex(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
ASN1_STRING* asn_str = NULL;
const char data[] = "Hello wolfSSL!";
ASN1_STRING* esc_str = NULL;
const char esc_data[] = "a+;<>";
ASN1_STRING* neg_int = NULL;
const char neg_int_data[] = "\xff";
ASN1_STRING* neg_enum = NULL;
const char neg_enum_data[] = "\xff";
BIO *bio = NULL;
BIO *fixed = NULL;
unsigned long flags;
int p_len;
unsigned char rbuf[255];
/* setup */
XMEMSET(rbuf, 0, 255);
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 255), 0);
ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectNotNull(asn_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
ExpectIntEQ(ASN1_STRING_set(asn_str, (const void*)data, sizeof(data)), 1);
ExpectNotNull(esc_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
ExpectIntEQ(ASN1_STRING_set(esc_str, (const void*)esc_data,
sizeof(esc_data)), 1);
ExpectNotNull(neg_int = ASN1_STRING_type_new(V_ASN1_NEG_INTEGER));
ExpectIntEQ(ASN1_STRING_set(neg_int, (const void*)neg_int_data,
sizeof(neg_int_data) - 1), 1);
ExpectNotNull(neg_enum = ASN1_STRING_type_new(V_ASN1_NEG_ENUMERATED));
ExpectIntEQ(ASN1_STRING_set(neg_enum, (const void*)neg_enum_data,
sizeof(neg_enum_data) - 1), 1);
/* Invalid parameter testing. */
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(bio, NULL, 0), 0);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(NULL, asn_str, 0), 0);
/* no flags */
XMEMSET(rbuf, 0, 255);
flags = 0;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 15);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 15), 15);
ExpectStrEQ((char*)rbuf, "Hello wolfSSL!");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 14), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
/* RFC2253 Escape */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_ESC_2253;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, esc_str, flags), 9);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 9), 9);
ExpectStrEQ((char*)rbuf, "a\\+\\;\\<\\>");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 8), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0);
/* Show type */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_SHOW_TYPE;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 28);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 28), 28);
ExpectStrEQ((char*)rbuf, "OCTET STRING:Hello wolfSSL!");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 12), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 27), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
/* Dump All */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 31);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 31), 31);
ExpectStrEQ((char*)rbuf, "#48656C6C6F20776F6C6653534C2100");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 30), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
/* Dump Der */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 35);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 35), 35);
ExpectStrEQ((char*)rbuf, "#040F48656C6C6F20776F6C6653534C2100");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 2), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 30), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
/* Dump All + Show type */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags), 44);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 44), 44);
ExpectStrEQ((char*)rbuf, "OCTET STRING:#48656C6C6F20776F6C6653534C2100");
/* Dump All + Show type - Negative Integer. */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, neg_int, flags), 11);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 11), 11);
ExpectStrEQ((char*)rbuf, "INTEGER:#FF");
/* Dump All + Show type - Negative Enumerated. */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE;
ExpectIntEQ(p_len = wolfSSL_ASN1_STRING_print_ex(bio, neg_enum, flags), 14);
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 14), 14);
ExpectStrEQ((char*)rbuf, "ENUMERATED:#FF");
BIO_free(fixed);
BIO_free(bio);
ASN1_STRING_free(asn_str);
ASN1_STRING_free(esc_str);
ASN1_STRING_free(neg_int);
ASN1_STRING_free(neg_enum);
ExpectStrEQ(wolfSSL_ASN1_tag2str(-1), "(unknown)");
ExpectStrEQ(wolfSSL_ASN1_tag2str(31), "(unknown)");
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_ASN)
ASN1_STRING* asn1str_test = NULL;
ASN1_STRING* asn1str_answer = NULL;
/* Each character is encoded using 4 bytes */
char input[] = {
0, 0, 0, 'T',
0, 0, 0, 'e',
0, 0, 0, 's',
0, 0, 0, 't',
};
char output[] = "Test";
char badInput[] = {
1, 0, 0, 'T',
0, 1, 0, 'e',
0, 0, 1, 's',
};
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(NULL), 0);
/* Test wrong type. */
ExpectNotNull(asn1str_test = ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0);
ASN1_STRING_free(asn1str_test);
asn1str_test = NULL;
ExpectNotNull(asn1str_test = ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING));
/* Test bad length. */
ExpectIntEQ(ASN1_STRING_set(asn1str_test, input, sizeof(input) - 1), 1);
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0);
/* Test bad input. */
ExpectIntEQ(ASN1_STRING_set(asn1str_test, badInput + 0, 4), 1);
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0);
ExpectIntEQ(ASN1_STRING_set(asn1str_test, badInput + 4, 4), 1);
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0);
ExpectIntEQ(ASN1_STRING_set(asn1str_test, badInput + 8, 4), 1);
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 0);
ExpectIntEQ(ASN1_STRING_set(asn1str_test, input, sizeof(input)), 1);
ExpectIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 1);
ExpectNotNull(
asn1str_answer = ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING));
ExpectIntEQ(ASN1_STRING_set(asn1str_answer, output, sizeof(output)-1), 1);
ExpectIntEQ(ASN1_STRING_cmp(asn1str_test, asn1str_answer), 0);
ASN1_STRING_free(asn1str_test);
ASN1_STRING_free(asn1str_answer);
#endif /* OPENSSL_ALL && !NO_ASN */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
WOLFSSL_ASN1_GENERALIZEDTIME* asn1_gtime = NULL;
ExpectNotNull(asn1_gtime = ASN1_GENERALIZEDTIME_new());
if (asn1_gtime != NULL)
XMEMCPY(asn1_gtime->data, "20180504123500Z", ASN_GENERALIZED_TIME_SIZE);
ASN1_GENERALIZEDTIME_free(asn1_gtime);
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
WOLFSSL_ASN1_GENERALIZEDTIME* gtime = NULL;
BIO* bio = NULL;
unsigned char buf[24];
int i;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
BIO_set_write_buf_size(bio, 24);
ExpectNotNull(gtime = ASN1_GENERALIZEDTIME_new());
/* Type not set. */
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, gtime), 0);
ExpectIntEQ(wolfSSL_ASN1_TIME_set_string(gtime, "20180504123500Z"), 1);
/* Invalid parameters testing. */
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(NULL, gtime), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, gtime), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 20);
ExpectIntEQ(XMEMCMP(buf, "May 04 12:35:00 2018", 20), 0);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(bio, buf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, gtime), 0);
for (i = 1; i < 20; i++) {
ExpectIntEQ(BIO_set_write_buf_size(bio, i), 1);
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, gtime), 0);
}
BIO_free(bio);
wolfSSL_ASN1_GENERALIZEDTIME_free(gtime);
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
WOLFSSL_ASN1_TIME* asn_time = NULL;
unsigned char *data;
ExpectNotNull(asn_time = ASN1_TIME_new());
#ifndef NO_WOLFSSL_STUB
ExpectNotNull(ASN1_TIME_set(asn_time, 1));
#endif
ExpectIntEQ(ASN1_TIME_set_string(NULL, NULL), 0);
ExpectIntEQ(ASN1_TIME_set_string(asn_time, NULL), 0);
ExpectIntEQ(ASN1_TIME_set_string(NULL,
"String longer than CTC_DATA_SIZE that is 32 bytes"), 0);
ExpectIntEQ(ASN1_TIME_set_string(NULL, "101219181011Z"), 1);
ExpectIntEQ(ASN1_TIME_set_string(asn_time, "101219181011Z"), 1);
ExpectIntEQ(wolfSSL_ASN1_TIME_get_length(NULL), 0);
ExpectIntEQ(wolfSSL_ASN1_TIME_get_length(asn_time), ASN_UTC_TIME_SIZE - 1);
ExpectNull(wolfSSL_ASN1_TIME_get_data(NULL));
ExpectNotNull(data = wolfSSL_ASN1_TIME_get_data(asn_time));
ExpectIntEQ(XMEMCMP(data, "101219181011Z", 14), 0);
ExpectIntEQ(ASN1_TIME_check(NULL), 0);
ExpectIntEQ(ASN1_TIME_check(asn_time), 1);
ASN1_TIME_free(asn_time);
ASN1_TIME_free(NULL);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_to_string(void)
{
EXPECT_DECLS;
#ifndef NO_ASN_TIME
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
WOLFSSL_ASN1_TIME* t = NULL;
char buf[ASN_GENERALIZED_TIME_SIZE];
ExpectNotNull((t = ASN1_TIME_new()));
ExpectIntEQ(ASN1_TIME_set_string(t, "030222211515Z"), 1);
/* Invalid parameter testing. */
ExpectNull(ASN1_TIME_to_string(NULL, NULL, 4));
ExpectNull(ASN1_TIME_to_string(t, NULL, 4));
ExpectNull(ASN1_TIME_to_string(NULL, buf, 4));
ExpectNull(ASN1_TIME_to_string(NULL, NULL, 5));
ExpectNull(ASN1_TIME_to_string(NULL, buf, 5));
ExpectNull(ASN1_TIME_to_string(t, NULL, 5));
ExpectNull(ASN1_TIME_to_string(t, buf, 4));
/* Buffer needs to be longer than minimum of 5 characters. */
ExpectNull(ASN1_TIME_to_string(t, buf, 5));
ASN1_TIME_free(t);
#endif
#endif /* NO_ASN_TIME */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_diff_compare(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
ASN1_TIME* fromTime = NULL;
ASN1_TIME* closeToTime = NULL;
ASN1_TIME* toTime = NULL;
ASN1_TIME* invalidTime = NULL;
int daysDiff = 0;
int secsDiff = 0;
ExpectNotNull((fromTime = ASN1_TIME_new()));
/* Feb 22, 2003, 21:15:15 */
ExpectIntEQ(ASN1_TIME_set_string(fromTime, "030222211515Z"), 1);
ExpectNotNull((closeToTime = ASN1_TIME_new()));
/* Feb 22, 2003, 21:16:15 */
ExpectIntEQ(ASN1_TIME_set_string(closeToTime, "030222211615Z"), 1);
ExpectNotNull((toTime = ASN1_TIME_new()));
/* Dec 19, 2010, 18:10:11 */
ExpectIntEQ(ASN1_TIME_set_string(toTime, "101219181011Z"), 1);
ExpectNotNull((invalidTime = ASN1_TIME_new()));
/* Dec 19, 2010, 18:10:11 but 'U' instead of 'Z' which is invalid. */
ExpectIntEQ(ASN1_TIME_set_string(invalidTime, "102519181011U"), 1);
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, invalidTime), 0);
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, invalidTime, toTime), 0);
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1);
/* Error conditions. */
ExpectIntEQ(ASN1_TIME_diff(NULL, &secsDiff, fromTime, toTime), 0);
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, NULL, fromTime, toTime), 0);
/* If both times are NULL, difference is 0. */
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, NULL, NULL), 1);
ExpectIntEQ(daysDiff, 0);
ExpectIntEQ(secsDiff, 0);
/* If one time is NULL, it defaults to the current time. */
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, NULL, toTime), 1);
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, NULL), 1);
/* Normal operation. Both times non-NULL. */
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1);
ExpectIntEQ(daysDiff, 2856);
ExpectIntEQ(secsDiff, 75296);
/* Swapping the times should return negative values. */
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, toTime, fromTime), 1);
ExpectIntEQ(daysDiff, -2856);
ExpectIntEQ(secsDiff, -75296);
/* Compare with invalid time string. */
ExpectIntEQ(ASN1_TIME_compare(fromTime, invalidTime), -2);
ExpectIntEQ(ASN1_TIME_compare(invalidTime, toTime), -2);
/* Compare with days difference of 0. */
ExpectIntEQ(ASN1_TIME_compare(fromTime, closeToTime), -1);
ExpectIntEQ(ASN1_TIME_compare(closeToTime, fromTime), 1);
/* Days and seconds differences not 0. */
ExpectIntEQ(ASN1_TIME_compare(fromTime, toTime), -1);
ExpectIntEQ(ASN1_TIME_compare(toTime, fromTime), 1);
/* Same time. */
ExpectIntEQ(ASN1_TIME_compare(fromTime, fromTime), 0);
/* Compare regression test: No seconds difference, just difference in days.
*/
ASN1_TIME_set_string(fromTime, "19700101000000Z");
ASN1_TIME_set_string(toTime, "19800101000000Z");
ExpectIntEQ(ASN1_TIME_compare(fromTime, toTime), -1);
ExpectIntEQ(ASN1_TIME_compare(toTime, fromTime), 1);
ExpectIntEQ(ASN1_TIME_compare(fromTime, fromTime), 0);
/* Edge case with Unix epoch. */
ExpectNotNull(ASN1_TIME_set_string(fromTime, "19700101000000Z"));
ExpectNotNull(ASN1_TIME_set_string(toTime, "19800101000000Z"));
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1);
ExpectIntEQ(daysDiff, 3652);
ExpectIntEQ(secsDiff, 0);
/* Edge case with year > 2038 (year 2038 problem). */
ExpectNotNull(ASN1_TIME_set_string(toTime, "99991231235959Z"));
ExpectIntEQ(ASN1_TIME_diff(&daysDiff, &secsDiff, fromTime, toTime), 1);
ExpectIntEQ(daysDiff, 2932896);
ExpectIntEQ(secsDiff, 86399);
ASN1_TIME_free(fromTime);
ASN1_TIME_free(closeToTime);
ASN1_TIME_free(toTime);
ASN1_TIME_free(invalidTime);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_adj(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \
!defined(USER_TIME) && !defined(TIME_OVERRIDES)
const int year = 365*24*60*60;
const int day = 24*60*60;
const int hour = 60*60;
const int mini = 60;
const byte asn_utc_time = ASN_UTC_TIME;
#if !defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT)
const byte asn_gen_time = ASN_GENERALIZED_TIME;
#endif
WOLFSSL_ASN1_TIME* asn_time = NULL;
WOLFSSL_ASN1_TIME* s = NULL;
int offset_day;
long offset_sec;
char date_str[CTC_DATE_SIZE + 1];
time_t t;
ExpectNotNull(s = wolfSSL_ASN1_TIME_new());
/* UTC notation test */
/* 2000/2/15 20:30:00 */
t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 7 * day;
offset_day = 7;
offset_sec = 45 * mini;
/* offset_sec = -45 * min;*/
ExpectNotNull(asn_time =
wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec));
ExpectTrue(asn_time->type == asn_utc_time);
ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data,
CTC_DATE_SIZE));
date_str[CTC_DATE_SIZE] = '\0';
ExpectIntEQ(0, XMEMCMP(date_str, "000222211500Z", 13));
/* negative offset */
offset_sec = -45 * mini;
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
ExpectNotNull(asn_time);
ExpectTrue(asn_time->type == asn_utc_time);
ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data,
CTC_DATE_SIZE));
date_str[CTC_DATE_SIZE] = '\0';
ExpectIntEQ(0, XMEMCMP(date_str, "000222194500Z", 13));
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
s = NULL;
XMEMSET(date_str, 0, sizeof(date_str));
/* Generalized time will overflow time_t if not long */
#if !defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT)
s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_OPENSSL);
/* GeneralizedTime notation test */
/* 2055/03/01 09:00:00 */
t = (time_t)85 * year + 59 * day + 9 * hour + 21 * day;
offset_day = 12;
offset_sec = 10 * mini;
ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day,
offset_sec));
ExpectTrue(asn_time->type == asn_gen_time);
ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data,
CTC_DATE_SIZE));
date_str[CTC_DATE_SIZE] = '\0';
ExpectIntEQ(0, XMEMCMP(date_str, "20550313091000Z", 15));
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
s = NULL;
XMEMSET(date_str, 0, sizeof(date_str));
#endif /* !TIME_T_NOT_64BIT && !NO_64BIT */
/* if WOLFSSL_ASN1_TIME struct is not allocated */
s = NULL;
t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 15 + 7 * day;
offset_day = 7;
offset_sec = 45 * mini;
ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day,
offset_sec));
ExpectTrue(asn_time->type == asn_utc_time);
ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data,
CTC_DATE_SIZE));
date_str[CTC_DATE_SIZE] = '\0';
ExpectIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
asn_time = NULL;
ExpectNotNull(asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day,
offset_sec));
ExpectTrue(asn_time->type == asn_utc_time);
ExpectNotNull(XSTRNCPY(date_str, (const char*)&asn_time->data,
CTC_DATE_SIZE));
date_str[CTC_DATE_SIZE] = '\0';
ExpectIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_to_tm(void)
{
EXPECT_DECLS;
#if (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_ALL)) && !defined(NO_ASN_TIME)
ASN1_TIME asnTime;
struct tm tm;
time_t testTime = 1683926567; /* Fri May 12 09:22:47 PM UTC 2023 */
XMEMSET(&tm, 0, sizeof(struct tm));
XMEMSET(&asnTime, 0, sizeof(ASN1_TIME));
ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "000222211515Z"), 1);
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, NULL), 1);
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 1);
ExpectIntEQ(tm.tm_sec, 15);
ExpectIntEQ(tm.tm_min, 15);
ExpectIntEQ(tm.tm_hour, 21);
ExpectIntEQ(tm.tm_mday, 22);
ExpectIntEQ(tm.tm_mon, 1);
ExpectIntEQ(tm.tm_year, 100);
ExpectIntEQ(tm.tm_isdst, 0);
#ifdef XMKTIME
ExpectIntEQ(tm.tm_wday, 2);
ExpectIntEQ(tm.tm_yday, 52);
#endif
ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "500222211515Z"), 1);
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 1);
ExpectIntEQ(tm.tm_year, 50);
/* Get current time. */
ExpectIntEQ(ASN1_TIME_to_tm(NULL, NULL), 0);
ExpectIntEQ(ASN1_TIME_to_tm(NULL, &tm), 1);
XMEMSET(&asnTime, 0, sizeof(ASN1_TIME));
/* 0 length. */
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0);
/* No type. */
asnTime.length = 1;
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0);
/* Not UTCTIME length. */
asnTime.type = V_ASN1_UTCTIME;
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0);
/* Not GENERALIZEDTIME length. */
asnTime.type = V_ASN1_GENERALIZEDTIME;
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0);
/* Not Zulu timezone. */
ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "000222211515U"), 1);
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0);
ExpectIntEQ(ASN1_TIME_set_string(&asnTime, "20000222211515U"), 1);
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 0);
#ifdef XMKTIME
ExpectNotNull(ASN1_TIME_adj(&asnTime, testTime, 0, 0));
ExpectIntEQ(ASN1_TIME_to_tm(&asnTime, &tm), 1);
ExpectIntEQ(tm.tm_sec, 47);
ExpectIntEQ(tm.tm_min, 22);
ExpectIntEQ(tm.tm_hour, 21);
ExpectIntEQ(tm.tm_mday, 12);
ExpectIntEQ(tm.tm_mon, 4);
ExpectIntEQ(tm.tm_year, 123);
ExpectIntEQ(tm.tm_wday, 5);
ExpectIntEQ(tm.tm_yday, 131);
/* Confirm that when used with a tm struct from ASN1_TIME_adj, all other
fields are zeroed out as expected. */
ExpectIntEQ(tm.tm_isdst, 0);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_to_generalizedtime(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
WOLFSSL_ASN1_TIME *t = NULL;
WOLFSSL_ASN1_TIME *out = NULL;
WOLFSSL_ASN1_TIME *gtime = NULL;
int tlen = 0;
unsigned char *data = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TIME_new());
ExpectNull(wolfSSL_ASN1_TIME_to_generalizedtime(NULL, &out));
/* type not set. */
ExpectNull(wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
t = NULL;
/* UTC Time test */
ExpectNotNull(t = wolfSSL_ASN1_TIME_new());
if (t != NULL) {
XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE);
t->type = ASN_UTC_TIME;
t->length = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE);
}
ExpectIntEQ(tlen = wolfSSL_ASN1_TIME_get_length(t), ASN_UTC_TIME_SIZE);
ExpectStrEQ((char*)(data = wolfSSL_ASN1_TIME_get_data(t)), "050727123456Z");
out = NULL;
ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
wolfSSL_ASN1_TIME_free(gtime);
gtime = NULL;
ExpectNotNull(out = wolfSSL_ASN1_TIME_new());
ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
ExpectPtrEq(gtime, out);
ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME);
ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
ExpectStrEQ((char*)gtime->data, "20050727123456Z");
/* Generalized Time test */
ExpectNotNull(XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE));
ExpectNotNull(XMEMSET(out, 0, ASN_GENERALIZED_TIME_SIZE));
ExpectNotNull(XMEMSET(data, 0, ASN_GENERALIZED_TIME_SIZE));
if (t != NULL) {
t->type = ASN_GENERALIZED_TIME;
t->length = ASN_GENERALIZED_TIME_SIZE;
XMEMCPY(t->data, "20050727123456Z", ASN_GENERALIZED_TIME_SIZE);
}
ExpectIntEQ(tlen = wolfSSL_ASN1_TIME_get_length(t),
ASN_GENERALIZED_TIME_SIZE);
ExpectStrEQ((char*)(data = wolfSSL_ASN1_TIME_get_data(t)),
"20050727123456Z");
ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME);
ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
ExpectStrEQ((char*)gtime->data, "20050727123456Z");
/* UTC Time to Generalized Time 1900's test */
ExpectNotNull(XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE));
ExpectNotNull(XMEMSET(out, 0, ASN_GENERALIZED_TIME_SIZE));
ExpectNotNull(XMEMSET(data, 0, ASN_GENERALIZED_TIME_SIZE));
if (t != NULL) {
t->type = ASN_UTC_TIME;
t->length = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data, "500727123456Z", ASN_UTC_TIME_SIZE);
}
ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME);
ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
ExpectStrEQ((char*)gtime->data, "19500727123456Z");
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* Null parameter test */
ExpectNotNull(XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE));
gtime = NULL;
out = NULL;
if (t != NULL) {
t->type = ASN_UTC_TIME;
t->length = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE);
}
ExpectNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, NULL));
ExpectIntEQ(gtime->type, ASN_GENERALIZED_TIME);
ExpectIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
ExpectStrEQ((char*)gtime->data, "20050727123456Z");
XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_print(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_BIO) && \
(defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_ALL)) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_ASN_TIME)
BIO* bio = NULL;
BIO* fixed = NULL;
X509* x509 = NULL;
const unsigned char* der = client_cert_der_2048;
ASN1_TIME* notAfter = NULL;
ASN1_TIME* notBefore = NULL;
unsigned char buf[25];
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(der,
sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(notBefore = X509_get_notBefore(x509));
ExpectIntEQ(ASN1_TIME_print(NULL, NULL), 0);
ExpectIntEQ(ASN1_TIME_print(bio, NULL), 0);
ExpectIntEQ(ASN1_TIME_print(NULL, notBefore), 0);
ExpectIntEQ(ASN1_TIME_print(bio, notBefore), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
ExpectIntEQ(XMEMCMP(buf, "Dec 13 22:19:28 2023 GMT", sizeof(buf) - 1), 0);
/* Test BIO_write fails. */
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
/* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, buf, 1), 1);
ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 23), 1);
ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0);
/* create a bad time and test results */
ExpectNotNull(notAfter = X509_get_notAfter(x509));
ExpectIntEQ(ASN1_TIME_check(notAfter), 1);
if (EXPECT_SUCCESS()) {
notAfter->data[8] = 0;
notAfter->data[3] = 0;
}
ExpectIntNE(ASN1_TIME_print(bio, notAfter), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 14);
ExpectIntEQ(XMEMCMP(buf, "Bad time value", 14), 0);
ExpectIntEQ(ASN1_TIME_check(notAfter), 0);
BIO_free(bio);
BIO_free(fixed);
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_UTCTIME_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
BIO* bio = NULL;
ASN1_UTCTIME* utc = NULL;
unsigned char buf[25];
const char* validDate = "190424111501Z"; /* UTC = YYMMDDHHMMSSZ */
const char* invalidDate = "190424111501X"; /* UTC = YYMMDDHHMMSSZ */
const char* genDate = "20190424111501Z"; /* GEN = YYYYMMDDHHMMSSZ */
/* Valid date */
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectNotNull(utc = (ASN1_UTCTIME*)XMALLOC(sizeof(ASN1_UTCTIME), NULL,
DYNAMIC_TYPE_ASN1));
if (utc != NULL) {
utc->type = ASN_UTC_TIME;
utc->length = ASN_UTC_TIME_SIZE;
XMEMCPY(utc->data, (byte*)validDate, ASN_UTC_TIME_SIZE);
}
ExpectIntEQ(ASN1_UTCTIME_print(NULL, NULL), 0);
ExpectIntEQ(ASN1_UTCTIME_print(bio, NULL), 0);
ExpectIntEQ(ASN1_UTCTIME_print(NULL, utc), 0);
ExpectIntEQ(ASN1_UTCTIME_print(bio, utc), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
ExpectIntEQ(XMEMCMP(buf, "Apr 24 11:15:01 2019 GMT", sizeof(buf)-1), 0);
XMEMSET(buf, 0, sizeof(buf));
BIO_free(bio);
bio = NULL;
/* Invalid format */
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
if (utc != NULL) {
utc->type = ASN_UTC_TIME;
utc->length = ASN_UTC_TIME_SIZE;
XMEMCPY(utc->data, (byte*)invalidDate, ASN_UTC_TIME_SIZE);
}
ExpectIntEQ(ASN1_UTCTIME_print(bio, utc), 0);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 14);
ExpectIntEQ(XMEMCMP(buf, "Bad time value", 14), 0);
/* Invalid type */
if (utc != NULL) {
utc->type = ASN_GENERALIZED_TIME;
utc->length = ASN_GENERALIZED_TIME_SIZE;
XMEMCPY(utc->data, (byte*)genDate, ASN_GENERALIZED_TIME_SIZE);
}
ExpectIntEQ(ASN1_UTCTIME_print(bio, utc), 0);
XFREE(utc, NULL, DYNAMIC_TYPE_ASN1);
BIO_free(bio);
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */
return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TYPE(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD) || \
defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
WOLFSSL_ASN1_TYPE* t = NULL;
WOLFSSL_ASN1_OBJECT* obj = NULL;
#ifndef NO_ASN_TIME
WOLFSSL_ASN1_TIME* time = NULL;
#endif
WOLFSSL_ASN1_STRING* str = NULL;
unsigned char data[] = { 0x00 };
ASN1_TYPE_set(NULL, V_ASN1_NULL, NULL);
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ASN1_TYPE_set(t, V_ASN1_EOC, NULL);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ASN1_TYPE_set(t, V_ASN1_NULL, NULL);
ASN1_TYPE_set(t, V_ASN1_NULL, data);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(obj = wolfSSL_ASN1_OBJECT_new());
ASN1_TYPE_set(t, V_ASN1_OBJECT, obj);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
#ifndef NO_ASN_TIME
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(time = wolfSSL_ASN1_TIME_new());
ASN1_TYPE_set(t, V_ASN1_UTCTIME, time);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(time = wolfSSL_ASN1_TIME_new());
ASN1_TYPE_set(t, V_ASN1_GENERALIZEDTIME, time);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
#endif
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(str = wolfSSL_ASN1_STRING_new());
ASN1_TYPE_set(t, V_ASN1_UTF8STRING, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(str = wolfSSL_ASN1_STRING_new());
ASN1_TYPE_set(t, V_ASN1_PRINTABLESTRING, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(str = wolfSSL_ASN1_STRING_new());
ASN1_TYPE_set(t, V_ASN1_T61STRING, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(str = wolfSSL_ASN1_STRING_new());
ASN1_TYPE_set(t, V_ASN1_IA5STRING, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(str = wolfSSL_ASN1_STRING_new());
ASN1_TYPE_set(t, V_ASN1_UNIVERSALSTRING, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
ExpectNotNull(t = wolfSSL_ASN1_TYPE_new());
ExpectNotNull(str = wolfSSL_ASN1_STRING_new());
ASN1_TYPE_set(t, V_ASN1_SEQUENCE, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
#endif
return EXPECT_RESULT();
}
/* Testing code used in dpp.c in hostap */
#if defined(OPENSSL_ALL) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
typedef struct {
/* AlgorithmIdentifier ecPublicKey with optional parameters present
* as an OID identifying the curve */
X509_ALGOR *alg;
/* Compressed format public key per ANSI X9.63 */
ASN1_BIT_STRING *pub_key;
} DPP_BOOTSTRAPPING_KEY;
ASN1_SEQUENCE(DPP_BOOTSTRAPPING_KEY) = {
ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, alg, X509_ALGOR),
ASN1_SIMPLE(DPP_BOOTSTRAPPING_KEY, pub_key, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END(DPP_BOOTSTRAPPING_KEY)
IMPLEMENT_ASN1_FUNCTIONS(DPP_BOOTSTRAPPING_KEY)
typedef struct {
ASN1_INTEGER *integer;
} TEST_ASN1;
ASN1_SEQUENCE(TEST_ASN1) = {
ASN1_SIMPLE(TEST_ASN1, integer, ASN1_INTEGER),
} ASN1_SEQUENCE_END(TEST_ASN1)
IMPLEMENT_ASN1_FUNCTIONS(TEST_ASN1)
typedef struct {
ASN1_OCTET_STRING *octet_string;
} TEST_FAIL_ASN1;
#define WOLFSSL_ASN1_OCTET_STRING_ASN1 4
ASN1_SEQUENCE(TEST_FAIL_ASN1) = {
ASN1_SIMPLE(TEST_FAIL_ASN1, octet_string, ASN1_OCTET_STRING),
} ASN1_SEQUENCE_END(TEST_FAIL_ASN1)
IMPLEMENT_ASN1_FUNCTIONS(TEST_FAIL_ASN1)
#endif
static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void)
{
EXPECT_DECLS;
/* Testing code used in dpp.c in hostap */
#if defined(OPENSSL_ALL) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
EC_KEY *eckey = NULL;
EVP_PKEY *key = NULL;
size_t len = 0;
unsigned char *der = NULL;
DPP_BOOTSTRAPPING_KEY *bootstrap = NULL;
const unsigned char *in = ecc_clikey_der_256;
WOLFSSL_ASN1_OBJECT* ec_obj = NULL;
WOLFSSL_ASN1_OBJECT* group_obj = NULL;
const EC_GROUP *group = NULL;
const EC_POINT *point = NULL;
int nid;
TEST_ASN1 *test_asn1 = NULL;
TEST_FAIL_ASN1 test_fail_asn1;
const unsigned char badObjDer[] = { 0x06, 0x00 };
const unsigned char goodObjDer[] = {
0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01
};
WOLFSSL_ASN1_ITEM emptyTemplate;
XMEMSET(&emptyTemplate, 0, sizeof(WOLFSSL_ASN1_ITEM));
ExpectNotNull(bootstrap = DPP_BOOTSTRAPPING_KEY_new());
der = NULL;
ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(NULL, &der), 0);
ExpectIntEQ(wolfSSL_ASN1_item_i2d(bootstrap, &der, NULL), 0);
ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0);
ExpectNotNull(key = d2i_PrivateKey(EVP_PKEY_EC, NULL, &in,
(long)sizeof_ecc_clikey_der_256));
ExpectNotNull(eckey = EVP_PKEY_get1_EC_KEY(key));
ExpectNotNull(group = EC_KEY_get0_group(eckey));
ExpectNotNull(point = EC_KEY_get0_public_key(eckey));
nid = EC_GROUP_get_curve_name(group);
ec_obj = OBJ_nid2obj(EVP_PKEY_EC);
group_obj = OBJ_nid2obj(nid);
if ((ec_obj != NULL) && (group_obj != NULL)) {
ExpectIntEQ(X509_ALGOR_set0(bootstrap->alg, ec_obj, V_ASN1_OBJECT,
group_obj), 1);
if (EXPECT_SUCCESS()) {
ec_obj = NULL;
group_obj = NULL;
}
}
wolfSSL_ASN1_OBJECT_free(group_obj);
wolfSSL_ASN1_OBJECT_free(ec_obj);
ExpectIntEQ(EC_POINT_point2oct(group, point, 0, NULL, 0, NULL), 0);
#ifdef HAVE_COMP_KEY
ExpectIntGT((len = EC_POINT_point2oct(
group, point, POINT_CONVERSION_COMPRESSED,
NULL, 0, NULL)), 0);
#else
ExpectIntGT((len = EC_POINT_point2oct(
group, point, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, NULL)), 0);
#endif
ExpectNotNull(der = (unsigned char*)XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1));
#ifdef HAVE_COMP_KEY
ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED,
der, len-1, NULL), 0);
ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED,
der, len, NULL), len);
#else
ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED,
der, len-1, NULL), 0);
ExpectIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED,
der, len, NULL), len);
#endif
if (EXPECT_SUCCESS()) {
bootstrap->pub_key->data = der;
bootstrap->pub_key->length = (int)len;
/* Not actually used */
bootstrap->pub_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
bootstrap->pub_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
}
ExpectIntGT(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, NULL), 0);
der = NULL;
ExpectIntGT(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0);
ExpectIntGT(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0);
XFREE(der, NULL, DYNAMIC_TYPE_ASN1);
EVP_PKEY_free(key);
EC_KEY_free(eckey);
DPP_BOOTSTRAPPING_KEY_free(bootstrap);
bootstrap = NULL;
DPP_BOOTSTRAPPING_KEY_free(NULL);
/* Create bootstrap key with bad OBJECT_ID DER data, parameter that is
* a NULL and an empty BIT_STRING. */
ExpectNotNull(bootstrap = DPP_BOOTSTRAPPING_KEY_new());
ExpectNotNull(bootstrap->alg->algorithm = wolfSSL_ASN1_OBJECT_new());
if (EXPECT_SUCCESS()) {
bootstrap->alg->algorithm->obj = badObjDer;
bootstrap->alg->algorithm->objSz = (unsigned int)sizeof(badObjDer);
}
ExpectNotNull(bootstrap->alg->parameter = wolfSSL_ASN1_TYPE_new());
if (EXPECT_SUCCESS()) {
bootstrap->alg->parameter->type = V_ASN1_NULL;
bootstrap->alg->parameter->value.ptr = NULL;
bootstrap->pub_key->data = NULL;
bootstrap->pub_key->length = 0;
/* Not actually used */
bootstrap->pub_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
bootstrap->pub_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
}
/* Encode with bad OBJECT_ID. */
der = NULL;
ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 0);
/* Fix OBJECT_ID and encode with empty BIT_STRING. */
if (EXPECT_SUCCESS()) {
bootstrap->alg->algorithm->obj = goodObjDer;
bootstrap->alg->algorithm->objSz = (unsigned int)sizeof(goodObjDer);
bootstrap->alg->algorithm->grp = 2;
}
der = NULL;
ExpectIntEQ(i2d_DPP_BOOTSTRAPPING_KEY(bootstrap, &der), 16);
ExpectIntEQ(wolfSSL_ASN1_item_i2d(bootstrap, &der, &emptyTemplate), 0);
XFREE(der, NULL, DYNAMIC_TYPE_ASN1);
DPP_BOOTSTRAPPING_KEY_free(bootstrap);
/* Test integer */
ExpectNotNull(test_asn1 = TEST_ASN1_new());
der = NULL;
ExpectIntEQ(ASN1_INTEGER_set(test_asn1->integer, 100), 1);
ExpectIntEQ(i2d_TEST_ASN1(test_asn1, &der), 5);
XFREE(der, NULL, DYNAMIC_TYPE_ASN1);
TEST_ASN1_free(test_asn1);
/* Test integer cases. */
ExpectNull(wolfSSL_ASN1_item_new(NULL));
TEST_ASN1_free(NULL);
/* Test error cases. */
ExpectNull(TEST_FAIL_ASN1_new());
ExpectNull(wolfSSL_ASN1_item_new(NULL));
TEST_FAIL_ASN1_free(NULL);
XMEMSET(&test_fail_asn1, 0, sizeof(TEST_FAIL_ASN1));
ExpectIntEQ(i2d_TEST_FAIL_ASN1(&test_fail_asn1, &der), 0);
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL && HAVE_ECC && USE_CERT_BUFFERS_256 */
return EXPECT_RESULT();
}
static int test_wolfSSL_lhash(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
const char testStr[] = "Like a true nature's child\n"
"We were born\n"
"Born to be wild";
#ifdef NO_SHA
ExpectIntEQ(lh_strhash(testStr), 0xf9dc8a43);
#else
ExpectIntEQ(lh_strhash(testStr), 0x5b7541dc);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT) || \
defined(OPENSSL_EXTRA))
X509* x509 = NULL;
const unsigned char* c = NULL;
unsigned char buf[4096];
int bytes = 0;
XFILE f = XBADFILE;
const X509_NAME* a = NULL;
const X509_NAME* b = NULL;
X509_NAME* d2i_name = NULL;
int sz = 0;
unsigned char* tmp = NULL;
char file[] = "./certs/ca-cert.der";
#ifndef OPENSSL_EXTRA_X509_SMALL
byte empty[] = { /* CN=empty emailAddress= */
0x30, 0x21, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03,
0x55, 0x04, 0x03, 0x0C, 0x05, 0x65, 0x6D, 0x70,
0x74, 0x79, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x01, 0x16, 0x00
};
#endif
#ifndef OPENSSL_EXTRA_X509_SMALL
/* test compile of deprecated function, returns 0 */
ExpectIntEQ(CRYPTO_thread_id(), 0);
#endif
ExpectNotNull(a = X509_NAME_new());
X509_NAME_free((X509_NAME*)a);
a = NULL;
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
c = buf;
ExpectNotNull(x509 = wolfSSL_X509_d2i_ex(NULL, c, bytes, HEAP_HINT));
/* test cmp function */
ExpectNotNull(a = X509_get_issuer_name(x509));
ExpectNotNull(b = X509_get_subject_name(x509));
#ifndef OPENSSL_EXTRA_X509_SMALL
ExpectIntEQ(X509_NAME_cmp(a, b), 0); /* self signed should be 0 */
#endif
tmp = buf;
ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)a, &tmp)), 0);
if (sz > 0 && tmp == buf) {
fprintf(stderr, "\nERROR - %s line %d failed with:", __FILE__,
__LINE__);
fprintf(stderr, " Expected pointer to be incremented\n");
abort();
}
#ifndef OPENSSL_EXTRA_X509_SMALL
tmp = buf;
ExpectNotNull(d2i_name = d2i_X509_NAME(NULL, &tmp, sz));
#endif
/* if output parameter is NULL, should still return required size. */
ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)b, NULL)), 0);
/* retry but with the function creating a buffer */
tmp = NULL;
ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0);
XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL);
tmp = NULL;
#ifdef WOLFSSL_CERT_NAME_ALL
/* test for givenName and name */
{
WOLFSSL_X509_NAME_ENTRY* entry = NULL;
const byte gName[] = "test-given-name";
const byte name[] = "test-name";
ExpectNotNull(entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL,
NID_givenName, ASN_UTF8STRING, gName, sizeof(gName)));
ExpectIntEQ(wolfSSL_X509_NAME_add_entry((X509_NAME*)b, entry, -1, 0),
1);
wolfSSL_X509_NAME_ENTRY_free(entry);
entry = NULL;
ExpectNotNull(entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL,
NID_name, ASN_UTF8STRING, name, sizeof(name)));
ExpectIntEQ(wolfSSL_X509_NAME_add_entry((X509_NAME*)b, entry, -1, 0),
1);
wolfSSL_X509_NAME_ENTRY_free(entry);
tmp = NULL;
ExpectIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0);
XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL);
}
#endif
b = NULL;
ExpectNotNull(b = X509_NAME_dup((X509_NAME*)a));
#ifndef OPENSSL_EXTRA_X509_SMALL
ExpectIntEQ(X509_NAME_cmp(a, b), 0);
#endif
X509_NAME_free((X509_NAME*)b);
X509_NAME_free(d2i_name);
d2i_name = NULL;
X509_free(x509);
#ifndef OPENSSL_EXTRA_X509_SMALL
/* test with an empty domain component */
tmp = empty;
sz = sizeof(empty);
ExpectNotNull(d2i_name = d2i_X509_NAME(NULL, &tmp, sz));
ExpectIntEQ(X509_NAME_entry_count(d2i_name), 2);
/* size of empty emailAddress will be 0 */
tmp = buf;
ExpectIntEQ(X509_NAME_get_text_by_NID(d2i_name, NID_emailAddress,
(char*)tmp, sizeof(buf)), 0);
/* should contain no organization name */
tmp = buf;
ExpectIntEQ(X509_NAME_get_text_by_NID(d2i_name, NID_organizationName,
(char*)tmp, sizeof(buf)), -1);
X509_NAME_free(d2i_name);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME_hash(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_BIO)
BIO* bio = NULL;
X509* x509 = NULL;
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0);
ExpectNotNull(PEM_read_bio_X509(bio, &x509, NULL, NULL));
ExpectIntEQ(X509_NAME_hash(X509_get_subject_name(x509)), 0x137DC03F);
ExpectIntEQ(X509_NAME_hash(X509_get_issuer_name(x509)), 0xFDB2DA4);
X509_free(x509);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME_print_ex(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))) && \
!defined(NO_BIO) && !defined(NO_RSA)
int memSz = 0;
byte* mem = NULL;
BIO* bio = NULL;
BIO* membio = NULL;
X509* x509 = NULL;
X509_NAME* name = NULL;
const char* expNormal = "C=US, CN=wolfssl.com";
const char* expEqSpace = "C = US, CN = wolfssl.com";
const char* expReverse = "CN=wolfssl.com, C=US";
const char* expNotEscaped = "C= US,+\"\\ , CN=#wolfssl.com<>;";
const char* expNotEscapedRev = "CN=#wolfssl.com<>;, C= US,+\"\\ ";
const char* expRFC5523 =
"CN=\\#wolfssl.com\\<\\>\\;, C=\\ US\\,\\+\\\"\\\\\\ ";
/* Test with real cert (svrCertFile) first */
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0);
ExpectNotNull(PEM_read_bio_X509(bio, &x509, NULL, NULL));
ExpectNotNull(name = X509_get_subject_name(x509));
/* Test without flags */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
BIO_free(membio);
membio = NULL;
/* Test flag: XN_FLAG_RFC2253 */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0,
XN_FLAG_RFC2253), WOLFSSL_SUCCESS);
BIO_free(membio);
membio = NULL;
/* Test flag: XN_FLAG_RFC2253 | XN_FLAG_DN_REV */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0,
XN_FLAG_RFC2253 | XN_FLAG_DN_REV), WOLFSSL_SUCCESS);
BIO_free(membio);
membio = NULL;
X509_free(x509);
BIO_free(bio);
name = NULL;
/* Test normal case without escaped characters */
{
/* Create name: "/C=US/CN=wolfssl.com" */
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName",
MBSTRING_UTF8, (byte*)"US", 2, -1, 0),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName",
MBSTRING_UTF8, (byte*)"wolfssl.com", 11, -1, 0),
WOLFSSL_SUCCESS);
/* Test without flags */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expNormal));
ExpectIntEQ(XSTRNCMP((char*)mem, expNormal, XSTRLEN(expNormal)), 0);
BIO_free(membio);
membio = NULL;
/* Test with XN_FLAG_ONELINE which should enable XN_FLAG_SPC_EQ for
spaces aroun '=' */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, XN_FLAG_ONELINE),
WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expEqSpace));
ExpectIntEQ(XSTRNCMP((char*)mem, expEqSpace, XSTRLEN(expEqSpace)), 0);
BIO_free(membio);
membio = NULL;
/* Test flags: XN_FLAG_RFC2253 - should be reversed */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0,
XN_FLAG_RFC2253), WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expReverse));
BIO_free(membio);
membio = NULL;
/* Test flags: XN_FLAG_DN_REV - reversed */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0,
XN_FLAG_DN_REV), WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expReverse));
ExpectIntEQ(XSTRNCMP((char*)mem, expReverse, XSTRLEN(expReverse)), 0);
BIO_free(membio);
membio = NULL;
X509_NAME_free(name);
name = NULL;
}
/* Test RFC2253 characters are escaped with backslashes */
{
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName",
/* space at beginning and end, and: ,+"\ */
MBSTRING_UTF8, (byte*)" US,+\"\\ ", 8, -1, 0),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName",
/* # at beginning, and: <>;*/
MBSTRING_UTF8, (byte*)"#wolfssl.com<>;", 15, -1, 0),
WOLFSSL_SUCCESS);
/* Test without flags */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expNotEscaped));
ExpectIntEQ(XSTRNCMP((char*)mem, expNotEscaped,
XSTRLEN(expNotEscaped)), 0);
BIO_free(membio);
membio = NULL;
/* Test flags: XN_FLAG_RFC5523 - should be reversed and escaped */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0,
XN_FLAG_RFC2253), WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expRFC5523));
ExpectIntEQ(XSTRNCMP((char*)mem, expRFC5523, XSTRLEN(expRFC5523)), 0);
BIO_free(membio);
membio = NULL;
/* Test flags: XN_FLAG_DN_REV - reversed but not escaped */
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0,
XN_FLAG_DN_REV), WOLFSSL_SUCCESS);
ExpectIntGE((memSz = BIO_get_mem_data(membio, &mem)), 0);
ExpectIntEQ(memSz, XSTRLEN(expNotEscapedRev));
ExpectIntEQ(XSTRNCMP((char*)mem, expNotEscapedRev,
XSTRLEN(expNotEscapedRev)), 0);
BIO_free(membio);
X509_NAME_free(name);
}
#endif
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_X509_INFO_multiple_info(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
STACK_OF(X509_INFO) *info_stack = NULL;
X509_INFO *info = NULL;
int len;
int i;
const char* files[] = {
cliCertFile,
cliKeyFile,
/* This needs to be the order as svrCertFile contains the
* intermediate cert as well. */
svrKeyFile,
svrCertFile,
NULL,
};
const char** curFile;
BIO *fileBIO = NULL;
BIO *concatBIO = NULL;
byte tmp[FOURK_BUF];
/* concatenate the cert and the key file to force PEM_X509_INFO_read_bio
* to group objects together. */
ExpectNotNull(concatBIO = BIO_new(BIO_s_mem()));
for (curFile = files; EXPECT_SUCCESS() && *curFile != NULL; curFile++) {
int fileLen = 0;
ExpectNotNull(fileBIO = BIO_new_file(*curFile, "rb"));
ExpectIntGT(fileLen = wolfSSL_BIO_get_len(fileBIO), 0);
if (EXPECT_SUCCESS()) {
while ((len = BIO_read(fileBIO, tmp, sizeof(tmp))) > 0) {
ExpectIntEQ(BIO_write(concatBIO, tmp, len), len);
fileLen -= len;
if (EXPECT_FAIL())
break;
}
/* Make sure we read the entire file */
ExpectIntEQ(fileLen, 0);
}
BIO_free(fileBIO);
fileBIO = NULL;
}
ExpectNotNull(info_stack = PEM_X509_INFO_read_bio(concatBIO, NULL, NULL,
NULL));
ExpectIntEQ(sk_X509_INFO_num(info_stack), 3);
for (i = 0; i < sk_X509_INFO_num(info_stack); i++) {
ExpectNotNull(info = sk_X509_INFO_value(info_stack, i));
ExpectNotNull(info->x509);
ExpectNull(info->crl);
if (i != 0) {
ExpectNotNull(info->x_pkey);
ExpectIntEQ(X509_check_private_key(info->x509,
info->x_pkey->dec_pkey), 1);
}
else {
ExpectNull(info->x_pkey);
}
}
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
BIO_free(concatBIO);
#endif
return EXPECT_RESULT();
}
#endif
#ifndef NO_BIO
static int test_wolfSSL_X509_INFO(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
STACK_OF(X509_INFO) *info_stack = NULL;
X509_INFO *info = NULL;
BIO *cert = NULL;
int i;
/* PEM in hex format to avoid null terminator */
byte data[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47,
0x49, 0x4e, 0x20, 0x43, 0x45, 0x52, 0x54, 0x63, 0x2d, 0x2d, 0x2d, 0x2d,
0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x44, 0x4d, 0x54, 0x42, 0x75, 0x51, 0x3d,
0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d
};
/* PEM in hex format to avoid null terminator */
byte data2[] = {
0x41, 0x53, 0x4e, 0x31, 0x20, 0x4f, 0x49, 0x44, 0x3a, 0x20, 0x70, 0x72,
0x69, 0x6d, 0x65, 0x32, 0x35, 0x36, 0x76, 0x31, 0x0a, 0x2d, 0x2d, 0x2d,
0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x45, 0x43, 0x20, 0x50,
0x41, 0x52, 0x41, 0x4d, 0x45, 0x54, 0x45, 0x52, 0x53, 0x2d, 0x2d, 0x2d,
0x2d, 0x43, 0x65, 0x72, 0x74, 0x69, 0x2d, 0x0a, 0x42, 0x67, 0x67, 0x71,
0x68, 0x6b, 0x6a, 0x4f, 0x50, 0x51, 0x4d, 0x42, 0x42, 0x77, 0x3d, 0x3d,
0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
};
ExpectNotNull(cert = BIO_new_file(cliCertFileExt, "rb"));
ExpectNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
for (i = 0; i < sk_X509_INFO_num(info_stack); i++) {
ExpectNotNull(info = sk_X509_INFO_value(info_stack, i));
ExpectNotNull(info->x509);
ExpectNull(info->crl);
ExpectNull(info->x_pkey);
}
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
info_stack = NULL;
BIO_free(cert);
cert = NULL;
ExpectNotNull(cert = BIO_new_file(cliCertFileExt, "rb"));
ExpectNotNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
info_stack = NULL;
BIO_free(cert);
cert = NULL;
/* This case should fail due to invalid input. */
ExpectNotNull(cert = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_write(cert, data, sizeof(data)), sizeof(data));
ExpectNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
info_stack = NULL;
BIO_free(cert);
cert = NULL;
ExpectNotNull(cert = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_write(cert, data2, sizeof(data2)), sizeof(data2));
ExpectNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
BIO_free(cert);
#endif
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_X509_subject_name_hash(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
X509* x509 = NULL;
X509_NAME* subjectName = NULL;
unsigned long ret1 = 0;
unsigned long ret2 = 0;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(subjectName = wolfSSL_X509_get_subject_name(x509));
/* These two
* - X509_subject_name_hash(x509)
* - X509_NAME_hash(X509_get_subject_name(x509))
* should give the same hash, if !defined(NO_SHA) is true. */
ret1 = X509_subject_name_hash(x509);
ExpectIntNE(ret1, 0);
#if !defined(NO_SHA)
ret2 = X509_NAME_hash(X509_get_subject_name(x509));
ExpectIntNE(ret2, 0);
ExpectIntEQ(ret1, ret2);
#else
(void) ret2;
#endif
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_issuer_name_hash(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
&& !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
X509* x509 = NULL;
X509_NAME* issuertName = NULL;
unsigned long ret1 = 0;
unsigned long ret2 = 0;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(issuertName = wolfSSL_X509_get_issuer_name(x509));
/* These two
* - X509_issuer_name_hash(x509)
* - X509_NAME_hash(X509_get_issuer_name(x509))
* should give the same hash, if !defined(NO_SHA) is true. */
ret1 = X509_issuer_name_hash(x509);
ExpectIntNE(ret1, 0);
#if !defined(NO_SHA)
ret2 = X509_NAME_hash(X509_get_issuer_name(x509));
ExpectIntNE(ret2, 0);
ExpectIntEQ(ret1, ret2);
#else
(void) ret2;
#endif
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_host(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
&& !defined(NO_SHA) && !defined(NO_RSA)
X509* x509 = NULL;
const char altName[] = "example.com";
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(X509_check_host(x509, altName, XSTRLEN(altName), 0, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_check_host(x509, NULL, 0, 0, NULL),
WOLFSSL_FAILURE);
X509_free(x509);
ExpectIntEQ(X509_check_host(NULL, altName, XSTRLEN(altName), 0, NULL),
WOLFSSL_FAILURE);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_email(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
X509* x509 = NULL;
const char goodEmail[] = "info@wolfssl.com";
const char badEmail[] = "disinfo@wolfssl.com";
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
/* Should fail on non-matching email address */
ExpectIntEQ(wolfSSL_X509_check_email(x509, badEmail, XSTRLEN(badEmail), 0),
WOLFSSL_FAILURE);
/* Should succeed on matching email address */
ExpectIntEQ(wolfSSL_X509_check_email(x509, goodEmail, XSTRLEN(goodEmail), 0),
WOLFSSL_SUCCESS);
/* Should compute length internally when not provided */
ExpectIntEQ(wolfSSL_X509_check_email(x509, goodEmail, 0, 0),
WOLFSSL_SUCCESS);
/* Should fail when email address is NULL */
ExpectIntEQ(wolfSSL_X509_check_email(x509, NULL, 0, 0),
WOLFSSL_FAILURE);
X509_free(x509);
/* Should fail when x509 is NULL */
ExpectIntEQ(wolfSSL_X509_check_email(NULL, goodEmail, 0, 0),
WOLFSSL_FAILURE);
#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */
return EXPECT_RESULT();
}
static int test_wc_PemToDer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
int ret;
DerBuffer* pDer = NULL;
const char* ca_cert = "./certs/server-cert.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0;
int eccKey = 0;
EncryptedInfo info;
XMEMSET(&info, 0, sizeof(info));
ExpectIntEQ(ret = load_file(ca_cert, &cert_buf, &cert_sz), 0);
ExpectIntEQ(ret = wc_PemToDer(cert_buf, (long int)cert_sz, CERT_TYPE, &pDer, NULL,
&info, &eccKey), 0);
wc_FreeDer(&pDer);
pDer = NULL;
if (cert_buf != NULL) {
free(cert_buf);
cert_buf = NULL;
}
#ifdef HAVE_ECC
{
const char* ecc_private_key = "./certs/ecc-privOnlyKey.pem";
byte key_buf[256] = {0};
/* Test fail of loading a key with cert type */
ExpectIntEQ(load_file(ecc_private_key, &cert_buf, &cert_sz), 0);
key_buf[0] = '\n';
ExpectNotNull(XMEMCPY(key_buf + 1, cert_buf, cert_sz));
ExpectIntNE((ret = wc_PemToDer(key_buf, cert_sz + 1, CERT_TYPE,
&pDer, NULL, &info, &eccKey)), 0);
#ifdef OPENSSL_EXTRA
ExpectIntEQ((ret = wc_PemToDer(key_buf, cert_sz + 1, PRIVATEKEY_TYPE,
&pDer, NULL, &info, &eccKey)), 0);
#endif
wc_FreeDer(&pDer);
if (cert_buf != NULL)
free(cert_buf);
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wc_AllocDer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS)
DerBuffer* pDer = NULL;
word32 testSize = 1024;
ExpectIntEQ(wc_AllocDer(NULL, testSize, CERT_TYPE, HEAP_HINT),
BAD_FUNC_ARG);
ExpectIntEQ(wc_AllocDer(&pDer, testSize, CERT_TYPE, HEAP_HINT), 0);
ExpectNotNull(pDer);
wc_FreeDer(&pDer);
#endif
return EXPECT_RESULT();
}
static int test_wc_CertPemToDer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
const char* ca_cert = "./certs/ca-cert.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0;
size_t cert_dersz = 0;
byte* cert_der = NULL;
ExpectIntEQ(load_file(ca_cert, &cert_buf, &cert_sz), 0);
cert_dersz = cert_sz; /* DER will be smaller than PEM */
ExpectNotNull(cert_der = (byte*)malloc(cert_dersz));
ExpectIntGE(wc_CertPemToDer(cert_buf, (int)cert_sz, cert_der,
(int)cert_dersz, CERT_TYPE), 0);
ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, NULL, -1, CERT_TYPE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CertPemToDer(cert_buf, (int)cert_sz, NULL, -1, CERT_TYPE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, cert_der, -1, CERT_TYPE),
BAD_FUNC_ARG);
ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, NULL, (int)cert_dersz,
CERT_TYPE), BAD_FUNC_ARG);
ExpectIntEQ(wc_CertPemToDer(NULL, (int)cert_sz, cert_der,
(int)cert_dersz, CERT_TYPE), BAD_FUNC_ARG);
ExpectIntEQ(wc_CertPemToDer(cert_buf, (int)cert_sz, NULL,
(int)cert_dersz, CERT_TYPE), BAD_FUNC_ARG);
ExpectIntEQ(wc_CertPemToDer(cert_buf, (int)cert_sz, cert_der, -1,
CERT_TYPE), BAD_FUNC_ARG);
if (cert_der != NULL)
free(cert_der);
if (cert_buf != NULL)
free(cert_buf);
#endif
return EXPECT_RESULT();
}
static int test_wc_KeyPemToDer(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
int ret = 0;
const byte cert_buf[] = \
"-----BEGIN PRIVATE KEY-----\n"
"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDMG5KgWxP002pA\n"
"QJIdA4H5N0oM1Wf0LrHcos5RYUlrHDkC2b5p2BUpVRPmgDAFD2+8leim98x0BvcB\n"
"k48TNzrVynuwyVEY664+iQyzEBO5v27HPRydOddprbLCvRO036XINGIjauy1jHFi\n"
"HaDVx3bexSwgp9aefUGAszFXi4q1J4GacV7Cr2b/wBqUHqWv4ZXPu6R9/UYngTkD\n"
"UDJL5gLlLfcLzNyyodKPHPCIAKdWn6mSVdcHk8XVpK4y9lgz4E7YDWA6ohKZgWgG\n"
"2RDha8CMilFMDgYa0G0SiS9g3PQx0qh3AMXJJsKSVhScFCZufAE0kV6KvjP7jAqP\n"
"XBiSkRGPAgMBAAECggEAW7hmRyY2jRX2UMJThrM9VIs6fRLnYI0dQ0tsEJj536ay\n"
"nevQjArc05KWW0Yujg+WRDZPcry3RUqd9Djlmhp/F3Si6dpF1b+PMS3wJYVrf9Sd\n"
"SO5W7faArU4vnyBNe0HnY1Ta5xSVI65lg1RSIs88RTZwsooJwXYDGf0shq0/21CE\n"
"V8HOb27DDYNcEnm35lzaONjFnMqQQT2Vs9anRrPiSEXNleEvTgLVXZtGTyCGTz6v\n"
"x86Y8eSWL9YNHvPE1I+mDPuocfSR7eRNgRu7SK3mn94W5mqd7Ns072YKX/2XN1mO\n"
"66+ZFHO6v4dK1u7cSjuwrU1EhLHpUsgDz6Bna5InyQKBgQDv5l8RPy8UneKSADaf\n"
"M5L/5675I/5t4nqVjvbnQje00YveLTAEjlJBNR93Biln3sYgnvNamYDCxyEuUZ/I\n"
"S/vmBL9PoxfGZow4FcsIBOEbIn3E0SYJgCBNWthquUvGpKsYDnThJuhO+1cVmxAJ\n"
"BUOjLFnJYHM0a+Vmk9GexT2OBwKBgQDZzkUBOK7Im3eiYytFocUJyhqMH30d49X9\n"
"ujC7kGw4UWAqVe7YCSvlBa8nzWpRWK2kRpu3M0272RU0V4geyWqT+nr/SvRRPtNP\n"
"F5dY8l3yR7hjtSejqqjOfBcZT6ETJxI4tiG0+Nl5BlfM5M+0nxnkWpRcHuOR3j79\n"
"YUFERyN+OQKBgQCjlOKeUAc6d65W/+4/AFvsQ378Q57qLtSHxsR1TKHPmlNVXFqx\n"
"wJo1/JNIBduWCEHxXHF0BdfW+RGXE/FwEt/hKLuLAhrkHmjelX2sKieU6R/5ZOQa\n"
"9lMQbDHGFDOncAF6leD85hriQGBRSzrT69MDIOrYdfwYcroqCAGX0cb3YQKBgQC8\n"
"iIFQylj5SyHmjcMSNjKSA8CxFDzAV8yPIdE3Oo+CvGXqn5HsrRuy1hXE9VmXapR8\n"
"A6ackSszdHiXY0FvrNe1mfdH7wDHJwPQjdIzazCJHS3uGQxj7sDKY7226ie6pXJv\n"
"ZrCMr2/IBAaSVGm6ppHKCeIsT4ybYm7R85KEYLPHeQKBgBeJOMBinXQfWN/1jT9b\n"
"6Ywrutvp2zP8hVxQGSZJ0WG4iewZyFLsPUlbWRXOSYNPElHmdD0ZomdLVm+lSpAA\n"
"XSH5FJ/IFCwqq7Eft6Gf8NFRV+NjPMUny+PnjHe4oFP8YK/Ek22K3ttNG8Hw69Aw\n"
"AQue5o6oVfhgLiJzMdo/77gw\n"
"-----END PRIVATE KEY-----\n";
const int cert_sz = sizeof(cert_buf);
const char cert_pw[] = "password";
int cert_dersz = 0;
byte* cert_der = NULL;
/* Bad arg: Cert buffer is NULL */
ExpectIntEQ(wc_KeyPemToDer(NULL, cert_sz, cert_der, cert_dersz, ""),
BAD_FUNC_ARG);
/* Bad arg: Cert DER buffer non-NULL but size zero (or less) */
ExpectIntEQ(wc_KeyPemToDer(cert_buf, cert_sz, (byte*)&cert_der, 0, ""),
BAD_FUNC_ARG);
/* Test normal operation */
cert_dersz = cert_sz; /* DER will be smaller than PEM */
ExpectNotNull(cert_der = (byte*)malloc((size_t)cert_dersz));
ExpectIntGE(ret = wc_KeyPemToDer(cert_buf, cert_sz, cert_der, cert_dersz,
cert_pw), 0);
ExpectIntLE(ret, cert_sz);
if (cert_der != NULL) {
free(cert_der);
cert_der = NULL;
}
/* Test NULL for DER buffer to return needed DER buffer size */
ExpectIntGT(ret = wc_KeyPemToDer(cert_buf, cert_sz, NULL, 0, ""), 0);
ExpectIntLE(ret, cert_sz);
if (EXPECT_SUCCESS())
cert_dersz = ret;
ExpectNotNull(cert_der = (byte*)malloc((size_t)cert_dersz));
ExpectIntGE(ret = wc_KeyPemToDer(cert_buf, cert_sz, cert_der, cert_dersz,
cert_pw), 0);
ExpectIntLE(ret, cert_sz);
if (cert_der != NULL)
free(cert_der);
#endif
return EXPECT_RESULT();
}
static int test_wc_PubKeyPemToDer(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && \
(defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
int ret = 0;
const char* key = "./certs/ecc-client-keyPub.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0, cert_dersz = 0;
byte* cert_der = NULL;
ExpectIntEQ(wc_PubKeyPemToDer(cert_buf, (int)cert_sz,
cert_der, (int)cert_dersz), BAD_FUNC_ARG);
ExpectIntEQ(load_file(key, &cert_buf, &cert_sz), 0);
cert_dersz = cert_sz; /* DER will be smaller than PEM */
ExpectNotNull(cert_der = (byte*)malloc(cert_dersz));
ExpectIntGE(wc_PubKeyPemToDer(cert_buf, (int)cert_sz, cert_der,
(int)cert_dersz), 0);
if (cert_der != NULL) {
free(cert_der);
cert_der = NULL;
}
/* Test NULL for DER buffer to return needed DER buffer size */
ExpectIntGT(ret = wc_PubKeyPemToDer(cert_buf, (int)cert_sz, NULL, 0), 0);
ExpectIntLE(ret, cert_sz);
cert_dersz = (size_t)ret;
ExpectNotNull(cert_der = (byte*)malloc(cert_dersz));
ExpectIntGE(wc_PubKeyPemToDer(cert_buf, (int)cert_sz, cert_der,
(int)cert_dersz), 0);
if (cert_der != NULL) {
free(cert_der);
}
if (cert_buf != NULL) {
free(cert_buf);
}
#endif
return EXPECT_RESULT();
}
static int test_wc_PemPubKeyToDer(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && \
(defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
const char* key = "./certs/ecc-client-keyPub.pem";
size_t cert_dersz = 1024;
byte* cert_der = NULL;
ExpectIntGE(wc_PemPubKeyToDer(NULL, cert_der, (int)cert_dersz),
BAD_FUNC_ARG);
ExpectNotNull(cert_der = (byte*)malloc(cert_dersz));
ExpectIntGE(wc_PemPubKeyToDer(key, cert_der, (int)cert_dersz), 0);
if (cert_der != NULL) {
free(cert_der);
}
#endif
return EXPECT_RESULT();
}
static int test_wc_GetPubKeyDerFromCert(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) || defined(HAVE_ECC)
int ret;
word32 idx = 0;
byte keyDer[TWOK_BUF]; /* large enough for up to RSA 2048 */
word32 keyDerSz = (word32)sizeof(keyDer);
DecodedCert decoded;
#if !defined(NO_RSA) && defined(WOLFSSL_CERT_REQ) && !defined(NO_FILESYSTEM)
byte certBuf[6000]; /* for PEM and CSR, client-cert.pem is 5-6kB */
word32 certBufSz = sizeof(certBuf);
#endif
#if ((!defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024)) || \
defined(WOLFSSL_CERT_REQ)) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
XFILE fp = XBADFILE;
#endif
#ifndef NO_RSA
RsaKey rsaKey;
#if defined(USE_CERT_BUFFERS_2048)
byte* rsaCertDer = (byte*)client_cert_der_2048;
word32 rsaCertDerSz = sizeof_client_cert_der_2048;
#elif defined(USE_CERT_BUFFERS_1024)
byte* rsaCertDer = (byte*)client_cert_der_1024;
word32 rsaCertDerSz = sizeof_client_cert_der_1024;
#else
unsigned char rsaCertDer[TWOK_BUF];
word32 rsaCertDerSz;
#endif
#endif
#ifdef HAVE_ECC
ecc_key eccKey;
#if defined(USE_CERT_BUFFERS_256)
byte* eccCert = (byte*)cliecc_cert_der_256;
word32 eccCertSz = sizeof_cliecc_cert_der_256;
#else
unsigned char eccCert[ONEK_BUF];
word32 eccCertSz;
XFILE fp2 = XBADFILE;
#endif
#endif
#ifndef NO_RSA
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE);
ExpectIntGT(rsaCertDerSz = (word32)XFREAD(rsaCertDer, 1, sizeof(rsaCertDer),
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
#endif
/* good test case - RSA DER cert */
wc_InitDecodedCert(&decoded, rsaCertDer, rsaCertDerSz, NULL);
ExpectIntEQ(wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL), 0);
ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0);
ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */
ret = wc_InitRsaKey(&rsaKey, HEAP_HINT);
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_RsaPublicKeyDecode(keyDer, &idx, &rsaKey, keyDerSz), 0);
if (ret == 0) {
wc_FreeRsaKey(&rsaKey);
}
/* test LENGTH_ONLY_E case */
keyDerSz = 0;
ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, NULL, &keyDerSz),
LENGTH_ONLY_E);
ExpectIntGT(keyDerSz, 0);
/* bad args: DecodedCert NULL */
ExpectIntEQ(wc_GetPubKeyDerFromCert(NULL, keyDer, &keyDerSz), BAD_FUNC_ARG);
/* bad args: output key buff size */
ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, NULL), BAD_FUNC_ARG);
/* bad args: zero size output key buffer */
keyDerSz = 0;
ExpectIntEQ(ret = wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz),
BAD_FUNC_ARG);
wc_FreeDecodedCert(&decoded);
/* Certificate Request Tests */
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_FILESYSTEM)
{
XMEMSET(certBuf, 0, sizeof(certBuf));
ExpectTrue((fp = XFOPEN("./certs/csr.signed.der", "rb")) != XBADFILE);
ExpectIntGT(certBufSz = (word32)XFREAD(certBuf, 1, certBufSz, fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
}
wc_InitDecodedCert(&decoded, certBuf, certBufSz, NULL);
ExpectIntEQ(wc_ParseCert(&decoded, CERTREQ_TYPE, VERIFY, NULL), 0);
/* good test case - RSA DER certificate request */
keyDerSz = sizeof(keyDer);
ExpectIntEQ(ret = wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz),
0);
ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */
ret = wc_InitRsaKey(&rsaKey, HEAP_HINT);
ExpectIntEQ(ret, 0);
idx = 0;
ExpectIntEQ(wc_RsaPublicKeyDecode(keyDer, &idx, &rsaKey, keyDerSz), 0);
if (ret == 0) {
wc_FreeRsaKey(&rsaKey);
}
wc_FreeDecodedCert(&decoded);
}
#endif /* WOLFSSL_CERT_REQ */
#endif /* NO_RSA */
#ifdef HAVE_ECC
#ifndef USE_CERT_BUFFERS_256
ExpectTrue((fp2 = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(eccCertSz = (word32)XFREAD(eccCert, 1, ONEK_BUF, fp2), 0);
if (fp2 != XBADFILE) {
XFCLOSE(fp2);
}
#endif
wc_InitDecodedCert(&decoded, eccCert, eccCertSz, NULL);
ExpectIntEQ(wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL), 0);
/* good test case - ECC */
XMEMSET(keyDer, 0, sizeof(keyDer));
keyDerSz = sizeof(keyDer);
ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0);
ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */
ret = wc_ecc_init(&eccKey);
ExpectIntEQ(ret, 0);
idx = 0; /* reset idx to 0, used above in RSA case */
ExpectIntEQ(wc_EccPublicKeyDecode(keyDer, &idx, &eccKey, keyDerSz), 0);
if (ret == 0) {
wc_ecc_free(&eccKey);
}
/* test LENGTH_ONLY_E case */
keyDerSz = 0;
ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, NULL, &keyDerSz),
LENGTH_ONLY_E);
ExpectIntGT(keyDerSz, 0);
wc_FreeDecodedCert(&decoded);
#endif
#endif /* !NO_RSA || HAVE_ECC */
return EXPECT_RESULT();
}
static int test_wc_CheckCertSigPubKey(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_PEM_TO_DER) && defined(HAVE_ECC)
int ret = 0;
const char* ca_cert = "./certs/ca-cert.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0;
byte* cert_der = NULL;
word32 cert_dersz = 0;
byte keyDer[TWOK_BUF]; /* large enough for up to RSA 2048 */
word32 keyDerSz = (word32)sizeof(keyDer);
DecodedCert decoded;
ExpectIntEQ(load_file(ca_cert, &cert_buf, &cert_sz), 0);
cert_dersz = (word32)cert_sz; /* DER will be smaller than PEM */
ExpectNotNull(cert_der = (byte*)malloc(cert_dersz));
ExpectIntGE(ret = wc_CertPemToDer(cert_buf, (int)cert_sz, cert_der,
(int)cert_dersz, CERT_TYPE), 0);
wc_InitDecodedCert(&decoded, cert_der, cert_dersz, NULL);
ExpectIntEQ(wc_ParseCert(&decoded, CERT_TYPE, NO_VERIFY, NULL), 0);
ExpectIntEQ(wc_GetPubKeyDerFromCert(&decoded, keyDer, &keyDerSz), 0);
ExpectIntGT(keyDerSz, 0);
/* Good test case. */
ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, keyDer,
keyDerSz, RSAk), 0);
/* No certificate. */
ExpectIntEQ(wc_CheckCertSigPubKey(NULL, cert_dersz, NULL, keyDer, keyDerSz,
ECDSAk), BAD_FUNC_ARG);
/* Bad cert size. */
ExpectIntNE(ret = wc_CheckCertSigPubKey(cert_der, 0, NULL, keyDer, keyDerSz,
RSAk), 0);
ExpectTrue(ret == ASN_PARSE_E || ret == BUFFER_E);
/* No public key. */
ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, NULL,
keyDerSz, RSAk), ASN_NO_SIGNER_E);
/* Bad public key size. */
ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, keyDer, 0,
RSAk), BAD_FUNC_ARG);
/* Wrong aglo. */
ExpectIntEQ(wc_CheckCertSigPubKey(cert_der, cert_dersz, NULL, keyDer,
keyDerSz, ECDSAk), ASN_PARSE_E);
wc_FreeDecodedCert(&decoded);
if (cert_der != NULL)
free(cert_der);
if (cert_buf != NULL)
free(cert_buf);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_certs(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
X509* x509ext = NULL;
X509* x509 = NULL;
#ifdef OPENSSL_ALL
WOLFSSL_X509_EXTENSION* ext = NULL;
ASN1_OBJECT* obj = NULL;
#endif
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
STACK_OF(ASN1_OBJECT)* sk = NULL;
ASN1_STRING* asn1_str = NULL;
AUTHORITY_KEYID* akey = NULL;
BASIC_CONSTRAINTS* bc = NULL;
int crit = 0;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(SSL_CTX_check_private_key(ctx), SSL_FAILURE);
#endif
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(SSL_CTX_check_private_key(ctx), SSL_SUCCESS);
#endif
ExpectNotNull(ssl = SSL_new(ctx));
/* Invalid parameters. */
ExpectIntEQ(SSL_use_certificate_file(NULL, NULL, WOLFSSL_FILETYPE_PEM),
BAD_FUNC_ARG);
ExpectIntEQ(SSL_use_certificate_file(ssl, NULL, WOLFSSL_FILETYPE_PEM),
WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_certificate_file(NULL, "./certs/server-cert.pem",
WOLFSSL_FILETYPE_PEM), BAD_FUNC_ARG);
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
#ifdef HAVE_PK_CALLBACKS
ExpectIntEQ((int)SSL_set_tlsext_debug_arg(ssl, NULL), WOLFSSL_SUCCESS);
#endif /* HAVE_PK_CALLBACKS */
/* Invalid parameters. */
ExpectNotNull(x509 = wolfSSL_X509_new());
ExpectIntEQ(SSL_use_certificate(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_certificate(ssl, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_certificate(NULL, x509), WOLFSSL_FAILURE);
/* No data in certificate. */
ExpectIntEQ(SSL_use_certificate(ssl, x509), WOLFSSL_FAILURE);
wolfSSL_X509_free(x509);
x509 = NULL;
/* create and use x509 */
#ifdef OPENSSL_ALL
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
WOLFSSL_FILETYPE_PEM));
#endif
ExpectNotNull(x509ext = wolfSSL_X509_load_certificate_file(cliCertFileExt,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(SSL_use_certificate(ssl, x509ext), WOLFSSL_SUCCESS);
#if !defined(NO_CHECK_PRIVATE_KEY)
/* with loading in a new cert the check on private key should now fail */
ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
#if defined(USE_CERT_BUFFERS_2048)
/* Invalid parameters. */
ExpectIntEQ(SSL_use_certificate_ASN1(NULL, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_certificate_ASN1(ssl, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_certificate_ASN1(NULL,
(unsigned char*)server_cert_der_2048, 0), WOLFSSL_FAILURE);
/* No data. */
ExpectIntEQ(SSL_use_certificate_ASN1(ssl,
(unsigned char*)server_cert_der_2048, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_certificate_ASN1(ssl,
(unsigned char*)server_cert_der_2048,
sizeof_server_cert_der_2048), WOLFSSL_SUCCESS);
#endif
#if !defined(NO_SHA) && !defined(NO_SHA256) && !defined(NO_PWDBASED)
/************* Get Digest of Certificate ******************/
{
byte digest[64]; /* max digest size */
word32 digestSz;
XMEMSET(digest, 0, sizeof(digest));
ExpectIntEQ(X509_digest(x509ext, wolfSSL_EVP_sha1(), digest, &digestSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_digest(x509ext, wolfSSL_EVP_sha256(), digest, &digestSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_digest(NULL, wolfSSL_EVP_sha1(), digest, &digestSz),
WOLFSSL_FAILURE);
}
#endif /* !NO_SHA && !NO_SHA256 && !NO_PWDBASED */
/* test and checkout X509 extensions */
ExpectNotNull(bc = (BASIC_CONSTRAINTS*)X509_get_ext_d2i(x509ext,
NID_basic_constraints, &crit, NULL));
ExpectIntEQ(crit, 0);
#ifdef OPENSSL_ALL
ExpectNotNull(ext = X509V3_EXT_i2d(NID_basic_constraints, crit, bc));
X509_EXTENSION_free(ext);
ext = NULL;
ExpectNotNull(ext = X509_EXTENSION_new());
X509_EXTENSION_set_critical(ext, 1);
ExpectNotNull(obj = OBJ_nid2obj(NID_basic_constraints));
ExpectIntEQ(X509_EXTENSION_set_object(ext, obj), SSL_SUCCESS);
ASN1_OBJECT_free(obj);
obj = NULL;
X509_EXTENSION_free(ext);
ext = NULL;
ExpectNotNull(ext = X509_EXTENSION_new());
X509_EXTENSION_set_critical(ext, 0);
ExpectIntEQ(X509_EXTENSION_set_data(ext, NULL), SSL_FAILURE);
asn1_str = (ASN1_STRING*)X509_get_ext_d2i(x509ext, NID_key_usage, &crit,
NULL);
ExpectIntEQ(X509_EXTENSION_set_data(ext, asn1_str), SSL_SUCCESS);
ASN1_STRING_free(asn1_str); /* X509_EXTENSION_set_data has made a copy
* and X509_get_ext_d2i has created new */
asn1_str = NULL;
X509_EXTENSION_free(ext);
ext = NULL;
#endif
BASIC_CONSTRAINTS_free(bc);
bc = NULL;
ExpectNotNull(asn1_str = (ASN1_STRING*)X509_get_ext_d2i(x509ext,
NID_key_usage, &crit, NULL));
ExpectIntEQ(crit, 1);
ExpectIntEQ(asn1_str->type, NID_key_usage);
#ifdef OPENSSL_ALL
ExpectNotNull(ext = X509V3_EXT_i2d(NID_key_usage, crit, asn1_str));
X509_EXTENSION_free(ext);
ext = NULL;
#endif
ASN1_STRING_free(asn1_str);
asn1_str = NULL;
#ifdef OPENSSL_ALL
ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
NID_ext_key_usage, &crit, NULL));
ExpectNotNull(ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk));
X509_EXTENSION_free(ext);
ext = NULL;
EXTENDED_KEY_USAGE_free(sk);
sk = NULL;
#else
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage,
&crit, NULL);
ExpectNull(sk);
#endif
ExpectNotNull(akey = (AUTHORITY_KEYID*)X509_get_ext_d2i(x509ext,
NID_authority_key_identifier, &crit, NULL));
#ifdef OPENSSL_ALL
ExpectNotNull(ext = X509V3_EXT_i2d(NID_authority_key_identifier, crit,
akey));
X509_EXTENSION_free(ext);
ext = NULL;
#endif
wolfSSL_AUTHORITY_KEYID_free(akey);
akey = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_private_key_usage_period, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
ExpectNotNull(sk = (STACK_OF(GENERAL_NAME)*)X509_get_ext_d2i(x509ext,
NID_subject_alt_name, &crit, NULL));
{
int i;
for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) {
GENERAL_NAME* gen = sk_GENERAL_NAME_value(sk, i);
ExpectIntEQ(gen->type, GEN_DNS);
ExpectIntEQ(gen->d.dNSName->type, V_ASN1_IA5STRING);
}
}
sk_GENERAL_NAME_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_issuer_alt_name, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_info_access, &crit, NULL));
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_sinfo_access, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_name_constraints, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* no cert policy set */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_certificate_policies, &crit, NULL));
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_policy_mappings, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_policy_constraints, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_inhibit_any_policy, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* NID not yet supported */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
NID_tlsfeature, &crit, NULL));
ExpectIntEQ(crit, -1);
sk_ASN1_OBJECT_free(sk);
sk = NULL;
/* test invalid cases */
crit = 0;
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, -1, &crit,
NULL));
ExpectIntEQ(crit, -1);
/* NULL passed for criticality. */
ExpectNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(NULL,
NID_tlsfeature, NULL, NULL));
ExpectIntEQ(SSL_get_hit(ssl), 0);
#ifdef OPENSSL_ALL
X509_free(x509);
#endif
X509_free(x509ext);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && !NO_CERTS */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_private_key(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_CHECK_PRIVATE_KEY)
X509* x509 = NULL;
EVP_PKEY* pkey = NULL;
const byte* key;
/* Check with correct key */
ExpectNotNull((x509 = X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM)));
key = client_key_der_2048;
ExpectNotNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &key,
(long)sizeof_client_key_der_2048));
ExpectIntEQ(X509_check_private_key(x509, pkey), 1);
EVP_PKEY_free(pkey);
pkey = NULL;
/* Check with wrong key */
key = server_key_der_2048;
ExpectNotNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &key,
(long)sizeof_server_key_der_2048));
ExpectIntEQ(X509_check_private_key(x509, pkey), 0);
/* test for incorrect parameter */
ExpectIntEQ(X509_check_private_key(NULL, pkey), 0);
ExpectIntEQ(X509_check_private_key(x509, NULL), 0);
ExpectIntEQ(X509_check_private_key(NULL, NULL), 0);
EVP_PKEY_free(pkey);
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_private_keys(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
EVP_PKEY* pkey = NULL;
OpenSSL_add_all_digests();
OpenSSL_add_all_algorithms();
#ifndef NO_RSA
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
/* Have to load a cert before you can check the private key against that
* certificates public key! */
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_FAILURE);
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_SUCCESS);
#endif
ExpectNotNull(ssl = SSL_new(ctx));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
/* Invalid parameters. */
ExpectIntEQ(SSL_use_PrivateKey_file(NULL, NULL, WOLFSSL_FILETYPE_PEM),
BAD_FUNC_ARG);
ExpectIntEQ(SSL_use_PrivateKey_file(NULL, svrKeyFile, WOLFSSL_FILETYPE_PEM),
BAD_FUNC_ARG);
ExpectIntEQ(SSL_use_PrivateKey_file(ssl, NULL, WOLFSSL_FILETYPE_PEM),
WOLFSSL_FAILURE);
#ifdef USE_CERT_BUFFERS_2048
{
const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
unsigned char buf[FOURK_BUF];
word32 bufSz;
/* Invalid parameters. */
ExpectIntEQ(SSL_use_RSAPrivateKey_ASN1(NULL, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_RSAPrivateKey_ASN1(NULL,
(unsigned char*)client_key_der_2048, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_PrivateKey_ASN1(0, NULL, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_PrivateKey_ASN1(0, ssl, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_PrivateKey_ASN1(0, NULL, (unsigned char*)server_key, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, NULL, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, ctx, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, NULL, (unsigned char*)server_key,
0), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl,
(unsigned char*)client_key_der_2048,
sizeof_client_key_der_2048), WOLFSSL_SUCCESS);
#if !defined(NO_CHECK_PRIVATE_KEY)
/* Should mismatch now that a different private key loaded */
ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(SSL_use_PrivateKey_ASN1(0, ssl,
(unsigned char*)server_key,
sizeof_server_key_der_2048), WOLFSSL_SUCCESS);
#if !defined(NO_CHECK_PRIVATE_KEY)
/* After loading back in DER format of original key, should match */
ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
/* test loading private key to the WOLFSSL_CTX */
ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, ctx,
(unsigned char*)client_key_der_2048,
sizeof_client_key_der_2048), WOLFSSL_SUCCESS);
#if !defined(NO_CHECK_PRIVATE_KEY)
/* Should mismatch now that a different private key loaded */
ExpectIntNE(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(SSL_CTX_use_PrivateKey_ASN1(0, ctx,
(unsigned char*)server_key,
sizeof_server_key_der_2048), WOLFSSL_SUCCESS);
#if !defined(NO_CHECK_PRIVATE_KEY)
/* After loading back in DER format of original key, should match */
ExpectIntEQ(wolfSSL_CTX_check_private_key(ctx), WOLFSSL_SUCCESS);
#endif
/* Invalid parameters. */
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(SSL_use_PrivateKey(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_PrivateKey(ssl, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_use_PrivateKey(NULL, pkey), WOLFSSL_FAILURE);
/* pkey is empty - no key data to use. */
ExpectIntEQ(SSL_use_PrivateKey(ssl, pkey), ASN_PARSE_E);
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
/* set PKEY and test again */
ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
&server_key, (long)sizeof_server_key_der_2048));
ExpectIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS);
/* reuse PKEY structure and test
* this should be checked with a memory management sanity checker */
ExpectFalse(server_key == (const unsigned char*)server_key_der_2048);
server_key = (const unsigned char*)server_key_der_2048;
ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
&server_key, (long)sizeof_server_key_der_2048));
ExpectIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS);
/* check striping PKCS8 header with wolfSSL_d2i_PrivateKey */
bufSz = FOURK_BUF;
ExpectIntGT((bufSz = (word32)wc_CreatePKCS8Key(buf, &bufSz,
(byte*)server_key_der_2048, sizeof_server_key_der_2048,
RSAk, NULL, 0)), 0);
server_key = (const unsigned char*)buf;
ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key,
(long)bufSz));
}
#endif
EVP_PKEY_free(pkey);
pkey = NULL;
SSL_free(ssl); /* frees x509 also since loaded into ssl */
ssl = NULL;
SSL_CTX_free(ctx);
ctx = NULL;
#endif /* end of RSA private key match tests */
#ifdef HAVE_ECC
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
SSL_free(ssl);
ssl = NULL;
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEccKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
SSL_free(ssl);
ssl = NULL;
SSL_CTX_free(ctx);
ctx = NULL;
#endif /* end of ECC private key match tests */
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, edCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, edKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
SSL_free(ssl);
ssl = NULL;
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEdKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
SSL_free(ssl);
ssl = NULL;
SSL_CTX_free(ctx);
ctx = NULL;
#endif /* end of Ed25519 private key match tests */
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, ed448CertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntEQ(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
SSL_free(ssl);
ssl = NULL;
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, cliEd448KeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#if !defined(NO_CHECK_PRIVATE_KEY)
ExpectIntNE(wolfSSL_check_private_key(ssl), WOLFSSL_SUCCESS);
#endif
SSL_free(ssl);
ssl = NULL;
SSL_CTX_free(ctx);
ctx = NULL;
#endif /* end of Ed448 private key match tests */
EVP_cleanup();
/* test existence of no-op macros in wolfssl/openssl/ssl.h */
CONF_modules_free();
ENGINE_cleanup();
CONF_modules_unload();
(void)ssl;
(void)ctx;
(void)pkey;
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_def_callback(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
char buf[10];
const char* defpwd = "DEF PWD";
int defpwdLen = (int)XSTRLEN(defpwd);
int smallLen = 1;
/* Bad parameters. */
ExpectIntEQ(wolfSSL_PEM_def_callback(NULL, sizeof(buf), 0, NULL), 0);
ExpectIntEQ(wolfSSL_PEM_def_callback(NULL, sizeof(buf), 0, (void*)defpwd),
0);
ExpectIntEQ(wolfSSL_PEM_def_callback(buf, sizeof(buf), 0, NULL), 0);
XMEMSET(buf, 0, sizeof(buf));
ExpectIntEQ(wolfSSL_PEM_def_callback(buf, sizeof(buf), 0, (void*)defpwd),
defpwdLen);
ExpectIntEQ(XMEMCMP(buf, defpwd, defpwdLen), 0);
ExpectIntEQ(buf[defpwdLen], 0);
/* Size of buffer is smaller than default password. */
XMEMSET(buf, 0, sizeof(buf));
ExpectIntEQ(wolfSSL_PEM_def_callback(buf, smallLen, 0, (void*)defpwd),
smallLen);
ExpectIntEQ(XMEMCMP(buf, defpwd, smallLen), 0);
ExpectIntEQ(buf[smallLen], 0);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_PrivateKey(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || \
!defined(NO_DSA) || defined(HAVE_ECC) || !defined(NO_DH))
XFILE file = XBADFILE;
#if !defined(NO_RSA)
const char* fname_rsa = "./certs/server-key.pem";
RSA* rsa = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
unsigned char* sig = NULL;
size_t sigLen = 0;
const unsigned char tbs[] = {0, 1, 2, 3, 4, 5, 6, 7};
size_t tbsLen = sizeof(tbs);
#endif
#if !defined(NO_DSA)
const char* fname_dsa = "./certs/dsa2048.pem";
#endif
#if defined(HAVE_ECC)
const char* fname_ec = "./certs/ecc-key.pem";
#endif
#if !defined(NO_DH)
const char* fname_dh = "./certs/dh-priv-2048.pem";
#endif
EVP_PKEY* pkey = NULL;
/* Check error case. */
ExpectNull(pkey = PEM_read_PrivateKey(NULL, NULL, NULL, NULL));
/* not a PEM key. */
ExpectTrue((file = XFOPEN("./certs/ecc-key.der", "rb")) != XBADFILE);
ExpectNull(PEM_read_PrivateKey(file, NULL, NULL, NULL));
if (file != XBADFILE)
XFCLOSE(file);
file = XBADFILE;
#ifndef NO_RSA
/* Read in an RSA key. */
ExpectTrue((file = XFOPEN(fname_rsa, "rb")) != XBADFILE);
ExpectNotNull(pkey = PEM_read_PrivateKey(file, NULL, NULL, NULL));
if (file != XBADFILE)
XFCLOSE(file);
file = XBADFILE;
/* Make sure the key is usable by signing some data with it. */
ExpectNotNull(rsa = EVP_PKEY_get0_RSA(pkey));
ExpectIntGT((sigLen = RSA_size(rsa)), 0);
ExpectNotNull(sig = (unsigned char*)XMALLOC(sigLen, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &sigLen, tbs, tbsLen),
WOLFSSL_SUCCESS);
XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#ifndef NO_DSA
/* Read in a DSA key. */
ExpectTrue((file = XFOPEN(fname_dsa, "rb")) != XBADFILE);
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)
ExpectNotNull(pkey = PEM_read_PrivateKey(file, NULL, NULL, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
#else
ExpectNull(PEM_read_PrivateKey(file, NULL, NULL, NULL));
#endif
if (file != XBADFILE)
XFCLOSE(file);
file = XBADFILE;
#endif
#ifdef HAVE_ECC
/* Read in an EC key. */
ExpectTrue((file = XFOPEN(fname_ec, "rb")) != XBADFILE);
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectPtrEq(PEM_read_PrivateKey(file, &pkey, NULL, NULL), pkey);
if (file != XBADFILE)
XFCLOSE(file);
file = XBADFILE;
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#ifndef NO_DH
/* Read in a DH key. */
ExpectTrue((file = XFOPEN(fname_dh, "rb")) != XBADFILE);
#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_OPENSSH)) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
ExpectNotNull(pkey = PEM_read_PrivateKey(file, NULL, NULL, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
#else
ExpectNull(PEM_read_PrivateKey(file, NULL, NULL, NULL));
#endif
if (file != XBADFILE)
XFCLOSE(file);
file = XBADFILE;
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_PUBKEY(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \
&& !defined(NO_FILESYSTEM)
XFILE file = XBADFILE;
const char* fname = "./certs/client-keyPub.pem";
EVP_PKEY* pkey = NULL;
/* Check error case. */
ExpectNull(pkey = PEM_read_PUBKEY(NULL, NULL, NULL, NULL));
/* Read in an RSA key. */
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectNotNull(pkey = PEM_read_PUBKEY(file, NULL, NULL, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
if (file != XBADFILE)
XFCLOSE(file);
file = XBADFILE;
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectPtrEq(PEM_read_PUBKEY(file, &pkey, NULL, NULL), pkey);
EVP_PKEY_free(pkey);
if (file != XBADFILE)
XFCLOSE(file);
#endif
return EXPECT_RESULT();
}
/* test loading RSA key using BIO */
static int test_wolfSSL_PEM_PrivateKey_rsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_FILESYSTEM) && \
!defined(NO_BIO)
BIO* bio = NULL;
XFILE file = XBADFILE;
const char* fname = "./certs/server-key.pem";
const char* fname_rsa_p8 = "./certs/server-keyPkcs8.pem";
EVP_PKEY* pkey = NULL;
size_t sz = 0;
byte* buf = NULL;
EVP_PKEY* pkey2 = NULL;
EVP_PKEY* pkey3 = NULL;
RSA* rsa_key = NULL;
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
unsigned char extra[10];
int i;
BIO* pub_bio = NULL;
const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
#endif
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
ExpectIntGT(sz = XFTELL(file), 0);
ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
if (buf != NULL) {
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
}
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
/* Test using BIO new mem and loading PEM private key */
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
buf = NULL;
BIO_free(bio);
bio = NULL;
/* New empty EVP_PKEY */
ExpectNotNull(pkey2 = EVP_PKEY_new());
if (pkey2 != NULL) {
pkey2->type = EVP_PKEY_RSA;
}
/* Test parameter copy */
ExpectIntEQ(EVP_PKEY_copy_parameters(pkey2, pkey), 0);
EVP_PKEY_free(pkey2);
EVP_PKEY_free(pkey);
pkey = NULL;
/* Qt unit test case : rsa pkcs8 key */
ExpectTrue((file = XFOPEN(fname_rsa_p8, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
ExpectIntGT(sz = XFTELL(file), 0);
ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
if (buf) {
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
}
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
buf = NULL;
BIO_free(bio);
bio = NULL;
ExpectNotNull(pkey3 = EVP_PKEY_new());
ExpectNotNull(rsa_key = EVP_PKEY_get1_RSA(pkey));
ExpectIntEQ(EVP_PKEY_set1_RSA(pkey3, rsa_key), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 1/* match */);
#else
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 0);
#endif
RSA_free(rsa_key);
EVP_PKEY_free(pkey3);
EVP_PKEY_free(pkey);
pkey = NULL;
pkey2 = NULL;
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
#define BIO_PEM_TEST_CHAR 'a'
XMEMSET(extra, BIO_PEM_TEST_CHAR, sizeof(extra));
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 4096), SSL_FAILURE);
ExpectNotNull(pub_bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(BIO_set_write_buf_size(pub_bio, 4096), SSL_FAILURE);
ExpectNull(d2i_PrivateKey(EVP_PKEY_EC, &pkey, &server_key,
(long)sizeof_server_key_der_2048));
ExpectNull(pkey);
ExpectNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key,
(long)sizeof_server_key_der_2048));
ExpectIntEQ(PEM_write_bio_PrivateKey(NULL, pkey, NULL, NULL, 0, NULL, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, NULL, NULL, NULL, 0, NULL, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntGT(BIO_pending(bio), 0);
ExpectIntEQ(BIO_pending(bio), 1679);
/* Check if the pubkey API writes only the public key */
#ifdef WOLFSSL_KEY_GEN
ExpectIntEQ(PEM_write_bio_PUBKEY(NULL, pkey), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_bio_PUBKEY(pub_bio, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_bio_PUBKEY(pub_bio, pkey), WOLFSSL_SUCCESS);
ExpectIntGT(BIO_pending(pub_bio), 0);
/* Previously both the private key and the pubkey calls would write
* out the private key and the PEM header was the only difference.
* The public PEM should be significantly shorter than the
* private key versison. */
ExpectIntEQ(BIO_pending(pub_bio), 451);
#else
/* Not supported. */
ExpectIntEQ(PEM_write_bio_PUBKEY(pub_bio, pkey), 0);
#endif
/* test creating new EVP_PKEY with good args */
ExpectNotNull((pkey2 = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
if (pkey && pkey->pkey.ptr && pkey2 && pkey2->pkey.ptr) {
ExpectIntEQ((int)XMEMCMP(pkey->pkey.ptr, pkey2->pkey.ptr,
pkey->pkey_sz), 0);
}
/* test of reuse of EVP_PKEY */
ExpectNull(PEM_read_bio_PrivateKey(bio, &pkey, NULL, NULL));
ExpectIntEQ(BIO_pending(bio), 0);
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
SSL_SUCCESS);
/* add 10 extra bytes after PEM */
ExpectIntEQ(BIO_write(bio, extra, 10), 10);
ExpectNotNull(PEM_read_bio_PrivateKey(bio, &pkey, NULL, NULL));
ExpectNotNull(pkey);
if (pkey && pkey->pkey.ptr && pkey2 && pkey2->pkey.ptr) {
ExpectIntEQ((int)XMEMCMP(pkey->pkey.ptr, pkey2->pkey.ptr,
pkey->pkey_sz), 0);
}
/* check 10 extra bytes still there */
ExpectIntEQ(BIO_pending(bio), 10);
ExpectIntEQ(BIO_read(bio, extra, 10), 10);
for (i = 0; i < 10; i++) {
ExpectIntEQ(extra[i], BIO_PEM_TEST_CHAR);
}
BIO_free(pub_bio);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
EVP_PKEY_free(pkey2);
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
#endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 &&
* !NO_FILESYSTEM && !NO_BIO */
return EXPECT_RESULT();
}
/* test loading ECC key using BIO */
static int test_wolfSSL_PEM_PrivateKey_ecc(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(HAVE_ECC) && \
!defined(NO_FILESYSTEM) && !defined(NO_BIO)
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
XFILE file = XBADFILE;
const char* fname = "./certs/ecc-key.pem";
const char* fname_ecc_p8 = "./certs/ecc-keyPkcs8.pem";
size_t sz = 0;
byte* buf = NULL;
EVP_PKEY* pkey2 = NULL;
EVP_PKEY* pkey3 = NULL;
EC_KEY* ec_key = NULL;
int nid = 0;
BIO* pub_bio = NULL;
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
ExpectIntGT(sz = XFTELL(file), 0);
ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
if (buf) {
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
}
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
/* Test using BIO new mem and loading PEM private key */
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
BIO_free(bio);
bio = NULL;
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
buf = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectNotNull(pub_bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntGT(BIO_pending(bio), 0);
/* No parameters. */
ExpectIntEQ(BIO_pending(bio), 227);
/* Check if the pubkey API writes only the public key */
#ifdef WOLFSSL_KEY_GEN
ExpectIntEQ(PEM_write_bio_PUBKEY(pub_bio, pkey), WOLFSSL_SUCCESS);
ExpectIntGT(BIO_pending(pub_bio), 0);
/* Previously both the private key and the pubkey calls would write
* out the private key and the PEM header was the only difference.
* The public PEM should be significantly shorter than the
* private key versison. */
ExpectIntEQ(BIO_pending(pub_bio), 178);
#endif
BIO_free(pub_bio);
BIO_free(bio);
bio = NULL;
ExpectNotNull(pkey2 = EVP_PKEY_new());
ExpectNotNull(pkey3 = EVP_PKEY_new());
if (pkey2 != NULL) {
pkey2->type = EVP_PKEY_EC;
}
/* Test parameter copy */
ExpectIntEQ(EVP_PKEY_copy_parameters(pkey2, pkey), 1);
/* Qt unit test case 1*/
ExpectNotNull(ec_key = EVP_PKEY_get1_EC_KEY(pkey));
ExpectIntEQ(EVP_PKEY_set1_EC_KEY(pkey3, ec_key), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 1/* match */);
#else
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 0);
#endif
/* Test default digest */
ExpectIntEQ(EVP_PKEY_get_default_digest_nid(pkey, &nid), 1);
ExpectIntEQ(nid, NID_sha256);
EC_KEY_free(ec_key);
ec_key = NULL;
EVP_PKEY_free(pkey3);
pkey3 = NULL;
EVP_PKEY_free(pkey2);
pkey2 = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
/* Qt unit test case ec pkcs8 key */
ExpectTrue((file = XFOPEN(fname_ecc_p8, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
ExpectIntGT(sz = XFTELL(file), 0);
ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
if (buf) {
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
}
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
buf = NULL;
BIO_free(bio);
bio = NULL;
ExpectNotNull(pkey3 = EVP_PKEY_new());
/* Qt unit test case */
ExpectNotNull(ec_key = EVP_PKEY_get1_EC_KEY(pkey));
ExpectIntEQ(EVP_PKEY_set1_EC_KEY(pkey3, ec_key), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 1/* match */);
#else
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey3), 0);
#endif
EC_KEY_free(ec_key);
EVP_PKEY_free(pkey3);
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
return EXPECT_RESULT();
}
/* test loading DSA key using BIO */
static int test_wolfSSL_PEM_PrivateKey_dsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_DSA) && \
!defined(NO_FILESYSTEM) && !defined(NO_BIO)
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
ExpectNotNull(bio = BIO_new_file("./certs/dsa2048.pem", "rb"));
/* Private DSA EVP_PKEY */
ExpectNotNull(pkey = wolfSSL_PEM_read_bio_PrivateKey(bio, NULL, NULL,
NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
#if defined(OPENSSL_ALL) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
NULL), 0);
#endif
#ifdef WOLFSSL_KEY_GEN
ExpectIntEQ(PEM_write_bio_PUBKEY(bio, pkey), 1);
ExpectIntEQ(BIO_pending(bio), 1178);
BIO_reset(bio);
#endif
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
1);
ExpectIntEQ(BIO_pending(bio), 1196);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#endif
return EXPECT_RESULT();
}
/* test loading DH key using BIO */
static int test_wolfSSL_PEM_PrivateKey_dh(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_DH) && \
!defined(NO_FILESYSTEM) && !defined(NO_BIO)
#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_OPENSSH)) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
ExpectNotNull(bio = BIO_new_file("./certs/dh-priv-2048.pem", "rb"));
/* Private DH EVP_PKEY */
ExpectNotNull(pkey = wolfSSL_PEM_read_bio_PrivateKey(bio, NULL, NULL,
NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
#if defined(OPENSSL_ALL) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
NULL), 0);
#endif
#ifdef WOLFSSL_KEY_GEN
ExpectIntEQ(PEM_write_bio_PUBKEY(bio, pkey), 0);
#endif
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
1);
ExpectIntEQ(BIO_pending(bio), 806);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_PrivateKey(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048)
#ifndef NO_BIO
BIO* bio = NULL;
#endif
EVP_PKEY* pkey = NULL;
const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
#ifndef NO_BIO
/* test creating new EVP_PKEY with bad arg */
ExpectNull((pkey = PEM_read_bio_PrivateKey(NULL, NULL, NULL, NULL)));
/* Test bad EVP_PKEY type. */
/* New HMAC EVP_PKEY */
ExpectNotNull(bio = BIO_new_mem_buf("", 1));
ExpectNotNull(pkey = EVP_PKEY_new());
if (pkey != NULL) {
pkey->type = EVP_PKEY_HMAC;
}
ExpectIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
0);
#if defined(OPENSSL_ALL) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
NULL), 0);
#endif
#ifdef WOLFSSL_KEY_GEN
ExpectIntEQ(PEM_write_bio_PUBKEY(bio, pkey), WOLFSSL_FAILURE);
#endif
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(bio);
bio = NULL;
/* key is DES encrypted */
#if !defined(NO_DES3) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
!defined(NO_RSA) && !defined(NO_BIO) && !defined(NO_FILESYSTEM) && \
!defined(NO_MD5) && defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
{
XFILE f = XBADFILE;
wc_pem_password_cb* passwd_cb = NULL;
void* passwd_cb_userdata;
SSL_CTX* ctx = NULL;
char passwd[] = "bad password";
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_client_method()));
#endif
#else
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_client_method()));
#endif
#endif
ExpectNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb"));
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
ExpectNotNull(passwd_cb = SSL_CTX_get_default_passwd_cb(ctx));
ExpectNull(passwd_cb_userdata =
SSL_CTX_get_default_passwd_cb_userdata(ctx));
/* fail case with password call back */
ExpectNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL,
(void*)passwd));
BIO_free(bio);
ExpectNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb"));
ExpectNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, passwd_cb,
(void*)passwd));
BIO_free(bio);
ExpectTrue((f = XFOPEN("./certs/server-keyEnc.pem", "rb")) != XBADFILE);
ExpectNotNull(bio = BIO_new_fp(f, BIO_CLOSE));
if ((bio == NULL) && (f != XBADFILE)) {
XFCLOSE(f);
}
/* use callback that works */
ExpectNotNull(pkey = PEM_read_bio_PrivateKey(bio, NULL, passwd_cb,
(void*)"yassl123"));
ExpectIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), SSL_SUCCESS);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(bio);
bio = NULL;
SSL_CTX_free(ctx);
}
#endif /* !defined(NO_DES3) */
#endif /* !NO_BIO */
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
{
unsigned char buf[2048];
size_t bytes = 0;
XFILE f = XBADFILE;
SSL_CTX* ctx = NULL;
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(TLSv1_2_client_method()));
#endif
#else
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_client_method()));
#endif
#endif
ExpectTrue((f = XFOPEN("./certs/ecc-key.der", "rb")) != XBADFILE);
ExpectIntGT(bytes = (size_t)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
server_key = buf;
pkey = NULL;
ExpectNull(d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key, (long int)bytes));
ExpectNull(pkey);
ExpectNotNull(d2i_PrivateKey(EVP_PKEY_EC, &pkey, &server_key, (long int)bytes));
ExpectIntEQ(SSL_CTX_use_PrivateKey(ctx, pkey), SSL_SUCCESS);
EVP_PKEY_free(pkey);
pkey = NULL;
SSL_CTX_free(ctx);
server_key = NULL;
}
#endif
#ifndef NO_BIO
(void)bio;
#endif
(void)pkey;
(void)server_key;
#endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_file_RSAKey(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \
!defined(NO_FILESYSTEM) && !defined(NO_CERTS)
RSA* rsa = NULL;
XFILE fp = XBADFILE;
ExpectTrue((fp = XFOPEN("./certs/rsa-pub-2048.pem", "rb")) != XBADFILE);
ExpectNotNull((rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL)));
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectIntEQ(RSA_size(rsa), 256);
ExpectIntEQ(PEM_write_RSAPublicKey(XBADFILE, rsa), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_RSAPublicKey(stderr, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_RSAPublicKey(stderr, rsa), WOLFSSL_SUCCESS);
ExpectIntEQ(PEM_write_RSA_PUBKEY(XBADFILE, rsa), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_RSA_PUBKEY(stderr, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_RSA_PUBKEY(stderr, rsa), WOLFSSL_SUCCESS);
RSA_free(rsa);
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
(defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_file_RSAPrivateKey(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
!defined(NO_FILESYSTEM) && \
(defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM))
RSA* rsa = NULL;
XFILE f = NULL;
ExpectTrue((f = XFOPEN(svrKeyFile, "r")) != XBADFILE);
ExpectNotNull((rsa = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL)));
ExpectIntEQ(RSA_size(rsa), 256);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntEQ(PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0, NULL,
NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0, NULL,
NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0, NULL, NULL),
WOLFSSL_SUCCESS);
RSA_free(rsa);
#ifdef HAVE_ECC
ExpectTrue((f = XFOPEN(eccKeyFile, "r")) != XBADFILE);
ExpectNull((rsa = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL)));
if (f != XBADFILE)
XFCLOSE(f);
#endif /* HAVE_ECC */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_RSA_PUBKEY(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
XFILE file = XBADFILE;
const char* fname = "./certs/client-keyPub.pem";
RSA *rsa = NULL;
ExpectNull(wolfSSL_PEM_read_RSA_PUBKEY(XBADFILE, NULL, NULL, NULL));
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectNotNull((rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL)));
ExpectIntEQ(RSA_size(rsa), 256);
RSA_free(rsa);
if (file != XBADFILE)
XFCLOSE(file);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_bio_RSAKey(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \
!defined(NO_FILESYSTEM) && !defined(NO_CERTS)
RSA* rsa = NULL;
BIO* bio = NULL;
/* PrivateKey */
ExpectNotNull(bio = BIO_new_file(svrKeyFile, "rb"));
ExpectNull((rsa = PEM_read_bio_RSAPrivateKey(NULL, NULL, NULL, NULL)));
ExpectNotNull(PEM_read_bio_RSAPrivateKey(bio, &rsa, NULL, NULL));
ExpectNotNull(rsa);
ExpectIntEQ(RSA_size(rsa), 256);
ExpectIntEQ(PEM_write_bio_RSAPrivateKey(NULL, NULL, NULL, NULL, 0, NULL, \
NULL), WOLFSSL_FAILURE);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_RSAPrivateKey(bio, rsa, NULL, NULL, 0, NULL, \
NULL), WOLFSSL_SUCCESS);
BIO_free(bio);
bio = NULL;
RSA_free(rsa);
rsa = NULL;
/* PUBKEY */
ExpectNotNull(bio = BIO_new_file("./certs/rsa-pub-2048.pem", "rb"));
ExpectNull((rsa = PEM_read_bio_RSA_PUBKEY(NULL, NULL, NULL, NULL)));
ExpectNotNull((rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL)));
ExpectIntEQ(RSA_size(rsa), 256);
ExpectIntEQ(PEM_write_bio_RSA_PUBKEY(NULL, NULL), WOLFSSL_FAILURE);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_RSA_PUBKEY(bio, rsa), WOLFSSL_SUCCESS);
BIO_free(bio);
bio = NULL;
RSA_free(rsa);
rsa = NULL;
/* Ensure that keys beginning with BEGIN RSA PUBLIC KEY can be read, too. */
ExpectNotNull(bio = BIO_new_file("./certs/server-keyPub.pem", "rb"));
ExpectNotNull((rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL)));
BIO_free(bio);
bio = NULL;
RSA_free(rsa);
rsa = NULL;
#ifdef HAVE_ECC
/* ensure that non-rsa keys do not work */
ExpectNotNull(bio = BIO_new_file(eccKeyFile, "rb")); /* ecc key */
ExpectNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
ExpectNull((rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL)));
BIO_free(bio);
bio = NULL;
RSA_free(rsa);
rsa = NULL;
#endif /* HAVE_ECC */
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
(defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_bio_RSAPrivateKey(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
RSA* rsa = NULL;
RSA* rsa_dup = NULL;
BIO* bio = NULL;
ExpectNotNull(bio = BIO_new_file(svrKeyFile, "rb"));
ExpectNotNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
ExpectIntEQ(RSA_size(rsa), 256);
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
ExpectNull(rsa_dup = RSAPublicKey_dup(NULL));
/* Test duplicating empty key. */
ExpectNotNull(rsa_dup = RSA_new());
ExpectNull(RSAPublicKey_dup(rsa_dup));
RSA_free(rsa_dup);
rsa_dup = NULL;
ExpectNotNull(rsa_dup = RSAPublicKey_dup(rsa));
ExpectPtrNE(rsa_dup, rsa);
#endif
/* test if valgrind complains about unreleased memory */
RSA_up_ref(rsa);
RSA_free(rsa);
BIO_free(bio);
bio = NULL;
RSA_free(rsa);
rsa = NULL;
RSA_free(rsa_dup);
rsa_dup = NULL;
#ifdef HAVE_ECC
ExpectNotNull(bio = BIO_new_file(eccKeyFile, "rb"));
ExpectNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
BIO_free(bio);
#endif /* HAVE_ECC */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_bio_DSAKey(void)
{
EXPECT_DECLS;
#ifndef HAVE_SELFTEST
#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_CERTS) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && !defined(NO_DSA)
DSA* dsa = NULL;
BIO* bio = NULL;
/* PrivateKey */
ExpectNotNull(bio = BIO_new_file("./certs/1024/dsa1024.pem", "rb"));
ExpectNull((dsa = PEM_read_bio_DSAPrivateKey(NULL, NULL, NULL, NULL)));
ExpectNotNull((dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL)));
ExpectIntEQ(BN_num_bytes(dsa->g), 128);
ExpectIntEQ(PEM_write_bio_DSAPrivateKey(NULL, NULL, NULL, NULL, 0, NULL,
NULL), WOLFSSL_FAILURE);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_DSAPrivateKey(bio, dsa, NULL, NULL, 0, NULL,
NULL), WOLFSSL_SUCCESS);
BIO_free(bio);
bio = NULL;
DSA_free(dsa);
dsa = NULL;
/* PUBKEY */
ExpectNotNull(bio = BIO_new_file("./certs/1024/dsa-pub-1024.pem", "rb"));
ExpectNull((dsa = PEM_read_bio_DSA_PUBKEY(NULL, NULL, NULL, NULL)));
ExpectNotNull((dsa = PEM_read_bio_DSA_PUBKEY(bio, NULL, NULL, NULL)));
ExpectIntEQ(BN_num_bytes(dsa->g), 128);
ExpectIntEQ(PEM_write_bio_DSA_PUBKEY(NULL, NULL), WOLFSSL_FAILURE);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_DSA_PUBKEY(bio, dsa), WOLFSSL_SUCCESS);
BIO_free(bio);
bio = NULL;
DSA_free(dsa);
dsa = NULL;
#ifdef HAVE_ECC
/* ensure that non-dsa keys do not work */
ExpectNotNull(bio = BIO_new_file(eccKeyFile, "rb")); /* ecc key */
ExpectNull((dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL)));
ExpectNull((dsa = PEM_read_bio_DSA_PUBKEY(bio, NULL, NULL, NULL)));
BIO_free(bio);
bio = NULL;
DSA_free(dsa);
dsa = NULL;
#endif /* HAVE_ECC */
#endif /* defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && \
!defined(NO_CERTS) && defined(WOLFSSL_KEY_GEN) && \
!defined(NO_FILESYSTEM) && !defined(NO_DSA) */
#endif /* HAVE_SELFTEST */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_bio_ECKey(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
EC_KEY* ec = NULL;
EC_KEY* ec2;
BIO* bio = NULL;
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
unsigned char* pem = NULL;
int pLen;
#endif
static char ec_key_bad_1[] = "-----BEGIN PUBLIC KEY-----\n"
"MAA=\n"
"-----END PUBLIC KEY-----";
static char ec_priv_key_bad_1[] = "-----BEGIN EC PRIVATE KEY-----\n"
"MAA=\n"
"-----END EC PRIVATE KEY-----";
/* PrivateKey */
ExpectNotNull(bio = BIO_new_file("./certs/ecc-key.pem", "rb"));
ExpectNull((ec = PEM_read_bio_ECPrivateKey(NULL, NULL, NULL, NULL)));
ec2 = NULL;
ExpectNotNull((ec = PEM_read_bio_ECPrivateKey(bio, &ec2, NULL, NULL)));
ExpectIntEQ(ec == ec2, 1);
ExpectIntEQ(wc_ecc_size((ecc_key*)ec->internal), 32);
ExpectIntEQ(PEM_write_bio_ECPrivateKey(NULL, NULL, NULL, NULL, 0, NULL,
NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_bio_ECPrivateKey(bio, NULL, NULL, NULL, 0, NULL,
NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_bio_ECPrivateKey(NULL, ec, NULL, NULL, 0, NULL, NULL),
WOLFSSL_FAILURE);
BIO_free(bio);
bio = NULL;
/* Public key data - fail. */
ExpectNotNull(bio = BIO_new_file("./certs/ecc-client-keyPub.pem", "rb"));
ExpectNull(PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_ECPrivateKey(bio, ec, NULL, NULL, 0, NULL, \
NULL), WOLFSSL_SUCCESS);
BIO_free(bio);
bio = NULL;
ExpectIntEQ(PEM_write_ECPrivateKey(XBADFILE, NULL, NULL, NULL, 0, NULL,
NULL),WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_ECPrivateKey(stderr, NULL, NULL, NULL, 0, NULL, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_ECPrivateKey(XBADFILE, ec, NULL, NULL, 0, NULL, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_ECPrivateKey(stderr, ec, NULL, NULL, 0, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, NULL,
NULL), 0);
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, NULL,
NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, &pem,
NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, NULL,
&pLen), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(NULL, NULL, NULL, 0, &pem,
&pLen), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, NULL,
&pLen), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, &pem,
NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_ECPrivateKey(ec, NULL, NULL, 0, &pem,
&pLen), 1);
ExpectIntGT(pLen, 0);
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
EC_KEY_free(ec);
ec = NULL;
/* PUBKEY */
ExpectNotNull(bio = BIO_new_file("./certs/ecc-client-keyPub.pem", "rb"));
ExpectNull((ec = PEM_read_bio_EC_PUBKEY(NULL, NULL, NULL, NULL)));
ec2 = NULL;
ExpectNotNull((ec = PEM_read_bio_EC_PUBKEY(bio, &ec2, NULL, NULL)));
ExpectIntEQ(ec == ec2, 1);
ExpectIntEQ(wc_ecc_size((ecc_key*)ec->internal), 32);
ExpectIntEQ(PEM_write_bio_EC_PUBKEY(NULL, NULL), WOLFSSL_FAILURE);
BIO_free(bio);
bio = NULL;
/* Test 0x30, 0x00 fails. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_key_bad_1,
sizeof(ec_key_bad_1)));
ExpectNull(PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
/* Private key data - fail. */
ExpectNotNull(bio = BIO_new_file("./certs/ecc-key.pem", "rb"));
ExpectNull(PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_EC_PUBKEY(bio, ec), WOLFSSL_SUCCESS);
BIO_free(bio);
bio = NULL;
/* Same test as above, but with a file pointer rather than a BIO. */
ExpectIntEQ(PEM_write_EC_PUBKEY(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_EC_PUBKEY(NULL, ec), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_EC_PUBKEY(stderr, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_write_EC_PUBKEY(stderr, ec), WOLFSSL_SUCCESS);
EC_KEY_free(ec);
ec = NULL;
#ifndef NO_RSA
/* ensure that non-ec keys do not work */
ExpectNotNull(bio = BIO_new_file(svrKeyFile, "rb")); /* rsa key */
ExpectNull((ec = PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL)));
ExpectNull((ec = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL)));
BIO_free(bio);
bio = NULL;
EC_KEY_free(ec);
ec = NULL;
#endif /* !NO_RSA */
/* Test 0x30, 0x00 fails. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_priv_key_bad_1,
sizeof(ec_priv_key_bad_1)));
ExpectNull(PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_PUBKEY(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
/* test creating new EVP_PKEY with bad arg */
ExpectNull((pkey = PEM_read_bio_PUBKEY(NULL, NULL, NULL, NULL)));
/* test loading ECC key using BIO */
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
{
XFILE file = XBADFILE;
const char* fname = "./certs/ecc-client-keyPub.pem";
size_t sz = 0;
byte* buf = NULL;
EVP_PKEY* pkey2 = NULL;
EC_KEY* ec_key = NULL;
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectIntEQ(XFSEEK(file, 0, XSEEK_END), 0);
ExpectIntGT(sz = XFTELL(file), 0);
ExpectIntEQ(XFSEEK(file, 0, XSEEK_SET), 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
if (buf != NULL) {
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
}
if (file != XBADFILE) {
XFCLOSE(file);
}
/* Test using BIO new mem and loading PEM private key */
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL)));
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectPtrEq(PEM_read_bio_PUBKEY(bio, &pkey, NULL, NULL), pkey);
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
/* Qt unit test case*/
ExpectNotNull(pkey2 = EVP_PKEY_new());
ExpectNotNull(ec_key = EVP_PKEY_get1_EC_KEY(pkey));
ExpectIntEQ(EVP_PKEY_set1_EC_KEY(pkey2, ec_key), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey2), 1/* match */);
#else
ExpectIntEQ(EVP_PKEY_cmp(pkey, pkey2), 0);
#endif
EC_KEY_free(ec_key);
EVP_PKEY_free(pkey2);
EVP_PKEY_free(pkey);
pkey = NULL;
}
#endif
(void)bio;
(void)pkey;
#endif
return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_DSA_do_sign_verify(void)
{
EXPECT_DECLS;
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_DSA)
unsigned char digest[WC_SHA_DIGEST_SIZE];
DSA_SIG* sig = NULL;
DSA* dsa = NULL;
word32 bytes;
byte sigBin[DSA_SIG_SIZE];
int dsacheck;
#ifdef USE_CERT_BUFFERS_1024
byte tmp[ONEK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
byte tmp[TWOK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
byte tmp[TWOK_BUF];
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb") != XBADFILE);
ExpectIntGT(bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
XMEMSET(digest, 202, sizeof(digest));
ExpectNotNull(dsa = DSA_new());
ExpectIntEQ(DSA_LoadDer(dsa, tmp, (int)bytes), 1);
ExpectIntEQ(wolfSSL_DSA_do_sign(digest, sigBin, dsa), 1);
ExpectIntEQ(wolfSSL_DSA_do_verify(digest, sigBin, dsa, &dsacheck), 1);
ExpectNotNull(sig = DSA_do_sign(digest, WC_SHA_DIGEST_SIZE, dsa));
ExpectIntEQ(DSA_do_verify(digest, WC_SHA_DIGEST_SIZE, sig, dsa), 1);
DSA_SIG_free(sig);
DSA_free(dsa);
#endif
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
return EXPECT_RESULT();
}
static int test_wolfSSL_tmp_dh(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
byte buff[6000];
static const unsigned char p[] = {
0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba,
0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5, 0x00,
0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a, 0xc6,
0x25, 0x27, 0x1c, 0xe8, 0xd2, 0x96, 0x53, 0x0a,
0x5c, 0x91, 0xdd, 0xa2, 0xc2, 0x94, 0x84, 0xbf,
0x7d, 0xb2, 0x44, 0x9f, 0x9b, 0xd2, 0xc1, 0x8a,
0xc5, 0xbe, 0x72, 0x5c, 0xa7, 0xe7, 0x91, 0xe6,
0xd4, 0x9f, 0x73, 0x07, 0x85, 0x5b, 0x66, 0x48,
0xc7, 0x70, 0xfa, 0xb4, 0xee, 0x02, 0xc9, 0x3d,
0x9a, 0x4a, 0xda, 0x3d, 0xc1, 0x46, 0x3e, 0x19,
0x69, 0xd1, 0x17, 0x46, 0x07, 0xa3, 0x4d, 0x9f,
0x2b, 0x96, 0x17, 0x39, 0x6d, 0x30, 0x8d, 0x2a,
0xf3, 0x94, 0xd3, 0x75, 0xcf, 0xa0, 0x75, 0xe6,
0xf2, 0x92, 0x1f, 0x1a, 0x70, 0x05, 0xaa, 0x04,
0x83, 0x57, 0x30, 0xfb, 0xda, 0x76, 0x93, 0x38,
0x50, 0xe8, 0x27, 0xfd, 0x63, 0xee, 0x3c, 0xe5,
0xb7, 0xc8, 0x09, 0xae, 0x6f, 0x50, 0x35, 0x8e,
0x84, 0xce, 0x4a, 0x00, 0xe9, 0x12, 0x7e, 0x5a,
0x31, 0xd7, 0x33, 0xfc, 0x21, 0x13, 0x76, 0xcc,
0x16, 0x30, 0xdb, 0x0c, 0xfc, 0xc5, 0x62, 0xa7,
0x35, 0xb8, 0xef, 0xb7, 0xb0, 0xac, 0xc0, 0x36,
0xf6, 0xd9, 0xc9, 0x46, 0x48, 0xf9, 0x40, 0x90,
0x00, 0x2b, 0x1b, 0xaa, 0x6c, 0xe3, 0x1a, 0xc3,
0x0b, 0x03, 0x9e, 0x1b, 0xc2, 0x46, 0xe4, 0x48,
0x4e, 0x22, 0x73, 0x6f, 0xc3, 0x5f, 0xd4, 0x9a,
0xd6, 0x30, 0x07, 0x48, 0xd6, 0x8c, 0x90, 0xab,
0xd4, 0xf6, 0xf1, 0xe3, 0x48, 0xd3, 0x58, 0x4b,
0xa6, 0xb9, 0xcd, 0x29, 0xbf, 0x68, 0x1f, 0x08,
0x4b, 0x63, 0x86, 0x2f, 0x5c, 0x6b, 0xd6, 0xb6,
0x06, 0x65, 0xf7, 0xa6, 0xdc, 0x00, 0x67, 0x6b,
0xbb, 0xc3, 0xa9, 0x41, 0x83, 0xfb, 0xc7, 0xfa,
0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f, 0x93
};
int pSz = (int)sizeof(p);
#if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST)
static const unsigned char bad_p[] = {
0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba,
0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5, 0x00,
0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a, 0xc6,
0x25, 0x27, 0x1c, 0xe8, 0xd2, 0x96, 0x53, 0x0a,
0x5c, 0x91, 0xdd, 0xa2, 0xc2, 0x94, 0x84, 0xbf,
0x7d, 0xb2, 0x44, 0x9f, 0x9b, 0xd2, 0xc1, 0x8a,
0xc5, 0xbe, 0x72, 0x5c, 0xa7, 0xe7, 0x91, 0xe6,
0xd4, 0x9f, 0x73, 0x07, 0x85, 0x5b, 0x66, 0x48,
0xc7, 0x70, 0xfa, 0xb4, 0xee, 0x02, 0xc9, 0x3d,
0x9a, 0x4a, 0xda, 0x3d, 0xc1, 0x46, 0x3e, 0x19,
0x69, 0xd1, 0x17, 0x46, 0x07, 0xa3, 0x4d, 0x9f,
0x2b, 0x96, 0x17, 0x39, 0x6d, 0x30, 0x8d, 0x2a,
0xf3, 0x94, 0xd3, 0x75, 0xcf, 0xa0, 0x75, 0xe6,
0xf2, 0x92, 0x1f, 0x1a, 0x70, 0x05, 0xaa, 0x04,
0x83, 0x57, 0x30, 0xfb, 0xda, 0x76, 0x93, 0x38,
0x50, 0xe8, 0x27, 0xfd, 0x63, 0xee, 0x3c, 0xe5,
0xb7, 0xc8, 0x09, 0xae, 0x6f, 0x50, 0x35, 0x8e,
0x84, 0xce, 0x4a, 0x00, 0xe9, 0x12, 0x7e, 0x5a,
0x31, 0xd7, 0x33, 0xfc, 0x21, 0x13, 0x76, 0xcc,
0x16, 0x30, 0xdb, 0x0c, 0xfc, 0xc5, 0x62, 0xa7,
0x35, 0xb8, 0xef, 0xb7, 0xb0, 0xac, 0xc0, 0x36,
0xf6, 0xd9, 0xc9, 0x46, 0x48, 0xf9, 0x40, 0x90,
0x00, 0x2b, 0x1b, 0xaa, 0x6c, 0xe3, 0x1a, 0xc3,
0x0b, 0x03, 0x9e, 0x1b, 0xc2, 0x46, 0xe4, 0x48,
0x4e, 0x22, 0x73, 0x6f, 0xc3, 0x5f, 0xd4, 0x9a,
0xd6, 0x30, 0x07, 0x48, 0xd6, 0x8c, 0x90, 0xab,
0xd4, 0xf6, 0xf1, 0xe3, 0x48, 0xd3, 0x58, 0x4b,
0xa6, 0xb9, 0xcd, 0x29, 0xbf, 0x68, 0x1f, 0x08,
0x4b, 0x63, 0x86, 0x2f, 0x5c, 0x6b, 0xd6, 0xb6,
0x06, 0x65, 0xf7, 0xa6, 0xdc, 0x00, 0x67, 0x6b,
0xbb, 0xc3, 0xa9, 0x41, 0x83, 0xfb, 0xc7, 0xfa,
0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f, 0x91
};
#endif
static const unsigned char g[] = { 0x02 };
int gSz = (int)sizeof(g);
#if !defined(NO_DSA)
char file[] = "./certs/dsaparams.pem";
DSA* dsa = NULL;
#else
char file[] = "./certs/dh2048.pem";
#endif
XFILE f = XBADFILE;
int bytes = 0;
DH* dh = NULL;
DH* dh2 = NULL;
BIO* bio = NULL;
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
#ifndef NO_WOLFSSL_CLIENT
SSL* ssl_c = NULL;
SSL_CTX* ctx_c = NULL;
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#endif
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx_c = SSL_CTX_new(wolfSSLv23_client_method()));
#ifdef NO_WOLFSSL_SERVER
ctx = ctx_c;
#endif
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
#ifndef NO_WOLFSSL_CLIENT
ExpectTrue(SSL_CTX_use_certificate_file(ctx_c, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx_c, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(ssl_c = SSL_new(ctx_c));
#ifdef NO_WOLFSSL_SERVER
ssl = ssl_c;
#endif
#endif
XMEMSET(buff, 0, sizeof(buff));
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(bio = BIO_new_mem_buf((void*)buff, bytes));
#if !defined(NO_DSA)
dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL);
ExpectNotNull(dsa);
dh = wolfSSL_DSA_dup_DH(dsa);
#else
dh = wolfSSL_PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
#endif
ExpectNotNull(dh);
#if defined(WOLFSSL_DH_EXTRA) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
ExpectNotNull(dh2 = wolfSSL_DH_dup(dh));
DH_free(dh2);
dh2 = NULL;
#endif
/* Failure cases */
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(NULL, NULL, 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx , NULL, 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(NULL, p , 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(NULL, NULL, 0, g , 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx , p , 0, NULL, 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx , NULL, 0, g , 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(NULL, p , 0, g , 0),
BAD_FUNC_ARG);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx , p , 1, g , 1),
DH_KEY_SIZE_E);
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx , buff, 6000, g , 1),
DH_KEY_SIZE_E);
#if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx, bad_p, pSz, g, gSz),
DH_CHECK_PUB_E);
#endif
ExpectIntEQ((int)wolfSSL_SetTmpDH(NULL, NULL, 0, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl , NULL, 0, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(NULL, p , 0, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(NULL, NULL, 0, g , 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl , p , 0, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl , NULL, 0, g , 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(NULL, p , 0, g , 0),
WOLFSSL_FAILURE);
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl , p , 1, g , 1),
DH_KEY_SIZE_E);
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl , buff, 6000, g , 1),
DH_KEY_SIZE_E);
#if !defined(WOLFSSL_OLD_PRIME_CHECK) && !defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST)
#ifndef NO_WOLFSSL_SERVER
/* Parameters will be tested later so it passes now. */
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl, bad_p, pSz, g, gSz),
WOLFSSL_SUCCESS);
#endif
#endif
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ((int)wolfSSL_SetTmpDH(ssl_c, p, pSz, g, gSz),
SIDE_ERROR);
#endif
ExpectIntEQ((int)SSL_CTX_set_tmp_dh(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ((int)SSL_CTX_set_tmp_dh(ctx , NULL), BAD_FUNC_ARG);
ExpectIntEQ((int)SSL_CTX_set_tmp_dh(NULL, dh ), BAD_FUNC_ARG);
ExpectIntEQ((int)SSL_set_tmp_dh(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ((int)SSL_set_tmp_dh(ssl , NULL), BAD_FUNC_ARG);
ExpectIntEQ((int)SSL_set_tmp_dh(NULL, dh ), BAD_FUNC_ARG);
/* No p/g to use. */
dh2 = wolfSSL_DH_new();
ExpectIntEQ((int)SSL_CTX_set_tmp_dh(ctx , dh2 ), WOLFSSL_FATAL_ERROR);
ExpectIntEQ((int)SSL_set_tmp_dh(ssl , dh2 ), WOLFSSL_FATAL_ERROR);
DH_free(dh2);
dh2 = NULL;
ExpectIntEQ((int)wolfSSL_CTX_SetTmpDH(ctx, p, pSz, g, gSz),
WOLFSSL_SUCCESS);
ExpectIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ((int)SSL_set_tmp_dh(ssl, dh), WOLFSSL_SUCCESS);
#else
ExpectIntEQ((int)SSL_set_tmp_dh(ssl, dh), SIDE_ERROR);
#endif
BIO_free(bio);
#if !defined(NO_DSA)
DSA_free(dsa);
#endif
DH_free(dh);
dh = NULL;
#ifndef NO_WOLFSSL_CLIENT
if (ssl != ssl_c) {
SSL_free(ssl_c);
}
#endif
SSL_free(ssl);
#ifndef NO_WOLFSSL_CLIENT
if (ctx != ctx_c) {
SSL_CTX_free(ctx_c);
}
#endif
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ctrl(void)
{
EXPECT_DECLS;
#if defined (OPENSSL_EXTRA) && !defined(NO_BIO)
byte buff[6000];
BIO* bio = NULL;
int bytes;
BUF_MEM* ptr = NULL;
XMEMSET(buff, 0, sizeof(buff));
bytes = sizeof(buff);
ExpectNotNull(bio = BIO_new_mem_buf((void*)buff, bytes));
ExpectNotNull(BIO_s_socket());
ExpectIntEQ((int)wolfSSL_BIO_get_mem_ptr(bio, &ptr), WOLFSSL_SUCCESS);
/* needs tested after stubs filled out @TODO
SSL_ctrl
SSL_CTX_ctrl
*/
BIO_free(bio);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_BIO) */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_new_mac_key(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
static const unsigned char pw[] = "password";
static const int pwSz = sizeof(pw) - 1;
size_t checkPwSz = 0;
const unsigned char* checkPw = NULL;
WOLFSSL_EVP_PKEY* key = NULL;
ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, pw, pwSz));
ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, NULL, pwSz));
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw,
pwSz));
if (key != NULL) {
ExpectIntEQ(key->type, EVP_PKEY_HMAC);
ExpectIntEQ(key->save_type, EVP_PKEY_HMAC);
ExpectIntEQ(key->pkey_sz, pwSz);
ExpectIntEQ(XMEMCMP(key->pkey.ptr, pw, pwSz), 0);
}
ExpectNotNull(checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz));
ExpectIntEQ((int)checkPwSz, pwSz);
ExpectIntEQ(XMEMCMP(checkPw, pw, pwSz), 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw,
0));
ExpectIntEQ(key->pkey_sz, 0);
if (EXPECT_SUCCESS()) {
/* Allocation for key->pkey.ptr may fail - OK key len is 0 */
checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz);
}
ExpectTrue((checkPwSz == 0) || (checkPw != NULL));
ExpectIntEQ((int)checkPwSz, 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, NULL,
0));
ExpectIntEQ(key->pkey_sz, 0);
if (EXPECT_SUCCESS()) {
/* Allocation for key->pkey.ptr may fail - OK key len is 0 */
checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz);
}
ExpectTrue((checkPwSz == 0) || (checkPw != NULL));
ExpectIntEQ((int)checkPwSz, 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_new_CMAC_key(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
const char *priv = "ABCDEFGHIJKLMNOP";
const WOLFSSL_EVP_CIPHER* cipher = EVP_aes_128_cbc();
WOLFSSL_EVP_PKEY* key = NULL;
ExpectNull(key = wolfSSL_EVP_PKEY_new_CMAC_key(
NULL, NULL, AES_128_KEY_SIZE, cipher));
ExpectNull(key = wolfSSL_EVP_PKEY_new_CMAC_key(
NULL, (const unsigned char *)priv, 0, cipher));
ExpectNull(key = wolfSSL_EVP_PKEY_new_CMAC_key(
NULL, (const unsigned char *)priv, AES_128_KEY_SIZE, NULL));
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_CMAC_key(
NULL, (const unsigned char *)priv, AES_128_KEY_SIZE, cipher));
wolfSSL_EVP_PKEY_free(key);
#endif /* WOLFSSL_CMAC && !NO_AES && WOLFSSL_AES_DIRECT */
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_Digest(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_PWDBASED)
const char* in = "abc";
int inLen = (int)XSTRLEN(in);
byte out[WC_SHA256_DIGEST_SIZE];
unsigned int outLen;
const char* expOut =
"\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
"\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
"\x15\xAD";
ExpectIntEQ(wolfSSL_EVP_Digest((unsigned char*)in, inLen, out, &outLen,
"SHA256", NULL), 1);
ExpectIntEQ(outLen, WC_SHA256_DIGEST_SIZE);
ExpectIntEQ(XMEMCMP(out, expOut, WC_SHA256_DIGEST_SIZE), 0);
#endif /* OPEN_EXTRA && ! NO_SHA256 */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_Digest_all(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
const char* digests[] = {
#ifndef NO_MD5
"MD5",
#endif
#ifndef NO_SHA
"SHA",
#endif
#ifdef WOLFSSL_SHA224
"SHA224",
#endif
#ifndef NO_SHA256
"SHA256",
#endif
#ifdef WOLFSSL_SHA384
"SHA384",
#endif
#ifdef WOLFSSL_SHA512
"SHA512",
#endif
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
"SHA512_224",
#endif
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
"SHA512_256",
#endif
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
"SHA3_224",
#endif
#ifndef WOLFSSL_NOSHA3_256
"SHA3_256",
#endif
"SHA3_384",
#ifndef WOLFSSL_NOSHA3_512
"SHA3_512",
#endif
#endif /* WOLFSSL_SHA3 */
NULL
};
const char** d;
const unsigned char in[] = "abc";
int inLen = XSTR_SIZEOF(in);
byte out[WC_MAX_DIGEST_SIZE];
unsigned int outLen;
for (d = digests; *d != NULL; d++) {
ExpectIntEQ(EVP_Digest(in, inLen, out, &outLen, *d, NULL), 1);
ExpectIntGT(outLen, 0);
ExpectIntEQ(EVP_MD_size(*d), outLen);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_size(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
WOLFSSL_EVP_MD_CTX mdCtx;
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_224"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_224_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_224_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#ifndef WOLFSSL_NOSHA3_256
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_256"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_256_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_256_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_384"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_384_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_384_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#ifndef WOLFSSL_NOSHA3_512
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA3_512"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA3_512_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA3_512_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#endif /* WOLFSSL_SHA3 */
#ifndef NO_SHA256
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA256"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA256_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA256_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA256_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA256_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#ifndef NO_MD5
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "MD5"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_MD5_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_MD5_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_MD5_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_MD5_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#ifdef WOLFSSL_SHA224
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA224"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA224_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA224_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA224_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA224_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#ifdef WOLFSSL_SHA384
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA384"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA384_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA384_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA384_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA384_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#ifdef WOLFSSL_SHA512
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA512"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA512_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA512_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA512_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA512_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
#ifndef NO_SHA
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA1"), 1);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_block_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
WC_SHA_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_size(&mdCtx), WC_SHA_DIGEST_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), WC_SHA_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
/* error case */
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, ""), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_EVP_MD_size(wolfSSL_EVP_MD_CTX_md(&mdCtx)),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), BAD_FUNC_ARG);
/* Cleanup is valid on uninit'ed struct */
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_pkey_type(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
const WOLFSSL_EVP_MD* md;
#ifndef NO_MD5
ExpectNotNull(md = EVP_md5());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_md5WithRSAEncryption);
#endif
#ifndef NO_SHA
ExpectNotNull(md = EVP_sha1());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha1WithRSAEncryption);
#endif
#ifdef WOLFSSL_SHA224
ExpectNotNull(md = EVP_sha224());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha224WithRSAEncryption);
#endif
ExpectNotNull(md = EVP_sha256());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha256WithRSAEncryption);
#ifdef WOLFSSL_SHA384
ExpectNotNull(md = EVP_sha384());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha384WithRSAEncryption);
#endif
#ifdef WOLFSSL_SHA512
ExpectNotNull(md = EVP_sha512());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha512WithRSAEncryption);
#endif
#endif
return EXPECT_RESULT();
}
#ifdef OPENSSL_EXTRA
static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
size_t testKeySz, const char* testData, size_t testDataSz,
const byte* testResult, size_t testResultSz)
{
EXPECT_DECLS;
unsigned char check[WC_MAX_DIGEST_SIZE];
size_t checkSz = -1;
WOLFSSL_EVP_PKEY* key = NULL;
WOLFSSL_EVP_MD_CTX mdCtx;
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
testKey, (int)testKeySz));
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)testDataSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, (int)testResultSz);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)testDataSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, (int)testResultSz);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)testDataSz - 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4,
(unsigned int)testDataSz - 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
wolfSSL_EVP_PKEY_free(key);
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_EVP_MD_hmac_signing(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
static const unsigned char testKey[] =
{
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
static const char testData[] = "Hi There";
#ifdef WOLFSSL_SHA224
static const unsigned char testResultSha224[] =
{
0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19,
0x68, 0x32, 0x10, 0x7c, 0xd4, 0x9d, 0xf3, 0x3f,
0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f,
0x53, 0x68, 0x4b, 0x22
};
#endif
#ifndef NO_SHA256
static const unsigned char testResultSha256[] =
{
0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53,
0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b,
0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7,
0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7
};
#endif
#ifdef WOLFSSL_SHA384
static const unsigned char testResultSha384[] =
{
0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62,
0x6b, 0x08, 0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f,
0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6,
0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c,
0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f,
0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6
};
#endif
#ifdef WOLFSSL_SHA512
static const unsigned char testResultSha512[] =
{
0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d,
0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0,
0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78,
0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde,
0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7, 0x02,
0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4,
0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70,
0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54
};
#endif
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
static const unsigned char testResultSha3_224[] =
{
0x3b, 0x16, 0x54, 0x6b, 0xbc, 0x7b, 0xe2, 0x70,
0x6a, 0x03, 0x1d, 0xca, 0xfd, 0x56, 0x37, 0x3d,
0x98, 0x84, 0x36, 0x76, 0x41, 0xd8, 0xc5, 0x9a,
0xf3, 0xc8, 0x60, 0xf7
};
#endif
#ifndef WOLFSSL_NOSHA3_256
static const unsigned char testResultSha3_256[] =
{
0xba, 0x85, 0x19, 0x23, 0x10, 0xdf, 0xfa, 0x96,
0xe2, 0xa3, 0xa4, 0x0e, 0x69, 0x77, 0x43, 0x51,
0x14, 0x0b, 0xb7, 0x18, 0x5e, 0x12, 0x02, 0xcd,
0xcc, 0x91, 0x75, 0x89, 0xf9, 0x5e, 0x16, 0xbb
};
#endif
#ifndef WOLFSSL_NOSHA3_384
static const unsigned char testResultSha3_384[] =
{
0x68, 0xd2, 0xdc, 0xf7, 0xfd, 0x4d, 0xdd, 0x0a,
0x22, 0x40, 0xc8, 0xa4, 0x37, 0x30, 0x5f, 0x61,
0xfb, 0x73, 0x34, 0xcf, 0xb5, 0xd0, 0x22, 0x6e,
0x1b, 0xc2, 0x7d, 0xc1, 0x0a, 0x2e, 0x72, 0x3a,
0x20, 0xd3, 0x70, 0xb4, 0x77, 0x43, 0x13, 0x0e,
0x26, 0xac, 0x7e, 0x3d, 0x53, 0x28, 0x86, 0xbd
};
#endif
#ifndef WOLFSSL_NOSHA3_512
static const unsigned char testResultSha3_512[] =
{
0xeb, 0x3f, 0xbd, 0x4b, 0x2e, 0xaa, 0xb8, 0xf5,
0xc5, 0x04, 0xbd, 0x3a, 0x41, 0x46, 0x5a, 0xac,
0xec, 0x15, 0x77, 0x0a, 0x7c, 0xab, 0xac, 0x53,
0x1e, 0x48, 0x2f, 0x86, 0x0b, 0x5e, 0xc7, 0xba,
0x47, 0xcc, 0xb2, 0xc6, 0xf2, 0xaf, 0xce, 0x8f,
0x88, 0xd2, 0x2b, 0x6d, 0xc6, 0x13, 0x80, 0xf2,
0x3a, 0x66, 0x8f, 0xd3, 0x88, 0x8b, 0xb8, 0x05,
0x37, 0xc0, 0xa0, 0xb8, 0x64, 0x07, 0x68, 0x9e
};
#endif
#endif
#ifndef NO_SHA256
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha256(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha256,
sizeof(testResultSha256)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA224
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha224(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha224,
sizeof(testResultSha224)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA384
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha384(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha384,
sizeof(testResultSha384)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA512
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha512(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha512,
sizeof(testResultSha512)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_224(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_224,
sizeof(testResultSha3_224)), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_256
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_256(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_256,
sizeof(testResultSha3_256)), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_384
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_384(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_384,
sizeof(testResultSha3_384)), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_512
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_512(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_512,
sizeof(testResultSha3_512)), TEST_SUCCESS);
#endif
#endif
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_rsa_signing(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
WOLFSSL_EVP_PKEY* privKey = NULL;
WOLFSSL_EVP_PKEY* pubKey = NULL;
WOLFSSL_EVP_PKEY_CTX* keyCtx = NULL;
const char testData[] = "Hi There";
WOLFSSL_EVP_MD_CTX mdCtx;
WOLFSSL_EVP_MD_CTX mdCtxCopy;
int ret;
size_t checkSz = -1;
int sz = 2048 / 8;
const unsigned char* cp;
const unsigned char* p;
unsigned char check[2048/8];
size_t i;
int paddings[] = {
RSA_PKCS1_PADDING,
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && defined(WC_RSA_PSS)
RSA_PKCS1_PSS_PADDING,
#endif
};
cp = client_key_der_2048;
ExpectNotNull((privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &cp,
sizeof_client_key_der_2048)));
p = client_keypub_der_2048;
ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p,
sizeof_client_keypub_der_2048)));
wolfSSL_EVP_MD_CTX_init(&mdCtx);
wolfSSL_EVP_MD_CTX_init(&mdCtxCopy);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,sz);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtxCopy);
ExpectIntEQ(ret, 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
/* Check all signing padding types */
for (i = 0; i < sizeof(paddings)/sizeof(int); i++) {
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, &keyCtx,
wolfSSL_EVP_sha256(), NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx,
paddings[i]), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,sz);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, &keyCtx,
wolfSSL_EVP_sha256(), NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx,
paddings[i]), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
}
wolfSSL_EVP_PKEY_free(pubKey);
wolfSSL_EVP_PKEY_free(privKey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_ecc_signing(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
WOLFSSL_EVP_PKEY* privKey = NULL;
WOLFSSL_EVP_PKEY* pubKey = NULL;
const char testData[] = "Hi There";
WOLFSSL_EVP_MD_CTX mdCtx;
int ret;
size_t checkSz = -1;
const unsigned char* cp;
const unsigned char* p;
unsigned char check[2048/8];
cp = ecc_clikey_der_256;
ExpectNotNull(privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp,
sizeof_ecc_clikey_der_256));
p = ecc_clikeypub_der_256;
ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p,
sizeof_ecc_clikeypub_der_256)));
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_PKEY_free(pubKey);
wolfSSL_EVP_PKEY_free(privKey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_extra_chain_cert(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
char caFile[] = "./certs/client-ca.pem";
char clientFile[] = "./certs/client-cert.pem";
SSL_CTX* ctx = NULL;
X509* x509 = NULL;
BIO *bio = NULL;
X509 *cert = NULL;
X509 *ca = NULL;
STACK_OF(X509) *chain = NULL;
STACK_OF(X509) *chain2 = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caFile,
WOLFSSL_FILETYPE_PEM));
/* Negative tests. */
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, NULL), WOLFSSL_FAILURE);
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(NULL, x509), WOLFSSL_FAILURE);
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
ExpectNotNull(x509 = wolfSSL_X509_new());
/* Empty certificate. */
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_FAILURE);
wolfSSL_X509_free(x509);
x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(clientFile,
WOLFSSL_FILETYPE_PEM));
/* additional test of getting EVP_PKEY key size from X509
* Do not run with user RSA because wolfSSL_RSA_size is not currently
* allowed with user RSA */
{
EVP_PKEY* pkey = NULL;
#if defined(HAVE_ECC)
X509* ecX509 = NULL;
#endif /* HAVE_ECC */
ExpectNotNull(pkey = X509_get_pubkey(x509));
/* current RSA key is 2048 bit (256 bytes) */
ExpectIntEQ(EVP_PKEY_size(pkey), 256);
EVP_PKEY_free(pkey);
pkey = NULL;
#if defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
SSL_FILETYPE_ASN1));
#else
ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
cliEccCertFile, SSL_FILETYPE_PEM));
#endif
pkey = X509_get_pubkey(ecX509);
ExpectNotNull(pkey);
/* current ECC key is 256 bit (32 bytes) */
ExpectIntEQ(EVP_PKEY_size(pkey), 32);
X509_free(ecX509);
ecX509 = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
#endif /* HAVE_ECC */
}
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), SSL_SUCCESS);
if (EXPECT_SUCCESS()) {
x509 = NULL;
}
#ifdef WOLFSSL_ENCRYPTED_KEYS
ExpectNull(SSL_CTX_get_default_passwd_cb(ctx));
ExpectNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
#endif
SSL_CTX_free(ctx);
ctx = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
/* Test haproxy use case */
ExpectNotNull(bio = BIO_new_file(svrCertFile, "r"));
/* Read Certificate */
ExpectNotNull(cert = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL));
ExpectNotNull(ca = PEM_read_bio_X509(bio, NULL, NULL, NULL));
ExpectNotNull(chain = sk_X509_new_null());
ExpectIntEQ(sk_X509_push(chain, ca), 1);
if (EXPECT_SUCCESS()) {
ca = NULL;
}
ExpectNotNull(chain2 = X509_chain_up_ref(chain));
ExpectNotNull(ca = sk_X509_shift(chain2));
ExpectIntEQ(SSL_CTX_use_certificate(ctx, cert), 1);
ExpectIntEQ(SSL_CTX_add_extra_chain_cert(ctx, ca), 1);
if (EXPECT_SUCCESS()) {
ca = NULL;
}
BIO_free(bio);
X509_free(cert);
X509_free(ca);
X509_free(x509);
sk_X509_pop_free(chain, X509_free);
sk_X509_pop_free(chain2, X509_free);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined (NO_BIO) */
return EXPECT_RESULT();
}
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
static int test_wolfSSL_ERR_peek_last_error_line(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
!defined(NO_OLD_TLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_ERROR_QUEUE)
callback_functions client_cb;
callback_functions server_cb;
int line = 0;
int flag = ERR_TXT_STRING;
const char* file = NULL;
const char* data = NULL;
/* create a failed connection and inspect the error */
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
client_cb.method = wolfTLSv1_1_client_method;
server_cb.method = wolfTLSv1_2_server_method;
test_wolfSSL_client_server_nofail(&client_cb, &server_cb);
ExpectIntGT(ERR_get_error_line_data(NULL, NULL, &data, &flag), 0);
ExpectNotNull(data);
/* check clearing error state */
ERR_remove_state(0);
ExpectIntEQ((int)ERR_peek_last_error_line(NULL, NULL), 0);
ERR_peek_last_error_line(NULL, &line);
ExpectIntEQ(line, 0);
ERR_peek_last_error_line(&file, NULL);
ExpectNull(file);
/* retry connection to fill error queue */
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
client_cb.method = wolfTLSv1_1_client_method;
server_cb.method = wolfTLSv1_2_server_method;
test_wolfSSL_client_server_nofail(&client_cb, &server_cb);
/* check that error code was stored */
ExpectIntNE((int)ERR_peek_last_error_line(NULL, NULL), 0);
ERR_peek_last_error_line(NULL, &line);
ExpectIntNE(line, 0);
ERR_peek_last_error_line(&file, NULL);
ExpectNotNull(file);
fprintf(stderr, "\nTesting error print out\n");
ERR_print_errors_fp(stderr);
fprintf(stderr, "Done testing print out\n\n");
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
* !defined(NO_FILESYSTEM) && !defined(DEBUG_WOLFSSL) */
return EXPECT_RESULT();
}
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
static int verify_cb(int ok, X509_STORE_CTX *ctx)
{
(void) ok;
(void) ctx;
fprintf(stderr, "ENTER verify_cb\n");
return SSL_SUCCESS;
}
#endif
static int test_wolfSSL_X509_Name_canon(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_SHA) && \
defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && !defined(NO_RSA)
const long ex_hash1 = 0x0fdb2da4;
const long ex_hash2 = 0x9f3e8c9e;
X509_NAME *name = NULL;
X509 *x509 = NULL;
XFILE file = XBADFILE;
unsigned long hash = 0;
byte digest[WC_MAX_DIGEST_SIZE] = {0};
byte *pbuf = NULL;
word32 len = 0;
(void) ex_hash2;
ExpectTrue((file = XFOPEN(caCertFile, "rb")) != XBADFILE);
ExpectNotNull(x509 = PEM_read_X509(file, NULL, NULL, NULL));
ExpectNotNull(name = X509_get_issuer_name(x509));
/* When output buffer is NULL, should return necessary output buffer
* length.*/
ExpectIntGT(wolfSSL_i2d_X509_NAME_canon(name, NULL), 0);
ExpectIntGT((len = (word32)wolfSSL_i2d_X509_NAME_canon(name, &pbuf)), 0);
ExpectIntEQ(wc_ShaHash((const byte*)pbuf, (word32)len, digest), 0);
hash = (((unsigned long)digest[3] << 24) |
((unsigned long)digest[2] << 16) |
((unsigned long)digest[1] << 8) |
((unsigned long)digest[0]));
ExpectIntEQ(hash, ex_hash1);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
X509_free(x509);
x509 = NULL;
XFREE(pbuf, NULL, DYNAMIC_TYPE_OPENSSL);
pbuf = NULL;
ExpectTrue((file = XFOPEN(cliCertFile, "rb")) != XBADFILE);
ExpectNotNull(x509 = PEM_read_X509(file, NULL, NULL, NULL));
ExpectNotNull(name = X509_get_issuer_name(x509));
ExpectIntGT((len = (word32)wolfSSL_i2d_X509_NAME_canon(name, &pbuf)), 0);
ExpectIntEQ(wc_ShaHash((const byte*)pbuf, (word32)len, digest), 0);
hash = (((unsigned long)digest[3] << 24) |
((unsigned long)digest[2] << 16) |
((unsigned long)digest[1] << 8) |
((unsigned long)digest[0]));
ExpectIntEQ(hash, ex_hash2);
if (file != XBADFILE)
XFCLOSE(file);
X509_free(x509);
XFREE(pbuf, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_LOOKUP_ctrl_hash_dir(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
const int MAX_DIR = 4;
const char paths[][32] = {
"./certs/ed25519",
"./certs/ecc",
"./certs/crl",
"./certs/",
};
char CertCrl_path[MAX_FILENAME_SZ];
char *p;
X509_STORE* str = NULL;
X509_LOOKUP* lookup = NULL;
WOLFSSL_STACK* sk = NULL;
int len, total_len, i;
(void)sk;
XMEMSET(CertCrl_path, 0, MAX_FILENAME_SZ);
/* illegal string */
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, "",
SSL_FILETYPE_PEM,NULL), 0);
/* free store */
X509_STORE_free(str);
str = NULL;
/* short folder string */
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, "./",
SSL_FILETYPE_PEM,NULL), 1);
#if defined(WOLFSSL_INT_H)
/* only available when including internal.h */
ExpectNotNull(sk = lookup->dirs->dir_entry);
#endif
/* free store */
X509_STORE_free(str);
str = NULL;
/* typical function check */
p = &CertCrl_path[0];
total_len = 0;
for (i = MAX_DIR - 1; i>=0 && total_len < MAX_FILENAME_SZ; i--) {
len = (int)XSTRLEN((const char*)&paths[i]);
total_len += len;
XSTRNCPY(p, paths[i], MAX_FILENAME_SZ - total_len);
p += len;
if (i != 0) *(p++) = SEPARATOR_CHAR;
}
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, CertCrl_path,
SSL_FILETYPE_PEM,NULL), 1);
#if defined(WOLFSSL_INT_H)
/* only available when including internal.h */
ExpectNotNull(sk = lookup->dirs->dir_entry);
#endif
X509_STORE_free(str);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_LOOKUP_ctrl_file(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
defined(WOLFSSL_SIGNER_DER_CERT)
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
X509_LOOKUP* lookup = NULL;
X509* cert1 = NULL;
X509* x509Ca = NULL;
X509* x509Svr = NULL;
X509* issuer = NULL;
WOLFSSL_STACK* sk = NULL;
X509_NAME* caName = NULL;
X509_NAME* issuerName = NULL;
XFILE file1 = XBADFILE;
int i;
int cert_count = 0;
int cmp;
char der[] = "certs/ca-cert.der";
#ifdef HAVE_CRL
char pem[][100] = {
"./certs/crl/crl.pem",
"./certs/crl/crl2.pem",
"./certs/crl/caEccCrl.pem",
"./certs/crl/eccCliCRL.pem",
"./certs/crl/eccSrvCRL.pem",
""
};
#endif
ExpectTrue((file1 = XFOPEN("./certs/ca-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
if (file1 != XBADFILE)
XFCLOSE(file1);
ExpectNotNull(ctx = X509_STORE_CTX_new());
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, caCertFile,
SSL_FILETYPE_PEM,NULL), 1);
ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(str->cm));
ExpectIntEQ((cert_count = sk_X509_num(sk)), 1);
/* check if CA cert is loaded into the store */
for (i = 0; i < cert_count; i++) {
x509Ca = sk_X509_value(sk, i);
ExpectIntEQ(0, wolfSSL_X509_cmp(x509Ca, cert1));
}
ExpectNotNull((x509Svr =
wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509Svr, NULL), SSL_SUCCESS);
ExpectNull(X509_STORE_CTX_get0_current_issuer(NULL));
issuer = X509_STORE_CTX_get0_current_issuer(ctx);
ExpectNotNull(issuer);
caName = X509_get_subject_name(x509Ca);
ExpectNotNull(caName);
issuerName = X509_get_subject_name(issuer);
ExpectNotNull(issuerName);
cmp = X509_NAME_cmp(caName, issuerName);
ExpectIntEQ(cmp, 0);
/* load der format */
X509_free(issuer);
issuer = NULL;
X509_STORE_CTX_free(ctx);
ctx = NULL;
X509_STORE_free(str);
str = NULL;
sk_X509_pop_free(sk, NULL);
sk = NULL;
X509_free(x509Svr);
x509Svr = NULL;
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, der,
SSL_FILETYPE_ASN1,NULL), 1);
ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(str->cm));
ExpectIntEQ((cert_count = sk_X509_num(sk)), 1);
/* check if CA cert is loaded into the store */
for (i = 0; i < cert_count; i++) {
x509Ca = sk_X509_value(sk, i);
ExpectIntEQ(0, wolfSSL_X509_cmp(x509Ca, cert1));
}
X509_STORE_free(str);
str = NULL;
sk_X509_pop_free(sk, NULL);
sk = NULL;
X509_free(cert1);
cert1 = NULL;
#ifdef HAVE_CRL
ExpectNotNull(str = wolfSSL_X509_STORE_new());
ExpectNotNull(lookup = X509_STORE_add_lookup(str, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, caCertFile,
SSL_FILETYPE_PEM,NULL), 1);
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD,
"certs/server-revoked-cert.pem",
SSL_FILETYPE_PEM,NULL), 1);
if (str) {
ExpectIntEQ(wolfSSL_CertManagerVerify(str->cm, svrCertFile,
WOLFSSL_FILETYPE_PEM), 1);
/* since store hasn't yet known the revoked cert*/
ExpectIntEQ(wolfSSL_CertManagerVerify(str->cm,
"certs/server-revoked-cert.pem",
WOLFSSL_FILETYPE_PEM), 1);
}
for (i = 0; pem[i][0] != '\0'; i++)
{
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, pem[i],
SSL_FILETYPE_PEM, NULL), 1);
}
if (str) {
/* since store knows crl list */
ExpectIntEQ(wolfSSL_CertManagerVerify(str->cm,
"certs/server-revoked-cert.pem",
WOLFSSL_FILETYPE_PEM ), CRL_CERT_REVOKED);
}
ExpectIntEQ(X509_LOOKUP_ctrl(NULL, 0, NULL, 0, NULL), 0);
X509_STORE_free(str);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
X509_STORE_CTX_cleanup(NULL);
X509_STORE_CTX_trusted_stack(NULL, NULL);
res = TEST_SUCCESS;
#endif
return res;
}
static int test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
X509* x509Ca = NULL;
X509* x509Svr = NULL;
X509* issuer = NULL;
X509_NAME* caName = NULL;
X509_NAME* issuerName = NULL;
ExpectNotNull(ctx = X509_STORE_CTX_new());
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull((x509Ca =
wolfSSL_X509_load_certificate_file(caCertFile, SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(str, x509Ca), SSL_SUCCESS);
ExpectNotNull((x509Svr =
wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509Svr, NULL), SSL_SUCCESS);
ExpectNull(X509_STORE_CTX_get0_current_issuer(NULL));
ExpectNotNull(issuer = X509_STORE_CTX_get0_current_issuer(ctx));
ExpectNotNull(caName = X509_get_subject_name(x509Ca));
ExpectNotNull(issuerName = X509_get_subject_name(issuer));
#ifdef WOLFSSL_SIGNER_DER_CERT
ExpectIntEQ(X509_NAME_cmp(caName, issuerName), 0);
#endif
X509_free(issuer);
X509_STORE_CTX_free(ctx);
X509_free(x509Svr);
X509_STORE_free(str);
X509_free(x509Ca);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS7_certs(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_BIO) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7)
STACK_OF(X509)* sk = NULL;
STACK_OF(X509_INFO)* info_sk = NULL;
PKCS7 *p7 = NULL;
BIO* bio = NULL;
const byte* p = NULL;
int buflen = 0;
int i;
/* Test twice. Once with d2i and once without to test
* that everything is free'd correctly. */
for (i = 0; i < 2; i++) {
ExpectNotNull(p7 = PKCS7_new());
if (p7 != NULL) {
p7->version = 1;
#ifdef NO_SHA
p7->hashOID = SHA256h;
#else
p7->hashOID = SHAh;
#endif
}
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0);
ExpectNotNull(info_sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
ExpectIntEQ(sk_X509_INFO_num(info_sk), 2);
ExpectNotNull(sk = sk_X509_new_null());
while (EXPECT_SUCCESS() && (sk_X509_INFO_num(info_sk) > 0)) {
X509_INFO* info = NULL;
ExpectNotNull(info = sk_X509_INFO_shift(info_sk));
ExpectIntEQ(sk_X509_push(sk, info->x509), 1);
if (EXPECT_SUCCESS() && (info != NULL)) {
info->x509 = NULL;
}
X509_INFO_free(info);
}
sk_X509_INFO_pop_free(info_sk, X509_INFO_free);
info_sk = NULL;
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(wolfSSL_PKCS7_encode_certs(p7, sk, bio), 1);
if ((sk != NULL) && ((p7 == NULL) || (bio == NULL))) {
sk_X509_pop_free(sk, X509_free);
}
sk = NULL;
ExpectIntGT((buflen = BIO_get_mem_data(bio, &p)), 0);
if (i == 0) {
PKCS7_free(p7);
p7 = NULL;
ExpectNotNull(d2i_PKCS7(&p7, &p, buflen));
if (p7 != NULL) {
/* Reset certs to force wolfSSL_PKCS7_to_stack to regenerate
* them */
((WOLFSSL_PKCS7*)p7)->certs = NULL;
}
/* PKCS7_free free's the certs */
ExpectNotNull(wolfSSL_PKCS7_to_stack(p7));
}
BIO_free(bio);
bio = NULL;
PKCS7_free(p7);
p7 = NULL;
}
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7) */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
X509* x509 = NULL;
#ifdef OPENSSL_ALL
X509* x5092 = NULL;
STACK_OF(X509) *sk = NULL;
STACK_OF(X509) *sk2 = NULL;
STACK_OF(X509) *sk3 = NULL;
#endif
ExpectNotNull(ctx = X509_STORE_CTX_new());
ExpectNotNull((str = wolfSSL_X509_STORE_new()));
ExpectNotNull((x509 =
wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(str, x509), SSL_SUCCESS);
#ifdef OPENSSL_ALL
/* sk_X509_new only in OPENSSL_ALL */
sk = sk_X509_new_null();
ExpectNotNull(sk);
ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509, sk), SSL_SUCCESS);
#else
ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x509, NULL), SSL_SUCCESS);
#endif
ExpectIntEQ(SSL_get_ex_data_X509_STORE_CTX_idx(), 0);
X509_STORE_CTX_set_error(ctx, -5);
X509_STORE_CTX_set_error(NULL, -5);
X509_STORE_CTX_free(ctx);
ctx = NULL;
#ifdef OPENSSL_ALL
sk_X509_pop_free(sk, NULL);
sk = NULL;
#endif
X509_STORE_free(str);
str = NULL;
X509_free(x509);
x509 = NULL;
ExpectNotNull(ctx = X509_STORE_CTX_new());
X509_STORE_CTX_set_verify_cb(ctx, verify_cb);
X509_STORE_CTX_free(ctx);
ctx = NULL;
#ifdef OPENSSL_ALL
/* test X509_STORE_CTX_get(1)_chain */
ExpectNotNull((x509 = X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM)));
ExpectNotNull((x5092 = X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM)));
ExpectNotNull((sk = sk_X509_new_null()));
ExpectIntEQ(sk_X509_push(sk, x509), 1);
if (EXPECT_FAIL()) {
X509_free(x509);
x509 = NULL;
}
ExpectNotNull((str = X509_STORE_new()));
ExpectNotNull((ctx = X509_STORE_CTX_new()));
ExpectIntEQ(X509_STORE_CTX_init(ctx, str, x5092, sk), 1);
ExpectNull((sk2 = X509_STORE_CTX_get_chain(NULL)));
ExpectNotNull((sk2 = X509_STORE_CTX_get_chain(ctx)));
ExpectIntEQ(sk_num(sk2), 1); /* sanity, make sure chain has 1 cert */
ExpectNull((sk3 = X509_STORE_CTX_get1_chain(NULL)));
ExpectNotNull((sk3 = X509_STORE_CTX_get1_chain(ctx)));
ExpectIntEQ(sk_num(sk3), 1); /* sanity, make sure chain has 1 cert */
X509_STORE_CTX_free(ctx);
ctx = NULL;
X509_STORE_free(str);
str = NULL;
/* CTX certs not freed yet */
X509_free(x5092);
x5092 = NULL;
sk_X509_pop_free(sk, NULL);
sk = NULL;
/* sk3 is dup so free here */
sk_X509_pop_free(sk3, NULL);
sk3 = NULL;
#endif
/* test X509_STORE_CTX_get/set_ex_data */
{
int i = 0, tmpData = 5;
void* tmpDataRet;
ExpectNotNull(ctx = X509_STORE_CTX_new());
#ifdef HAVE_EX_DATA
for (i = 0; i < MAX_EX_DATA; i++) {
ExpectIntEQ(X509_STORE_CTX_set_ex_data(ctx, i, &tmpData),
WOLFSSL_SUCCESS);
tmpDataRet = (int*)X509_STORE_CTX_get_ex_data(ctx, i);
ExpectNotNull(tmpDataRet);
ExpectIntEQ(tmpData, *(int*)tmpDataRet);
}
#else
ExpectIntEQ(X509_STORE_CTX_set_ex_data(ctx, i, &tmpData),
WOLFSSL_FAILURE);
tmpDataRet = (int*)X509_STORE_CTX_get_ex_data(ctx, i);
ExpectNull(tmpDataRet);
#endif
X509_STORE_CTX_free(ctx);
ctx = NULL;
}
/* test X509_STORE_get/set_ex_data */
{
int i = 0, tmpData = 99;
void* tmpDataRet;
ExpectNotNull(str = X509_STORE_new());
#ifdef HAVE_EX_DATA
for (i = 0; i < MAX_EX_DATA; i++) {
ExpectIntEQ(X509_STORE_set_ex_data(str, i, &tmpData),
WOLFSSL_SUCCESS);
tmpDataRet = (int*)X509_STORE_get_ex_data(str, i);
ExpectNotNull(tmpDataRet);
ExpectIntEQ(tmpData, *(int*)tmpDataRet);
}
#else
ExpectIntEQ(X509_STORE_set_ex_data(str, i, &tmpData),
WOLFSSL_FAILURE);
tmpDataRet = (int*)X509_STORE_get_ex_data(str, i);
ExpectNull(tmpDataRet);
#endif
X509_STORE_free(str);
str = NULL;
}
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
static int test_X509_STORE_untrusted_load_cert_to_stack(const char* filename,
STACK_OF(X509)* chain)
{
EXPECT_DECLS;
XFILE fp = XBADFILE;
X509* cert = NULL;
ExpectTrue((fp = XFOPEN(filename, "rb"))
!= XBADFILE);
ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(sk_X509_push(chain, cert), 1);
if (EXPECT_FAIL())
X509_free(cert);
return EXPECT_RESULT();
}
static int test_X509_STORE_untrusted_certs(const char** filenames, int ret,
int err, int loadCA)
{
EXPECT_DECLS;
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
XFILE fp = XBADFILE;
X509* cert = NULL;
STACK_OF(X509)* untrusted = NULL;
ExpectTrue((fp = XFOPEN("./certs/intermediate/server-int-cert.pem", "rb"))
!= XBADFILE);
ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectNotNull(str = X509_STORE_new());
ExpectNotNull(ctx = X509_STORE_CTX_new());
ExpectNotNull(untrusted = sk_X509_new_null());
ExpectIntEQ(X509_STORE_set_flags(str, 0), 1);
if (loadCA) {
ExpectIntEQ(X509_STORE_load_locations(str, "./certs/ca-cert.pem", NULL),
1);
}
for (; *filenames; filenames++) {
ExpectIntEQ(test_X509_STORE_untrusted_load_cert_to_stack(*filenames,
untrusted), TEST_SUCCESS);
}
ExpectIntEQ(X509_STORE_CTX_init(ctx, str, cert, untrusted), 1);
ExpectIntEQ(X509_verify_cert(ctx), ret);
ExpectIntEQ(X509_STORE_CTX_get_error(ctx), err);
X509_free(cert);
X509_STORE_free(str);
X509_STORE_CTX_free(ctx);
sk_X509_pop_free(untrusted, NULL);
return EXPECT_RESULT();
}
#endif
static int test_X509_STORE_untrusted(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
const char* untrusted1[] = {
"./certs/intermediate/ca-int2-cert.pem",
NULL
};
const char* untrusted2[] = {
"./certs/intermediate/ca-int-cert.pem",
"./certs/intermediate/ca-int2-cert.pem",
NULL
};
const char* untrusted3[] = {
"./certs/intermediate/ca-int-cert.pem",
"./certs/intermediate/ca-int2-cert.pem",
"./certs/ca-cert.pem",
NULL
};
/* Adding unrelated certs that should be ignored */
const char* untrusted4[] = {
"./certs/client-ca.pem",
"./certs/intermediate/ca-int-cert.pem",
"./certs/server-cert.pem",
"./certs/intermediate/ca-int2-cert.pem",
NULL
};
/* Only immediate issuer in untrusted chain. Fails since can't build chain
* to loaded CA. */
ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted1, 0,
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 1), TEST_SUCCESS);
/* Succeeds because path to loaded CA is available. */
ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted2, 1, 0, 1),
TEST_SUCCESS);
/* Fails because root CA is in the untrusted stack */
ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted3, 0,
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 0), TEST_SUCCESS);
/* Succeeds because path to loaded CA is available. */
ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted4, 1, 0, 1),
TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_set_flags(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509_STORE* store = NULL;
X509* x509 = NULL;
ExpectNotNull((store = wolfSSL_X509_STORE_new()));
ExpectNotNull((x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
WOLFSSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(store, x509), WOLFSSL_SUCCESS);
#ifdef HAVE_CRL
ExpectIntEQ(X509_STORE_set_flags(store, WOLFSSL_CRL_CHECKALL),
WOLFSSL_SUCCESS);
#else
ExpectIntEQ(X509_STORE_set_flags(store, WOLFSSL_CRL_CHECKALL),
NOT_COMPILED_IN);
#endif
wolfSSL_X509_free(x509);
wolfSSL_X509_STORE_free(store);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_LOOKUP_load_file(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
WOLFSSL_X509_STORE* store = NULL;
WOLFSSL_X509_LOOKUP* lookup = NULL;
ExpectNotNull(store = wolfSSL_X509_STORE_new());
ExpectNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()));
ExpectIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/client-ca.pem",
X509_FILETYPE_PEM), 1);
ExpectIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/crl/crl2.pem",
X509_FILETYPE_PEM), 1);
if (store != NULL) {
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, cliCertFile,
WOLFSSL_FILETYPE_PEM), 1);
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile,
WOLFSSL_FILETYPE_PEM), ASN_NO_SIGNER_E);
}
ExpectIntEQ(wolfSSL_X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem",
X509_FILETYPE_PEM), 1);
if (store != NULL) {
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile,
WOLFSSL_FILETYPE_PEM), 1);
}
wolfSSL_X509_STORE_free(store);
#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_CRL) &&
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX_set_time(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
WOLFSSL_X509_STORE_CTX* ctx = NULL;
time_t c_time;
ExpectNotNull(ctx = wolfSSL_X509_STORE_CTX_new());
c_time = 365*24*60*60;
wolfSSL_X509_STORE_CTX_set_time(ctx, 0, c_time);
ExpectTrue((ctx->param->flags & WOLFSSL_USE_CHECK_TIME) ==
WOLFSSL_USE_CHECK_TIME);
ExpectTrue(ctx->param->check_time == c_time);
wolfSSL_X509_STORE_CTX_free(ctx);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get0_set1_param(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL_CTX* ctx = NULL;
WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
WOLFSSL_X509_VERIFY_PARAM* pvpm = NULL;
char testIPv4[] = "127.0.0.1";
char testhostName[] = "foo.hoge.com";
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectNull(SSL_CTX_get0_param(NULL));
ExpectNotNull(pParam = SSL_CTX_get0_param(ctx));
ExpectNotNull(pvpm = (WOLFSSL_X509_VERIFY_PARAM *)XMALLOC(
sizeof(WOLFSSL_X509_VERIFY_PARAM), NULL, DYNAMIC_TYPE_OPENSSL));
ExpectNotNull(XMEMSET(pvpm, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM)));
ExpectIntEQ(wolfSSL_X509_VERIFY_PARAM_set1_host(pvpm, testhostName,
(int)XSTRLEN(testhostName)), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_VERIFY_PARAM_set1_ip_asc(pvpm, testIPv4),
WOLFSSL_SUCCESS);
wolfSSL_X509_VERIFY_PARAM_set_hostflags(pvpm, 0x01);
ExpectIntEQ(SSL_CTX_set1_param(ctx, pvpm), 1);
ExpectIntEQ(0, XSTRNCMP(pParam->hostName, testhostName,
(int)XSTRLEN(testhostName)));
ExpectIntEQ(0x01, pParam->hostFlags);
ExpectIntEQ(0, XSTRNCMP(pParam->ipasc, testIPv4, WOLFSSL_MAX_IPSTR));
/* test for incorrect parameter */
ExpectIntEQ(1,SSL_CTX_set1_param(ctx, NULL));
ExpectIntEQ(1,SSL_CTX_set1_param(NULL, pvpm));
ExpectIntEQ(1,SSL_CTX_set1_param(NULL, NULL));
SSL_CTX_free(ctx);
XFREE(pvpm, NULL, DYNAMIC_TYPE_OPENSSL);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/
return EXPECT_RESULT();
}
static int test_wolfSSL_get0_param(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectNotNull(SSL_get0_param(ssl));
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
const char host[] = "www.example.com";
WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
ExpectNotNull(pParam = (WOLFSSL_X509_VERIFY_PARAM*)XMALLOC(
sizeof(WOLFSSL_X509_VERIFY_PARAM), HEAP_HINT, DYNAMIC_TYPE_OPENSSL));
if (pParam != NULL) {
XMEMSET(pParam, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM));
X509_VERIFY_PARAM_set1_host(pParam, host, sizeof(host));
ExpectIntEQ(XMEMCMP(pParam->hostName, host, sizeof(host)), 0);
XMEMSET(pParam, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM));
ExpectIntNE(XMEMCMP(pParam->hostName, host, sizeof(host)), 0);
XFREE(pParam, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
}
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_set1_host(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
const char host[] = "www.test_wolfSSL_set1_host.com";
const char emptyStr[] = "";
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
pParam = SSL_get0_param(ssl);
/* we should get back host string */
ExpectIntEQ(SSL_set1_host(ssl, host), WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(pParam->hostName, host, sizeof(host)), 0);
/* we should get back empty string */
ExpectIntEQ(SSL_set1_host(ssl, emptyStr), WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(pParam->hostName, emptyStr, sizeof(emptyStr)), 0);
/* we should get back host string */
ExpectIntEQ(SSL_set1_host(ssl, host), WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(pParam->hostName, host, sizeof(host)), 0);
/* we should get back empty string */
ExpectIntEQ(SSL_set1_host(ssl, NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(pParam->hostName, emptyStr, sizeof(emptyStr)), 0);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_VERIFY_PARAM_set1_ip(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
unsigned char buf[16] = {0};
WOLFSSL_X509_VERIFY_PARAM* param = NULL;
ExpectNotNull(param = X509_VERIFY_PARAM_new());
/* test 127.0.0.1 */
buf[0] =0x7f; buf[1] = 0; buf[2] = 0; buf[3] = 1;
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 4), SSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(param->ipasc, "127.0.0.1", sizeof(param->ipasc)), 0);
/* test 2001:db8:3333:4444:5555:6666:7777:8888 */
buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184;
buf[4]=51;buf[5]=51;buf[6]=68;buf[7]=68;
buf[8]=85;buf[9]=85;buf[10]=102;buf[11]=102;
buf[12]=119;buf[13]=119;buf[14]=136;buf[15]=136;
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(param->ipasc,
"2001:db8:3333:4444:5555:6666:7777:8888", sizeof(param->ipasc)), 0);
/* test 2001:db8:: */
buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184;
buf[4]=0;buf[5]=0;buf[6]=0;buf[7]=0;
buf[8]=0;buf[9]=0;buf[10]=0;buf[11]=0;
buf[12]=0;buf[13]=0;buf[14]=0;buf[15]=0;
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8::", sizeof(param->ipasc)), 0);
/* test ::1234:5678 */
buf[0]=0;buf[1]=0;buf[2]=0;buf[3]=0;
buf[4]=0;buf[5]=0;buf[6]=0;buf[7]=0;
buf[8]=0;buf[9]=0;buf[10]=0;buf[11]=0;
buf[12]=18;buf[13]=52;buf[14]=86;buf[15]=120;
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(param->ipasc, "::1234:5678", sizeof(param->ipasc)), 0);
/* test 2001:db8::1234:5678 */
buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184;
buf[4]=0;buf[5]=0;buf[6]=0;buf[7]=0;
buf[8]=0;buf[9]=0;buf[10]=0;buf[11]=0;
buf[12]=18;buf[13]=52;buf[14]=86;buf[15]=120;
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8::1234:5678",
sizeof(param->ipasc)), 0);
/* test 2001:0db8:0001:0000:0000:0ab9:c0a8:0102*/
/* 2001:db8:1::ab9:c0a8:102 */
buf[0]=32;buf[1]=1;buf[2]=13;buf[3]=184;
buf[4]=0;buf[5]=1;buf[6]=0;buf[7]=0;
buf[8]=0;buf[9]=0;buf[10]=10;buf[11]=185;
buf[12]=192;buf[13]=168;buf[14]=1;buf[15]=2;
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip(param, &buf[0], 16), SSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(param->ipasc, "2001:db8:1::ab9:c0a8:102",
sizeof(param->ipasc)), 0);
XFREE(param, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX_get0_store(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
X509_STORE* store = NULL;
X509_STORE_CTX* ctx = NULL;
X509_STORE_CTX* ctx_no_init = NULL;
ExpectNotNull((store = X509_STORE_new()));
ExpectNotNull(ctx = X509_STORE_CTX_new());
ExpectNotNull(ctx_no_init = X509_STORE_CTX_new());
ExpectIntEQ(X509_STORE_CTX_init(ctx, store, NULL, NULL), SSL_SUCCESS);
ExpectNull(X509_STORE_CTX_get0_store(NULL));
/* should return NULL if ctx has not bee initialized */
ExpectNull(X509_STORE_CTX_get0_store(ctx_no_init));
ExpectNotNull(X509_STORE_CTX_get0_store(ctx));
wolfSSL_X509_STORE_CTX_free(ctx);
wolfSSL_X509_STORE_CTX_free(ctx_no_init);
X509_STORE_free(store);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_client_CA_list(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
X509_NAME* name = NULL;
STACK_OF(X509_NAME)* names = NULL;
STACK_OF(X509_NAME)* ca_list = NULL;
int names_len = 0;
int i;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
/* Send two X501 names in cert request */
names = SSL_load_client_CA_file(cliCertFile);
ExpectNotNull(names);
ca_list = SSL_load_client_CA_file(caCertFile);
ExpectNotNull(ca_list);
ExpectNotNull(name = sk_X509_NAME_value(ca_list, 0));
ExpectIntEQ(sk_X509_NAME_push(names, name), 1);
if (EXPECT_FAIL()) {
wolfSSL_X509_NAME_free(name);
name = NULL;
}
SSL_CTX_set_client_CA_list(ctx, names);
/* This should only free the stack structure */
sk_X509_NAME_free(ca_list);
ca_list = NULL;
ExpectNotNull(ca_list = SSL_CTX_get_client_CA_list(ctx));
ExpectIntEQ(sk_X509_NAME_num(ca_list), sk_X509_NAME_num(names));
ExpectIntGT((names_len = sk_X509_NAME_num(names)), 0);
for (i = 0; i < names_len; i++) {
ExpectNotNull(name = sk_X509_NAME_value(names, i));
ExpectIntEQ(sk_X509_NAME_find(names, name), i);
}
/* Needed to be able to create ssl object */
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* load again as old names are responsibility of ctx to free*/
names = SSL_load_client_CA_file(cliCertFile);
ExpectNotNull(names);
SSL_set_client_CA_list(ssl, names);
ExpectNotNull(ca_list = SSL_get_client_CA_list(ssl));
ExpectIntEQ(sk_X509_NAME_num(ca_list), sk_X509_NAME_num(names));
ExpectIntGT((names_len = sk_X509_NAME_num(names)), 0);
for (i = 0; i < names_len; i++) {
ExpectNotNull(name = sk_X509_NAME_value(names, i));
ExpectIntEQ(sk_X509_NAME_find(names, name), i);
}
#if !defined(SINGLE_THREADED) && defined(SESSION_CERTS)
{
tcp_ready ready;
func_args server_args;
callback_functions server_cb;
THREAD_TYPE serverThread;
WOLFSSL* ssl_client = NULL;
WOLFSSL_CTX* ctx_client = NULL;
SOCKET_T sockfd = 0;
/* wolfSSL_get_client_CA_list() with handshake */
StartTCP();
InitTcpReady(&ready);
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
server_args.signal = &ready;
server_args.callbacks = &server_cb;
/* we are responsible for free'ing WOLFSSL_CTX */
server_cb.ctx = ctx;
server_cb.isSharedCtx = 1;
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
cliCertFile, 0));
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
ExpectNotNull(ctx_client =
wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(
ctx_client, caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(
ctx_client, cliCertFile, SSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(
ctx_client, cliKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl_client = wolfSSL_new(ctx_client));
ExpectIntEQ(wolfSSL_set_fd(ssl_client, sockfd), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_connect(ssl_client), WOLFSSL_SUCCESS);
ExpectNotNull(ca_list = SSL_get_client_CA_list(ssl_client));
/* We are expecting two cert names to be sent */
ExpectIntEQ(sk_X509_NAME_num(ca_list), 2);
ExpectNotNull(names = SSL_CTX_get_client_CA_list(ctx));
for (i=0; i<sk_X509_NAME_num(ca_list); i++) {
ExpectNotNull(name = sk_X509_NAME_value(ca_list, i));
ExpectIntGE(sk_X509_NAME_find(names, name), 0);
}
wolfSSL_shutdown(ssl_client);
wolfSSL_free(ssl_client);
wolfSSL_CTX_free(ctx_client);
CloseSocket(sockfd);
join_thread(serverThread);
FreeTcpReady(&ready);
}
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT &&
* !NO_BIO */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_client_CA(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509* x509_a = NULL;
STACK_OF(X509_NAME)* ca_list = NULL;
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
/* Add client cert */
ExpectNotNull(x509 = X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(SSL_CTX_add_client_CA(ctx, x509), SSL_SUCCESS);
ExpectNotNull(ca_list = SSL_CTX_get_client_CA_list(ctx));
/* Add another client cert */
ExpectNotNull(x509_a = X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(SSL_CTX_add_client_CA(ctx, x509_a), SSL_SUCCESS);
/* test for incorrect parameter */
ExpectIntEQ(SSL_CTX_add_client_CA(NULL, x509), 0);
ExpectIntEQ(SSL_CTX_add_client_CA(ctx, NULL), 0);
ExpectIntEQ(SSL_CTX_add_client_CA(NULL, NULL), 0);
X509_free(x509);
X509_free(x509_a);
SSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
{
callback_functions* callbacks = ((func_args*)args)->callbacks;
WOLFSSL_CTX* ctx = callbacks->ctx;
WOLFSSL* ssl = NULL;
SOCKET_T sfd = 0;
SOCKET_T cfd = 0;
word16 port;
char input[1024];
int idx;
int ret, err = 0;
const char* privateName = "ech-private-name.com";
int privateNameLen = (int)XSTRLEN(privateName);
((func_args*)args)->return_code = TEST_FAIL;
port = ((func_args*)args)->signal->port;
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_load_verify_locations(ctx, cliCertFile, 0));
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
ssl = wolfSSL_new(ctx);
/* set the sni for the server */
wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, privateName, privateNameLen);
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, NULL, NULL);
CloseSocket(sfd);
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
do {
err = 0; /* Reset error */
ret = wolfSSL_accept(ssl);
if (ret != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
}
else {
if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
input[idx] = 0;
fprintf(stderr, "Client message: %s\n", input);
}
AssertIntEQ(privateNameLen, wolfSSL_write(ssl, privateName,
privateNameLen));
((func_args*)args)->return_code = TEST_SUCCESS;
}
if (callbacks->on_result)
callbacks->on_result(ssl);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(cfd);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* HAVE_ECH && WOLFSSL_TLS13 */
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
static void keyLog_callback(const WOLFSSL* ssl, const char* line )
{
AssertNotNull(ssl);
AssertNotNull(line);
XFILE fp;
const byte lf = '\n';
fp = XFOPEN("./MyKeyLog.txt", "a");
XFWRITE( line, 1, strlen(line),fp);
XFWRITE( (void*)&lf,1,1,fp);
XFFLUSH(fp);
XFCLOSE(fp);
}
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
static int test_wolfSSL_CTX_set_keylog_callback(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \
!defined(NO_WOLFSSL_CLIENT)
SSL_CTX* ctx = NULL;
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
SSL_CTX_set_keylog_callback(ctx, keyLog_callback );
SSL_CTX_free(ctx);
SSL_CTX_set_keylog_callback(NULL, NULL);
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get_keylog_callback(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \
!defined(NO_WOLFSSL_CLIENT)
SSL_CTX* ctx = NULL;
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),NULL);
SSL_CTX_set_keylog_callback(ctx, keyLog_callback );
ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),keyLog_callback);
SSL_CTX_set_keylog_callback(ctx, NULL );
ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),NULL);
SSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
static int test_wolfSSL_Tls12_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx)
{
/* set keylog callback */
wolfSSL_CTX_set_keylog_callback(ctx, keyLog_callback);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_Tls12_Key_Logging_test(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
/* This test is intended for checking whether keylog callback is called
* in client during TLS handshake between the client and a server.
*/
test_ssl_cbf server_cbf;
test_ssl_cbf client_cbf;
XFILE fp = XBADFILE;
XMEMSET(&server_cbf, 0, sizeof(test_ssl_cbf));
XMEMSET(&client_cbf, 0, sizeof(test_ssl_cbf));
server_cbf.method = wolfTLSv1_2_server_method;
client_cbf.ctx_ready = &test_wolfSSL_Tls12_Key_Logging_client_ctx_ready;
/* clean up keylog file */
ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "w")) != XBADFILE);
if (fp != XBADFILE) {
XFFLUSH(fp);
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
XSLEEP_MS(100);
/* check if the keylog file exists */
char buff[300] = {0};
int found = 0;
ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "r")) != XBADFILE);
XFFLUSH(fp); /* Just to make sure any buffers get flushed */
while (EXPECT_SUCCESS() && XFGETS(buff, (int)sizeof(buff), fp) != NULL) {
if (0 == strncmp(buff,"CLIENT_RANDOM ", sizeof("CLIENT_RANDOM ")-1)) {
found = 1;
break;
}
}
if (fp != XBADFILE) {
XFCLOSE(fp);
}
/* a log starting with "CLIENT_RANDOM " should exit in the file */
ExpectIntEQ(found, 1);
/* clean up */
ExpectIntEQ(rem_file("./MyKeyLog.txt"), 0);
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
return EXPECT_RESULT();
}
#if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
defined(HAVE_SECRET_CALLBACK)
static int test_wolfSSL_Tls13_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx)
{
/* set keylog callback */
wolfSSL_CTX_set_keylog_callback(ctx, keyLog_callback);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_Tls13_Key_Logging_test(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
defined(HAVE_SECRET_CALLBACK)
/* This test is intended for checking whether keylog callback is called
* in client during TLS handshake between the client and a server.
*/
test_ssl_cbf server_cbf;
test_ssl_cbf client_cbf;
XFILE fp = XBADFILE;
XMEMSET(&server_cbf, 0, sizeof(test_ssl_cbf));
XMEMSET(&client_cbf, 0, sizeof(test_ssl_cbf));
server_cbf.method = wolfTLSv1_3_server_method; /* TLS1.3 */
client_cbf.ctx_ready = &test_wolfSSL_Tls13_Key_Logging_client_ctx_ready;
/* clean up keylog file */
ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "w")) != XBADFILE);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
/* check if the keylog file exists */
{
char buff[300] = {0};
int found[4] = {0};
int numfnd = 0;
int i;
ExpectTrue((fp = XFOPEN("./MyKeyLog.txt", "r")) != XBADFILE);
while (EXPECT_SUCCESS() &&
XFGETS(buff, (int)sizeof(buff), fp) != NULL) {
if (0 == strncmp(buff, "CLIENT_HANDSHAKE_TRAFFIC_SECRET ",
sizeof("CLIENT_HANDSHAKE_TRAFFIC_SECRET ")-1)) {
found[0] = 1;
continue;
}
else if (0 == strncmp(buff, "SERVER_HANDSHAKE_TRAFFIC_SECRET ",
sizeof("SERVER_HANDSHAKE_TRAFFIC_SECRET ")-1)) {
found[1] = 1;
continue;
}
else if (0 == strncmp(buff, "CLIENT_TRAFFIC_SECRET_0 ",
sizeof("CLIENT_TRAFFIC_SECRET_0 ")-1)) {
found[2] = 1;
continue;
}
else if (0 == strncmp(buff, "SERVER_TRAFFIC_SECRET_0 ",
sizeof("SERVER_TRAFFIC_SECRET_0 ")-1)) {
found[3] = 1;
continue;
}
}
if (fp != XBADFILE)
XFCLOSE(fp);
for (i = 0; i < 4; i++) {
if (found[i] != 0)
numfnd++;
}
ExpectIntEQ(numfnd, 4);
}
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && WOLFSSL_TLS13 */
return EXPECT_RESULT();
}
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
static int test_wolfSSL_Tls13_ECH_params(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_CLIENT)
word32 outputLen = 0;
byte testBuf[72];
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* invalid ctx */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(NULL,
"ech-public-name.com", 0, 0, 0));
/* invalid public name */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(ctx, NULL, 0,
0, 0));
/* invalid algorithms */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(ctx,
"ech-public-name.com", 1000, 1000, 1000));
/* invalid ctx */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GetEchConfigs(NULL, NULL,
&outputLen));
/* invalid output len */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_GetEchConfigs(ctx, NULL, NULL));
/* invalid ssl */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigsBase64(NULL,
(char*)testBuf, sizeof(testBuf)));
/* invalid configs64 */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigsBase64(ssl, NULL,
sizeof(testBuf)));
/* invalid size */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigsBase64(ssl,
(char*)testBuf, 0));
/* invalid ssl */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(NULL, testBuf,
sizeof(testBuf)));
/* invalid configs */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(ssl, NULL,
sizeof(testBuf)));
/* invalid size */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(ssl, testBuf, 0));
/* invalid ssl */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_GetEchConfigs(NULL, NULL, &outputLen));
/* invalid size */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_GetEchConfigs(ssl, NULL, NULL));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
static int test_wolfSSL_Tls13_ECH(void)
{
EXPECT_DECLS;
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
callback_functions server_cbf;
callback_functions client_cbf;
SOCKET_T sockfd = 0;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* publicName = "ech-public-name.com";
const char* privateName = "ech-private-name.com";
int privateNameLen = 20;
char reply[1024];
int replyLen = 0;
byte rawEchConfig[128];
word32 rawEchConfigLen = sizeof(rawEchConfig);
InitTcpReady(&ready);
ready.port = 22222;
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
server_cbf.method = wolfTLSv1_3_server_method; /* TLS1.3 */
/* create the server context here so we can get the ech config */
ExpectNotNull(server_cbf.ctx =
wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
/* generate ech config */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_GenerateEchConfig(server_cbf.ctx,
publicName, 0, 0, 0));
/* get the config for the client to use */
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_GetEchConfigs(server_cbf.ctx, rawEchConfig,
&rawEchConfigLen));
server_args.callbacks = &server_cbf;
server_args.signal = &ready;
/* start server task */
start_thread(server_task_ech, &server_args, &serverThread);
wait_tcp_ready(&server_args);
/* run as a TLS1.3 client */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
/* get connected the server task */
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* set the ech configs for the client */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetEchConfigs(ssl, rawEchConfig,
rawEchConfigLen));
/* set the sni for the client */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME,
privateName, privateNameLen));
ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_write(ssl, privateName, privateNameLen),
privateNameLen);
ExpectIntGT((replyLen = wolfSSL_read(ssl, reply, sizeof(reply))), 0);
/* add th null terminator for string compare */
reply[replyLen] = 0;
/* check that the server replied with the private name */
ExpectStrEQ(privateName, reply);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(sockfd);
join_thread(serverThread);
FreeTcpReady(&ready);
return EXPECT_RESULT();
}
#endif /* HAVE_ECH && WOLFSSL_TLS13 */
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
static int post_auth_version_cb(WOLFSSL* ssl)
{
EXPECT_DECLS;
/* do handshake and then test version error */
ExpectIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
ExpectStrEQ("TLSv1.2", wolfSSL_get_version(ssl));
return EXPECT_RESULT();
}
static int post_auth_version_client_cb(WOLFSSL* ssl)
{
EXPECT_DECLS;
/* do handshake and then test version error */
ExpectIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS);
ExpectStrEQ("TLSv1.2", wolfSSL_get_version(ssl));
ExpectIntEQ(wolfSSL_verify_client_post_handshake(ssl), WOLFSSL_FAILURE);
#if defined(OPENSSL_ALL) && !defined(NO_ERROR_QUEUE)
/* check was added to error queue */
ExpectIntEQ(wolfSSL_ERR_get_error(), -UNSUPPORTED_PROTO_VERSION);
/* check the string matches expected string */
ExpectStrEQ(wolfSSL_ERR_error_string(-UNSUPPORTED_PROTO_VERSION, NULL),
"WRONG_SSL_VERSION");
#endif
return EXPECT_RESULT();
}
static int post_auth_cb(WOLFSSL* ssl)
{
EXPECT_DECLS;
WOLFSSL_X509* x509 = NULL;
/* do handshake and then test version error */
ExpectIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
ExpectStrEQ("TLSv1.3", wolfSSL_get_version(ssl));
ExpectNull(x509 = wolfSSL_get_peer_certificate(ssl));
wolfSSL_X509_free(x509);
ExpectIntEQ(wolfSSL_verify_client_post_handshake(ssl), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int set_post_auth_cb(WOLFSSL* ssl)
{
if (!wolfSSL_is_server(ssl)) {
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_allow_post_handshake_auth(ssl), 0);
return EXPECT_RESULT();
}
wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_Tls13_postauth(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
test_ssl_cbf server_cbf;
test_ssl_cbf client_cbf;
/* test version failure doing post auth with TLS 1.2 connection */
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
server_cbf.method = wolfTLSv1_2_server_method;
server_cbf.ssl_ready = set_post_auth_cb;
server_cbf.on_result = post_auth_version_cb;
client_cbf.ssl_ready = set_post_auth_cb;
client_cbf.on_result = post_auth_version_client_cb;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
/* tests on post auth with TLS 1.3 */
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
server_cbf.method = wolfTLSv1_3_server_method;
server_cbf.ssl_ready = set_post_auth_cb;
client_cbf.ssl_ready = set_post_auth_cb;
server_cbf.on_result = post_auth_cb;
client_cbf.on_result = NULL;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NID(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
int sigType;
int nameSz;
X509* cert = NULL;
EVP_PKEY* pubKeyTmp = NULL;
X509_NAME* name = NULL;
char commonName[80];
char countryName[80];
char localityName[80];
char stateName[80];
char orgName[80];
char orgUnit[80];
/* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */
/* convert cert from DER to internal WOLFSSL_X509 struct */
ExpectNotNull(cert = wolfSSL_X509_d2i_ex(&cert, client_cert_der_2048,
sizeof_client_cert_der_2048, HEAP_HINT));
/* ------ EXTRACT CERTIFICATE ELEMENTS ------ */
/* extract PUBLIC KEY from cert */
ExpectNotNull(pubKeyTmp = X509_get_pubkey(cert));
/* extract signatureType */
ExpectIntNE((sigType = wolfSSL_X509_get_signature_type(cert)), 0);
/* extract subjectName info */
ExpectNotNull(name = X509_get_subject_name(cert));
ExpectIntEQ(X509_NAME_get_text_by_NID(name, -1, NULL, 0), -1);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_commonName,
NULL, 0)), 0);
ExpectIntEQ(nameSz, 15);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_commonName,
commonName, sizeof(commonName))), 0);
ExpectIntEQ(nameSz, 15);
ExpectIntEQ(XMEMCMP(commonName, "www.wolfssl.com", nameSz), 0);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_commonName,
commonName, 9)), 0);
ExpectIntEQ(nameSz, 8);
ExpectIntEQ(XMEMCMP(commonName, "www.wolf", nameSz), 0);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_countryName,
countryName, sizeof(countryName))), 0);
ExpectIntEQ(XMEMCMP(countryName, "US", nameSz), 0);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_localityName,
localityName, sizeof(localityName))), 0);
ExpectIntEQ(XMEMCMP(localityName, "Bozeman", nameSz), 0);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name,
NID_stateOrProvinceName, stateName, sizeof(stateName))), 0);
ExpectIntEQ(XMEMCMP(stateName, "Montana", nameSz), 0);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name, NID_organizationName,
orgName, sizeof(orgName))), 0);
ExpectIntEQ(XMEMCMP(orgName, "wolfSSL_2048", nameSz), 0);
ExpectIntGT((nameSz = X509_NAME_get_text_by_NID(name,
NID_organizationalUnitName, orgUnit, sizeof(orgUnit))), 0);
ExpectIntEQ(XMEMCMP(orgUnit, "Programming-2048", nameSz), 0);
EVP_PKEY_free(pubKeyTmp);
X509_free(cert);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_srp_username(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char *username = "TESTUSER";
const char *password = "TESTPASSWORD";
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(wolfSSL_CTX_set_srp_username(ctx, (char *)username),
SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password),
SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_srp_username(ctx, (char *)username),
SSL_SUCCESS);
ExpectNotNull(ssl = SSL_new(ctx));
ExpectNotNull(SSL_get_srp_username(ssl));
ExpectStrEQ(SSL_get_srp_username(ssl), username);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
/* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_srp_password(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \
!defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX* ctx = NULL;
const char *username = "TESTUSER";
const char *password = "TESTPASSWORD";
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password),
SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(wolfSSL_CTX_set_srp_username(ctx, (char *)username),
SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password),
SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
/* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
X509_STORE *store = NULL;
#ifdef HAVE_CRL
X509_STORE_CTX *storeCtx = NULL;
X509 *ca = NULL;
X509 *cert = NULL;
const char srvCert[] = "./certs/server-revoked-cert.pem";
const char caCert[] = "./certs/ca-cert.pem";
#ifndef WOLFSSL_CRL_ALLOW_MISSING_CDP
X509_CRL *crl = NULL;
const char crlPem[] = "./certs/crl/crl.revoked";
XFILE fp = XBADFILE;
#endif /* !WOLFSSL_CRL_ALLOW_MISSING_CDP */
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
SSL_FILETYPE_PEM)));
ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
ExpectIntEQ(X509_verify_cert(storeCtx), SSL_SUCCESS);
X509_STORE_free(store);
store = NULL;
X509_STORE_CTX_free(storeCtx);
storeCtx = NULL;
X509_free(cert);
cert = NULL;
X509_free(ca);
ca = NULL;
#ifndef WOLFSSL_CRL_ALLOW_MISSING_CDP
/* should fail to verify now after adding in CRL */
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
ExpectTrue((fp = XFOPEN(crlPem, "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),SSL_SUCCESS);
ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
ExpectIntNE(X509_verify_cert(storeCtx), SSL_SUCCESS);
ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx),
WOLFSSL_X509_V_ERR_CERT_REVOKED);
X509_CRL_free(crl);
crl = NULL;
X509_STORE_free(store);
store = NULL;
X509_STORE_CTX_free(storeCtx);
storeCtx = NULL;
X509_free(cert);
cert = NULL;
X509_free(ca);
ca = NULL;
#endif /* !WOLFSSL_CRL_ALLOW_MISSING_CDP */
#endif /* HAVE_CRL */
#ifndef WOLFCRYPT_ONLY
{
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
int i;
for (i = 0; i < 2; i++) {
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
SSL_CTX_set_cert_store(ctx, store);
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
SSL_CTX_set_cert_store(ctx, store);
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
ExpectIntEQ(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM), SSL_SUCCESS);
ExpectIntEQ(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
SSL_FILETYPE_PEM), SSL_SUCCESS);
ExpectNotNull(ssl = SSL_new(ctx));
if (i == 0) {
ExpectIntEQ(SSL_set0_verify_cert_store(ssl, store),
SSL_SUCCESS);
}
else {
ExpectIntEQ(SSL_set1_verify_cert_store(ssl, store), SSL_SUCCESS);
#ifdef OPENSSL_ALL
ExpectIntEQ(SSL_CTX_set1_verify_cert_store(ctx, store), SSL_SUCCESS);
#endif
}
if (EXPECT_FAIL() || (i == 1)) {
X509_STORE_free(store);
store = NULL;
}
SSL_free(ssl);
ssl = NULL;
SSL_CTX_free(ctx);
ctx = NULL;
}
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_load_locations(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA)
SSL_CTX *ctx = NULL;
X509_STORE *store = NULL;
const char ca_file[] = "./certs/ca-cert.pem";
const char client_pem_file[] = "./certs/client-cert.pem";
const char client_der_file[] = "./certs/client-cert.der";
const char ecc_file[] = "./certs/ecc-key.pem";
const char certs_path[] = "./certs/";
const char bad_path[] = "./bad-path/";
#ifdef HAVE_CRL
const char crl_path[] = "./certs/crl/";
const char crl_file[] = "./certs/crl/crl.pem";
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_client_method()));
#endif
ExpectNotNull(store = SSL_CTX_get_cert_store(ctx));
ExpectIntEQ(wolfSSL_CertManagerLoadCA(store->cm, ca_file, NULL),
WOLFSSL_SUCCESS);
/* Test bad arguments */
ExpectIntEQ(X509_STORE_load_locations(NULL, ca_file, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(X509_STORE_load_locations(store, NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_STORE_load_locations(store, client_der_file, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(X509_STORE_load_locations(store, ecc_file, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(X509_STORE_load_locations(store, NULL, bad_path),
WOLFSSL_FAILURE);
#ifdef HAVE_CRL
/* Test with CRL */
ExpectIntEQ(X509_STORE_load_locations(store, crl_file, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_STORE_load_locations(store, NULL, crl_path),
WOLFSSL_SUCCESS);
#endif
/* Test with CA */
ExpectIntEQ(X509_STORE_load_locations(store, ca_file, NULL),
WOLFSSL_SUCCESS);
/* Test with client_cert and certs path */
ExpectIntEQ(X509_STORE_load_locations(store, client_pem_file, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_STORE_load_locations(store, NULL, certs_path),
WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
/* Clear nodes */
ERR_clear_error();
#endif
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_X509_STORE_get0_objects(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
!defined(NO_WOLFSSL_DIR) && !defined(NO_RSA)
X509_STORE *store = NULL;
X509_STORE *store_cpy = NULL;
SSL_CTX *ctx = NULL;
X509_OBJECT *obj = NULL;
STACK_OF(X509_OBJECT) *objs = NULL;
int i;
/* Setup store */
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_client_method()));
#endif
ExpectNotNull(store_cpy = X509_STORE_new());
ExpectNotNull(store = SSL_CTX_get_cert_store(ctx));
ExpectIntEQ(X509_STORE_load_locations(store, cliCertFile, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_STORE_load_locations(store, caCertFile, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_STORE_load_locations(store, svrCertFile, NULL),
WOLFSSL_SUCCESS);
#ifdef HAVE_CRL
ExpectIntEQ(X509_STORE_load_locations(store, NULL, crlPemDir),
WOLFSSL_SUCCESS);
#endif
/* Store ready */
/* Similar to HaProxy ssl_set_cert_crl_file use case */
ExpectNotNull(objs = X509_STORE_get0_objects(store));
#ifdef HAVE_CRL
#ifdef WOLFSSL_SIGNER_DER_CERT
ExpectIntEQ(sk_X509_OBJECT_num(objs), 4);
#else
ExpectIntEQ(sk_X509_OBJECT_num(objs), 1);
#endif
#else
#ifdef WOLFSSL_SIGNER_DER_CERT
ExpectIntEQ(sk_X509_OBJECT_num(objs), 3);
#else
ExpectIntEQ(sk_X509_OBJECT_num(objs), 0);
#endif
#endif
for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
obj = (X509_OBJECT*)sk_X509_OBJECT_value(objs, i);
switch (X509_OBJECT_get_type(obj)) {
case X509_LU_X509:
{
WOLFSSL_X509* x509;
ExpectNotNull(x509 = X509_OBJECT_get0_X509(obj));
ExpectIntEQ(X509_STORE_add_cert(store_cpy, x509), WOLFSSL_SUCCESS);
break;
}
case X509_LU_CRL:
#ifdef HAVE_CRL
{
WOLFSSL_CRL* crl = NULL;
ExpectNotNull(crl = X509_OBJECT_get0_X509_CRL(obj));
ExpectIntEQ(X509_STORE_add_crl(store_cpy, crl), WOLFSSL_SUCCESS);
break;
}
#endif
case X509_LU_NONE:
default:
Fail(("X509_OBJECT_get_type should return x509 or crl "
"(when built with crl support)"),
("Unrecognized X509_OBJECT type or none"));
}
}
X509_STORE_free(store_cpy);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_CTX(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
WOLFSSL_BN_CTX* bn_ctx = NULL;
WOLFSSL_BIGNUM* t = NULL;
ExpectNotNull(bn_ctx = wolfSSL_BN_CTX_new());
/* No implementation. */
BN_CTX_init(NULL);
ExpectNotNull(t = BN_CTX_get(NULL));
BN_free(t);
ExpectNotNull(t = BN_CTX_get(bn_ctx));
BN_free(t);
#ifndef NO_WOLFSSL_STUB
/* No implementation. */
BN_CTX_start(NULL);
BN_CTX_start(bn_ctx);
#endif
BN_CTX_free(NULL);
BN_CTX_free(bn_ctx);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
return EXPECT_RESULT();
}
static int test_wolfSSL_BN(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* c = NULL;
BIGNUM* d = NULL;
BIGNUM emptyBN;
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
/* internal not set emptyBN. */
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
ExpectNotNull(c = BN_dup(b));
ExpectNotNull(d = BN_new());
/* Invalid parameter testing. */
BN_free(NULL);
ExpectNull(BN_dup(NULL));
ExpectNull(BN_dup(&emptyBN));
ExpectNull(BN_copy(NULL, NULL));
ExpectNull(BN_copy(b, NULL));
ExpectNull(BN_copy(NULL, c));
ExpectNull(BN_copy(b, &emptyBN));
ExpectNull(BN_copy(&emptyBN, c));
BN_clear(NULL);
BN_clear(&emptyBN);
ExpectIntEQ(BN_num_bytes(NULL), 0);
ExpectIntEQ(BN_num_bytes(&emptyBN), 0);
ExpectIntEQ(BN_num_bits(NULL), 0);
ExpectIntEQ(BN_num_bits(&emptyBN), 0);
ExpectIntEQ(BN_is_negative(NULL), 0);
ExpectIntEQ(BN_is_negative(&emptyBN), 0);
/* END Invalid Parameters */
ExpectIntEQ(BN_set_word(a, 3), SSL_SUCCESS);
ExpectIntEQ(BN_set_word(b, 2), SSL_SUCCESS);
ExpectIntEQ(BN_set_word(c, 5), SSL_SUCCESS);
ExpectIntEQ(BN_num_bits(a), 2);
ExpectIntEQ(BN_num_bytes(a), 1);
#if !defined(WOLFSSL_SP_MATH) && (!defined(WOLFSSL_SP_MATH_ALL) || \
defined(WOLFSSL_SP_INT_NEGATIVE))
ExpectIntEQ(BN_set_word(a, 1), SSL_SUCCESS);
ExpectIntEQ(BN_set_word(b, 5), SSL_SUCCESS);
ExpectIntEQ(BN_is_word(a, (WOLFSSL_BN_ULONG)BN_get_word(a)), SSL_SUCCESS);
ExpectIntEQ(BN_is_word(a, 3), SSL_FAILURE);
ExpectIntEQ(BN_sub(c, a, b), SSL_SUCCESS);
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
{
/* Do additional tests on negative BN conversions. */
char* ret = NULL;
ASN1_INTEGER* asn1 = NULL;
BIGNUM* tmp = NULL;
/* Sanity check we have a negative BN. */
ExpectIntEQ(BN_is_negative(c), 1);
ExpectNotNull(ret = BN_bn2dec(c));
ExpectIntEQ(XMEMCMP(ret, "-4", sizeof("-4")), 0);
XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL);
ret = NULL;
/* Convert to ASN1_INTEGER and back to BN. */
ExpectNotNull(asn1 = BN_to_ASN1_INTEGER(c, NULL));
ExpectNotNull(tmp = ASN1_INTEGER_to_BN(asn1, NULL));
/* After converting back BN should be negative and correct. */
ExpectIntEQ(BN_is_negative(tmp), 1);
ExpectNotNull(ret = BN_bn2dec(tmp));
ExpectIntEQ(XMEMCMP(ret, "-4", sizeof("-4")), 0);
XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL);
ASN1_INTEGER_free(asn1);
BN_free(tmp);
}
#endif
ExpectIntEQ(BN_get_word(c), 4);
#endif
ExpectIntEQ(BN_set_word(a, 3), 1);
ExpectIntEQ(BN_set_word(b, 3), 1);
ExpectIntEQ(BN_set_word(c, 4), 1);
/* NULL == NULL, NULL < num, num > NULL */
ExpectIntEQ(BN_cmp(NULL, NULL), 0);
ExpectIntEQ(BN_cmp(&emptyBN, &emptyBN), 0);
ExpectIntLT(BN_cmp(NULL, b), 0);
ExpectIntLT(BN_cmp(&emptyBN, b), 0);
ExpectIntGT(BN_cmp(a, NULL), 0);
ExpectIntGT(BN_cmp(a, &emptyBN), 0);
ExpectIntEQ(BN_cmp(a, b), 0);
ExpectIntLT(BN_cmp(a, c), 0);
ExpectIntGT(BN_cmp(c, b), 0);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
ExpectIntEQ(BN_print_fp(XBADFILE, NULL), 0);
ExpectIntEQ(BN_print_fp(XBADFILE, &emptyBN), 0);
ExpectIntEQ(BN_print_fp(stderr, NULL), 0);
ExpectIntEQ(BN_print_fp(stderr, &emptyBN), 0);
ExpectIntEQ(BN_print_fp(XBADFILE, a), 0);
ExpectIntEQ(BN_print_fp(stderr, a), 1);
#endif
BN_clear(a);
BN_free(a);
BN_free(b);
BN_free(c);
BN_clear_free(d);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_init(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
#if !defined(USE_INTEGER_HEAP_MATH) && !defined(HAVE_WOLF_BIGINT)
BIGNUM* ap = NULL;
BIGNUM bv;
BIGNUM cv;
BIGNUM dv;
ExpectNotNull(ap = BN_new());
BN_init(NULL);
XMEMSET(&bv, 0, sizeof(bv));
ExpectNull(BN_dup(&bv));
BN_init(&bv);
BN_init(&cv);
BN_init(&dv);
ExpectIntEQ(BN_set_word(ap, 3), SSL_SUCCESS);
ExpectIntEQ(BN_set_word(&bv, 2), SSL_SUCCESS);
ExpectIntEQ(BN_set_word(&cv, 5), SSL_SUCCESS);
/* a^b mod c = */
ExpectIntEQ(BN_mod_exp(&dv, NULL, &bv, &cv, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(BN_mod_exp(&dv, ap, &bv, &cv, NULL), WOLFSSL_SUCCESS);
/* check result 3^2 mod 5 */
ExpectIntEQ(BN_get_word(&dv), 4);
/* a*b mod c = */
ExpectIntEQ(BN_mod_mul(&dv, NULL, &bv, &cv, NULL), SSL_FAILURE);
ExpectIntEQ(BN_mod_mul(&dv, ap, &bv, &cv, NULL), SSL_SUCCESS);
/* check result 3*2 mod 5 */
ExpectIntEQ(BN_get_word(&dv), 1);
BN_free(ap);
#endif
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_enc_dec(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* c = NULL;
BIGNUM emptyBN;
char* str = NULL;
const char* emptyStr = "";
const char* numberStr = "12345";
const char* badStr = "g12345";
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
const char* twoStr = "2";
#endif
unsigned char binNum[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
unsigned char outNum[5];
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
ExpectIntEQ(BN_set_word(a, 2), 1);
/* Invalid parameters */
ExpectIntEQ(BN_bn2bin(NULL, NULL), -1);
ExpectIntEQ(BN_bn2bin(&emptyBN, NULL), -1);
ExpectIntEQ(BN_bn2bin(NULL, outNum), -1);
ExpectIntEQ(BN_bn2bin(&emptyBN, outNum), -1);
ExpectNull(BN_bn2hex(NULL));
ExpectNull(BN_bn2hex(&emptyBN));
ExpectNull(BN_bn2dec(NULL));
ExpectNull(BN_bn2dec(&emptyBN));
ExpectNull(BN_bin2bn(NULL, sizeof(binNum), NULL));
ExpectNull(BN_bin2bn(NULL, sizeof(binNum), a));
ExpectNull(BN_bin2bn(binNum, -1, a));
ExpectNull(BN_bin2bn(binNum, -1, NULL));
ExpectNull(BN_bin2bn(binNum, sizeof(binNum), &emptyBN));
ExpectIntEQ(BN_hex2bn(NULL, NULL), 0);
ExpectIntEQ(BN_hex2bn(NULL, numberStr), 0);
ExpectIntEQ(BN_hex2bn(&a, NULL), 0);
ExpectIntEQ(BN_hex2bn(&a, emptyStr), 0);
ExpectIntEQ(BN_hex2bn(&a, badStr), 0);
ExpectIntEQ(BN_hex2bn(&c, badStr), 0);
ExpectIntEQ(BN_dec2bn(NULL, NULL), 0);
ExpectIntEQ(BN_dec2bn(NULL, numberStr), 0);
ExpectIntEQ(BN_dec2bn(&a, NULL), 0);
ExpectIntEQ(BN_dec2bn(&a, emptyStr), 0);
ExpectIntEQ(BN_dec2bn(&a, badStr), 0);
ExpectIntEQ(BN_dec2bn(&c, badStr), 0);
ExpectIntEQ(BN_set_word(a, 2), 1);
ExpectIntEQ(BN_bn2bin(a, NULL), 1);
ExpectIntEQ(BN_bn2bin(a, outNum), 1);
ExpectNotNull(BN_bin2bn(outNum, 1, b));
ExpectIntEQ(BN_cmp(a, b), 0);
ExpectNotNull(BN_bin2bn(binNum, sizeof(binNum), b));
ExpectIntEQ(BN_cmp(a, b), -1);
ExpectNotNull(str = BN_bn2hex(a));
ExpectNotNull(BN_hex2bn(&b, str));
ExpectIntEQ(BN_cmp(a, b), 0);
ExpectNotNull(BN_hex2bn(&b, numberStr));
ExpectIntEQ(BN_cmp(a, b), -1);
XFREE(str, NULL, DYNAMIC_TYPE_OPENSSL);
str = NULL;
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
ExpectNotNull(str = BN_bn2dec(a));
ExpectStrEQ(str, twoStr);
XFREE(str, NULL, DYNAMIC_TYPE_OPENSSL);
str = NULL;
#ifndef NO_RSA
ExpectNotNull(str = BN_bn2dec(a));
ExpectNotNull(BN_dec2bn(&b, str));
ExpectIntEQ(BN_cmp(a, b), 0);
ExpectNotNull(BN_dec2bn(&b, numberStr));
ExpectIntEQ(BN_cmp(a, b), -1);
XFREE(str, NULL, DYNAMIC_TYPE_OPENSSL);
str = NULL;
#else
/* No implementation - fail with good parameters. */
ExpectIntEQ(BN_dec2bn(&a, numberStr), 0);
#endif
#endif
BN_free(b);
BN_free(a);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_word(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* c = NULL;
BIGNUM av;
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
ExpectNotNull(c = BN_new());
XMEMSET(&av, 0, sizeof(av));
/* Invalid parameter. */
ExpectIntEQ(BN_add_word(NULL, 3), 0);
ExpectIntEQ(BN_add_word(&av, 3), 0);
ExpectIntEQ(BN_sub_word(NULL, 3), 0);
ExpectIntEQ(BN_sub_word(&av, 3), 0);
ExpectIntEQ(BN_set_word(NULL, 3), 0);
ExpectIntEQ(BN_set_word(&av, 3), 0);
ExpectIntEQ(BN_get_word(NULL), 0);
ExpectIntEQ(BN_get_word(&av), 0);
ExpectIntEQ(BN_is_word(NULL, 3), 0);
ExpectIntEQ(BN_is_word(&av, 3), 0);
#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || \
!defined(NO_DSA))
ExpectIntEQ(BN_mod_word(NULL, 3), -1);
ExpectIntEQ(BN_mod_word(&av, 3), -1);
#endif
ExpectIntEQ(BN_one(NULL), 0);
ExpectIntEQ(BN_one(&av), 0);
BN_zero(NULL);
BN_zero(&av);
ExpectIntEQ(BN_is_one(NULL), 0);
ExpectIntEQ(BN_is_one(&av), 0);
ExpectIntEQ(BN_is_zero(NULL), 0);
ExpectIntEQ(BN_is_zero(&av), 0);
ExpectIntEQ(BN_set_word(a, 3), 1);
ExpectIntEQ(BN_set_word(b, 2), 1);
ExpectIntEQ(BN_set_word(c, 5), 1);
/* a + 3 = */
ExpectIntEQ(BN_add_word(a, 3), 1);
/* check result 3 + 3*/
ExpectIntEQ(BN_get_word(a), 6);
ExpectIntEQ(BN_is_word(a, 6), 1);
ExpectIntEQ(BN_is_word(a, 5), 0);
/* set a back to 3 */
ExpectIntEQ(BN_set_word(a, 3), 1);
/* a - 3 = */
ExpectIntEQ(BN_sub_word(a, 3), 1);
/* check result 3 - 3*/
ExpectIntEQ(BN_get_word(a), 0);
ExpectIntEQ(BN_one(a), 1);
ExpectIntEQ(BN_is_word(a, 1), 1);
ExpectIntEQ(BN_is_word(a, 0), 0);
ExpectIntEQ(BN_is_one(a), 1);
ExpectIntEQ(BN_is_zero(a), 0);
BN_zero(a);
ExpectIntEQ(BN_is_word(a, 0), 1);
ExpectIntEQ(BN_is_word(a, 1), 0);
ExpectIntEQ(BN_is_zero(a), 1);
ExpectIntEQ(BN_is_one(a), 0);
#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || \
!defined(NO_DSA))
ExpectIntEQ(BN_set_word(a, 5), 1);
ExpectIntEQ(BN_mod_word(a, 3), 2);
ExpectIntEQ(BN_mod_word(a, 0), -1);
#endif
BN_free(c);
BN_free(b);
BN_free(a);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_bits(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM emptyBN;
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
/* Invalid parameters. */
ExpectIntEQ(BN_set_bit(NULL, 1), 0);
ExpectIntEQ(BN_set_bit(&emptyBN, 1), 0);
ExpectIntEQ(BN_set_bit(a, -1), 0);
ExpectIntEQ(BN_clear_bit(NULL, 1), 0);
ExpectIntEQ(BN_clear_bit(&emptyBN, 1), 0);
ExpectIntEQ(BN_clear_bit(a, -1), 0);
ExpectIntEQ(BN_is_bit_set(NULL, 1), 0);
ExpectIntEQ(BN_is_bit_set(&emptyBN, 1), 0);
ExpectIntEQ(BN_is_bit_set(a, -1), 0);
ExpectIntEQ(BN_is_odd(NULL), 0);
ExpectIntEQ(BN_is_odd(&emptyBN), 0);
ExpectIntEQ(BN_set_word(a, 0), 1);
ExpectIntEQ(BN_is_zero(a), 1);
ExpectIntEQ(BN_set_bit(a, 0x45), 1);
ExpectIntEQ(BN_is_zero(a), 0);
ExpectIntEQ(BN_is_bit_set(a, 0x45), 1);
ExpectIntEQ(BN_clear_bit(a, 0x45), 1);
ExpectIntEQ(BN_is_bit_set(a, 0x45), 0);
ExpectIntEQ(BN_is_zero(a), 1);
ExpectIntEQ(BN_set_bit(a, 0), 1);
ExpectIntEQ(BN_is_odd(a), 1);
ExpectIntEQ(BN_clear_bit(a, 0), 1);
ExpectIntEQ(BN_is_odd(a), 0);
ExpectIntEQ(BN_set_bit(a, 1), 1);
ExpectIntEQ(BN_is_odd(a), 0);
ExpectIntEQ(BN_set_bit(a, 129), 1);
ExpectIntEQ(BN_get_word(a), WOLFSSL_BN_MAX_VAL);
#ifndef NO_WOLFSSL_STUB
ExpectIntEQ(BN_mask_bits(a, 1), 0);
#endif
BN_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_shift(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM emptyBN;
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
/* Invalid parameters. */
ExpectIntEQ(BN_lshift(NULL, NULL, 1), 0);
ExpectIntEQ(BN_lshift(&emptyBN, NULL, 1), 0);
ExpectIntEQ(BN_lshift(NULL, &emptyBN, 1), 0);
ExpectIntEQ(BN_lshift(b, NULL, 1), 0);
ExpectIntEQ(BN_lshift(b, &emptyBN, 1), 0);
ExpectIntEQ(BN_lshift(NULL, a, 1), 0);
ExpectIntEQ(BN_lshift(&emptyBN, a, 1), 0);
ExpectIntEQ(BN_lshift(b, a, -1), 0);
ExpectIntEQ(BN_rshift(NULL, NULL, 1), 0);
ExpectIntEQ(BN_rshift(&emptyBN, NULL, 1), 0);
ExpectIntEQ(BN_rshift(NULL, &emptyBN, 1), 0);
ExpectIntEQ(BN_rshift(b, NULL, 1), 0);
ExpectIntEQ(BN_rshift(b, &emptyBN, 1), 0);
ExpectIntEQ(BN_rshift(NULL, a, 1), 0);
ExpectIntEQ(BN_rshift(&emptyBN, a, 1), 0);
ExpectIntEQ(BN_rshift(b, a, -1), 0);
ExpectIntEQ(BN_set_word(a, 1), 1);
ExpectIntEQ(BN_lshift(b, a, 1), 1);
ExpectIntEQ(BN_is_word(b, 2), 1);
ExpectIntEQ(BN_lshift(a, a, 1), 1);
ExpectIntEQ(BN_is_word(a, 2), 1);
ExpectIntEQ(BN_rshift(b, a, 1), 1);
ExpectIntEQ(BN_is_word(b, 1), 1);
ExpectIntEQ(BN_rshift(a, a, 1), 1);
ExpectIntEQ(BN_is_word(a, 1), 1);
BN_free(b);
BN_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_math(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* r = NULL;
BIGNUM* rem = NULL;
BIGNUM emptyBN;
BN_ULONG val1;
BN_ULONG val2;
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
ExpectNotNull(r = BN_new());
ExpectNotNull(rem = BN_new());
/* Invalid parameters. */
ExpectIntEQ(BN_add(NULL, NULL, NULL), 0);
ExpectIntEQ(BN_add(r, NULL, NULL), 0);
ExpectIntEQ(BN_add(NULL, a, NULL), 0);
ExpectIntEQ(BN_add(NULL, NULL, b), 0);
ExpectIntEQ(BN_add(r, a, NULL), 0);
ExpectIntEQ(BN_add(r, NULL, b), 0);
ExpectIntEQ(BN_add(NULL, a, b), 0);
ExpectIntEQ(BN_add(&emptyBN, &emptyBN, &emptyBN), 0);
ExpectIntEQ(BN_add(r, &emptyBN, &emptyBN), 0);
ExpectIntEQ(BN_add(&emptyBN, a, &emptyBN), 0);
ExpectIntEQ(BN_add(&emptyBN, &emptyBN, b), 0);
ExpectIntEQ(BN_add(r, a, &emptyBN), 0);
ExpectIntEQ(BN_add(r, &emptyBN, b), 0);
ExpectIntEQ(BN_add(&emptyBN, a, b), 0);
ExpectIntEQ(BN_sub(NULL, NULL, NULL), 0);
ExpectIntEQ(BN_sub(r, NULL, NULL), 0);
ExpectIntEQ(BN_sub(NULL, a, NULL), 0);
ExpectIntEQ(BN_sub(NULL, NULL, b), 0);
ExpectIntEQ(BN_sub(r, a, NULL), 0);
ExpectIntEQ(BN_sub(r, NULL, b), 0);
ExpectIntEQ(BN_sub(NULL, a, b), 0);
ExpectIntEQ(BN_sub(&emptyBN, &emptyBN, &emptyBN), 0);
ExpectIntEQ(BN_sub(r, &emptyBN, &emptyBN), 0);
ExpectIntEQ(BN_sub(&emptyBN, a, &emptyBN), 0);
ExpectIntEQ(BN_sub(&emptyBN, &emptyBN, b), 0);
ExpectIntEQ(BN_sub(r, a, &emptyBN), 0);
ExpectIntEQ(BN_sub(r, &emptyBN, b), 0);
ExpectIntEQ(BN_sub(&emptyBN, a, b), 0);
ExpectIntEQ(BN_mul(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mul(r, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mul(NULL, a, NULL, NULL), 0);
ExpectIntEQ(BN_mul(NULL, NULL, b, NULL), 0);
ExpectIntEQ(BN_mul(r, a, NULL, NULL), 0);
ExpectIntEQ(BN_mul(r, NULL, b, NULL), 0);
ExpectIntEQ(BN_mul(NULL, a, b, NULL), 0);
ExpectIntEQ(BN_mul(&emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mul(r, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mul(&emptyBN, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mul(&emptyBN, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_mul(r, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mul(r, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_mul(&emptyBN, a, b, NULL), 0);
ExpectIntEQ(BN_div(NULL, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_div(r, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_div(NULL, rem, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_div(NULL, NULL, a, NULL, NULL), 0);
ExpectIntEQ(BN_div(NULL, NULL, NULL, b, NULL), 0);
ExpectIntEQ(BN_div(NULL, rem, a, b, NULL), 0);
ExpectIntEQ(BN_div(r, NULL, a, b, NULL), 0);
ExpectIntEQ(BN_div(r, rem, NULL, b, NULL), 0);
ExpectIntEQ(BN_div(r, rem, a, NULL, NULL), 0);
ExpectIntEQ(BN_div(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_div(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_div(&emptyBN, rem, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_div(&emptyBN, &emptyBN, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_div(&emptyBN, &emptyBN, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_div(&emptyBN, rem, a, b, NULL), 0);
ExpectIntEQ(BN_div(r, &emptyBN, a, b, NULL), 0);
ExpectIntEQ(BN_div(r, rem, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_div(r, rem, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod(r, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod(NULL, a, NULL, NULL), 0);
ExpectIntEQ(BN_mod(NULL, NULL, b, NULL), 0);
ExpectIntEQ(BN_mod(r, a, NULL, NULL), 0);
ExpectIntEQ(BN_mod(r, NULL, b, NULL), 0);
ExpectIntEQ(BN_mod(NULL, a, b, NULL), 0);
ExpectIntEQ(BN_mod(&emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod(r, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod(&emptyBN, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod(&emptyBN, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_mod(r, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod(r, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_mod(&emptyBN, a, b, NULL), 0);
/* END Invalid parameters. */
val1 = 8;
val2 = 3;
ExpectIntEQ(BN_set_word(a, val1), 1);
ExpectIntEQ(BN_set_word(b, val2), 1);
ExpectIntEQ(BN_add(r, a, b), 1);
ExpectIntEQ(BN_is_word(r, val1 + val2), 1);
ExpectIntEQ(BN_sub(r, a, b), 1);
ExpectIntEQ(BN_is_word(r, val1 - val2), 1);
ExpectIntEQ(BN_mul(r, a, b, NULL), 1);
ExpectIntEQ(BN_is_word(r, val1 * val2), 1);
ExpectIntEQ(BN_div(r, rem, a, b, NULL), 1);
ExpectIntEQ(BN_is_word(r, val1 / val2), 1);
ExpectIntEQ(BN_is_word(rem, val1 % val2), 1);
ExpectIntEQ(BN_mod(r, a, b, NULL), 1);
ExpectIntEQ(BN_is_word(r, val1 % val2), 1);
BN_free(rem);
BN_free(r);
BN_free(b);
BN_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_math_mod(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* m = NULL;
BIGNUM* r = NULL;
BIGNUM* t = NULL;
BIGNUM emptyBN;
BN_ULONG val1;
BN_ULONG val2;
BN_ULONG val3;
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
ExpectNotNull(m = BN_new());
ExpectNotNull(r = BN_new());
/* Invalid parameters. */
ExpectIntEQ(BN_mod_add(NULL, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_add(r, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_add(NULL, a, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_add(NULL, NULL, b, NULL, NULL), 0);
ExpectIntEQ(BN_mod_add(NULL, NULL, NULL, m, NULL), 0);
ExpectIntEQ(BN_mod_add(NULL, a, b, m, NULL), 0);
ExpectIntEQ(BN_mod_add(r, NULL, b, m, NULL), 0);
ExpectIntEQ(BN_mod_add(r, a, NULL, m, NULL), 0);
ExpectIntEQ(BN_mod_add(r, a, m, NULL, NULL), 0);
ExpectIntEQ(BN_mod_add(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_add(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_add(&emptyBN, a, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_add(&emptyBN, &emptyBN, b, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_add(&emptyBN, &emptyBN, &emptyBN, m, NULL), 0);
ExpectIntEQ(BN_mod_add(&emptyBN, a, b, m, NULL), 0);
ExpectIntEQ(BN_mod_add(r, &emptyBN, b, m, NULL), 0);
ExpectIntEQ(BN_mod_add(r, a, &emptyBN, m, NULL), 0);
ExpectIntEQ(BN_mod_add(r, a, m, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_mul(NULL, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_mul(NULL, a, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_mul(NULL, NULL, b, NULL, NULL), 0);
ExpectIntEQ(BN_mod_mul(NULL, NULL, NULL, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(NULL, a, b, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, NULL, b, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, a, NULL, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, a, m, NULL, NULL), 0);
ExpectIntEQ(BN_mod_mul(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_mul(&emptyBN, a, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_mul(&emptyBN, &emptyBN, b, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_mul(&emptyBN, &emptyBN, &emptyBN, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(&emptyBN, a, b, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, &emptyBN, b, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, a, &emptyBN, m, NULL), 0);
ExpectIntEQ(BN_mod_mul(r, a, m, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_exp(NULL, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_exp(NULL, a, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_mod_exp(NULL, NULL, b, NULL, NULL), 0);
ExpectIntEQ(BN_mod_exp(NULL, NULL, NULL, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(NULL, a, b, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, NULL, b, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, a, NULL, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, a, m, NULL, NULL), 0);
ExpectIntEQ(BN_mod_exp(&emptyBN, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, &emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_exp(&emptyBN, a, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_exp(&emptyBN, &emptyBN, b, &emptyBN, NULL), 0);
ExpectIntEQ(BN_mod_exp(&emptyBN, &emptyBN, &emptyBN, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(&emptyBN, a, b, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, &emptyBN, b, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, a, &emptyBN, m, NULL), 0);
ExpectIntEQ(BN_mod_exp(r, a, m, &emptyBN, NULL), 0);
ExpectNull(BN_mod_inverse(r, NULL, NULL, NULL));
ExpectNull(BN_mod_inverse(r, a, NULL, NULL));
ExpectNull(BN_mod_inverse(r, NULL, m, NULL));
ExpectNull(BN_mod_inverse(r, NULL, m, NULL));
ExpectNull(BN_mod_inverse(r, a, NULL, NULL));
ExpectNull(BN_mod_inverse(&emptyBN, &emptyBN, &emptyBN, NULL));
ExpectNull(BN_mod_inverse(r, &emptyBN, &emptyBN, NULL));
ExpectNull(BN_mod_inverse(&emptyBN, a, &emptyBN, NULL));
ExpectNull(BN_mod_inverse(&emptyBN, &emptyBN, m, NULL));
ExpectNull(BN_mod_inverse(&emptyBN, a, m, NULL));
ExpectNull(BN_mod_inverse(r, &emptyBN, m, NULL));
ExpectNull(BN_mod_inverse(r, a, &emptyBN, NULL));
/* END Invalid parameters. */
val1 = 9;
val2 = 13;
val3 = 5;
ExpectIntEQ(BN_set_word(a, val1), 1);
ExpectIntEQ(BN_set_word(b, val2), 1);
ExpectIntEQ(BN_set_word(m, val3), 1);
ExpectIntEQ(BN_mod_add(r, a, b, m, NULL), 1);
ExpectIntEQ(BN_is_word(r, (val1 + val2) % val3), 1);
ExpectIntEQ(BN_mod_mul(r, a, b, m, NULL), 1);
ExpectIntEQ(BN_is_word(r, (val1 * val2) % val3), 1);
ExpectIntEQ(BN_set_word(a, 2), 1);
ExpectIntEQ(BN_set_word(b, 3), 1);
ExpectIntEQ(BN_set_word(m, 5), 1);
/* (2 ^ 3) % 5 = 8 % 5 = 3 */
ExpectIntEQ(BN_mod_exp(r, a, b, m, NULL), 1);
ExpectIntEQ(BN_is_word(r, 3), 1);
/* (2 * 3) % 5 = 6 % 5 = 1 => inv = 3 */
ExpectNotNull(BN_mod_inverse(r, a, m, NULL));
ExpectIntEQ(BN_is_word(r, 3), 1);
ExpectNotNull(t = BN_mod_inverse(NULL, a, m, NULL));
ExpectIntEQ(BN_is_word(t, 3), 1);
BN_free(t);
/* No inverse case. No inverse when a divides b. */
ExpectIntEQ(BN_set_word(a, 3), 1);
ExpectIntEQ(BN_set_word(m, 9), 1);
ExpectNull(BN_mod_inverse(r, a, m, NULL));
BN_free(r);
BN_free(m);
BN_free(b);
BN_free(a);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_math_other(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* r = NULL;
BIGNUM emptyBN;
/* Setup */
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
ExpectNotNull(b = BN_new());
ExpectNotNull(r = BN_new());
/* Invalid parameters. */
ExpectIntEQ(BN_gcd(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_gcd(r, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_gcd(NULL, a, NULL, NULL), 0);
ExpectIntEQ(BN_gcd(NULL, NULL, b, NULL), 0);
ExpectIntEQ(BN_gcd(NULL, a, b, NULL), 0);
ExpectIntEQ(BN_gcd(r, NULL, b, NULL), 0);
ExpectIntEQ(BN_gcd(r, a, NULL, NULL), 0);
ExpectIntEQ(BN_gcd(&emptyBN, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_gcd(r, &emptyBN, &emptyBN, NULL), 0);
ExpectIntEQ(BN_gcd(&emptyBN, a, &emptyBN, NULL), 0);
ExpectIntEQ(BN_gcd(&emptyBN, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_gcd(&emptyBN, a, b, NULL), 0);
ExpectIntEQ(BN_gcd(r, &emptyBN, b, NULL), 0);
ExpectIntEQ(BN_gcd(r, a, &emptyBN, NULL), 0);
/* END Invalid parameters. */
/* No common factors between 2 and 3. */
ExpectIntEQ(BN_set_word(a, 2), 1);
ExpectIntEQ(BN_set_word(b, 3), 1);
ExpectIntEQ(BN_gcd(r, a, b, NULL), 1);
ExpectIntEQ(BN_is_word(r, 1), 1);
/* 3 is largest value that divides both 6 and 9. */
ExpectIntEQ(BN_set_word(a, 6), 1);
ExpectIntEQ(BN_set_word(b, 9), 1);
ExpectIntEQ(BN_gcd(r, a, b, NULL), 1);
ExpectIntEQ(BN_is_word(r, 3), 1);
/* GCD of 0 and 0 is undefined. */
ExpectIntEQ(BN_set_word(a, 0), 1);
ExpectIntEQ(BN_set_word(b, 0), 1);
ExpectIntEQ(BN_gcd(r, a, b, NULL), 0);
/* Teardown */
BN_free(r);
BN_free(b);
BN_free(a);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_rand(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_NO_BN)
BIGNUM* bn = NULL;
BIGNUM* range = NULL;
BIGNUM emptyBN;
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(bn = BN_new());
ExpectNotNull(range = BN_new());
/* Invalid parameters. */
ExpectIntEQ(BN_rand(NULL, -1, 0, 0), 0);
ExpectIntEQ(BN_rand(bn, -1, 0, 0), 0);
ExpectIntEQ(BN_rand(NULL, 1, 0, 0), 0);
ExpectIntEQ(BN_rand(&emptyBN, -1, 0, 0), 0);
ExpectIntEQ(BN_rand(bn, -1, 0, 0), 0);
ExpectIntEQ(BN_rand(&emptyBN, 1, 0, 0), 0);
ExpectIntEQ(BN_pseudo_rand(NULL, -1, 0, 0), 0);
ExpectIntEQ(BN_pseudo_rand(bn, -1, 0, 0), 0);
ExpectIntEQ(BN_pseudo_rand(NULL, 1, 0, 0), 0);
ExpectIntEQ(BN_pseudo_rand(&emptyBN, -1, 0, 0), 0);
ExpectIntEQ(BN_pseudo_rand(bn, -1, 0, 0), 0);
ExpectIntEQ(BN_pseudo_rand(&emptyBN, 1, 0, 0), 0);
ExpectIntEQ(BN_rand_range(NULL, NULL), 0);
ExpectIntEQ(BN_rand_range(bn, NULL), 0);
ExpectIntEQ(BN_rand_range(NULL, range), 0);
ExpectIntEQ(BN_rand_range(&emptyBN, &emptyBN), 0);
ExpectIntEQ(BN_rand_range(bn, &emptyBN), 0);
ExpectIntEQ(BN_rand_range(&emptyBN, range), 0);
/* 0 bit random value must be 0 and so cannot set bit in any position. */
ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 0);
ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ANY), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ANY), 0);
/* 1 bit random value must have no more than one top bit set. */
ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ANY), 0);
ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ANY), 0);
ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ODD), 0);
/* END Invalid parameters. */
/* 0 bit random: 0. */
ExpectIntEQ(BN_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_is_zero(bn), 1);
ExpectIntEQ(BN_set_word(bn, 2), 1); /* Make sure not zero. */
ExpectIntEQ(BN_pseudo_rand(bn, 0, WOLFSSL_BN_RAND_TOP_ANY,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_is_zero(bn), 1);
/* 1 bit random: 0 or 1. */
ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ANY,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntLT(BN_get_word(bn), 2); /* Make sure valid range. */
ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_get_word(bn), 1);
ExpectIntEQ(BN_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ODD), 1);
ExpectIntEQ(BN_get_word(bn), 1);
ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ANY,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntLT(BN_get_word(bn), 2); /* Make sure valid range. */
ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_get_word(bn), 1);
ExpectIntEQ(BN_pseudo_rand(bn, 1, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ODD), 1);
ExpectIntEQ(BN_get_word(bn), 1);
ExpectIntEQ(BN_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_num_bits(bn), 8);
ExpectIntEQ(BN_is_bit_set(bn, 7), 1);
ExpectIntEQ(BN_pseudo_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_num_bits(bn), 8);
ExpectIntEQ(BN_is_bit_set(bn, 7), 1);
ExpectIntEQ(BN_rand(bn, 8, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_is_bit_set(bn, 7), 1);
ExpectIntEQ(BN_is_bit_set(bn, 6), 1);
ExpectIntEQ(BN_pseudo_rand(bn, 8, WOLFSSL_BN_RAND_TOP_TWO,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_is_bit_set(bn, 7), 1);
ExpectIntEQ(BN_is_bit_set(bn, 6), 1);
ExpectIntEQ(BN_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ODD), 1);
ExpectIntEQ(BN_is_bit_set(bn, 0), 1);
ExpectIntEQ(BN_pseudo_rand(bn, 8, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ODD), 1);
ExpectIntEQ(BN_is_bit_set(bn, 0), 1);
/* Regression test: Older versions of wolfSSL_BN_rand would round the
* requested number of bits up to the nearest multiple of 8. E.g. in this
* case, requesting a 13-bit random number would actually return a 16-bit
* random number. */
ExpectIntEQ(BN_rand(bn, 13, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_num_bits(bn), 13);
ExpectIntEQ(BN_rand(range, 64, WOLFSSL_BN_RAND_TOP_ONE,
WOLFSSL_BN_RAND_BOTTOM_ANY), 1);
ExpectIntEQ(BN_rand_range(bn, range), 1);
ExpectIntEQ(BN_set_word(range, 0), 1);
ExpectIntEQ(BN_rand_range(bn, range), 1);
ExpectIntEQ(BN_set_word(range, 1), 1);
ExpectIntEQ(BN_rand_range(bn, range), 1);
BN_free(bn);
BN_free(range);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BN_prime(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA))
BIGNUM* a = NULL;
BIGNUM* add = NULL;
BIGNUM* rem = NULL;
BIGNUM emptyBN;
XMEMSET(&emptyBN, 0, sizeof(emptyBN));
ExpectNotNull(a = BN_new());
ExpectNotNull(add = BN_new());
ExpectNotNull(rem = BN_new());
/* Invalid parameters. */
/* BN_generate_prime_ex()
* prime - must have valid BIGNUM
* bits - Greater then 0
* safe - not supported, must be 0
* add - not supported, must be NULL
* rem - not supported, must be NULL
* cb - anything
*/
ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 1, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 1, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(a, -1, 1, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(NULL, 2, 1, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(&emptyBN, 2, 1, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 0, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 0, add, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 1, NULL, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 1, NULL, rem, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(NULL, -1, 1, add, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(&emptyBN, -1, 1, add, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(NULL, 2, 0, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(&emptyBN, 2, 0, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(a, -1, 0, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(a, 0, 0, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(a, 2, 1, NULL, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(a, 2, 0, add, NULL, NULL), 0);
ExpectIntEQ(BN_generate_prime_ex(a, 2, 0, NULL, rem, NULL), 0);
ExpectIntEQ(BN_is_prime_ex(NULL, -1, NULL, NULL), -1);
ExpectIntEQ(BN_is_prime_ex(&emptyBN, -1, NULL, NULL), -1);
ExpectIntEQ(BN_is_prime_ex(a, -1, NULL, NULL), -1);
ExpectIntEQ(BN_is_prime_ex(a, 2048, NULL, NULL), -1);
ExpectIntEQ(BN_is_prime_ex(NULL, 1, NULL, NULL), -1);
ExpectIntEQ(BN_is_prime_ex(&emptyBN, 1, NULL, NULL), -1);
/* END Invalid parameters. */
ExpectIntEQ(BN_generate_prime_ex(a, 512, 0, NULL, NULL, NULL), 1);
ExpectIntEQ(BN_is_prime_ex(a, 8, NULL, NULL), 1);
ExpectIntEQ(BN_clear_bit(a, 0), 1);
ExpectIntEQ(BN_is_prime_ex(a, 8, NULL, NULL), 0);
BN_free(rem);
BN_free(add);
BN_free(a);
#endif
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
#define TEST_ARG 0x1234
static void msg_cb(int write_p, int version, int content_type,
const void *buf, size_t len, SSL *ssl, void *arg)
{
(void)write_p;
(void)version;
(void)content_type;
(void)buf;
(void)len;
(void)ssl;
AssertTrue(arg == (void*)TEST_ARG);
}
#endif
#if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
#if defined(SESSION_CERTS)
#include "wolfssl/internal.h"
#endif
static int msgCb(SSL_CTX *ctx, SSL *ssl)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(SESSION_CERTS) && !defined(NO_BIO)
STACK_OF(X509)* sk = NULL;
X509* x509 = NULL;
int i, num;
BIO* bio = NULL;
#endif
ExpectNotNull(ctx);
ExpectNotNull(ssl);
fprintf(stderr, "\n===== msgcb called ====\n");
#if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)
ExpectTrue(SSL_get_peer_cert_chain(ssl) != NULL);
ExpectIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 2);
ExpectNotNull(SSL_get0_verified_chain(ssl));
#endif
#if defined(OPENSSL_ALL) && defined(SESSION_CERTS) && !defined(NO_BIO)
ExpectNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
ExpectNotNull(sk = SSL_get_peer_cert_chain(ssl));
if (sk == NULL) {
BIO_free(bio);
return TEST_FAIL;
}
num = sk_X509_num(sk);
ExpectTrue(num > 0);
for (i = 0; i < num; i++) {
ExpectNotNull(x509 = sk_X509_value(sk,i));
if (x509 == NULL)
break;
fprintf(stderr, "Certificate at index [%d] = :\n",i);
X509_print(bio,x509);
fprintf(stderr, "\n\n");
}
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_msgCb(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
XMEMSET(&client_cb, 0, sizeof(client_cb));
XMEMSET(&server_cb, 0, sizeof(server_cb));
#ifndef WOLFSSL_NO_TLS12
client_cb.method = wolfTLSv1_2_client_method;
server_cb.method = wolfTLSv1_2_server_method;
#else
client_cb.method = wolfTLSv1_3_client_method;
server_cb.method = wolfTLSv1_3_server_method;
#endif
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
&server_cb, msgCb), TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_either_side(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
XMEMSET(&client_cb, 0, sizeof(client_cb));
XMEMSET(&server_cb, 0, sizeof(server_cb));
/* Use different CTX for client and server */
client_cb.ctx = wolfSSL_CTX_new(wolfSSLv23_method());
ExpectNotNull(client_cb.ctx);
server_cb.ctx = wolfSSL_CTX_new(wolfSSLv23_method());
ExpectNotNull(server_cb.ctx);
/* we are responsible for free'ing WOLFSSL_CTX */
server_cb.isSharedCtx = client_cb.isSharedCtx = 1;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
&server_cb, NULL), TEST_SUCCESS);
wolfSSL_CTX_free(client_cb.ctx);
wolfSSL_CTX_free(server_cb.ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DTLS_either_side(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS)
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
XMEMSET(&client_cb, 0, sizeof(client_cb));
XMEMSET(&server_cb, 0, sizeof(server_cb));
/* Use different CTX for client and server */
client_cb.ctx = wolfSSL_CTX_new(wolfDTLS_method());
ExpectNotNull(client_cb.ctx);
server_cb.ctx = wolfSSL_CTX_new(wolfDTLS_method());
ExpectNotNull(server_cb.ctx);
/* we are responsible for free'ing WOLFSSL_CTX */
server_cb.isSharedCtx = client_cb.isSharedCtx = 1;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
&server_cb, NULL), TEST_SUCCESS);
wolfSSL_CTX_free(client_cb.ctx);
wolfSSL_CTX_free(server_cb.ctx);
#endif
return EXPECT_RESULT();
}
static int test_generate_cookie(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(OPENSSL_EXTRA) && defined(USE_WOLFSSL_IO)
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
byte buf[FOURK_BUF] = {0};
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLS_method()));
ExpectNotNull(ssl = SSL_new(ctx));
/* Test unconnected */
ExpectIntEQ(EmbedGenerateCookie(ssl, buf, FOURK_BUF, NULL), GEN_COOKIE_E);
wolfSSL_CTX_SetGenCookie(ctx, EmbedGenerateCookie);
wolfSSL_SetCookieCtx(ssl, ctx);
ExpectNotNull(wolfSSL_GetCookieCtx(ssl));
ExpectNull(wolfSSL_GetCookieCtx(NULL));
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_set_options(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
char appData[] = "extra msg";
#endif
#ifdef OPENSSL_EXTRA
unsigned char protos[] = {
7, 't', 'l', 's', '/', '1', '.', '2',
8, 'h', 't', 't', 'p', '/', '1', '.', '1'
};
unsigned int len = sizeof(protos);
void *arg = (void *)TEST_ARG;
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1)
== WOLFSSL_OP_NO_TLSv1);
ExpectTrue(wolfSSL_CTX_get_options(ctx) == WOLFSSL_OP_NO_TLSv1);
ExpectIntGT((int)wolfSSL_CTX_set_options(ctx, (WOLFSSL_OP_COOKIE_EXCHANGE |
WOLFSSL_OP_NO_SSLv2)), 0);
ExpectTrue((wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_COOKIE_EXCHANGE) &
WOLFSSL_OP_COOKIE_EXCHANGE) == WOLFSSL_OP_COOKIE_EXCHANGE);
ExpectTrue((wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_2) &
WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2);
ExpectTrue((wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_COMPRESSION) &
WOLFSSL_OP_NO_COMPRESSION) == WOLFSSL_OP_NO_COMPRESSION);
ExpectFalse((wolfSSL_CTX_clear_options(ctx, WOLFSSL_OP_NO_COMPRESSION) &
WOLFSSL_OP_NO_COMPRESSION));
wolfSSL_CTX_free(ctx);
ctx = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
#ifdef OPENSSL_EXTRA
ExpectTrue(wolfSSL_CTX_set_msg_callback(ctx, msg_cb) == WOLFSSL_SUCCESS);
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx));
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#ifdef HAVE_EX_DATA
ExpectIntEQ(wolfSSL_set_app_data(ssl, (void*)appData), WOLFSSL_SUCCESS);
ExpectNotNull(wolfSSL_get_app_data((const WOLFSSL*)ssl));
if (ssl != NULL) {
ExpectIntEQ(XMEMCMP(wolfSSL_get_app_data((const WOLFSSL*)ssl),
appData, sizeof(appData)), 0);
}
#else
ExpectIntEQ(wolfSSL_set_app_data(ssl, (void*)appData), WOLFSSL_FAILURE);
ExpectNull(wolfSSL_get_app_data((const WOLFSSL*)ssl));
#endif
#endif
ExpectTrue(wolfSSL_set_options(ssl, WOLFSSL_OP_NO_TLSv1) ==
WOLFSSL_OP_NO_TLSv1);
ExpectTrue(wolfSSL_get_options(ssl) == WOLFSSL_OP_NO_TLSv1);
ExpectIntGT((int)wolfSSL_set_options(ssl, (WOLFSSL_OP_COOKIE_EXCHANGE |
WOLFSSL_OP_NO_SSLv2)), 0);
ExpectTrue((wolfSSL_set_options(ssl, WOLFSSL_OP_COOKIE_EXCHANGE) &
WOLFSSL_OP_COOKIE_EXCHANGE) == WOLFSSL_OP_COOKIE_EXCHANGE);
ExpectTrue((wolfSSL_set_options(ssl, WOLFSSL_OP_NO_TLSv1_2) &
WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2);
ExpectTrue((wolfSSL_set_options(ssl, WOLFSSL_OP_NO_COMPRESSION) &
WOLFSSL_OP_NO_COMPRESSION) == WOLFSSL_OP_NO_COMPRESSION);
#ifdef OPENSSL_EXTRA
ExpectFalse((wolfSSL_clear_options(ssl, WOLFSSL_OP_NO_COMPRESSION) &
WOLFSSL_OP_NO_COMPRESSION));
#endif
#ifdef OPENSSL_EXTRA
ExpectTrue(wolfSSL_set_msg_callback(ssl, msg_cb) == WOLFSSL_SUCCESS);
wolfSSL_set_msg_callback_arg(ssl, arg);
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectTrue(wolfSSL_CTX_set_alpn_protos(ctx, protos, len) == 0);
#else
ExpectTrue(wolfSSL_CTX_set_alpn_protos(ctx, protos, len) == WOLFSSL_SUCCESS);
#endif
#endif
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_ALL) || \
defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL)
#if defined(HAVE_ALPN) && !defined(NO_BIO)
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectTrue(wolfSSL_set_alpn_protos(ssl, protos, len) == 0);
#else
ExpectTrue(wolfSSL_set_alpn_protos(ssl, protos, len) == WOLFSSL_SUCCESS);
#endif
#endif /* HAVE_ALPN && !NO_BIO */
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
static int test_wolfSSL_sk_SSL_CIPHER(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
STACK_OF(SSL_CIPHER) *sk = NULL;
STACK_OF(SSL_CIPHER) *dupSk = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectNotNull(sk = SSL_get_ciphers(ssl));
ExpectNotNull(dupSk = sk_SSL_CIPHER_dup(sk));
ExpectIntGT(sk_SSL_CIPHER_num(sk), 0);
ExpectIntEQ(sk_SSL_CIPHER_num(sk), sk_SSL_CIPHER_num(dupSk));
/* error case because connection has not been established yet */
ExpectIntEQ(sk_SSL_CIPHER_find(sk, SSL_get_current_cipher(ssl)), -1);
sk_SSL_CIPHER_free(dupSk);
/* sk is pointer to internal struct that should be free'd in SSL_free */
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
static int test_wolfSSL_set1_curves_list(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WOLFSSL_FAILURE);
#ifdef HAVE_ECC
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "P-25X"), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "P-256"), WOLFSSL_SUCCESS);
#endif
#ifdef HAVE_CURVE25519
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X25519"), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X25519"), WOLFSSL_FAILURE);
#endif
#ifdef HAVE_CURVE448
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X448"), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(SSL_CTX_set1_curves_list(ctx, "X448"), WOLFSSL_FAILURE);
#endif
ExpectIntEQ(SSL_set1_curves_list(ssl, NULL), WOLFSSL_FAILURE);
#ifdef HAVE_ECC
ExpectIntEQ(SSL_set1_curves_list(ssl, "P-25X"), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_set1_curves_list(ssl, "P-256"), WOLFSSL_SUCCESS);
#endif
#ifdef HAVE_CURVE25519
ExpectIntEQ(SSL_set1_curves_list(ssl, "X25519"), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(SSL_set1_curves_list(ssl, "X25519"), WOLFSSL_FAILURE);
#endif
#ifdef HAVE_CURVE448
ExpectIntEQ(SSL_set1_curves_list(ssl, "X448"), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(SSL_set1_curves_list(ssl, "X448"), WOLFSSL_FAILURE);
#endif
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
(defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && defined(HAVE_ECC)
static int test_wolfSSL_curves_mismatch_ctx_ready(WOLFSSL_CTX* ctx)
{
static int counter = 0;
EXPECT_DECLS;
if (counter % 2) {
ExpectIntEQ(wolfSSL_CTX_set1_curves_list(ctx, "P-256"),
WOLFSSL_SUCCESS);
}
else {
ExpectIntEQ(wolfSSL_CTX_set1_curves_list(ctx, "P-384"),
WOLFSSL_SUCCESS);
}
/* Ciphersuites that require curves */
wolfSSL_CTX_set_cipher_list(ctx, "TLS13-AES256-GCM-SHA384:"
"TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-GCM-SHA256:"
"ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:"
"ECDHE-ECDSA-AES128-GCM-SHA256:"
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:"
"ECDHE-ECDSA-CHACHA20-POLY1305");
counter++;
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_curves_mismatch(void)
{
EXPECT_DECLS;
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
(defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && defined(HAVE_ECC)
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
size_t i;
struct {
method_provider client_meth;
method_provider server_meth;
const char* desc;
int client_last_err;
int server_last_err;
} test_params[] = {
#ifdef WOLFSSL_TLS13
{wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLS 1.3",
FATAL_ERROR, BAD_KEY_SHARE_DATA},
#endif
#ifndef WOLFSSL_NO_TLS12
{wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLS 1.2",
FATAL_ERROR, MATCH_SUITE_ERROR},
#endif
#ifndef NO_OLD_TLS
{wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLS 1.1",
FATAL_ERROR, MATCH_SUITE_ERROR},
#endif
};
for (i = 0; i < XELEM_CNT(test_params) && !EXPECT_FAIL(); i++) {
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
printf("\tTesting with %s...\n", test_params[i].desc);
func_cb_client.ctx_ready = &test_wolfSSL_curves_mismatch_ctx_ready;
func_cb_server.ctx_ready = &test_wolfSSL_curves_mismatch_ctx_ready;
func_cb_client.method = test_params[i].client_meth;
func_cb_server.method = test_params[i].server_meth;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_FAIL);
ExpectIntEQ(func_cb_client.last_err, test_params[i].client_last_err);
ExpectIntEQ(func_cb_server.last_err, test_params[i].server_last_err);
if (!EXPECT_SUCCESS())
break;
printf("\t%s passed\n", test_params[i].desc);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_set1_sigalgs_list(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, ""), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, ""), WOLFSSL_FAILURE);
#ifndef NO_RSA
#ifndef NO_SHA256
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(NULL, "RSA+SHA256"),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(NULL, "RSA+SHA256"),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA-SHA256"),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA-SHA256"),
WOLFSSL_FAILURE);
#ifdef WC_RSA_PSS
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA-PSS+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA-PSS+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "PSS+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "PSS+SHA256"),
WOLFSSL_SUCCESS);
#endif
#ifdef WOLFSSL_SHA512
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
"RSA+SHA256:RSA+SHA512"), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl,
"RSA+SHA256:RSA+SHA512"), WOLFSSL_SUCCESS);
#elif defined(WOLFSSL_SHA384)
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
"RSA+SHA256:RSA+SHA384"), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl,
"RSA+SHA256:RSA+SHA384"), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA"), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA"), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA:RSA+SHA256"),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA:RSA+SHA256"),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "RSA+SHA256+SHA256"),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "RSA+SHA256+RSA"),
WOLFSSL_FAILURE);
#endif
#endif
#ifdef HAVE_ECC
#ifndef NO_SHA256
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ECDSA+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ECDSA+SHA256"),
WOLFSSL_SUCCESS);
#ifdef WOLFSSL_SHA512
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
"ECDSA+SHA256:ECDSA+SHA512"), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl,
"ECDSA+SHA256:ECDSA+SHA512"), WOLFSSL_SUCCESS);
#elif defined(WOLFSSL_SHA384)
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
"ECDSA+SHA256:ECDSA+SHA384"), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl,
"ECDSA+SHA256:ECDSA+SHA384"), WOLFSSL_SUCCESS);
#endif
#endif
#endif
#ifdef HAVE_ED25519
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ED25519"), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ED25519"), WOLFSSL_SUCCESS);
#endif
#ifdef HAVE_ED448
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "ED448"), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "ED448"), WOLFSSL_SUCCESS);
#endif
#ifndef NO_DSA
#ifndef NO_SHA256
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "DSA+SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "DSA+SHA256"),
WOLFSSL_SUCCESS);
#endif
#if !defined(NO_SHA) && (!defined(NO_OLD_TLS) || \
defined(WOLFSSL_ALLOW_TLS_SHA1))
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx, "DSA+SHA1"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl, "DSA+SHA1"),
WOLFSSL_SUCCESS);
#endif
#endif
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
}
/* Testing wolfSSL_set_tlsext_status_type function.
* PRE: OPENSSL and HAVE_CERTIFICATE_STATUS_REQUEST defined.
*/
static int test_wolfSSL_set_tlsext_status_type(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
ExpectTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_set_tlsext_status_type(ssl,TLSEXT_STATUSTYPE_ocsp),
SSL_SUCCESS);
ExpectIntEQ(SSL_get_tlsext_status_type(ssl), TLSEXT_STATUSTYPE_ocsp);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST && !NO_RSA */
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_read_bio(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
byte buff[6000];
XFILE f = XBADFILE;
int bytes;
X509* x509 = NULL;
BIO* bio = NULL;
BUF_MEM* buf = NULL;
ExpectTrue((f = XFOPEN(cliCertFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNull(x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL));
ExpectNotNull(bio = BIO_new_mem_buf((void*)buff, bytes));
ExpectIntEQ(BIO_set_mem_eof_return(bio, -0xDEAD), 1);
ExpectNotNull(x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL));
ExpectIntEQ((int)BIO_set_fd(bio, 0, BIO_CLOSE), 1);
/* BIO should return the set EOF value */
ExpectIntEQ(BIO_read(bio, buff, sizeof(buff)), -0xDEAD);
ExpectIntEQ(BIO_set_close(bio, BIO_NOCLOSE), 1);
ExpectIntEQ(BIO_set_close(NULL, BIO_NOCLOSE), 1);
ExpectIntEQ(SSL_SUCCESS, BIO_get_mem_ptr(bio, &buf));
BIO_free(bio);
BUF_MEM_free(buf);
X509_free(x509);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA)
static long bioCallback(BIO *bio, int cmd, const char* argp, int argi,
long argl, long ret)
{
(void)bio;
(void)cmd;
(void)argp;
(void)argi;
(void)argl;
return ret;
}
#endif
static int test_wolfSSL_BIO(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
const unsigned char* p = NULL;
byte buff[20];
BIO* bio1 = NULL;
BIO* bio2 = NULL;
BIO* bio3 = NULL;
char* bufPt = NULL;
int i;
for (i = 0; i < 20; i++) {
buff[i] = i;
}
/* test BIO_free with NULL */
ExpectIntEQ(BIO_free(NULL), WOLFSSL_FAILURE);
/* Creating and testing type BIO_s_bio */
ExpectNotNull(bio1 = BIO_new(BIO_s_bio()));
ExpectNotNull(bio2 = BIO_new(BIO_s_bio()));
ExpectNotNull(bio3 = BIO_new(BIO_s_bio()));
/* read/write before set up */
ExpectIntEQ(BIO_read(bio1, buff, 2), WOLFSSL_BIO_UNSET);
ExpectIntEQ(BIO_write(bio1, buff, 2), WOLFSSL_BIO_UNSET);
ExpectIntEQ(BIO_set_nbio(bio1, 1), 1);
ExpectIntEQ(BIO_set_write_buf_size(bio1, 20), WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_set_write_buf_size(bio2, 8), WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_make_bio_pair(bio1, bio2), WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 10), 10);
ExpectNotNull(XMEMCPY(bufPt, buff, 10));
ExpectIntEQ(BIO_write(bio1, buff + 10, 10), 10);
/* write buffer full */
ExpectIntEQ(BIO_write(bio1, buff, 10), WOLFSSL_BIO_ERROR);
ExpectIntEQ(BIO_flush(bio1), WOLFSSL_SUCCESS);
ExpectIntEQ((int)BIO_ctrl_pending(bio1), 0);
/* write the other direction with pair */
ExpectIntEQ((int)BIO_nwrite(bio2, &bufPt, 10), 8);
ExpectNotNull(XMEMCPY(bufPt, buff, 8));
ExpectIntEQ(BIO_write(bio2, buff, 10), WOLFSSL_BIO_ERROR);
/* try read */
ExpectIntEQ((int)BIO_ctrl_pending(bio1), 8);
ExpectIntEQ((int)BIO_ctrl_pending(bio2), 20);
/* try read using ctrl function */
ExpectIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_WPENDING, 0, NULL), 8);
ExpectIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_PENDING, 0, NULL), 8);
ExpectIntEQ((int)BIO_ctrl(bio2, BIO_CTRL_WPENDING, 0, NULL), 20);
ExpectIntEQ((int)BIO_ctrl(bio2, BIO_CTRL_PENDING, 0, NULL), 20);
ExpectIntEQ(BIO_nread(bio2, &bufPt, (int)BIO_ctrl_pending(bio2)), 20);
for (i = 0; i < 20; i++) {
ExpectIntEQ((int)bufPt[i], i);
}
ExpectIntEQ(BIO_nread(bio2, &bufPt, 1), 0);
ExpectIntEQ(BIO_nread(bio1, &bufPt, (int)BIO_ctrl_pending(bio1)), 8);
for (i = 0; i < 8; i++) {
ExpectIntEQ((int)bufPt[i], i);
}
ExpectIntEQ(BIO_nread(bio1, &bufPt, 1), 0);
ExpectIntEQ(BIO_ctrl_reset_read_request(bio1), 1);
/* new pair */
ExpectIntEQ(BIO_make_bio_pair(bio1, bio3), WOLFSSL_FAILURE);
BIO_free(bio2); /* free bio2 and automatically remove from pair */
bio2 = NULL;
ExpectIntEQ(BIO_make_bio_pair(bio1, bio3), WOLFSSL_SUCCESS);
ExpectIntEQ((int)BIO_ctrl_pending(bio3), 0);
ExpectIntEQ(BIO_nread(bio3, &bufPt, 10), 0);
/* test wrap around... */
ExpectIntEQ(BIO_reset(bio1), 0);
ExpectIntEQ(BIO_reset(bio3), 0);
/* fill write buffer, read only small amount then write again */
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20);
ExpectNotNull(XMEMCPY(bufPt, buff, 20));
ExpectIntEQ(BIO_nread(bio3, &bufPt, 4), 4);
for (i = 0; i < 4; i++) {
ExpectIntEQ(bufPt[i], i);
}
/* try writing over read index */
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 5), 4);
ExpectNotNull(XMEMSET(bufPt, 0, 4));
ExpectIntEQ((int)BIO_ctrl_pending(bio3), 20);
/* read and write 0 bytes */
ExpectIntEQ(BIO_nread(bio3, &bufPt, 0), 0);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 0), 0);
/* should read only to end of write buffer then need to read again */
ExpectIntEQ(BIO_nread(bio3, &bufPt, 20), 16);
for (i = 0; i < 16; i++) {
ExpectIntEQ(bufPt[i], buff[4 + i]);
}
ExpectIntEQ(BIO_nread(bio3, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(BIO_nread0(bio3, &bufPt), 4);
for (i = 0; i < 4; i++) {
ExpectIntEQ(bufPt[i], 0);
}
/* read index should not have advanced with nread0 */
ExpectIntEQ(BIO_nread(bio3, &bufPt, 5), 4);
for (i = 0; i < 4; i++) {
ExpectIntEQ(bufPt[i], 0);
}
/* write and fill up buffer checking reset of index state */
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20);
ExpectNotNull(XMEMCPY(bufPt, buff, 20));
/* test reset on data in bio1 write buffer */
ExpectIntEQ(BIO_reset(bio1), 0);
ExpectIntEQ((int)BIO_ctrl_pending(bio3), 0);
ExpectIntEQ(BIO_nread(bio3, &bufPt, 3), 0);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 20), 20);
ExpectIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_INFO, 0, &p), 20);
ExpectNotNull(p);
ExpectNotNull(XMEMCPY(bufPt, buff, 20));
ExpectIntEQ(BIO_nread(bio3, &bufPt, 6), 6);
for (i = 0; i < 6; i++) {
ExpectIntEQ(bufPt[i], i);
}
/* test case of writing twice with offset read index */
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 3), 3);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), 3); /* try overwriting */
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR);
ExpectIntEQ(BIO_nread(bio3, &bufPt, 0), 0);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR);
ExpectIntEQ(BIO_nread(bio3, &bufPt, 1), 1);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), 1);
ExpectIntEQ(BIO_nwrite(bio1, &bufPt, 4), WOLFSSL_BIO_ERROR);
BIO_free(bio1);
bio1 = NULL;
BIO_free(bio3);
bio3 = NULL;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)
{
BIO* bioA = NULL;
BIO* bioB = NULL;
ExpectIntEQ(BIO_new_bio_pair(NULL, 256, NULL, 256), BAD_FUNC_ARG);
ExpectIntEQ(BIO_new_bio_pair(&bioA, 256, &bioB, 256), WOLFSSL_SUCCESS);
BIO_free(bioA);
bioA = NULL;
BIO_free(bioB);
bioB = NULL;
}
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
/* BIOs with file pointers */
#if !defined(NO_FILESYSTEM)
{
XFILE f1 = XBADFILE;
XFILE f2 = XBADFILE;
BIO* f_bio1 = NULL;
BIO* f_bio2 = NULL;
unsigned char cert[300];
char testFile[] = "tests/bio_write_test.txt";
char msg[] = "bio_write_test.txt contains the first 300 bytes of certs/server-cert.pem\ncreated by tests/unit.test\n\n";
ExpectNotNull(f_bio1 = BIO_new(BIO_s_file()));
ExpectNotNull(f_bio2 = BIO_new(BIO_s_file()));
/* Failure due to wrong BIO type */
ExpectIntEQ((int)BIO_set_mem_eof_return(f_bio1, -1), 0);
ExpectIntEQ((int)BIO_set_mem_eof_return(NULL, -1), 0);
ExpectTrue((f1 = XFOPEN(svrCertFile, "rwb")) != XBADFILE);
ExpectIntEQ((int)BIO_set_fp(f_bio1, f1, BIO_CLOSE), WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_write_filename(f_bio2, testFile),
WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_read(f_bio1, cert, sizeof(cert)), sizeof(cert));
ExpectIntEQ(BIO_tell(f_bio1),sizeof(cert));
ExpectIntEQ(BIO_write(f_bio2, msg, sizeof(msg)), sizeof(msg));
ExpectIntEQ(BIO_tell(f_bio2),sizeof(msg));
ExpectIntEQ(BIO_write(f_bio2, cert, sizeof(cert)), sizeof(cert));
ExpectIntEQ(BIO_tell(f_bio2),sizeof(cert) + sizeof(msg));
ExpectIntEQ((int)BIO_get_fp(f_bio2, &f2), WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_reset(f_bio2), 0);
ExpectIntEQ(BIO_tell(NULL),-1);
ExpectIntEQ(BIO_tell(f_bio2),0);
ExpectIntEQ(BIO_seek(f_bio2, 4), 0);
ExpectIntEQ(BIO_tell(f_bio2),4);
BIO_free(f_bio1);
f_bio1 = NULL;
BIO_free(f_bio2);
f_bio2 = NULL;
ExpectNotNull(f_bio1 = BIO_new_file(svrCertFile, "rwb"));
ExpectIntEQ((int)BIO_set_mem_eof_return(f_bio1, -1), 0);
ExpectIntEQ(BIO_read(f_bio1, cert, sizeof(cert)), sizeof(cert));
BIO_free(f_bio1);
f_bio1 = NULL;
}
#endif /* !defined(NO_FILESYSTEM) */
/* BIO info callback */
{
const char* testArg = "test";
BIO* cb_bio = NULL;
ExpectNotNull(cb_bio = BIO_new(BIO_s_mem()));
BIO_set_callback(cb_bio, bioCallback);
ExpectNotNull(BIO_get_callback(cb_bio));
BIO_set_callback(cb_bio, NULL);
ExpectNull(BIO_get_callback(cb_bio));
BIO_set_callback_arg(cb_bio, (char*)testArg);
ExpectStrEQ(BIO_get_callback_arg(cb_bio), testArg);
ExpectNull(BIO_get_callback_arg(NULL));
BIO_free(cb_bio);
cb_bio = NULL;
}
/* BIO_vfree */
ExpectNotNull(bio1 = BIO_new(BIO_s_bio()));
BIO_vfree(NULL);
BIO_vfree(bio1);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_BIO_ring_read(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
BIO* bio1 = NULL;
BIO* bio2 = NULL;
byte data[50];
byte tmp[50];
XMEMSET(data, 42, sizeof(data));
ExpectIntEQ(BIO_new_bio_pair(&bio1, sizeof(data), &bio2, sizeof(data)),
SSL_SUCCESS);
ExpectIntEQ(BIO_write(bio1, data, 40), 40);
ExpectIntEQ(BIO_read(bio1, tmp, 20), -1);
ExpectIntEQ(BIO_read(bio2, tmp, 20), 20);
ExpectBufEQ(tmp, data, 20);
ExpectIntEQ(BIO_write(bio1, data, 20), 20);
ExpectIntEQ(BIO_read(bio2, tmp, 40), 40);
ExpectBufEQ(tmp, data, 40);
BIO_free(bio1);
BIO_free(bio2);
#endif
return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_wolfSSL_a2i_IPADDRESS(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(WOLFSSL_USER_IO)
const unsigned char* data = NULL;
int dataSz = 0;
ASN1_OCTET_STRING *st = NULL;
const unsigned char ipv4_exp[] = {0x7F, 0, 0, 1};
const unsigned char ipv6_exp[] = {
0x20, 0x21, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x77, 0x77
};
const unsigned char ipv6_home[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
};
ExpectNull(st = a2i_IPADDRESS("127.0.0.1bad"));
ExpectNotNull(st = a2i_IPADDRESS("127.0.0.1"));
ExpectNotNull(data = ASN1_STRING_get0_data(st));
ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP4_ADDR_LEN);
ExpectIntEQ(XMEMCMP(data, ipv4_exp, dataSz), 0);
ASN1_STRING_free(st);
st = NULL;
ExpectNotNull(st = a2i_IPADDRESS("::1"));
ExpectNotNull(data = ASN1_STRING_get0_data(st));
ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP6_ADDR_LEN);
ExpectIntEQ(XMEMCMP(data, ipv6_home, dataSz), 0);
ASN1_STRING_free(st);
st = NULL;
ExpectNotNull(st = a2i_IPADDRESS("2021:db8::ff00:42:7777"));
ExpectNotNull(data = ASN1_STRING_get0_data(st));
ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP6_ADDR_LEN);
ExpectIntEQ(XMEMCMP(data, ipv6_exp, dataSz), 0);
ASN1_STRING_free(st);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_cmp_time(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \
&& !defined(USER_TIME) && !defined(TIME_OVERRIDES)
WOLFSSL_ASN1_TIME asn_time;
time_t t;
ExpectIntEQ(0, wolfSSL_X509_cmp_time(NULL, &t));
XMEMSET(&asn_time, 0, sizeof(WOLFSSL_ASN1_TIME));
ExpectIntEQ(0, wolfSSL_X509_cmp_time(&asn_time, &t));
ExpectIntEQ(ASN1_TIME_set_string(&asn_time, "000222211515Z"), 1);
ExpectIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL));
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_time_adj(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \
!defined(USER_TIME) && !defined(TIME_OVERRIDES) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) && \
!defined(NO_ASN_TIME)
X509* x509 = NULL;
time_t t;
time_t not_before;
time_t not_after;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(
client_cert_der_2048, sizeof_client_cert_der_2048,
WOLFSSL_FILETYPE_ASN1));
t = 0;
not_before = wc_Time(0);
not_after = wc_Time(0) + (60 * 24 * 30); /* 30 days after */
ExpectNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &t));
ExpectNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &t));
/* Check X509_gmtime_adj, too. */
ExpectNotNull(X509_gmtime_adj(X509_get_notAfter(x509), not_after));
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_bad_altname(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
const unsigned char malformed_alt_name_cert[] = {
0x30, 0x82, 0x02, 0xf9, 0x30, 0x82, 0x01, 0xe1, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x02, 0x10, 0x21, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x0f, 0x31, 0x0d,
0x30, 0x0b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x04, 0x61, 0x61, 0x31,
0x31, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x32, 0x30, 0x37, 0x31,
0x37, 0x32, 0x34, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x34, 0x30, 0x32,
0x31, 0x34, 0x30, 0x36, 0x32, 0x36, 0x35, 0x33, 0x5a, 0x30, 0x0f, 0x31,
0x0d, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x04, 0x61, 0x61,
0x61, 0x61, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01,
0x0d, 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xa8,
0x8a, 0x5e, 0x26, 0x23, 0x1b, 0x31, 0xd3, 0x37, 0x1a, 0x70, 0xb2, 0xec,
0x3f, 0x74, 0xd4, 0xb4, 0x44, 0xe3, 0x7a, 0xa5, 0xc0, 0xf5, 0xaa, 0x97,
0x26, 0x9a, 0x04, 0xff, 0xda, 0xbe, 0xe5, 0x09, 0x03, 0x98, 0x3d, 0xb5,
0xbf, 0x01, 0x2c, 0x9a, 0x0a, 0x3a, 0xfb, 0xbc, 0x3c, 0xe7, 0xbe, 0x83,
0x5c, 0xb3, 0x70, 0xe8, 0x5c, 0xe3, 0xd1, 0x83, 0xc3, 0x94, 0x08, 0xcd,
0x1a, 0x87, 0xe5, 0xe0, 0x5b, 0x9c, 0x5c, 0x6e, 0xb0, 0x7d, 0xe2, 0x58,
0x6c, 0xc3, 0xb5, 0xc8, 0x9d, 0x11, 0xf1, 0x5d, 0x96, 0x0d, 0x66, 0x1e,
0x56, 0x7f, 0x8f, 0x59, 0xa7, 0xa5, 0xe1, 0xc5, 0xe7, 0x81, 0x4c, 0x09,
0x9d, 0x5e, 0x96, 0xf0, 0x9a, 0xc2, 0x8b, 0x70, 0xd5, 0xab, 0x79, 0x58,
0x5d, 0xb7, 0x58, 0xaa, 0xfd, 0x75, 0x52, 0xaa, 0x4b, 0xa7, 0x25, 0x68,
0x76, 0x59, 0x00, 0xee, 0x78, 0x2b, 0x91, 0xc6, 0x59, 0x91, 0x99, 0x38,
0x3e, 0xa1, 0x76, 0xc3, 0xf5, 0x23, 0x6b, 0xe6, 0x07, 0xea, 0x63, 0x1c,
0x97, 0x49, 0xef, 0xa0, 0xfe, 0xfd, 0x13, 0xc9, 0xa9, 0x9f, 0xc2, 0x0b,
0xe6, 0x87, 0x92, 0x5b, 0xcc, 0xf5, 0x42, 0x95, 0x4a, 0xa4, 0x6d, 0x64,
0xba, 0x7d, 0xce, 0xcb, 0x04, 0xd0, 0xf8, 0xe7, 0xe3, 0xda, 0x75, 0x60,
0xd3, 0x8b, 0x6a, 0x64, 0xfc, 0x78, 0x56, 0x21, 0x69, 0x5a, 0xe8, 0xa7,
0x8f, 0xfb, 0x8f, 0x82, 0xe3, 0xae, 0x36, 0xa2, 0x93, 0x66, 0x92, 0xcb,
0x82, 0xa3, 0xbe, 0x84, 0x00, 0x86, 0xdc, 0x7e, 0x6d, 0x53, 0x77, 0x84,
0x17, 0xb9, 0x55, 0x43, 0x0d, 0xf1, 0x16, 0x1f, 0xd5, 0x43, 0x75, 0x99,
0x66, 0x19, 0x52, 0xd0, 0xac, 0x5f, 0x74, 0xad, 0xb2, 0x90, 0x15, 0x50,
0x04, 0x74, 0x43, 0xdf, 0x6c, 0x35, 0xd0, 0xfd, 0x32, 0x37, 0xb3, 0x8d,
0xf5, 0xe5, 0x09, 0x02, 0x01, 0x03, 0xa3, 0x61, 0x30, 0x5f, 0x30, 0x0c,
0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00,
0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x08, 0x30, 0x06, 0x82,
0x04, 0x61, 0x2a, 0x00, 0x2a, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,
0x04, 0x16, 0x04, 0x14, 0x92, 0x6a, 0x1e, 0x52, 0x3a, 0x1a, 0x57, 0x9f,
0xc9, 0x82, 0x9a, 0xce, 0xc8, 0xc0, 0xa9, 0x51, 0x9d, 0x2f, 0xc7, 0x72,
0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
0x14, 0x6b, 0xf9, 0xa4, 0x2d, 0xa5, 0xe9, 0x39, 0x89, 0xa8, 0x24, 0x58,
0x79, 0x87, 0x11, 0xfc, 0x6f, 0x07, 0x91, 0xef, 0xa6, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00,
0x03, 0x82, 0x01, 0x01, 0x00, 0x3f, 0xd5, 0x37, 0x2f, 0xc7, 0xf8, 0x8b,
0x39, 0x1c, 0xe3, 0xdf, 0x77, 0xee, 0xc6, 0x4b, 0x5f, 0x84, 0xcf, 0xfa,
0x33, 0x2c, 0xb2, 0xb5, 0x4b, 0x09, 0xee, 0x56, 0xc0, 0xf2, 0xf0, 0xeb,
0xad, 0x1c, 0x02, 0xef, 0xae, 0x09, 0x53, 0xc0, 0x06, 0xad, 0x4e, 0xfd,
0x3e, 0x8c, 0x13, 0xb3, 0xbf, 0x80, 0x05, 0x36, 0xb5, 0x3f, 0x2b, 0xc7,
0x60, 0x53, 0x14, 0xbf, 0x33, 0x63, 0x47, 0xc3, 0xc6, 0x28, 0xda, 0x10,
0x12, 0xe2, 0xc4, 0xeb, 0xc5, 0x64, 0x66, 0xc0, 0xcc, 0x6b, 0x84, 0xda,
0x0c, 0xe9, 0xf6, 0xe3, 0xf8, 0x8e, 0x3d, 0x95, 0x5f, 0xba, 0x9f, 0xe1,
0xc7, 0xed, 0x6e, 0x97, 0xcc, 0xbd, 0x7d, 0xe5, 0x4e, 0xab, 0xbc, 0x1b,
0xf1, 0x3a, 0x09, 0x33, 0x09, 0xe1, 0xcc, 0xec, 0x21, 0x16, 0x8e, 0xb1,
0x74, 0x9e, 0xc8, 0x13, 0x7c, 0xdf, 0x07, 0xaa, 0xeb, 0x70, 0xd7, 0x91,
0x5c, 0xc4, 0xef, 0x83, 0x88, 0xc3, 0xe4, 0x97, 0xfa, 0xe4, 0xdf, 0xd7,
0x0d, 0xff, 0xba, 0x78, 0x22, 0xfc, 0x3f, 0xdc, 0xd8, 0x02, 0x8d, 0x93,
0x57, 0xf9, 0x9e, 0x39, 0x3a, 0x77, 0x00, 0xd9, 0x19, 0xaa, 0x68, 0xa1,
0xe6, 0x9e, 0x13, 0xeb, 0x37, 0x16, 0xf5, 0x77, 0xa4, 0x0b, 0x40, 0x04,
0xd3, 0xa5, 0x49, 0x78, 0x35, 0xfa, 0x3b, 0xf6, 0x02, 0xab, 0x85, 0xee,
0xcb, 0x9b, 0x62, 0xda, 0x05, 0x00, 0x22, 0x2f, 0xf8, 0xbd, 0x0b, 0xe5,
0x2c, 0xb2, 0x53, 0x78, 0x0a, 0xcb, 0x69, 0xc0, 0xb6, 0x9f, 0x96, 0xff,
0x58, 0x22, 0x70, 0x9c, 0x01, 0x2e, 0x56, 0x60, 0x5d, 0x37, 0xe3, 0x40,
0x25, 0xc9, 0x90, 0xc8, 0x0f, 0x41, 0x68, 0xb4, 0xfd, 0x10, 0xe2, 0x09,
0x99, 0x08, 0x5d, 0x7b, 0xc9, 0xe3, 0x29, 0xd4, 0x5a, 0xcf, 0xc9, 0x34,
0x55, 0xa1, 0x40, 0x44, 0xd6, 0x88, 0x16, 0xbb, 0xdd
};
X509* x509 = NULL;
int certSize = (int)sizeof(malformed_alt_name_cert) / sizeof(unsigned char);
const char *name = "aaaaa";
int nameLen = (int)XSTRLEN(name);
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(
malformed_alt_name_cert, certSize, SSL_FILETYPE_ASN1));
/* malformed_alt_name_cert has a malformed alternative
* name of "a*\0*". Ensure that it does not match "aaaaa" */
ExpectIntNE(wolfSSL_X509_check_host(x509, name, nameLen,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), 1);
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_name_match(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
/* A certificate with the subject alternative name a* */
const unsigned char cert_der[] = {
0x30, 0x82, 0x03, 0xac, 0x30, 0x82, 0x02, 0x94, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x0f, 0xa5, 0x10, 0x85, 0xef, 0x58, 0x10, 0x59, 0xfc,
0x0f, 0x20, 0x1f, 0x53, 0xf5, 0x30, 0x39, 0x34, 0x49, 0x54, 0x05, 0x30,
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x05, 0x00, 0x30, 0x77, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f,
0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x0b, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20,
0x49, 0x6e, 0x63, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b,
0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e,
0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e,
0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x34, 0x30, 0x35, 0x33,
0x30, 0x32, 0x30, 0x31, 0x35, 0x35, 0x38, 0x5a, 0x17, 0x0d, 0x33, 0x34,
0x30, 0x35, 0x32, 0x38, 0x32, 0x30, 0x31, 0x35, 0x35, 0x38, 0x5a, 0x30,
0x77, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d,
0x61, 0x6e, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c,
0x0b, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x49, 0x6e, 0x63,
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45,
0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77,
0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00,
0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xf4, 0xca, 0x3d,
0xd4, 0xbc, 0x9b, 0xea, 0x74, 0xfe, 0x73, 0xf4, 0x16, 0x23, 0x0b, 0x4a,
0x09, 0x54, 0xf6, 0x7b, 0x10, 0x99, 0x11, 0x93, 0xb2, 0xdb, 0x4d, 0x7d,
0x23, 0xab, 0xf9, 0xcd, 0xf6, 0x54, 0xd4, 0xf6, 0x39, 0x57, 0xee, 0x97,
0xb2, 0xb9, 0xfc, 0x7e, 0x9c, 0xb3, 0xfb, 0x56, 0xb6, 0x84, 0xd6, 0x2d,
0x59, 0x1c, 0xed, 0xda, 0x9b, 0x19, 0xf5, 0x8a, 0xa7, 0x8a, 0x89, 0xd6,
0xa1, 0xc0, 0xe6, 0x16, 0xad, 0x04, 0xcf, 0x5a, 0x1f, 0xdf, 0x62, 0x6c,
0x68, 0x45, 0xe9, 0x55, 0x2e, 0x42, 0xa3, 0x1b, 0x3b, 0x86, 0x23, 0x22,
0xa1, 0x20, 0x48, 0xd1, 0x52, 0xc0, 0x8b, 0xab, 0xe2, 0x8a, 0x15, 0x68,
0xbd, 0x89, 0x6f, 0x9f, 0x45, 0x75, 0xb4, 0x27, 0xc1, 0x72, 0x41, 0xfd,
0x79, 0x89, 0xb0, 0x74, 0xa2, 0xe9, 0x61, 0x48, 0x4c, 0x54, 0xad, 0x6b,
0x61, 0xbf, 0x0e, 0x27, 0x58, 0xb4, 0xf6, 0x9c, 0x2c, 0x9f, 0xc2, 0x3e,
0x3b, 0xb3, 0x90, 0x41, 0xbc, 0x61, 0xcd, 0x01, 0x57, 0x90, 0x82, 0xec,
0x46, 0xba, 0x4f, 0x89, 0x8e, 0x7f, 0x49, 0x4f, 0x46, 0x69, 0x37, 0x8b,
0xa0, 0xba, 0x85, 0xe8, 0x42, 0xff, 0x9a, 0xa1, 0x53, 0x81, 0x5c, 0xf3,
0x8e, 0x85, 0x1c, 0xd4, 0x90, 0x60, 0xa0, 0x37, 0x59, 0x04, 0x65, 0xa6,
0xb5, 0x12, 0x00, 0xc3, 0x04, 0x51, 0xa7, 0x83, 0x96, 0x62, 0x3d, 0x49,
0x97, 0xe8, 0x6b, 0x9a, 0x5d, 0x51, 0x24, 0xee, 0xad, 0x45, 0x18, 0x0f,
0x3f, 0x97, 0xec, 0xdf, 0xcf, 0x42, 0x8a, 0x96, 0xc7, 0xd8, 0x82, 0x87,
0x7f, 0x57, 0x70, 0x22, 0xfb, 0x29, 0x3e, 0x3c, 0xa3, 0xc1, 0xd5, 0x71,
0xb3, 0x84, 0x06, 0x53, 0xa3, 0x86, 0x20, 0x35, 0xe3, 0x41, 0xb9, 0xd8,
0x00, 0x22, 0x4f, 0x6d, 0xe6, 0xfd, 0xf0, 0xf4, 0xa2, 0x39, 0x0a, 0x1a,
0x23, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x30, 0x30, 0x2e, 0x30, 0x0d,
0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x06, 0x30, 0x04, 0x82, 0x02, 0x61,
0x2a, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
0x45, 0x05, 0xf3, 0x4d, 0x3e, 0x7e, 0x9c, 0xf5, 0x08, 0xee, 0x2c, 0x13,
0x32, 0xe3, 0xf2, 0x14, 0xe8, 0x0e, 0x71, 0x21, 0x30, 0x0d, 0x06, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03,
0x82, 0x01, 0x01, 0x00, 0xa8, 0x28, 0xe5, 0x22, 0x65, 0xcf, 0x47, 0xfe,
0x82, 0x17, 0x99, 0x20, 0xdb, 0xb1, 0x57, 0xd4, 0x91, 0x1a, 0x83, 0xde,
0xc1, 0xaf, 0xc4, 0x1f, 0xfb, 0xa4, 0x6a, 0xad, 0xdc, 0x58, 0x72, 0xd9,
0x9b, 0xab, 0xa5, 0xbb, 0xf4, 0x98, 0xd4, 0xdf, 0x36, 0xcb, 0xb5, 0x78,
0xce, 0x4b, 0x25, 0x5b, 0x24, 0x92, 0xfe, 0xe8, 0xd4, 0xe4, 0xbd, 0x6f,
0x71, 0x1a, 0x81, 0x2a, 0x6f, 0x35, 0x93, 0xf7, 0xcc, 0xed, 0xe5, 0x06,
0xd2, 0x96, 0x41, 0xb5, 0xa9, 0x8a, 0xc0, 0xc9, 0x17, 0xe3, 0x13, 0x5e,
0x94, 0x5e, 0xfa, 0xfc, 0xf0, 0x00, 0x2e, 0xe1, 0xd8, 0x1b, 0x23, 0x3f,
0x7c, 0x4d, 0x9f, 0xfb, 0xb7, 0x95, 0xc1, 0x94, 0x7f, 0x7f, 0xb5, 0x4f,
0x93, 0x6d, 0xc3, 0x2b, 0xb2, 0x28, 0x36, 0xd2, 0x7c, 0x01, 0x3c, 0xae,
0x35, 0xdb, 0xc8, 0x95, 0x1b, 0x5f, 0x6c, 0x0f, 0x57, 0xb3, 0xcc, 0x97,
0x98, 0x80, 0x06, 0xaa, 0xe4, 0x93, 0x1f, 0xb7, 0xa0, 0x54, 0xf1, 0x4f,
0x6f, 0x11, 0xdf, 0xab, 0xd3, 0xbf, 0xf0, 0x3a, 0x81, 0x60, 0xaf, 0x7a,
0xf7, 0x09, 0xd5, 0xae, 0x0c, 0x7d, 0xae, 0x8d, 0x47, 0x06, 0xbe, 0x11,
0x6e, 0xf8, 0x7e, 0x49, 0xf8, 0xac, 0x24, 0x0a, 0x4b, 0xc2, 0xf6, 0xe8,
0x2c, 0xec, 0x35, 0xef, 0xa9, 0x13, 0xb8, 0xd2, 0x9c, 0x92, 0x61, 0x91,
0xec, 0x7b, 0x0c, 0xea, 0x9a, 0x71, 0x36, 0x15, 0x34, 0x2b, 0x7a, 0x25,
0xac, 0xfe, 0xc7, 0x26, 0x89, 0x70, 0x3e, 0x64, 0x68, 0x97, 0x4b, 0xaa,
0xc1, 0x24, 0x14, 0xbd, 0x45, 0x2f, 0xe0, 0xfe, 0xf4, 0x2b, 0x8e, 0x08,
0x3e, 0xe4, 0xb5, 0x3d, 0x5d, 0xf4, 0xc3, 0xd6, 0x9c, 0xb5, 0x33, 0x1b,
0x3b, 0xda, 0x6e, 0x99, 0x7b, 0x09, 0xd1, 0x30, 0x97, 0x23, 0x52, 0x6d,
0x1b, 0x71, 0x3a, 0xf4, 0x54, 0xf0, 0xe5, 0x9e
};
WOLFSSL_X509* x509 = NULL;
int certSize = (int)(sizeof(cert_der) / sizeof(unsigned char));
const char *name1 = "aaaaa";
int nameLen1 = (int)(XSTRLEN(name1));
const char *name2 = "a";
int nameLen2 = (int)(XSTRLEN(name2));
const char *name3 = "abbbb";
int nameLen3 = (int)(XSTRLEN(name3));
const char *name4 = "bbb";
int nameLen4 = (int)(XSTRLEN(name4));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(
cert_der, certSize, WOLFSSL_FILETYPE_ASN1));
/* Ensure that "a*" matches "aaaaa" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name1, nameLen1,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*" matches "a" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name2, nameLen2,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*" matches "abbbb" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name3, nameLen3,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*" does not match "bbb" */
ExpectIntNE(wolfSSL_X509_check_host(x509, name4, nameLen4,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), 1);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_name_match2(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
/* A certificate with the subject alternative name a*b* */
const unsigned char cert_der[] = {
0x30, 0x82, 0x03, 0xae, 0x30, 0x82, 0x02, 0x96, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x41, 0x8c, 0x8b, 0xaa, 0x0e, 0xd8, 0x5a, 0xc0, 0x52,
0x46, 0x0e, 0xe5, 0xd8, 0xb9, 0x48, 0x93, 0x7e, 0x8a, 0x7c, 0x65, 0x30,
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x05, 0x00, 0x30, 0x77, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f,
0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x0b, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20,
0x49, 0x6e, 0x63, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b,
0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e,
0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e,
0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x34, 0x30, 0x35, 0x33,
0x30, 0x32, 0x30, 0x34, 0x33, 0x34, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x34,
0x30, 0x35, 0x32, 0x38, 0x32, 0x30, 0x34, 0x33, 0x34, 0x30, 0x5a, 0x30,
0x77, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d,
0x61, 0x6e, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c,
0x0b, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x49, 0x6e, 0x63,
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45,
0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77,
0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00,
0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xa5, 0x60, 0x80,
0xf3, 0xee, 0x19, 0xd2, 0xe4, 0x15, 0x94, 0x54, 0x12, 0x88, 0xee, 0xda,
0x11, 0x11, 0x87, 0x99, 0x88, 0xb3, 0x71, 0xc7, 0x97, 0x78, 0x1b, 0x57,
0x37, 0x1d, 0x0b, 0x1f, 0x2f, 0x2c, 0x35, 0x13, 0x75, 0xd3, 0x31, 0x3e,
0x6f, 0x80, 0x21, 0xa5, 0xa3, 0xad, 0x10, 0x81, 0xb6, 0x37, 0xd4, 0x55,
0x2e, 0xc1, 0xb8, 0x37, 0xa3, 0x3c, 0xe8, 0x81, 0x03, 0x3c, 0xda, 0x5f,
0x6f, 0x45, 0x32, 0x2b, 0x0e, 0x99, 0x27, 0xfd, 0xe5, 0x6c, 0x07, 0xd9,
0x4e, 0x0a, 0x8b, 0x23, 0x74, 0x96, 0x25, 0x97, 0xae, 0x6d, 0x19, 0xba,
0xbf, 0x0f, 0xc8, 0xa1, 0xe5, 0xea, 0xa8, 0x00, 0x09, 0xc3, 0x9a, 0xef,
0x09, 0x33, 0xc1, 0x33, 0x2e, 0x7b, 0x6d, 0xa7, 0x66, 0x87, 0xb6, 0x3a,
0xb9, 0xdb, 0x4c, 0x5e, 0xb5, 0x55, 0x69, 0x37, 0x17, 0x92, 0x1f, 0xe3,
0x53, 0x1a, 0x2d, 0x25, 0xd0, 0xcf, 0x72, 0x37, 0xc2, 0x89, 0x83, 0x78,
0xcf, 0xac, 0x2e, 0x46, 0x92, 0x5c, 0x4a, 0xba, 0x7d, 0xa0, 0x22, 0x34,
0xb1, 0x22, 0x26, 0x99, 0xda, 0xe8, 0x97, 0xe2, 0x0c, 0xd3, 0xbc, 0x97,
0x7e, 0xa8, 0xb9, 0xe3, 0xe2, 0x7f, 0x56, 0xef, 0x22, 0xee, 0x15, 0x95,
0xa6, 0xd1, 0xf4, 0xa7, 0xac, 0x4a, 0xab, 0xc1, 0x1a, 0xda, 0xc5, 0x5f,
0xa5, 0x5e, 0x2f, 0x15, 0x9c, 0x36, 0xbe, 0xd3, 0x47, 0xb6, 0x86, 0xb9,
0xc6, 0x59, 0x39, 0x36, 0xad, 0x84, 0x53, 0x95, 0x72, 0x91, 0x89, 0x51,
0x32, 0x77, 0xf1, 0xa5, 0x93, 0xfe, 0xf0, 0x41, 0x7c, 0x64, 0xf1, 0xb0,
0x8b, 0x81, 0x8d, 0x3a, 0x2c, 0x9e, 0xbe, 0x2e, 0x8b, 0xf7, 0x80, 0x63,
0x35, 0x32, 0xfa, 0x26, 0xe0, 0x63, 0xbf, 0x5e, 0xaf, 0xf0, 0x08, 0xe0,
0x80, 0x65, 0x38, 0xfa, 0x21, 0xaa, 0x91, 0x34, 0x48, 0x3d, 0x32, 0x5c,
0xbf, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x32, 0x30, 0x30, 0x30, 0x0f,
0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x08, 0x30, 0x06, 0x82, 0x04, 0x61,
0x2a, 0x62, 0x2a, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
0x04, 0x14, 0x3d, 0x55, 0x74, 0xf8, 0x3a, 0x26, 0x03, 0x8c, 0x6a, 0x2e,
0x91, 0x0e, 0x18, 0x70, 0xb4, 0xa4, 0xcc, 0x04, 0x00, 0xd3, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x8f, 0x3b, 0xff, 0x46, 0x0c, 0xb5,
0x21, 0xdc, 0xcf, 0x61, 0x9a, 0x25, 0x93, 0x99, 0x68, 0x2f, 0x16, 0x71,
0x15, 0x00, 0x5f, 0xb0, 0x9b, 0x43, 0x5c, 0x47, 0xe2, 0x8e, 0xc8, 0xea,
0xb3, 0x30, 0x4d, 0x87, 0x90, 0xcf, 0x24, 0x37, 0x5c, 0xfd, 0xc8, 0xc6,
0x09, 0x36, 0xb2, 0xfb, 0xfd, 0xc1, 0x82, 0x92, 0x77, 0x5b, 0x9d, 0xeb,
0xac, 0x47, 0xbc, 0xda, 0x7c, 0x89, 0x19, 0x03, 0x9e, 0xcd, 0x96, 0x2a,
0x90, 0x55, 0x23, 0x19, 0xac, 0x9d, 0x49, 0xfb, 0xa0, 0x31, 0x7d, 0x6b,
0x1a, 0x16, 0x13, 0xb1, 0xa9, 0xc9, 0xc4, 0xaf, 0xf1, 0xb4, 0xa7, 0x9b,
0x08, 0x64, 0x6a, 0x09, 0xcd, 0x4a, 0x03, 0x4c, 0x93, 0xb6, 0xcf, 0x29,
0xdb, 0x56, 0x88, 0x8e, 0xed, 0x08, 0x6d, 0x8d, 0x76, 0xa3, 0xd7, 0xc6,
0x69, 0xa1, 0xf5, 0xd2, 0xd0, 0x0a, 0x4b, 0xfa, 0x88, 0x66, 0x6c, 0xe5,
0x4a, 0xee, 0x13, 0xad, 0xad, 0x22, 0x25, 0x73, 0x39, 0x56, 0x74, 0x0e,
0xda, 0xcd, 0x35, 0x67, 0xe3, 0x81, 0x5c, 0xc5, 0xae, 0x3c, 0x4f, 0x47,
0x3e, 0x97, 0xde, 0xac, 0xf6, 0xe1, 0x26, 0xe2, 0xe0, 0x66, 0x48, 0x20,
0x7c, 0x02, 0x81, 0x3e, 0x7d, 0x34, 0xb7, 0x73, 0x3e, 0x2e, 0xd6, 0x20,
0x1c, 0xdf, 0xf1, 0xae, 0x86, 0x8b, 0xb2, 0xc2, 0x9b, 0x68, 0x9c, 0xf6,
0x1a, 0x5e, 0x30, 0x06, 0x39, 0x0a, 0x1f, 0x7b, 0xd7, 0x18, 0x4b, 0x06,
0x9d, 0xff, 0x84, 0x57, 0xcc, 0x92, 0xad, 0x81, 0x0a, 0x19, 0x11, 0xc4,
0xac, 0x59, 0x00, 0xe8, 0x5a, 0x70, 0x78, 0xd6, 0x9f, 0xe0, 0x82, 0x2a,
0x1f, 0x09, 0x36, 0x1c, 0x52, 0x98, 0xf7, 0x95, 0x8f, 0xf9, 0x48, 0x4f,
0x30, 0x52, 0xb5, 0xf3, 0x8d, 0x13, 0x93, 0x27, 0xbe, 0xb4, 0x75, 0x39,
0x65, 0xc6, 0x48, 0x4e, 0x32, 0xd7, 0xf4, 0xc3, 0x26, 0x8d
};
WOLFSSL_X509* x509 = NULL;
int certSize = (int)(sizeof(cert_der) / sizeof(unsigned char));
const char *name1 = "ab";
int nameLen1 = (int)(XSTRLEN(name1));
const char *name2 = "acccbccc";
int nameLen2 = (int)(XSTRLEN(name2));
const char *name3 = "accb";
int nameLen3 = (int)(XSTRLEN(name3));
const char *name4 = "accda";
int nameLen4 = (int)(XSTRLEN(name4));
const char *name5 = "acc\0bcc";
int nameLen5 = 7;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(
cert_der, certSize, WOLFSSL_FILETYPE_ASN1));
/* Ensure that "a*b*" matches "ab" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name1, nameLen1,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*b*" matches "acccbccc" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name2, nameLen2,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*b*" matches "accb" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name3, nameLen3,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*b*" does not match "accda" */
ExpectIntNE(wolfSSL_X509_check_host(x509, name4, nameLen4,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "a*b*" matches "ab", testing openssl behavior replication
* on check len input handling, 0 for len is OK as it should then use
* strlen(name1) */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name1, 0,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Openssl also allows for len to include NULL terminator */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name1, nameLen1 + 1,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that check string with NULL terminator in middle is
* rejected */
ExpectIntNE(wolfSSL_X509_check_host(x509, name5, nameLen5,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_name_match3(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
/* A certificate with the subject alternative name *.example.com */
const unsigned char cert_der[] = {
0x30, 0x82, 0x03, 0xb7, 0x30, 0x82, 0x02, 0x9f, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x59, 0xbb, 0xf6, 0xde, 0xb8, 0x3d, 0x0e, 0x8c, 0xe4,
0xbd, 0x98, 0xa3, 0xbe, 0x3e, 0x8f, 0xdc, 0xbd, 0x7f, 0xcc, 0xae, 0x30,
0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
0x05, 0x00, 0x30, 0x77, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f,
0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x0b, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20,
0x49, 0x6e, 0x63, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b,
0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e,
0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e,
0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x34, 0x30, 0x35, 0x33,
0x31, 0x30, 0x30, 0x33, 0x37, 0x34, 0x39, 0x5a, 0x17, 0x0d, 0x33, 0x34,
0x30, 0x35, 0x32, 0x39, 0x30, 0x30, 0x33, 0x37, 0x34, 0x39, 0x5a, 0x30,
0x77, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d,
0x61, 0x6e, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c,
0x0b, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x49, 0x6e, 0x63,
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45,
0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77,
0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00,
0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xda, 0x78, 0x16,
0x05, 0x65, 0xf2, 0x85, 0xf2, 0x61, 0x7f, 0xb1, 0x4d, 0x73, 0xe2, 0x82,
0xb5, 0x3d, 0xf7, 0x9d, 0x05, 0x65, 0xed, 0x9d, 0xc3, 0x29, 0x7a, 0x92,
0x2c, 0x06, 0x5f, 0xc8, 0x13, 0x55, 0x42, 0x4e, 0xbd, 0xe2, 0x56, 0x2a,
0x4b, 0xac, 0xe6, 0x1b, 0x10, 0xc9, 0xdb, 0x9a, 0x45, 0x36, 0xed, 0xf3,
0x26, 0x8c, 0x22, 0x88, 0x1e, 0x6d, 0x2b, 0x41, 0xfa, 0x0d, 0x43, 0x88,
0x88, 0xde, 0x8d, 0x2e, 0xca, 0x6e, 0x7c, 0x62, 0x66, 0x3e, 0xfa, 0x4e,
0x71, 0xea, 0x7d, 0x3b, 0x32, 0x33, 0x5c, 0x7a, 0x7e, 0xea, 0x74, 0xbd,
0xb6, 0x8f, 0x4c, 0x1c, 0x7a, 0x79, 0x94, 0xf1, 0xe8, 0x02, 0x67, 0x98,
0x25, 0xb4, 0x31, 0x80, 0xc1, 0xae, 0xbf, 0xef, 0xf2, 0x6c, 0x78, 0x42,
0xef, 0xb5, 0xc6, 0x01, 0x47, 0x79, 0x8d, 0x92, 0xce, 0xc1, 0xb5, 0x98,
0x76, 0xf0, 0x84, 0xa2, 0x53, 0x90, 0xe5, 0x39, 0xc7, 0xbd, 0xf2, 0xbb,
0xe3, 0x3f, 0x00, 0xf6, 0xf0, 0x46, 0x86, 0xee, 0x55, 0xbd, 0x2c, 0x1f,
0x97, 0x24, 0x7c, 0xbc, 0xda, 0x2f, 0x1b, 0x53, 0xef, 0x26, 0x56, 0xcc,
0xb7, 0xd8, 0xca, 0x17, 0x20, 0x4e, 0x62, 0x03, 0x66, 0x32, 0xb3, 0xd1,
0x71, 0x26, 0x6c, 0xff, 0xd1, 0x9e, 0x44, 0x86, 0x2a, 0xae, 0xba, 0x43,
0x00, 0x13, 0x7e, 0x50, 0xdd, 0x3e, 0x27, 0x39, 0x70, 0x1c, 0x0c, 0x0b,
0xe8, 0xa2, 0xae, 0x03, 0x09, 0x2e, 0xd8, 0x71, 0xee, 0x7b, 0x1a, 0x09,
0x2d, 0xe1, 0xd5, 0xde, 0xf5, 0xa3, 0x36, 0x77, 0x90, 0x97, 0x99, 0xd7,
0x6c, 0xb7, 0x5c, 0x9d, 0xf7, 0x7e, 0x41, 0x89, 0xfe, 0xe4, 0x08, 0xc6,
0x0b, 0xe4, 0x9b, 0x5f, 0x51, 0xa6, 0x08, 0xb8, 0x99, 0x81, 0xe9, 0xce,
0xb4, 0x2d, 0xb2, 0x92, 0x9f, 0xe5, 0x1a, 0x98, 0x76, 0x20, 0x70, 0x54,
0x93, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x18,
0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x11, 0x30, 0x0f, 0x82, 0x0d, 0x2a,
0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x60,
0xd4, 0x26, 0xbb, 0xcc, 0x7c, 0x29, 0xa2, 0x88, 0x3c, 0x76, 0x7d, 0xb4,
0x86, 0x8b, 0x47, 0x64, 0x5b, 0x87, 0xe0, 0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82,
0x01, 0x01, 0x00, 0xc3, 0x0d, 0x03, 0x67, 0xbb, 0x47, 0x8b, 0xf3, 0x20,
0xdc, 0x7d, 0x2e, 0xe1, 0xd9, 0xf0, 0x01, 0xc4, 0x66, 0xc2, 0xe1, 0xcd,
0xc3, 0x4a, 0x72, 0xf0, 0x6e, 0x38, 0xcf, 0x63, 0x01, 0x96, 0x9e, 0x84,
0xb9, 0xce, 0x1d, 0xba, 0x4b, 0xe0, 0x70, 0x86, 0x2b, 0x5a, 0xab, 0xec,
0xbf, 0xc2, 0xaa, 0x64, 0xa2, 0x6c, 0xd2, 0x42, 0x52, 0xd4, 0xbe, 0x8a,
0xca, 0x9c, 0x03, 0xf3, 0xd6, 0x5f, 0xcd, 0x23, 0x9f, 0xf5, 0xa9, 0x04,
0x40, 0x5b, 0x66, 0x78, 0xc0, 0xac, 0xa1, 0xdb, 0x5d, 0xd1, 0x94, 0xfc,
0x47, 0x94, 0xf5, 0x45, 0xe3, 0x70, 0x13, 0x3f, 0x66, 0x6d, 0xdd, 0x73,
0x68, 0x68, 0xe2, 0xd2, 0x89, 0xcb, 0x7f, 0xc6, 0xca, 0xd6, 0x96, 0x0b,
0xcc, 0xdd, 0xa1, 0x74, 0xda, 0x33, 0xe8, 0x9e, 0xda, 0xb7, 0xd9, 0x12,
0xab, 0x85, 0x9d, 0x0c, 0xde, 0xa0, 0x7d, 0x7e, 0xa1, 0x91, 0xed, 0xe5,
0x32, 0x7c, 0xc5, 0xea, 0x1d, 0x4a, 0xb5, 0x38, 0x63, 0x17, 0xf3, 0x4f,
0x2c, 0x4a, 0x58, 0x86, 0x09, 0x33, 0x86, 0xc4, 0xe7, 0x56, 0x6f, 0x32,
0x71, 0xb7, 0xd0, 0x83, 0x12, 0x9e, 0x26, 0x0a, 0x3a, 0x45, 0xcb, 0xd7,
0x4e, 0xab, 0xa4, 0xc3, 0xee, 0x4c, 0xc0, 0x38, 0xa1, 0xfa, 0xba, 0xfa,
0xb7, 0x80, 0x69, 0x67, 0xa3, 0xef, 0x89, 0xba, 0xce, 0x89, 0x91, 0x3d,
0x6a, 0x76, 0xe9, 0x3b, 0x32, 0x86, 0x76, 0x85, 0x6b, 0x4f, 0x7f, 0xbc,
0x7a, 0x5b, 0x31, 0x92, 0x79, 0x35, 0xf8, 0xb9, 0xb1, 0xd7, 0xdb, 0xa9,
0x6a, 0x8a, 0x91, 0x60, 0x65, 0xd4, 0x76, 0x54, 0x55, 0x57, 0xb9, 0x35,
0xe0, 0xf5, 0xbb, 0x8f, 0xd4, 0x40, 0x75, 0xbb, 0x47, 0xa8, 0xf9, 0x0f,
0xea, 0xc9, 0x6e, 0x84, 0xd5, 0xf5, 0x58, 0x2d, 0xe5, 0x76, 0x7b, 0xdf,
0x97, 0x05, 0x5e, 0xaf, 0x50, 0xf5, 0x48
};
WOLFSSL_X509* x509 = NULL;
int certSize = (int)(sizeof(cert_der) / sizeof(unsigned char));
const char *name1 = "foo.example.com";
int nameLen1 = (int)(XSTRLEN(name1));
const char *name2 = "x.y.example.com";
int nameLen2 = (int)(XSTRLEN(name2));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_buffer(
cert_der, certSize, WOLFSSL_FILETYPE_ASN1));
/* Ensure that "*.example.com" matches "foo.example.com" */
ExpectIntEQ(wolfSSL_X509_check_host(x509, name1, nameLen1,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
/* Ensure that "*.example.com" does NOT match "x.y.example.com" */
ExpectIntNE(wolfSSL_X509_check_host(x509, name2, nameLen2,
WOLFSSL_ALWAYS_CHECK_SUBJECT, NULL), WOLFSSL_SUCCESS);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_max_altnames(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
/* Only test if max alt names has not been modified */
#if WOLFSSL_MAX_ALT_NAMES <= 1024
WOLFSSL_CTX* ctx = NULL;
/* File contains a certificate encoded with 130 subject alternative names */
const char* over_max_altnames_cert = \
"./certs/test/cert-over-max-altnames.pem";
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx,
over_max_altnames_cert, NULL, WOLFSSL_LOAD_FLAG_NONE),
WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_max_name_constraints(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(IGNORE_NAME_CONSTRAINTS)
/* Only test if max name constraints has not been modified */
#if WOLFSSL_MAX_NAME_CONSTRAINTS == 128
WOLFSSL_CTX* ctx = NULL;
/* File contains a certificate with 130 name constraints */
const char* over_max_nc = "./certs/test/cert-over-max-nc.pem";
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectIntNE(wolfSSL_CTX_load_verify_locations_ex(ctx, over_max_nc,
NULL, WOLFSSL_LOAD_FLAG_NONE), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
X509* x509 = NULL;
#ifndef NO_BIO
BIO* bio = NULL;
X509_STORE_CTX* ctx = NULL;
X509_STORE* store = NULL;
#endif
char der[] = "certs/ca-cert.der";
XFILE fp = XBADFILE;
ExpectNotNull(x509 = X509_new());
X509_free(x509);
x509 = NULL;
#ifndef NO_BIO
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
#ifdef WOLFSSL_CERT_GEN
ExpectIntEQ(i2d_X509_bio(bio, x509), SSL_SUCCESS);
#endif
ExpectNotNull(ctx = X509_STORE_CTX_new());
ExpectIntEQ(X509_verify_cert(ctx), SSL_FATAL_ERROR);
ExpectNotNull(store = X509_STORE_new());
ExpectIntEQ(X509_STORE_add_cert(store, x509), SSL_SUCCESS);
ExpectIntEQ(X509_STORE_CTX_init(ctx, store, x509, NULL), SSL_SUCCESS);
ExpectIntEQ(X509_verify_cert(ctx), SSL_SUCCESS);
X509_STORE_CTX_free(ctx);
X509_STORE_free(store);
X509_free(x509);
x509 = NULL;
BIO_free(bio);
#endif
/** d2i_X509_fp test **/
ExpectTrue((fp = XFOPEN(der, "rb")) != XBADFILE);
ExpectNotNull(x509 = (X509 *)d2i_X509_fp(fp, (X509 **)NULL));
ExpectNotNull(x509);
X509_free(x509);
x509 = NULL;
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN(der, "rb")) != XBADFILE);
ExpectNotNull((X509 *)d2i_X509_fp(fp, (X509 **)&x509));
ExpectNotNull(x509);
X509_free(x509);
if (fp != XBADFILE)
XFCLOSE(fp);
/* X509_up_ref test */
ExpectIntEQ(X509_up_ref(NULL), 0);
ExpectNotNull(x509 = X509_new()); /* refCount = 1 */
ExpectIntEQ(X509_up_ref(x509), 1); /* refCount = 2 */
ExpectIntEQ(X509_up_ref(x509), 1); /* refCount = 3 */
X509_free(x509); /* refCount = 2 */
X509_free(x509); /* refCount = 1 */
X509_free(x509); /* refCount = 0, free */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext_count(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
int ret = 0;
WOLFSSL_X509* x509 = NULL;
const char ocspRootCaFile[] = "./certs/ocsp/root-ca-cert.pem";
XFILE f = XBADFILE;
/* NULL parameter check */
ExpectIntEQ(X509_get_ext_count(NULL), WOLFSSL_FAILURE);
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(X509_get_ext_count(x509), 5);
wolfSSL_X509_free(x509);
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(ocspRootCaFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(X509_get_ext_count(x509), 5);
wolfSSL_X509_free(x509);
ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
/* wolfSSL_X509_get_ext_count() valid input */
ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
/* wolfSSL_X509_get_ext_count() NULL argument */
ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_sign2(void)
{
EXPECT_DECLS;
/* test requires WOLFSSL_AKID_NAME to match expected output */
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_AKID_NAME) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_IP_ALT_NAME))
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
const unsigned char *der = NULL;
const unsigned char *pt = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME *name = NULL;
int derSz;
#ifndef NO_ASN_TIME
WOLFSSL_ASN1_TIME *notBefore = NULL;
WOLFSSL_ASN1_TIME *notAfter = NULL;
const int year = 365*24*60*60;
const int day = 24*60*60;
const int hour = 60*60;
const int mini = 60;
time_t t;
#endif
const unsigned char expected[] = {
0x30, 0x82, 0x05, 0x13, 0x30, 0x82, 0x03, 0xFB, 0xA0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55, 0x8A,
0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30,
0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42,
0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03,
0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74,
0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A,
0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77,
0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17,
0x0D, 0x30, 0x30, 0x30, 0x32, 0x31, 0x35, 0x32, 0x30, 0x33, 0x30, 0x30,
0x30, 0x5A, 0x17, 0x0D, 0x30, 0x31, 0x30, 0x32, 0x31, 0x34, 0x32, 0x30,
0x33, 0x30, 0x30, 0x30, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30,
0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74,
0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07,
0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30,
0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66,
0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17,
0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72,
0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, 0x31,
0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82,
0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82,
0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE,
0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74,
0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, 0xB2, 0x07,
0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81,
0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36,
0x2C, 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC,
0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F,
0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, 0xC5,
0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56,
0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF,
0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3,
0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97,
0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, 0x43, 0x14,
0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40,
0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65,
0x24, 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B,
0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B,
0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, 0xD9,
0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1,
0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72,
0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7,
0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02,
0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82, 0x01, 0x4B,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30,
0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63,
0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03,
0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7,
0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7,
0x85, 0x65, 0xC0, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04,
0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7,
0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7,
0x85, 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E,
0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06,
0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61,
0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C,
0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38,
0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50,
0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32,
0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E,
0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x82, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55,
0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8,
0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82,
0x01, 0x01, 0x00, 0x14, 0xFB, 0xD0, 0xCE, 0x31, 0x7F, 0xA5, 0x59, 0xFA,
0x7C, 0x68, 0x26, 0xA7, 0xE8, 0x0D, 0x9F, 0x50, 0x57, 0xFA, 0x1C, 0x7C,
0x5E, 0x43, 0xA4, 0x97, 0x47, 0xB6, 0x41, 0xAC, 0x63, 0xD3, 0x61, 0x8C,
0x1F, 0x42, 0xEF, 0x53, 0xD0, 0xBA, 0x31, 0x4D, 0x99, 0x74, 0xA4, 0x60,
0xDC, 0xC6, 0x6F, 0xCC, 0x1E, 0x25, 0x98, 0xE1, 0xA4, 0xA0, 0x67, 0x69,
0x97, 0xE3, 0x97, 0x7C, 0x83, 0x28, 0xF1, 0xF4, 0x7D, 0x03, 0xA8, 0x31,
0x77, 0xCC, 0xD1, 0x37, 0xEF, 0x7B, 0x4A, 0x71, 0x2D, 0x11, 0x7E, 0x92,
0xF5, 0x67, 0xB7, 0x56, 0xBA, 0x28, 0xF8, 0xD6, 0xCE, 0x2A, 0x71, 0xE3,
0x70, 0x6B, 0x09, 0x0F, 0x67, 0x6F, 0x7A, 0xE0, 0x89, 0xF6, 0x5E, 0x23,
0x0C, 0x0A, 0x44, 0x4E, 0x65, 0x8E, 0x7B, 0x68, 0xD0, 0xAD, 0x76, 0x3E,
0x2A, 0x0E, 0xA2, 0x05, 0x11, 0x74, 0x24, 0x08, 0x60, 0xED, 0x9F, 0x98,
0x18, 0xE9, 0x91, 0x58, 0x36, 0xEC, 0xEC, 0x25, 0x6B, 0xBA, 0x9C, 0x87,
0x38, 0x68, 0xDC, 0xDC, 0x15, 0x6F, 0x20, 0x68, 0xC4, 0xBF, 0x05, 0x5B,
0x4A, 0x0C, 0x44, 0x2B, 0x92, 0x3F, 0x10, 0x99, 0xDC, 0xF6, 0x6C, 0x0E,
0x34, 0x26, 0x6E, 0x6D, 0x4E, 0x12, 0xBC, 0x60, 0x8F, 0x27, 0x1D, 0x7A,
0x00, 0x50, 0xBE, 0x23, 0xDE, 0x48, 0x47, 0x9F, 0xAD, 0x2F, 0x94, 0x3D,
0x16, 0x73, 0x48, 0x6B, 0xC8, 0x97, 0xE6, 0xB4, 0xB3, 0x4B, 0xE1, 0x68,
0x08, 0xC3, 0xE5, 0x34, 0x5F, 0x9B, 0xDA, 0xAB, 0xCA, 0x6D, 0x55, 0x32,
0xEF, 0x6C, 0xEF, 0x9B, 0x8B, 0x5B, 0xC7, 0xF0, 0xC2, 0x0F, 0x8E, 0x93,
0x09, 0x60, 0x3C, 0x0B, 0xDC, 0xBD, 0xDB, 0x4A, 0x2D, 0xD0, 0x98, 0xAA,
0xAB, 0x6C, 0x6F, 0x6D, 0x6B, 0x6A, 0x5C, 0x33, 0xAC, 0xAD, 0xA8, 0x1B,
0x38, 0x5D, 0x9F, 0xDA, 0xE7, 0x70, 0x07
};
pt = ca_key_der_2048;
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &pt,
sizeof_ca_key_der_2048));
pt = client_cert_der_2048;
ExpectNotNull(x509 = wolfSSL_d2i_X509(NULL, &pt,
sizeof_client_cert_der_2048));
pt = ca_cert_der_2048;
ExpectNotNull(ca = wolfSSL_d2i_X509(NULL, &pt, sizeof_ca_cert_der_2048));
ExpectNotNull(name = wolfSSL_X509_get_subject_name(ca));
ExpectIntEQ(wolfSSL_X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
#ifndef NO_ASN_TIME
t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 7 * day;
ExpectNotNull(notBefore = wolfSSL_ASN1_TIME_adj(NULL, t, 0, 0));
ExpectNotNull(notAfter = wolfSSL_ASN1_TIME_adj(NULL, t, 365, 0));
ExpectIntEQ(notAfter->length, 13);
ExpectTrue(wolfSSL_X509_set_notBefore(x509, notBefore));
ExpectTrue(wolfSSL_X509_set_notAfter(x509, notAfter));
#endif
ExpectIntGT(wolfSSL_X509_sign(x509, priv, EVP_sha256()), 0);
ExpectNotNull((der = wolfSSL_X509_get_der(x509, &derSz)));
ExpectIntEQ(derSz, sizeof(expected));
#ifndef NO_ASN_TIME
ExpectIntEQ(XMEMCMP(der, expected, derSz), 0);
#endif
wolfSSL_X509_free(ca);
wolfSSL_X509_free(x509);
wolfSSL_EVP_PKEY_free(priv);
#ifndef NO_ASN_TIME
wolfSSL_ASN1_TIME_free(notBefore);
wolfSSL_ASN1_TIME_free(notAfter);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_sign(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_ASN_TIME) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA)
int ret = 0;
char *cn = NULL;
word32 cnSz = 0;
X509_NAME *name = NULL;
X509 *x509 = NULL;
X509 *ca = NULL;
DecodedCert dCert;
EVP_PKEY *pub = NULL;
EVP_PKEY *priv = NULL;
EVP_MD_CTX *mctx = NULL;
#if defined(USE_CERT_BUFFERS_1024)
const unsigned char* rsaPriv = client_key_der_1024;
const unsigned char* rsaPub = client_keypub_der_1024;
const unsigned char* certIssuer = client_cert_der_1024;
long clientKeySz = (long)sizeof_client_key_der_1024;
long clientPubKeySz = (long)sizeof_client_keypub_der_1024;
long certIssuerSz = (long)sizeof_client_cert_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
const unsigned char* rsaPriv = client_key_der_2048;
const unsigned char* rsaPub = client_keypub_der_2048;
const unsigned char* certIssuer = client_cert_der_2048;
long clientKeySz = (long)sizeof_client_key_der_2048;
long clientPubKeySz = (long)sizeof_client_keypub_der_2048;
long certIssuerSz = (long)sizeof_client_cert_der_2048;
#endif
byte sn[16];
int snSz = sizeof(sn);
/* Set X509_NAME fields */
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "countryName", MBSTRING_UTF8,
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@wolfssl.com", 19, -1, 0), SSL_SUCCESS);
/* Get private and public keys */
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
clientKeySz));
ExpectNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &rsaPub, clientPubKeySz));
ExpectNotNull(x509 = X509_new());
/* Set version 3 */
ExpectIntNE(X509_set_version(x509, 2L), 0);
/* Set subject name, add pubkey, and sign certificate */
ExpectIntEQ(X509_set_subject_name(x509, name), SSL_SUCCESS);
X509_NAME_free(name);
name = NULL;
ExpectIntEQ(X509_set_pubkey(x509, pub), SSL_SUCCESS);
#ifdef WOLFSSL_ALT_NAMES
/* Add some subject alt names */
ExpectIntNE(wolfSSL_X509_add_altname(NULL,
"ipsum", ASN_DNS_TYPE), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_add_altname(x509,
NULL, ASN_DNS_TYPE), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_add_altname(x509,
"sphygmomanometer",
ASN_DNS_TYPE), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_add_altname(x509,
"supercalifragilisticexpialidocious",
ASN_DNS_TYPE), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_add_altname(x509,
"Llanfairpwllgwyngyllgogerychwyrndrobwllllantysiliogogogoch",
ASN_DNS_TYPE), SSL_SUCCESS);
#ifdef WOLFSSL_IP_ALT_NAME
{
unsigned char ip4_type[] = {127,128,0,255};
unsigned char ip6_type[] = {0xdd, 0xcc, 0xba, 0xab,
0xff, 0xee, 0x99, 0x88,
0x77, 0x66, 0x55, 0x44,
0x00, 0x33, 0x22, 0x11};
ExpectIntEQ(wolfSSL_X509_add_altname_ex(x509, (char*)ip4_type,
sizeof(ip4_type), ASN_IP_TYPE), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_add_altname_ex(x509, (char*)ip6_type,
sizeof(ip6_type), ASN_IP_TYPE), SSL_SUCCESS);
}
#endif
#endif /* WOLFSSL_ALT_NAMES */
{
ASN1_UTCTIME* infinite_past = NULL;
ExpectNotNull(infinite_past = ASN1_UTCTIME_set(NULL, 0));
ExpectIntEQ(X509_set1_notBefore(x509, infinite_past), 1);
ASN1_UTCTIME_free(infinite_past);
}
/* test valid sign case */
ExpectIntGT(ret = X509_sign(x509, priv, EVP_sha256()), 0);
/* test valid X509_sign_ctx case */
ExpectNotNull(mctx = EVP_MD_CTX_new());
ExpectIntEQ(EVP_DigestSignInit(mctx, NULL, EVP_sha256(), NULL, priv), 1);
ExpectIntGT(X509_sign_ctx(x509, mctx), 0);
#if defined(OPENSSL_ALL) && defined(WOLFSSL_ALT_NAMES)
ExpectIntEQ(X509_get_ext_count(x509), 1);
#endif
#if defined(WOLFSSL_ALT_NAMES) && defined(WOLFSSL_IP_ALT_NAME)
ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.128.0.255", 0), 1);
ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "DDCC:BAAB:FFEE:9988:7766:5544:0033:2211", 0), 1);
#endif
ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, sn, &snSz),
WOLFSSL_SUCCESS);
DEBUG_WRITE_CERT_X509(x509, "signed.pem");
/* Variation in size depends on ASN.1 encoding when MSB is set.
* WOLFSSL_ASN_TEMPLATE code does not generate a serial number
* with the MSB set. See GenerateInteger in asn.c */
#ifndef USE_CERT_BUFFERS_1024
#ifndef WOLFSSL_ALT_NAMES
/* Valid case - size should be 781-786 with 16 byte serial number */
ExpectTrue((781 + snSz <= ret) && (ret <= 781 + 5 + snSz));
#elif defined(WOLFSSL_IP_ALT_NAME)
/* Valid case - size should be 955-960 with 16 byte serial number */
ExpectTrue((939 + snSz <= ret) && (ret <= 939 + 5 + snSz));
#else
/* Valid case - size should be 926-931 with 16 byte serial number */
ExpectTrue((910 + snSz <= ret) && (ret <= 910 + 5 + snSz));
#endif
#else
#ifndef WOLFSSL_ALT_NAMES
/* Valid case - size should be 537-542 with 16 byte serial number */
ExpectTrue((521 + snSz <= ret) && (ret <= 521 + 5 + snSz));
#elif defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
/* Valid case - size should be 695-670 with 16 byte serial number */
ExpectTrue((679 + snSz <= ret) && (ret <= 679 + 5 + snSz));
#else
/* Valid case - size should be 666-671 with 16 byte serial number */
ExpectTrue((650 + snSz <= ret) && (ret <= 650 + 5 + snSz));
#endif
#endif
/* check that issuer name is as expected after signature */
InitDecodedCert(&dCert, certIssuer, (word32)certIssuerSz, 0);
ExpectIntEQ(ParseCert(&dCert, CERT_TYPE, NO_VERIFY, NULL), 0);
ExpectNotNull(ca = d2i_X509(NULL, &certIssuer, (int)certIssuerSz));
ExpectNotNull(name = X509_get_subject_name(ca));
cnSz = X509_NAME_get_sz(name);
ExpectNotNull(cn = (char*)XMALLOC(cnSz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL));
ExpectNotNull(cn = X509_NAME_oneline(name, cn, (int)cnSz));
ExpectIntEQ(0, XSTRNCMP(cn, dCert.subject, XSTRLEN(cn)));
XFREE(cn, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
cn = NULL;
#ifdef WOLFSSL_MULTI_ATTRIB
/* test adding multiple OU's to the signer */
ExpectNotNull(name = X509_get_subject_name(ca));
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_UTF8,
(byte*)"OU1", 3, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "OU", MBSTRING_UTF8,
(byte*)"OU2", 3, -1, 0), SSL_SUCCESS);
ExpectIntGT(X509_sign(ca, priv, EVP_sha256()), 0);
#endif
ExpectNotNull(name = X509_get_subject_name(ca));
ExpectIntEQ(X509_set_issuer_name(x509, name), SSL_SUCCESS);
ExpectIntGT(X509_sign(x509, priv, EVP_sha256()), 0);
ExpectNotNull(name = X509_get_issuer_name(x509));
cnSz = X509_NAME_get_sz(name);
ExpectNotNull(cn = (char*)XMALLOC(cnSz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL));
ExpectNotNull(cn = X509_NAME_oneline(name, cn, (int)cnSz));
/* compare and don't include the multi-attrib "/OU=OU1/OU=OU2" above */
ExpectIntEQ(0, XSTRNCMP(cn, dCert.issuer, XSTRLEN(dCert.issuer)));
XFREE(cn, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
cn = NULL;
FreeDecodedCert(&dCert);
/* Test invalid parameters */
ExpectIntEQ(X509_sign(NULL, priv, EVP_sha256()), 0);
ExpectIntEQ(X509_sign(x509, NULL, EVP_sha256()), 0);
ExpectIntEQ(X509_sign(x509, priv, NULL), 0);
ExpectIntEQ(X509_sign_ctx(NULL, mctx), 0);
EVP_MD_CTX_free(mctx);
mctx = NULL;
ExpectNotNull(mctx = EVP_MD_CTX_new());
ExpectIntEQ(X509_sign_ctx(x509, mctx), 0);
ExpectIntEQ(X509_sign_ctx(x509, NULL), 0);
/* test invalid version number */
#if defined(OPENSSL_ALL)
ExpectIntNE(X509_set_version(x509, 6L), 0);
ExpectIntGT(X509_sign(x509, priv, EVP_sha256()), 0);
/* uses ParseCert which fails on bad version number */
ExpectIntEQ(X509_get_ext_count(x509), SSL_FAILURE);
#endif
EVP_MD_CTX_free(mctx);
EVP_PKEY_free(priv);
EVP_PKEY_free(pub);
X509_free(x509);
X509_free(ca);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get0_tbs_sigalg(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
X509* x509 = NULL;
const X509_ALGOR* alg;
ExpectNotNull(x509 = X509_new());
ExpectNull(alg = X509_get0_tbs_sigalg(NULL));
ExpectNotNull(alg = X509_get0_tbs_sigalg(x509));
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_ALGOR_get0(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_SHA256) && !defined(NO_RSA)
X509* x509 = NULL;
const ASN1_OBJECT* obj = NULL;
const X509_ALGOR* alg = NULL;
int pptype = 0;
const void *ppval = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(alg = X509_get0_tbs_sigalg(x509));
/* Invalid case */
X509_ALGOR_get0(&obj, NULL, NULL, NULL);
ExpectNull(obj);
/* Valid case */
X509_ALGOR_get0(&obj, &pptype, &ppval, alg);
ExpectNotNull(obj);
ExpectNull(ppval);
ExpectIntNE(pptype, 0);
/* Make sure NID of X509_ALGOR is Sha256 with RSA */
ExpectIntEQ(OBJ_obj2nid(obj), NID_sha256WithRSAEncryption);
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_VERIFY_PARAM(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
X509_VERIFY_PARAM *paramTo = NULL;
X509_VERIFY_PARAM *paramFrom = NULL;
char testIPv4[] = "127.0.0.1";
char testIPv6[] = "0001:0000:0000:0000:0000:0000:0000:0000/32";
char testhostName1[] = "foo.hoge.com";
char testhostName2[] = "foobar.hoge.com";
ExpectNotNull(paramTo = X509_VERIFY_PARAM_new());
ExpectNotNull(XMEMSET(paramTo, 0, sizeof(X509_VERIFY_PARAM)));
ExpectNotNull(paramFrom = X509_VERIFY_PARAM_new());
ExpectNotNull(XMEMSET(paramFrom, 0, sizeof(X509_VERIFY_PARAM)));
ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramFrom, testhostName1,
(int)XSTRLEN(testhostName1)), 1);
ExpectIntEQ(0, XSTRNCMP(paramFrom->hostName, testhostName1,
(int)XSTRLEN(testhostName1)));
X509_VERIFY_PARAM_set_hostflags(NULL, 0x00);
X509_VERIFY_PARAM_set_hostflags(paramFrom, 0x01);
ExpectIntEQ(0x01, paramFrom->hostFlags);
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(NULL, testIPv4), 0);
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramFrom, testIPv4), 1);
ExpectIntEQ(0, XSTRNCMP(paramFrom->ipasc, testIPv4, WOLFSSL_MAX_IPSTR));
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramFrom, NULL), 1);
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramFrom, testIPv6), 1);
ExpectIntEQ(0, XSTRNCMP(paramFrom->ipasc, testIPv6, WOLFSSL_MAX_IPSTR));
/* null pointer */
ExpectIntEQ(X509_VERIFY_PARAM_set1(NULL, paramFrom), 0);
/* in the case of "from" null, returns success */
ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, NULL), 1);
ExpectIntEQ(X509_VERIFY_PARAM_set1(NULL, NULL), 0);
/* inherit flags test : VPARAM_DEFAULT */
ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1);
ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName1,
(int)XSTRLEN(testhostName1)));
ExpectIntEQ(0x01, paramTo->hostFlags);
ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv6, WOLFSSL_MAX_IPSTR));
/* inherit flags test : VPARAM OVERWRITE */
ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramTo, testhostName2,
(int)XSTRLEN(testhostName2)), 1);
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramTo, testIPv4), 1);
X509_VERIFY_PARAM_set_hostflags(paramTo, 0x00);
if (paramTo != NULL) {
paramTo->inherit_flags = X509_VP_FLAG_OVERWRITE;
}
ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1);
ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName1,
(int)XSTRLEN(testhostName1)));
ExpectIntEQ(0x01, paramTo->hostFlags);
ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv6, WOLFSSL_MAX_IPSTR));
/* inherit flags test : VPARAM_RESET_FLAGS */
ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramTo, testhostName2,
(int)XSTRLEN(testhostName2)), 1);
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramTo, testIPv4), 1);
X509_VERIFY_PARAM_set_hostflags(paramTo, 0x10);
if (paramTo != NULL) {
paramTo->inherit_flags = X509_VP_FLAG_RESET_FLAGS;
}
ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1);
ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName1,
(int)XSTRLEN(testhostName1)));
ExpectIntEQ(0x01, paramTo->hostFlags);
ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv6, WOLFSSL_MAX_IPSTR));
/* inherit flags test : VPARAM_LOCKED */
ExpectIntEQ(X509_VERIFY_PARAM_set1_host(paramTo, testhostName2,
(int)XSTRLEN(testhostName2)), 1);
ExpectIntEQ(X509_VERIFY_PARAM_set1_ip_asc(paramTo, testIPv4), 1);
X509_VERIFY_PARAM_set_hostflags(paramTo, 0x00);
if (paramTo != NULL) {
paramTo->inherit_flags = X509_VP_FLAG_LOCKED;
}
ExpectIntEQ(X509_VERIFY_PARAM_set1(paramTo, paramFrom), 1);
ExpectIntEQ(0, XSTRNCMP(paramTo->hostName, testhostName2,
(int)XSTRLEN(testhostName2)));
ExpectIntEQ(0x00, paramTo->hostFlags);
ExpectIntEQ(0, XSTRNCMP(paramTo->ipasc, testIPv4, WOLFSSL_MAX_IPSTR));
/* test for incorrect parameters */
ExpectIntEQ(X509_VERIFY_PARAM_set_flags(NULL, X509_V_FLAG_CRL_CHECK_ALL),
0);
ExpectIntEQ(X509_VERIFY_PARAM_set_flags(NULL, 0), 0);
/* inherit flags test : VPARAM_ONCE, not testable yet */
ExpectIntEQ(X509_VERIFY_PARAM_set_flags(paramTo, X509_V_FLAG_CRL_CHECK_ALL),
1);
ExpectIntEQ(X509_VERIFY_PARAM_get_flags(paramTo),
X509_V_FLAG_CRL_CHECK_ALL);
ExpectIntEQ(X509_VERIFY_PARAM_clear_flags(paramTo,
X509_V_FLAG_CRL_CHECK_ALL), 1);
ExpectIntEQ(X509_VERIFY_PARAM_get_flags(paramTo), 0);
X509_VERIFY_PARAM_free(paramTo);
X509_VERIFY_PARAM_free(paramFrom);
X509_VERIFY_PARAM_free(NULL); /* to confirm NULL parameter gives no harm */
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY)
static int test_wolfSSL_check_domain_verify_count = 0;
static WC_INLINE int test_wolfSSL_check_domain_verify_cb(int preverify,
WOLFSSL_X509_STORE_CTX* store)
{
EXPECT_DECLS;
ExpectIntEQ(X509_STORE_CTX_get_error(store), 0);
ExpectIntEQ(preverify, 1);
ExpectIntGT(++test_wolfSSL_check_domain_verify_count, 0);
return EXPECT_SUCCESS();
}
static int test_wolfSSL_check_domain_client_cb(WOLFSSL* ssl)
{
EXPECT_DECLS;
X509_VERIFY_PARAM *param = NULL;
ExpectNotNull(param = SSL_get0_param(ssl));
/* Domain check should only be done on the leaf cert */
X509_VERIFY_PARAM_set_hostflags(param,
X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
ExpectIntEQ(X509_VERIFY_PARAM_set1_host(param,
"wolfSSL Server Chain", 0), 1);
wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_PEER,
test_wolfSSL_check_domain_verify_cb);
return EXPECT_RESULT();
}
static int test_wolfSSL_check_domain_server_cb(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
/* Use a cert with different domains in chain */
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx,
"certs/intermediate/server-chain.pem"), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_wolfSSL_check_domain(void)
{
EXPECT_DECLS;
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ssl_ready = &test_wolfSSL_check_domain_client_cb;
func_cb_server.ctx_ready = &test_wolfSSL_check_domain_server_cb;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
/* Should have been called once for each cert in sent chain */
#ifdef WOLFSSL_VERIFY_CB_ALL_CERTS
ExpectIntEQ(test_wolfSSL_check_domain_verify_count, 3);
#else
ExpectIntEQ(test_wolfSSL_check_domain_verify_count, 1);
#endif
return EXPECT_RESULT();
}
#else
static int test_wolfSSL_check_domain(void)
{
EXPECT_DECLS;
return EXPECT_RESULT();
}
#endif /* OPENSSL_EXTRA && HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
static int test_wolfSSL_X509_get_X509_PUBKEY(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
X509* x509 = NULL;
X509_PUBKEY* pubKey;
ExpectNotNull(x509 = X509_new());
ExpectNull(pubKey = wolfSSL_X509_get_X509_PUBKEY(NULL));
ExpectNotNull(pubKey = wolfSSL_X509_get_X509_PUBKEY(x509));
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_RSA(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_SHA256) && !defined(NO_RSA)
X509* x509 = NULL;
ASN1_OBJECT* obj = NULL;
const ASN1_OBJECT* pa_oid = NULL;
X509_PUBKEY* pubKey = NULL;
X509_PUBKEY* pubKey2 = NULL;
EVP_PKEY* evpKey = NULL;
const unsigned char *pk = NULL;
int ppklen;
int pptype;
X509_ALGOR *pa = NULL;
const void *pval;
ExpectNotNull(x509 = X509_load_certificate_file(cliCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(pubKey = X509_get_X509_PUBKEY(x509));
ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey), 1);
ExpectNotNull(pk);
ExpectNotNull(pa);
ExpectNotNull(pubKey);
ExpectIntGT(ppklen, 0);
ExpectIntEQ(OBJ_obj2nid(obj), NID_rsaEncryption);
ExpectNotNull(evpKey = X509_PUBKEY_get(pubKey));
ExpectNotNull(pubKey2 = X509_PUBKEY_new());
ExpectIntEQ(X509_PUBKEY_set(&pubKey2, evpKey), 1);
ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey2), 1);
ExpectNotNull(pk);
ExpectNotNull(pa);
ExpectIntGT(ppklen, 0);
X509_ALGOR_get0(&pa_oid, &pptype, &pval, pa);
ExpectNotNull(pa_oid);
ExpectNull(pval);
ExpectIntEQ(pptype, V_ASN1_NULL);
ExpectIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_RSA);
X509_PUBKEY_free(pubKey2);
X509_free(x509);
EVP_PKEY_free(evpKey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_EC(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && defined(HAVE_ECC)
X509* x509 = NULL;
ASN1_OBJECT* obj = NULL;
ASN1_OBJECT* poid = NULL;
const ASN1_OBJECT* pa_oid = NULL;
X509_PUBKEY* pubKey = NULL;
X509_PUBKEY* pubKey2 = NULL;
EVP_PKEY* evpKey = NULL;
const unsigned char *pk = NULL;
int ppklen;
int pptype;
X509_ALGOR *pa = NULL;
const void *pval;
char buf[50];
ExpectNotNull(x509 = X509_load_certificate_file(cliEccCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(pubKey = X509_get_X509_PUBKEY(x509));
ExpectNotNull(evpKey = X509_PUBKEY_get(pubKey));
ExpectNotNull(pubKey2 = X509_PUBKEY_new());
ExpectIntEQ(X509_PUBKEY_set(&pubKey2, evpKey), 1);
ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey2), 1);
ExpectNotNull(pk);
ExpectNotNull(pa);
ExpectIntGT(ppklen, 0);
X509_ALGOR_get0(&pa_oid, &pptype, &pval, pa);
ExpectNotNull(pa_oid);
ExpectNotNull(pval);
ExpectIntEQ(pptype, V_ASN1_OBJECT);
ExpectIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_EC);
poid = (ASN1_OBJECT *)pval;
ExpectIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), poid, 0), 0);
ExpectIntEQ(OBJ_txt2nid(buf), NID_X9_62_prime256v1);
X509_PUBKEY_free(pubKey2);
X509_free(x509);
EVP_PKEY_free(evpKey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_DSA(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_DSA)
word32 bytes;
#ifdef USE_CERT_BUFFERS_1024
byte tmp[ONEK_BUF];
#elif defined(USE_CERT_BUFFERS_2048)
byte tmp[TWOK_BUF];
#else
byte tmp[TWOK_BUF];
#endif /* END USE_CERT_BUFFERS_1024 */
const unsigned char* dsaKeyDer = tmp;
ASN1_OBJECT* obj = NULL;
ASN1_STRING* str;
const ASN1_OBJECT* pa_oid = NULL;
X509_PUBKEY* pubKey = NULL;
EVP_PKEY* evpKey = NULL;
const unsigned char *pk = NULL;
int ppklen, pptype;
X509_ALGOR *pa = NULL;
const void *pval;
#ifdef USE_CERT_BUFFERS_1024
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
{
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
ExpectIntGT(bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
}
#endif
/* Initialize pkey with der format dsa key */
ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &evpKey, &dsaKeyDer, bytes));
ExpectNotNull(pubKey = X509_PUBKEY_new());
ExpectIntEQ(X509_PUBKEY_set(&pubKey, evpKey), 1);
ExpectIntEQ(X509_PUBKEY_get0_param(&obj, &pk, &ppklen, &pa, pubKey), 1);
ExpectNotNull(pk);
ExpectNotNull(pa);
ExpectIntGT(ppklen, 0);
X509_ALGOR_get0(&pa_oid, &pptype, &pval, pa);
ExpectNotNull(pa_oid);
ExpectNotNull(pval);
ExpectIntEQ(pptype, V_ASN1_SEQUENCE);
ExpectIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_DSA);
str = (ASN1_STRING *)pval;
DEBUG_WRITE_DER(ASN1_STRING_data(str), ASN1_STRING_length(str), "str.der");
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(ASN1_STRING_length(str), 291);
#else
ExpectIntEQ(ASN1_STRING_length(str), 549);
#endif /* END USE_CERT_BUFFERS_1024 */
X509_PUBKEY_free(pubKey);
EVP_PKEY_free(evpKey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BUF(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
BUF_MEM* buf = NULL;
ExpectNotNull(buf = BUF_MEM_new());
ExpectIntEQ(BUF_MEM_grow(buf, 10), 10);
ExpectIntEQ(BUF_MEM_grow(buf, -1), 0);
BUF_MEM_free(buf);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
static int stub_rand_seed(const void *buf, int num)
{
(void)buf;
(void)num;
return 123;
}
static int stub_rand_bytes(unsigned char *buf, int num)
{
(void)buf;
(void)num;
return 456;
}
static byte* was_stub_rand_cleanup_called(void)
{
static byte was_called = 0;
return &was_called;
}
static void stub_rand_cleanup(void)
{
byte* was_called = was_stub_rand_cleanup_called();
*was_called = 1;
return;
}
static byte* was_stub_rand_add_called(void)
{
static byte was_called = 0;
return &was_called;
}
static int stub_rand_add(const void *buf, int num, double entropy)
{
byte* was_called = was_stub_rand_add_called();
(void)buf;
(void)num;
(void)entropy;
*was_called = 1;
return 0;
}
static int stub_rand_pseudo_bytes(unsigned char *buf, int num)
{
(void)buf;
(void)num;
return 9876;
}
static int stub_rand_status(void)
{
return 5432;
}
#endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */
static int test_wolfSSL_RAND_set_rand_method(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
RAND_METHOD rand_methods = {NULL, NULL, NULL, NULL, NULL, NULL};
unsigned char* buf = NULL;
int num = 0;
double entropy = 0;
int ret;
byte* was_cleanup_called = was_stub_rand_cleanup_called();
byte* was_add_called = was_stub_rand_add_called();
ExpectNotNull(buf = (byte*)XMALLOC(32 * sizeof(byte), NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntNE(wolfSSL_RAND_status(), 5432);
ExpectIntEQ(*was_cleanup_called, 0);
RAND_cleanup();
ExpectIntEQ(*was_cleanup_called, 0);
rand_methods.seed = &stub_rand_seed;
rand_methods.bytes = &stub_rand_bytes;
rand_methods.cleanup = &stub_rand_cleanup;
rand_methods.add = &stub_rand_add;
rand_methods.pseudorand = &stub_rand_pseudo_bytes;
rand_methods.status = &stub_rand_status;
ExpectIntEQ(RAND_set_rand_method(&rand_methods), WOLFSSL_SUCCESS);
ExpectIntEQ(RAND_seed(buf, num), 123);
ExpectIntEQ(RAND_bytes(buf, num), 456);
ExpectIntEQ(RAND_pseudo_bytes(buf, num), 9876);
ExpectIntEQ(RAND_status(), 5432);
ExpectIntEQ(*was_add_called, 0);
/* The function pointer for RAND_add returns int, but RAND_add itself
* returns void. */
RAND_add(buf, num, entropy);
ExpectIntEQ(*was_add_called, 1);
was_add_called = 0;
ExpectIntEQ(*was_cleanup_called, 0);
RAND_cleanup();
ExpectIntEQ(*was_cleanup_called, 1);
*was_cleanup_called = 0;
ret = RAND_set_rand_method(NULL);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
ExpectIntNE(RAND_status(), 5432);
ExpectIntEQ(*was_cleanup_called, 0);
RAND_cleanup();
ExpectIntEQ(*was_cleanup_called, 0);
RAND_set_rand_method(NULL);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */
return EXPECT_RESULT();
}
static int test_wolfSSL_RAND_bytes(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
const int size1 = RNG_MAX_BLOCK_LEN; /* in bytes */
const int size2 = RNG_MAX_BLOCK_LEN + 1; /* in bytes */
const int size3 = RNG_MAX_BLOCK_LEN * 2; /* in bytes */
const int size4 = RNG_MAX_BLOCK_LEN * 4; /* in bytes */
int max_bufsize;
byte *my_buf = NULL;
/* sanity check */
ExpectIntEQ(RAND_bytes(NULL, 16), 0);
ExpectIntEQ(RAND_bytes(NULL, 0), 0);
max_bufsize = size4;
ExpectNotNull(my_buf = (byte*)XMALLOC(max_bufsize * sizeof(byte), NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(RAND_bytes(my_buf, 0), 1);
ExpectIntEQ(RAND_bytes(my_buf, -1), 0);
ExpectNotNull(XMEMSET(my_buf, 0, max_bufsize));
ExpectIntEQ(RAND_bytes(my_buf, size1), 1);
ExpectIntEQ(RAND_bytes(my_buf, size2), 1);
ExpectIntEQ(RAND_bytes(my_buf, size3), 1);
ExpectIntEQ(RAND_bytes(my_buf, size4), 1);
XFREE(my_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RAND(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
byte seed[16];
XMEMSET(seed, 0, sizeof(seed));
/* No global methods set. */
ExpectIntEQ(RAND_seed(seed, sizeof(seed)), 1);
ExpectIntEQ(RAND_poll(), 1);
RAND_cleanup();
ExpectIntEQ(RAND_egd(NULL), -1);
#ifndef NO_FILESYSTEM
{
char fname[100];
ExpectNotNull(RAND_file_name(fname, (sizeof(fname) - 1)));
ExpectIntEQ(RAND_write_file(NULL), 0);
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_Compat(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) && \
!defined(NO_BIO)
PKCS8_PRIV_KEY_INFO* pt = NULL;
BIO* bio = NULL;
XFILE f = XBADFILE;
int bytes;
char pkcs8_buffer[512];
#if defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL)
EVP_PKEY *pkey = NULL;
#endif
/* file from wolfssl/certs/ directory */
ExpectTrue((f = XFOPEN("./certs/ecc-keyPkcs8.pem", "rb")) != XBADFILE);
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), f)),
0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes));
ExpectNotNull(pt = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, NULL));
#if defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL)
ExpectNotNull(pkey = EVP_PKCS82PKEY(pt));
ExpectIntEQ(EVP_PKEY_type(pkey->type), EVP_PKEY_EC);
/* gets PKCS8 pointer to pkey */
ExpectNotNull(EVP_PKEY2PKCS8(pkey));
EVP_PKEY_free(pkey);
#endif
BIO_free(bio);
PKCS8_PRIV_KEY_INFO_free(pt);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO)
static int NoPasswordCallBack(char* passwd, int sz, int rw, void* userdata)
{
(void)passwd;
(void)sz;
(void)rw;
(void)userdata;
return -1;
}
#endif
static int test_wolfSSL_PKCS8_d2i(void)
{
EXPECT_DECLS;
#if !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
/* This test ends up using HMAC as a part of PBKDF2, and HMAC
* requires a 12 byte password in FIPS mode. This test ends up
* trying to use an 8 byte password. */
#ifndef NO_FILESYSTEM
unsigned char pkcs8_buffer[2048];
const unsigned char* p = NULL;
int bytes = 0;
XFILE file = XBADFILE;
WOLFSSL_EVP_PKEY* pkey = NULL;
#ifndef NO_BIO
BIO* bio = NULL;
#if defined(OPENSSL_ALL) && \
((!defined(NO_RSA) && !defined(NO_DES3)) || \
defined(HAVE_ECC)) && \
!defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
WOLFSSL_EVP_PKEY* evpPkey = NULL;
#endif
#endif
#ifndef NO_RSA
const char rsaDerPkcs8File[] = "./certs/server-keyPkcs8.der";
const char rsaPemPkcs8File[] = "./certs/server-keyPkcs8.pem";
#ifndef NO_DES3
const char rsaDerPkcs8EncFile[] = "./certs/server-keyPkcs8Enc.der";
#endif
#endif /* NO_RSA */
#ifdef HAVE_ECC
const char ecDerPkcs8File[] = "certs/ecc-keyPkcs8.der";
const char ecPemPkcs8File[] = "certs/ecc-keyPkcs8.pem";
#ifndef NO_DES3
const char ecDerPkcs8EncFile[] = "certs/ecc-keyPkcs8Enc.der";
#endif
#endif /* HAVE_ECC */
#endif /* !NO_FILESYSTEM */
#if defined(OPENSSL_ALL) && (!defined(NO_RSA) || defined(HAVE_ECC))
#ifndef NO_RSA
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* rsa = (unsigned char*)server_key_der_1024;
int rsaSz = sizeof_server_key_der_1024;
#else
const unsigned char* rsa = (unsigned char*)server_key_der_2048;
int rsaSz = sizeof_server_key_der_2048;
#endif
#endif
#ifdef HAVE_ECC
const unsigned char* ec = (unsigned char*)ecc_key_der_256;
int ecSz = sizeof_ecc_key_der_256;
#endif
#endif /* OPENSSL_ALL && (!NO_RSA || HAVE_ECC) */
#ifndef NO_FILESYSTEM
(void)pkcs8_buffer;
(void)p;
(void)bytes;
(void)file;
#ifndef NO_BIO
(void)bio;
#endif
#endif
#ifdef OPENSSL_ALL
#ifndef NO_RSA
/* Try to auto-detect normal RSA private key */
ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &rsa, rsaSz));
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#ifdef HAVE_ECC
/* Try to auto-detect normal EC private key */
ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &ec, ecSz));
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#endif /* OPENSSL_ALL */
#ifndef NO_FILESYSTEM
#if defined(OPENSSL_ALL) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectIntEQ(PEM_write_PKCS8PrivateKey(XBADFILE, pkey, NULL, NULL, 0, NULL,
NULL), 0);
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, NULL, NULL, NULL, 0, NULL,
NULL), 0);
#endif
#ifndef NO_RSA
/* Get DER encoded RSA PKCS#8 data. */
ExpectTrue((file = XFOPEN(rsaDerPkcs8File, "rb")) != XBADFILE);
ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer)));
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
p = pkcs8_buffer;
#ifdef OPENSSL_ALL
/* Try to decode - auto-detect key type. */
ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &p, bytes));
#else
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &p, bytes));
#endif
/* Get PEM encoded RSA PKCS#8 data. */
ExpectTrue((file = XFOPEN(rsaPemPkcs8File, "rb")) != XBADFILE);
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
#if defined(OPENSSL_ALL) && \
!defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(NULL, pkey, NULL, NULL, 0, NULL,
NULL), 0);
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, NULL, NULL, NULL, 0, NULL,
NULL), 0);
/* Write PKCS#8 PEM to BIO. */
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
NULL), bytes);
/* Write PKCS#8 PEM to stderr. */
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, NULL, NULL, 0, NULL,
NULL), bytes);
/* Compare file and written data */
ExpectIntEQ(BIO_get_mem_data(bio, &p), bytes);
ExpectIntEQ(XMEMCMP(p, pkcs8_buffer, bytes), 0);
BIO_free(bio);
bio = NULL;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_128_gcm(),
NULL, 0, PasswordCallBack, (void*)"yassl123"), 0);
#endif
#if !defined(NO_DES3) && !defined(NO_SHA)
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/* Write Encrypted PKCS#8 PEM to BIO. */
bytes = 1834;
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_des_ede3_cbc(),
NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_des_ede3_cbc(),
NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, PasswordCallBack,
(void*)"yassl123"));
EVP_PKEY_free(evpPkey);
evpPkey = NULL;
BIO_free(bio);
bio = NULL;
#endif /* !NO_DES3 && !NO_SHA */
#endif /* !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 */
EVP_PKEY_free(pkey);
pkey = NULL;
/* PKCS#8 encrypted RSA key */
#ifndef NO_DES3
ExpectTrue((file = XFOPEN(rsaDerPkcs8EncFile, "rb")) != XBADFILE);
ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer)));
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
#if defined(OPENSSL_ALL) && \
!defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes));
ExpectNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack,
(void*)"yassl123"));
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(bio);
bio = NULL;
#endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 */
#endif /* !NO_DES3 */
#endif /* NO_RSA */
#ifdef HAVE_ECC
/* PKCS#8 encode EC key */
ExpectTrue((file = XFOPEN(ecDerPkcs8File, "rb")) != XBADFILE);
ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer)));
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
p = pkcs8_buffer;
#ifdef OPENSSL_ALL
/* Try to decode - auto-detect key type. */
ExpectNotNull(pkey = d2i_AutoPrivateKey(NULL, &p, bytes));
#else
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &p, bytes));
#endif
/* Get PEM encoded RSA PKCS#8 data. */
ExpectTrue((file = XFOPEN(ecPemPkcs8File, "rb")) != XBADFILE);
ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer)));
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
#if defined(OPENSSL_ALL) && \
!defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8) && \
defined(HAVE_AES_CBC)
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/* Write PKCS#8 PEM to BIO. */
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
NULL), bytes);
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, NULL, NULL, 0, NULL,
NULL), bytes);
/* Compare file and written data */
ExpectIntEQ(BIO_get_mem_data(bio, &p), bytes);
ExpectIntEQ(XMEMCMP(p, pkcs8_buffer, bytes), 0);
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/* Write Encrypted PKCS#8 PEM to BIO. */
bytes = 379;
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_aes_256_cbc(),
NULL, 0, NoPasswordCallBack, (void*)"yassl123"), 0);
ExpectIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, EVP_aes_256_cbc(),
NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_128_cbc(),
NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_128_cbc(),
(char*)"yassl123", 8, PasswordCallBack, NULL), bytes);
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, pkey, EVP_aes_256_cbc(),
NULL, 0, PasswordCallBack, (void*)"yassl123"), bytes);
ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, PasswordCallBack,
(void*)"yassl123"));
EVP_PKEY_free(evpPkey);
evpPkey = NULL;
BIO_free(bio);
bio = NULL;
#endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 && HAVE_AES_CBC */
EVP_PKEY_free(pkey);
pkey = NULL;
/* PKCS#8 encrypted EC key */
#ifndef NO_DES3
ExpectTrue((file = XFOPEN(ecDerPkcs8EncFile, "rb")) != XBADFILE);
ExpectNotNull(XMEMSET(pkcs8_buffer, 0, sizeof(pkcs8_buffer)));
ExpectIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
if (file != XBADFILE) {
XFCLOSE(file);
file = XBADFILE;
}
#if defined(OPENSSL_ALL) && \
!defined(NO_BIO) && !defined(NO_PWDBASED) && defined(HAVE_PKCS8)
ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes));
ExpectNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack,
(void*)"yassl123"));
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(bio);
bio = NULL;
#endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 */
#endif /* !NO_DES3 */
#endif /* HAVE_ECC */
#endif /* !NO_FILESYSTEM */
#endif /* HAVE_FIPS && OPENSSL_EXTRA */
return EXPECT_RESULT();
}
#if !defined(SINGLE_THREADED) && defined(ERROR_QUEUE_PER_THREAD) && \
!defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
#define LOGGING_THREADS 5
#define ERROR_COUNT 10
/* copied from logging.c since this is not exposed otherwise */
#ifndef ERROR_QUEUE_MAX
#ifdef ERROR_QUEUE_PER_THREAD
#define ERROR_QUEUE_MAX 16
#else
/* this breaks from compat of unlimited error queue size */
#define ERROR_QUEUE_MAX 100
#endif
#endif
static volatile int loggingThreadsReady;
static THREAD_RETURN WOLFSSL_THREAD test_logging(void* args)
{
const char* file;
int line;
unsigned long err;
int errorCount = 0;
int i;
(void)args;
while (!loggingThreadsReady);
for (i = 0; i < ERROR_COUNT; i++)
ERR_put_error(ERR_LIB_PEM, SYS_F_ACCEPT, -990 - i, __FILE__, __LINE__);
while ((err = ERR_get_error_line(&file, &line))) {
AssertIntEQ(err, 990 + errorCount);
errorCount++;
}
AssertIntEQ(errorCount, ERROR_COUNT);
/* test max queue behavior, trying to add an arbitrary 3 errors over */
ERR_clear_error(); /* ERR_get_error_line() does not remove */
errorCount = 0;
for (i = 0; i < ERROR_QUEUE_MAX + 3; i++)
ERR_put_error(ERR_LIB_PEM, SYS_F_ACCEPT, -990 - i, __FILE__, __LINE__);
while ((err = ERR_get_error_line(&file, &line))) {
AssertIntEQ(err, 990 + errorCount);
errorCount++;
}
/* test that the 3 errors over the max were dropped */
AssertIntEQ(errorCount, ERROR_QUEUE_MAX);
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif
static int test_error_queue_per_thread(void)
{
int res = TEST_SKIPPED;
#if !defined(SINGLE_THREADED) && defined(ERROR_QUEUE_PER_THREAD) && \
!defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
THREAD_TYPE loggingThreads[LOGGING_THREADS];
int i;
ERR_clear_error(); /* clear out any error nodes */
loggingThreadsReady = 0;
for (i = 0; i < LOGGING_THREADS; i++)
start_thread(test_logging, NULL, &loggingThreads[i]);
loggingThreadsReady = 1;
for (i = 0; i < LOGGING_THREADS; i++)
join_thread(loggingThreads[i]);
res = TEST_SUCCESS;
#endif
return res;
}
static int test_wolfSSL_ERR_put_error(void)
{
EXPECT_DECLS;
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
const char* file;
int line;
ERR_clear_error(); /* clear out any error nodes */
ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0);
ExpectIntEQ(ERR_get_error_line(&file, &line), 0);
ERR_put_error(0,SYS_F_BIND, 1, "this file", 1);
ExpectIntEQ(ERR_get_error_line(&file, &line), 1);
ERR_put_error(0,SYS_F_CONNECT, 2, "this file", 2);
ExpectIntEQ(ERR_get_error_line(&file, &line), 2);
ERR_put_error(0,SYS_F_FOPEN, 3, "this file", 3);
ExpectIntEQ(ERR_get_error_line(&file, &line), 3);
ERR_put_error(0,SYS_F_FREAD, 4, "this file", 4);
ExpectIntEQ(ERR_get_error_line(&file, &line), 4);
ERR_put_error(0,SYS_F_GETADDRINFO, 5, "this file", 5);
ExpectIntEQ(ERR_get_error_line(&file, &line), 5);
ERR_put_error(0,SYS_F_GETSOCKOPT, 6, "this file", 6);
ExpectIntEQ(ERR_get_error_line(&file, &line), 6);
ERR_put_error(0,SYS_F_GETSOCKNAME, 7, "this file", 7);
ExpectIntEQ(ERR_get_error_line(&file, &line), 7);
ERR_put_error(0,SYS_F_GETHOSTBYNAME, 8, "this file", 8);
ExpectIntEQ(ERR_get_error_line(&file, &line), 8);
ERR_put_error(0,SYS_F_GETNAMEINFO, 9, "this file", 9);
ExpectIntEQ(ERR_get_error_line(&file, &line), 9);
ERR_put_error(0,SYS_F_GETSERVBYNAME, 10, "this file", 10);
ExpectIntEQ(ERR_get_error_line(&file, &line), 10);
ERR_put_error(0,SYS_F_IOCTLSOCKET, 11, "this file", 11);
ExpectIntEQ(ERR_get_error_line(&file, &line), 11);
ERR_put_error(0,SYS_F_LISTEN, 12, "this file", 12);
ExpectIntEQ(ERR_get_error_line(&file, &line), 12);
ERR_put_error(0,SYS_F_OPENDIR, 13, "this file", 13);
ExpectIntEQ(ERR_get_error_line(&file, &line), 13);
ERR_put_error(0,SYS_F_SETSOCKOPT, 14, "this file", 14);
ExpectIntEQ(ERR_get_error_line(&file, &line), 14);
ERR_put_error(0,SYS_F_SOCKET, 15, "this file", 15);
ExpectIntEQ(ERR_get_error_line(&file, &line), 15);
#if defined(OPENSSL_ALL) && defined(WOLFSSL_PYTHON)
ERR_put_error(ERR_LIB_ASN1, SYS_F_ACCEPT, ASN1_R_HEADER_TOO_LONG,
"this file", 100);
ExpectIntEQ(wolfSSL_ERR_peek_last_error_line(&file, &line),
(ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG);
ExpectIntEQ(line, 100);
ExpectIntEQ(wolfSSL_ERR_peek_error(),
(ERR_LIB_ASN1 << 24) | ASN1_R_HEADER_TOO_LONG);
ExpectIntEQ(ERR_get_error_line(&file, &line), ASN1_R_HEADER_TOO_LONG);
#endif
/* try reading past end of error queue */
file = NULL;
ExpectIntEQ(ERR_get_error_line(&file, &line), 0);
ExpectNull(file);
ExpectIntEQ(ERR_get_error_line_data(&file, &line, NULL, NULL), 0);
PEMerr(4,4);
ExpectIntEQ(ERR_get_error(), 4);
/* Empty and free up all error nodes */
ERR_clear_error();
/* Verify all nodes are cleared */
ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0);
ERR_clear_error();
ExpectIntEQ(ERR_get_error_line(&file, &line), 0);
#endif
return EXPECT_RESULT();
}
/*
* This is a regression test for a bug where the peek/get error functions were
* drawing from the end of the queue rather than the front.
*/
static int test_wolfSSL_ERR_get_error_order(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_HAVE_ERROR_QUEUE) && defined(OPENSSL_EXTRA)
/* Empty the queue. */
wolfSSL_ERR_clear_error();
wolfSSL_ERR_put_error(0, 0, ASN_NO_SIGNER_E, "test", 0);
wolfSSL_ERR_put_error(0, 0, ASN_SELF_SIGNED_E, "test", 0);
ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_NO_SIGNER_E);
ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_NO_SIGNER_E);
ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_SELF_SIGNED_E);
ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_SELF_SIGNED_E);
#endif /* WOLFSSL_HAVE_ERROR_QUEUE && OPENSSL_EXTRA */
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_ERR_print_errors(void)
{
EXPECT_DECLS;
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL) && !defined(NO_ERROR_STRINGS)
BIO* bio = NULL;
char buf[1024];
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ERR_clear_error(); /* clear out any error nodes */
ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0);
/* Choosing -600 as an unused errno. */
ERR_put_error(0,SYS_F_BIND, -600, "asn.c", 100);
ERR_print_errors(bio);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 56);
ExpectIntEQ(XSTRNCMP(
"error:173:wolfSSL library:Bad function argument:ssl.c:0",
buf, 55), 0);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 57);
ExpectIntEQ(XSTRNCMP(
"error:600:wolfSSL library:unknown error number:asn.c:100",
buf, 56), 0);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 1);
ExpectIntEQ(buf[0], '\0');
ExpectIntEQ(ERR_get_error_line(NULL, NULL), 0);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
static int test_wolfSSL_error_cb(const char *str, size_t len, void *u)
{
wolfSSL_BIO_write((BIO*)u, str, (int)len);
return 0;
}
#endif
static int test_wolfSSL_ERR_print_errors_cb(void)
{
EXPECT_DECLS;
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
BIO* bio = NULL;
char buf[1024];
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ERR_clear_error(); /* clear out any error nodes */
ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0);
ERR_put_error(0,SYS_F_BIND, -275, "asn.c", 100);
ERR_print_errors_cb(test_wolfSSL_error_cb, bio);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 108);
ExpectIntEQ(XSTRNCMP(
"wolfSSL error occurred, error = 173 line:0 file:ssl.c",
buf, 53), 0);
ExpectIntEQ(XSTRNCMP(
"wolfSSL error occurred, error = 275 line:100 file:asn.c",
buf + 53, 55), 0);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 0);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
/*
* Testing WOLFSSL_ERROR_MSG
*/
static int test_WOLFSSL_ERROR_MSG(void)
{
int res = TEST_SKIPPED;
#if defined(DEBUG_WOLFSSL) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
const char* msg = TEST_STRING;
WOLFSSL_ERROR_MSG(msg);
res = TEST_SUCCESS;
#endif
return res;
} /* End test_WOLFSSL_ERROR_MSG */
/*
* Testing wc_ERR_remove_state
*/
static int test_wc_ERR_remove_state(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
wc_ERR_remove_state();
res = TEST_SUCCESS;
#endif
return res;
} /* End test_wc_ERR_remove_state */
/*
* Testing wc_ERR_print_errors_fp
*/
static int test_wc_ERR_print_errors_fp(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) && \
(!defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM))
long sz;
XFILE fp = XBADFILE;
WOLFSSL_ERROR(BAD_FUNC_ARG);
ExpectTrue((fp = XFOPEN("./tests/test-log-dump-to-file.txt", "ar")) !=
XBADFILE);
wc_ERR_print_errors_fp(fp);
#if defined(DEBUG_WOLFSSL)
ExpectTrue(XFSEEK(fp, 0, XSEEK_END) == 0);
#ifdef NO_ERROR_QUEUE
ExpectIntEQ(sz = XFTELL(fp), 0);
#else
ExpectIntNE(sz = XFTELL(fp), 0);
#endif
#endif
if (fp != XBADFILE)
XFCLOSE(fp);
(void)sz;
#endif
return EXPECT_RESULT();
} /* End test_wc_ERR_print_errors_fp */
#ifdef DEBUG_WOLFSSL
static void Logging_cb(const int logLevel, const char *const logMessage)
{
(void)logLevel;
(void)logMessage;
}
#endif
/*
* Testing wolfSSL_GetLoggingCb
*/
static int test_wolfSSL_GetLoggingCb(void)
{
EXPECT_DECLS;
#ifdef DEBUG_WOLFSSL
/* Testing without wolfSSL_SetLoggingCb() */
ExpectNull(wolfSSL_GetLoggingCb());
/* Testing with wolfSSL_SetLoggingCb() */
ExpectIntEQ(wolfSSL_SetLoggingCb(Logging_cb), 0);
ExpectNotNull(wolfSSL_GetLoggingCb());
ExpectIntEQ(wolfSSL_SetLoggingCb(NULL), 0);
#endif
ExpectNull(wolfSSL_GetLoggingCb());
return EXPECT_RESULT();
} /* End test_wolfSSL_GetLoggingCb */
#endif /* !NO_BIO */
static int test_wolfSSL_MD4(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_MD4)
MD4_CTX md4;
unsigned char out[16]; /* MD4_DIGEST_SIZE */
const char* msg = "12345678901234567890123456789012345678901234567890123456"
"789012345678901234567890";
const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f"
"\xcc\x05\x36";
int msgSz = (int)XSTRLEN(msg);
XMEMSET(out, 0, sizeof(out));
MD4_Init(&md4);
MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz);
MD4_Final(out, &md4);
ExpectIntEQ(XMEMCMP(out, test, sizeof(out)), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_MD5(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
byte input1[] = "";
byte input2[] = "message digest";
byte hash[WC_MD5_DIGEST_SIZE];
unsigned char output1[] =
"\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e";
unsigned char output2[] =
"\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0";
WOLFSSL_MD5_CTX md5;
XMEMSET(&md5, 0, sizeof(md5));
/* Test cases for illegal parameters */
ExpectIntEQ(MD5_Init(NULL), 0);
ExpectIntEQ(MD5_Init(&md5), 1);
ExpectIntEQ(MD5_Update(NULL, input1, 0), 0);
ExpectIntEQ(MD5_Update(NULL, NULL, 0), 0);
ExpectIntEQ(MD5_Update(&md5, NULL, 1), 0);
ExpectIntEQ(MD5_Final(NULL, &md5), 0);
ExpectIntEQ(MD5_Final(hash, NULL), 0);
ExpectIntEQ(MD5_Final(NULL, NULL), 0);
/* Init MD5 CTX */
ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1);
ExpectIntEQ(wolfSSL_MD5_Update(&md5, input1, XSTRLEN((const char*)&input1)),
1);
ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
/* Init MD5 CTX */
ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1);
ExpectIntEQ(wolfSSL_MD5_Update(&md5, input2,
(int)XSTRLEN((const char*)input2)), 1);
ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
#if !defined(NO_OLD_NAMES) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
ExpectPtrNE(MD5(NULL, 1, (byte*)&hash), &hash);
ExpectPtrEq(MD5(input1, 0, (byte*)&hash), &hash);
ExpectPtrNE(MD5(input1, 1, NULL), NULL);
ExpectPtrNE(MD5(NULL, 0, NULL), NULL);
ExpectPtrEq(MD5(input1, (int)XSTRLEN((const char*)&input1), (byte*)&hash),
&hash);
ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
ExpectPtrEq(MD5(input2, (int)XSTRLEN((const char*)&input2), (byte*)&hash),
&hash);
ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
{
byte data[] = "Data to be hashed.";
XMEMSET(hash, 0, WC_MD5_DIGEST_SIZE);
ExpectNotNull(MD5(data, sizeof(data), NULL));
ExpectNotNull(MD5(data, sizeof(data), hash));
ExpectNotNull(MD5(NULL, 0, hash));
ExpectNull(MD5(NULL, sizeof(data), hash));
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_MD5_Transform(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
byte input1[] = "";
byte input2[] = "abc";
byte local[WC_MD5_BLOCK_SIZE];
word32 sLen = 0;
#ifdef BIG_ENDIAN_ORDER
unsigned char output1[] =
"\x03\x1f\x1d\xac\x6e\xa5\x8e\xd0\x1f\xab\x67\xb7\x74\x31\x77\x91";
unsigned char output2[] =
"\xef\xd3\x79\x8d\x67\x17\x25\x90\xa4\x13\x79\xc7\xe3\xa7\x7b\xbc";
#else
unsigned char output1[] =
"\xac\x1d\x1f\x03\xd0\x8e\xa5\x6e\xb7\x67\xab\x1f\x91\x77\x31\x74";
unsigned char output2[] =
"\x8d\x79\xd3\xef\x90\x25\x17\x67\xc7\x79\x13\xa4\xbc\x7b\xa7\xe3";
#endif
union {
wc_Md5 native;
MD5_CTX compat;
} md5;
XMEMSET(&md5.compat, 0, sizeof(md5.compat));
XMEMSET(&local, 0, sizeof(local));
/* sanity check */
ExpectIntEQ(MD5_Transform(NULL, NULL), 0);
ExpectIntEQ(MD5_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(MD5_Transform(&md5.compat, NULL), 0);
ExpectIntEQ(wc_Md5Transform(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Md5Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Md5Transform(&md5.native, NULL), BAD_FUNC_ARG);
/* Init MD5 CTX */
ExpectIntEQ(wolfSSL_MD5_Init(&md5.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(md5.native.digest, output1, WC_MD5_DIGEST_SIZE), 0);
/* Init MD5 CTX */
ExpectIntEQ(MD5_Init(&md5.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_MD5_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(md5.native.digest, output2, WC_MD5_DIGEST_SIZE), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST)
#if !defined(NO_SHA) && defined(NO_OLD_SHA_NAMES) && \
(!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
{
const unsigned char in[] = "abc";
unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
"\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D";
unsigned char out[WC_SHA_DIGEST_SIZE];
unsigned char* p = NULL;
WOLFSSL_SHA_CTX sha;
XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
ExpectNotNull(SHA1(in, XSTRLEN((char*)in), out));
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
/* SHA interface test */
XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
ExpectNull(SHA(NULL, XSTRLEN((char*)in), out));
ExpectNotNull(SHA(in, 0, out));
ExpectNotNull(SHA(in, XSTRLEN((char*)in), NULL));
ExpectNotNull(SHA(NULL, 0, out));
ExpectNotNull(SHA(NULL, 0, NULL));
ExpectNotNull(SHA(in, XSTRLEN((char*)in), out));
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
ExpectNotNull(p = SHA(in, XSTRLEN((char*)in), NULL));
ExpectIntEQ(XMEMCMP(p, expected, WC_SHA_DIGEST_SIZE), 0);
ExpectIntEQ(wolfSSL_SHA_Init(&sha), 1);
ExpectIntEQ(wolfSSL_SHA_Update(&sha, in, XSTRLEN((char*)in)), 1);
ExpectIntEQ(wolfSSL_SHA_Final(out, &sha), 1);
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
ExpectIntEQ(wolfSSL_SHA1_Init(&sha), 1);
ExpectIntEQ(wolfSSL_SHA1_Update(&sha, in, XSTRLEN((char*)in)), 1);
ExpectIntEQ(wolfSSL_SHA1_Final(out, &sha), 1);
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
}
#endif
#if !defined(NO_SHA256)
{
const unsigned char in[] = "abc";
unsigned char expected[] =
"\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
"\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
"\x15\xAD";
unsigned char out[WC_SHA256_DIGEST_SIZE];
unsigned char* p = NULL;
XMEMSET(out, 0, WC_SHA256_DIGEST_SIZE);
#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
ExpectNotNull(SHA256(in, XSTRLEN((char*)in), out));
#else
ExpectNotNull(wolfSSL_SHA256(in, XSTRLEN((char*)in), out));
#endif
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA256_DIGEST_SIZE), 0);
#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
ExpectNotNull(p = SHA256(in, XSTRLEN((char*)in), NULL));
#else
ExpectNotNull(p = wolfSSL_SHA256(in, XSTRLEN((char*)in), NULL));
#endif
ExpectIntEQ(XMEMCMP(p, expected, WC_SHA256_DIGEST_SIZE), 0);
}
#endif
#if defined(WOLFSSL_SHA384)
{
const unsigned char in[] = "abc";
unsigned char expected[] =
"\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
"\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
"\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
"\xc8\x25\xa7";
unsigned char out[WC_SHA384_DIGEST_SIZE];
unsigned char* p = NULL;
XMEMSET(out, 0, WC_SHA384_DIGEST_SIZE);
#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
ExpectNotNull(SHA384(in, XSTRLEN((char*)in), out));
#else
ExpectNotNull(wolfSSL_SHA384(in, XSTRLEN((char*)in), out));
#endif
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA384_DIGEST_SIZE), 0);
#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
ExpectNotNull(p = SHA384(in, XSTRLEN((char*)in), NULL));
#else
ExpectNotNull(p = wolfSSL_SHA384(in, XSTRLEN((char*)in), NULL));
#endif
ExpectIntEQ(XMEMCMP(p, expected, WC_SHA384_DIGEST_SIZE), 0);
}
#endif
#if defined(WOLFSSL_SHA512)
{
const unsigned char in[] = "abc";
unsigned char expected[] =
"\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
"\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
"\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
"\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
"\xa5\x4c\xa4\x9f";
unsigned char out[WC_SHA512_DIGEST_SIZE];
unsigned char* p = NULL;
XMEMSET(out, 0, WC_SHA512_DIGEST_SIZE);
#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
ExpectNotNull(SHA512(in, XSTRLEN((char*)in), out));
#else
ExpectNotNull(wolfSSL_SHA512(in, XSTRLEN((char*)in), out));
#endif
ExpectIntEQ(XMEMCMP(out, expected, WC_SHA512_DIGEST_SIZE), 0);
#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
ExpectNotNull(p = SHA512(in, XSTRLEN((char*)in), NULL));
#else
ExpectNotNull(p = wolfSSL_SHA512(in, XSTRLEN((char*)in), NULL));
#endif
ExpectIntEQ(XMEMCMP(p, expected, WC_SHA512_DIGEST_SIZE), 0);
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA_Transform(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA)
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
byte input1[] = "";
byte input2[] = "abc";
byte local[WC_SHA_BLOCK_SIZE];
word32 sLen = 0;
#ifdef BIG_ENDIAN_ORDER
unsigned char output1[] =
"\x92\xb4\x04\xe5\x56\x58\x8c\xed\x6c\x1a\xcd\x4e\xbf\x05\x3f\x68"
"\x09\xf7\x3a\x93";
unsigned char output2[] =
"\x97\xb2\x74\x8b\x4f\x5b\xbc\xca\x5b\xc0\xe6\xea\x2d\x40\xb4\xa0"
"\x7c\x6e\x08\xb8";
#else
unsigned char output1[] =
"\xe5\x04\xb4\x92\xed\x8c\x58\x56\x4e\xcd\x1a\x6c\x68\x3f\x05\xbf"
"\x93\x3a\xf7\x09";
unsigned char output2[] =
"\x8b\x74\xb2\x97\xca\xbc\x5b\x4f\xea\xe6\xc0\x5b\xa0\xb4\x40\x2d"
"\xb8\x08\x6e\x7c";
#endif
union {
wc_Sha native;
SHA_CTX compat;
} sha;
union {
wc_Sha native;
SHA_CTX compat;
} sha1;
XMEMSET(&sha.compat, 0, sizeof(sha.compat));
XMEMSET(&local, 0, sizeof(local));
/* sanity check */
ExpectIntEQ(SHA_Transform(NULL, NULL), 0);
ExpectIntEQ(SHA_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(SHA_Transform(&sha.compat, NULL), 0);
ExpectIntEQ(SHA1_Transform(NULL, NULL), 0);
ExpectIntEQ(SHA1_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(SHA1_Transform(&sha.compat, NULL), 0);
ExpectIntEQ(wc_ShaTransform(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_ShaTransform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
ExpectIntEQ(wc_ShaTransform(&sha.native, NULL), BAD_FUNC_ARG);
/* Init SHA CTX */
ExpectIntEQ(SHA_Init(&sha.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha.native.digest, output1, WC_SHA_DIGEST_SIZE), 0);
ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
/* Init SHA CTX */
ExpectIntEQ(SHA_Init(&sha.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha.native.digest, output2, WC_SHA_DIGEST_SIZE), 0);
ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
/* SHA1 */
XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
/* Init SHA CTX */
ExpectIntEQ(SHA1_Init(&sha1.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha1.native.digest, output1, WC_SHA_DIGEST_SIZE), 0);
ExpectIntEQ(SHA1_Final(local, &sha1.compat), 1); /* frees resources */
/* Init SHA CTX */
ExpectIntEQ(SHA1_Init(&sha1.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha1.native.digest, output2, WC_SHA_DIGEST_SIZE), 0);
ExpectIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA224(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224) && \
!defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
unsigned char input[] =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
unsigned char output[] =
"\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
"\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25";
size_t inLen;
byte hash[WC_SHA224_DIGEST_SIZE];
unsigned char* p;
inLen = XSTRLEN((char*)input);
XMEMSET(hash, 0, WC_SHA224_DIGEST_SIZE);
ExpectNull(SHA224(NULL, inLen, hash));
ExpectNotNull(SHA224(input, 0, hash));
ExpectNotNull(SHA224(input, inLen, NULL));
ExpectNotNull(SHA224(NULL, 0, hash));
ExpectNotNull(SHA224(NULL, 0, NULL));
ExpectNotNull(SHA224(input, inLen, hash));
ExpectIntEQ(XMEMCMP(hash, output, WC_SHA224_DIGEST_SIZE), 0);
ExpectNotNull(p = SHA224(input, inLen, NULL));
ExpectIntEQ(XMEMCMP(p, output, WC_SHA224_DIGEST_SIZE), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA256(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
unsigned char input[] =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
unsigned char output[] =
"\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
"\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
"\x06\xC1";
size_t inLen;
byte hash[WC_SHA256_DIGEST_SIZE];
inLen = XSTRLEN((char*)input);
XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
ExpectNotNull(SHA256(input, inLen, hash));
ExpectIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA256_Transform(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
!defined(WOLFSSL_KCAPI_HASH)
byte input1[] = "";
byte input2[] = "abc";
byte local[WC_SHA256_BLOCK_SIZE];
word32 sLen = 0;
#ifdef BIG_ENDIAN_ORDER
unsigned char output1[] =
"\xda\x56\x98\xbe\x17\xb9\xb4\x69\x62\x33\x57\x99\x77\x9f\xbe\xca"
"\x8c\xe5\xd4\x91\xc0\xd2\x62\x43\xba\xfe\xf9\xea\x18\x37\xa9\xd8";
unsigned char output2[] =
"\x1d\x4e\xd4\x67\x67\x7c\x61\x67\x44\x10\x76\x26\x78\x10\xff\xb8"
"\x40\xc8\x9a\x39\x73\x16\x60\x8c\xa6\x61\xd6\x05\x91\xf2\x8c\x35";
#else
unsigned char output1[] =
"\xbe\x98\x56\xda\x69\xb4\xb9\x17\x99\x57\x33\x62\xca\xbe\x9f\x77"
"\x91\xd4\xe5\x8c\x43\x62\xd2\xc0\xea\xf9\xfe\xba\xd8\xa9\x37\x18";
unsigned char output2[] =
"\x67\xd4\x4e\x1d\x67\x61\x7c\x67\x26\x76\x10\x44\xb8\xff\x10\x78"
"\x39\x9a\xc8\x40\x8c\x60\x16\x73\x05\xd6\x61\xa6\x35\x8c\xf2\x91";
#endif
union {
wc_Sha256 native;
SHA256_CTX compat;
} sha256;
XMEMSET(&sha256.compat, 0, sizeof(sha256.compat));
XMEMSET(&local, 0, sizeof(local));
/* sanity check */
ExpectIntEQ(SHA256_Transform(NULL, NULL), 0);
ExpectIntEQ(SHA256_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(SHA256_Transform(&sha256.compat, NULL), 0);
ExpectIntEQ(wc_Sha256Transform(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha256Transform(&sha256.native, NULL), BAD_FUNC_ARG);
/* Init SHA256 CTX */
ExpectIntEQ(SHA256_Init(&sha256.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha256.native.digest, output1, WC_SHA256_DIGEST_SIZE),
0);
ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
/* Init SHA256 CTX */
ExpectIntEQ(SHA256_Init(&sha256.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_SHA256_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha256.native.digest, output2, WC_SHA256_DIGEST_SIZE),
0);
ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA512_Transform(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512)
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLFSSL_KCAPI_HASH)
byte input1[] = "";
byte input2[] = "abc";
byte local[WC_SHA512_BLOCK_SIZE];
word32 sLen = 0;
#ifdef BIG_ENDIAN_ORDER
unsigned char output1[] =
"\xcf\x78\x81\xd5\x77\x4a\xcb\xe8\x53\x33\x62\xe0\xfb\xc7\x80\x70"
"\x02\x67\x63\x9d\x87\x46\x0e\xda\x30\x86\xcb\x40\xe8\x59\x31\xb0"
"\x71\x7d\xc9\x52\x88\xa0\x23\xa3\x96\xba\xb2\xc1\x4c\xe0\xb5\xe0"
"\x6f\xc4\xfe\x04\xea\xe3\x3e\x0b\x91\xf4\xd8\x0c\xbd\x66\x8b\xee";
unsigned char output2[] =
"\x11\x10\x93\x4e\xeb\xa0\xcc\x0d\xfd\x33\x43\x9c\xfb\x04\xc8\x21"
"\xa9\xb4\x26\x3d\xca\xab\x31\x41\xe2\xc6\xaa\xaf\xe1\x67\xd7\xab"
"\x31\x8f\x2e\x54\x2c\xba\x4e\x83\xbe\x88\xec\x9d\x8f\x2b\x38\x98"
"\x14\xd2\x4e\x9d\x53\x8b\x5e\x4d\xde\x68\x6c\x69\xaf\x20\x96\xf0";
#else
unsigned char output1[] =
"\xe8\xcb\x4a\x77\xd5\x81\x78\xcf\x70\x80\xc7\xfb\xe0\x62\x33\x53"
"\xda\x0e\x46\x87\x9d\x63\x67\x02\xb0\x31\x59\xe8\x40\xcb\x86\x30"
"\xa3\x23\xa0\x88\x52\xc9\x7d\x71\xe0\xb5\xe0\x4c\xc1\xb2\xba\x96"
"\x0b\x3e\xe3\xea\x04\xfe\xc4\x6f\xee\x8b\x66\xbd\x0c\xd8\xf4\x91";
unsigned char output2[] =
"\x0d\xcc\xa0\xeb\x4e\x93\x10\x11\x21\xc8\x04\xfb\x9c\x43\x33\xfd"
"\x41\x31\xab\xca\x3d\x26\xb4\xa9\xab\xd7\x67\xe1\xaf\xaa\xc6\xe2"
"\x83\x4e\xba\x2c\x54\x2e\x8f\x31\x98\x38\x2b\x8f\x9d\xec\x88\xbe"
"\x4d\x5e\x8b\x53\x9d\x4e\xd2\x14\xf0\x96\x20\xaf\x69\x6c\x68\xde";
#endif
union {
wc_Sha512 native;
SHA512_CTX compat;
} sha512;
XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
XMEMSET(&local, 0, sizeof(local));
/* sanity check */
ExpectIntEQ(SHA512_Transform(NULL, NULL), 0);
ExpectIntEQ(SHA512_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(SHA512_Transform(&sha512.compat, NULL), 0);
ExpectIntEQ(wc_Sha512Transform(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512Transform(&sha512.native, NULL), BAD_FUNC_ARG);
/* Init SHA512 CTX */
ExpectIntEQ(wolfSSL_SHA512_Init(&sha512.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
WC_SHA512_DIGEST_SIZE), 0);
ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
/* Init SHA512 CTX */
ExpectIntEQ(SHA512_Init(&sha512.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
WC_SHA512_DIGEST_SIZE), 0);
ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
(void)input1;
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA512_224_Transform(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \
!defined(WOLFSSL_NOSHA512_224)
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLFSSL_KCAPI_HASH)
byte input1[] = "";
byte input2[] = "abc";
byte local[WC_SHA512_BLOCK_SIZE];
word32 sLen = 0;
unsigned char output1[] =
"\x94\x24\x66\xd4\x60\x3a\xeb\x23\x1d\xa8\x69\x31\x3c\xd2\xde\x11"
"\x48\x0f\x4a\x5a\xdf\x3a\x8d\x87\xcf\xcd\xbf\xa5\x03\x21\x50\xf1"
"\x8a\x0d\x0f\x0d\x3c\x07\xba\x52\xe0\xaa\x3c\xbb\xf1\xd3\x3f\xca"
"\x12\xa7\x61\xf8\x47\xda\x0d\x1b\x79\xc2\x65\x13\x92\xc1\x9c\xa5";
unsigned char output2[] =
"\x51\x28\xe7\x0b\xca\x1e\xbc\x5f\xd7\x34\x0b\x48\x30\xd7\xc2\x75"
"\x6d\x8d\x48\x2c\x1f\xc7\x9e\x2b\x20\x5e\xbb\x0f\x0e\x4d\xb7\x61"
"\x31\x76\x33\xa0\xb4\x3d\x5f\x93\xc1\x73\xac\xf7\x21\xff\x69\x17"
"\xce\x66\xe5\x1e\x31\xe7\xf3\x22\x0f\x0b\x34\xd7\x5a\x57\xeb\xbf";
union {
wc_Sha512 native;
SHA512_CTX compat;
} sha512;
#ifdef BIG_ENDIAN_ORDER
ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1));
ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2));
#endif
XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
XMEMSET(&local, 0, sizeof(local));
/* sanity check */
ExpectIntEQ(SHA512_224_Transform(NULL, NULL), 0);
ExpectIntEQ(SHA512_224_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(SHA512_224_Transform(&sha512.compat, NULL), 0);
ExpectIntEQ(wc_Sha512_224Transform(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_224Transform(NULL, (const byte*)&input1),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_224Transform(&sha512.native, NULL), BAD_FUNC_ARG);
/* Init SHA512 CTX */
ExpectIntEQ(wolfSSL_SHA512_224_Init(&sha512.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]),
1);
ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
WC_SHA512_DIGEST_SIZE), 0);
/* frees resources */
ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1);
/* Init SHA512 CTX */
ExpectIntEQ(SHA512_224_Init(&sha512.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]),
1);
ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
WC_SHA512_DIGEST_SIZE), 0);
/* frees resources */
ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SHA512_256_Transform(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \
!defined(WOLFSSL_NOSHA512_256)
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
!defined(WOLFSSL_KCAPI_HASH)
byte input1[] = "";
byte input2[] = "abc";
byte local[WC_SHA512_BLOCK_SIZE];
word32 sLen = 0;
unsigned char output1[] =
"\xf8\x37\x37\x5a\xd7\x2e\x56\xec\xe2\x51\xa8\x31\x3a\xa0\x63\x2b"
"\x7e\x7c\x64\xcc\xd9\xff\x2b\x6b\xeb\xc3\xd4\x4d\x7f\x8a\x3a\xb5"
"\x61\x85\x0b\x37\x30\x9f\x3b\x08\x5e\x7b\xd3\xbc\x6d\x00\x61\xc0"
"\x65\x9a\xd7\x73\xda\x40\xbe\xc1\xe5\x2f\xc6\x5d\xb7\x9f\xbe\x60";
unsigned char output2[] =
"\x22\xad\xc0\x30\xee\xd4\x6a\xef\x13\xee\x5a\x95\x8b\x1f\xb7\xb6"
"\xb6\xba\xc0\x44\xb8\x18\x3b\xf0\xf6\x4b\x70\x9f\x03\xba\x64\xa1"
"\xe1\xe3\x45\x15\x91\x7d\xcb\x0b\x9a\xf0\xd2\x8e\x47\x8b\x37\x78"
"\x91\x41\xa6\xc4\xb0\x29\x8f\x8b\xdd\x78\x5c\xf2\x73\x3f\x21\x31";
union {
wc_Sha512 native;
SHA512_CTX compat;
} sha512;
#ifdef BIG_ENDIAN_ORDER
ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1));
ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2));
#endif
XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
XMEMSET(&local, 0, sizeof(local));
/* sanity check */
ExpectIntEQ(SHA512_256_Transform(NULL, NULL), 0);
ExpectIntEQ(SHA512_256_Transform(NULL, (const byte*)&input1), 0);
ExpectIntEQ(SHA512_256_Transform(&sha512.compat, NULL), 0);
ExpectIntEQ(wc_Sha512_256Transform(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_256Transform(NULL, (const byte*)&input1),
BAD_FUNC_ARG);
ExpectIntEQ(wc_Sha512_256Transform(&sha512.native, NULL), BAD_FUNC_ARG);
/* Init SHA512 CTX */
ExpectIntEQ(wolfSSL_SHA512_256_Init(&sha512.compat), 1);
/* Do Transform*/
sLen = (word32)XSTRLEN((char*)input1);
XMEMCPY(local, input1, sLen);
ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]),
1);
ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
WC_SHA512_DIGEST_SIZE), 0);
/* frees resources */
ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1);
/* Init SHA512 CTX */
ExpectIntEQ(SHA512_256_Init(&sha512.compat), 1);
sLen = (word32)XSTRLEN((char*)input2);
XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
XMEMCPY(local, input2, sLen);
ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]),
1);
ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
WC_SHA512_DIGEST_SIZE), 0);
/* frees resources */
ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1);
#endif
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
/* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a
* buffer of 64 bytes.
*
* returns the size of the digest buffer on success and a negative value on
* failure.
*/
static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest,
int* sz)
{
EXPECT_DECLS;
HMAC_CTX ctx1;
HMAC_CTX ctx2;
unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
unsigned char long_key[] =
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789"
"0123456789012345678901234567890123456789";
unsigned char msg[] = "message to hash";
unsigned int digestSz = 64;
int keySz = sizeof(key);
int long_keySz = sizeof(long_key);
int msgSz = sizeof(msg);
unsigned char digest2[64];
unsigned int digestSz2 = 64;
HMAC_CTX_init(&ctx1);
ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx1);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
ExpectIntEQ(digestSz, digestSz2);
ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* test HMAC_Init with NULL key */
/* init after copy */
HMAC_CTX_init(&ctx1);
ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx1);
ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
ExpectIntEQ(digestSz, digestSz2);
ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* long key */
HMAC_CTX_init(&ctx1);
ExpectIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type),
SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx1);
ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
ExpectIntEQ(digestSz, digestSz2);
ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
/* init before copy */
HMAC_CTX_init(&ctx1);
ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx1);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
HMAC_CTX_cleanup(&ctx2);
ExpectIntEQ(digestSz, digestSz2);
ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
*sz = (int)digestSz;
return EXPECT_RESULT();
}
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */
static int test_wolfSSL_HMAC_CTX(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
unsigned char digest[64];
int digestSz;
WOLFSSL_HMAC_CTX* hmac_ctx = NULL;
WOLFSSL_HMAC_CTX ctx1;
WOLFSSL_HMAC_CTX ctx2;
ExpectNotNull(hmac_ctx = wolfSSL_HMAC_CTX_new());
ExpectIntEQ(wolfSSL_HMAC_CTX_Init(NULL), 1);
ExpectIntEQ(wolfSSL_HMAC_CTX_Init(hmac_ctx), 1);
wolfSSL_HMAC_CTX_free(NULL);
wolfSSL_HMAC_CTX_free(hmac_ctx);
XMEMSET(&ctx2, 0, sizeof(WOLFSSL_HMAC_CTX));
ExpectIntEQ(HMAC_CTX_init(NULL), 1);
ExpectIntEQ(HMAC_CTX_init(&ctx2), 1);
ExpectIntEQ(HMAC_CTX_copy(NULL, NULL), 0);
ExpectIntEQ(HMAC_CTX_copy(NULL, &ctx2), 0);
ExpectIntEQ(HMAC_CTX_copy(&ctx2, NULL), 0);
#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \
((! defined(HAVE_FIPS_VERSION)) || \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)))
/* Copy object that hasn't had a digest set - MD5. */
ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 1);
#else
/* Copy object that hasn't had a digest set. */
ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 0);
#endif
HMAC_CTX_cleanup(NULL);
HMAC_CTX_cleanup(&ctx2);
ExpectNull(HMAC_CTX_get_md(NULL));
#ifndef NO_SHA
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha1(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 20);
ExpectIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA"
"\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0);
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha224(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 28);
ExpectIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95"
"\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD"
"\x02\x0E", digest, digestSz), 0);
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha256(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 32);
ExpectIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC"
"\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2"
"\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0);
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha384(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 48);
ExpectIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7"
"\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25"
"\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7"
"\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB",
digest, digestSz), 0);
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha512(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 64);
ExpectIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD"
"\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10"
"\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60"
"\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60"
"\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0",
digest, digestSz), 0);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_224(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 28);
ExpectIntEQ(XMEMCMP("\xdc\x53\x25\x3f\xc0\x9d\x2b\x0c\x7f\x59\x11\x17\x08"
"\x5c\xe8\x43\x31\x01\x5a\xb3\xe3\x08\x37\x71\x26\x0b"
"\x29\x0f", digest, digestSz), 0);
#endif
#ifndef WOLFSSL_NOSHA3_256
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_256(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 32);
ExpectIntEQ(XMEMCMP("\x0f\x00\x89\x82\x15\xce\xd6\x45\x01\x83\xce\xc8\x35"
"\xab\x71\x07\xc9\xfe\x61\x22\x38\xf9\x09\xad\x35\x65"
"\x43\x77\x24\xd4\x1e\xf4", digest, digestSz), 0);
#endif
#ifndef WOLFSSL_NOSHA3_384
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_384(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 48);
ExpectIntEQ(XMEMCMP("\x0f\x6a\xc0\xfb\xc3\xf2\x80\xb1\xb4\x04\xb6\xc8\x45"
"\x23\x3b\xb4\xbe\xc6\xea\x85\x07\xca\x8c\x71\xbb\x6e"
"\x79\xf6\xf9\x2b\x98\xf5\xef\x11\x39\xd4\x5d\xd3\xca"
"\xc0\xe6\x81\xf7\x73\xf9\x85\x5d\x4f",
digest, digestSz), 0);
#endif
#ifndef WOLFSSL_NOSHA3_512
ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_512(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 64);
ExpectIntEQ(XMEMCMP("\x3e\x77\xe3\x59\x42\x89\xed\xc3\xa4\x26\x3d\xa4\x75"
"\xd2\x84\x8c\xb2\xf3\x25\x04\x47\x61\xce\x1c\x42\x86"
"\xcd\xf4\x56\xaa\x2f\x84\xb1\x3b\x18\xed\xe6\xd6\x48"
"\x15\xb0\x29\xc5\x9d\x32\xef\xdd\x3e\x09\xf6\xed\x9e"
"\x70\xbc\x1c\x63\xf7\x3b\x3e\xe1\xdc\x84\x9c\x1c",
digest, digestSz), 0);
#endif
#endif
#if !defined(NO_MD5) && (!defined(HAVE_FIPS_VERSION) || \
HAVE_FIPS_VERSION <= 2)
ExpectIntEQ((test_HMAC_CTX_helper(EVP_md5(), digest, &digestSz)),
TEST_SUCCESS);
ExpectIntEQ(digestSz, 16);
ExpectIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F"
"\xE4\x98\xDD", digest, digestSz), 0);
#endif /* !NO_MD5 */
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
static int test_openssl_hmac(const WOLFSSL_EVP_MD* md, int md_len)
{
EXPECT_DECLS;
static const unsigned char key[] = "simple test key";
HMAC_CTX* hmac = NULL;
ENGINE* e = NULL;
unsigned char hash[WC_MAX_DIGEST_SIZE];
unsigned int len;
ExpectNotNull(hmac = HMAC_CTX_new());
HMAC_CTX_init(hmac);
#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \
((! defined(HAVE_FIPS_VERSION)) || \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)))
/* Get size on object that hasn't had a digest set - MD5. */
ExpectIntEQ(HMAC_size(hmac), 16);
ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 1);
ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 1);
ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 1);
#else
ExpectIntEQ(HMAC_size(hmac), BAD_FUNC_ARG);
ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 0);
ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 0);
ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 0);
#endif
ExpectIntEQ(HMAC_Init_ex(NULL, (void*)key, (int)sizeof(key), md, e), 0);
ExpectIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key), md, e), 1);
/* re-using test key as data to hash */
ExpectIntEQ(HMAC_Update(NULL, key, (int)sizeof(key)), 0);
ExpectIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), 1);
ExpectIntEQ(HMAC_Update(hmac, key, 0), 1);
ExpectIntEQ(HMAC_Update(hmac, NULL, 0), 1);
ExpectIntEQ(HMAC_Update(hmac, NULL, (int)sizeof(key)), 1);
ExpectIntEQ(HMAC_Final(NULL, NULL, &len), 0);
ExpectIntEQ(HMAC_Final(hmac, NULL, &len), 0);
ExpectIntEQ(HMAC_Final(NULL, hash, &len), 0);
ExpectIntEQ(HMAC_Final(hmac, hash, &len), 1);
ExpectIntEQ(HMAC_Final(hmac, hash, NULL), 1);
ExpectIntEQ(len, md_len);
ExpectIntEQ(HMAC_size(NULL), 0);
ExpectIntEQ(HMAC_size(hmac), md_len);
ExpectStrEQ(HMAC_CTX_get_md(hmac), md);
HMAC_cleanup(NULL);
HMAC_cleanup(hmac);
HMAC_CTX_free(hmac);
len = 0;
ExpectNull(HMAC(NULL, key, (int)sizeof(key), NULL, 0, hash, &len));
ExpectNull(HMAC(md, NULL, (int)sizeof(key), NULL, 0, hash, &len));
ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, 0, NULL, &len));
ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, &len));
ExpectIntEQ(len, md_len);
ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, NULL));
/* With data. */
ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, (int)sizeof(key), hash,
&len));
/* With NULL data. */
ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, (int)sizeof(key), hash,
&len));
/* With zero length data. */
ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, 0, hash, &len));
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_HMAC(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
#ifndef NO_SHA256
ExpectIntEQ(test_openssl_hmac(EVP_sha256(), (int)WC_SHA256_DIGEST_SIZE),
TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA224
ExpectIntEQ(test_openssl_hmac(EVP_sha224(), (int)WC_SHA224_DIGEST_SIZE),
TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA384
ExpectIntEQ(test_openssl_hmac(EVP_sha384(), (int)WC_SHA384_DIGEST_SIZE),
TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA512
ExpectIntEQ(test_openssl_hmac(EVP_sha512(), (int)WC_SHA512_DIGEST_SIZE),
TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
ExpectIntEQ(test_openssl_hmac(EVP_sha3_224(),
(int)WC_SHA3_224_DIGEST_SIZE), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_256
ExpectIntEQ(test_openssl_hmac(EVP_sha3_256(),
(int)WC_SHA3_256_DIGEST_SIZE), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_384
ExpectIntEQ(test_openssl_hmac(EVP_sha3_384(),
(int)WC_SHA3_384_DIGEST_SIZE), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_512
ExpectIntEQ(test_openssl_hmac(EVP_sha3_512(),
(int)WC_SHA3_512_DIGEST_SIZE), TEST_SUCCESS);
#endif
#endif
#ifndef NO_SHA
ExpectIntEQ(test_openssl_hmac(EVP_sha1(), (int)WC_SHA_DIGEST_SIZE),
TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CMAC(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_AES_DIRECT)
int i;
byte key[AES_256_KEY_SIZE];
CMAC_CTX* cmacCtx = NULL;
byte out[AES_BLOCK_SIZE];
size_t outLen = AES_BLOCK_SIZE;
for (i=0; i < AES_256_KEY_SIZE; ++i) {
key[i] = i;
}
ExpectNotNull(cmacCtx = CMAC_CTX_new());
/* Check CMAC_CTX_get0_cipher_ctx; return value not used. */
ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
NULL), 1);
/* re-using test key as data to hash */
ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1);
ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 1);
ExpectIntEQ(outLen, AES_BLOCK_SIZE);
/* No Update works. */
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
NULL), 1);
ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
NULL), 1);
/* Test parameters with CMAC_Update. */
ExpectIntEQ(CMAC_Update(NULL, NULL, 0), 0);
ExpectIntEQ(CMAC_Update(NULL, key, 0), 0);
ExpectIntEQ(CMAC_Update(NULL, NULL, AES_128_KEY_SIZE), 0);
ExpectIntEQ(CMAC_Update(NULL, key, AES_128_KEY_SIZE), 0);
ExpectIntEQ(CMAC_Update(cmacCtx, key, 0), 1);
ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1);
ExpectIntEQ(CMAC_Update(cmacCtx, NULL, AES_128_KEY_SIZE), 1);
/* Test parameters with CMAC_Final. */
ExpectIntEQ(CMAC_Final(NULL, NULL, NULL), 0);
ExpectIntEQ(CMAC_Final(NULL, out, NULL), 0);
ExpectIntEQ(CMAC_Final(NULL, NULL, &outLen), 0);
ExpectIntEQ(CMAC_Final(NULL, out, &outLen), 0);
ExpectIntEQ(CMAC_Final(cmacCtx, NULL, NULL), 1);
ExpectIntEQ(CMAC_Final(cmacCtx, NULL, &outLen), 1);
ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
CMAC_CTX_free(cmacCtx);
/* Test parameters with CMAC Init. */
cmacCtx = NULL;
ExpectNotNull(cmacCtx = CMAC_CTX_new());
ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
ExpectIntEQ(CMAC_Init(NULL, NULL, 0, NULL, NULL), 0);
ExpectIntEQ(CMAC_Init(NULL, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
NULL), 0);
ExpectIntEQ(CMAC_Init(cmacCtx, NULL, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
NULL), 0);
/* give a key too small for the cipher, verify we get failure */
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_192_cbc(),
NULL), 0);
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, NULL, NULL), 0);
#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
/* Only AES-CBC supported. */
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_gcm(),
NULL), 0);
#endif
CMAC_CTX_free(cmacCtx);
ExpectNull(CMAC_CTX_get0_cipher_ctx(NULL));
cmacCtx = NULL;
ExpectNotNull(cmacCtx = CMAC_CTX_new());
/* No Init. */
ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 0);
CMAC_CTX_free(cmacCtx);
/* Test AES-256-CBC */
cmacCtx = NULL;
ExpectNotNull(cmacCtx = CMAC_CTX_new());
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_256_KEY_SIZE, EVP_aes_256_cbc(),
NULL), 1);
ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
CMAC_CTX_free(cmacCtx);
/* Test AES-192-CBC */
cmacCtx = NULL;
ExpectNotNull(cmacCtx = CMAC_CTX_new());
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
NULL), 1);
ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
CMAC_CTX_free(cmacCtx);
cmacCtx = NULL;
ExpectNotNull(cmacCtx = CMAC_CTX_new());
CMAC_CTX_free(cmacCtx);
#endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
return EXPECT_RESULT();
}
static int test_wolfSSL_DES(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
const_DES_cblock myDes;
DES_cblock iv;
DES_key_schedule key;
word32 i = 0;
DES_LONG dl = 0;
unsigned char msg[] = "hello wolfssl";
unsigned char weakKey[][8] = {
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
{ 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
{ 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
{ 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }
};
unsigned char semiWeakKey[][8] = {
{ 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
{ 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
{ 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
{ 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
{ 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
{ 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
{ 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
{ 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
{ 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
{ 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
{ 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
{ 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
};
DES_check_key(1);
DES_set_key(&myDes, &key);
/* check, check of odd parity */
XMEMSET(myDes, 4, sizeof(const_DES_cblock));
myDes[0] = 6; /* set even parity */
XMEMSET(key, 5, sizeof(DES_key_schedule));
ExpectIntEQ(DES_set_key_checked(&myDes, &key), -1);
ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
ExpectIntEQ(DES_set_key_checked(NULL, NULL), -2);
ExpectIntEQ(DES_set_key_checked(&myDes, NULL), -2);
ExpectIntEQ(DES_set_key_checked(NULL, &key), -2);
/* set odd parity for success case */
DES_set_odd_parity(&myDes);
ExpectIntEQ(DES_check_key_parity(&myDes), 1);
fprintf(stderr, "%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2],
myDes[3]);
ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
for (i = 0; i < sizeof(DES_key_schedule); i++) {
ExpectIntEQ(key[i], myDes[i]);
}
ExpectIntEQ(DES_is_weak_key(&myDes), 0);
/* check weak key */
XMEMSET(myDes, 1, sizeof(const_DES_cblock));
XMEMSET(key, 5, sizeof(DES_key_schedule));
ExpectIntEQ(DES_set_key_checked(&myDes, &key), -2);
ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
DES_set_key_unchecked(NULL, NULL);
DES_set_key_unchecked(&myDes, NULL);
DES_set_key_unchecked(NULL, &key);
/* compare arrays, should be the same */
/* now do unchecked copy of a weak key over */
DES_set_key_unchecked(&myDes, &key);
/* compare arrays, should be the same */
for (i = 0; i < sizeof(DES_key_schedule); i++) {
ExpectIntEQ(key[i], myDes[i]);
}
ExpectIntEQ(DES_is_weak_key(&myDes), 1);
myDes[7] = 2;
ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
ExpectIntEQ(DES_is_weak_key(&myDes), 0);
ExpectIntEQ(DES_is_weak_key(NULL), 1);
/* Test all weak keys. */
for (i = 0; i < sizeof(weakKey) / sizeof(*weakKey); i++) {
ExpectIntEQ(DES_set_key_checked(&weakKey[i], &key), -2);
}
/* Test all semi-weak keys. */
for (i = 0; i < sizeof(semiWeakKey) / sizeof(*semiWeakKey); i++) {
ExpectIntEQ(DES_set_key_checked(&semiWeakKey[i], &key), -2);
}
/* check DES_key_sched API */
XMEMSET(key, 1, sizeof(DES_key_schedule));
ExpectIntEQ(DES_key_sched(&myDes, NULL), 0);
ExpectIntEQ(DES_key_sched(NULL, &key), 0);
ExpectIntEQ(DES_key_sched(&myDes, &key), 0);
/* compare arrays, should be the same */
for (i = 0; i < sizeof(DES_key_schedule); i++) {
ExpectIntEQ(key[i], myDes[i]);
}
ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, NULL)), 0);
ExpectIntEQ((DES_cbc_cksum(msg, NULL, 0, NULL, NULL)), 0);
ExpectIntEQ((DES_cbc_cksum(NULL, &key, 0, NULL, NULL)), 0);
ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, &myDes, NULL)), 0);
ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, &iv)), 0);
ExpectIntEQ((DES_cbc_cksum(NULL, &key, sizeof(msg), &myDes, &iv)), 0);
ExpectIntEQ((DES_cbc_cksum(msg, NULL, sizeof(msg), &myDes, &iv)), 0);
ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), NULL, &iv)), 0);
ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, NULL)), 0);
/* DES_cbc_cksum should return the last 4 of the last 8 bytes after
* DES_cbc_encrypt on the input */
XMEMSET(iv, 0, sizeof(DES_cblock));
XMEMSET(myDes, 5, sizeof(DES_key_schedule));
ExpectIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0);
ExpectIntEQ(dl, 480052723);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
return EXPECT_RESULT();
}
static int test_wolfSSL_DES_ncbc(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
const_DES_cblock myDes;
DES_cblock iv = {1};
DES_key_schedule key = {0};
unsigned char msg[] = "hello wolfssl";
unsigned char out[DES_BLOCK_SIZE * 2] = {0};
unsigned char pln[DES_BLOCK_SIZE * 2] = {0};
unsigned char exp[] = {0x31, 0x98, 0x2F, 0x3A, 0x55, 0xBF, 0xD8, 0xC4};
unsigned char exp2[] = {0xC7, 0x45, 0x8B, 0x28, 0x10, 0x53, 0xE0, 0x58};
/* partial block test */
DES_set_key(&key, &myDes);
DES_ncbc_encrypt(msg, out, 3, &myDes, &iv, DES_ENCRYPT);
ExpectIntEQ(XMEMCMP(exp, out, DES_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
DES_set_key(&key, &myDes);
XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
*((byte*)&iv) = 1;
DES_ncbc_encrypt(out, pln, 3, &myDes, &iv, DES_DECRYPT);
ExpectIntEQ(XMEMCMP(msg, pln, 3), 0);
ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
/* full block test */
DES_set_key(&key, &myDes);
XMEMSET(pln, 0, DES_BLOCK_SIZE);
XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
*((byte*)&iv) = 1;
DES_ncbc_encrypt(msg, out, 8, &myDes, &iv, DES_ENCRYPT);
ExpectIntEQ(XMEMCMP(exp2, out, DES_BLOCK_SIZE), 0);
ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
DES_set_key(&key, &myDes);
XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
*((byte*)&iv) = 1;
DES_ncbc_encrypt(out, pln, 8, &myDes, &iv, DES_DECRYPT);
ExpectIntEQ(XMEMCMP(msg, pln, 8), 0);
ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DES_ecb_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
WOLFSSL_DES_cblock input1, input2, output1, output2, back1, back2;
WOLFSSL_DES_key_schedule key;
XMEMCPY(key, "12345678", sizeof(WOLFSSL_DES_key_schedule));
XMEMCPY(input1, "Iamhuman", sizeof(WOLFSSL_DES_cblock));
XMEMCPY(input2, "Whoisit?", sizeof(WOLFSSL_DES_cblock));
XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
wolfSSL_DES_ecb_encrypt(NULL, NULL, NULL, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(&input1, NULL, NULL, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(NULL, &output1, NULL, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(NULL, NULL, &key, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(&input1, &output1, NULL, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(&input1, NULL, &key, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(NULL, &output1, &key, DES_ENCRYPT);
/* Encrypt messages */
wolfSSL_DES_ecb_encrypt(&input1, &output1, &key, DES_ENCRYPT);
wolfSSL_DES_ecb_encrypt(&input2, &output2, &key, DES_ENCRYPT);
{
/* Decrypt messages */
int ret1 = 0;
int ret2 = 0;
wolfSSL_DES_ecb_encrypt(&output1, &back1, &key, DES_DECRYPT);
ExpectIntEQ(ret1 = XMEMCMP((unsigned char *)back1,
(unsigned char *)input1, sizeof(WOLFSSL_DES_cblock)), 0);
wolfSSL_DES_ecb_encrypt(&output2, &back2, &key, DES_DECRYPT);
ExpectIntEQ(ret2 = XMEMCMP((unsigned char *)back2,
(unsigned char *)input2, sizeof(WOLFSSL_DES_cblock)), 0);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DES_ede3_cbc_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
unsigned char input1[8], input2[8];
unsigned char output1[8], output2[8];
unsigned char back1[8], back2[8];
WOLFSSL_DES_cblock iv1, iv2;
WOLFSSL_DES_key_schedule key1, key2, key3;
int i;
XMEMCPY(key1, "12345678", sizeof(WOLFSSL_DES_key_schedule));
XMEMCPY(key2, "23456781", sizeof(WOLFSSL_DES_key_schedule));
XMEMCPY(key3, "34567823", sizeof(WOLFSSL_DES_key_schedule));
XMEMCPY(input1, "Iamhuman", sizeof(input1));
XMEMCPY(input2, "Whoisit?", sizeof(input2));
XMEMSET(output1, 0, sizeof(output1));
XMEMSET(output2, 0, sizeof(output2));
XMEMSET(back1, 0, sizeof(back1));
XMEMSET(back2, 0, sizeof(back2));
XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
/* Encrypt messages */
wolfSSL_DES_ede3_cbc_encrypt(input1, output1, 8, &key1, &key2, &key3, &iv1,
DES_ENCRYPT);
wolfSSL_DES_ede3_cbc_encrypt(input2, output2, 8, &key1, &key2, &key3, &iv2,
DES_ENCRYPT);
{
XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
/* Decrypt messages */
wolfSSL_DES_ede3_cbc_encrypt(output1, back1, 8, &key1, &key2, &key3,
&iv1, DES_DECRYPT);
ExpectIntEQ(XMEMCMP(back1, input1, sizeof(input1)), 0);
wolfSSL_DES_ede3_cbc_encrypt(output2, back2, 8, &key1, &key2, &key3,
&iv2, DES_DECRYPT);
ExpectIntEQ(XMEMCMP(back2, input2, sizeof(input2)), 0);
}
for (i = 0; i < 8; i++) {
XMEMSET(output1, 0, sizeof(output1));
XMEMSET(output2, 0, sizeof(output2));
XMEMSET(back1, 0, sizeof(back1));
XMEMSET(back2, 0, sizeof(back2));
XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
/* Encrypt partial messages */
wolfSSL_DES_ede3_cbc_encrypt(input1, output1, i, &key1, &key2, &key3,
&iv1, DES_ENCRYPT);
wolfSSL_DES_ede3_cbc_encrypt(input2, output2, i, &key1, &key2, &key3,
&iv2, DES_ENCRYPT);
{
XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
/* Decrypt messages */
wolfSSL_DES_ede3_cbc_encrypt(output1, back1, i, &key1, &key2,
&key3, &iv1, DES_DECRYPT);
ExpectIntEQ(XMEMCMP(back1, input1, i), 0);
wolfSSL_DES_ede3_cbc_encrypt(output2, back2, i, &key1, &key2,
&key3, &iv2, DES_DECRYPT);
ExpectIntEQ(XMEMCMP(back2, input2, i), 0);
}
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_AES_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
&& !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
AES_KEY enc;
AES_KEY dec;
const byte msg[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
};
const byte exp[] = {
0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
};
const byte key[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
byte eout[sizeof(msg)];
byte dout[sizeof(msg)];
ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &enc), 0);
ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &dec), 0);
wolfSSL_AES_encrypt(NULL, NULL, NULL);
wolfSSL_AES_encrypt(msg, NULL, NULL);
wolfSSL_AES_encrypt(NULL, eout, NULL);
wolfSSL_AES_encrypt(NULL, NULL, &enc);
wolfSSL_AES_encrypt(msg, eout, NULL);
wolfSSL_AES_encrypt(msg, NULL, &enc);
wolfSSL_AES_encrypt(NULL, eout, &enc);
wolfSSL_AES_decrypt(NULL, NULL, NULL);
wolfSSL_AES_decrypt(eout, NULL, NULL);
wolfSSL_AES_decrypt(NULL, dout, NULL);
wolfSSL_AES_decrypt(NULL, NULL, &dec);
wolfSSL_AES_decrypt(eout, dout, NULL);
wolfSSL_AES_decrypt(eout, NULL, &dec);
wolfSSL_AES_decrypt(NULL, dout, &dec);
wolfSSL_AES_encrypt(msg, eout, &enc);
ExpectIntEQ(XMEMCMP(eout, exp, AES_BLOCK_SIZE), 0);
wolfSSL_AES_decrypt(eout, dout, &dec);
ExpectIntEQ(XMEMCMP(dout, msg, AES_BLOCK_SIZE), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_AES_ecb_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
&& !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
AES_KEY aes;
const byte msg[] =
{
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
};
const byte verify[] =
{
0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
};
const byte key[] =
{
0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
};
byte out[AES_BLOCK_SIZE];
ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
XMEMSET(out, 0, AES_BLOCK_SIZE);
AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
ExpectIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
#ifdef HAVE_AES_DECRYPT
ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
XMEMSET(out, 0, AES_BLOCK_SIZE);
AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
ExpectIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
#endif
/* test bad arguments */
AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_AES_cbc_encrypt(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \
!defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
AES_KEY aes;
AES_KEY* aesN = NULL;
size_t len = 0;
size_t lenB = 0;
int keySz0 = 0;
int keySzN = -1;
byte out[AES_BLOCK_SIZE] = {0};
byte* outN = NULL;
/* Test vectors retrieved from:
* <begin URL>
* https://csrc.nist.gov/
* CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/
* documents/aes/KAT_AES.zip
* </end URL>
*/
const byte* pt128N = NULL;
byte* key128N = NULL;
byte* iv128N = NULL;
byte iv128tmp[AES_BLOCK_SIZE] = {0};
const byte pt128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
const byte ct128[] = { 0x87,0x85,0xb1,0xa7,0x5b,0x0f,0x3b,0xd9,
0x58,0xdc,0xd0,0xe2,0x93,0x18,0xc5,0x21 };
const byte iv128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
byte key128[] = { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
0xff,0xff,0xf0,0x00,0x00,0x00,0x00,0x00 };
len = sizeof(pt128);
#define STRESS_T(a, b, c, d, e, f, g, h, i) \
wolfSSL_AES_cbc_encrypt(a, b, c, d, e, f); \
ExpectIntNE(XMEMCMP(b, g, h), i)
#define RESET_IV(x, y) XMEMCPY(x, y, AES_BLOCK_SIZE)
/* Stressing wolfSSL_AES_cbc_encrypt() */
STRESS_T(pt128N, out, len, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
STRESS_T(pt128, out, len, &aes, iv128N, 1, ct128, AES_BLOCK_SIZE, 0);
wolfSSL_AES_cbc_encrypt(pt128, outN, len, &aes, iv128tmp, AES_ENCRYPT);
ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
wolfSSL_AES_cbc_encrypt(pt128, out, len, aesN, iv128tmp, AES_ENCRYPT);
ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
STRESS_T(pt128, out, lenB, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
/* Stressing wolfSSL_AES_set_encrypt_key */
ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128N, sizeof(key128)*8, &aes),0);
ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, aesN),0);
ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySz0, &aes), 0);
ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySzN, &aes), 0);
/* Stressing wolfSSL_AES_set_decrypt_key */
ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, &aes),0);
ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, aesN),0);
ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySz0, &aes), 0);
ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySzN, &aes), 0);
#ifdef WOLFSSL_AES_128
/* wolfSSL_AES_cbc_encrypt() 128-bit */
XMEMSET(out, 0, AES_BLOCK_SIZE);
RESET_IV(iv128tmp, iv128);
ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, &aes), 0);
wolfSSL_AES_cbc_encrypt(pt128, out, len, &aes, iv128tmp, AES_ENCRYPT);
ExpectIntEQ(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
wc_AesFree((Aes*)&aes);
#ifdef HAVE_AES_DECRYPT
/* wolfSSL_AES_cbc_encrypt() 128-bit in decrypt mode */
XMEMSET(out, 0, AES_BLOCK_SIZE);
RESET_IV(iv128tmp, iv128);
len = sizeof(ct128);
ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key128, sizeof(key128)*8, &aes), 0);
wolfSSL_AES_cbc_encrypt(ct128, out, len, &aes, iv128tmp, AES_DECRYPT);
ExpectIntEQ(XMEMCMP(out, pt128, AES_BLOCK_SIZE), 0);
wc_AesFree((Aes*)&aes);
#endif
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
{
/* Test vectors from NIST Special Publication 800-38A, 2001 Edition
* Appendix F.2.3 */
byte iv192tmp[AES_BLOCK_SIZE] = {0};
const byte pt192[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
const byte ct192[] = { 0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d,
0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8 };
const byte iv192[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
byte key192[] = { 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b };
len = sizeof(pt192);
/* wolfSSL_AES_cbc_encrypt() 192-bit */
XMEMSET(out, 0, AES_BLOCK_SIZE);
RESET_IV(iv192tmp, iv192);
ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key192, sizeof(key192)*8, &aes), 0);
wolfSSL_AES_cbc_encrypt(pt192, out, len, &aes, iv192tmp, AES_ENCRYPT);
ExpectIntEQ(XMEMCMP(out, ct192, AES_BLOCK_SIZE), 0);
wc_AesFree((Aes*)&aes);
#ifdef HAVE_AES_DECRYPT
/* wolfSSL_AES_cbc_encrypt() 192-bit in decrypt mode */
len = sizeof(ct192);
RESET_IV(iv192tmp, iv192);
XMEMSET(out, 0, AES_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key192, sizeof(key192)*8, &aes), 0);
wolfSSL_AES_cbc_encrypt(ct192, out, len, &aes, iv192tmp, AES_DECRYPT);
ExpectIntEQ(XMEMCMP(out, pt192, AES_BLOCK_SIZE), 0);
wc_AesFree((Aes*)&aes);
#endif
}
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
{
/* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
* Appendix F.2.5 */
byte iv256tmp[AES_BLOCK_SIZE] = {0};
const byte pt256[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
const byte ct256[] = { 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6 };
const byte iv256[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
byte key256[] = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 };
len = sizeof(pt256);
/* wolfSSL_AES_cbc_encrypt() 256-bit */
XMEMSET(out, 0, AES_BLOCK_SIZE);
RESET_IV(iv256tmp, iv256);
ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
wolfSSL_AES_cbc_encrypt(pt256, out, len, &aes, iv256tmp, AES_ENCRYPT);
ExpectIntEQ(XMEMCMP(out, ct256, AES_BLOCK_SIZE), 0);
wc_AesFree((Aes*)&aes);
#ifdef HAVE_AES_DECRYPT
/* wolfSSL_AES_cbc_encrypt() 256-bit in decrypt mode */
len = sizeof(ct256);
RESET_IV(iv256tmp, iv256);
XMEMSET(out, 0, AES_BLOCK_SIZE);
ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
wolfSSL_AES_cbc_encrypt(ct256, out, len, &aes, iv256tmp, AES_DECRYPT);
ExpectIntEQ(XMEMCMP(out, pt256, AES_BLOCK_SIZE), 0);
wc_AesFree((Aes*)&aes);
#endif
#if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST)
{
byte wrapCipher[sizeof(key256) + KEYWRAP_BLOCK_SIZE] = { 0 };
byte wrapPlain[sizeof(key256)] = { 0 };
byte wrapIV[KEYWRAP_BLOCK_SIZE] = { 0 };
/* wolfSSL_AES_wrap_key() 256-bit NULL iv */
ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
15), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
sizeof(key256)), sizeof(wrapCipher));
wc_AesFree((Aes*)&aes);
/* wolfSSL_AES_unwrap_key() 256-bit NULL iv */
ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
23), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
sizeof(wrapCipher)), sizeof(wrapPlain));
ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
XMEMSET(wrapCipher, 0, sizeof(wrapCipher));
XMEMSET(wrapPlain, 0, sizeof(wrapPlain));
wc_AesFree((Aes*)&aes);
/* wolfSSL_AES_wrap_key() 256-bit custom iv */
ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, key256,
sizeof(key256)), sizeof(wrapCipher));
wc_AesFree((Aes*)&aes);
/* wolfSSL_AES_unwrap_key() 256-bit custom iv */
ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, wrapPlain, wrapCipher,
sizeof(wrapCipher)), sizeof(wrapPlain));
ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
wc_AesFree((Aes*)&aes);
ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, wrapCipher, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, key256, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, wrapCipher, key256, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, NULL, key256, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, NULL, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, wrapPlain, NULL, 0), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, wrapCipher, 0), 0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, wrapPlain, wrapCipher, 0),
0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher, 0),
0);
ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, NULL, wrapCipher, 0), 0);
ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapPlain, NULL, 0), 0);
}
#endif /* HAVE_AES_KEYWRAP */
}
#endif /* WOLFSSL_AES_256 */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_AES_cfb128_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(WOLFSSL_AES_CFB) && \
!defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
AES_KEY aesEnc;
AES_KEY aesDec;
const byte msg[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
};
const byte exp[] = {
0x16, 0xc9, 0x90, 0x6c, 0x04, 0x0c, 0xd1, 0x2f,
0x84, 0x7b, 0x18, 0xed, 0xed, 0x6a, 0xb5, 0xfd
};
const byte key[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
const byte ivData[] = {
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
};
byte out[AES_BLOCK_SIZE];
byte iv[AES_BLOCK_SIZE];
word32 i;
int num;
ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0);
XMEMCPY(iv, ivData, sizeof(iv));
XMEMSET(out, 0, AES_BLOCK_SIZE);
AES_cfb128_encrypt(msg, out, sizeof(msg), &aesEnc, iv, NULL, AES_ENCRYPT);
ExpectIntEQ(XMEMCMP(out, exp, sizeof(msg)), 0);
ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
#ifdef HAVE_AES_DECRYPT
ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0);
XMEMCPY(iv, ivData, sizeof(iv));
XMEMSET(out, 0, AES_BLOCK_SIZE);
AES_cfb128_encrypt(exp, out, sizeof(msg), &aesDec, iv, NULL, AES_DECRYPT);
ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0);
ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
#endif
for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(msg)); i++) {
ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0);
XMEMCPY(iv, ivData, sizeof(iv));
XMEMSET(out, 0, AES_BLOCK_SIZE);
AES_cfb128_encrypt(msg, out, i, &aesEnc, iv, &num, AES_ENCRYPT);
ExpectIntEQ(num, i % AES_BLOCK_SIZE);
ExpectIntEQ(XMEMCMP(out, exp, i), 0);
if (i == 0) {
ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0);
}
else {
ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
}
#ifdef HAVE_AES_DECRYPT
ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0);
XMEMCPY(iv, ivData, sizeof(iv));
XMEMSET(out, 0, AES_BLOCK_SIZE);
AES_cfb128_encrypt(exp, out, i, &aesDec, iv, &num, AES_DECRYPT);
ExpectIntEQ(num, i % AES_BLOCK_SIZE);
ExpectIntEQ(XMEMCMP(out, msg, i), 0);
if (i == 0) {
ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0);
}
else {
ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
}
#endif
}
if (EXPECT_SUCCESS()) {
/* test bad arguments */
AES_cfb128_encrypt(NULL, NULL, 0, NULL, NULL, NULL, AES_DECRYPT);
AES_cfb128_encrypt(msg, NULL, 0, NULL, NULL, NULL, AES_DECRYPT);
AES_cfb128_encrypt(NULL, out, 0, NULL, NULL, NULL, AES_DECRYPT);
AES_cfb128_encrypt(NULL, NULL, 0, &aesDec, NULL, NULL, AES_DECRYPT);
AES_cfb128_encrypt(NULL, NULL, 0, NULL, iv, NULL, AES_DECRYPT);
AES_cfb128_encrypt(NULL, out, 0, &aesDec, iv, NULL, AES_DECRYPT);
AES_cfb128_encrypt(msg, NULL, 0, &aesDec, iv, NULL, AES_DECRYPT);
AES_cfb128_encrypt(msg, out, 0, NULL, iv, NULL, AES_DECRYPT);
AES_cfb128_encrypt(msg, out, 0, &aesDec, NULL, NULL, AES_DECRYPT);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CRYPTO_cts128(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \
defined(HAVE_CTS) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
byte tmp[64]; /* Largest vector size */
/* Test vectors taken form RFC3962 Appendix B */
const testVector vects[] = {
{
"\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20",
"\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
"\x97",
17, 17
},
{
"\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
"\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
31, 31
},
{
"\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
32, 32
},
{
"\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
"\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
47, 47
},
{
"\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
"\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
48, 48
},
{
"\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
"\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
"\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
"\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
"\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
"\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
"\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
"\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
64, 64
}
};
byte keyBytes[AES_128_KEY_SIZE] = {
0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
};
size_t i;
AES_KEY encKey;
byte iv[AES_IV_SIZE]; /* All-zero IV for all cases */
XMEMSET(tmp, 0, sizeof(tmp));
for (i = 0; i < sizeof(vects)/sizeof(vects[0]); i++) {
AES_KEY decKey;
ExpectIntEQ(AES_set_encrypt_key(keyBytes, AES_128_KEY_SIZE * 8,
&encKey), 0);
ExpectIntEQ(AES_set_decrypt_key(keyBytes, AES_128_KEY_SIZE * 8,
&decKey), 0);
XMEMSET(iv, 0, sizeof(iv));
ExpectIntEQ(CRYPTO_cts128_encrypt((const unsigned char*)vects[i].input,
tmp, vects[i].inLen, &encKey, iv, (cbc128_f)AES_cbc_encrypt),
vects[i].outLen);
ExpectIntEQ(XMEMCMP(tmp, vects[i].output, vects[i].outLen), 0);
XMEMSET(iv, 0, sizeof(iv));
ExpectIntEQ(CRYPTO_cts128_decrypt((const unsigned char*)vects[i].output,
tmp, vects[i].outLen, &decKey, iv, (cbc128_f)AES_cbc_encrypt),
vects[i].inLen);
ExpectIntEQ(XMEMCMP(tmp, vects[i].input, vects[i].inLen), 0);
}
ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, NULL, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, NULL, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, iv, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, &encKey, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, &encKey, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, NULL, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, NULL,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, iv, NULL), 0);
/* Length too small. */
ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 0, &encKey, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, NULL, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, NULL, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, iv, NULL), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, &encKey, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, &encKey, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, NULL, iv,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, NULL,
(cbc128_f)AES_cbc_encrypt), 0);
ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, iv, NULL), 0);
/* Length too small. */
ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 0, &encKey, iv,
(cbc128_f)AES_cbc_encrypt), 0);
#endif /* !NO_AES && HAVE_AES_CBC && OPENSSL_EXTRA && HAVE_CTS */
return EXPECT_RESULT();
}
static int test_wolfSSL_RC4(void)
{
EXPECT_DECLS;
#if !defined(NO_RC4) && defined(OPENSSL_EXTRA)
WOLFSSL_RC4_KEY rc4Key;
unsigned char key[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
};
unsigned char data[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
};
unsigned char enc[sizeof(data)];
unsigned char dec[sizeof(data)];
word32 i;
word32 j;
wolfSSL_RC4_set_key(NULL, -1, NULL);
wolfSSL_RC4_set_key(&rc4Key, -1, NULL);
wolfSSL_RC4_set_key(NULL, 0, NULL);
wolfSSL_RC4_set_key(NULL, -1, key);
wolfSSL_RC4_set_key(&rc4Key, 0, NULL);
wolfSSL_RC4_set_key(&rc4Key, -1, key);
wolfSSL_RC4_set_key(NULL, 0, key);
wolfSSL_RC4(NULL, 0, NULL, NULL);
wolfSSL_RC4(&rc4Key, 0, NULL, NULL);
wolfSSL_RC4(NULL, 0, data, NULL);
wolfSSL_RC4(NULL, 0, NULL, enc);
wolfSSL_RC4(&rc4Key, 0, data, NULL);
wolfSSL_RC4(&rc4Key, 0, NULL, enc);
wolfSSL_RC4(NULL, 0, data, enc);
ExpectIntEQ(1, 1);
for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(key)); i++) {
for (j = 0; EXPECT_SUCCESS() && (j <= sizeof(data)); j++) {
XMEMSET(enc, 0, sizeof(enc));
XMEMSET(dec, 0, sizeof(dec));
/* Encrypt */
wolfSSL_RC4_set_key(&rc4Key, (int)i, key);
wolfSSL_RC4(&rc4Key, j, data, enc);
/* Decrypt */
wolfSSL_RC4_set_key(&rc4Key, (int)i, key);
wolfSSL_RC4(&rc4Key, j, enc, dec);
ExpectIntEQ(XMEMCMP(dec, data, j), 0);
}
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ(void)
{
/* Password "wolfSSL test" is only 12 (96-bit) too short for testing in FIPS
* mode
*/
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_ASN) && \
!defined(HAVE_FIPS) && !defined(NO_SHA) && defined(WOLFSSL_CERT_EXT) && \
defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO) && \
!defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
ASN1_OBJECT *obj = NULL;
ASN1_OBJECT *obj2 = NULL;
char buf[50];
XFILE fp = XBADFILE;
X509 *x509 = NULL;
X509_NAME *x509Name = NULL;
X509_NAME_ENTRY *x509NameEntry = NULL;
ASN1_OBJECT *asn1Name = NULL;
int numNames = 0;
BIO *bio = NULL;
int nid;
int i, j;
const char *f[] = {
#ifndef NO_RSA
"./certs/ca-cert.der",
#endif
#ifdef HAVE_ECC
"./certs/ca-ecc-cert.der",
"./certs/ca-ecc384-cert.der",
#endif
NULL};
ASN1_OBJECT *field_name_obj = NULL;
int lastpos = -1;
int tmp = -1;
ASN1_STRING *asn1 = NULL;
unsigned char *buf_dyn = NULL;
ExpectIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), SSL_FAILURE);
ExpectNotNull(obj = OBJ_nid2obj(NID_any_policy));
ExpectIntEQ(OBJ_obj2nid(obj), NID_any_policy);
ExpectIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 11);
ExpectIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0);
ASN1_OBJECT_free(obj);
obj = NULL;
ExpectNotNull(obj = OBJ_nid2obj(NID_sha256));
ExpectIntEQ(OBJ_obj2nid(obj), NID_sha256);
ExpectIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 22);
#ifdef WOLFSSL_CERT_EXT
ExpectIntEQ(OBJ_txt2nid(buf), NID_sha256);
#endif
ExpectIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0);
ExpectNotNull(obj2 = OBJ_dup(obj));
ExpectIntEQ(OBJ_cmp(obj, obj2), 0);
ASN1_OBJECT_free(obj);
obj = NULL;
ASN1_OBJECT_free(obj2);
obj2 = NULL;
for (i = 0; f[i] != NULL; i++)
{
ExpectTrue((fp = XFOPEN(f[i], "rb")) != XBADFILE);
ExpectNotNull(x509 = d2i_X509_fp(fp, NULL));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectNotNull(x509Name = X509_get_issuer_name(x509));
ExpectIntNE((numNames = X509_NAME_entry_count(x509Name)), 0);
/* Get the Common Name by using OBJ_txt2obj */
ExpectNotNull(field_name_obj = OBJ_txt2obj("CN", 0));
do
{
lastpos = tmp;
tmp = X509_NAME_get_index_by_OBJ(x509Name, field_name_obj, lastpos);
} while (tmp > -1);
ExpectIntNE(lastpos, -1);
ASN1_OBJECT_free(field_name_obj);
field_name_obj = NULL;
ExpectNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, lastpos));
ExpectNotNull(asn1 = X509_NAME_ENTRY_get_data(x509NameEntry));
ExpectIntGE(ASN1_STRING_to_UTF8(&buf_dyn, asn1), 0);
/*
* All Common Names should be www.wolfssl.com
* This makes testing easier as we can test for the expected value.
*/
ExpectStrEQ((char*)buf_dyn, "www.wolfssl.com");
OPENSSL_free(buf_dyn);
buf_dyn = NULL;
bio = BIO_new(BIO_s_mem());
ExpectTrue(bio != NULL);
for (j = 0; j < numNames; j++)
{
ExpectNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j));
ExpectNotNull(asn1Name = X509_NAME_ENTRY_get_object(x509NameEntry));
ExpectTrue((nid = OBJ_obj2nid(asn1Name)) > 0);
}
BIO_free(bio);
bio = NULL;
X509_free(x509);
x509 = NULL;
}
#ifdef HAVE_PKCS12
{
PKCS12 *p12 = NULL;
int boolRet;
EVP_PKEY *pkey = NULL;
const char *p12_f[] = {
#if !defined(NO_DES3) && !defined(NO_RSA)
"./certs/test-servercert.p12",
#endif
NULL};
for (i = 0; p12_f[i] != NULL; i++)
{
ExpectTrue((fp = XFOPEN(p12_f[i], "rb")) != XBADFILE);
ExpectNotNull(p12 = d2i_PKCS12_fp(fp, NULL));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((boolRet = PKCS12_parse(p12, "wolfSSL test",
&pkey, &x509, NULL)) > 0);
wc_PKCS12_free(p12);
p12 = NULL;
EVP_PKEY_free(pkey);
x509Name = X509_get_issuer_name(x509);
ExpectNotNull(x509Name);
ExpectIntNE((numNames = X509_NAME_entry_count(x509Name)), 0);
ExpectTrue((bio = BIO_new(BIO_s_mem())) != NULL);
for (j = 0; j < numNames; j++)
{
ExpectNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j));
ExpectNotNull(asn1Name =
X509_NAME_ENTRY_get_object(x509NameEntry));
ExpectTrue((nid = OBJ_obj2nid(asn1Name)) > 0);
}
BIO_free(bio);
bio = NULL;
X509_free(x509);
x509 = NULL;
}
}
#endif /* HAVE_PKCS12 */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_cmp(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
ASN1_OBJECT *obj = NULL;
ASN1_OBJECT *obj2 = NULL;
ExpectNotNull(obj = OBJ_nid2obj(NID_any_policy));
ExpectNotNull(obj2 = OBJ_nid2obj(NID_sha256));
ExpectIntEQ(OBJ_cmp(NULL, NULL), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(OBJ_cmp(obj, NULL), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(OBJ_cmp(NULL, obj2), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(OBJ_cmp(obj, obj2), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(OBJ_cmp(obj, obj), 0);
ExpectIntEQ(OBJ_cmp(obj2, obj2), 0);
ASN1_OBJECT_free(obj);
ASN1_OBJECT_free(obj2);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_txt2nid(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(WOLFSSL_APACHE_HTTPD)
int i;
static const struct {
const char* sn;
const char* ln;
const char* oid;
int nid;
} testVals[] = {
#ifdef WOLFSSL_APACHE_HTTPD
{ "tlsfeature", "TLS Feature", "1.3.6.1.5.5.7.1.24", NID_tlsfeature },
{ "id-on-dnsSRV", "SRVName", "1.3.6.1.5.5.7.8.7",
NID_id_on_dnsSRV },
{ "msUPN", "Microsoft User Principal Name",
"1.3.6.1.4.1.311.20.2.3", NID_ms_upn },
#endif
{ NULL, NULL, NULL, NID_undef }
};
/* Invalid cases */
ExpectIntEQ(OBJ_txt2nid(NULL), NID_undef);
ExpectIntEQ(OBJ_txt2nid("Bad name"), NID_undef);
/* Valid cases */
for (i = 0; testVals[i].sn != NULL; i++) {
ExpectIntEQ(OBJ_txt2nid(testVals[i].sn), testVals[i].nid);
ExpectIntEQ(OBJ_txt2nid(testVals[i].ln), testVals[i].nid);
ExpectIntEQ(OBJ_txt2nid(testVals[i].oid), testVals[i].nid);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_txt2obj(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_APACHE_HTTPD) || (defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN))
int i;
char buf[50];
ASN1_OBJECT* obj = NULL;
static const struct {
const char* oidStr;
const char* sn;
const char* ln;
} objs_list[] = {
#if defined(WOLFSSL_APACHE_HTTPD)
{ "1.3.6.1.5.5.7.1.24", "tlsfeature", "TLS Feature" },
{ "1.3.6.1.5.5.7.8.7", "id-on-dnsSRV", "SRVName" },
#endif
{ "2.5.29.19", "basicConstraints", "X509v3 Basic Constraints"},
{ NULL, NULL, NULL }
};
static const struct {
const char* numeric;
const char* name;
} objs_named[] = {
/* In dictionary but not in normal list. */
{ "1.3.6.1.5.5.7.3.8", "Time Stamping" },
/* Made up OID. */
{ "1.3.5.7", "1.3.5.7" },
{ NULL, NULL }
};
ExpectNull(obj = OBJ_txt2obj("Bad name", 0));
ASN1_OBJECT_free(obj);
obj = NULL;
ExpectNull(obj = OBJ_txt2obj(NULL, 0));
ASN1_OBJECT_free(obj);
obj = NULL;
for (i = 0; objs_list[i].oidStr != NULL; i++) {
/* Test numerical value of oid (oidStr) */
ExpectNotNull(obj = OBJ_txt2obj(objs_list[i].oidStr, 1));
/* Convert object back to text to confirm oid is correct */
wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1);
ExpectIntEQ(XSTRNCMP(buf, objs_list[i].oidStr, (int)XSTRLEN(buf)), 0);
ASN1_OBJECT_free(obj);
obj = NULL;
XMEMSET(buf, 0, sizeof(buf));
/* Test short name (sn) */
ExpectNull(obj = OBJ_txt2obj(objs_list[i].sn, 1));
ExpectNotNull(obj = OBJ_txt2obj(objs_list[i].sn, 0));
/* Convert object back to text to confirm oid is correct */
wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1);
ExpectIntEQ(XSTRNCMP(buf, objs_list[i].oidStr, (int)XSTRLEN(buf)), 0);
ASN1_OBJECT_free(obj);
obj = NULL;
XMEMSET(buf, 0, sizeof(buf));
/* Test long name (ln) - should fail when no_name = 1 */
ExpectNull(obj = OBJ_txt2obj(objs_list[i].ln, 1));
ExpectNotNull(obj = OBJ_txt2obj(objs_list[i].ln, 0));
/* Convert object back to text to confirm oid is correct */
wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1);
ExpectIntEQ(XSTRNCMP(buf, objs_list[i].oidStr, (int)XSTRLEN(buf)), 0);
ASN1_OBJECT_free(obj);
obj = NULL;
XMEMSET(buf, 0, sizeof(buf));
}
for (i = 0; objs_named[i].numeric != NULL; i++) {
ExpectNotNull(obj = OBJ_txt2obj(objs_named[i].numeric, 1));
wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0);
ExpectIntEQ(XSTRNCMP(buf, objs_named[i].name, (int)XSTRLEN(buf)), 0);
wolfSSL_OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1);
ExpectIntEQ(XSTRNCMP(buf, objs_named[i].numeric, (int)XSTRLEN(buf)), 0);
ASN1_OBJECT_free(obj);
obj = NULL;
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_bio_X509(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(OPENSSL_ALL) && \
defined(WOLFSSL_AKID_NAME) && defined(WOLFSSL_CERT_EXT) && \
defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO) && !defined(NO_RSA) && \
!defined(NO_FILESYSTEM)
/* This test contains the hard coded expected
* lengths. Update if necessary */
XFILE fp = XBADFILE;
WOLFSSL_EVP_PKEY *priv = NULL;
BIO* input = NULL;
BIO* output = NULL;
X509* x509a = NULL;
X509* x509b = NULL;
ASN1_TIME* notBeforeA = NULL;
ASN1_TIME* notAfterA = NULL;
#ifndef NO_ASN_TIME
ASN1_TIME* notBeforeB = NULL;
ASN1_TIME* notAfterB = NULL;
#endif
int expectedLen;
ExpectTrue((fp = XFOPEN("certs/server-key.pem", "rb")) != XBADFILE);
ExpectNotNull(priv = wolfSSL_PEM_read_PrivateKey(fp, NULL, NULL, NULL));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectNotNull(input = BIO_new_file("certs/test/cert-ext-multiple.pem",
"rb"));
ExpectIntEQ(wolfSSL_BIO_get_len(input), 2000);
/* read PEM into X509 struct, get notBefore / notAfter to verify against */
ExpectNotNull(PEM_read_bio_X509(input, &x509a, NULL, NULL));
ExpectNotNull(notBeforeA = X509_get_notBefore(x509a));
ExpectNotNull(notAfterA = X509_get_notAfter(x509a));
/* write X509 back to PEM BIO; no need to sign as nothing changed. */
ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS);
/* compare length against expected */
expectedLen = 2000;
ExpectIntEQ(wolfSSL_BIO_get_len(output), expectedLen);
#ifndef NO_ASN_TIME
/* read exported X509 PEM back into struct, sanity check on export,
* make sure notBefore/notAfter are the same and certs are identical. */
ExpectNotNull(PEM_read_bio_X509(output, &x509b, NULL, NULL));
ExpectNotNull(notBeforeB = X509_get_notBefore(x509b));
ExpectNotNull(notAfterB = X509_get_notAfter(x509b));
ExpectIntEQ(ASN1_TIME_compare(notBeforeA, notBeforeB), 0);
ExpectIntEQ(ASN1_TIME_compare(notAfterA, notAfterB), 0);
ExpectIntEQ(0, wolfSSL_X509_cmp(x509a, x509b));
X509_free(x509b);
x509b = NULL;
#endif
/* Reset output buffer */
BIO_free(output);
output = NULL;
ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem()));
/* Test forcing the AKID to be generated just from KeyIdentifier */
if (EXPECT_SUCCESS() && x509a->authKeyIdSrc != NULL) {
XMEMMOVE(x509a->authKeyIdSrc, x509a->authKeyId, x509a->authKeyIdSz);
x509a->authKeyId = x509a->authKeyIdSrc;
x509a->authKeyIdSrc = NULL;
x509a->authKeyIdSrcSz = 0;
}
/* Resign to re-generate the der */
ExpectIntGT(wolfSSL_X509_sign(x509a, priv, EVP_sha256()), 0);
ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS);
/* Check that we generate a smaller output since the AKID will
* only contain the KeyIdentifier without any additional
* information */
/* Here we copy the validity struct from the original */
expectedLen = 1688;
ExpectIntEQ(wolfSSL_BIO_get_len(output), expectedLen);
/* Reset buffers and x509 */
BIO_free(input);
input = NULL;
BIO_free(output);
output = NULL;
X509_free(x509a);
x509a = NULL;
/* test CA and basicConstSet values are encoded when
* the cert is a CA */
ExpectNotNull(input = BIO_new_file("certs/server-cert.pem", "rb"));
/* read PEM into X509 struct */
ExpectNotNull(PEM_read_bio_X509(input, &x509a, NULL, NULL));
/* write X509 back to PEM BIO; no need to sign as nothing changed */
ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS);
/* read exported X509 PEM back into struct, ensure isCa and basicConstSet
* values are maintained and certs are identical.*/
ExpectNotNull(PEM_read_bio_X509(output, &x509b, NULL, NULL));
ExpectIntEQ(x509b->isCa, 1);
ExpectIntEQ(x509b->basicConstSet, 1);
ExpectIntEQ(0, wolfSSL_X509_cmp(x509a, x509b));
X509_free(x509a);
x509a = NULL;
X509_free(x509b);
x509b = NULL;
BIO_free(input);
input = NULL;
BIO_free(output);
output = NULL;
/* test CA and basicConstSet values are encoded when
* the cert is not CA */
ExpectNotNull(input = BIO_new_file("certs/client-uri-cert.pem", "rb"));
/* read PEM into X509 struct */
ExpectNotNull(PEM_read_bio_X509(input, &x509a, NULL, NULL));
/* write X509 back to PEM BIO; no need to sign as nothing changed */
ExpectNotNull(output = BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_X509(output, x509a), WOLFSSL_SUCCESS);
/* read exported X509 PEM back into struct, ensure isCa and
* basicConstSet values are maintained and certs are identical */
ExpectNotNull(PEM_read_bio_X509(output, &x509b, NULL, NULL));
ExpectIntEQ(x509b->isCa, 0);
ExpectIntEQ(x509b->basicConstSet, 1);
ExpectIntEQ(0, wolfSSL_X509_cmp(x509a, x509b));
wolfSSL_EVP_PKEY_free(priv);
X509_free(x509a);
X509_free(x509b);
BIO_free(input);
BIO_free(output);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME_ENTRY(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
X509* x509 = NULL;
#ifndef NO_BIO
BIO* bio = NULL;
#endif
X509_NAME* nm = NULL;
X509_NAME_ENTRY* entry = NULL;
unsigned char cn[] = "another name to add";
#ifdef OPENSSL_ALL
int i;
int names_len = 0;
#endif
ExpectNotNull(x509 =
wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
#ifndef NO_BIO
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_X509_AUX(bio, x509), SSL_SUCCESS);
#endif
#ifdef WOLFSSL_CERT_REQ
{
X509_REQ* req = NULL;
#ifndef NO_BIO
BIO* bReq = NULL;
#endif
ExpectNotNull(req =
wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
#ifndef NO_BIO
ExpectNotNull(bReq = BIO_new(BIO_s_mem()));
ExpectIntEQ(PEM_write_bio_X509_REQ(bReq, req), SSL_SUCCESS);
BIO_free(bReq);
#endif
X509_free(req);
}
#endif
ExpectNotNull(nm = X509_get_subject_name(x509));
/* Test add entry */
ExpectNotNull(entry = X509_NAME_ENTRY_create_by_NID(NULL, NID_commonName,
0x0c, cn, (int)sizeof(cn)));
ExpectIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS);
#ifdef WOLFSSL_CERT_EXT
ExpectIntEQ(X509_NAME_add_entry_by_txt(nm, "emailAddress", MBSTRING_UTF8,
(byte*)"support@wolfssl.com", 19, -1,
1), WOLFSSL_SUCCESS);
#endif
X509_NAME_ENTRY_free(entry);
entry = NULL;
#ifdef WOLFSSL_CERT_REQ
{
unsigned char srv_pkcs9p[] = "Server";
unsigned char fvrtDrnk[] = "tequila";
unsigned char* der = NULL;
char* subject = NULL;
ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_pkcs9_contentType,
MBSTRING_ASC, srv_pkcs9p, -1, -1, 0), SSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_favouriteDrink,
MBSTRING_ASC, fvrtDrnk, -1, -1, 0), SSL_SUCCESS);
ExpectIntGT(wolfSSL_i2d_X509_NAME(nm, &der), 0);
ExpectNotNull(der);
ExpectNotNull(subject = X509_NAME_oneline(nm, 0, 0));
ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila"));
ExpectNotNull(XSTRSTR(subject, "contentType=Server"));
#ifdef DEBUG_WOLFSSL
if (subject != NULL) {
fprintf(stderr, "\n\t%s\n", subject);
}
#endif
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
}
#endif
/* Test add entry by text */
ExpectNotNull(entry = X509_NAME_ENTRY_create_by_txt(NULL, "commonName",
0x0c, cn, (int)sizeof(cn)));
#if defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO) \
|| defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX)
ExpectNull(X509_NAME_ENTRY_create_by_txt(&entry, "unknown",
V_ASN1_UTF8STRING, cn, (int)sizeof(cn)));
#endif
ExpectIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS);
X509_NAME_ENTRY_free(entry);
entry = NULL;
/* Test add entry by NID */
ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_commonName, MBSTRING_UTF8,
cn, -1, -1, 0), SSL_SUCCESS);
#ifdef OPENSSL_ALL
/* stack of name entry */
ExpectIntGT((names_len = sk_X509_NAME_ENTRY_num(nm->entries)), 0);
for (i = 0; i < names_len; i++) {
ExpectNotNull(entry = sk_X509_NAME_ENTRY_value(nm->entries, i));
}
#endif
#ifndef NO_BIO
BIO_free(bio);
#endif
X509_free(x509); /* free's nm */
#endif
return EXPECT_RESULT();
}
/* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */
static int test_GENERAL_NAME_set0_othername(void) {
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \
defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_FPKI)
/* ./configure --enable-opensslall --enable-certgen --enable-certreq
* --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID
* -DWOLFSSL_ALT_NAMES -DWOLFSSL_FPKI' */
const char * cert_fname = "./certs/server-cert.der";
const char * key_fname = "./certs/server-key.der";
X509* x509 = NULL;
GENERAL_NAME* gn = NULL;
GENERAL_NAMES* gns = NULL;
ASN1_OBJECT* upn_oid = NULL;
ASN1_UTF8STRING *utf8str = NULL;
ASN1_TYPE *value = NULL;
X509_EXTENSION * ext = NULL;
byte* pt = NULL;
byte der[4096];
int derSz = 0;
EVP_PKEY* priv = NULL;
XFILE f = XBADFILE;
ExpectTrue((f = XFOPEN(cert_fname, "rb")) != XBADFILE);
ExpectNotNull(x509 = d2i_X509_fp(f, NULL));
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectNotNull(gn = GENERAL_NAME_new());
ExpectNotNull(upn_oid = OBJ_txt2obj("1.3.6.1.4.1.311.20.2.3", 1));
ExpectNotNull(utf8str = ASN1_UTF8STRING_new());
ExpectIntEQ(ASN1_STRING_set(utf8str, "othername@wolfssl.com", -1), 1);
ExpectNotNull(value = ASN1_TYPE_new());
ASN1_TYPE_set(value, V_ASN1_UTF8STRING, utf8str);
if ((value == NULL) || (value->value.ptr != (char*)utf8str)) {
wolfSSL_ASN1_STRING_free(utf8str);
}
ExpectIntEQ(GENERAL_NAME_set0_othername(gn, upn_oid, value), 1);
if (EXPECT_FAIL()) {
ASN1_TYPE_free(value);
}
ExpectNotNull(gns = sk_GENERAL_NAME_new(NULL));
ExpectIntEQ(sk_GENERAL_NAME_push(gns, gn), 1);
if (EXPECT_FAIL()) {
GENERAL_NAME_free(gn);
gn = NULL;
}
ExpectNotNull(ext = X509V3_EXT_i2d(NID_subject_alt_name, 0, gns));
ExpectIntEQ(X509_add_ext(x509, ext, -1), 1);
ExpectTrue((f = XFOPEN(key_fname, "rb")) != XBADFILE);
ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
pt = der;
ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, derSz));
ExpectIntGT(X509_sign(x509, priv, EVP_sha256()), 0);
sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free);
gns = NULL;
ExpectNotNull(gns = (GENERAL_NAMES*)X509_get_ext_d2i(x509,
NID_subject_alt_name, NULL, NULL));
ExpectIntEQ(sk_GENERAL_NAME_num(gns), 3);
ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, 2));
ExpectIntEQ(gn->type, 0);
sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free);
ASN1_OBJECT_free(upn_oid);
X509_EXTENSION_free(ext);
X509_free(x509);
EVP_PKEY_free(priv);
#endif
return EXPECT_RESULT();
}
/* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */
static int test_othername_and_SID_ext(void) {
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \
defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_FPKI) && defined(WOLFSSL_ASN_TEMPLATE)
/* ./configure --enable-opensslall --enable-certgen --enable-certreq
* --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID
* -DWOLFSSL_ALT_NAMES -DWOLFSSL_FPKI' */
const char* csr_fname = "./certs/csr.signed.der";
const char* key_fname = "./certs/server-key.der";
byte der[4096];
int derSz = 0;
X509_REQ* x509 = NULL;
STACK_OF(X509_EXTENSION) *exts = NULL;
X509_EXTENSION * san_ext = NULL;
X509_EXTENSION * ext = NULL;
GENERAL_NAME* gn = NULL;
GENERAL_NAMES* gns = NULL;
ASN1_OBJECT* upn_oid = NULL;
ASN1_UTF8STRING *utf8str = NULL;
ASN1_TYPE *value = NULL;
ASN1_STRING *extval = NULL;
/* SID extension. SID data format explained here:
* https://blog.qdsecurity.se/2022/05/27/manually-injecting-a-sid-in-a-certificate/
*/
byte SidExtension[] = {
48, 64, 160, 62, 6, 10, 43, 6, 1, 4, 1, 130, 55, 25, 2, 1, 160,
48, 4, 46, 83, 45, 49, 45, 53, 45, 50, 49, 45, 50, 56, 52, 51, 57,
48, 55, 52, 49, 56, 45, 51, 57, 50, 54, 50, 55, 55, 52, 50, 49, 45,
51, 56, 49, 53, 57, 57, 51, 57, 55, 50, 45, 52, 54, 48, 49};
byte expectedAltName[] = {
0x30, 0x27, 0xA0, 0x25, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82,
0x37, 0x14, 0x02, 0x03, 0xA0, 0x17, 0x0C, 0x15, 0x6F, 0x74, 0x68, 0x65,
0x72, 0x6E, 0x61, 0x6D, 0x65, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
0x6C, 0x2E, 0x63, 0x6F, 0x6D};
X509_EXTENSION *sid_ext = NULL;
ASN1_OBJECT* sid_oid = NULL;
ASN1_OCTET_STRING *sid_data = NULL;
EVP_PKEY* priv = NULL;
XFILE f = XBADFILE;
byte* pt = NULL;
BIO* bio = NULL;
ExpectTrue((f = XFOPEN(csr_fname, "rb")) != XBADFILE);
ExpectNotNull(x509 = d2i_X509_REQ_fp(f, NULL));
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntEQ(X509_REQ_set_version(x509, 2), 1);
ExpectNotNull(gn = GENERAL_NAME_new());
ExpectNotNull(upn_oid = OBJ_txt2obj("1.3.6.1.4.1.311.20.2.3", 1));
ExpectNotNull(utf8str = ASN1_UTF8STRING_new());
ExpectIntEQ(ASN1_STRING_set(utf8str, "othername@wolfssl.com", -1), 1);
ExpectNotNull(value = ASN1_TYPE_new());
ASN1_TYPE_set(value, V_ASN1_UTF8STRING, utf8str);
if (EXPECT_FAIL()) {
ASN1_UTF8STRING_free(utf8str);
}
ExpectIntEQ(GENERAL_NAME_set0_othername(gn, upn_oid, value), 1);
if (EXPECT_FAIL()) {
ASN1_TYPE_free(value);
GENERAL_NAME_free(gn);
gn = NULL;
}
ExpectNotNull(gns = sk_GENERAL_NAME_new(NULL));
ExpectIntEQ(sk_GENERAL_NAME_push(gns, gn), 1);
if (EXPECT_FAIL()) {
GENERAL_NAME_free(gn);
}
ExpectNotNull(san_ext = X509V3_EXT_i2d(NID_subject_alt_name, 0, gns));
ExpectNotNull(sid_oid = OBJ_txt2obj("1.3.6.1.4.1.311.25.2", 1));
ExpectNotNull(sid_data = ASN1_OCTET_STRING_new());
ASN1_OCTET_STRING_set(sid_data, SidExtension, sizeof(SidExtension));
ExpectNotNull(sid_ext = X509_EXTENSION_create_by_OBJ(NULL, sid_oid, 0,
sid_data));
ExpectNotNull(exts = sk_X509_EXTENSION_new_null());
/* Ensure an empty stack doesn't raise an error. */
ExpectIntEQ(X509_REQ_add_extensions(x509, exts), 1);
ExpectIntEQ(sk_X509_EXTENSION_push(exts, san_ext), 1);
if (EXPECT_FAIL()) {
X509_EXTENSION_free(san_ext);
}
ExpectIntEQ(sk_X509_EXTENSION_push(exts, sid_ext), 2);
if (EXPECT_FAIL()) {
X509_EXTENSION_free(sid_ext);
}
ExpectIntEQ(X509_REQ_add_extensions(x509, exts), 1);
ExpectTrue((f = XFOPEN(key_fname, "rb")) != XBADFILE);
ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
pt = der;
ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL,
(const unsigned char**)&pt, derSz));
ExpectIntGT(X509_REQ_sign(x509, priv, EVP_sha256()), 0);
pt = der;
ExpectIntGT(derSz = i2d_X509_REQ(x509, &pt), 0);
sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free);
gns = NULL;
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
exts = NULL;
ASN1_OBJECT_free(upn_oid);
ASN1_OBJECT_free(sid_oid);
ASN1_OCTET_STRING_free(sid_data);
X509_REQ_free(x509);
x509 = NULL;
EVP_PKEY_free(priv);
/* At this point everything used to generate what is in der is cleaned up.
* We now read back from der to confirm the extensions were inserted
* correctly. */
bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem());
ExpectNotNull(bio);
ExpectIntEQ(BIO_write(bio, der, derSz), derSz); /* d2i consumes BIO */
ExpectNotNull(d2i_X509_REQ_bio(bio, &x509));
ExpectNotNull(x509);
BIO_free(bio);
ExpectNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions(
x509));
ExpectIntEQ(sk_X509_EXTENSION_num(exts), 2);
/* Check the SID extension. */
ExpectNotNull(ext = sk_X509_EXTENSION_value(exts, 0));
ExpectNotNull(extval = X509_EXTENSION_get_data(ext));
ExpectIntEQ(extval->length, sizeof(SidExtension));
ExpectIntEQ(XMEMCMP(SidExtension, extval->data, sizeof(SidExtension)), 0);
/* Check the AltNames extension. */
ExpectNotNull(ext = sk_X509_EXTENSION_value(exts, 1));
ExpectNotNull(extval = X509_EXTENSION_get_data(ext));
ExpectIntEQ(extval->length, sizeof(expectedAltName));
ExpectIntEQ(XMEMCMP(expectedAltName, extval->data, sizeof(expectedAltName)),
0);
/* Cleanup */
ExpectNotNull(gns = (GENERAL_NAMES*)X509_get_ext_d2i(x509,
NID_subject_alt_name, NULL, NULL));
ExpectIntEQ(sk_GENERAL_NAME_num(gns), 1);
ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, 0));
ExpectIntEQ(gn->type, 0);
sk_GENERAL_NAME_pop_free(gns, GENERAL_NAME_free);
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
X509_REQ_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_name(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
X509* x509 = NULL;
X509_NAME* name = NULL;
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, 0, 1),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@wolfssl.com", 19, -1,
1), WOLFSSL_SUCCESS);
ExpectNotNull(x509 = X509_new());
ExpectIntEQ(X509_set_subject_name(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_set_subject_name(x509, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_set_subject_name(NULL, name), WOLFSSL_FAILURE);
ExpectIntEQ(X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_set_issuer_name(NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_set_issuer_name(x509, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_set_issuer_name(NULL, name), WOLFSSL_FAILURE);
ExpectIntEQ(X509_set_issuer_name(x509, name), WOLFSSL_SUCCESS);
X509_free(x509);
X509_NAME_free(name);
#endif /* OPENSSL_ALL && !NO_CERTS */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_notAfter(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \
&& !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
!defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) &&\
!defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT) && !defined(NO_BIO)
/* Generalized time will overflow time_t if not long */
X509* x = NULL;
BIO* bio = NULL;
ASN1_TIME *asn_time = NULL;
ASN1_TIME *time_check = NULL;
const int year = 365*24*60*60;
const int day = 24*60*60;
const int hour = 60*60;
const int mini = 60;
int offset_day;
unsigned char buf[25];
time_t t;
/*
* Setup asn_time. APACHE HTTPD uses time(NULL)
*/
t = (time_t)107 * year + 31 * day + 34 * hour + 30 * mini + 7 * day;
offset_day = 7;
/*
* Free these.
*/
asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, 0);
ExpectNotNull(asn_time);
ExpectNotNull(x = X509_new());
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/*
* Tests
*/
ExpectTrue(wolfSSL_X509_set_notAfter(x, asn_time));
/* time_check is simply (ANS1_TIME*)x->notAfter */
ExpectNotNull(time_check = X509_get_notAfter(x));
/* ANS1_TIME_check validates by checking if argument can be parsed */
ExpectIntEQ(ASN1_TIME_check(time_check), WOLFSSL_SUCCESS);
/* Convert to human readable format and compare to intended date */
ExpectIntEQ(ASN1_TIME_print(bio, time_check), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
ExpectIntEQ(XMEMCMP(buf, "Jan 20 10:30:00 2077 GMT", sizeof(buf) - 1), 0);
ExpectFalse(wolfSSL_X509_set_notAfter(NULL, NULL));
ExpectFalse(wolfSSL_X509_set_notAfter(x, NULL));
ExpectFalse(wolfSSL_X509_set_notAfter(NULL, asn_time));
/*
* Cleanup
*/
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
X509_free(x);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_notBefore(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \
&& !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
!defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO)
X509* x = NULL;
BIO* bio = NULL;
ASN1_TIME *asn_time = NULL;
ASN1_TIME *time_check = NULL;
const int year = 365*24*60*60;
const int day = 24*60*60;
const int hour = 60*60;
const int mini = 60;
int offset_day;
unsigned char buf[25];
time_t t;
/*
* Setup asn_time. APACHE HTTPD uses time(NULL)
*/
t = (time_t)49 * year + 125 * day + 20 * hour + 30 * mini + 7 * day;
offset_day = 7;
/*
* Free these.
*/
asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, 0);
ExpectNotNull(asn_time);
ExpectNotNull(x = X509_new());
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(ASN1_TIME_check(asn_time), WOLFSSL_SUCCESS);
/*
* Main Tests
*/
ExpectTrue(wolfSSL_X509_set_notBefore(x, asn_time));
/* time_check == (ANS1_TIME*)x->notBefore */
ExpectNotNull(time_check = X509_get_notBefore(x));
/* ANS1_TIME_check validates by checking if argument can be parsed */
ExpectIntEQ(ASN1_TIME_check(time_check), WOLFSSL_SUCCESS);
/* Convert to human readable format and compare to intended date */
ExpectIntEQ(ASN1_TIME_print(bio, time_check), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
ExpectIntEQ(XMEMCMP(buf, "May 8 20:30:00 2019 GMT", sizeof(buf) - 1), 0);
ExpectFalse(wolfSSL_X509_set_notBefore(NULL, NULL));
ExpectFalse(wolfSSL_X509_set_notBefore(x, NULL));
ExpectFalse(wolfSSL_X509_set_notBefore(NULL, asn_time));
/*
* Cleanup
*/
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
X509_free(x);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_version(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
X509* x509 = NULL;
long v = 2L;
long maxInt = INT_MAX;
ExpectNotNull(x509 = X509_new());
/* These should pass. */
ExpectTrue(wolfSSL_X509_set_version(x509, v));
ExpectIntEQ(v, wolfSSL_X509_get_version(x509));
/* Fail Case: When v(long) is greater than x509->version(int). */
v = maxInt+1;
ExpectFalse(wolfSSL_X509_set_version(x509, v));
ExpectFalse(wolfSSL_X509_set_version(NULL, 2L));
ExpectFalse(wolfSSL_X509_set_version(NULL, maxInt+1));
/* Cleanup */
X509_free(x509);
#endif
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_BIO_gets(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
BIO* bio = NULL;
BIO* bio2 = NULL;
char msg[] = "\nhello wolfSSL\n security plus\t---...**adf\na...b.c";
char emp[] = "";
char bio_buffer[20];
int bufferSz = 20;
#ifdef OPENSSL_ALL
BUF_MEM* emp_bm = NULL;
BUF_MEM* msg_bm = NULL;
#endif
/* try with bad args */
ExpectNull(bio = BIO_new_mem_buf(NULL, sizeof(msg)));
#ifdef OPENSSL_ALL
ExpectIntEQ(BIO_set_mem_buf(bio, NULL, BIO_NOCLOSE), BAD_FUNC_ARG);
#endif
/* try with real msg */
ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1));
XMEMSET(bio_buffer, 0, bufferSz);
ExpectNotNull(BIO_push(bio, BIO_new(BIO_s_bio())));
ExpectNull(bio2 = BIO_find_type(bio, BIO_TYPE_FILE));
ExpectNotNull(bio2 = BIO_find_type(bio, BIO_TYPE_BIO));
ExpectFalse(bio2 != BIO_next(bio));
/* make buffer filled with no terminating characters */
XMEMSET(bio_buffer, 1, bufferSz);
/* BIO_gets reads a line of data */
ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14);
ExpectStrEQ(bio_buffer, "hello wolfSSL\n");
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
#ifdef OPENSSL_ALL
/* test setting the mem_buf manually */
BIO_free(bio);
ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1));
ExpectNotNull(emp_bm = BUF_MEM_new());
ExpectNotNull(msg_bm = BUF_MEM_new());
ExpectIntEQ(BUF_MEM_grow(msg_bm, sizeof(msg)), sizeof(msg));
if (EXPECT_SUCCESS()) {
XFREE(msg_bm->data, NULL, DYNAMIC_TYPE_OPENSSL);
msg_bm->data = NULL;
}
/* emp size is 1 for terminator */
ExpectIntEQ(BUF_MEM_grow(emp_bm, sizeof(emp)), sizeof(emp));
if (EXPECT_SUCCESS()) {
XFREE(emp_bm->data, NULL, DYNAMIC_TYPE_OPENSSL);
emp_bm->data = emp;
msg_bm->data = msg;
}
ExpectIntEQ(BIO_set_mem_buf(bio, emp_bm, BIO_CLOSE), WOLFSSL_SUCCESS);
/* check reading an empty string */
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); /* just terminator */
ExpectStrEQ(emp, bio_buffer);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */
/* BIO_gets reads a line of data */
ExpectIntEQ(BIO_set_mem_buf(bio, msg_bm, BIO_NOCLOSE), WOLFSSL_SUCCESS);
ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14);
ExpectStrEQ(bio_buffer, "hello wolfSSL\n");
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
if (EXPECT_SUCCESS())
emp_bm->data = NULL;
BUF_MEM_free(emp_bm);
if (EXPECT_SUCCESS())
msg_bm->data = NULL;
BUF_MEM_free(msg_bm);
#endif
/* check not null terminated string */
BIO_free(bio);
bio = NULL;
msg[0] = 0x33;
msg[1] = 0x33;
msg[2] = 0x33;
ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, 3));
ExpectIntEQ(BIO_gets(bio, bio_buffer, 3), 2);
ExpectIntEQ(bio_buffer[0], msg[0]);
ExpectIntEQ(bio_buffer[1], msg[1]);
ExpectIntNE(bio_buffer[2], msg[2]);
BIO_free(bio);
bio = NULL;
msg[3] = 0x33;
bio_buffer[3] = 0x33;
ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, 3));
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 3);
ExpectIntEQ(bio_buffer[0], msg[0]);
ExpectIntEQ(bio_buffer[1], msg[1]);
ExpectIntEQ(bio_buffer[2], msg[2]);
ExpectIntNE(bio_buffer[3], 0x33); /* make sure null terminator was set */
/* check reading an empty string */
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new_mem_buf((void*)emp, sizeof(emp)));
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); /* just terminator */
ExpectStrEQ(emp, bio_buffer);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */
/* check error cases */
BIO_free(bio);
bio = NULL;
ExpectIntEQ(BIO_gets(NULL, NULL, 0), SSL_FAILURE);
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_gets(bio, bio_buffer, 2), 0); /* nothing to read */
#if !defined(NO_FILESYSTEM)
{
BIO* f_bio = NULL;
XFILE f = XBADFILE;
ExpectNotNull(f_bio = BIO_new(BIO_s_file()));
ExpectIntLE(BIO_gets(f_bio, bio_buffer, bufferSz), 0);
ExpectTrue((f = XFOPEN(svrCertFile, "rb")) != XBADFILE);
ExpectIntEQ((int)BIO_set_fp(f_bio, f, BIO_CLOSE), SSL_SUCCESS);
if (EXPECT_FAIL() && (f != XBADFILE)) {
XFCLOSE(f);
}
ExpectIntGT(BIO_gets(f_bio, bio_buffer, bufferSz), 0);
BIO_free(f_bio);
f_bio = NULL;
}
#endif /* NO_FILESYSTEM */
BIO_free(bio);
bio = NULL;
BIO_free(bio2);
bio2 = NULL;
/* try with type BIO */
XMEMCPY(msg, "\nhello wolfSSL\n security plus\t---...**adf\na...b.c",
sizeof(msg));
ExpectNotNull(bio = BIO_new(BIO_s_bio()));
ExpectIntEQ(BIO_gets(bio, bio_buffer, 2), 0); /* nothing to read */
ExpectNotNull(bio2 = BIO_new(BIO_s_bio()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 10), SSL_SUCCESS);
ExpectIntEQ(BIO_set_write_buf_size(bio2, sizeof(msg)), SSL_SUCCESS);
ExpectIntEQ(BIO_make_bio_pair(bio, bio2), SSL_SUCCESS);
ExpectIntEQ(BIO_write(bio2, msg, sizeof(msg)), sizeof(msg));
ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14);
ExpectStrEQ(bio_buffer, "hello wolfSSL\n");
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
BIO_free(bio);
bio = NULL;
BIO_free(bio2);
bio2 = NULL;
/* check reading an empty string */
ExpectNotNull(bio = BIO_new(BIO_s_bio()));
ExpectIntEQ(BIO_set_write_buf_size(bio, sizeof(emp)), SSL_SUCCESS);
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */
ExpectStrEQ(emp, bio_buffer);
BIO_free(bio);
bio = NULL;
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_puts(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
BIO* bio = NULL;
char input[] = "hello\0world\n.....ok\n\0";
char output[128];
XMEMSET(output, 0, sizeof(output));
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_puts(bio, input), 5);
ExpectIntEQ(BIO_pending(bio), 5);
ExpectIntEQ(BIO_puts(bio, input + 6), 14);
ExpectIntEQ(BIO_pending(bio), 19);
ExpectIntEQ(BIO_gets(bio, output, sizeof(output)), 11);
ExpectStrEQ(output, "helloworld\n");
ExpectIntEQ(BIO_pending(bio), 8);
ExpectIntEQ(BIO_gets(bio, output, sizeof(output)), 8);
ExpectStrEQ(output, ".....ok\n");
ExpectIntEQ(BIO_pending(bio), 0);
ExpectIntEQ(BIO_puts(bio, ""), -1);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_dump(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
BIO* bio;
static const unsigned char data[] = {
0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4,
0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5,
0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80,
0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA,
0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56,
0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42,
0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F,
0xB4
};
/* Generated with OpenSSL. */
static const char expected[] =
"0000 - 30 59 30 13 06 07 2a 86-48 ce 3d 02 01 06 08 2a 0Y0...*.H.=....*\n"
"0010 - 86 48 ce 3d 03 01 07 03-42 00 04 55 bf f4 0f 44 .H.=....B..U...D\n"
"0020 - 50 9a 3d ce 9b b7 f0 c5-4d f5 70 7b d4 ec 24 8e P.=.....M.p{..$.\n"
"0030 - 19 80 ec 5a 4c a2 24 03-62 2c 9b da ef a2 35 12 ...ZL.$.b,....5.\n"
"0040 - 43 84 76 16 c6 56 95 06-cc 01 a9 bd f6 75 1a 42 C.v..V.......u.B\n"
"0050 - f7 bd a9 b2 36 22 5f c7-5d 7f b4 ....6\"_.]..\n";
static const char expectedAll[] =
"0000 - 00 01 02 03 04 05 06 07-08 09 0a 0b 0c 0d 0e 0f ................\n"
"0010 - 10 11 12 13 14 15 16 17-18 19 1a 1b 1c 1d 1e 1f ................\n"
"0020 - 20 21 22 23 24 25 26 27-28 29 2a 2b 2c 2d 2e 2f !\"#$%&'()*+,-./\n"
"0030 - 30 31 32 33 34 35 36 37-38 39 3a 3b 3c 3d 3e 3f 0123456789:;<=>?\n"
"0040 - 40 41 42 43 44 45 46 47-48 49 4a 4b 4c 4d 4e 4f @ABCDEFGHIJKLMNO\n"
"0050 - 50 51 52 53 54 55 56 57-58 59 5a 5b 5c 5d 5e 5f PQRSTUVWXYZ[\\]^_\n"
"0060 - 60 61 62 63 64 65 66 67-68 69 6a 6b 6c 6d 6e 6f `abcdefghijklmno\n"
"0070 - 70 71 72 73 74 75 76 77-78 79 7a 7b 7c 7d 7e 7f pqrstuvwxyz{|}~.\n"
"0080 - 80 81 82 83 84 85 86 87-88 89 8a 8b 8c 8d 8e 8f ................\n"
"0090 - 90 91 92 93 94 95 96 97-98 99 9a 9b 9c 9d 9e 9f ................\n"
"00a0 - a0 a1 a2 a3 a4 a5 a6 a7-a8 a9 aa ab ac ad ae af ................\n"
"00b0 - b0 b1 b2 b3 b4 b5 b6 b7-b8 b9 ba bb bc bd be bf ................\n"
"00c0 - c0 c1 c2 c3 c4 c5 c6 c7-c8 c9 ca cb cc cd ce cf ................\n"
"00d0 - d0 d1 d2 d3 d4 d5 d6 d7-d8 d9 da db dc dd de df ................\n"
"00e0 - e0 e1 e2 e3 e4 e5 e6 e7-e8 e9 ea eb ec ed ee ef ................\n"
"00f0 - f0 f1 f2 f3 f4 f5 f6 f7-f8 f9 fa fb fc fd fe ff ................\n";
char output[16 * 80];
int i;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/* Example key dumped. */
ExpectIntEQ(BIO_dump(bio, (const char*)data, (int)sizeof(data)),
sizeof(expected) - 1);
ExpectIntEQ(BIO_read(bio, output, sizeof(output)), sizeof(expected) - 1);
ExpectIntEQ(XMEMCMP(output, expected, sizeof(expected) - 1), 0);
/* Try every possible value for a character. */
for (i = 0; i < 256; i++)
output[i] = i;
ExpectIntEQ(BIO_dump(bio, output, 256), sizeof(expectedAll) - 1);
ExpectIntEQ(BIO_read(bio, output, sizeof(output)), sizeof(expectedAll) - 1);
ExpectIntEQ(XMEMCMP(output, expectedAll, sizeof(expectedAll) - 1), 0);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(USE_WOLFSSL_IO)
static int forceWantRead(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
(void)ssl;
(void)buf;
(void)sz;
(void)ctx;
return WOLFSSL_CBIO_ERR_WANT_READ;
}
#endif
static int test_wolfSSL_BIO_should_retry(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(USE_WOLFSSL_IO)
tcp_ready ready;
func_args server_args;
THREAD_TYPE serverThread;
SOCKET_T sockfd = 0;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
char msg[64] = "hello wolfssl!";
char reply[1024];
int msgSz = (int)XSTRLEN(msg);
int ret;
BIO* bio = NULL;
XMEMSET(&server_args, 0, sizeof(func_args));
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#ifdef OPENSSL_COMPATIBLE_DEFAULTS
ExpectIntEQ(wolfSSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY), 0);
#endif
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
/* force retry */
ExpectNotNull(bio = wolfSSL_BIO_new_ssl(ctx, 1));
ExpectIntEQ(BIO_get_ssl(bio, &ssl), 1);
ExpectNotNull(ssl);
ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
wolfSSL_SSLSetIORecv(ssl, forceWantRead);
if (EXPECT_FAIL()) {
wolfSSL_free(ssl);
ssl = NULL;
}
ExpectIntLE(BIO_write(bio, msg, msgSz), 0);
ExpectIntNE(BIO_should_retry(bio), 0);
ExpectIntEQ(BIO_should_read(bio), 0);
ExpectIntEQ(BIO_should_write(bio), 0);
/* now perform successful connection */
wolfSSL_SSLSetIORecv(ssl, EmbedReceive);
ExpectIntEQ(BIO_write(bio, msg, msgSz), msgSz);
ExpectIntNE(BIO_read(bio, reply, sizeof(reply)), 0);
ret = wolfSSL_get_error(ssl, -1);
if (ret == WOLFSSL_ERROR_WANT_READ || ret == WOLFSSL_ERROR_WANT_WRITE) {
ExpectIntNE(BIO_should_retry(bio), 0);
if (ret == WOLFSSL_ERROR_WANT_READ)
ExpectIntEQ(BIO_should_read(bio), 1);
else
ExpectIntEQ(BIO_should_read(bio), 0);
if (ret == WOLFSSL_ERROR_WANT_WRITE)
ExpectIntEQ(BIO_should_write(bio), 1);
else
ExpectIntEQ(BIO_should_write(bio), 0);
}
else {
ExpectIntEQ(BIO_should_retry(bio), 0);
ExpectIntEQ(BIO_should_read(bio), 0);
ExpectIntEQ(BIO_should_write(bio), 0);
}
ExpectIntEQ(XMEMCMP(reply, "I hear you fa shizzle!",
XSTRLEN("I hear you fa shizzle!")), 0);
BIO_free(bio);
wolfSSL_CTX_free(ctx);
CloseSocket(sockfd);
join_thread(serverThread);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_connect(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(HAVE_HTTP_CLIENT) && !defined(NO_WOLFSSL_CLIENT)
tcp_ready ready;
func_args server_args;
THREAD_TYPE serverThread;
BIO *tcpBio = NULL;
BIO *sslBio = NULL;
SSL_CTX* ctx = NULL;
SSL *ssl = NULL;
SSL *sslPtr;
char msg[] = "hello wolfssl!";
char reply[30];
char buff[10] = {0};
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS,
wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
/* Setup server */
XMEMSET(&server_args, 0, sizeof(func_args));
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
ExpectIntGT(XSNPRINTF(buff, sizeof(buff), "%d", ready.port), 0);
/* Start the test proper */
/* Setup the TCP BIO */
ExpectNotNull(tcpBio = BIO_new_connect(wolfSSLIP));
ExpectIntEQ(BIO_set_conn_port(tcpBio, buff), 1);
/* Setup the SSL object */
ExpectNotNull(ssl = SSL_new(ctx));
SSL_set_connect_state(ssl);
/* Setup the SSL BIO */
ExpectNotNull(sslBio = BIO_new(BIO_f_ssl()));
ExpectIntEQ(BIO_set_ssl(sslBio, ssl, BIO_CLOSE), 1);
if (EXPECT_FAIL()) {
wolfSSL_free(ssl);
}
/* Verify that BIO_get_ssl works. */
ExpectIntEQ(BIO_get_ssl(sslBio, &sslPtr), 1);
ExpectPtrEq(ssl, sslPtr);
/* Link BIO's so that sslBio uses tcpBio for IO */
ExpectPtrEq(BIO_push(sslBio, tcpBio), sslBio);
/* Do TCP connect */
ExpectIntEQ(BIO_do_connect(sslBio), 1);
/* Do TLS handshake */
ExpectIntEQ(BIO_do_handshake(sslBio), 1);
/* Test writing */
ExpectIntEQ(BIO_write(sslBio, msg, sizeof(msg)), sizeof(msg));
/* Expect length of default wolfSSL reply */
ExpectIntEQ(BIO_read(sslBio, reply, sizeof(reply)), 23);
/* Clean it all up */
BIO_free_all(sslBio);
/* Server clean up */
join_thread(serverThread);
FreeTcpReady(&ready);
/* Run the same test, but use BIO_new_ssl_connect and set the IP and port
* after. */
XMEMSET(&server_args, 0, sizeof(func_args));
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
ExpectIntGT(XSNPRINTF(buff, sizeof(buff), "%d", ready.port), 0);
ExpectNotNull(sslBio = BIO_new_ssl_connect(ctx));
ExpectIntEQ(BIO_set_conn_hostname(sslBio, (char*)wolfSSLIP), 1);
ExpectIntEQ(BIO_set_conn_port(sslBio, buff), 1);
ExpectIntEQ(BIO_do_connect(sslBio), 1);
ExpectIntEQ(BIO_do_handshake(sslBio), 1);
ExpectIntEQ(BIO_write(sslBio, msg, sizeof(msg)), sizeof(msg));
ExpectIntEQ(BIO_read(sslBio, reply, sizeof(reply)), 23);
/* Attempt to close the TLS connection gracefully. */
BIO_ssl_shutdown(sslBio);
BIO_free_all(sslBio);
join_thread(serverThread);
FreeTcpReady(&ready);
SSL_CTX_free(ctx);
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_tls(void)
{
EXPECT_DECLS;
#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
SSL_CTX* ctx = NULL;
SSL *ssl = NULL;
BIO *readBio = NULL;
BIO *writeBio = NULL;
int ret;
int err = 0;
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_method()));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectNotNull(readBio = BIO_new(BIO_s_mem()));
ExpectNotNull(writeBio = BIO_new(BIO_s_mem()));
/* Qt reads data from write-bio,
* then writes the read data into plain packet.
* Qt reads data from plain packet,
* then writes the read data into read-bio.
*/
SSL_set_bio(ssl, readBio, writeBio);
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = SSL_connect(ssl);
err = SSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
/* in this use case, should return WANT READ
* so that Qt will read the data from plain packet for next state.
*/
ExpectIntEQ(err, SSL_ERROR_WANT_READ);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_datagram(void)
{
EXPECT_DECLS;
#if !defined(NO_BIO) && defined(WOLFSSL_DTLS) && defined(WOLFSSL_HAVE_BIO_ADDR) && defined(OPENSSL_EXTRA)
int ret;
SOCKET_T fd1 = SOCKET_INVALID, fd2 = SOCKET_INVALID;
WOLFSSL_BIO *bio1 = NULL, *bio2 = NULL;
WOLFSSL_BIO_ADDR *bio_addr1 = NULL, *bio_addr2 = NULL;
SOCKADDR_IN sin1, sin2;
socklen_t slen;
static const char test_msg[] = "I am a datagram, short and stout.";
char test_msg_recvd[sizeof(test_msg) + 10];
#ifdef USE_WINDOWS_API
static const DWORD timeout = 250; /* ms */
#else
static const struct timeval timeout = { 0, 250000 };
#endif
StartTCP();
if (EXPECT_SUCCESS()) {
fd1 = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
ExpectIntNE(fd1, SOCKET_INVALID);
}
if (EXPECT_SUCCESS()) {
fd2 = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
ExpectIntNE(fd2, SOCKET_INVALID);
}
if (EXPECT_SUCCESS()) {
bio1 = wolfSSL_BIO_new_dgram(fd1, 1 /* closeF */);
ExpectNotNull(bio1);
}
if (EXPECT_SUCCESS()) {
bio2 = wolfSSL_BIO_new_dgram(fd2, 1 /* closeF */);
ExpectNotNull(bio2);
}
if (EXPECT_SUCCESS()) {
sin1.sin_family = AF_INET;
sin1.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
sin1.sin_port = 0;
slen = (socklen_t)sizeof(sin1);
ExpectIntEQ(bind(fd1, (const struct sockaddr *)&sin1, slen), 0);
ExpectIntEQ(setsockopt(fd1, SOL_SOCKET, SO_RCVTIMEO, (const char *)&timeout, sizeof(timeout)), 0);
ExpectIntEQ(getsockname(fd1, (struct sockaddr *)&sin1, &slen), 0);
}
if (EXPECT_SUCCESS()) {
sin2.sin_family = AF_INET;
sin2.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
sin2.sin_port = 0;
slen = (socklen_t)sizeof(sin2);
ExpectIntEQ(bind(fd2, (const struct sockaddr *)&sin2, slen), 0);
ExpectIntEQ(setsockopt(fd2, SOL_SOCKET, SO_RCVTIMEO, (const char *)&timeout, sizeof(timeout)), 0);
ExpectIntEQ(getsockname(fd2, (struct sockaddr *)&sin2, &slen), 0);
}
if (EXPECT_SUCCESS()) {
bio_addr1 = wolfSSL_BIO_ADDR_new();
ExpectNotNull(bio_addr1);
}
if (EXPECT_SUCCESS()) {
bio_addr2 = wolfSSL_BIO_ADDR_new();
ExpectNotNull(bio_addr2);
}
if (EXPECT_SUCCESS()) {
/* for OpenSSL compatibility, direct copying of sockaddrs into BIO_ADDRs must work right. */
XMEMCPY(&bio_addr2->sa_in, &sin2, sizeof(sin2));
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_PEER, 0, bio_addr2), WOLFSSL_SUCCESS);
wolfSSL_BIO_ADDR_clear(bio_addr2);
}
test_msg_recvd[0] = 0;
ExpectIntEQ(wolfSSL_BIO_write(bio1, test_msg, sizeof(test_msg)), (int)sizeof(test_msg));
ExpectIntEQ(wolfSSL_BIO_read(bio2, test_msg_recvd, sizeof(test_msg_recvd)), (int)sizeof(test_msg));
ExpectIntEQ(XMEMCMP(test_msg_recvd, test_msg, sizeof(test_msg)), 0);
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
ExpectIntEQ(wolfSSL_BIO_number_written(bio1), sizeof(test_msg));
ExpectIntEQ(wolfSSL_BIO_number_read(bio2), sizeof(test_msg));
#endif
/* bio2 should now have bio1's addr stored as its peer_addr, because the
* BIOs aren't "connected" yet. use it to send a reply.
*/
test_msg_recvd[0] = 0;
ExpectIntEQ(wolfSSL_BIO_write(bio2, test_msg, sizeof(test_msg)), (int)sizeof(test_msg));
ExpectIntEQ(wolfSSL_BIO_read(bio1, test_msg_recvd, sizeof(test_msg_recvd)), (int)sizeof(test_msg));
ExpectIntEQ(XMEMCMP(test_msg_recvd, test_msg, sizeof(test_msg)), 0);
ExpectIntEQ(wolfSSL_BIO_read(bio1, test_msg_recvd, sizeof(test_msg_recvd)), WOLFSSL_BIO_ERROR);
ExpectIntNE(BIO_should_retry(bio1), 0);
ExpectIntEQ(wolfSSL_BIO_read(bio2, test_msg_recvd, sizeof(test_msg_recvd)), WOLFSSL_BIO_ERROR);
ExpectIntNE(BIO_should_retry(bio2), 0);
/* now "connect" the sockets. */
ExpectIntEQ(connect(fd1, (const struct sockaddr *)&sin2, (socklen_t)sizeof(sin2)), 0);
ExpectIntEQ(connect(fd2, (const struct sockaddr *)&sin1, (socklen_t)sizeof(sin1)), 0);
if (EXPECT_SUCCESS()) {
XMEMCPY(&bio_addr2->sa_in, &sin2, sizeof(sin2));
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_CONNECTED, 0, bio_addr2), WOLFSSL_SUCCESS);
wolfSSL_BIO_ADDR_clear(bio_addr2);
}
if (EXPECT_SUCCESS()) {
XMEMCPY(&bio_addr1->sa_in, &sin1, sizeof(sin1));
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio2, BIO_CTRL_DGRAM_SET_CONNECTED, 0, bio_addr1), WOLFSSL_SUCCESS);
wolfSSL_BIO_ADDR_clear(bio_addr1);
}
test_msg_recvd[0] = 0;
ExpectIntEQ(wolfSSL_BIO_write(bio2, test_msg, sizeof(test_msg)), (int)sizeof(test_msg));
ExpectIntEQ(wolfSSL_BIO_read(bio1, test_msg_recvd, sizeof(test_msg_recvd)), (int)sizeof(test_msg));
ExpectIntEQ(XMEMCMP(test_msg_recvd, test_msg, sizeof(test_msg)), 0);
test_msg_recvd[0] = 0;
ExpectIntEQ(wolfSSL_BIO_write(bio1, test_msg, sizeof(test_msg)), (int)sizeof(test_msg));
ExpectIntEQ(wolfSSL_BIO_read(bio2, test_msg_recvd, sizeof(test_msg_recvd)), (int)sizeof(test_msg));
ExpectIntEQ(XMEMCMP(test_msg_recvd, test_msg, sizeof(test_msg)), 0);
#ifdef __linux__
/* now "disconnect" the sockets and attempt transmits expected to fail. */
sin1.sin_family = AF_UNSPEC;
ExpectIntEQ(connect(fd1, (const struct sockaddr *)&sin1, (socklen_t)sizeof(sin1)), 0);
ExpectIntEQ(connect(fd2, (const struct sockaddr *)&sin1, (socklen_t)sizeof(sin1)), 0);
sin1.sin_family = AF_INET;
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_CONNECTED, 0, NULL), WOLFSSL_SUCCESS);
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio2, BIO_CTRL_DGRAM_SET_CONNECTED, 0, NULL), WOLFSSL_SUCCESS);
if (EXPECT_SUCCESS()) {
sin2.sin_addr.s_addr = htonl(0xc0a8c0a8); /* 192.168.192.168 -- invalid for loopback interface. */
XMEMCPY(&bio_addr2->sa_in, &sin2, sizeof(sin2));
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_PEER, 0, bio_addr2), WOLFSSL_SUCCESS);
wolfSSL_BIO_ADDR_clear(bio_addr2);
}
test_msg_recvd[0] = 0;
errno = 0;
ExpectIntEQ(wolfSSL_BIO_write(bio1, test_msg, sizeof(test_msg)), -1);
ExpectTrue((errno == EINVAL) || (errno == ENETUNREACH));
#endif /* __linux__ */
if (bio1) {
ret = wolfSSL_BIO_free(bio1);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
} else if (fd1 != SOCKET_INVALID)
CloseSocket(fd1);
if (bio2) {
ret = wolfSSL_BIO_free(bio2);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
} else if (fd2 != SOCKET_INVALID)
CloseSocket(fd2);
if (bio_addr1)
wolfSSL_BIO_ADDR_free(bio_addr1);
if (bio_addr2)
wolfSSL_BIO_ADDR_free(bio_addr2);
#endif /* !NO_BIO && WOLFSSL_DTLS && WOLFSSL_HAVE_BIO_ADDR && OPENSSL_EXTRA */
return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(HAVE_HTTP_CLIENT)
static THREAD_RETURN WOLFSSL_THREAD test_wolfSSL_BIO_accept_client(void* args)
{
BIO* clientBio;
SSL* sslClient;
SSL_CTX* ctx;
char connectAddr[20]; /* IP + port */;
(void)args;
AssertIntGT(snprintf(connectAddr, sizeof(connectAddr), "%s:%d", wolfSSLIP, wolfSSLPort), 0);
AssertNotNull(clientBio = BIO_new_connect(connectAddr));
AssertIntEQ(BIO_do_connect(clientBio), 1);
AssertNotNull(ctx = SSL_CTX_new(SSLv23_method()));
AssertNotNull(sslClient = SSL_new(ctx));
AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), WOLFSSL_SUCCESS);
SSL_set_bio(sslClient, clientBio, clientBio);
AssertIntEQ(SSL_connect(sslClient), 1);
SSL_free(sslClient);
SSL_CTX_free(ctx);
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif
static int test_wolfSSL_BIO_accept(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(HAVE_HTTP_CLIENT)
BIO* serverBindBio = NULL;
BIO* serverAcceptBio = NULL;
SSL* sslServer = NULL;
SSL_CTX* ctx = NULL;
func_args args;
THREAD_TYPE thread;
char port[10]; /* 10 bytes should be enough to store the string
* representation of the port */
ExpectIntGT(snprintf(port, sizeof(port), "%d", wolfSSLPort), 0);
ExpectNotNull(serverBindBio = BIO_new_accept(port));
/* First BIO_do_accept binds the port */
ExpectIntEQ(BIO_do_accept(serverBindBio), 1);
XMEMSET(&args, 0, sizeof(func_args));
start_thread(test_wolfSSL_BIO_accept_client, &args, &thread);
ExpectIntEQ(BIO_do_accept(serverBindBio), 1);
/* Let's plug it into SSL to test */
ExpectNotNull(ctx = SSL_CTX_new(SSLv23_method()));
ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
SSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectNotNull(sslServer = SSL_new(ctx));
ExpectNotNull(serverAcceptBio = BIO_pop(serverBindBio));
SSL_set_bio(sslServer, serverAcceptBio, serverAcceptBio);
ExpectIntEQ(SSL_accept(sslServer), 1);
join_thread(thread);
BIO_free(serverBindBio);
SSL_free(sslServer);
SSL_CTX_free(ctx);
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_write(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
BIO* bio = NULL;
BIO* bio64 = NULL;
BIO* bio_mem = NULL;
BIO* ptr = NULL;
int sz;
char msg[] = "conversion test";
char out[40];
char expected[] = "Y29udmVyc2lvbiB0ZXN0AA==\n";
void* bufPtr = NULL;
BUF_MEM* buf = NULL;
ExpectNotNull(bio64 = BIO_new(BIO_f_base64()));
ExpectNotNull(bio = BIO_push(bio64, BIO_new(BIO_s_mem())));
if (EXPECT_FAIL()) {
BIO_free(bio64);
}
/* now should convert to base64 then write to memory */
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg));
BIO_flush(bio);
/* test BIO chain */
ExpectIntEQ(SSL_SUCCESS, (int)BIO_get_mem_ptr(bio, &buf));
ExpectNotNull(buf);
ExpectIntEQ(buf->length, 25);
ExpectIntEQ(BIO_get_mem_data(bio, &bufPtr), 25);
ExpectPtrEq(buf->data, bufPtr);
ExpectNotNull(ptr = BIO_find_type(bio, BIO_TYPE_MEM));
sz = sizeof(out);
XMEMSET(out, 0, sz);
ExpectIntEQ((sz = BIO_read(ptr, out, sz)), 25);
ExpectIntEQ(XMEMCMP(out, expected, sz), 0);
/* write then read should return the same message */
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg));
sz = sizeof(out);
XMEMSET(out, 0, sz);
ExpectIntEQ(BIO_read(bio, out, sz), 16);
ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0);
/* now try encoding with no line ending */
BIO_set_flags(bio64, BIO_FLAGS_BASE64_NO_NL);
#ifdef HAVE_EX_DATA
BIO_set_ex_data(bio64, 0, (void*) "data");
ExpectIntEQ(strcmp((const char*)BIO_get_ex_data(bio64, 0), "data"), 0);
#endif
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg));
BIO_flush(bio);
sz = sizeof(out);
XMEMSET(out, 0, sz);
ExpectIntEQ((sz = BIO_read(ptr, out, sz)), 24);
ExpectIntEQ(XMEMCMP(out, expected, sz), 0);
BIO_free_all(bio); /* frees bio64 also */
bio = NULL;
/* test with more than one bio64 in list */
ExpectNotNull(bio64 = BIO_new(BIO_f_base64()));
ExpectNotNull(bio = BIO_push(BIO_new(BIO_f_base64()), bio64));
if (EXPECT_FAIL()) {
BIO_free(bio64);
bio64 = NULL;
}
ExpectNotNull(bio_mem = BIO_new(BIO_s_mem()));
ExpectNotNull(BIO_push(bio64, bio_mem));
if (EXPECT_FAIL()) {
BIO_free(bio_mem);
}
/* now should convert to base64 when stored and then decode with read */
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), 25);
BIO_flush(bio);
sz = sizeof(out);
XMEMSET(out, 0, sz);
ExpectIntEQ((sz = BIO_read(bio, out, sz)), 16);
ExpectIntEQ(XMEMCMP(out, msg, sz), 0);
BIO_clear_flags(bio64, ~0);
BIO_set_retry_read(bio);
BIO_free_all(bio); /* frees bio64s also */
bio = NULL;
ExpectNotNull(bio = BIO_new_mem_buf(out, 0));
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg));
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_printf(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
BIO* bio = NULL;
int sz = 7;
char msg[] = "TLS 1.3 for the world";
char out[60];
char expected[] = "TLS 1.3 for the world : sz = 7";
XMEMSET(out, 0, sizeof(out));
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_printf(bio, "%s : sz = %d", msg, sz), 30);
ExpectIntEQ(BIO_printf(NULL, ""), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 30);
ExpectIntEQ(XSTRNCMP(out, expected, sizeof(expected)), 0);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_f_md(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_SHA256)
BIO* bio = NULL;
BIO* mem = NULL;
char msg[] = "message to hash";
char out[60];
EVP_MD_CTX* ctx = NULL;
const unsigned char testKey[] =
{
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
const char testData[] = "Hi There";
const unsigned char testResult[] =
{
0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53,
0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b,
0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7,
0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7
};
const unsigned char expectedHash[] =
{
0x66, 0x49, 0x3C, 0xE8, 0x8A, 0x57, 0xB0, 0x60,
0xDC, 0x55, 0x7D, 0xFC, 0x1F, 0xA5, 0xE5, 0x07,
0x70, 0x5A, 0xF6, 0xD7, 0xC4, 0x1F, 0x1A, 0xE4,
0x2D, 0xA6, 0xFD, 0xD1, 0x29, 0x7D, 0x60, 0x0D
};
const unsigned char emptyHash[] =
{
0xE3, 0xB0, 0xC4, 0x42, 0x98, 0xFC, 0x1C, 0x14,
0x9A, 0xFB, 0xF4, 0xC8, 0x99, 0x6F, 0xB9, 0x24,
0x27, 0xAE, 0x41, 0xE4, 0x64, 0x9B, 0x93, 0x4C,
0xA4, 0x95, 0x99, 0x1B, 0x78, 0x52, 0xB8, 0x55
};
unsigned char check[sizeof(testResult) + 1];
size_t checkSz = -1;
EVP_PKEY* key = NULL;
XMEMSET(out, 0, sizeof(out));
ExpectNotNull(bio = BIO_new(BIO_f_md()));
ExpectNotNull(mem = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_get_md_ctx(bio, &ctx), 1);
ExpectIntEQ(EVP_DigestInit(ctx, EVP_sha256()), 1);
/* should not be able to write/read yet since just digest wrapper and no
* data is passing through the bio */
ExpectIntEQ(BIO_write(bio, msg, 0), 0);
ExpectIntEQ(BIO_pending(bio), 0);
ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 0);
ExpectIntEQ(BIO_gets(bio, out, 3), 0);
ExpectIntEQ(BIO_gets(bio, out, sizeof(out)), 32);
ExpectIntEQ(XMEMCMP(emptyHash, out, 32), 0);
BIO_reset(bio);
/* append BIO mem to bio in order to read/write */
ExpectNotNull(bio = BIO_push(bio, mem));
XMEMSET(out, 0, sizeof(out));
ExpectIntEQ(BIO_write(mem, msg, sizeof(msg)), 16);
ExpectIntEQ(BIO_pending(bio), 16);
/* this just reads the message and does not hash it (gets calls final) */
ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 16);
ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0);
/* create a message digest using BIO */
XMEMSET(out, 0, sizeof(out));
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), 16);
ExpectIntEQ(BIO_pending(mem), 16);
ExpectIntEQ(BIO_pending(bio), 16);
ExpectIntEQ(BIO_gets(bio, out, sizeof(out)), 32);
ExpectIntEQ(XMEMCMP(expectedHash, out, 32), 0);
BIO_free(bio);
bio = NULL;
BIO_free(mem);
mem = NULL;
/* test with HMAC */
XMEMSET(out, 0, sizeof(out));
ExpectNotNull(bio = BIO_new(BIO_f_md()));
ExpectNotNull(mem = BIO_new(BIO_s_mem()));
BIO_get_md_ctx(bio, &ctx);
ExpectNotNull(key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, testKey,
(int)sizeof(testKey)));
EVP_DigestSignInit(ctx, NULL, EVP_sha256(), NULL, key);
ExpectNotNull(bio = BIO_push(bio, mem));
BIO_write(bio, testData, (int)strlen(testData));
ExpectIntEQ(EVP_DigestSignFinal(ctx, NULL, &checkSz), 1);
ExpectIntEQ(EVP_DigestSignFinal(ctx, check, &checkSz), 1);
ExpectIntEQ(XMEMCMP(check, testResult, sizeof(testResult)), 0);
EVP_PKEY_free(key);
BIO_free(bio);
BIO_free(mem);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_up_ref(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
BIO* bio = NULL;
ExpectNotNull(bio = BIO_new(BIO_f_md()));
ExpectIntEQ(BIO_up_ref(NULL), 0);
ExpectIntEQ(BIO_up_ref(bio), 1);
BIO_free(bio);
ExpectIntEQ(BIO_up_ref(bio), 1);
BIO_free(bio);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_reset(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
BIO* bio = NULL;
byte buf[16];
ExpectNotNull(bio = BIO_new_mem_buf("secure your data",
(word32)XSTRLEN("secure your data")));
ExpectIntEQ(BIO_read(bio, buf, 6), 6);
ExpectIntEQ(XMEMCMP(buf, "secure", 6), 0);
XMEMSET(buf, 0, 16);
ExpectIntEQ(BIO_read(bio, buf, 16), 10);
ExpectIntEQ(XMEMCMP(buf, " your data", 10), 0);
/* You cannot write to MEM BIO with read-only mode. */
ExpectIntEQ(BIO_write(bio, "WriteToReadonly", 15), 0);
ExpectIntEQ(BIO_read(bio, buf, 16), -1);
XMEMSET(buf, 0, 16);
ExpectIntEQ(BIO_reset(bio), 0);
ExpectIntEQ(BIO_read(bio, buf, 16), 16);
ExpectIntEQ(XMEMCMP(buf, "secure your data", 16), 0);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
#endif /* !NO_BIO */
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
/* test that the callback arg is correct */
static int certCbArg = 0;
static int certCb(WOLFSSL* ssl, void* arg)
{
if (ssl == NULL || arg != &certCbArg)
return 0;
if (wolfSSL_is_server(ssl)) {
if (wolfSSL_use_certificate_file(ssl, svrCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
return 0;
if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
return 0;
}
else {
if (wolfSSL_use_certificate_file(ssl, cliCertFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
return 0;
if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
return 0;
}
return 1;
}
static int certSetupCb(WOLFSSL_CTX* ctx)
{
SSL_CTX_set_cert_cb(ctx, certCb, &certCbArg);
return TEST_SUCCESS;
}
/**
* This is only done because test_wolfSSL_client_server_nofail_memio has no way
* to stop certificate and key loading
*/
static int certClearCb(WOLFSSL* ssl)
{
/* Clear the loaded certs to force the callbacks to set them up */
SSL_certs_clear(ssl);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_cert_cb(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ctx_ready = certSetupCb;
func_cb_client.ssl_ready = certClearCb;
func_cb_server.ctx_ready = certSetupCb;
func_cb_server.ssl_ready = certClearCb;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_cipher = NULL;
static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs = NULL;
static int test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx,
test_wolfSSL_cert_cb_dyn_ciphers_client_cipher), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_wolfSSL_cert_cb_dyn_ciphers_certCB(WOLFSSL* ssl, void* arg)
{
const byte* suites = NULL;
word16 suiteSz = 0;
const byte* hashSigAlgo = NULL;
word16 hashSigAlgoSz = 0;
word16 idx = 0;
int haveRSA = 0;
int haveECC = 0;
(void)arg;
if (wolfSSL_get_client_suites_sigalgs(ssl, &suites, &suiteSz, &hashSigAlgo,
&hashSigAlgoSz) != WOLFSSL_SUCCESS)
return 0;
if (suites == NULL || suiteSz == 0 || hashSigAlgo == NULL ||
hashSigAlgoSz == 0)
return 0;
for (idx = 0; idx < suiteSz; idx += 2) {
WOLFSSL_CIPHERSUITE_INFO info =
wolfSSL_get_ciphersuite_info(suites[idx], suites[idx+1]);
if (info.rsaAuth)
haveRSA = 1;
else if (info.eccAuth)
haveECC = 1;
}
if (hashSigAlgoSz > 0) {
/* sigalgs extension takes precedence over ciphersuites */
haveRSA = 0;
haveECC = 0;
}
for (idx = 0; idx < hashSigAlgoSz; idx += 2) {
int hashAlgo = 0;
int sigAlgo = 0;
if (wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1],
&hashAlgo, &sigAlgo) != 0)
return 0;
if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
haveRSA = 1;
else if (sigAlgo == ECDSAk)
haveECC = 1;
}
if (haveRSA) {
if (wolfSSL_use_certificate_file(ssl, svrCertFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
return 0;
if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
return 0;
}
else if (haveECC) {
if (wolfSSL_use_certificate_file(ssl, eccCertFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
return 0;
if (wolfSSL_use_PrivateKey_file(ssl, eccKeyFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
return 0;
}
return 1;
}
static int test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready(WOLFSSL_CTX* ctx)
{
SSL_CTX_set_cert_cb(ctx, test_wolfSSL_cert_cb_dyn_ciphers_certCB, NULL);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
return TEST_SUCCESS;
}
#endif
/* Testing dynamic ciphers offered by client */
static int test_wolfSSL_cert_cb_dyn_ciphers(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
struct {
method_provider client_meth;
const char* client_ciphers;
const char* client_sigalgs;
const char* client_ca;
method_provider server_meth;
} test_params[] = {
#if !defined(NO_SHA256) && defined(HAVE_AESGCM)
#ifdef WOLFSSL_TLS13
#if !defined(NO_RSA) && defined(WC_RSA_PSS)
{wolfTLSv1_3_client_method,
"TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256",
"RSA-PSS+SHA256", caCertFile, wolfTLSv1_3_server_method},
#endif
#ifdef HAVE_ECC
{wolfTLSv1_3_client_method,
"TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256",
"ECDSA+SHA256", caEccCertFile, wolfTLSv1_3_server_method},
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
#if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_DH)
{wolfTLSv1_2_client_method,
"DHE-RSA-AES128-GCM-SHA256",
"RSA-PSS+SHA256", caCertFile, wolfTLSv1_2_server_method},
#endif
#ifdef HAVE_ECC
{wolfTLSv1_2_client_method,
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDSA+SHA256", caEccCertFile, wolfTLSv1_2_server_method},
#endif
#endif
#endif
};
size_t i;
size_t testCount = sizeof(test_params)/sizeof(*test_params);
if (testCount > 0) {
for (i = 0; i < testCount; i++) {
printf("\tTesting %s ciphers with %s sigalgs\n",
test_params[i].client_ciphers,
test_params[i].client_sigalgs);
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
test_wolfSSL_cert_cb_dyn_ciphers_client_cipher =
test_params[i].client_ciphers;
test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs =
test_params[i].client_sigalgs;
func_cb_client.method = test_params[i].client_meth;
func_cb_client.caPemFile = test_params[i].client_ca;
func_cb_client.ctx_ready =
test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready;
func_cb_server.ctx_ready =
test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready;
func_cb_server.ssl_ready = certClearCb; /* Reuse from prev test */
func_cb_server.method = test_params[i].server_meth;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
}
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ciphersuite_auth(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
WOLFSSL_CIPHERSUITE_INFO info;
(void)info;
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_CHACHA
info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
ExpectIntEQ(info.rsaAuth, 1);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 0);
info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
ExpectIntEQ(info.rsaAuth, 0);
ExpectIntEQ(info.eccAuth, 1);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 0);
info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256);
ExpectIntEQ(info.rsaAuth, 0);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 1);
#endif
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
#ifndef NO_RSA
info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA);
ExpectIntEQ(info.rsaAuth, 1);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 0);
info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
ExpectIntEQ(info.rsaAuth, 1);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 1);
ExpectIntEQ(info.psk, 0);
info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
ExpectIntEQ(info.rsaAuth, 1);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 1);
ExpectIntEQ(info.psk, 0);
#endif
info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
ExpectIntEQ(info.rsaAuth, 0);
ExpectIntEQ(info.eccAuth, 1);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 0);
info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
ExpectIntEQ(info.rsaAuth, 0);
ExpectIntEQ(info.eccAuth, 1);
ExpectIntEQ(info.eccStatic, 1);
ExpectIntEQ(info.psk, 0);
info = wolfSSL_get_ciphersuite_info(ECDHE_PSK_BYTE,
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256);
ExpectIntEQ(info.rsaAuth, 0);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 1);
#endif
#endif
#ifdef WOLFSSL_TLS13
info = wolfSSL_get_ciphersuite_info(TLS13_BYTE,
TLS_AES_128_GCM_SHA256);
ExpectIntEQ(info.rsaAuth, 0);
ExpectIntEQ(info.eccAuth, 0);
ExpectIntEQ(info.eccStatic, 0);
ExpectIntEQ(info.psk, 0);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_sigalg_info(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
byte hashSigAlgo[WOLFSSL_MAX_SIGALGO];
word16 len = 0;
word16 idx = 0;
int allSigAlgs = SIG_ECDSA | SIG_RSA | SIG_SM2 | SIG_FALCON | SIG_DILITHIUM;
InitSuitesHashSigAlgo(hashSigAlgo, allSigAlgs, 1, 0xFFFFFFFF, &len);
for (idx = 0; idx < len; idx += 2) {
int hashAlgo = 0;
int sigAlgo = 0;
ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0],
hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0);
ExpectIntNE(hashAlgo, 0);
ExpectIntNE(sigAlgo, 0);
}
InitSuitesHashSigAlgo(hashSigAlgo, allSigAlgs | SIG_ANON, 1,
0xFFFFFFFF, &len);
for (idx = 0; idx < len; idx += 2) {
int hashAlgo = 0;
int sigAlgo = 0;
ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0],
hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0);
ExpectIntNE(hashAlgo, 0);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SESSION(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
!defined(NO_SESSION_CACHE)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL_SESSION* sess = NULL;
WOLFSSL_SESSION* sess_copy = NULL;
#ifdef OPENSSL_EXTRA
#ifdef HAVE_EXT_CACHE
unsigned char* sessDer = NULL;
unsigned char* ptr = NULL;
int sz = 0;
#endif
const unsigned char context[] = "user app context";
unsigned int contextSz = (unsigned int)sizeof(context);
#endif
int ret = 0, err = 0;
SOCKET_T sockfd;
tcp_ready ready;
func_args server_args;
THREAD_TYPE serverThread;
char msg[80];
const char* sendGET = "GET";
/* TLS v1.3 requires session tickets */
/* CHACHA and POLY1305 required for myTicketEncCb */
#if defined(WOLFSSL_TLS13) && (!defined(HAVE_SESSION_TICKET) && \
!defined(WOLFSSL_NO_TLS12) || !(defined(HAVE_CHACHA) && \
defined(HAVE_POLY1305) && !defined(HAVE_AESGCM)))
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#ifdef HAVE_SESSION_TICKET
/* Use session tickets, for ticket tests below */
ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
#endif
XMEMSET(&server_args, 0, sizeof(func_args));
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
server_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
/* client connection */
ExpectNotNull(ssl = wolfSSL_new(ctx));
tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl);
ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_connect(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_write(ssl, sendGET, (int)XSTRLEN(sendGET));
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
ExpectIntEQ(ret, (int)XSTRLEN(sendGET));
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
ret = wolfSSL_read(ssl, msg, sizeof(msg));
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
ExpectIntEQ(ret, 23);
ExpectPtrNE((sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */
ExpectPtrNE((sess_copy = wolfSSL_get1_session(ssl)), NULL); /* ref count 2 */
ExpectIntEQ(wolfSSL_SessionIsSetup(sess), 1);
#ifdef HAVE_EXT_CACHE
ExpectPtrEq(sess, sess_copy); /* they should be the same pointer but without
* HAVE_EXT_CACHE we get new objects each time */
#endif
wolfSSL_SESSION_free(sess_copy); sess_copy = NULL;
wolfSSL_SESSION_free(sess); sess = NULL; /* free session ref */
sess = wolfSSL_get_session(ssl);
#ifdef OPENSSL_EXTRA
ExpectIntEQ(SSL_SESSION_is_resumable(NULL), 0);
ExpectIntEQ(SSL_SESSION_is_resumable(sess), 1);
ExpectIntEQ(wolfSSL_SESSION_has_ticket(NULL), 0);
ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(NULL), 0);
#ifdef HAVE_SESSION_TICKET
ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 1);
ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(sess),
SESSION_TICKET_HINT_DEFAULT);
#else
ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 0);
#endif
#else
(void)sess;
#endif /* OPENSSL_EXTRA */
/* Retain copy of the session for later testing */
ExpectNotNull(sess = wolfSSL_get1_session(ssl));
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl); ssl = NULL;
CloseSocket(sockfd);
join_thread(serverThread);
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
{
X509 *x509 = NULL;
char buf[30];
int bufSz = 0;
ExpectNotNull(x509 = SSL_SESSION_get0_peer(sess));
ExpectIntGT((bufSz = X509_NAME_get_text_by_NID(
X509_get_subject_name(x509), NID_organizationalUnitName, buf,
sizeof(buf))), 0);
ExpectIntNE((bufSz == 7 || bufSz == 16), 0); /* should be one of these*/
if (bufSz == 7) {
ExpectIntEQ(XMEMCMP(buf, "Support", bufSz), 0);
}
if (bufSz == 16) {
ExpectIntEQ(XMEMCMP(buf, "Programming-2048", bufSz), 0);
}
}
#endif
#ifdef HAVE_EXT_CACHE
ExpectNotNull(sess_copy = wolfSSL_SESSION_dup(sess));
wolfSSL_SESSION_free(sess_copy); sess_copy = NULL;
sess_copy = NULL;
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE)
/* get session from DER and update the timeout */
ExpectIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG);
ExpectIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0);
wolfSSL_SESSION_free(sess); sess = NULL;
sess = NULL;
ptr = sessDer;
ExpectNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz));
ExpectNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL,
(const unsigned char**)&ptr, sz));
XFREE(sessDer, NULL, DYNAMIC_TYPE_OPENSSL);
sessDer = NULL;
ExpectIntGT(wolfSSL_SESSION_get_time(sess), 0);
ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
#endif
/* successful set session test */
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
#ifdef HAVE_SESSION_TICKET
/* Test set/get session ticket */
{
const char* ticket = "This is a session ticket";
char buf[64] = {0};
word32 bufSz = (word32)sizeof(buf);
ExpectIntEQ(SSL_SUCCESS,
wolfSSL_set_SessionTicket(ssl, (byte *)ticket,
(word32)XSTRLEN(ticket)));
ExpectIntEQ(SSL_SUCCESS,
wolfSSL_get_SessionTicket(ssl, (byte *)buf, &bufSz));
ExpectStrEQ(ticket, buf);
}
#endif
#ifdef OPENSSL_EXTRA
/* session timeout case */
/* make the session to be expired */
ExpectIntEQ(SSL_SESSION_set_timeout(sess,1), SSL_SUCCESS);
XSLEEP_MS(1200);
/* SSL_set_session should reject specified session but return success
* if WOLFSSL_ERROR_CODE_OPENSSL macro is defined for OpenSSL compatibility.
*/
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_FAILURE);
#endif
ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
#ifdef WOLFSSL_SESSION_ID_CTX
/* fail case with miss match session context IDs (use compatibility API) */
ExpectIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
SSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
wolfSSL_free(ssl); ssl = NULL;
ExpectIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
SSL_FAILURE);
ExpectIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),
SSL_SUCCESS);
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
#endif
#endif /* OPENSSL_EXTRA */
wolfSSL_free(ssl);
wolfSSL_SESSION_free(sess);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
!defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \
!defined(WOLFSSL_NO_TLS12)
static WOLFSSL_SESSION* test_wolfSSL_SESSION_expire_sess = NULL;
static void test_wolfSSL_SESSION_expire_downgrade_ctx_ready(WOLFSSL_CTX* ctx)
{
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
/* returns previous timeout value */
AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), 500);
#else
AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), WOLFSSL_SUCCESS);
#endif
}
/* set the session to timeout in a second */
static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready(WOLFSSL* ssl)
{
AssertIntEQ(wolfSSL_set_timeout(ssl, 2), 1);
}
/* store the client side session from the first successful connection */
static void test_wolfSSL_SESSION_expire_downgrade_ssl_result(WOLFSSL* ssl)
{
AssertPtrNE((test_wolfSSL_SESSION_expire_sess = wolfSSL_get1_session(ssl)),
NULL); /* ref count 1 */
}
/* wait till session is expired then set it in the WOLFSSL struct for use */
static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait(WOLFSSL* ssl)
{
AssertIntEQ(wolfSSL_set_timeout(ssl, 1), 1);
AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
WOLFSSL_SUCCESS);
XSLEEP_MS(2000); /* wait 2 seconds for session to expire */
}
/* set expired session in the WOLFSSL struct for use */
static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set(WOLFSSL* ssl)
{
XSLEEP_MS(1200); /* wait a second for session to expire */
/* set the expired session, call to set session fails but continuing on
after failure should be handled here */
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL)
AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
WOLFSSL_SUCCESS);
#else
AssertIntNE(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
WOLFSSL_SUCCESS);
#endif
}
/* check that the expired session was not reused */
static void test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse(WOLFSSL* ssl)
{
/* since the session has expired it should not have been reused */
AssertIntEQ(wolfSSL_session_reused(ssl), 0);
}
#endif
static int test_wolfSSL_SESSION_expire_downgrade(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
!defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \
!defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX* ctx = NULL;
callback_functions server_cbf, client_cbf;
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
/* force server side to use TLS 1.2 */
server_cbf.ctx = ctx;
server_cbf.method = wolfTLSv1_2_server_method;
client_cbf.method = wolfSSLv23_client_method;
server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready;
client_cbf.on_result = test_wolfSSL_SESSION_expire_downgrade_ssl_result;
test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
/* set the previously created session and wait till expired */
server_cbf.ctx = ctx;
client_cbf.method = wolfSSLv23_client_method;
server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait;
client_cbf.on_result =
test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse;
test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
/* set the previously created expired session */
server_cbf.ctx = ctx;
client_cbf.method = wolfSSLv23_client_method;
server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set;
client_cbf.on_result =
test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse;
test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
wolfSSL_SESSION_free(test_wolfSSL_SESSION_expire_sess);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
static int clientSessRemCountMalloc = 0;
static int serverSessRemCountMalloc = 0;
static int clientSessRemCountFree = 0;
static int serverSessRemCountFree = 0;
static WOLFSSL_CTX* serverSessCtx = NULL;
static WOLFSSL_SESSION* serverSess = NULL;
#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
!defined(NO_SESSION_CACHE_REF)
static WOLFSSL_CTX* clientSessCtx = NULL;
static WOLFSSL_SESSION* clientSess = NULL;
#endif
static int serverSessRemIdx = 3;
static int sessRemCtx_Server = WOLFSSL_SERVER_END;
static int sessRemCtx_Client = WOLFSSL_CLIENT_END;
static void SessRemCtxCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
{
int* side;
(void)ctx;
side = (int*)SSL_SESSION_get_ex_data(sess, serverSessRemIdx);
if (side != NULL) {
if (*side == WOLFSSL_CLIENT_END)
clientSessRemCountFree++;
else
serverSessRemCountFree++;
SSL_SESSION_set_ex_data(sess, serverSessRemIdx, NULL);
}
}
static int SessRemCtxSetupCb(WOLFSSL_CTX* ctx)
{
SSL_CTX_sess_set_remove_cb(ctx, SessRemCtxCb);
#if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && \
!defined(NO_SESSION_CACHE_REF)
{
EXPECT_DECLS;
/* Allow downgrade, set min version, and disable TLS 1.3.
* Do this because without NO_SESSION_CACHE_REF we will want to return a
* reference to the session cache. But with WOLFSSL_TLS13 and without
* HAVE_SESSION_TICKET we won't have a session ID to be able to place
* the session in the cache. In this case we need to downgrade to
* previous versions to just use the legacy session ID field. */
ExpectIntEQ(SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION),
SSL_SUCCESS);
ExpectIntEQ(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION),
SSL_SUCCESS);
return EXPECT_RESULT();
}
#else
return TEST_SUCCESS;
#endif
}
static int SessRemSslSetupCb(WOLFSSL* ssl)
{
EXPECT_DECLS;
int* side;
if (SSL_is_server(ssl)) {
side = &sessRemCtx_Server;
serverSessRemCountMalloc++;
ExpectNotNull(serverSess = SSL_get1_session(ssl));
ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)),
SSL_SUCCESS);
}
else {
side = &sessRemCtx_Client;
clientSessRemCountMalloc++;
#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
!defined(NO_SESSION_CACHE_REF)
ExpectNotNull(clientSess = SSL_get1_session(ssl));
ExpectIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)),
SSL_SUCCESS);
#endif
}
ExpectIntEQ(SSL_SESSION_set_ex_data(SSL_get_session(ssl),
serverSessRemIdx, side), SSL_SUCCESS);
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_CTX_sess_set_remove_cb(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
/* Check that the remove callback gets called for external data in a
* session object */
test_ssl_cbf func_cb;
XMEMSET(&func_cb, 0, sizeof(func_cb));
func_cb.ctx_ready = SessRemCtxSetupCb;
func_cb.on_result = SessRemSslSetupCb;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb, &func_cb,
NULL), TEST_SUCCESS);
/* Both should have been allocated */
ExpectIntEQ(clientSessRemCountMalloc, 1);
ExpectIntEQ(serverSessRemCountMalloc, 1);
/* This should not be called yet. Session wasn't evicted from cache yet. */
ExpectIntEQ(clientSessRemCountFree, 0);
#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
!defined(NO_SESSION_CACHE_REF)
/* Force a cache lookup */
ExpectNotNull(SSL_SESSION_get_ex_data(clientSess, serverSessRemIdx));
/* Force a cache update */
ExpectNotNull(SSL_SESSION_set_ex_data(clientSess, serverSessRemIdx - 1, 0));
/* This should set the timeout to 0 and call the remove callback from within
* the session cache. */
ExpectIntEQ(SSL_CTX_remove_session(clientSessCtx, clientSess), 0);
ExpectNull(SSL_SESSION_get_ex_data(clientSess, serverSessRemIdx));
ExpectIntEQ(clientSessRemCountFree, 1);
#endif
/* Server session is in the cache so ex_data isn't free'd with the SSL
* object */
ExpectIntEQ(serverSessRemCountFree, 0);
/* Force a cache lookup */
ExpectNotNull(SSL_SESSION_get_ex_data(serverSess, serverSessRemIdx));
/* Force a cache update */
ExpectNotNull(SSL_SESSION_set_ex_data(serverSess, serverSessRemIdx - 1, 0));
/* This should set the timeout to 0 and call the remove callback from within
* the session cache. */
ExpectIntEQ(SSL_CTX_remove_session(serverSessCtx, serverSess), 0);
ExpectNull(SSL_SESSION_get_ex_data(serverSess, serverSessRemIdx));
ExpectIntEQ(serverSessRemCountFree, 1);
/* Need to free the references that we kept */
SSL_CTX_free(serverSessCtx);
SSL_SESSION_free(serverSess);
#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
!defined(NO_SESSION_CACHE_REF)
SSL_CTX_free(clientSessCtx);
SSL_SESSION_free(clientSess);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ticket_keys(void)
{
EXPECT_DECLS;
#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
!defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX* ctx = NULL;
byte keys[WOLFSSL_TICKET_KEYS_SZ];
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, 0),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_d2i_PUBKEY(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectNull(d2i_PUBKEY_bio(NULL, NULL));
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
/* RSA PUBKEY test */
ExpectIntGT(BIO_write(bio, client_keypub_der_2048,
sizeof_client_keypub_der_2048), 0);
ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#if defined(USE_CERT_BUFFERS_256) && defined(HAVE_ECC)
/* ECC PUBKEY test */
ExpectIntGT(BIO_write(bio, ecc_clikeypub_der_256,
sizeof_ecc_clikeypub_der_256), 0);
ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DSA)
/* DSA PUBKEY test */
ExpectIntGT(BIO_write(bio, dsa_pub_key_der_2048,
sizeof_dsa_pub_key_der_2048), 0);
ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DH) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_DH_EXTRA)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION > 2))
/* DH PUBKEY test */
ExpectIntGT(BIO_write(bio, dh_pub_key_der_2048,
sizeof_dh_pub_key_der_2048), 0);
ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
pkey = NULL;
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* USE_CERT_BUFFERS_2048 && !NO_DH && && OPENSSL_EXTRA */
BIO_free(bio);
(void)pkey;
#endif
return EXPECT_RESULT();
}
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
static int test_wolfSSL_d2i_PrivateKeys_bio(void)
{
EXPECT_DECLS;
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
WOLFSSL_CTX* ctx = NULL;
#if defined(WOLFSSL_KEY_GEN)
unsigned char buff[4096];
unsigned char* bufPtr = buff;
#endif
/* test creating new EVP_PKEY with bad arg */
ExpectNull((pkey = d2i_PrivateKey_bio(NULL, NULL)));
/* test loading RSA key using BIO */
#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
{
XFILE file = XBADFILE;
const char* fname = "./certs/server-key.der";
size_t sz = 0;
byte* buf = NULL;
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
ExpectTrue((sz = XFTELL(file)) != 0);
ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
if (file != XBADFILE) {
XFCLOSE(file);
}
/* Test using BIO new mem and loading DER private key */
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
}
#endif
/* test loading ECC key using BIO */
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
{
XFILE file = XBADFILE;
const char* fname = "./certs/ecc-key.der";
size_t sz = 0;
byte* buf = NULL;
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
ExpectTrue((sz = XFTELL(file)) != 0);
ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
if (file != XBADFILE)
XFCLOSE(file);
/* Test using BIO new mem and loading DER private key */
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
}
#endif
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
#ifndef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
{
RSA* rsa = NULL;
/* Tests bad parameters */
ExpectNull(d2i_RSAPrivateKey_bio(NULL, NULL));
/* RSA not set yet, expecting to fail*/
rsa = wolfSSL_RSA_new();
ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_FAILURE);
wolfSSL_RSA_free(rsa);
rsa = NULL;
#if defined(USE_CERT_BUFFERS_2048) && defined(WOLFSSL_KEY_GEN)
/* set RSA using bio*/
ExpectIntGT(BIO_write(bio, client_key_der_2048,
sizeof_client_key_der_2048), 0);
ExpectNotNull(d2i_RSAPrivateKey_bio(bio, &rsa));
ExpectNotNull(rsa);
/* Tests bad parameters */
ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, NULL), BAD_FUNC_ARG);
ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(NULL, rsa), BAD_FUNC_ARG);
ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS);
/* i2d RSAprivate key tests */
ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 1192);
ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
sizeof_client_key_der_2048);
bufPtr -= sizeof_client_key_der_2048;
ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
sizeof_client_key_der_2048), 0);
bufPtr = NULL;
ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
sizeof_client_key_der_2048);
ExpectNotNull(bufPtr);
ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
sizeof_client_key_der_2048), 0);
XFREE(bufPtr, NULL, DYNAMIC_TYPE_OPENSSL);
RSA_free(rsa);
rsa = RSA_new();
ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 0);
#endif /* USE_CERT_BUFFERS_2048 WOLFSSL_KEY_GEN */
RSA_free(rsa);
}
#endif /* WOLFSSL_KEY_GEN && !NO_RSA */
SSL_CTX_free(ctx);
ctx = NULL;
BIO_free(bio);
bio = NULL;
return EXPECT_RESULT();
}
#endif /* OPENSSL_ALL || (WOLFSSL_ASIO && !NO_RSA) */
#endif /* !NO_BIO */
static int test_wolfSSL_sk_GENERAL_NAME(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA)
X509* x509 = NULL;
GENERAL_NAME* gn = NULL;
unsigned char buf[4096];
const unsigned char* bufPt = NULL;
int bytes = 0;
int i;
int j;
XFILE f = XBADFILE;
STACK_OF(GENERAL_NAME)* sk = NULL;
ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE);
ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
if (f != XBADFILE)
XFCLOSE(f);
for (j = 0; j < 2; ++j) {
bufPt = buf;
ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
NID_subject_alt_name, NULL, NULL));
ExpectIntEQ(sk_GENERAL_NAME_num(sk), 1);
for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) {
ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, i));
if (gn != NULL) {
switch (gn->type) {
case GEN_DNS:
fprintf(stderr, "found type GEN_DNS\n");
break;
case GEN_EMAIL:
fprintf(stderr, "found type GEN_EMAIL\n");
break;
case GEN_URI:
fprintf(stderr, "found type GEN_URI\n");
break;
}
}
}
X509_free(x509);
x509 = NULL;
if (j == 0) {
sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
}
else {
/*
* We had a bug where GENERAL_NAMES_free didn't free all the memory
* it was supposed to. This is a regression test for that bug.
*/
GENERAL_NAMES_free(sk);
}
sk = NULL;
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_GENERAL_NAME_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_BIO) && !defined(NO_RSA)
X509* x509 = NULL;
GENERAL_NAME* gn = NULL;
unsigned char buf[4096];
const unsigned char* bufPt = NULL;
int bytes;
XFILE f = XBADFILE;
STACK_OF(GENERAL_NAME)* sk = NULL;
BIO* out = NULL;
unsigned char outbuf[128];
X509_EXTENSION* ext = NULL;
AUTHORITY_INFO_ACCESS* aia = NULL;
ACCESS_DESCRIPTION* ad = NULL;
ASN1_IA5STRING *dnsname = NULL;
const unsigned char v4Addr[] = {192,168,53,1};
const unsigned char v6Addr[] =
{0x20, 0x21, 0x0d, 0xb8, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x77, 0x77};
const unsigned char email[] =
{'i', 'n', 'f', 'o', '@', 'w', 'o', 'l',
'f', 's', 's', 'l', '.', 'c', 'o', 'm'};
const char* dnsStr = "DNS:example.com";
const char* uriStr = "URI:http://127.0.0.1:22220";
const char* v4addStr = "IP Address:192.168.53.1";
const char* v6addStr = "IP Address:2021:DB8:0:0:0:FF00:42:7777";
const char* emailStr = "email:info@wolfssl.com";
const char* othrStr = "othername:<unsupported>";
const char* x400Str = "X400Name:<unsupported>";
const char* ediStr = "EdiPartyName:<unsupported>";
/* BIO to output */
ExpectNotNull(out = BIO_new(BIO_s_mem()));
/* test for NULL param */
gn = NULL;
ExpectIntEQ(GENERAL_NAME_print(NULL, NULL), 0);
ExpectIntEQ(GENERAL_NAME_print(NULL, gn), 0);
ExpectIntEQ(GENERAL_NAME_print(out, NULL), 0);
/* test for GEN_DNS */
ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE);
ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
bufPt = buf;
ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
NID_subject_alt_name, NULL, NULL));
ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, 0));
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf, 0, sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
gn = NULL;
sk = NULL;
X509_free(x509);
x509 = NULL;
/* Lets test for setting as well. */
ExpectNotNull(gn = GENERAL_NAME_new());
ExpectNotNull(dnsname = ASN1_IA5STRING_new());
ExpectIntEQ(ASN1_STRING_set(dnsname, "example.com", -1), 1);
GENERAL_NAME_set0_value(gn, GEN_DNS, dnsname);
dnsname = NULL;
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf, 0, sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
GENERAL_NAME_free(gn);
/* test for GEN_URI */
ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 4));
ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(
ext));
ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION *)wolfSSL_sk_value(aia, 0));
if (ad != NULL) {
gn = ad->location;
}
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
gn = NULL;
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0);
wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
aia = NULL;
aia = (AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext);
ExpectNotNull(aia);
AUTHORITY_INFO_ACCESS_pop_free(aia, NULL);
aia = NULL;
X509_free(x509);
x509 = NULL;
/* test for GEN_IPADD */
/* ip v4 address */
ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
if (gn != NULL) {
gn->type = GEN_IPADD;
if (gn->d.iPAddress != NULL) {
gn->d.iPAddress->length = sizeof(v4Addr);
}
}
ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v4Addr,
sizeof(v4Addr)), 1);
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, v4addStr, XSTRLEN(v4addStr)), 0);
GENERAL_NAME_free(gn);
gn = NULL;
/* ip v6 address */
ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
if (gn != NULL) {
gn->type = GEN_IPADD;
if (gn->d.iPAddress != NULL) {
gn->d.iPAddress->length = sizeof(v6Addr);
}
}
ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v6Addr,
sizeof(v6Addr)), 1);
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, v6addStr, XSTRLEN(v6addStr)), 0);
GENERAL_NAME_free(gn);
gn = NULL;
/* test for GEN_EMAIL */
ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
if (gn != NULL) {
gn->type = GEN_EMAIL;
if (gn->d.rfc822Name != NULL) {
gn->d.rfc822Name->length = sizeof(email);
}
}
ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.rfc822Name, email, sizeof(email)),
1);
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, emailStr, XSTRLEN(emailStr)), 0);
GENERAL_NAME_free(gn);
gn = NULL;
/* test for GEN_OTHERNAME */
ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
if (gn != NULL) {
gn->type = GEN_OTHERNAME;
}
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, othrStr, XSTRLEN(othrStr)), 0);
GENERAL_NAME_free(gn);
gn = NULL;
/* test for GEN_X400 */
ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
if (gn != NULL) {
gn->type = GEN_X400;
}
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, x400Str, XSTRLEN(x400Str)), 0);
/* Restore to GEN_IA5 (default) to avoid memory leak. */
if (gn != NULL) {
gn->type = GEN_IA5;
}
GENERAL_NAME_free(gn);
gn = NULL;
/* test for GEN_EDIPARTY */
ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
if (gn != NULL) {
gn->type = GEN_EDIPARTY;
}
ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
ExpectIntEQ(XSTRNCMP((const char*)outbuf, ediStr, XSTRLEN(ediStr)), 0);
/* Restore to GEN_IA5 (default) to avoid memory leak. */
if (gn != NULL) {
gn->type = GEN_IA5;
}
GENERAL_NAME_free(gn);
gn = NULL;
BIO_free(out);
#endif /* OPENSSL_ALL */
return EXPECT_RESULT();
}
static int test_wolfSSL_sk_DIST_POINT(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA)
X509* x509 = NULL;
unsigned char buf[4096];
const unsigned char* bufPt;
int bytes = 0;
int i = 0;
int j = 0;
XFILE f = XBADFILE;
DIST_POINT* dp = NULL;
DIST_POINT_NAME* dpn = NULL;
GENERAL_NAME* gn = NULL;
ASN1_IA5STRING* uri = NULL;
STACK_OF(DIST_POINT)* dps = NULL;
STACK_OF(GENERAL_NAME)* gns = NULL;
const char cliCertDerCrlDistPoint[] = "./certs/client-crl-dist.der";
ExpectTrue((f = XFOPEN(cliCertDerCrlDistPoint, "rb")) != XBADFILE);
ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
if (f != XBADFILE)
XFCLOSE(f);
bufPt = buf;
ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
ExpectNotNull(dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(x509,
NID_crl_distribution_points, NULL, NULL));
ExpectIntEQ(sk_DIST_POINT_num(dps), 1);
for (i = 0; i < sk_DIST_POINT_num(dps); i++) {
ExpectNotNull(dp = sk_DIST_POINT_value(dps, i));
ExpectNotNull(dpn = dp->distpoint);
/* this should be type 0, fullname */
ExpectIntEQ(dpn->type, 0);
ExpectNotNull(gns = dp->distpoint->name.fullname);
ExpectIntEQ(sk_GENERAL_NAME_num(gns), 1);
for (j = 0; j < sk_GENERAL_NAME_num(gns); j++) {
ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, j));
ExpectIntEQ(gn->type, GEN_URI);
ExpectNotNull(uri = gn->d.uniformResourceIdentifier);
ExpectNotNull(uri->data);
ExpectIntGT(uri->length, 0);
}
}
X509_free(x509);
CRL_DIST_POINTS_free(dps);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_verify_mode(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
SSL_free(ssl);
ssl = NULL;
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0);
ExpectIntEQ(SSL_CTX_get_verify_mode(ctx), SSL_VERIFY_PEER);
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
SSL_free(ssl);
ssl = NULL;
wolfSSL_CTX_set_verify(ctx,
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
ExpectIntEQ(SSL_get_verify_mode(ssl),
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
wolfSSL_set_verify(ssl, SSL_VERIFY_PEER, 0);
ExpectIntEQ(SSL_CTX_get_verify_mode(ctx),
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0);
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_EXCEPT_PSK, 0);
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_EXCEPT_PSK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
wolfSSL_set_verify(ssl, SSL_VERIFY_POST_HANDSHAKE, 0);
ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_POST_HANDSHAKE);
#endif
ExpectIntEQ(SSL_CTX_get_verify_mode(ctx),
WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_verify_depth(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
long depth;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0);
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx));
SSL_free(ssl);
ssl = NULL;
SSL_CTX_set_verify_depth(ctx, -1);
ExpectIntEQ(depth, SSL_CTX_get_verify_depth(ctx));
SSL_CTX_set_verify_depth(ctx, 2);
ExpectIntEQ(2, SSL_CTX_get_verify_depth(ctx));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(2, SSL_get_verify_depth(ssl));
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_verify_result(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(OPENSSL_ALL)) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
long result = 0xDEADBEEF;
ExpectIntEQ(WOLFSSL_FAILURE, wolfSSL_get_verify_result(ssl));
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = SSL_new(ctx));
wolfSSL_set_verify_result(ssl, result);
ExpectIntEQ(result, wolfSSL_get_verify_result(ssl));
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
static void sslMsgCb(int w, int version, int type, const void* buf,
size_t sz, SSL* ssl, void* arg)
{
int i;
unsigned char* pt = (unsigned char*)buf;
fprintf(stderr, "%s %d bytes of version %d , type %d : ",
(w)?"Writing":"Reading", (int)sz, version, type);
for (i = 0; i < (int)sz; i++) fprintf(stderr, "%02X", pt[i]);
fprintf(stderr, "\n");
(void)ssl;
(void)arg;
}
#endif /* OPENSSL_EXTRA */
static int test_wolfSSL_msg_callback(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS);
ExpectIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS);
ExpectIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE);
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
/* test_EVP_Cipher_extra, Extra-test on EVP_CipherUpdate/Final. see also test.c */
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) &&\
(!defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128))
static void binary_dump(void *ptr, int size)
{
#ifdef WOLFSSL_EVP_PRINT
int i = 0;
unsigned char *p = (unsigned char *) ptr;
fprintf(stderr, "{");
while ((p != NULL) && (i < size)) {
if ((i % 8) == 0) {
fprintf(stderr, "\n");
fprintf(stderr, " ");
}
fprintf(stderr, "0x%02x, ", p[i]);
i++;
}
fprintf(stderr, "\n};\n");
#else
(void) ptr;
(void) size;
#endif
}
static int last_val = 0x0f;
static int check_result(unsigned char *data, int len)
{
int i;
for ( ; len; ) {
last_val = (last_val + 1) % 16;
for (i = 0; i < 16; len--, i++, data++)
if (*data != last_val) {
return -1;
}
}
return 0;
}
static int r_offset;
static int w_offset;
static void init_offset(void)
{
r_offset = 0;
w_offset = 0;
}
static void get_record(unsigned char *data, unsigned char *buf, int len)
{
XMEMCPY(buf, data+r_offset, len);
r_offset += len;
}
static void set_record(unsigned char *data, unsigned char *buf, int len)
{
XMEMCPY(data+w_offset, buf, len);
w_offset += len;
}
static void set_plain(unsigned char *plain, int rec)
{
int i, j;
unsigned char *p = plain;
#define BLOCKSZ 16
for (i=0; i<(rec/BLOCKSZ); i++) {
for (j=0; j<BLOCKSZ; j++)
*p++ = (i % 16);
}
}
#endif
static int test_wolfSSL_EVP_Cipher_extra(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) &&\
(!defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128))
/* aes128-cbc, keylen=16, ivlen=16 */
byte aes128_cbc_key[] = {
0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef,
0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef,
};
byte aes128_cbc_iv[] = {
0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88,
0x99, 0x00, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
};
/* teset data size table */
int test_drive1[] = {8, 3, 5, 512, 8, 3, 8, 512, 0};
int test_drive2[] = {8, 3, 8, 512, 0};
int test_drive3[] = {512, 512, 504, 512, 512, 8, 512, 0};
int *test_drive[] = {test_drive1, test_drive2, test_drive3, NULL};
int test_drive_len[100];
int ret = 0;
EVP_CIPHER_CTX *evp = NULL;
int ilen = 0;
int klen = 0;
int i, j;
const EVP_CIPHER *type;
byte *iv;
byte *key;
int ivlen;
int keylen;
#define RECORDS 16
#define BUFFSZ 512
byte plain [BUFFSZ * RECORDS];
byte cipher[BUFFSZ * RECORDS];
byte inb[BUFFSZ];
byte outb[BUFFSZ+16];
int outl = 0;
int inl;
iv = aes128_cbc_iv;
ivlen = sizeof(aes128_cbc_iv);
key = aes128_cbc_key;
keylen = sizeof(aes128_cbc_key);
type = EVP_aes_128_cbc();
set_plain(plain, BUFFSZ * RECORDS);
SSL_library_init();
ExpectNotNull(evp = EVP_CIPHER_CTX_new());
ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
klen = EVP_CIPHER_CTX_key_length(evp);
if (klen > 0 && keylen != klen) {
ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
}
ilen = EVP_CIPHER_CTX_iv_length(evp);
if (ilen > 0 && ivlen != ilen) {
ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
}
ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
for (j = 0; j<RECORDS; j++)
{
inl = BUFFSZ;
get_record(plain, inb, inl);
ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, inb, inl)), 0);
set_record(cipher, outb, outl);
}
for (i = 0; test_drive[i]; i++) {
ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
init_offset();
test_drive_len[i] = 0;
for (j = 0; test_drive[i][j]; j++)
{
inl = test_drive[i][j];
test_drive_len[i] += inl;
get_record(plain, inb, inl);
ExpectIntNE((ret = EVP_EncryptUpdate(evp, outb, &outl, inb, inl)),
0);
/* output to cipher buffer, so that following Dec test can detect
if any error */
set_record(cipher, outb, outl);
}
EVP_CipherFinal(evp, outb, &outl);
if (outl > 0)
set_record(cipher, outb, outl);
}
for (i = 0; test_drive[i]; i++) {
last_val = 0x0f;
ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 0)), 0);
init_offset();
for (j = 0; test_drive[i][j]; j++) {
inl = test_drive[i][j];
get_record(cipher, inb, inl);
ExpectIntNE((ret = EVP_DecryptUpdate(evp, outb, &outl, inb, inl)),
0);
binary_dump(outb, outl);
ExpectIntEQ((ret = check_result(outb, outl)), 0);
ExpectFalse(outl > ((inl/16+1)*16) && outl > 16);
}
ret = EVP_CipherFinal(evp, outb, &outl);
binary_dump(outb, outl);
ret = (((test_drive_len[i] % 16) != 0) && (ret == 0)) ||
(((test_drive_len[i] % 16) == 0) && (ret == 1));
ExpectTrue(ret);
}
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(evp), WOLFSSL_SUCCESS);
EVP_CIPHER_CTX_free(evp);
evp = NULL;
/* Do an extra test to verify correct behavior with empty input. */
ExpectNotNull(evp = EVP_CIPHER_CTX_new());
ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
klen = EVP_CIPHER_CTX_key_length(evp);
if (klen > 0 && keylen != klen) {
ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
}
ilen = EVP_CIPHER_CTX_iv_length(evp);
if (ilen > 0 && ivlen != ilen) {
ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
}
ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
/* outl should be set to 0 after passing NULL, 0 for input args. */
outl = -1;
ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, NULL, 0)), 0);
ExpectIntEQ(outl, 0);
EVP_CIPHER_CTX_free(evp);
#endif /* test_EVP_Cipher */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_DHparams(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && \
!defined(NO_FILESYSTEM)
DH* dh = NULL;
XFILE fp = XBADFILE;
unsigned char derOut[300];
unsigned char* derOutBuf = derOut;
int derOutSz = 0;
unsigned char derExpected[300];
int derExpectedSz = 0;
XMEMSET(derOut, 0, sizeof(derOut));
XMEMSET(derExpected, 0, sizeof(derExpected));
/* open DH param file, read into DH struct */
ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE);
/* bad args */
ExpectNull(dh = PEM_read_DHparams(NULL, &dh, NULL, NULL));
ExpectNull(dh = PEM_read_DHparams(NULL, NULL, NULL, NULL));
/* good args */
ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
/* read in certs/dh2048.der for comparison against exported params */
ExpectTrue((fp = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE);
ExpectIntGT(derExpectedSz = (int)XFREAD(derExpected, 1, sizeof(derExpected),
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
/* export DH back to DER and compare */
derOutSz = wolfSSL_i2d_DHparams(dh, &derOutBuf);
ExpectIntEQ(derOutSz, derExpectedSz);
ExpectIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0);
DH_free(dh);
dh = NULL;
/* Test parsing with X9.42 header */
ExpectTrue((fp = XFOPEN("./certs/x942dh2048.pem", "rb")) != XBADFILE);
ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
if (fp != XBADFILE)
XFCLOSE(fp);
DH_free(dh);
dh = NULL;
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_serialNumber(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
ASN1_INTEGER* a = NULL;
BIGNUM* bn = NULL;
X509* x509 = NULL;
char *serialHex = NULL;
byte serial[3];
int serialSz;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(a = X509_get_serialNumber(x509));
/* check on value of ASN1 Integer */
ExpectNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
a = NULL;
/* test setting serial number and then retrieving it */
ExpectNotNull(a = ASN1_INTEGER_new());
ExpectIntEQ(ASN1_INTEGER_set(a, 3), 1);
ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
serialSz = sizeof(serial);
ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(serialSz, 1);
ExpectIntEQ(serial[0], 3);
ASN1_INTEGER_free(a);
a = NULL;
/* test setting serial number with 0's in it */
serial[0] = 0x01;
serial[1] = 0x00;
serial[2] = 0x02;
ExpectNotNull(a = wolfSSL_ASN1_INTEGER_new());
if (a != NULL) {
a->data[0] = ASN_INTEGER;
a->data[1] = sizeof(serial);
XMEMCPY(&a->data[2], serial, sizeof(serial));
a->length = sizeof(serial) + 2;
}
ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
XMEMSET(serial, 0, sizeof(serial));
serialSz = sizeof(serial);
ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(serialSz, 3);
ExpectIntEQ(serial[0], 0x01);
ExpectIntEQ(serial[1], 0x00);
ExpectIntEQ(serial[2], 0x02);
ASN1_INTEGER_free(a);
a = NULL;
X509_free(x509); /* free's a */
ExpectNotNull(serialHex = BN_bn2hex(bn));
#ifndef WC_DISABLE_RADIX_ZERO_PAD
ExpectStrEQ(serialHex, "01");
#else
ExpectStrEQ(serialHex, "1");
#endif
OPENSSL_free(serialHex);
ExpectIntEQ(BN_get_word(bn), 1);
BN_free(bn);
/* hard test free'ing with dynamic buffer to make sure there is no leaks */
ExpectNotNull(a = ASN1_INTEGER_new());
if (a != NULL) {
ExpectNotNull(a->data = (unsigned char*)XMALLOC(100, NULL,
DYNAMIC_TYPE_OPENSSL));
a->isDynamic = 1;
ASN1_INTEGER_free(a);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OpenSSL_add_all_algorithms(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
ExpectIntEQ(wolfSSL_add_all_algorithms(), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(), WOLFSSL_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OPENSSL_hexstr2buf(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#define MAX_HEXSTR_BUFSZ 9
#define NUM_CASES 5
struct Output {
const unsigned char buffer[MAX_HEXSTR_BUFSZ];
long ret;
};
int i;
int j;
const char* inputs[NUM_CASES] = {
"aabcd1357e",
"01:12:23:34:a5:b6:c7:d8:e9",
":01:02",
"012",
":ab:ac:d"
};
struct Output expectedOutputs[NUM_CASES] = {
{{0xaa, 0xbc, 0xd1, 0x35, 0x7e}, 5},
{{0x01, 0x12, 0x23, 0x34, 0xa5, 0xb6, 0xc7, 0xd8, 0xe9}, 9},
{{0x01, 0x02}, 2},
{{0x00}, 0},
{{0x00}, 0}
};
long len = 0;
unsigned char* returnedBuf = NULL;
for (i = 0; i < NUM_CASES && !EXPECT_FAIL(); ++i) {
returnedBuf = wolfSSL_OPENSSL_hexstr2buf(inputs[i], &len);
if (returnedBuf == NULL) {
ExpectIntEQ(expectedOutputs[i].ret, 0);
continue;
}
ExpectIntEQ(expectedOutputs[i].ret, len);
for (j = 0; j < len; ++j) {
ExpectIntEQ(expectedOutputs[i].buffer[j], returnedBuf[j]);
}
OPENSSL_free(returnedBuf);
returnedBuf = NULL;
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_CA_num(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
defined(HAVE_ECC) && !defined(NO_RSA)
WOLFSSL_X509_STORE *store = NULL;
WOLFSSL_X509 *x509_1 = NULL;
WOLFSSL_X509 *x509_2 = NULL;
int ca_num = 0;
ExpectNotNull(store = wolfSSL_X509_STORE_new());
ExpectNotNull(x509_1 = wolfSSL_X509_load_certificate_file(svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_1), 1);
ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 1);
ExpectNotNull(x509_2 = wolfSSL_X509_load_certificate_file(eccCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_2), 1);
ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 2);
wolfSSL_X509_free(x509_1);
wolfSSL_X509_free(x509_2);
wolfSSL_X509_STORE_free(store);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_ca(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
WOLFSSL_X509 *x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_X509_check_ca(x509), 1);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_ip_asc(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
WOLFSSL_X509 *x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
WOLFSSL_FILETYPE_PEM));
#if 0
/* TODO: add cert gen for testing positive case */
ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.0.0.1", 0), 1);
#endif
ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "0.0.0.0", 0), 0);
ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, NULL, 0), 0);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_make_cert(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT)
int ret = 0;
Cert cert;
CertName name;
RsaKey key;
WC_RNG rng;
byte der[FOURK_BUF];
word32 idx = 0;
const byte mySerial[8] = {1,2,3,4,5,6,7,8};
#ifdef OPENSSL_EXTRA
const unsigned char* pt = NULL;
int certSz = 0;
X509* x509 = NULL;
X509_NAME* x509name = NULL;
X509_NAME_ENTRY* entry = NULL;
ASN1_STRING* entryValue = NULL;
#endif
XMEMSET(&name, 0, sizeof(CertName));
/* set up cert name */
XMEMCPY(name.country, "US", sizeof("US"));
name.countryEnc = CTC_PRINTABLE;
XMEMCPY(name.state, "Oregon", sizeof("Oregon"));
name.stateEnc = CTC_UTF8;
XMEMCPY(name.locality, "Portland", sizeof("Portland"));
name.localityEnc = CTC_UTF8;
XMEMCPY(name.sur, "Test", sizeof("Test"));
name.surEnc = CTC_UTF8;
XMEMCPY(name.org, "wolfSSL", sizeof("wolfSSL"));
name.orgEnc = CTC_UTF8;
XMEMCPY(name.unit, "Development", sizeof("Development"));
name.unitEnc = CTC_UTF8;
XMEMCPY(name.commonName, "www.wolfssl.com", sizeof("www.wolfssl.com"));
name.commonNameEnc = CTC_UTF8;
XMEMCPY(name.serialDev, "wolfSSL12345", sizeof("wolfSSL12345"));
name.serialDevEnc = CTC_PRINTABLE;
XMEMCPY(name.userId, "TestUserID", sizeof("TestUserID"));
name.userIdEnc = CTC_PRINTABLE;
#ifdef WOLFSSL_MULTI_ATTRIB
#if CTC_MAX_ATTRIB > 2
{
NameAttrib* n;
n = &name.name[0];
n->id = ASN_DOMAIN_COMPONENT;
n->type = CTC_UTF8;
n->sz = sizeof("com");
XMEMCPY(n->value, "com", sizeof("com"));
n = &name.name[1];
n->id = ASN_DOMAIN_COMPONENT;
n->type = CTC_UTF8;
n->sz = sizeof("wolfssl");
XMEMCPY(n->value, "wolfssl", sizeof("wolfssl"));
}
#endif
#endif /* WOLFSSL_MULTI_ATTRIB */
ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
#ifndef HAVE_FIPS
ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
#else
ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
/* load test RSA key */
idx = 0;
#if defined(USE_CERT_BUFFERS_1024)
ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_1024, &idx, &key,
sizeof_server_key_der_1024), 0);
#elif defined(USE_CERT_BUFFERS_2048)
ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key,
sizeof_server_key_der_2048), 0);
#else
/* error case, no RSA key loaded, happens later */
(void)idx;
#endif
XMEMSET(&cert, 0 , sizeof(Cert));
ExpectIntEQ(wc_InitCert(&cert), 0);
XMEMCPY(&cert.subject, &name, sizeof(CertName));
XMEMCPY(cert.serial, mySerial, sizeof(mySerial));
cert.serialSz = (int)sizeof(mySerial);
cert.isCA = 1;
#ifndef NO_SHA256
cert.sigType = CTC_SHA256wRSA;
#else
cert.sigType = CTC_SHAwRSA;
#endif
/* add SKID from the Public Key */
ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey(&cert, &key, NULL), 0);
/* add AKID from the Public Key */
ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey(&cert, &key, NULL), 0);
ret = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret >= 0) {
ret = wc_MakeSelfCert(&cert, der, FOURK_BUF, &key, &rng);
}
} while (ret == WC_PENDING_E);
ExpectIntGT(ret, 0);
#ifdef OPENSSL_EXTRA
/* der holds a certificate with DC's now check X509 parsing of it */
certSz = ret;
pt = der;
ExpectNotNull(x509 = d2i_X509(NULL, &pt, certSz));
ExpectNotNull(x509name = X509_get_subject_name(x509));
#ifdef WOLFSSL_MULTI_ATTRIB
ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
-1)), 5);
ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
(int)idx)), 6);
ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
(int)idx)), -1);
#endif /* WOLFSSL_MULTI_ATTRIB */
/* compare DN at index 0 */
ExpectNotNull(entry = X509_NAME_get_entry(x509name, 0));
ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
ExpectIntEQ(ASN1_STRING_length(entryValue), 2);
ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "US");
#ifndef WOLFSSL_MULTI_ATTRIB
/* compare Serial Number */
ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_serialNumber,
-1)), 7);
ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
ExpectIntEQ(ASN1_STRING_length(entryValue), XSTRLEN("wolfSSL12345"));
ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "wolfSSL12345");
#endif
#ifdef WOLFSSL_MULTI_ATTRIB
/* get first and second DC and compare result */
ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
-1)), 5);
ExpectNotNull(entry = X509_NAME_get_entry(x509name, (int)idx));
ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "com");
ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
(int)idx)), 6);
ExpectNotNull(entry = X509_NAME_get_entry(x509name, (int)idx));
ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "wolfssl");
#endif /* WOLFSSL_MULTI_ATTRIB */
/* try invalid index locations for regression test and sanity check */
ExpectNull(entry = X509_NAME_get_entry(x509name, 11));
ExpectNull(entry = X509_NAME_get_entry(x509name, 20));
X509_free(x509);
#endif /* OPENSSL_EXTRA */
wc_FreeRsaKey(&key);
wc_FreeRng(&rng);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_version(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
WOLFSSL_X509 *x509 = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ((int)wolfSSL_X509_get_version(x509), 2);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL)
static int test_wolfSSL_sk_CIPHER_description(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA)
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
int i;
int numCiphers = 0;
const SSL_METHOD *method = NULL;
const SSL_CIPHER *cipher = NULL;
STACK_OF(SSL_CIPHER) *supportedCiphers = NULL;
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
char buf[256];
char test_str[9] = "0000000";
const char badStr[] = "unknown";
const char certPath[] = "./certs/client-cert.pem";
XMEMSET(buf, 0, sizeof(buf));
ExpectNotNull(method = TLSv1_2_client_method());
ExpectNotNull(ctx = SSL_CTX_new(method));
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_set_options(ctx, flags);
ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
WOLFSSL_SUCCESS);
ExpectNotNull(ssl = SSL_new(ctx));
/* SSL_get_ciphers returns a stack of all configured ciphers
* A flag, getCipherAtOffset, is set to later have SSL_CIPHER_description
*/
ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl));
/* loop through the amount of supportedCiphers */
numCiphers = sk_num(supportedCiphers);
for (i = 0; i < numCiphers; ++i) {
int j;
/* sk_value increments "sk->data.cipher->cipherOffset".
* wolfSSL_sk_CIPHER_description sets the description for
* the cipher based on the provided offset.
*/
if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) {
SSL_CIPHER_description(cipher, buf, sizeof(buf));
}
/* Search cipher description string for "unknown" descriptor */
for (j = 0; j < (int)XSTRLEN(buf); j++) {
int k = 0;
while ((k < (int)XSTRLEN(badStr)) && (buf[j] == badStr[k])) {
test_str[k] = badStr[k];
j++;
k++;
}
}
/* Fail if test_str == badStr == "unknown" */
ExpectStrNE(test_str,badStr);
}
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_get_ciphers_compat(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA)
const SSL_METHOD *method = NULL;
const char certPath[] = "./certs/client-cert.pem";
STACK_OF(SSL_CIPHER) *supportedCiphers = NULL;
SSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
ExpectNotNull(method = SSLv23_client_method());
ExpectNotNull(ctx = SSL_CTX_new(method));
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_set_options(ctx, flags);
ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
WOLFSSL_SUCCESS);
ExpectNotNull(ssl = SSL_new(ctx));
/* Test Bad NULL input */
ExpectNull(supportedCiphers = SSL_get_ciphers(NULL));
/* Test for Good input */
ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl));
/* Further usage of SSL_get_ciphers/wolfSSL_get_ciphers_compat is
* tested in test_wolfSSL_sk_CIPHER_description according to Qt usage */
SSL_free(ssl);
SSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_get(void)
{
EXPECT_DECLS;
WOLFSSL_X509_PUBKEY pubkey;
WOLFSSL_X509_PUBKEY* key;
WOLFSSL_EVP_PKEY evpkey ;
WOLFSSL_EVP_PKEY* evpPkey;
WOLFSSL_EVP_PKEY* retEvpPkey;
XMEMSET(&pubkey, 0, sizeof(WOLFSSL_X509_PUBKEY));
XMEMSET(&evpkey, 0, sizeof(WOLFSSL_EVP_PKEY));
key = &pubkey;
evpPkey = &evpkey;
evpPkey->type = WOLFSSL_SUCCESS;
key->pkey = evpPkey;
ExpectNotNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
ExpectIntEQ(retEvpPkey->type, WOLFSSL_SUCCESS);
ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(NULL));
key->pkey = NULL;
ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
{
EXPECT_DECLS;
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
DSA *dsa = NULL;
DSA *setDsa = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY *set1Pkey = NULL;
SHA_CTX sha;
byte signature[DSA_SIG_SIZE];
byte hash[WC_SHA_DIGEST_SIZE];
word32 bytes;
int answer;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* dsaKeyDer = dsa_key_der_1024;
int dsaKeySz = sizeof_dsa_key_der_1024;
byte tmp[ONEK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
bytes = dsaKeySz;
#elif defined(USE_CERT_BUFFERS_2048)
const unsigned char* dsaKeyDer = dsa_key_der_2048;
int dsaKeySz = sizeof_dsa_key_der_2048;
byte tmp[TWOK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
bytes = (word32)dsaKeySz;
#else
byte tmp[TWOK_BUF];
const unsigned char* dsaKeyDer = (const unsigned char*)tmp;
int dsaKeySz;
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
ExpectIntGT(dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
/* Create hash to later Sign and Verify */
ExpectIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS);
ExpectIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS);
ExpectIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS);
/* Initialize pkey with der format dsa key */
ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
(long)dsaKeySz));
/* Test wolfSSL_EVP_PKEY_get1_DSA */
/* Should Fail: NULL argument */
ExpectNull(dsa = EVP_PKEY_get0_DSA(NULL));
ExpectNull(dsa = EVP_PKEY_get1_DSA(NULL));
/* Should Pass: Initialized pkey argument */
ExpectNotNull(dsa = EVP_PKEY_get0_DSA(pkey));
ExpectNotNull(dsa = EVP_PKEY_get1_DSA(pkey));
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(DSA_bits(dsa), 1024);
#else
ExpectIntEQ(DSA_bits(dsa), 2048);
#endif
/* Sign */
ExpectIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS);
/* Verify. */
ExpectIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer),
WOLFSSL_SUCCESS);
/* Test wolfSSL_EVP_PKEY_set1_DSA */
/* Should Fail: set1Pkey not initialized */
ExpectIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
/* Initialize set1Pkey */
set1Pkey = EVP_PKEY_new();
/* Should Fail Verify: setDsa not initialized from set1Pkey */
ExpectIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer),
WOLFSSL_SUCCESS);
/* Should Pass: set dsa into set1Pkey */
ExpectIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
DSA_free(dsa);
DSA_free(setDsa);
EVP_PKEY_free(pkey);
EVP_PKEY_free(set1Pkey);
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
return EXPECT_RESULT();
} /* END test_EVP_PKEY_set1_get1_DSA */
static int test_wolfSSL_DSA_generate_parameters(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FIPS)
DSA *dsa = NULL;
ExpectNotNull(dsa = DSA_generate_parameters(2048, NULL, 0, NULL, NULL, NULL,
NULL));
DSA_free(dsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DSA_SIG(void)
{
EXPECT_DECLS;
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FIPS)
DSA *dsa = NULL;
DSA *dsa2 = NULL;
DSA_SIG *sig = NULL;
const BIGNUM *p = NULL;
const BIGNUM *q = NULL;
const BIGNUM *g = NULL;
const BIGNUM *pub = NULL;
const BIGNUM *priv = NULL;
BIGNUM *dup_p = NULL;
BIGNUM *dup_q = NULL;
BIGNUM *dup_g = NULL;
BIGNUM *dup_pub = NULL;
BIGNUM *dup_priv = NULL;
const byte digest[WC_SHA_DIGEST_SIZE] = {0};
ExpectNotNull(dsa = DSA_new());
ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048, NULL, 0, NULL, NULL,
NULL), 1);
ExpectIntEQ(DSA_generate_key(dsa), 1);
DSA_get0_pqg(dsa, &p, &q, &g);
DSA_get0_key(dsa, &pub, &priv);
ExpectNotNull(dup_p = BN_dup(p));
ExpectNotNull(dup_q = BN_dup(q));
ExpectNotNull(dup_g = BN_dup(g));
ExpectNotNull(dup_pub = BN_dup(pub));
ExpectNotNull(dup_priv = BN_dup(priv));
ExpectNotNull(sig = DSA_do_sign(digest, sizeof(digest), dsa));
ExpectNotNull(dsa2 = DSA_new());
ExpectIntEQ(DSA_set0_pqg(dsa2, dup_p, dup_q, dup_g), 1);
if (EXPECT_FAIL()) {
BN_free(dup_p);
BN_free(dup_q);
BN_free(dup_g);
}
ExpectIntEQ(DSA_set0_key(dsa2, dup_pub, dup_priv), 1);
if (EXPECT_FAIL()) {
BN_free(dup_pub);
BN_free(dup_priv);
}
ExpectIntEQ(DSA_do_verify(digest, sizeof(digest), sig, dsa2), 1);
DSA_free(dsa);
DSA_free(dsa2);
DSA_SIG_free(sig);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY (void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
WOLFSSL_EC_KEY* ecKey = NULL;
WOLFSSL_EC_KEY* ecGet1 = NULL;
EVP_PKEY* pkey = NULL;
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
/* Test wolfSSL_EVP_PKEY_set1_EC_KEY */
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
/* Should fail since ecKey is empty */
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
/* Test wolfSSL_EVP_PKEY_get1_EC_KEY */
ExpectNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL));
ExpectNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey));
wolfSSL_EC_KEY_free(ecKey);
wolfSSL_EC_KEY_free(ecGet1);
EVP_PKEY_free(pkey);
#endif /* HAVE_ECC */
return EXPECT_RESULT();
} /* END test_EVP_PKEY_set1_get1_EC_KEY */
static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH *dh = NULL;
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
const char* dh2048 = "./certs/dh2048.der";
long len = 0;
int code = -1;
XMEMSET(buf, 0, sizeof(buf));
ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
/* Load dh2048.der into DH with internal format */
ExpectNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS);
ExpectIntEQ(code, 0);
code = -1;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
/* Set DH into PKEY */
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
/* Get DH from PKEY */
ExpectNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey));
ExpectIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS);
ExpectIntEQ(code, 0);
EVP_PKEY_free(pkey);
DH_free(setDh);
setDh = NULL;
DH_free(dh);
dh = NULL;
#endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
return EXPECT_RESULT();
} /* END test_EVP_PKEY_set1_get1_DH */
static int test_wolfSSL_CTX_ctrl(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
char caFile[] = "./certs/client-ca.pem";
char clientFile[] = "./certs/client-cert.pem";
SSL_CTX* ctx = NULL;
X509* x509 = NULL;
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
byte buf[6000];
char file[] = "./certs/dsaparams.pem";
XFILE f = XBADFILE;
int bytes = 0;
BIO* bio = NULL;
DSA* dsa = NULL;
DH* dh = NULL;
#endif
#ifdef HAVE_ECC
WOLFSSL_EC_KEY* ecKey = NULL;
#endif
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_X509_free(x509);
}
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(clientFile,
WOLFSSL_FILETYPE_PEM));
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
/* Initialize DH */
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL));
ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa));
#endif
#ifdef HAVE_ECC
/* Initialize WOLFSSL_EC_KEY */
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
#endif
/* additional test of getting EVP_PKEY key size from X509
* Do not run with user RSA because wolfSSL_RSA_size is not currently
* allowed with user RSA */
{
EVP_PKEY* pkey = NULL;
#if defined(HAVE_ECC)
X509* ecX509 = NULL;
#endif /* HAVE_ECC */
ExpectNotNull(pkey = X509_get_pubkey(x509));
/* current RSA key is 2048 bit (256 bytes) */
ExpectIntEQ(EVP_PKEY_size(pkey), 256);
EVP_PKEY_free(pkey);
pkey = NULL;
#if defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
SSL_FILETYPE_ASN1));
#else
ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
cliEccCertFile, SSL_FILETYPE_PEM));
#endif
ExpectNotNull(pkey = X509_get_pubkey(ecX509));
/* current ECC key is 256 bit (32 bytes) */
ExpectIntEQ(EVP_PKEY_size(pkey), 32);
X509_free(ecX509);
EVP_PKEY_free(pkey);
#endif /* HAVE_ECC */
}
/* Tests should fail with passed in NULL pointer */
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, NULL),
SSL_FAILURE);
#if !defined(NO_DH) && !defined(NO_DSA)
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, NULL),
SSL_FAILURE);
#endif
#ifdef HAVE_ECC
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, NULL),
SSL_FAILURE);
#endif
/* Test with SSL_CTRL_EXTRA_CHAIN_CERT
* wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_add_extra_chain_cert
*/
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509),
SSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_X509_free(x509);
}
/* Test with SSL_CTRL_OPTIONS
* wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_set_options
*/
ExpectTrue(wolfSSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, SSL_OP_NO_TLSv1,
NULL) == SSL_OP_NO_TLSv1);
ExpectTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1);
/* Test with SSL_CTRL_SET_TMP_DH
* wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_dh
*/
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh),
SSL_SUCCESS);
#endif
/* Test with SSL_CTRL_SET_TMP_ECDH
* wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_ecdh
*/
#ifdef HAVE_ECC
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecKey),
SSL_SUCCESS);
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
ExpectNull(SSL_CTX_get_default_passwd_cb(ctx));
ExpectNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
#endif
/* Test for min/max proto */
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
0, NULL), SSL_SUCCESS);
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
TLS1_2_VERSION, NULL), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
#endif
#ifdef WOLFSSL_TLS13
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
0, NULL), SSL_SUCCESS);
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
TLS1_3_VERSION, NULL), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_3_VERSION);
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
TLS1_2_VERSION, NULL), SSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION);
#endif
#endif
/* Cleanup and Pass */
#if !defined(NO_DH) && !defined(NO_DSA)
#ifndef NO_BIO
BIO_free(bio);
DSA_free(dsa);
DH_free(dh);
dh = NULL;
#endif
#endif
#ifdef HAVE_ECC
wolfSSL_EC_KEY_free(ecKey);
#endif
SSL_CTX_free(ctx);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_assign(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) || !defined(NO_DSA) || defined(HAVE_ECC)
int type;
WOLFSSL_EVP_PKEY* pkey = NULL;
#ifndef NO_RSA
WOLFSSL_RSA* rsa = NULL;
#endif
#ifndef NO_DSA
WOLFSSL_DSA* dsa = NULL;
#endif
#ifdef HAVE_ECC
WOLFSSL_EC_KEY* ecKey = NULL;
#endif
#ifndef NO_RSA
type = EVP_PKEY_RSA;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(rsa = wolfSSL_RSA_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, rsa), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, rsa), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, rsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_RSA_free(rsa);
}
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif /* NO_RSA */
#ifndef NO_DSA
type = EVP_PKEY_DSA;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dsa = wolfSSL_DSA_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, dsa), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, dsa), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, dsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_DSA_free(dsa);
}
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif /* NO_DSA */
#ifdef HAVE_ECC
type = EVP_PKEY_EC;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_EC_KEY_free(ecKey);
}
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif /* HAVE_ECC */
#endif /* !NO_RSA || !NO_DSA || HAVE_ECC */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_assign_DH(void)
{
EXPECT_DECLS;
#if !defined(NO_DH) && \
!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
const char* params1 = "./certs/dh2048.der";
long len = 0;
WOLFSSL_DH* dh = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
XMEMSET(buf, 0, sizeof(buf));
/* Load DH parameters DER. */
ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
/* Bad cases */
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WOLFSSL_FAILURE);
/* Good case */
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_DH_free(dh);
}
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_base_id(void)
{
EXPECT_DECLS;
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef);
ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA);
EVP_PKEY_free(pkey);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_id(void)
{
EXPECT_DECLS;
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA);
EVP_PKEY_free(pkey);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_paramgen(void)
{
EXPECT_DECLS;
/* ECC check taken from ecc.c. It is the condition that defines ECC256 */
#if defined(OPENSSL_ALL) && !defined(NO_ECC_SECP) && \
((!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 256)
EVP_PKEY_CTX* ctx = NULL;
EVP_PKEY* pkey = NULL;
/* Test error conditions. */
ExpectIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WOLFSSL_FAILURE);
ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
ExpectIntEQ(EVP_PKEY_paramgen(ctx, NULL), WOLFSSL_FAILURE);
#ifndef NO_RSA
EVP_PKEY_CTX_free(ctx);
/* Parameter generation for RSA not supported yet. */
ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_FAILURE);
#endif
#ifdef HAVE_ECC
EVP_PKEY_CTX_free(ctx);
ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
ExpectIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx,
NID_X9_62_prime256v1), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
#endif
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_keygen(void)
{
EXPECT_DECLS;
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
WOLFSSL_EVP_PKEY* params = NULL;
DH* dh = NULL;
const BIGNUM* pubkey = NULL;
const BIGNUM* privkey = NULL;
ASN1_INTEGER* asn1int = NULL;
unsigned int length = 0;
byte* derBuffer = NULL;
#endif
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
/* Bad cases */
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), BAD_FUNC_ARG);
/* Good case */
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0);
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
/* Test DH keygen */
{
ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dh = DH_get_2048_256());
ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
ExpectNotNull(ctx = EVP_PKEY_CTX_new(params, NULL));
ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
DH_free(dh);
dh = NULL;
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(params);
/* try exporting generated key to DER, to verify */
ExpectNotNull(dh = EVP_PKEY_get1_DH(pkey));
DH_get0_key(dh, &pubkey, &privkey);
ExpectNotNull(pubkey);
ExpectNotNull(privkey);
ExpectNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL));
ExpectIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0);
ASN1_INTEGER_free(asn1int);
DH_free(dh);
dh = NULL;
XFREE(derBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
EVP_PKEY_free(pkey);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_keygen_init(void)
{
EXPECT_DECLS;
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(NULL), WOLFSSL_SUCCESS);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_missing_parameters(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB)
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(NULL), 0);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_copy_parameters(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST) && (defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \
defined(WOLFSSL_OPENSSH)) && defined(WOLFSSL_DH_EXTRA) && \
!defined(NO_FILESYSTEM)
WOLFSSL_EVP_PKEY* params = NULL;
WOLFSSL_EVP_PKEY* copy = NULL;
DH* dh = NULL;
BIGNUM* p1;
BIGNUM* g1;
BIGNUM* q1;
BIGNUM* p2;
BIGNUM* g2;
BIGNUM* q2;
/* create DH with DH_get_2048_256 params */
ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dh = DH_get_2048_256());
ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
DH_get0_pqg(dh, (const BIGNUM**)&p1,
(const BIGNUM**)&q1,
(const BIGNUM**)&g1);
DH_free(dh);
dh = NULL;
/* create DH with random generated DH params */
ExpectNotNull(copy = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
ExpectIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS);
DH_free(dh);
dh = NULL;
ExpectIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS);
ExpectNotNull(dh = EVP_PKEY_get1_DH(copy));
ExpectNotNull(dh->p);
ExpectNotNull(dh->g);
ExpectNotNull(dh->q);
DH_get0_pqg(dh, (const BIGNUM**)&p2,
(const BIGNUM**)&q2,
(const BIGNUM**)&g2);
ExpectIntEQ(BN_cmp(p1, p2), 0);
ExpectIntEQ(BN_cmp(q1, q2), 0);
ExpectIntEQ(BN_cmp(g1, g2), 0);
DH_free(dh);
dh = NULL;
EVP_PKEY_free(copy);
EVP_PKEY_free(params);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(void)
{
EXPECT_DECLS;
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
int bits = 2048;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits),
WOLFSSL_SUCCESS);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
{
EXPECT_DECLS;
/* This is large enough to be used for all key sizes */
byte key[AES_256_KEY_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
int i;
int nids[] = {
#ifdef HAVE_AES_CBC
NID_aes_128_cbc,
#endif
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
#ifdef HAVE_AESGCM
NID_aes_128_gcm,
#endif
#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
#ifdef WOLFSSL_AES_COUNTER
NID_aes_128_ctr,
#endif
#ifndef NO_DES3
NID_des_cbc,
NID_des_ede3_cbc,
#endif
};
int iv_lengths[] = {
#ifdef HAVE_AES_CBC
AES_BLOCK_SIZE,
#endif
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
#ifdef HAVE_AESGCM
GCM_NONCE_MID_SZ,
#endif
#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
#ifdef WOLFSSL_AES_COUNTER
AES_BLOCK_SIZE,
#endif
#ifndef NO_DES3
DES_BLOCK_SIZE,
DES_BLOCK_SIZE,
#endif
};
int nidsLen = (sizeof(nids)/sizeof(int));
for (i = 0; i < nidsLen; i++) {
const EVP_CIPHER* init = wolfSSL_EVP_get_cipherbynid(nids[i]);
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_iv_length(ctx), iv_lengths[i]);
EVP_CIPHER_CTX_free(ctx);
}
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX_key_length(void)
{
EXPECT_DECLS;
byte key[AES_256_KEY_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
int i;
int nids[] = {
#ifdef HAVE_AES_CBC
NID_aes_128_cbc,
NID_aes_256_cbc,
#endif
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
#ifdef HAVE_AESGCM
NID_aes_128_gcm,
NID_aes_256_gcm,
#endif
#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
#ifdef WOLFSSL_AES_COUNTER
NID_aes_128_ctr,
NID_aes_256_ctr,
#endif
#ifndef NO_DES3
NID_des_cbc,
NID_des_ede3_cbc,
#endif
};
int key_lengths[] = {
#ifdef HAVE_AES_CBC
AES_128_KEY_SIZE,
AES_256_KEY_SIZE,
#endif
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
#ifdef HAVE_AESGCM
AES_128_KEY_SIZE,
AES_256_KEY_SIZE,
#endif
#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
#ifdef WOLFSSL_AES_COUNTER
AES_128_KEY_SIZE,
AES_256_KEY_SIZE,
#endif
#ifndef NO_DES3
DES_KEY_SIZE,
DES3_KEY_SIZE,
#endif
};
int nidsLen = (sizeof(nids)/sizeof(int));
for (i = 0; i < nidsLen; i++) {
const EVP_CIPHER *init = wolfSSL_EVP_get_cipherbynid(nids[i]);
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_key_length(ctx), key_lengths[i]);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, key_lengths[i]),
WOLFSSL_SUCCESS);
EVP_CIPHER_CTX_free(ctx);
}
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX_set_iv(void)
{
EXPECT_DECLS;
#if defined(HAVE_AESGCM) && !defined(NO_DES3)
int ivLen, keyLen;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
#ifdef HAVE_AESGCM
byte key[AES_128_KEY_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
const EVP_CIPHER *init = EVP_aes_128_gcm();
#else
byte key[DES3_KEY_SIZE] = {0};
byte iv[DES_BLOCK_SIZE] = {0};
const EVP_CIPHER *init = EVP_des_ede3_cbc();
#endif
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ivLen = wolfSSL_EVP_CIPHER_CTX_iv_length(ctx);
keyLen = wolfSSL_EVP_CIPHER_CTX_key_length(ctx);
/* Bad cases */
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, iv, ivLen),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, NULL, ivLen),
WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, 0), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, NULL, 0), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, keyLen),
WOLFSSL_FAILURE);
/* Good case */
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, ivLen), 1);
EVP_CIPHER_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_CTX_new_id(void)
{
EXPECT_DECLS;
WOLFSSL_ENGINE* e = NULL;
int id = 0;
EVP_PKEY_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e));
EVP_PKEY_CTX_free(ctx);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_rc4(void)
{
EXPECT_DECLS;
#if !defined(NO_RC4)
ExpectNotNull(wolfSSL_EVP_rc4());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_enc_null(void)
{
EXPECT_DECLS;
ExpectNotNull(wolfSSL_EVP_enc_null());
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_rc2_cbc(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_QT) && !defined(NO_WOLFSSL_STUB)
ExpectNull(wolfSSL_EVP_rc2_cbc());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_mdc2(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_STUB)
ExpectNull(wolfSSL_EVP_mdc2());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_md4(void)
{
EXPECT_DECLS;
#if !defined(NO_MD4)
ExpectNotNull(wolfSSL_EVP_md4());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_256_gcm(void)
{
EXPECT_DECLS;
#ifdef HAVE_AESGCM
ExpectNotNull(wolfSSL_EVP_aes_256_gcm());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_192_gcm(void)
{
EXPECT_DECLS;
#ifdef HAVE_AESGCM
ExpectNotNull(wolfSSL_EVP_aes_192_gcm());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_256_ccm(void)
{
EXPECT_DECLS;
#ifdef HAVE_AESCCM
ExpectNotNull(wolfSSL_EVP_aes_256_ccm());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_192_ccm(void)
{
EXPECT_DECLS;
#ifdef HAVE_AESCCM
ExpectNotNull(wolfSSL_EVP_aes_192_ccm());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_128_ccm(void)
{
EXPECT_DECLS;
#ifdef HAVE_AESCCM
ExpectNotNull(wolfSSL_EVP_aes_128_ccm());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_ripemd160(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_STUB)
ExpectNull(wolfSSL_EVP_ripemd160());
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_get_digestbynid(void)
{
EXPECT_DECLS;
#ifndef NO_MD5
ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
#endif
#ifndef NO_SHA
ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
#endif
#ifndef NO_SHA256
ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha256));
#endif
ExpectNull(wolfSSL_EVP_get_digestbynid(0));
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_nid(void)
{
EXPECT_DECLS;
#ifndef NO_MD5
ExpectIntEQ(EVP_MD_nid(EVP_md5()), NID_md5);
#endif
#ifndef NO_SHA
ExpectIntEQ(EVP_MD_nid(EVP_sha1()), NID_sha1);
#endif
#ifndef NO_SHA256
ExpectIntEQ(EVP_MD_nid(EVP_sha256()), NID_sha256);
#endif
ExpectIntEQ(EVP_MD_nid(NULL), NID_undef);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_get0_EC_KEY(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC)
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNull(EVP_PKEY_get0_EC_KEY(NULL));
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectNull(EVP_PKEY_get0_EC_KEY(pkey));
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_X_STATE(void)
{
EXPECT_DECLS;
#if !defined(NO_DES3) && !defined(NO_RC4)
byte key[DES3_KEY_SIZE] = {0};
byte iv[DES_IV_SIZE] = {0};
EVP_CIPHER_CTX *ctx = NULL;
const EVP_CIPHER *init = NULL;
/* Bad test cases */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
ExpectNotNull(init = EVP_des_ede3_cbc());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ExpectNull(wolfSSL_EVP_X_STATE(NULL));
ExpectNull(wolfSSL_EVP_X_STATE(ctx));
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* Good test case */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
ExpectNotNull(init = wolfSSL_EVP_rc4());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ExpectNotNull(wolfSSL_EVP_X_STATE(ctx));
EVP_CIPHER_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_X_STATE_LEN(void)
{
EXPECT_DECLS;
#if !defined(NO_DES3) && !defined(NO_RC4)
byte key[DES3_KEY_SIZE] = {0};
byte iv[DES_IV_SIZE] = {0};
EVP_CIPHER_CTX *ctx = NULL;
const EVP_CIPHER *init = NULL;
/* Bad test cases */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
ExpectNotNull(init = EVP_des_ede3_cbc());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(NULL), 0);
ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), 0);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* Good test case */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
ExpectNotNull(init = wolfSSL_EVP_rc4());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), sizeof(Arc4));
EVP_CIPHER_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_block_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_AES_CBC) || defined(HAVE_AESGCM) || \
defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_ECB) || \
defined(WOLFSSL_AES_OFB) || !defined(NO_RC4) || \
(defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
#ifdef HAVE_AES_CBC
#ifdef WOLFSSL_AES_128
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_cbc()), AES_BLOCK_SIZE);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_cbc()), AES_BLOCK_SIZE);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_cbc()), AES_BLOCK_SIZE);
#endif
#endif
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_gcm()), 1);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_gcm()), 1);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_gcm()), 1);
#endif
#endif
#ifdef HAVE_AESCCM
#ifdef WOLFSSL_AES_128
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ccm()), 1);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ccm()), 1);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ccm()), 1);
#endif
#endif
#ifdef WOLFSSL_AES_COUNTER
#ifdef WOLFSSL_AES_128
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ctr()), 1);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ctr()), 1);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ctr()), 1);
#endif
#endif
#ifdef HAVE_AES_ECB
#ifdef WOLFSSL_AES_128
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ecb()), AES_BLOCK_SIZE);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ecb()), AES_BLOCK_SIZE);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ecb()), AES_BLOCK_SIZE);
#endif
#endif
#ifdef WOLFSSL_AES_OFB
#ifdef WOLFSSL_AES_128
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ofb()), 1);
#endif
#ifdef WOLFSSL_AES_192
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ofb()), 1);
#endif
#ifdef WOLFSSL_AES_256
ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ofb()), 1);
#endif
#endif
#ifndef NO_RC4
ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1);
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1);
#endif
#endif
#ifdef WOLFSSL_SM4_ECB
ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ecb()), SM4_BLOCK_SIZE);
#endif
#ifdef WOLFSSL_SM4_CBC
ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_cbc()), SM4_BLOCK_SIZE);
#endif
#ifdef WOLFSSL_SM4_CTR
ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ctr()), 1);
#endif
#ifdef WOLFSSL_SM4_GCM
ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_gcm()), 1);
#endif
#ifdef WOLFSSL_SM4_CCM
ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ccm()), 1);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_iv_length(void)
{
EXPECT_DECLS;
int nids[] = {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
#ifdef WOLFSSL_AES_128
NID_aes_128_cbc,
#endif
#ifdef WOLFSSL_AES_192
NID_aes_192_cbc,
#endif
#ifdef WOLFSSL_AES_256
NID_aes_256_cbc,
#endif
#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
NID_aes_128_gcm,
#endif
#ifdef WOLFSSL_AES_192
NID_aes_192_gcm,
#endif
#ifdef WOLFSSL_AES_256
NID_aes_256_gcm,
#endif
#endif /* HAVE_AESGCM */
#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
#ifdef WOLFSSL_AES_COUNTER
#ifdef WOLFSSL_AES_128
NID_aes_128_ctr,
#endif
#ifdef WOLFSSL_AES_192
NID_aes_192_ctr,
#endif
#ifdef WOLFSSL_AES_256
NID_aes_256_ctr,
#endif
#endif
#ifndef NO_DES3
NID_des_cbc,
NID_des_ede3_cbc,
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
NID_chacha20_poly1305,
#endif
};
int iv_lengths[] = {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
#ifdef WOLFSSL_AES_128
AES_BLOCK_SIZE,
#endif
#ifdef WOLFSSL_AES_192
AES_BLOCK_SIZE,
#endif
#ifdef WOLFSSL_AES_256
AES_BLOCK_SIZE,
#endif
#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
GCM_NONCE_MID_SZ,
#endif
#ifdef WOLFSSL_AES_192
GCM_NONCE_MID_SZ,
#endif
#ifdef WOLFSSL_AES_256
GCM_NONCE_MID_SZ,
#endif
#endif /* HAVE_AESGCM */
#endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
#ifdef WOLFSSL_AES_COUNTER
#ifdef WOLFSSL_AES_128
AES_BLOCK_SIZE,
#endif
#ifdef WOLFSSL_AES_192
AES_BLOCK_SIZE,
#endif
#ifdef WOLFSSL_AES_256
AES_BLOCK_SIZE,
#endif
#endif
#ifndef NO_DES3
DES_BLOCK_SIZE,
DES_BLOCK_SIZE,
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
CHACHA20_POLY1305_AEAD_IV_SIZE,
#endif
};
int i;
int nidsLen = (sizeof(nids)/sizeof(int));
for (i = 0; i < nidsLen; i++) {
const EVP_CIPHER *c = EVP_get_cipherbynid(nids[i]);
ExpectIntEQ(EVP_CIPHER_iv_length(c), iv_lengths[i]);
}
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_SignInit_ex(void)
{
EXPECT_DECLS;
WOLFSSL_EVP_MD_CTX mdCtx;
WOLFSSL_ENGINE* e = 0;
const EVP_MD* md = EVP_sha256();
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_DigestFinal_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_SHA256)
WOLFSSL_EVP_MD_CTX mdCtx;
unsigned int s = 0;
unsigned char md[WC_SHA256_DIGEST_SIZE];
unsigned char md2[WC_SHA256_DIGEST_SIZE];
/* Bad Case */
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION > 2))
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), 0);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#else
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
#endif
/* Good Case */
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, EVP_sha256()), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md2, &s), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_QT_EVP_PKEY_CTX_free(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
/* void */
EVP_PKEY_CTX_free(ctx);
#else
/* int */
ExpectIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS);
#endif
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_param_check(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH *dh = NULL;
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
FILE* f = NULL;
unsigned char buf[512];
const unsigned char* pt = buf;
const char* dh2048 = "./certs/dh2048.der";
long len = 0;
int code = -1;
XMEMSET(buf, 0, sizeof(buf));
ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
/* Load dh2048.der into DH with internal format */
ExpectNotNull(setDh = d2i_DHparams(NULL, &pt, len));
ExpectIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS);
ExpectIntEQ(code, 0);
code = -1;
pkey = wolfSSL_EVP_PKEY_new();
/* Set DH into PKEY */
ExpectIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
/* create ctx from pkey */
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */);
/* TODO: more invalid cases */
ExpectIntEQ(EVP_PKEY_param_check(NULL), 0);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
DH_free(setDh);
setDh = NULL;
DH_free(dh);
dh = NULL;
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_BytesToKey(void)
{
EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
byte key[AES_BLOCK_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
int count = 0;
const EVP_MD* md = EVP_sha256();
const EVP_CIPHER *type;
const unsigned char *salt = (unsigned char *)"salt1234";
int sz = 5;
const byte data[] = {
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
type = wolfSSL_EVP_get_cipherbynid(NID_aes_128_cbc);
/* Bad cases */
ExpectIntEQ(EVP_BytesToKey(NULL, md, salt, data, sz, count, key, iv),
0);
ExpectIntEQ(EVP_BytesToKey(type, md, salt, NULL, sz, count, key, iv),
16);
md = "2";
ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
WOLFSSL_FAILURE);
/* Good case */
md = EVP_sha256();
ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
16);
#endif
return EXPECT_RESULT();
}
static int test_evp_cipher_aes_gcm(void)
{
EXPECT_DECLS;
#if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST)) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION >= 2)))
/*
* This test checks data at various points in the encrypt/decrypt process
* against known values produced using the same test with OpenSSL. This
* interop testing is critical for verifying the correctness of our
* EVP_Cipher implementation with AES-GCM. Specifically, this test exercises
* a flow supported by OpenSSL that uses the control command
* EVP_CTRL_GCM_IV_GEN to increment the IV between cipher operations without
* the need to call EVP_CipherInit. OpenSSH uses this flow, for example. We
* had a bug with OpenSSH where wolfSSL OpenSSH servers could only talk to
* wolfSSL OpenSSH clients because there was a bug in this flow that
* happened to "cancel out" if both sides of the connection had the bug.
*/
enum {
NUM_ENCRYPTIONS = 3,
AAD_SIZE = 4
};
byte plainText1[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23
};
byte plainText2[] = {
0x42, 0x49, 0x3b, 0x27, 0x03, 0x35, 0x59, 0x14, 0x41, 0x47, 0x37, 0x14,
0x0e, 0x34, 0x0d, 0x28, 0x63, 0x09, 0x0a, 0x5b, 0x22, 0x57, 0x42, 0x22,
0x0f, 0x5c, 0x1e, 0x53, 0x45, 0x15, 0x62, 0x08, 0x60, 0x43, 0x50, 0x2c
};
byte plainText3[] = {
0x36, 0x0d, 0x2b, 0x09, 0x4a, 0x56, 0x3b, 0x4c, 0x21, 0x22, 0x58, 0x0e,
0x5b, 0x57, 0x10
};
byte* plainTexts[NUM_ENCRYPTIONS] = {
plainText1,
plainText2,
plainText3
};
const int plainTextSzs[NUM_ENCRYPTIONS] = {
sizeof(plainText1),
sizeof(plainText2),
sizeof(plainText3)
};
byte aad1[AAD_SIZE] = {
0x00, 0x00, 0x00, 0x01
};
byte aad2[AAD_SIZE] = {
0x00, 0x00, 0x00, 0x10
};
byte aad3[AAD_SIZE] = {
0x00, 0x00, 0x01, 0x00
};
byte* aads[NUM_ENCRYPTIONS] = {
aad1,
aad2,
aad3
};
const byte iv[GCM_NONCE_MID_SZ] = {
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
};
byte currentIv[GCM_NONCE_MID_SZ];
const byte key[] = {
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f
};
const byte expIvs[NUM_ENCRYPTIONS][GCM_NONCE_MID_SZ] = {
{
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE,
0xEF
},
{
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE,
0xF0
},
{
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE,
0xF1
}
};
const byte expTags[NUM_ENCRYPTIONS][AES_BLOCK_SIZE] = {
{
0x65, 0x4F, 0xF7, 0xA0, 0xBB, 0x7B, 0x90, 0xB7, 0x9C, 0xC8, 0x14,
0x3D, 0x32, 0x18, 0x34, 0xA9
},
{
0x50, 0x3A, 0x13, 0x8D, 0x91, 0x1D, 0xEC, 0xBB, 0xBA, 0x5B, 0x57,
0xA2, 0xFD, 0x2D, 0x6B, 0x7F
},
{
0x3B, 0xED, 0x18, 0x9C, 0xB3, 0xE3, 0x61, 0x1E, 0x11, 0xEB, 0x13,
0x5B, 0xEC, 0x52, 0x49, 0x32,
}
};
const byte expCipherText1[] = {
0xCB, 0x93, 0x4F, 0xC8, 0x22, 0xE2, 0xC0, 0x35, 0xAA, 0x6B, 0x41, 0x15,
0x17, 0x30, 0x2F, 0x97, 0x20, 0x74, 0x39, 0x28, 0xF8, 0xEB, 0xC5, 0x51,
0x7B, 0xD9, 0x8A, 0x36, 0xB8, 0xDA, 0x24, 0x80, 0xE7, 0x9E, 0x09, 0xDE
};
const byte expCipherText2[] = {
0xF9, 0x32, 0xE1, 0x87, 0x37, 0x0F, 0x04, 0xC1, 0xB5, 0x59, 0xF0, 0x45,
0x3A, 0x0D, 0xA0, 0x26, 0xFF, 0xA6, 0x8D, 0x38, 0xFE, 0xB8, 0xE5, 0xC2,
0x2A, 0x98, 0x4A, 0x54, 0x8F, 0x1F, 0xD6, 0x13, 0x03, 0xB2, 0x1B, 0xC0
};
const byte expCipherText3[] = {
0xD0, 0x37, 0x59, 0x1C, 0x2F, 0x85, 0x39, 0x4D, 0xED, 0xC2, 0x32, 0x5B,
0x80, 0x5E, 0x6B,
};
const byte* expCipherTexts[NUM_ENCRYPTIONS] = {
expCipherText1,
expCipherText2,
expCipherText3
};
byte* cipherText = NULL;
byte* calcPlainText = NULL;
byte tag[AES_BLOCK_SIZE];
EVP_CIPHER_CTX* encCtx = NULL;
EVP_CIPHER_CTX* decCtx = NULL;
int i, j, outl;
/****************************************************/
for (i = 0; i < 3; ++i) {
ExpectNotNull(encCtx = EVP_CIPHER_CTX_new());
ExpectNotNull(decCtx = EVP_CIPHER_CTX_new());
/* First iteration, set key before IV. */
if (i == 0) {
ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), key, NULL, 1),
SSL_SUCCESS);
/*
* The call to EVP_CipherInit below (with NULL key) should clear the
* authIvGenEnable flag set by EVP_CTRL_GCM_SET_IV_FIXED. As such, a
* subsequent EVP_CTRL_GCM_IV_GEN should fail. This matches OpenSSL
* behavior.
*/
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
(void*)iv), SSL_SUCCESS);
ExpectIntEQ(EVP_CipherInit(encCtx, NULL, NULL, iv, 1),
SSL_SUCCESS);
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_FAILURE);
ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), key, NULL, 0),
SSL_SUCCESS);
ExpectIntEQ(EVP_CipherInit(decCtx, NULL, NULL, iv, 0),
SSL_SUCCESS);
}
/* Second iteration, IV before key. */
else {
ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), NULL, iv, 1),
SSL_SUCCESS);
ExpectIntEQ(EVP_CipherInit(encCtx, NULL, key, NULL, 1),
SSL_SUCCESS);
ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), NULL, iv, 0),
SSL_SUCCESS);
ExpectIntEQ(EVP_CipherInit(decCtx, NULL, key, NULL, 0),
SSL_SUCCESS);
}
/*
* EVP_CTRL_GCM_IV_GEN should fail if EVP_CTRL_GCM_SET_IV_FIXED hasn't
* been issued first.
*/
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_FAILURE);
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
(void*)iv), SSL_SUCCESS);
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
(void*)iv), SSL_SUCCESS);
for (j = 0; j < NUM_ENCRYPTIONS; ++j) {
/*************** Encrypt ***************/
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_SUCCESS);
/* Check current IV against expected. */
ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
/* Add AAD. */
if (i == 2) {
/* Test streaming API. */
ExpectIntEQ(EVP_CipherUpdate(encCtx, NULL, &outl, aads[j],
AAD_SIZE), SSL_SUCCESS);
}
else {
ExpectIntEQ(EVP_Cipher(encCtx, NULL, aads[j], AAD_SIZE),
AAD_SIZE);
}
ExpectNotNull(cipherText = (byte*)XMALLOC(plainTextSzs[j], NULL,
DYNAMIC_TYPE_TMP_BUFFER));
/* Encrypt plaintext. */
if (i == 2) {
ExpectIntEQ(EVP_CipherUpdate(encCtx, cipherText, &outl,
plainTexts[j], plainTextSzs[j]),
SSL_SUCCESS);
}
else {
ExpectIntEQ(EVP_Cipher(encCtx, cipherText, plainTexts[j],
plainTextSzs[j]), plainTextSzs[j]);
}
if (i == 2) {
ExpectIntEQ(EVP_CipherFinal(encCtx, cipherText, &outl),
SSL_SUCCESS);
}
else {
/*
* Calling EVP_Cipher with NULL input and output for AES-GCM is
* akin to calling EVP_CipherFinal.
*/
ExpectIntGE(EVP_Cipher(encCtx, NULL, NULL, 0), 0);
}
/* Check ciphertext against expected. */
ExpectIntEQ(XMEMCMP(cipherText, expCipherTexts[j], plainTextSzs[j]),
0);
/* Get and check tag against expected. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_GET_TAG,
sizeof(tag), tag), SSL_SUCCESS);
ExpectIntEQ(XMEMCMP(tag, expTags[j], sizeof(tag)), 0);
/*************** Decrypt ***************/
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_SUCCESS);
/* Check current IV against expected. */
ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
/* Add AAD. */
if (i == 2) {
/* Test streaming API. */
ExpectIntEQ(EVP_CipherUpdate(decCtx, NULL, &outl, aads[j],
AAD_SIZE), SSL_SUCCESS);
}
else {
ExpectIntEQ(EVP_Cipher(decCtx, NULL, aads[j], AAD_SIZE),
AAD_SIZE);
}
/* Set expected tag. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_TAG,
sizeof(tag), tag), SSL_SUCCESS);
/* Decrypt ciphertext. */
ExpectNotNull(calcPlainText = (byte*)XMALLOC(plainTextSzs[j], NULL,
DYNAMIC_TYPE_TMP_BUFFER));
if (i == 2) {
ExpectIntEQ(EVP_CipherUpdate(decCtx, calcPlainText, &outl,
cipherText, plainTextSzs[j]),
SSL_SUCCESS);
}
else {
/* This first EVP_Cipher call will check the tag, too. */
ExpectIntEQ(EVP_Cipher(decCtx, calcPlainText, cipherText,
plainTextSzs[j]), plainTextSzs[j]);
}
if (i == 2) {
ExpectIntEQ(EVP_CipherFinal(decCtx, calcPlainText, &outl),
SSL_SUCCESS);
}
else {
ExpectIntGE(EVP_Cipher(decCtx, NULL, NULL, 0), 0);
}
/* Check plaintext against expected. */
ExpectIntEQ(XMEMCMP(calcPlainText, plainTexts[j], plainTextSzs[j]),
0);
XFREE(cipherText, NULL, DYNAMIC_TYPE_TMP_BUFFER);
cipherText = NULL;
XFREE(calcPlainText, NULL, DYNAMIC_TYPE_TMP_BUFFER);
calcPlainText = NULL;
}
EVP_CIPHER_CTX_free(encCtx);
encCtx = NULL;
EVP_CIPHER_CTX_free(decCtx);
decCtx = NULL;
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_ln(void)
{
EXPECT_DECLS;
const int nid_set[] = {
NID_commonName,
NID_serialNumber,
NID_countryName,
NID_localityName,
NID_stateOrProvinceName,
NID_organizationName,
NID_organizationalUnitName,
NID_domainComponent,
NID_businessCategory,
NID_jurisdictionCountryName,
NID_jurisdictionStateOrProvinceName,
NID_emailAddress
};
const char* ln_set[] = {
"commonName",
"serialNumber",
"countryName",
"localityName",
"stateOrProvinceName",
"organizationName",
"organizationalUnitName",
"domainComponent",
"businessCategory",
"jurisdictionCountryName",
"jurisdictionStateOrProvinceName",
"emailAddress",
};
size_t i = 0, maxIdx = sizeof(ln_set)/sizeof(char*);
ExpectIntEQ(OBJ_ln2nid(NULL), NID_undef);
#ifdef HAVE_ECC
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
{
EC_builtin_curve r[27];
size_t nCurves = sizeof(r) / sizeof(r[0]);
nCurves = EC_get_builtin_curves(r, nCurves);
for (i = 0; i < nCurves; i++) {
/* skip ECC_CURVE_INVALID */
if (r[i].nid != ECC_CURVE_INVALID) {
ExpectIntEQ(OBJ_ln2nid(r[i].comment), r[i].nid);
ExpectStrEQ(OBJ_nid2ln(r[i].nid), r[i].comment);
}
}
}
#endif
#endif
for (i = 0; i < maxIdx; i++) {
ExpectIntEQ(OBJ_ln2nid(ln_set[i]), nid_set[i]);
ExpectStrEQ(OBJ_nid2ln(nid_set[i]), ln_set[i]);
}
return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_sn(void)
{
EXPECT_DECLS;
int i = 0, maxIdx = 7;
const int nid_set[] = {NID_commonName,NID_countryName,NID_localityName,
NID_stateOrProvinceName,NID_organizationName,
NID_organizationalUnitName,NID_emailAddress};
const char* sn_open_set[] = {"CN","C","L","ST","O","OU","emailAddress"};
const char* sn_wolf_set[] = {WOLFSSL_COMMON_NAME,WOLFSSL_COUNTRY_NAME,
WOLFSSL_LOCALITY_NAME, WOLFSSL_STATE_NAME,
WOLFSSL_ORG_NAME, WOLFSSL_ORGUNIT_NAME,
WOLFSSL_EMAIL_ADDR};
ExpectIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef);
for (i = 0; i < maxIdx; i++) {
ExpectIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]);
ExpectStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]);
}
return EXPECT_RESULT();
}
#if !defined(NO_BIO)
static unsigned long TXT_DB_hash(const WOLFSSL_STRING *s)
{
return lh_strhash(s[3]);
}
static int TXT_DB_cmp(const WOLFSSL_STRING *a, const WOLFSSL_STRING *b)
{
return XSTRCMP(a[3], b[3]);
}
#endif
static int test_wolfSSL_TXT_DB(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_BIO)
BIO *bio = NULL;
TXT_DB *db = NULL;
const int columns = 6;
const char *fields[6] = {
"V",
"320926161116Z",
"",
"12BD",
"unknown",
"/CN=rsa doe",
};
char** fields_copy = NULL;
/* Test read */
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0);
ExpectNotNull(db = TXT_DB_read(bio, columns));
ExpectNotNull(fields_copy = (char**)XMALLOC(sizeof(fields), NULL,
DYNAMIC_TYPE_OPENSSL));
if (fields_copy != NULL) {
XMEMCPY(fields_copy, fields, sizeof(fields));
}
ExpectIntEQ(TXT_DB_insert(db, fields_copy), 1);
if (EXPECT_FAIL()) {
XFREE(fields_copy, NULL, DYNAMIC_TYPE_OPENSSL);
}
BIO_free(bio);
bio = NULL;
/* Test write */
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(TXT_DB_write(bio, db), 1484);
BIO_free(bio);
/* Test index */
ExpectIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash,
(wolf_lh_compare_cb)TXT_DB_cmp), 1);
ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "12DA";
ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "FFFF";
ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "";
ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
TXT_DB_free(db);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_NCONF(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_BIO)
const char* confFile = "./tests/NCONF_test.cnf";
CONF* conf = NULL;
long eline = 0;
long num = 0;
ExpectNotNull(conf = NCONF_new(NULL));
ExpectIntEQ(NCONF_load(conf, confFile, &eline), 1);
ExpectIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1);
ExpectIntEQ(num, 1234);
ExpectIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1);
ExpectIntEQ(num, 4321);
ExpectStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir");
ExpectStrEQ(NCONF_get_string(conf, "section1", "file1_copy"),
"./test-dir/file1");
ExpectStrEQ(NCONF_get_string(conf, "section2", "file_list"),
"./test-dir/file1:./test-dir/file2:./section1:file2");
NCONF_free(conf);
#endif
return EXPECT_RESULT();
}
#endif /* OPENSSL_ALL */
static int test_wolfSSL_X509V3_EXT_get(void) {
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
XFILE f = XBADFILE;
int numOfExt =0;
int extNid = 0;
int i = 0;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext = NULL;
const WOLFSSL_v3_ext_method* method = NULL;
ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
/* wolfSSL_X509V3_EXT_get() return struct and nid test */
ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
for (i = 0; i < numOfExt; i++) {
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
ExpectIntNE((extNid = ext->obj->nid), NID_undef);
ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
ExpectIntEQ(method->ext_nid, extNid);
}
/* wolfSSL_X509V3_EXT_get() NULL argument test */
ExpectNull(method = wolfSSL_X509V3_EXT_get(NULL));
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509V3_EXT_nconf(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
const char *ext_names[] = {
"subjectKeyIdentifier",
"authorityKeyIdentifier",
"subjectAltName",
"keyUsage",
"extendedKeyUsage",
};
size_t ext_names_count = sizeof(ext_names)/sizeof(*ext_names);
int ext_nids[] = {
NID_subject_key_identifier,
NID_authority_key_identifier,
NID_subject_alt_name,
NID_key_usage,
NID_ext_key_usage,
};
size_t ext_nids_count = sizeof(ext_nids)/sizeof(*ext_nids);
const char *ext_values[] = {
"hash",
"hash",
"DNS:example.com, IP:127.0.0.1",
"digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,"
"keyAgreement,keyCertSign,cRLSign,encipherOnly,decipherOnly",
"serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,"
"OCSPSigning",
};
size_t i;
X509_EXTENSION* ext = NULL;
X509* x509 = NULL;
unsigned int keyUsageFlags;
unsigned int extKeyUsageFlags;
ExpectNotNull(x509 = X509_new());
/* keyUsage / extKeyUsage should match string above */
keyUsageFlags = KU_DIGITAL_SIGNATURE
| KU_NON_REPUDIATION
| KU_KEY_ENCIPHERMENT
| KU_DATA_ENCIPHERMENT
| KU_KEY_AGREEMENT
| KU_KEY_CERT_SIGN
| KU_CRL_SIGN
| KU_ENCIPHER_ONLY
| KU_DECIPHER_ONLY;
extKeyUsageFlags = XKU_SSL_CLIENT
| XKU_SSL_SERVER
| XKU_CODE_SIGN
| XKU_SMIME
| XKU_TIMESTAMP
| XKU_OCSP_SIGN;
for (i = 0; i < ext_names_count; i++) {
ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i],
ext_values[i]));
X509_EXTENSION_free(ext);
ext = NULL;
}
for (i = 0; i < ext_nids_count; i++) {
ExpectNotNull(ext = X509V3_EXT_nconf_nid(NULL, NULL, ext_nids[i],
ext_values[i]));
X509_EXTENSION_free(ext);
ext = NULL;
}
/* Test adding extension to X509 */
for (i = 0; i < ext_nids_count; i++) {
ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i],
ext_values[i]));
ExpectIntEQ(X509_add_ext(x509, ext, -1), WOLFSSL_SUCCESS);
if (ext_nids[i] == NID_key_usage) {
ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
}
else if (ext_nids[i] == NID_ext_key_usage) {
ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
}
X509_EXTENSION_free(ext);
ext = NULL;
}
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509V3_EXT(void) {
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
XFILE f = XBADFILE;
int numOfExt = 0, nid = 0, i = 0, expected, actual = 0;
char* str = NULL;
unsigned char* data = NULL;
const WOLFSSL_v3_ext_method* method = NULL;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext = NULL;
WOLFSSL_X509_EXTENSION* ext2 = NULL;
WOLFSSL_ASN1_OBJECT *obj = NULL;
WOLFSSL_ASN1_OBJECT *adObj = NULL;
WOLFSSL_ASN1_STRING* asn1str = NULL;
WOLFSSL_AUTHORITY_KEYID* aKeyId = NULL;
WOLFSSL_AUTHORITY_INFO_ACCESS* aia = NULL;
WOLFSSL_BASIC_CONSTRAINTS* bc = NULL;
WOLFSSL_ACCESS_DESCRIPTION* ad = NULL;
WOLFSSL_GENERAL_NAME* gn = NULL;
/* Check NULL argument */
ExpectNull(wolfSSL_X509V3_EXT_d2i(NULL));
/* Using OCSP cert with X509V3 extensions */
ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
/* Basic Constraints */
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_basic_constraints);
ExpectNotNull(bc = (WOLFSSL_BASIC_CONSTRAINTS*)wolfSSL_X509V3_EXT_d2i(ext));
ExpectIntEQ(bc->ca, 1);
ExpectNull(bc->pathlen);
wolfSSL_BASIC_CONSTRAINTS_free(bc);
bc = NULL;
i++;
/* Subject Key Identifier */
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_subject_key_identifier);
ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
ExpectNotNull(ext2 = wolfSSL_X509V3_EXT_i2d(NID_subject_key_identifier, 0,
asn1str));
X509_EXTENSION_free(ext2);
ext2 = NULL;
ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
ExpectNotNull(method->i2s);
ExpectNotNull(str = method->i2s((WOLFSSL_v3_ext_method*)method, asn1str));
wolfSSL_ASN1_STRING_free(asn1str);
asn1str = NULL;
if (str != NULL) {
actual = strcmp(str,
"73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
}
ExpectIntEQ(actual, 0);
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
str = NULL;
i++;
/* Authority Key Identifier */
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_authority_key_identifier);
ExpectNotNull(aKeyId = (WOLFSSL_AUTHORITY_KEYID*)wolfSSL_X509V3_EXT_d2i(
ext));
ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
ExpectNotNull(asn1str = aKeyId->keyid);
ExpectNotNull(str = wolfSSL_i2s_ASN1_STRING((WOLFSSL_v3_ext_method*)method,
asn1str));
asn1str = NULL;
if (str != NULL) {
actual = strcmp(str,
"73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
}
ExpectIntEQ(actual, 0);
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
str = NULL;
wolfSSL_AUTHORITY_KEYID_free(aKeyId);
aKeyId = NULL;
i++;
/* Key Usage */
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage);
ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
#if defined(WOLFSSL_QT)
ExpectNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str));
#else
ExpectNotNull(data = wolfSSL_ASN1_STRING_data(asn1str));
#endif
expected = KEYUSE_KEY_CERT_SIGN | KEYUSE_CRL_SIGN;
if (data != NULL) {
#ifdef BIG_ENDIAN_ORDER
actual = data[1];
#else
actual = data[0];
#endif
}
ExpectIntEQ(actual, expected);
wolfSSL_ASN1_STRING_free(asn1str);
asn1str = NULL;
#if 1
i++;
/* Authority Info Access */
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access);
ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(
ext));
#if defined(WOLFSSL_QT)
ExpectIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
#else
ExpectIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
#endif
/* URI entry is an ACCESS_DESCRIPTION type */
#if defined(WOLFSSL_QT)
ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0));
#else
ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0));
#endif
ExpectNotNull(adObj = ad->method);
/* Make sure nid is OCSP */
ExpectIntEQ(wolfSSL_OBJ_obj2nid(adObj), NID_ad_OCSP);
/* GENERAL_NAME stores URI as an ASN1_STRING */
ExpectNotNull(gn = ad->location);
ExpectIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */
ExpectNotNull(asn1str = gn->d.uniformResourceIdentifier);
ExpectIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22);
#if defined(WOLFSSL_QT)
ExpectNotNull(str = (char*)ASN1_STRING_get0_data(asn1str));
#else
ExpectNotNull(str = (char*)wolfSSL_ASN1_STRING_data(asn1str));
#endif
if (str != NULL) {
actual = strcmp(str, "http://127.0.0.1:22220");
}
ExpectIntEQ(actual, 0);
wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
aia = NULL;
#else
(void) aia; (void) ad; (void) adObj; (void) gn;
#endif
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_extension_flags(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
XFILE f = XBADFILE;
X509* x509 = NULL;
unsigned int extFlags;
unsigned int keyUsageFlags;
unsigned int extKeyUsageFlags;
/* client-int-cert.pem has the following extension flags. */
extFlags = EXFLAG_KUSAGE | EXFLAG_XKUSAGE;
/* and the following key usage flags. */
keyUsageFlags = KU_DIGITAL_SIGNATURE
| KU_NON_REPUDIATION
| KU_KEY_ENCIPHERMENT;
/* and the following extended key usage flags. */
extKeyUsageFlags = XKU_SSL_CLIENT | XKU_SMIME;
ExpectTrue((f = XFOPEN("./certs/intermediate/client-int-cert.pem", "rb")) !=
XBADFILE);
ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
ExpectIntEQ(X509_get_extension_flags(x509), extFlags);
ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
X509_free(x509);
x509 = NULL;
/* client-cert-ext.pem has the following extension flags. */
extFlags = EXFLAG_KUSAGE;
/* and the following key usage flags. */
keyUsageFlags = KU_DIGITAL_SIGNATURE
| KU_KEY_CERT_SIGN
| KU_CRL_SIGN;
ExpectTrue((f = fopen("./certs/client-cert-ext.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
ExpectIntEQ(X509_get_extension_flags(x509), extFlags);
ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
X509_free(x509);
#endif /* OPENSSL_ALL */
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
int ret = 0;
XFILE f = XBADFILE;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* foundExtension;
ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
/* wolfSSL_X509_get_ext() valid input */
ExpectNotNull(foundExtension = wolfSSL_X509_get_ext(x509, 0));
/* wolfSSL_X509_get_ext() valid x509, idx out of bounds */
ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, -1));
ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, 100));
/* wolfSSL_X509_get_ext() NULL x509, idx out of bounds */
ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, -1));
ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 100));
/* wolfSSL_X509_get_ext() NULL x509, valid idx */
ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 0));
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext_by_NID(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
int rc = 0;
XFILE f = XBADFILE;
WOLFSSL_X509* x509 = NULL;
ASN1_OBJECT* obj = NULL;
ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
-1), 0);
/* Start search from last location (should fail) */
ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
rc), -1);
ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
-2), -1);
ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(NULL, NID_basic_constraints,
-1), -1);
ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_undef, -1), -1);
/* NID_ext_key_usage, check also its nid and oid */
ExpectIntGT(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_ext_key_usage, -1),
-1);
ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(wolfSSL_X509_get_ext(
x509, rc)));
ExpectIntEQ(obj->nid, NID_ext_key_usage);
ExpectIntEQ(obj->type, EXT_KEY_USAGE_OID);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext_subj_alt_name(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
int rc = 0;
XFILE f = XBADFILE;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext = NULL;
WOLFSSL_ASN1_STRING* sanString = NULL;
byte* sanDer = NULL;
const byte expectedDer[] = {
0x30, 0x13, 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e,
0x63, 0x6f, 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01};
ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
XFCLOSE(f);
ExpectIntNE(rc = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1), -1);
ExpectNotNull(ext = X509_get_ext(x509, rc));
ExpectNotNull(sanString = X509_EXTENSION_get_data(ext));
ExpectIntEQ(ASN1_STRING_length(sanString), sizeof(expectedDer));
ExpectNotNull(sanDer = ASN1_STRING_data(sanString));
ExpectIntEQ(XMEMCMP(sanDer, expectedDer, sizeof(expectedDer)), 0);
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_new(void)
{
EXPECT_DECLS;
#if defined (OPENSSL_ALL)
WOLFSSL_X509_EXTENSION* ext = NULL;
ExpectNotNull(ext = wolfSSL_X509_EXTENSION_new());
ExpectNotNull(ext->obj = wolfSSL_ASN1_OBJECT_new());
wolfSSL_X509_EXTENSION_free(ext);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_get_object(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext = NULL;
WOLFSSL_ASN1_OBJECT* o = NULL;
XFILE file = XBADFILE;
ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
if (file != XBADFILE)
XFCLOSE(file);
/* wolfSSL_X509_EXTENSION_get_object() testing ext idx 0 */
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
ExpectNull(wolfSSL_X509_EXTENSION_get_object(NULL));
ExpectNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext));
ExpectIntEQ(o->nid, 128);
/* wolfSSL_X509_EXTENSION_get_object() NULL argument */
ExpectNull(o = wolfSSL_X509_EXTENSION_get_object(NULL));
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_get_data(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext = NULL;
WOLFSSL_ASN1_STRING* str = NULL;
XFILE file = XBADFILE;
ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
if (file != XBADFILE)
XFCLOSE(file);
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
ExpectNull(str = wolfSSL_X509_EXTENSION_get_data(NULL));
ExpectNotNull(str = wolfSSL_X509_EXTENSION_get_data(ext));
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_get_critical(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext = NULL;
XFILE file = XBADFILE;
int crit = 0;
ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
if (file != XBADFILE)
XFCLOSE(file);
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(NULL), BAD_FUNC_ARG);
ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(ext), 0);
wolfSSL_X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509V3_EXT_print(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_BIO) && \
!defined(NO_RSA)
{
XFILE f = XBADFILE;
WOLFSSL_X509* x509 = NULL;
X509_EXTENSION * ext = NULL;
int loc = 0;
BIO *bio = NULL;
ExpectTrue((f = XFOPEN(svrCertFile, "rb")) != XBADFILE);
ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
if (f != XBADFILE)
fclose(f);
ExpectNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
NID_basic_constraints, -1), -1);
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
NID_subject_key_identifier, -1), -1);
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
NID_authority_key_identifier, -1), -1);
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
wolfSSL_BIO_free(bio);
wolfSSL_X509_free(x509);
}
{
X509 *x509 = NULL;
BIO *bio = NULL;
X509_EXTENSION *ext = NULL;
unsigned int i = 0;
unsigned int idx = 0;
/* Some NIDs to test with */
int nids[] = {
/* NID_key_usage, currently X509_get_ext returns this as a bit
* string, which messes up X509V3_EXT_print */
/* NID_ext_key_usage, */
NID_subject_alt_name,
};
int* n = NULL;
ExpectNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt,
WOLFSSL_FILETYPE_PEM));
ExpectIntGT(fprintf(stderr, "\nPrinting extension values:\n"), 0);
for (i = 0, n = nids; i<(sizeof(nids)/sizeof(int)); i++, n++) {
/* X509_get_ext_by_NID should return 3 for now. If that changes then
* update the index */
ExpectIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3);
ExpectNotNull(ext = X509_get_ext(x509, (int)idx));
ExpectIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1);
ExpectIntGT(fprintf(stderr, "\n"), 0);
}
BIO_free(bio);
X509_free(x509);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_cmp(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
XFILE file1 = XBADFILE;
XFILE file2 = XBADFILE;
WOLFSSL_X509* cert1 = NULL;
WOLFSSL_X509* cert2 = NULL;
ExpectTrue((file1 = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
ExpectTrue((file2 = XFOPEN("./certs/3072/client-cert.pem", "rb")) !=
XBADFILE);
ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
ExpectNotNull(cert2 = wolfSSL_PEM_read_X509(file2, NULL, NULL, NULL));
if (file1 != XBADFILE)
fclose(file1);
if (file2 != XBADFILE)
fclose(file2);
/* wolfSSL_X509_cmp() testing matching certs */
ExpectIntEQ(0, wolfSSL_X509_cmp(cert1, cert1));
/* wolfSSL_X509_cmp() testing mismatched certs */
ExpectIntEQ(-1, wolfSSL_X509_cmp(cert1, cert2));
/* wolfSSL_X509_cmp() testing NULL, valid args */
ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, cert2));
/* wolfSSL_X509_cmp() testing valid, NULL args */
ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(cert1, NULL));
/* wolfSSL_X509_cmp() testing NULL, NULL args */
ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, NULL));
wolfSSL_X509_free(cert1);
wolfSSL_X509_free(cert2);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_up_ref(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
EVP_PKEY* pkey;
pkey = EVP_PKEY_new();
ExpectNotNull(pkey);
ExpectIntEQ(EVP_PKEY_up_ref(NULL), 0);
ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
EVP_PKEY_free(pkey);
ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
EVP_PKEY_free(pkey);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_and_i2d_PublicKey(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
EVP_PKEY* pkey = NULL;
const unsigned char* p;
unsigned char *der = NULL;
unsigned char *tmp = NULL;
int derLen;
p = client_keypub_der_2048;
/* Check that key can be successfully decoded. */
ExpectNotNull(pkey = wolfSSL_d2i_PublicKey(EVP_PKEY_RSA, NULL, &p,
sizeof_client_keypub_der_2048));
/* Check that key can be successfully encoded. */
ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
/* Ensure that the encoded version matches the original. */
ExpectIntEQ(derLen, sizeof_client_keypub_der_2048);
ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
/* Do same test except with pre-allocated buffer to ensure the der pointer
* is advanced. */
tmp = der;
ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
ExpectIntEQ(derLen, sizeof_client_keypub_der_2048);
ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
ExpectTrue(der + derLen == tmp);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(NO_CERTS) && \
!defined(NO_ASN) && !defined(NO_PWDBASED)
EVP_PKEY* pkey = NULL;
const unsigned char* p;
unsigned char *der = NULL;
unsigned char *tmp = NULL;
int derLen;
unsigned char pub_buf[65];
const int pub_len = 65;
BN_CTX* ctx;
EC_GROUP* curve = NULL;
EC_KEY* ephemeral_key = NULL;
const EC_POINT* h;
/* Generate an x963 key pair and get public part into pub_buf */
ExpectNotNull(ctx = BN_CTX_new());
ExpectNotNull(curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
ExpectNotNull(ephemeral_key = EC_KEY_new_by_curve_name(
NID_X9_62_prime256v1));
ExpectIntEQ(EC_KEY_generate_key(ephemeral_key), 1);
ExpectNotNull(h = EC_KEY_get0_public_key(ephemeral_key));
ExpectIntEQ(pub_len, EC_POINT_point2oct(curve, h,
POINT_CONVERSION_UNCOMPRESSED, pub_buf, pub_len, ctx));
/* Prepare the EVP_PKEY */
ExpectNotNull(pkey = EVP_PKEY_new());
p = pub_buf;
/* Check that key can be successfully decoded. */
ExpectNotNull(wolfSSL_d2i_PublicKey(EVP_PKEY_EC, &pkey, &p,
pub_len));
/* Check that key can be successfully encoded. */
ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
/* Ensure that the encoded version matches the original. */
ExpectIntEQ(derLen, pub_len);
ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
/* Do same test except with pre-allocated buffer to ensure the der pointer
* is advanced. */
tmp = der;
ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
ExpectIntEQ(derLen, pub_len);
ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
ExpectTrue(der + derLen == tmp);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
EVP_PKEY_free(pkey);
EC_KEY_free(ephemeral_key);
EC_GROUP_free(curve);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_and_i2d_DSAparams(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DSA)
DSA* dsa = NULL;
byte derIn[] = {
0x30, 0x82, 0x01, 0x1f, 0x02, 0x81, 0x81, 0x00,
0xcd, 0xde, 0x25, 0x68, 0x80, 0x53, 0x0d, 0xe5,
0x77, 0xd6, 0xd2, 0x90, 0x39, 0x3f, 0x90, 0xa2,
0x3f, 0x33, 0x94, 0x6e, 0xe8, 0x4f, 0x2b, 0x63,
0xab, 0x30, 0xab, 0x15, 0xba, 0x11, 0xea, 0x8a,
0x5d, 0x8d, 0xcc, 0xb8, 0xd4, 0xa1, 0xd5, 0xc1,
0x47, 0x9d, 0x5a, 0x73, 0x6a, 0x62, 0x49, 0xd1,
0x06, 0x07, 0x67, 0xf6, 0x2f, 0xa3, 0x39, 0xbd,
0x4e, 0x0d, 0xb4, 0xd3, 0x22, 0x23, 0x84, 0xec,
0x93, 0x26, 0x5a, 0x49, 0xee, 0x7c, 0x89, 0x48,
0x66, 0x4d, 0xe8, 0xe8, 0xd8, 0x50, 0xfb, 0xa5,
0x71, 0x9f, 0x22, 0x18, 0xe5, 0xe6, 0x0b, 0x46,
0x87, 0x66, 0xee, 0x52, 0x8f, 0x46, 0x4f, 0xb5,
0x03, 0xce, 0xed, 0xe3, 0xbe, 0xe5, 0xb5, 0x81,
0xd2, 0x59, 0xe9, 0xc0, 0xad, 0x4d, 0xd0, 0x4d,
0x26, 0xf7, 0xba, 0x50, 0xe8, 0xc9, 0x8f, 0xfe,
0x24, 0x19, 0x3d, 0x2e, 0xa7, 0x52, 0x3c, 0x6d,
0x02, 0x15, 0x00, 0xfb, 0x47, 0xfb, 0xec, 0x81,
0x20, 0xc8, 0x1c, 0xe9, 0x4a, 0xba, 0x04, 0x6f,
0x19, 0x9b, 0x94, 0xee, 0x82, 0x67, 0xd3, 0x02,
0x81, 0x81, 0x00, 0x9b, 0x95, 0xbb, 0x85, 0xc5,
0x58, 0x4a, 0x32, 0x9c, 0xaa, 0x44, 0x85, 0xd6,
0x68, 0xdc, 0x3e, 0x14, 0xf4, 0xce, 0x6d, 0xa3,
0x49, 0x38, 0xea, 0xd6, 0x61, 0x48, 0x92, 0x5a,
0x40, 0x95, 0x49, 0x38, 0xaa, 0xe1, 0x39, 0x29,
0x68, 0x58, 0x47, 0x8a, 0x4b, 0x01, 0xe1, 0x2e,
0x8e, 0x6c, 0x63, 0x6f, 0x40, 0xca, 0x50, 0x3f,
0x8c, 0x0b, 0x99, 0xe4, 0x72, 0x42, 0xb8, 0xb1,
0xc2, 0x26, 0x48, 0xf1, 0x9c, 0x83, 0xc6, 0x37,
0x2e, 0x5a, 0xae, 0x11, 0x09, 0xd9, 0xf3, 0xad,
0x1f, 0x6f, 0xad, 0xad, 0x50, 0xe3, 0x78, 0x32,
0xe6, 0xde, 0x8e, 0xaa, 0xbf, 0xd1, 0x00, 0x9f,
0xb3, 0x02, 0x12, 0x19, 0xa2, 0x15, 0xec, 0x14,
0x18, 0x5c, 0x0e, 0x26, 0xce, 0xf9, 0xae, 0xcc,
0x7b, 0xb5, 0xd1, 0x26, 0xfc, 0x85, 0xfe, 0x14,
0x93, 0xb6, 0x9d, 0x7d, 0x76, 0xe3, 0x35, 0x97,
0x1e, 0xde, 0xc4
};
int derInLen = sizeof(derIn);
byte* derOut = NULL;
int derOutLen;
byte* p = derIn;
/* Check that params can be successfully decoded. */
ExpectNotNull(dsa = d2i_DSAparams(NULL, (const byte**)&p, derInLen));
/* Check that params can be successfully encoded. */
ExpectIntGE((derOutLen = i2d_DSAparams(dsa, &derOut)), 0);
/* Ensure that the encoded version matches the original. */
ExpectIntEQ(derInLen, derOutLen);
ExpectIntEQ(XMEMCMP(derIn, derOut, derInLen), 0);
XFREE(derOut, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
DSA_free(dsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_PrivateKey(void)
{
EXPECT_DECLS;
#if (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(OPENSSL_EXTRA) && \
!defined(NO_ASN) && !defined(NO_PWDBASED)
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
{
EVP_PKEY* pkey = NULL;
const unsigned char* server_key =
(const unsigned char*)server_key_der_2048;
unsigned char buf[FOURK_BUF];
unsigned char* pt = NULL;
int bufSz = 0;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key,
(long)sizeof_server_key_der_2048));
ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 1193);
pt = buf;
ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 1193);
ExpectIntNE((pt - buf), 0);
ExpectIntEQ(XMEMCMP(buf, server_key_der_2048, bufSz), 0);
EVP_PKEY_free(pkey);
}
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
{
EVP_PKEY* pkey = NULL;
const unsigned char* client_key =
(const unsigned char*)ecc_clikey_der_256;
unsigned char buf[FOURK_BUF];
unsigned char* pt = NULL;
int bufSz = 0;
ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key,
(long)sizeof_ecc_clikey_der_256)));
ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 121);
pt = buf;
ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 121);
ExpectIntNE((pt - buf), 0);
ExpectIntEQ(XMEMCMP(buf, ecc_clikey_der_256, bufSz), 0);
EVP_PKEY_free(pkey);
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_id_get0_info(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && \
defined(HAVE_OCSP) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509* cert = NULL;
X509* issuer = NULL;
OCSP_CERTID* id = NULL;
OCSP_CERTID* id2 = NULL;
ASN1_STRING* name = NULL;
ASN1_OBJECT* pmd = NULL;
ASN1_STRING* keyHash = NULL;
ASN1_INTEGER* serial = NULL;
ASN1_INTEGER* x509Int = NULL;
ExpectNotNull(cert = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull(id = OCSP_cert_to_id(NULL, cert, issuer));
ExpectNotNull(id2 = OCSP_cert_to_id(NULL, cert, issuer));
ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, id), 1);
/* name, pmd, keyHash not supported yet, expect failure if not NULL */
ExpectIntEQ(OCSP_id_get0_info(&name, NULL, NULL, NULL, id), 0);
ExpectIntEQ(OCSP_id_get0_info(NULL, &pmd, NULL, NULL, id), 0);
ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, &keyHash, NULL, id), 0);
ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, &serial, id), 1);
ExpectNotNull(serial);
/* compare serial number to one in cert, should be equal */
ExpectNotNull(x509Int = X509_get_serialNumber(cert));
ExpectIntEQ(x509Int->length, serial->length);
ExpectIntEQ(XMEMCMP(x509Int->data, serial->data, serial->length), 0);
/* test OCSP_id_cmp */
ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0);
ExpectIntNE(OCSP_id_cmp(id, NULL), 0);
ExpectIntNE(OCSP_id_cmp(NULL, id2), 0);
ExpectIntEQ(OCSP_id_cmp(id, id2), 0);
if (id != NULL) {
id->issuerHash[0] = ~id->issuerHash[0];
}
ExpectIntNE(OCSP_id_cmp(id, id2), 0);
OCSP_CERTID_free(id);
OCSP_CERTID_free(id2);
X509_free(cert); /* free's x509Int */
X509_free(issuer);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_OCSP_CERTID(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
WOLFSSL_OCSP_CERTID certId;
byte* targetBuffer = NULL;
byte* p;
/* OCSP CertID bytes taken from PCAP */
byte rawCertId[] = {
0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
0x00, 0x04, 0x14, 0x80, 0x51, 0x06, 0x01, 0x32, 0xad, 0x9a, 0xc2, 0x7d,
0x51, 0x87, 0xa0, 0xe8, 0x87, 0xfb, 0x01, 0x62, 0x01, 0x55, 0xee, 0x04,
0x14, 0x03, 0xde, 0x50, 0x35, 0x56, 0xd1, 0x4c, 0xbb, 0x66, 0xf0, 0xa3,
0xe2, 0x1b, 0x1b, 0xc3, 0x97, 0xb2, 0x3d, 0xd1, 0x55, 0x02, 0x10, 0x01,
0xfd, 0xa3, 0xeb, 0x6e, 0xca, 0x75, 0xc8, 0x88, 0x43, 0x8b, 0x72, 0x4b,
0xcf, 0xbc, 0x91
};
int ret = 0;
int i;
XMEMSET(&certId, 0, sizeof(WOLFSSL_OCSP_CERTID));
certId.rawCertId = rawCertId;
certId.rawCertIdSize = sizeof(rawCertId);
ExpectNotNull(targetBuffer = (byte*)XMALLOC(sizeof(rawCertId), NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = targetBuffer;
/* Function returns the size of the encoded data. */
ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &p), sizeof(rawCertId));
/* If target buffer is not null, function increments targetBuffer to point
* just past the end of the encoded data. */
ExpectPtrEq(p, (targetBuffer + sizeof(rawCertId)));
for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) {
ExpectIntEQ(targetBuffer[i], rawCertId[i]);
}
XFREE(targetBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
targetBuffer = NULL;
/* If target buffer is null, function allocates memory for a buffer and
* copies the encoded data into it. targetBuffer then points to the start of
* this newly allocate buffer. */
ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer),
sizeof(rawCertId));
for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) {
ExpectIntEQ(targetBuffer[i], rawCertId[i]);
}
XFREE(targetBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_OCSP_CERTID(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
WOLFSSL_OCSP_CERTID* certId;
WOLFSSL_OCSP_CERTID* certIdGood;
WOLFSSL_OCSP_CERTID* certIdBad;
const unsigned char* rawCertIdPtr;
const unsigned char rawCertId[] = {
0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
0x00, 0x04, 0x14, 0x80, 0x51, 0x06, 0x01, 0x32, 0xad, 0x9a, 0xc2, 0x7d,
0x51, 0x87, 0xa0, 0xe8, 0x87, 0xfb, 0x01, 0x62, 0x01, 0x55, 0xee, 0x04,
0x14, 0x03, 0xde, 0x50, 0x35, 0x56, 0xd1, 0x4c, 0xbb, 0x66, 0xf0, 0xa3,
0xe2, 0x1b, 0x1b, 0xc3, 0x97, 0xb2, 0x3d, 0xd1, 0x55, 0x02, 0x10, 0x01,
0xfd, 0xa3, 0xeb, 0x6e, 0xca, 0x75, 0xc8, 0x88, 0x43, 0x8b, 0x72, 0x4b,
0xcf, 0xbc, 0x91
};
rawCertIdPtr = &rawCertId[0];
/* If the cert ID is NULL the function should allocate it and copy the
* data to it. */
certId = NULL;
ExpectNotNull(certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
sizeof(rawCertId)));
ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
if (certId != NULL) {
XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
}
/* If the cert ID is not NULL the function will just copy the data to it. */
ExpectNotNull(certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectNotNull(certId);
ExpectNotNull(XMEMSET(certId, 0, sizeof(*certId)));
/* Reset rawCertIdPtr since it was push forward in the previous call. */
rawCertIdPtr = &rawCertId[0];
ExpectNotNull(certIdGood = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
sizeof(rawCertId)));
ExpectPtrEq(certIdGood, certId);
ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
if (certId != NULL) {
XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
certId = NULL;
}
/* The below tests should fail when passed bad parameters. NULL should
* always be returned. */
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr,
sizeof(rawCertId)));
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL,
sizeof(rawCertId)));
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0));
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_id_cmp(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
OCSP_CERTID id1;
OCSP_CERTID id2;
XMEMSET(&id1, 0, sizeof(id1));
XMEMSET(&id2, 0, sizeof(id2));
ExpectIntEQ(OCSP_id_cmp(&id1, &id2), 0);
ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0);
ExpectIntNE(OCSP_id_cmp(&id1, NULL), 0);
ExpectIntNE(OCSP_id_cmp(NULL, &id2), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_SINGLERESP_get0_id(void)
{
EXPECT_DECLS;
#if defined(HAVE_OCSP) && defined(OPENSSL_EXTRA)
WOLFSSL_OCSP_SINGLERESP single;
const WOLFSSL_OCSP_CERTID* certId;
XMEMSET(&single, 0, sizeof(single));
certId = wolfSSL_OCSP_SINGLERESP_get0_id(&single);
ExpectPtrEq(&single, certId);
ExpectNull(wolfSSL_OCSP_SINGLERESP_get0_id(NULL));
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_single_get0_status(void)
{
EXPECT_DECLS;
#if defined(HAVE_OCSP) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_OCSP_PARSE_STATUS)
WOLFSSL_OCSP_SINGLERESP single;
CertStatus certStatus;
WOLFSSL_ASN1_TIME* thisDate;
WOLFSSL_ASN1_TIME* nextDate;
int ret, i;
XMEMSET(&single, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
XMEMSET(&certStatus, 0, sizeof(CertStatus));
/* Fill the date fields with some dummy data. */
for (i = 0; i < CTC_DATE_SIZE; ++i) {
certStatus.thisDateParsed.data[i] = i;
certStatus.nextDateParsed.data[i] = i;
}
certStatus.status = CERT_GOOD;
single.status = &certStatus;
ret = wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, &thisDate,
&nextDate);
ExpectIntEQ(ret, CERT_GOOD);
ExpectPtrEq(thisDate, &certStatus.thisDateParsed);
ExpectPtrEq(nextDate, &certStatus.nextDateParsed);
ExpectIntEQ(wolfSSL_OCSP_single_get0_status(NULL, NULL, NULL, NULL, NULL),
CERT_GOOD);
ExpectIntEQ(wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, NULL,
NULL), CERT_GOOD);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_resp_count(void)
{
EXPECT_DECLS;
#if defined(HAVE_OCSP) && defined(OPENSSL_EXTRA)
WOLFSSL_OCSP_BASICRESP basicResp;
WOLFSSL_OCSP_SINGLERESP singleRespOne;
WOLFSSL_OCSP_SINGLERESP singleRespTwo;
XMEMSET(&basicResp, 0, sizeof(WOLFSSL_OCSP_BASICRESP));
XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
XMEMSET(&singleRespTwo, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 0);
basicResp.single = &singleRespOne;
ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 1);
singleRespOne.next = &singleRespTwo;
ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 2);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_resp_get0(void)
{
EXPECT_DECLS;
#if defined(HAVE_OCSP) && defined(OPENSSL_EXTRA)
WOLFSSL_OCSP_BASICRESP basicResp;
WOLFSSL_OCSP_SINGLERESP singleRespOne;
WOLFSSL_OCSP_SINGLERESP singleRespTwo;
XMEMSET(&basicResp, 0, sizeof(WOLFSSL_OCSP_BASICRESP));
XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
XMEMSET(&singleRespTwo, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
basicResp.single = &singleRespOne;
singleRespOne.next = &singleRespTwo;
ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 0), &singleRespOne);
ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 1), &singleRespTwo);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_derive(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC)
EVP_PKEY_CTX *ctx = NULL;
unsigned char *skey = NULL;
size_t skeylen;
EVP_PKEY *pkey = NULL;
EVP_PKEY *peerkey = NULL;
const unsigned char* key;
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
/* DH */
key = dh_key_der_2048;
ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
sizeof_dh_key_der_2048)));
ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1);
key = dh_key_der_2048;
ExpectNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
sizeof_dh_key_der_2048)));
ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1);
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
DYNAMIC_TYPE_OPENSSL));
ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
EVP_PKEY_free(peerkey);
peerkey = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
skey = NULL;
#endif
#ifdef HAVE_ECC
/* ECDH */
key = ecc_clikey_der_256;
ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key,
sizeof_ecc_clikey_der_256)));
key = ecc_clikeypub_der_256;
ExpectNotNull((peerkey = d2i_PUBKEY(NULL, &key,
sizeof_ecc_clikeypub_der_256)));
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
DYNAMIC_TYPE_OPENSSL));
ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(peerkey);
EVP_PKEY_free(pkey);
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
#endif /* HAVE_ECC */
#endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */
#endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PBE_scrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 5))
#if !defined(NO_PWDBASED) && !defined(NO_SHA256)
int ret;
const char pwd[] = {'p','a','s','s','w','o','r','d'};
int pwdlen = sizeof(pwd);
const byte salt[] = {'N','a','C','l'};
int saltlen = sizeof(salt);
byte key[80];
word64 numOvr32 = (word64)INT32_MAX + 1;
/* expected derived key for N:16, r:1, p:1 */
const byte expectedKey[] = {
0xAE, 0xC6, 0xB7, 0x48, 0x3E, 0xD2, 0x6E, 0x08, 0x80, 0x2B,
0x41, 0xF4, 0x03, 0x20, 0x86, 0xA0, 0xE8, 0x86, 0xBE, 0x7A,
0xC4, 0x8F, 0xCF, 0xD9, 0x2F, 0xF0, 0xCE, 0xF8, 0x10, 0x97,
0x52, 0xF4, 0xAC, 0x74, 0xB0, 0x77, 0x26, 0x32, 0x56, 0xA6,
0x5A, 0x99, 0x70, 0x1B, 0x7A, 0x30, 0x4D, 0x46, 0x61, 0x1C,
0x8A, 0xA3, 0x91, 0xE7, 0x99, 0xCE, 0x10, 0xA2, 0x77, 0x53,
0xE7, 0xE9, 0xC0, 0x9A};
/* N r p mx key keylen */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 0, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0); /* N must be greater than 1 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 3, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0); /* N must be power of 2 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 0, 1, 0, key, 64);
ExpectIntEQ(ret, 0); /* r must be greater than 0 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 0, 0, key, 64);
ExpectIntEQ(ret, 0); /* p must be greater than 0 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 0);
ExpectIntEQ(ret, 0); /* keylen must be greater than 0 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 9, 1, 0, key, 64);
ExpectIntEQ(ret, 0); /* r must be smaller than 9 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, NULL, 64);
ExpectIntEQ(ret, 1); /* should succeed if key is NULL */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1); /* should succeed */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, numOvr32, 1, 0,
key, 64);
ExpectIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, numOvr32, 0,
key, 64);
ExpectIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */
ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 0, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1); /* should succeed even if salt is NULL */
ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 4, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/
ret = EVP_PBE_scrypt(NULL, 0, salt, saltlen, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/
ret = EVP_PBE_scrypt(NULL, 4, salt, saltlen, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */
ret = EVP_PBE_scrypt(NULL, 0, NULL, 0, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 16, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1);
ret = XMEMCMP(expectedKey, key, sizeof(expectedKey));
ExpectIntEQ(ret, 0); /* derived key must be the same as expected-key */
#endif /* !NO_PWDBASED && !NO_SHA256 */
#endif /* OPENSSL_EXTRA && HAVE_SCRYPT && HAVE_PBKDF2 */
return EXPECT_RESULT();
}
static int test_no_op_functions(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
/* this makes sure wolfSSL can compile and run these no-op functions */
SSL_load_error_strings();
ENGINE_load_builtin_engines();
OpenSSL_add_all_ciphers();
ExpectIntEQ(CRYPTO_malloc_init(), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CRYPTO_memcmp(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
char a[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
"implementation of TLS/SSL for embedded devices to the cloud.";
char b[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
"implementation of TLS/SSL for embedded devices to the cloud.";
char c[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
"implementation of TLS/SSL for embedded devices to the cloud!";
ExpectIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0);
ExpectIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0);
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| wolfCrypt ASN
*----------------------------------------------------------------------------*/
static int test_wc_CreateEncryptedPKCS8Key(void)
{
EXPECT_DECLS;
#if defined(HAVE_PKCS8) && !defined(NO_PWDBASED) && defined(WOLFSSL_AES_256) \
&& !defined(NO_AES_CBC) && !defined(NO_RSA) && !defined(NO_SHA) && \
!defined(NO_ASN_CRYPT)
WC_RNG rng;
byte* encKey = NULL;
word32 encKeySz = 0;
word32 decKeySz = 0;
const char password[] = "Lorem ipsum dolor sit amet";
word32 passwordSz = (word32)XSTRLEN(password);
word32 tradIdx = 0;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
PRIVATE_KEY_UNLOCK();
/* Call with NULL for out buffer to get necessary length. */
ExpectIntEQ(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
sizeof_server_key_der_2048, NULL, &encKeySz, password, (int)passwordSz,
PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL),
LENGTH_ONLY_E);
ExpectNotNull(encKey = (byte*)XMALLOC(encKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
/* Call with the allocated out buffer. */
ExpectIntGT(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
sizeof_server_key_der_2048, encKey, &encKeySz, password, (int)passwordSz,
PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL),
0);
/* Decrypt the encrypted PKCS8 key we just made. */
ExpectIntGT((decKeySz = (word32)wc_DecryptPKCS8Key(encKey, encKeySz, password,
(int)passwordSz)), 0);
/* encKey now holds the decrypted key (decrypted in place). */
ExpectIntGT(wc_GetPkcs8TraditionalOffset(encKey, &tradIdx, decKeySz), 0);
/* Check that the decrypted key matches the key prior to encryption. */
ExpectIntEQ(XMEMCMP(encKey + tradIdx, server_key_der_2048,
sizeof_server_key_der_2048), 0);
PRIVATE_KEY_LOCK();
XFREE(encKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
#endif
return EXPECT_RESULT();
}
static int test_wc_GetPkcs8TraditionalOffset(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(HAVE_PKCS8)
int length;
int derSz = 0;
word32 inOutIdx;
const char* path = "./certs/server-keyPkcs8.der";
XFILE file = XBADFILE;
byte der[2048];
ExpectTrue((file = XFOPEN(path, "rb")) != XBADFILE);
ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), file), 0);
if (file != XBADFILE)
XFCLOSE(file);
/* valid case */
inOutIdx = 0;
ExpectIntGT(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, (word32)derSz),
0);
/* inOutIdx > sz */
inOutIdx = 4000;
ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, (word32)derSz),
BAD_FUNC_ARG);
/* null input */
inOutIdx = 0;
ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0),
BAD_FUNC_ARG);
/* invalid input, fill buffer with 1's */
XMEMSET(der, 1, sizeof(der));
inOutIdx = 0;
ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, (word32)derSz),
ASN_PARSE_E);
#endif /* NO_ASN */
return EXPECT_RESULT();
}
static int test_wc_SetSubjectRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
const char* joiCertFile = "./certs/test/cert-ext-joi.der";
WOLFSSL_X509* x509 = NULL;
int peerCertSz;
const byte* peerCertBuf = NULL;
Cert forgedCert;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
ExpectIntEQ(0, wc_InitCert(&forgedCert));
ExpectIntEQ(0, wc_SetSubjectRaw(&forgedCert, peerCertBuf, peerCertSz));
wolfSSL_FreeX509(x509);
#endif
return EXPECT_RESULT();
}
static int test_wc_GetSubjectRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)
Cert cert;
byte *subjectRaw;
ExpectIntEQ(0, wc_InitCert(&cert));
ExpectIntEQ(0, wc_GetSubjectRaw(&subjectRaw, &cert));
#endif
return EXPECT_RESULT();
}
static int test_wc_SetIssuerRaw(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
const char* joiCertFile = "./certs/test/cert-ext-joi.der";
WOLFSSL_X509* x509 = NULL;
int peerCertSz;
const byte* peerCertBuf;
Cert forgedCert;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
ExpectIntEQ(0, wc_InitCert(&forgedCert));
ExpectIntEQ(0, wc_SetIssuerRaw(&forgedCert, peerCertBuf, peerCertSz));
wolfSSL_FreeX509(x509);
#endif
return EXPECT_RESULT();
}
static int test_wc_SetIssueBuffer(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
const char* joiCertFile = "./certs/test/cert-ext-joi.der";
WOLFSSL_X509* x509 = NULL;
int peerCertSz;
const byte* peerCertBuf;
Cert forgedCert;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
WOLFSSL_FILETYPE_ASN1));
ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
ExpectIntEQ(0, wc_InitCert(&forgedCert));
ExpectIntEQ(0, wc_SetIssuerBuffer(&forgedCert, peerCertBuf, peerCertSz));
wolfSSL_FreeX509(x509);
#endif
return EXPECT_RESULT();
}
/*
* Testing wc_SetSubjectKeyId
*/
static int test_wc_SetSubjectKeyId(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC)
Cert cert;
const char* file = "certs/ecc-client-keyPub.pem";
ExpectIntEQ(0, wc_InitCert(&cert));
ExpectIntEQ(0, wc_SetSubjectKeyId(&cert, file));
ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubjectKeyId(NULL, file));
ExpectIntGT(0, wc_SetSubjectKeyId(&cert, "badfile.name"));
#endif
return EXPECT_RESULT();
} /* END test_wc_SetSubjectKeyId */
/*
* Testing wc_SetSubject
*/
static int test_wc_SetSubject(void)
{
EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC)
Cert cert;
const char* file = "./certs/ca-ecc-cert.pem";
ExpectIntEQ(0, wc_InitCert(&cert));
ExpectIntEQ(0, wc_SetSubject(&cert, file));
ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubject(NULL, file));
ExpectIntGT(0, wc_SetSubject(&cert, "badfile.name"));
#endif
return EXPECT_RESULT();
} /* END test_wc_SetSubject */
static int test_CheckCertSignature(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(WOLFSSL_SMALL_CERT_VERIFY)
WOLFSSL_CERT_MANAGER* cm = NULL;
#if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
XFILE fp = XBADFILE;
byte cert[4096];
int certSz;
#endif
ExpectIntEQ(BAD_FUNC_ARG, wc_CheckCertSignature(NULL, 0, NULL, NULL));
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
ExpectIntEQ(BAD_FUNC_ARG, wc_CheckCertSignature(NULL, 0, NULL, cm));
#ifndef NO_RSA
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(ASN_NO_SIGNER_E, wc_CheckCertSignature(server_cert_der_1024,
sizeof_server_cert_der_1024, NULL, cm));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
ca_cert_der_1024, sizeof_ca_cert_der_1024,
WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(0, wc_CheckCertSignature(server_cert_der_1024,
sizeof_server_cert_der_1024, NULL, cm));
#elif defined(USE_CERT_BUFFERS_2048)
ExpectIntEQ(ASN_NO_SIGNER_E, wc_CheckCertSignature(server_cert_der_2048,
sizeof_server_cert_der_2048, NULL, cm));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
ca_cert_der_2048, sizeof_ca_cert_der_2048,
WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(0, wc_CheckCertSignature(server_cert_der_2048,
sizeof_server_cert_der_2048, NULL, cm));
#endif
#endif
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
ExpectIntEQ(ASN_NO_SIGNER_E, wc_CheckCertSignature(serv_ecc_der_256,
sizeof_serv_ecc_der_256, NULL, cm));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
ca_ecc_cert_der_256, sizeof_ca_ecc_cert_der_256,
WOLFSSL_FILETYPE_ASN1));
ExpectIntEQ(0, wc_CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256,
NULL, cm));
#endif
#if !defined(NO_FILESYSTEM)
wolfSSL_CertManagerFree(cm);
cm = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
#ifndef NO_RSA
ExpectTrue((fp = XFOPEN("./certs/server-cert.der", "rb")) != XBADFILE);
ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(ASN_NO_SIGNER_E, wc_CheckCertSignature(cert, certSz, NULL, cm));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
"./certs/ca-cert.pem", NULL));
ExpectIntEQ(0, wc_CheckCertSignature(cert, certSz, NULL, cm));
#endif
#ifdef HAVE_ECC
ExpectTrue((fp = XFOPEN("./certs/server-ecc.der", "rb")) != XBADFILE);
ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(ASN_NO_SIGNER_E, wc_CheckCertSignature(cert, certSz, NULL, cm));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
"./certs/ca-ecc-cert.pem", NULL));
ExpectIntEQ(0, wc_CheckCertSignature(cert, certSz, NULL, cm));
#endif
#endif
#if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
(void)fp;
(void)cert;
(void)certSz;
#endif
wolfSSL_CertManagerFree(cm);
#endif
return EXPECT_RESULT();
}
static int test_wc_ParseCert(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA)
DecodedCert decodedCert;
const byte* rawCert = client_cert_der_2048;
const int rawCertSize = sizeof_client_cert_der_2048;
wc_InitDecodedCert(&decodedCert, rawCert, rawCertSize, NULL);
ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
#ifndef IGNORE_NAME_CONSTRAINTS
/* check that the subjects emailAddress was not put in the alt name list */
ExpectNotNull(decodedCert.subjectEmail);
ExpectNull(decodedCert.altEmailNames);
#endif
wc_FreeDecodedCert(&decodedCert);
#endif
return EXPECT_RESULT();
}
/* Test wc_ParseCert decoding of various encodings and scenarios ensuring that
* the API safely errors out on badly-formed ASN input.
* NOTE: Test not compatible with released FIPS implementations!
*/
static int test_wc_ParseCert_Error(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
DecodedCert decodedCert;
int i;
/* Certificate data */
const byte c0[] = { 0x30, 0x04, 0x30, 0x02, 0x02, 0x80, 0x00, 0x00};
const byte c1[] = { 0x30, 0x04, 0x30, 0x04, 0x02, 0x80, 0x00, 0x00};
const byte c2[] = { 0x30, 0x06, 0x30, 0x04, 0x02, 0x80, 0x00, 0x00};
const byte c3[] = { 0x30, 0x07, 0x30, 0x05, 0x02, 0x80, 0x10, 0x00, 0x00};
const byte c4[] = { 0x02, 0x80, 0x10, 0x00, 0x00};
/* Test data */
const struct testStruct {
const byte* c;
const int cSz;
const int expRet;
} t[] = {
{c0, sizeof(c0), ASN_PARSE_E}, /* Invalid bit-string length */
{c1, sizeof(c1), ASN_PARSE_E}, /* Invalid bit-string length */
{c2, sizeof(c2), ASN_PARSE_E}, /* Invalid integer length (zero) */
{c3, sizeof(c3), ASN_PARSE_E}, /* Valid INTEGER, but buffer too short */
{c4, sizeof(c4), ASN_PARSE_E}, /* Valid INTEGER, but not in bit-string */
};
const int tSz = (int)(sizeof(t) / sizeof(struct testStruct));
for (i = 0; i < tSz; i++) {
WOLFSSL_MSG_EX("i == %d", i);
wc_InitDecodedCert(&decodedCert, t[i].c, t[i].cSz, NULL);
ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), t[i].expRet);
wc_FreeDecodedCert(&decodedCert);
}
#endif
return EXPECT_RESULT();
}
static int test_MakeCertWithPathLen(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) && \
defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC)
const byte expectedPathLen = 7;
Cert cert;
DecodedCert decodedCert;
byte der[FOURK_BUF];
int derSize = 0;
WC_RNG rng;
ecc_key key;
int ret;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&cert, 0, sizeof(Cert));
XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
ExpectIntEQ(wc_InitCert(&cert), 0);
(void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
CTC_NAME_SIZE);
cert.selfSigned = 1;
cert.isCA = 1;
cert.pathLen = expectedPathLen;
cert.pathLenSet = 1;
cert.sigType = CTC_SHA256wECDSA;
#ifdef WOLFSSL_CERT_EXT
cert.keyUsage |= KEYUSE_KEY_CERT_SIGN;
#endif
ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
FOURK_BUF, NULL, &key, &rng), 0);
wc_InitDecodedCert(&decodedCert, der, (word32)derSize, NULL);
ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
ExpectIntEQ(decodedCert.pathLength, expectedPathLen);
wc_FreeDecodedCert(&decodedCert);
ret = wc_ecc_free(&key);
ExpectIntEQ(ret, 0);
ret = wc_FreeRng(&rng);
ExpectIntEQ(ret, 0);
#endif
return EXPECT_RESULT();
}
static int test_MakeCertWith0Ser(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) && \
defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC) && \
defined(WOLFSSL_ASN_TEMPLATE)
Cert cert;
DecodedCert decodedCert;
byte der[FOURK_BUF];
int derSize = 0;
WC_RNG rng;
ecc_key key;
int ret;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&cert, 0, sizeof(Cert));
XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
ExpectIntEQ(wc_InitCert(&cert), 0);
(void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
CTC_NAME_SIZE);
cert.selfSigned = 1;
cert.isCA = 1;
cert.sigType = CTC_SHA256wECDSA;
#ifdef WOLFSSL_CERT_EXT
cert.keyUsage |= KEYUSE_KEY_CERT_SIGN;
#endif
/* set serial number to 0 */
cert.serialSz = 1;
cert.serial[0] = 0;
ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
FOURK_BUF, NULL, &key, &rng), 0);
wc_InitDecodedCert(&decodedCert, der, (word32)derSize, NULL);
#if !defined(WOLFSSL_NO_ASN_STRICT) && !defined(WOLFSSL_PYTHON)
ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL),
ASN_PARSE_E);
#else
ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
#endif
wc_FreeDecodedCert(&decodedCert);
ret = wc_ecc_free(&key);
ExpectIntEQ(ret, 0);
ret = wc_FreeRng(&rng);
ExpectIntEQ(ret, 0);
#endif
return EXPECT_RESULT();
}
static int test_MakeCertWithCaFalse(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_ALLOW_ENCODING_CA_FALSE) && defined(WOLFSSL_CERT_REQ) && \
!defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC)
const byte expectedIsCa = 0;
Cert cert;
DecodedCert decodedCert;
byte der[FOURK_BUF];
int derSize = 0;
WC_RNG rng;
ecc_key key;
int ret;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&cert, 0, sizeof(Cert));
XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
ExpectIntEQ(wc_InitCert(&cert), 0);
(void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
CTC_NAME_SIZE);
cert.selfSigned = 1;
cert.isCA = expectedIsCa;
cert.isCaSet = 1;
cert.sigType = CTC_SHA256wECDSA;
ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
FOURK_BUF, NULL, &key, &rng), 0);
wc_InitDecodedCert(&decodedCert, der, derSize, NULL);
ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
ExpectIntEQ(decodedCert.isCA, expectedIsCa);
wc_FreeDecodedCert(&decodedCert);
ret = wc_ecc_free(&key);
ExpectIntEQ(ret, 0);
ret = wc_FreeRng(&rng);
ExpectIntEQ(ret, 0);
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| wolfCrypt ECC
*----------------------------------------------------------------------------*/
static int test_wc_ecc_get_curve_size_from_name(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_size_from_name("SECP256R1"), 32);
#endif
/* invalid case */
ExpectIntEQ(wc_ecc_get_curve_size_from_name("BADCURVE"), -1);
/* NULL input */
ExpectIntEQ(wc_ecc_get_curve_size_from_name(NULL), BAD_FUNC_ARG);
#endif /* HAVE_ECC */
return EXPECT_RESULT();
}
static int test_wc_ecc_get_curve_id_from_name(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"),
ECC_SECP256R1);
#endif
/* invalid case */
ExpectIntEQ(wc_ecc_get_curve_id_from_name("BADCURVE"), -1);
/* NULL input */
ExpectIntEQ(wc_ecc_get_curve_id_from_name(NULL), BAD_FUNC_ARG);
#endif /* HAVE_ECC */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
!defined(HAVE_SELFTEST) && \
!(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
static int test_wc_ecc_get_curve_id_from_dp_params(void)
{
EXPECT_DECLS;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ecc_key* key;
const ecc_set_type* params = NULL;
int ret;
#endif
WOLFSSL_EC_KEY *ecKey = NULL;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"), ECC_SECP256R1);
ExpectNotNull(ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
if (EXPECT_SUCCESS()) {
ret = EC_KEY_generate_key(ecKey);
} else
ret = 0;
if (ret == 1) {
/* normal test */
key = (ecc_key*)ecKey->internal;
if (key != NULL) {
params = key->dp;
}
ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(params),
ECC_SECP256R1);
}
#endif
/* invalid case, NULL input*/
ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(NULL), BAD_FUNC_ARG);
wolfSSL_EC_KEY_free(ecKey);
return EXPECT_RESULT();
}
#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */
static int test_wc_ecc_get_curve_id_from_params(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
const byte prime[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
};
const byte primeInvalid[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x01,0x01
};
const byte Af[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC
};
const byte Bf[] =
{
0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,
0xB3,0xEB,0xBD,0x55,0x76,0x98,0x86,0xBC,
0x65,0x1D,0x06,0xB0,0xCC,0x53,0xB0,0xF6,
0x3B,0xCE,0x3C,0x3E,0x27,0xD2,0x60,0x4B
};
const byte order[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xBC,0xE6,0xFA,0xAD,0xA7,0x17,0x9E,0x84,
0xF3,0xB9,0xCA,0xC2,0xFC,0x63,0x25,0x51
};
const byte Gx[] =
{
0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,
0xF8,0xBC,0xE6,0xE5,0x63,0xA4,0x40,0xF2,
0x77,0x03,0x7D,0x81,0x2D,0xEB,0x33,0xA0,
0xF4,0xA1,0x39,0x45,0xD8,0x98,0xC2,0x96
};
const byte Gy[] =
{
0x4F,0xE3,0x42,0xE2,0xFE,0x1A,0x7F,0x9B,
0x8E,0xE7,0xEB,0x4A,0x7C,0x0F,0x9E,0x16,
0x2B,0xCE,0x33,0x57,0x6B,0x31,0x5E,0xCE,
0xCB,0xB6,0x40,0x68,0x37,0xBF,0x51,0xF5
};
int cofactor = 1;
int fieldSize = 256;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
prime, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf),
order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor),
ECC_SECP256R1);
#endif
/* invalid case, fieldSize = 0 */
ExpectIntEQ(wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
/* invalid case, NULL prime */
ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), BAD_FUNC_ARG);
/* invalid case, invalid prime */
ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
primeInvalid, sizeof(primeInvalid),
Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
WOLFSSL_RSA* rsa = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
const char* in = "What is easy to do is easy not to do.";
size_t inlen = XSTRLEN(in);
size_t outEncLen = 0;
byte* outEnc = NULL;
byte* outDec = NULL;
size_t outDecLen = 0;
size_t rsaKeySz = 2048/8; /* Bytes */
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
byte* inTmp = NULL;
byte* outEncTmp = NULL;
byte* outDecTmp = NULL;
#endif
ExpectNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outEnc != NULL) {
XMEMSET(outEnc, 0, rsaKeySz);
}
ExpectNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outDec != NULL) {
XMEMSET(outDec, 0, rsaKeySz);
}
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
RSA_free(rsa);
}
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
/* Test pkey references count is decremented. pkey shouldn't be destroyed
since ctx uses it.*/
ExpectIntEQ(pkey->ref.count, 2);
EVP_PKEY_free(pkey);
ExpectIntEQ(pkey->ref.count, 1);
/* Encrypt data */
/* Check that we can get the required output buffer length by passing in a
* NULL output buffer. */
ExpectIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen,
(const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
ExpectIntEQ(rsaKeySz, outEncLen);
/* Now do the actual encryption. */
ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen,
(const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
/* Decrypt data */
ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
/* Check that we can get the required output buffer length by passing in a
* NULL output buffer. */
ExpectIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen),
WOLFSSL_SUCCESS);
ExpectIntEQ(rsaKeySz, outDecLen);
/* Now do the actual decryption. */
ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen),
WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(in, outDec, outDecLen), 0);
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
/* The input length must be the same size as the RSA key.*/
ExpectNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (inTmp != NULL) {
XMEMSET(inTmp, 9, rsaKeySz);
}
ExpectNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outEncTmp != NULL) {
XMEMSET(outEncTmp, 0, rsaKeySz);
}
ExpectNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outDecTmp != NULL) {
XMEMSET(outDecTmp, 0, rsaKeySz);
}
ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp,
outEncLen), WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0);
#endif
EVP_PKEY_CTX_free(ctx);
XFREE(outEnc, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outDec, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
XFREE(inTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outEncTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outDecTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#endif
#endif
#endif
#if defined(OPENSSL_EXTRA)
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
#ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#endif
#endif
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#endif
#endif
#endif
#ifdef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
static int test_wolfSSL_EVP_PKEY_sign_verify(int keyType)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_RSA* rsa = NULL;
#endif
#endif
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
WOLFSSL_DSA* dsa = NULL;
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_EC_KEY* ecKey = NULL;
#endif
#endif
WOLFSSL_EVP_PKEY* pkey = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx_verify = NULL;
const char* in = "What is easy to do is easy not to do.";
size_t inlen = XSTRLEN(in);
byte hash[SHA256_DIGEST_LENGTH] = {0};
byte zero[SHA256_DIGEST_LENGTH] = {0};
SHA256_CTX c;
byte* sig = NULL;
byte* sigVerify = NULL;
size_t siglen;
size_t siglenOnlyLen;
size_t keySz = 2048/8; /* Bytes */
ExpectNotNull(sig =
(byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
ExpectNotNull(sigVerify =
(byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
siglen = keySz;
ExpectNotNull(XMEMSET(sig, 0, keySz));
ExpectNotNull(XMEMSET(sigVerify, 0, keySz));
/* Generate hash */
SHA256_Init(&c);
SHA256_Update(&c, in, inlen);
SHA256_Final(hash, &c);
#ifdef WOLFSSL_SMALL_STACK_CACHE
/* workaround for small stack cache case */
wc_Sha256Free((wc_Sha256*)&c);
#endif
/* Generate key */
ExpectNotNull(pkey = EVP_PKEY_new());
switch (keyType) {
case EVP_PKEY_RSA:
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
{
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
}
#endif
#endif
break;
case EVP_PKEY_DSA:
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
ExpectNotNull(dsa = DSA_new());
ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048,
NULL, 0, NULL, NULL, NULL), 1);
ExpectIntEQ(DSA_generate_key(dsa), 1);
ExpectIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS);
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
break;
case EVP_PKEY_EC:
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
{
ExpectNotNull(ecKey = EC_KEY_new());
ExpectIntEQ(EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(
EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
EC_KEY_free(ecKey);
}
}
#endif
#endif
break;
}
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
if (keyType == EVP_PKEY_RSA)
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
#endif
#endif
/* Check returning only length */
ExpectIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash,
SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
ExpectIntGT(siglenOnlyLen, 0);
/* Sign data */
ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash,
SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
ExpectIntGE(siglenOnlyLen, siglen);
/* Verify signature */
ExpectNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
if (keyType == EVP_PKEY_RSA)
ExpectIntEQ(
EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
#endif
#endif
ExpectIntEQ(EVP_PKEY_verify(
ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_verify(
ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH),
WOLFSSL_FAILURE);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
if (keyType == EVP_PKEY_RSA) {
#if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT)
/* Try RSA sign/verify with no padding. */
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
siglen), WOLFSSL_SUCCESS);
ExpectIntGE(siglenOnlyLen, siglen);
ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_NO_PADDING), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
siglen), WOLFSSL_SUCCESS);
#endif
/* Wrong padding schemes. */
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx,
RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
siglen), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
siglen), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_PKCS1_PADDING), WOLFSSL_SUCCESS);
}
#endif
#endif
/* error cases */
siglen = keySz; /* Reset because sig size may vary slightly */
ExpectIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen),
WOLFSSL_SUCCESS);
EVP_PKEY_free(pkey);
pkey = NULL;
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
DSA_free(dsa);
dsa = NULL;
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
EVP_PKEY_CTX_free(ctx_verify);
ctx_verify = NULL;
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(sigVerify, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_EVP_PKEY_sign_verify_rsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_RSA), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_sign_verify_dsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_DSA), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_sign_verify_ec(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_EC), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
static int test_EVP_PKEY_rsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
WOLFSSL_RSA* rsa = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(rsa = wolfSSL_RSA_new());
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_RSA_free(rsa);
}
ExpectPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
wolfSSL_EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
static int test_EVP_PKEY_ec(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_EC_KEY* ecKey = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
/* Should fail since ecKey is empty */
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_EC_KEY_free(ecKey);
}
wolfSSL_EVP_PKEY_free(pkey);
#endif
#endif
return EXPECT_RESULT();
}
static int test_EVP_PKEY_cmp(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
EVP_PKEY *a = NULL;
EVP_PKEY *b = NULL;
const unsigned char *in;
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
in = client_key_der_2048;
ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
in = client_key_der_2048;
ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
/* Test success case RSA */
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
#else
ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
EVP_PKEY_free(b);
b = NULL;
EVP_PKEY_free(a);
a = NULL;
#endif
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
in = ecc_clikey_der_256;
ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
in = ecc_clikey_der_256;
ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
/* Test success case ECC */
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
#else
ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
EVP_PKEY_free(b);
b = NULL;
EVP_PKEY_free(a);
a = NULL;
#endif
/* Test failure cases */
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && \
defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
in = client_key_der_2048;
ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
in = ecc_clikey_der_256;
ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(a, b), -1);
#else
ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
EVP_PKEY_free(b);
b = NULL;
EVP_PKEY_free(a);
a = NULL;
#endif
/* invalid or empty failure cases */
a = EVP_PKEY_new();
b = EVP_PKEY_new();
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(NULL, NULL), 0);
ExpectIntEQ(EVP_PKEY_cmp(a, NULL), 0);
ExpectIntEQ(EVP_PKEY_cmp(NULL, b), 0);
#ifdef NO_RSA
/* Type check will fail since RSA is the default EVP key type */
ExpectIntEQ(EVP_PKEY_cmp(a, b), -2);
#else
ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif
#else
ExpectIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
ExpectIntNE(EVP_PKEY_cmp(a, NULL), 0);
ExpectIntNE(EVP_PKEY_cmp(NULL, b), 0);
ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
#endif
EVP_PKEY_free(b);
EVP_PKEY_free(a);
(void)in;
#endif
return EXPECT_RESULT();
}
static int test_ERR_load_crypto_strings(void)
{
#if defined(OPENSSL_ALL)
ERR_load_crypto_strings();
return TEST_SUCCESS;
#else
return TEST_SKIPPED;
#endif
}
#if defined(OPENSSL_ALL) && !defined(NO_CERTS)
static void free_x509(X509* x)
{
AssertIntEQ((x == (X509*)1 || x == (X509*)2), 1);
}
#endif
static int test_sk_X509(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS)
{
STACK_OF(X509)* s = NULL;
ExpectNotNull(s = sk_X509_new_null());
ExpectIntEQ(sk_X509_num(s), 0);
sk_X509_pop_free(s, NULL);
ExpectNotNull(s = sk_X509_new_null());
ExpectIntEQ(sk_X509_num(s), 0);
sk_X509_pop_free(s, NULL);
ExpectNotNull(s = sk_X509_new_null());
sk_X509_push(s, (X509*)1);
ExpectIntEQ(sk_X509_num(s), 1);
ExpectIntEQ((sk_X509_value(s, 0) == (X509*)1), 1);
sk_X509_push(s, (X509*)2);
ExpectIntEQ(sk_X509_num(s), 2);
ExpectIntEQ((sk_X509_value(s, 0) == (X509*)2), 1);
ExpectIntEQ((sk_X509_value(s, 1) == (X509*)1), 1);
sk_X509_push(s, (X509*)2);
sk_X509_pop_free(s, free_x509);
}
{
/* Push a list of 10 X509s onto stack, then verify that
* value(), push(), shift(), and pop() behave as expected. */
STACK_OF(X509)* s = NULL;
X509* xList[10];
int i = 0;
const int len = (sizeof(xList) / sizeof(xList[0]));
for (i = 0; i < len; ++i) {
xList[i] = NULL;
ExpectNotNull(xList[i] = X509_new());
}
/* test push, pop, and free */
ExpectNotNull(s = sk_X509_new_null());
for (i = 0; i < len; ++i) {
sk_X509_push(s, xList[i]);
ExpectIntEQ(sk_X509_num(s), i + 1);
ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1);
}
/* pop returns and removes last pushed on stack, which is index 0
* in sk_x509_value */
for (i = 0; i < len; ++i) {
X509 * x = sk_X509_value(s, 0);
X509 * y = sk_X509_pop(s);
X509 * z = xList[len - 1 - i];
ExpectIntEQ((x == y), 1);
ExpectIntEQ((x == z), 1);
ExpectIntEQ(sk_X509_num(s), len - 1 - i);
}
sk_free(s);
s = NULL;
/* test push, shift, and free */
ExpectNotNull(s = sk_X509_new_null());
for (i = 0; i < len; ++i) {
sk_X509_push(s, xList[i]);
ExpectIntEQ(sk_X509_num(s), i + 1);
ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1);
}
/* shift returns and removes first pushed on stack, which is index i
* in sk_x509_value() */
for (i = 0; i < len; ++i) {
X509 * x = sk_X509_value(s, len - 1 - i);
X509 * y = sk_X509_shift(s);
X509 * z = xList[i];
ExpectIntEQ((x == y), 1);
ExpectIntEQ((x == z), 1);
ExpectIntEQ(sk_X509_num(s), len - 1 - i);
}
sk_free(s);
for (i = 0; i < len; ++i)
X509_free(xList[i]);
}
#endif
return EXPECT_RESULT();
}
static int test_sk_X509_CRL(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && defined(HAVE_CRL)
X509_CRL* crl = NULL;
XFILE fp = XBADFILE;
STACK_OF(X509_CRL)* s = NULL;
ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectNotNull(s = sk_X509_CRL_new());
ExpectIntEQ(sk_X509_CRL_num(s), 0);
ExpectIntEQ(sk_X509_CRL_push(s, crl), 1);
if (EXPECT_FAIL()) {
X509_CRL_free(crl);
}
ExpectIntEQ(sk_X509_CRL_num(s), 1);
ExpectPtrEq(sk_X509_CRL_value(s, 0), crl);
sk_X509_CRL_free(s);
#endif
return EXPECT_RESULT();
}
static int test_X509_get_signature_nid(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509* x509 = NULL;
ExpectIntEQ(X509_get_signature_nid(NULL), 0);
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM));
ExpectIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption);
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_X509_REQ(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO)
X509_NAME* name = NULL;
#ifndef NO_RSA
X509_NAME* subject = NULL;
#endif
#if !defined(NO_RSA) || defined(HAVE_ECC)
X509_REQ* req = NULL;
EVP_PKEY* priv = NULL;
EVP_PKEY* pub = NULL;
unsigned char* der = NULL;
int len;
#endif
#ifndef NO_RSA
EVP_MD_CTX *mctx = NULL;
EVP_PKEY_CTX *pkctx = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* rsaPriv = (const unsigned char*)client_key_der_1024;
const unsigned char* rsaPub = (unsigned char*)client_keypub_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
const unsigned char* rsaPriv = (const unsigned char*)client_key_der_2048;
const unsigned char* rsaPub = (unsigned char*)client_keypub_der_2048;
#endif
#endif
#ifdef HAVE_ECC
const unsigned char* ecPriv = (const unsigned char*)ecc_clikey_der_256;
const unsigned char* ecPub = (unsigned char*)ecc_clikeypub_der_256;
#endif
ExpectNotNull(name = X509_NAME_new());
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
(byte*)"wolfssl.com", 11, 0, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
(byte*)"support@wolfssl.com", 19, -1, 1), WOLFSSL_SUCCESS);
#ifndef NO_RSA
ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
(long)sizeof_client_key_der_2048));
ExpectNotNull(pub = d2i_PUBKEY(NULL, &rsaPub,
(long)sizeof_client_keypub_der_2048));
ExpectNotNull(req = X509_REQ_new());
ExpectIntEQ(X509_REQ_set_subject_name(NULL, name), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_set_subject_name(req, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_REQ_set_pubkey(NULL, pub), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_set_pubkey(req, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_REQ_sign(NULL, priv, EVP_sha256()), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
len = i2d_X509_REQ(req, &der);
DEBUG_WRITE_DER(der, len, "req.der");
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(len, 381);
#else
ExpectIntEQ(len, 643);
#endif
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
der = NULL;
mctx = EVP_MD_CTX_new();
ExpectIntEQ(EVP_DigestSignInit(mctx, &pkctx, EVP_sha256(), NULL, priv),
WOLFSSL_SUCCESS);
ExpectIntEQ(X509_REQ_sign_ctx(req, mctx), WOLFSSL_SUCCESS);
EVP_MD_CTX_free(mctx);
mctx = NULL;
X509_REQ_free(NULL);
X509_REQ_free(req);
req = NULL;
/* Test getting the subject from a newly created X509_REQ */
ExpectNotNull(req = X509_REQ_new());
ExpectNotNull(subject = X509_REQ_get_subject_name(req));
ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_commonName,
MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 1);
ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_countryName,
MBSTRING_UTF8, (unsigned char*)"US", -1, -1, 0), 1);
ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_localityName,
MBSTRING_UTF8, (unsigned char*)"Bozeman", -1, -1, 0), 1);
ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_stateOrProvinceName,
MBSTRING_UTF8, (unsigned char*)"Montana", -1, -1, 0), 1);
ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationName,
MBSTRING_UTF8, (unsigned char*)"wolfSSL", -1, -1, 0), 1);
ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationalUnitName,
MBSTRING_UTF8, (unsigned char*)"Testing", -1, -1, 0), 1);
ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
len = i2d_X509_REQ(req, &der);
DEBUG_WRITE_DER(der, len, "req2.der");
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(len, 435);
#else
ExpectIntEQ(len, 696);
#endif
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
der = NULL;
EVP_PKEY_free(pub);
pub = NULL;
EVP_PKEY_free(priv);
priv = NULL;
X509_REQ_free(req);
req = NULL;
#endif
#ifdef HAVE_ECC
ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &ecPriv,
sizeof_ecc_clikey_der_256));
ExpectNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &ecPub,
sizeof_ecc_clikeypub_der_256));
ExpectNotNull(req = X509_REQ_new());
ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
/* Signature is random and may be shorter or longer. */
ExpectIntGE((len = i2d_X509_REQ(req, &der)), 245);
ExpectIntLE(len, 253);
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
X509_REQ_free(req);
EVP_PKEY_free(pub);
EVP_PKEY_free(priv);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif /* HAVE_ECC */
X509_NAME_free(name);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_PKCS7(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \
!defined(NO_RSA)
PKCS7* pkcs7 = NULL;
byte data[FOURK_BUF];
word32 len = sizeof(data);
const byte* p = data;
byte content[] = "Test data to encode.";
#if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
BIO* bio = NULL;
byte key[sizeof(client_key_der_2048)];
word32 keySz = (word32)sizeof(key);
byte* out = NULL;
#endif
ExpectIntGT((len = (word32)CreatePKCS7SignedData(data, (int)len, content,
(word32)sizeof(content), 0, 0, 0, RSA_TYPE)), 0);
ExpectNull(pkcs7 = d2i_PKCS7(NULL, NULL, (int)len));
ExpectNull(pkcs7 = d2i_PKCS7(NULL, &p, 0));
ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, (int)len));
ExpectIntEQ(wolfSSL_PKCS7_verify(NULL, NULL, NULL, NULL, NULL,
PKCS7_NOVERIFY), WOLFSSL_FAILURE);
PKCS7_free(pkcs7);
pkcs7 = NULL;
/* fail case, without PKCS7_NOVERIFY */
p = data;
ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, (int)len));
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
0), WOLFSSL_FAILURE);
PKCS7_free(pkcs7);
pkcs7 = NULL;
/* success case, with PKCS7_NOVERIFY */
p = data;
ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, (int)len));
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
PKCS7_NOVERIFY), WOLFSSL_SUCCESS);
#if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
/* test i2d */
XMEMCPY(key, client_key_der_2048, keySz);
if (pkcs7 != NULL) {
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
}
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1);
#ifndef NO_ASN_TIME
ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 655);
#else
ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 625);
#endif
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
BIO_free(bio);
#endif
PKCS7_free(NULL);
PKCS7_free(pkcs7);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS7_sign(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
PKCS7* p7 = NULL;
PKCS7* p7Ver = NULL;
byte* out = NULL;
byte* tmpPtr = NULL;
int outLen = 0;
int flags = 0;
byte data[] = "Test data to encode.";
const char* cert = "./certs/server-cert.pem";
const char* key = "./certs/server-key.pem";
const char* ca = "./certs/ca-cert.pem";
WOLFSSL_BIO* certBio = NULL;
WOLFSSL_BIO* keyBio = NULL;
WOLFSSL_BIO* caBio = NULL;
WOLFSSL_BIO* inBio = NULL;
X509* signCert = NULL;
EVP_PKEY* signKey = NULL;
X509* caCert = NULL;
X509_STORE* store = NULL;
#ifndef NO_PKCS7_STREAM
int z;
int ret;
#endif /* !NO_PKCS7_STREAM */
/* read signer cert/key into BIO */
ExpectNotNull(certBio = BIO_new_file(cert, "r"));
ExpectNotNull(keyBio = BIO_new_file(key, "r"));
ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
/* read CA cert into store (for verify) */
ExpectNotNull(caBio = BIO_new_file(ca, "r"));
ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
ExpectNotNull(store = X509_STORE_new());
ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1);
/* data to be signed into BIO */
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
/* PKCS7_sign, bad args: signer NULL */
ExpectNull(p7 = PKCS7_sign(NULL, signKey, NULL, inBio, 0));
/* PKCS7_sign, bad args: signer key NULL */
ExpectNull(p7 = PKCS7_sign(signCert, NULL, NULL, inBio, 0));
/* PKCS7_sign, bad args: in data NULL without PKCS7_STREAM */
ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, NULL, 0));
/* PKCS7_sign, bad args: PKCS7_NOCERTS flag not supported */
ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_NOCERTS));
/* PKCS7_sign, bad args: PKCS7_PARTIAL flag not supported */
ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_PARTIAL));
/* TEST SUCCESS: Not detached, not streaming, not MIME */
{
flags = PKCS7_BINARY;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* verify with d2i_PKCS7 */
tmpPtr = out;
ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
PKCS7_free(p7Ver);
p7Ver = NULL;
/* verify with wc_PKCS7_VerifySignedData */
ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0);
ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, (word32)outLen), 0);
#ifndef NO_PKCS7_STREAM
/* verify with wc_PKCS7_VerifySignedData streaming */
wc_PKCS7_Free(p7Ver);
p7Ver = NULL;
ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
ExpectIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0);
/* test for streaming */
ret = -1;
for (z = 0; z < outLen && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(p7Ver, out + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
#endif /* !NO_PKCS7_STREAM */
/* compare the signer found to expected signer */
ExpectIntNE(p7Ver->verifyCertSz, 0);
tmpPtr = NULL;
ExpectIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz);
ExpectIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0);
XFREE(tmpPtr, NULL, DYNAMIC_TYPE_OPENSSL);
tmpPtr = NULL;
wc_PKCS7_Free(p7Ver);
p7Ver = NULL;
ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out = NULL;
PKCS7_free(p7);
p7 = NULL;
}
/* TEST SUCCESS: Not detached, streaming, not MIME. Also bad arg
* tests for PKCS7_final() while we have a PKCS7 pointer to use */
{
/* re-populate input BIO, may have been consumed */
BIO_free(inBio);
inBio = NULL;
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_BINARY | PKCS7_STREAM;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1);
ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* PKCS7_final, bad args: PKCS7 null */
ExpectIntEQ(PKCS7_final(NULL, inBio, 0), 0);
/* PKCS7_final, bad args: PKCS7 null */
ExpectIntEQ(PKCS7_final(p7, NULL, 0), 0);
tmpPtr = out;
ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
PKCS7_free(p7Ver);
p7Ver = NULL;
ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out = NULL;
PKCS7_free(p7);
p7 = NULL;
}
/* TEST SUCCESS: Detached, not streaming, not MIME */
{
/* re-populate input BIO, may have been consumed */
BIO_free(inBio);
inBio = NULL;
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_BINARY | PKCS7_DETACHED;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* verify with wolfCrypt, d2i_PKCS7 does not support detached content */
ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
if (p7Ver != NULL) {
p7Ver->content = data;
p7Ver->contentSz = sizeof(data);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, (word32)outLen), 0);
wc_PKCS7_Free(p7Ver);
p7Ver = NULL;
#ifndef NO_PKCS7_STREAM
/* verify with wc_PKCS7_VerifySignedData streaming */
ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
if (p7Ver != NULL) {
p7Ver->content = data;
p7Ver->contentSz = sizeof(data);
}
/* test for streaming */
ret = -1;
for (z = 0; z < outLen && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(p7Ver, out + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
wc_PKCS7_Free(p7Ver);
p7Ver = NULL;
#endif /* !NO_PKCS7_STREAM */
/* verify expected failure (NULL return) from d2i_PKCS7, it does not
* yet support detached content */
tmpPtr = out;
ExpectNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
PKCS7_free(p7Ver);
p7Ver = NULL;
ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out = NULL;
PKCS7_free(p7);
p7 = NULL;
}
/* TEST SUCCESS: Detached, streaming, not MIME */
{
/* re-populate input BIO, may have been consumed */
BIO_free(inBio);
inBio = NULL;
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_BINARY | PKCS7_DETACHED | PKCS7_STREAM;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1);
ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* verify with wolfCrypt, d2i_PKCS7 does not support detached content */
ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
if (p7Ver != NULL) {
p7Ver->content = data;
p7Ver->contentSz = sizeof(data);
}
ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, (word32)outLen), 0);
wc_PKCS7_Free(p7Ver);
p7Ver = NULL;
ExpectNotNull(out);
#ifndef NO_PKCS7_STREAM
/* verify with wc_PKCS7_VerifySignedData streaming */
ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
if (p7Ver != NULL) {
p7Ver->content = data;
p7Ver->contentSz = sizeof(data);
}
/* test for streaming */
ret = -1;
for (z = 0; z < outLen && ret != 0; z++) {
ret = wc_PKCS7_VerifySignedData(p7Ver, out + z, 1);
if (ret < 0){
ExpectIntEQ(ret, WC_PKCS7_WANT_READ_E);
}
}
ExpectIntEQ(ret, 0);
ExpectNotNull(out);
wc_PKCS7_Free(p7Ver);
p7Ver = NULL;
#endif /* !NO_PKCS7_STREAM */
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
PKCS7_free(p7);
p7 = NULL;
}
X509_STORE_free(store);
X509_free(caCert);
X509_free(signCert);
EVP_PKEY_free(signKey);
BIO_free(inBio);
BIO_free(keyBio);
BIO_free(certBio);
BIO_free(caBio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS7_SIGNED_new(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
PKCS7_SIGNED* pkcs7 = NULL;
ExpectNotNull(pkcs7 = PKCS7_SIGNED_new());
ExpectIntEQ(pkcs7->contentOID, SIGNED_DATA);
PKCS7_SIGNED_free(pkcs7);
#endif
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_write_bio_PKCS7(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
PKCS7* pkcs7 = NULL;
BIO* bio = NULL;
const byte* cert_buf = NULL;
int ret = 0;
WC_RNG rng;
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
byte key[sizeof(client_key_der_2048)];
byte cert[sizeof(client_cert_der_2048)];
word32 keySz = (word32)sizeof(key);
word32 certSz = (word32)sizeof(cert);
XMEMSET(key, 0, keySz);
XMEMSET(cert, 0, certSz);
XMEMCPY(key, client_key_der_2048, keySz);
XMEMCPY(cert, client_cert_der_2048, certSz);
#elif defined(USE_CERT_BUFFERS_1024)
byte key[sizeof_client_key_der_1024];
byte cert[sizeof(sizeof_client_cert_der_1024)];
word32 keySz = (word32)sizeof(key);
word32 certSz = (word32)sizeof(cert);
XMEMSET(key, 0, keySz);
XMEMSET(cert, 0, certSz);
XMEMCPY(key, client_key_der_1024, keySz);
XMEMCPY(cert, client_cert_der_1024, certSz);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz;
int keySz;
ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
unsigned char cert[sizeof(cliecc_cert_der_256)];
unsigned char key[sizeof(ecc_clikey_der_256)];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
XFILE fp = XBADFILE;
int certSz, keySz;
ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
XBADFILE);
ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
fp), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
XBADFILE);
ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
#endif
#else
#error PKCS7 requires ECC or RSA
#endif
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
/* initialize with DER encoded cert */
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
/* init rng */
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
if (pkcs7 != NULL) {
pkcs7->rng = &rng;
pkcs7->content = (byte*)data; /* not used for ex */
pkcs7->contentSz = (word32)sizeof(data);
pkcs7->contentOID = SIGNED_DATA;
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
#ifdef NO_SHA
pkcs7->hashOID = SHA256h;
#else
pkcs7->hashOID = SHAh;
#endif
pkcs7->signedAttribs = NULL;
pkcs7->signedAttribsSz = 0;
}
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/* Write PKCS#7 PEM to BIO, the function converts the DER to PEM cert*/
ExpectIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS);
/* Read PKCS#7 PEM from BIO */
ret = wolfSSL_BIO_get_mem_data(bio, &cert_buf);
ExpectIntGE(ret, 0);
BIO_free(bio);
wc_PKCS7_Free(pkcs7);
wc_FreeRng(&rng);
#endif
return EXPECT_RESULT();
}
#ifdef HAVE_SMIME
/* // NOLINTBEGIN(clang-analyzer-unix.Stream) */
static int test_wolfSSL_SMIME_read_PKCS7(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
PKCS7* pkcs7 = NULL;
BIO* bio = NULL;
BIO* bcont = NULL;
BIO* out = NULL;
const byte* outBuf = NULL;
int outBufLen = 0;
static const char contTypeText[] = "Content-Type: text/plain\r\n\r\n";
XFILE smimeTestFile = XBADFILE;
ExpectTrue((smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r")) !=
XBADFILE);
/* smime-test.p7s */
bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
ExpectNotNull(bio);
ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
ExpectNotNull(pkcs7);
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
PKCS7_NOVERIFY), SSL_SUCCESS);
if (smimeTestFile != XBADFILE) {
XFCLOSE(smimeTestFile);
smimeTestFile = XBADFILE;
}
if (bcont) BIO_free(bcont);
bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
pkcs7 = NULL;
/* smime-test-multipart.p7s */
smimeTestFile = XFOPEN("./certs/test/smime-test-multipart.p7s", "r");
ExpectFalse(smimeTestFile == XBADFILE);
ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
ExpectNotNull(pkcs7);
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
PKCS7_NOVERIFY), SSL_SUCCESS);
if (smimeTestFile != XBADFILE) {
XFCLOSE(smimeTestFile);
smimeTestFile = XBADFILE;
}
if (bcont) BIO_free(bcont);
bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
pkcs7 = NULL;
/* smime-test-multipart-badsig.p7s */
smimeTestFile = XFOPEN("./certs/test/smime-test-multipart-badsig.p7s", "r");
ExpectFalse(smimeTestFile == XBADFILE);
ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
ExpectNotNull(pkcs7); /* can read in the unverified smime bundle */
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
PKCS7_NOVERIFY), SSL_FAILURE);
if (smimeTestFile != XBADFILE) {
XFCLOSE(smimeTestFile);
smimeTestFile = XBADFILE;
}
if (bcont) BIO_free(bcont);
bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
pkcs7 = NULL;
/* smime-test-canon.p7s */
smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
ExpectFalse(smimeTestFile == XBADFILE);
ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
ExpectNotNull(pkcs7);
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
PKCS7_NOVERIFY), SSL_SUCCESS);
if (smimeTestFile != XBADFILE) {
XFCLOSE(smimeTestFile);
smimeTestFile = XBADFILE;
}
if (bcont) BIO_free(bcont);
bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
pkcs7 = NULL;
/* Test PKCS7_TEXT, PKCS7_verify() should remove Content-Type: text/plain */
smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
ExpectFalse(smimeTestFile == XBADFILE);
ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
ExpectNotNull(pkcs7);
out = wolfSSL_BIO_new(BIO_s_mem());
ExpectNotNull(out);
ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out,
PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS);
ExpectIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0);
/* Content-Type should not show up at beginning of output buffer */
ExpectIntGT(outBufLen, XSTRLEN(contTypeText));
ExpectIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0);
BIO_free(out);
BIO_free(bio);
if (bcont) BIO_free(bcont);
wolfSSL_PKCS7_free(pkcs7);
#endif
return EXPECT_RESULT();
}
/* // NOLINTEND(clang-analyzer-unix.Stream) */
static int test_wolfSSL_SMIME_write_PKCS7(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_RSA)
PKCS7* p7 = NULL;
PKCS7* p7Ver = NULL;
int flags = 0;
byte data[] = "Test data to encode.";
const char* cert = "./certs/server-cert.pem";
const char* key = "./certs/server-key.pem";
const char* ca = "./certs/ca-cert.pem";
WOLFSSL_BIO* certBio = NULL;
WOLFSSL_BIO* keyBio = NULL;
WOLFSSL_BIO* caBio = NULL;
WOLFSSL_BIO* inBio = NULL;
WOLFSSL_BIO* outBio = NULL;
WOLFSSL_BIO* content = NULL;
X509* signCert = NULL;
EVP_PKEY* signKey = NULL;
X509* caCert = NULL;
X509_STORE* store = NULL;
/* read signer cert/key into BIO */
ExpectNotNull(certBio = BIO_new_file(cert, "r"));
ExpectNotNull(keyBio = BIO_new_file(key, "r"));
ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
/* read CA cert into store (for verify) */
ExpectNotNull(caBio = BIO_new_file(ca, "r"));
ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
ExpectNotNull(store = X509_STORE_new());
ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1);
/* generate and verify SMIME: not detached */
{
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_STREAM;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
/* bad arg: out NULL */
ExpectIntEQ(SMIME_write_PKCS7(NULL, p7, inBio, flags), 0);
/* bad arg: pkcs7 NULL */
ExpectIntEQ(SMIME_write_PKCS7(outBio, NULL, inBio, flags), 0);
ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
BIO_free(content);
content = NULL;
BIO_free(inBio);
inBio = NULL;
BIO_free(outBio);
outBio = NULL;
PKCS7_free(p7Ver);
p7Ver = NULL;
PKCS7_free(p7);
p7 = NULL;
}
/* generate and verify SMIME: not detached, add Content-Type */
{
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_STREAM | PKCS7_TEXT;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
BIO_free(content);
content = NULL;
BIO_free(inBio);
inBio = NULL;
BIO_free(outBio);
outBio = NULL;
PKCS7_free(p7Ver);
p7Ver = NULL;
PKCS7_free(p7);
p7 = NULL;
}
/* generate and verify SMIME: detached */
{
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_DETACHED | PKCS7_STREAM;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
BIO_free(content);
content = NULL;
BIO_free(inBio);
inBio = NULL;
BIO_free(outBio);
outBio = NULL;
PKCS7_free(p7Ver);
p7Ver = NULL;
PKCS7_free(p7);
p7 = NULL;
}
/* generate and verify SMIME: PKCS7_TEXT to add Content-Type header */
{
ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_STREAM | PKCS7_DETACHED | PKCS7_TEXT;
ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
BIO_free(content);
content = NULL;
BIO_free(inBio);
inBio = NULL;
BIO_free(outBio);
outBio = NULL;
PKCS7_free(p7Ver);
p7Ver = NULL;
PKCS7_free(p7);
p7 = NULL;
}
X509_STORE_free(store);
X509_free(caCert);
X509_free(signCert);
EVP_PKEY_free(signKey);
BIO_free(keyBio);
BIO_free(certBio);
BIO_free(caBio);
#endif
return EXPECT_RESULT();
}
#endif /* HAVE_SMIME */
#endif /* !NO_BIO */
/* Test of X509 store use outside of SSL context w/ CRL lookup (ALWAYS
* returns 0) */
static int test_X509_STORE_No_SSL_CTX(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
!defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
defined(HAVE_CRL) && !defined(NO_RSA)
X509_STORE * store = NULL;
X509_STORE_CTX * storeCtx = NULL;
X509_CRL * crl = NULL;
X509 * ca = NULL;
X509 * cert = NULL;
const char cliCrlPem[] = "./certs/crl/cliCrl.pem";
const char srvCert[] = "./certs/server-cert.pem";
const char caCert[] = "./certs/ca-cert.pem";
const char caDir[] = "./certs/crl/hash_pem";
XFILE fp = XBADFILE;
X509_LOOKUP * lookup = NULL;
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
/* Set up store with CA */
ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
/* Add CRL lookup directory to store
* NOTE: test uses ./certs/crl/hash_pem/0fdb2da4.r0, which is a copy
* of crl.pem */
ExpectNotNull((lookup = X509_STORE_add_lookup(store,
X509_LOOKUP_hash_dir())));
ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir,
X509_FILETYPE_PEM, NULL), SSL_SUCCESS);
ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
SSL_SUCCESS);
/* Add CRL to store NOT containing the verified certificate, which
* forces use of the CRL lookup directory */
ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
/* Create verification context outside of an SSL session */
ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Perform verification, which should NOT indicate CRL missing due to the
* store CM's X509 store pointer being NULL */
ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
X509_CRL_free(crl);
X509_STORE_free(store);
X509_STORE_CTX_free(storeCtx);
X509_free(cert);
X509_free(ca);
#endif
return EXPECT_RESULT();
}
/* Test of X509 store use outside of SSL context w/ CRL lookup, but
* with X509_LOOKUP_add_dir and X509_FILETYPE_ASN1. */
static int test_X509_LOOKUP_add_dir(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
!defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
defined(HAVE_CRL) && !defined(NO_RSA)
X509_STORE * store = NULL;
X509_STORE_CTX * storeCtx = NULL;
X509_CRL * crl = NULL;
X509 * ca = NULL;
X509 * cert = NULL;
const char cliCrlPem[] = "./certs/crl/cliCrl.pem";
const char srvCert[] = "./certs/server-cert.pem";
const char caCert[] = "./certs/ca-cert.pem";
const char caDir[] = "./certs/crl/hash_der";
XFILE fp = XBADFILE;
X509_LOOKUP * lookup = NULL;
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
/* Set up store with CA */
ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
/* Add CRL lookup directory to store.
* Test uses ./certs/crl/hash_der/0fdb2da4.r0, which is a copy
* of crl.der */
ExpectNotNull((lookup = X509_STORE_add_lookup(store,
X509_LOOKUP_hash_dir())));
ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_ASN1),
SSL_SUCCESS);
ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
SSL_SUCCESS);
/* Add CRL to store NOT containing the verified certificate, which
* forces use of the CRL lookup directory */
ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
/* Create verification context outside of an SSL session */
ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Perform verification, which should NOT return CRL missing */
ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
X509_CRL_free(crl);
crl = NULL;
X509_STORE_free(store);
store = NULL;
X509_STORE_CTX_free(storeCtx);
storeCtx = NULL;
X509_free(cert);
cert = NULL;
X509_free(ca);
ca = NULL;
/* Now repeat the same, but look for X509_FILETYPE_PEM.
* We should get CRL_MISSING at the end, because the lookup
* dir has only ASN1 CRLs. */
ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
ExpectNotNull((lookup = X509_STORE_add_lookup(store,
X509_LOOKUP_hash_dir())));
ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_PEM),
SSL_SUCCESS);
ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
SSL_SUCCESS);
ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Now we SHOULD get CRL_MISSING, because we looked for PEM
* in dir containing only ASN1/DER. */
ExpectIntEQ(X509_verify_cert(storeCtx), WOLFSSL_FAILURE);
ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx),
X509_V_ERR_UNABLE_TO_GET_CRL);
X509_CRL_free(crl);
X509_STORE_free(store);
X509_STORE_CTX_free(storeCtx);
X509_free(cert);
X509_free(ca);
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| Certificate Failure Checks
*----------------------------------------------------------------------------*/
#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
!defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
#if !defined(NO_RSA) || defined(HAVE_ECC)
/* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz,
int type)
{
int ret;
WOLFSSL_CERT_MANAGER* cm = NULL;
switch (type) {
case TESTING_RSA:
#ifdef NO_RSA
fprintf(stderr, "RSA disabled, skipping test\n");
return ASN_SIG_CONFIRM_E;
#else
break;
#endif
case TESTING_ECC:
#ifndef HAVE_ECC
fprintf(stderr, "ECC disabled, skipping test\n");
return ASN_SIG_CONFIRM_E;
#else
break;
#endif
default:
fprintf(stderr, "Bad function argument\n");
return BAD_FUNC_ARG;
}
cm = wolfSSL_CertManagerNew();
if (cm == NULL) {
fprintf(stderr, "wolfSSL_CertManagerNew failed\n");
return -1;
}
#ifndef NO_FILESYSTEM
ret = wolfSSL_CertManagerLoadCA(cm, ca, 0);
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr, "wolfSSL_CertManagerLoadCA failed\n");
wolfSSL_CertManagerFree(cm);
return ret;
}
#else
(void)ca;
#endif
ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, (long int)cert_sz,
WOLFSSL_FILETYPE_ASN1);
/* Let ExpectIntEQ handle return code */
wolfSSL_CertManagerFree(cm);
return ret;
}
#endif
#if !defined(NO_FILESYSTEM)
static int test_RsaSigFailure_cm(void)
{
EXPECT_DECLS;
#ifndef NO_RSA
const char* ca_cert = "./certs/ca-cert.pem";
const char* server_cert = "./certs/server-cert.der";
byte* cert_buf = NULL;
size_t cert_sz = 0;
ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0);
if ((cert_buf != NULL) && (cert_sz > 0)) {
/* corrupt DER - invert last byte, which is signature */
cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
/* test bad cert */
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
WOLFSSL_FATAL_ERROR);
#elif defined(NO_ASN_CRYPT)
/* RSA verify is not called when ASN crypt support is disabled */
ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
WOLFSSL_SUCCESS);
#else
ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
ASN_SIG_CONFIRM_E);
#endif
}
/* load_file() uses malloc. */
if (cert_buf != NULL) {
free(cert_buf);
}
#endif /* !NO_RSA */
return EXPECT_RESULT();
}
static int test_EccSigFailure_cm(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
/* self-signed ECC cert, so use server cert as CA */
const char* ca_cert = "./certs/ca-ecc-cert.pem";
const char* server_cert = "./certs/server-ecc.der";
byte* cert_buf = NULL;
size_t cert_sz = 0;
ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0);
if (cert_buf != NULL && cert_sz > 0) {
/* corrupt DER - invert last byte, which is signature */
cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
/* test bad cert */
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
WOLFSSL_FATAL_ERROR);
#elif defined(NO_ASN_CRYPT)
/* ECC verify is not called when ASN crypt support is disabled */
ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
WOLFSSL_SUCCESS);
#else
ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
ASN_SIG_CONFIRM_E);
#endif
}
/* load_file() uses malloc. */
if (cert_buf != NULL) {
free(cert_buf);
}
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif /* HAVE_ECC */
return EXPECT_RESULT();
}
#endif /* !NO_FILESYSTEM */
#endif /* NO_CERTS */
#ifdef WOLFSSL_TLS13
#if defined(WOLFSSL_SEND_HRR_COOKIE) && !defined(NO_WOLFSSL_SERVER)
#ifdef WC_SHA384_DIGEST_SIZE
static byte fixedKey[WC_SHA384_DIGEST_SIZE] = { 0, };
#else
static byte fixedKey[WC_SHA256_DIGEST_SIZE] = { 0, };
#endif
#endif
#ifdef WOLFSSL_EARLY_DATA
static const char earlyData[] = "Early Data";
static char earlyDataBuffer[1];
#endif
static int test_tls13_apis(void)
{
EXPECT_DECLS;
int ret;
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_CTX* clientTls12Ctx = NULL;
WOLFSSL* clientTls12Ssl = NULL;
#endif
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* serverTls12Ctx = NULL;
WOLFSSL* serverTls12Ssl = NULL;
#endif
#endif
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_CTX* clientCtx = NULL;
WOLFSSL* clientSsl = NULL;
#endif
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* serverCtx = NULL;
WOLFSSL* serverSsl = NULL;
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
const char* ourCert = svrCertFile;
const char* ourKey = svrKeyFile;
#endif
#endif
int required;
#ifdef WOLFSSL_EARLY_DATA
int outSz;
#endif
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
int groups[2] = { WOLFSSL_ECC_SECP256R1,
#ifdef WOLFSSL_HAVE_KYBER
WOLFSSL_KYBER_LEVEL1
#else
WOLFSSL_ECC_SECP256R1
#endif
};
#if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)
int bad_groups[2] = { 0xDEAD, 0xBEEF };
#endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */
int numGroups = 2;
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
char groupList[] =
#ifdef HAVE_CURVE25519
"X25519:"
#endif
#ifdef HAVE_CURVE448
"X448:"
#endif
#ifndef NO_ECC_SECP
#if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521
"P-521:secp521r1:"
#endif
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
"P-384:secp384r1:"
#endif
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
"P-256:secp256r1"
#if defined(WOLFSSL_HAVE_KYBER)
":P256_KYBER_LEVEL1"
#endif
#endif
#endif /* !defined(NO_ECC_SECP) */
#if defined(WOLFSSL_HAVE_KYBER)
":KYBER_LEVEL1"
#endif
"";
#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */
(void)ret;
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_CLIENT
clientTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
clientTls12Ssl = wolfSSL_new(clientTls12Ctx);
#endif
#ifndef NO_WOLFSSL_SERVER
serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert);
wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey,
WOLFSSL_FILETYPE_PEM);
#endif
serverTls12Ssl = wolfSSL_new(serverTls12Ctx);
#endif
#endif
#ifndef NO_WOLFSSL_CLIENT
clientCtx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
clientSsl = wolfSSL_new(clientCtx);
#endif
#ifndef NO_WOLFSSL_SERVER
serverCtx = wolfSSL_CTX_new(wolfTLSv1_3_server_method());
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
wolfSSL_CTX_use_certificate_chain_file(serverCtx, ourCert);
wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM);
#endif
serverSsl = wolfSSL_new(serverCtx);
ExpectNotNull(serverSsl);
#endif
#ifdef WOLFSSL_SEND_HRR_COOKIE
ExpectIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
WOLFSSL_SUCCESS);
#endif
#endif
#ifdef HAVE_SUPPORTED_CURVES
#ifdef HAVE_ECC
ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1),
BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
do {
ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
}
while (ret == WC_PENDING_E);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
do {
ret = wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
}
while (ret == WC_PENDING_E);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
do {
ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1);
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
}
while (ret == WC_PENDING_E);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#elif defined(HAVE_CURVE25519)
ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
WOLFSSL_SUCCESS);
#endif
#elif defined(HAVE_CURVE448)
ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X448), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X448),
WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X448),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X448),
WOLFSSL_SUCCESS);
#endif
#else
ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1),
BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
NOT_COMPILED_IN);
#endif
ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
NOT_COMPILED_IN);
#endif
#endif
#if defined(WOLFSSL_HAVE_KYBER)
ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3),
WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_KYBER_LEVEL3),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_KYBER_LEVEL3),
WOLFSSL_SUCCESS);
#endif
#endif
ExpectIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
#endif
#endif /* HAVE_SUPPORTED_CURVES */
ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
#endif
ExpectIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
#endif
ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
#endif
ExpectIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
#endif
ExpectIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
#endif
ExpectIntEQ(wolfSSL_key_update_response(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_key_update_response(NULL, &required), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_key_update_response(clientTls12Ssl, &required),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_key_update_response(clientSsl, NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_key_update_response(serverSsl, NULL), BAD_FUNC_ARG);
#endif
#if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
#endif
ExpectIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
#endif
ExpectIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
#endif
#endif
#ifdef HAVE_ECC
#ifndef WOLFSSL_NO_SERVER_GROUPS_EXT
ExpectIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
#endif
#endif
#ifdef HAVE_SUPPORTED_CURVES
ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, bad_groups, numGroups),
BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, bad_groups, numGroups),
BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups,
WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_groups(clientSsl, bad_groups, numGroups),
BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_groups(serverSsl, bad_groups, numGroups),
BAD_FUNC_ARG);
#endif
#ifdef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, NULL),
WOLFSSL_FAILURE);
#endif
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList),
WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList),
WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_CTX_set1_groups_list(serverCtx, groupList),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, NULL), WOLFSSL_FAILURE);
#endif
ExpectIntEQ(wolfSSL_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList),
WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList),
WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_set1_groups_list(serverSsl, groupList),
WOLFSSL_SUCCESS);
#endif
#endif /* OPENSSL_EXTRA */
#endif /* HAVE_SUPPORTED_CURVES */
#endif /* HAVE_ECC */
#ifdef WOLFSSL_EARLY_DATA
#ifndef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
#else
ExpectIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
ExpectIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
#else
ExpectIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
ExpectIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
#ifndef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
#else
ExpectIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0),
BAD_FUNC_ARG);
ExpectIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
#endif
#endif
#ifndef OPENSSL_EXTRA
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32),
WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0);
#endif
ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32);
#else
ExpectIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1);
ExpectIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32);
#endif
#endif
#ifndef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG);
#else
ExpectIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef OPENSSL_EXTRA
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), 0);
#endif
ExpectIntEQ(wolfSSL_get_max_early_data(clientSsl), 17);
#else
ExpectIntEQ(SSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_get_max_early_data(clientSsl), 17);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
#ifndef OPENSSL_EXTRA
ExpectIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
#else
ExpectIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
ExpectIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
#endif
#endif
#ifndef OPENSSL_EXTRA
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0);
#endif
ExpectIntEQ(wolfSSL_get_max_early_data(serverSsl), 16);
#else
ExpectIntEQ(SSL_set_max_early_data(serverSsl, 16), 1);
ExpectIntEQ(SSL_get_max_early_data(serverSsl), 16);
#endif
#endif
ExpectIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
&outSz), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData),
&outSz), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
sizeof(earlyData), NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
sizeof(earlyData), &outSz), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
sizeof(earlyData), &outSz), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
sizeof(earlyData), &outSz), WOLFSSL_FATAL_ERROR);
#endif
ExpectIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
ExpectIntEQ(wolfSSL_read_early_data(serverSsl, NULL,
sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1,
&outSz), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
sizeof(earlyDataBuffer), NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
ExpectIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
ExpectIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
#endif
ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz), WOLFSSL_FATAL_ERROR);
#endif
#endif
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EARLY_DATA)
ExpectIntLT(SSL_get_early_data_status(NULL), 0);
#endif
#ifndef NO_WOLFSSL_SERVER
wolfSSL_free(serverSsl);
wolfSSL_CTX_free(serverCtx);
#endif
#ifndef NO_WOLFSSL_CLIENT
wolfSSL_free(clientSsl);
wolfSSL_CTX_free(clientCtx);
#endif
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
wolfSSL_free(serverTls12Ssl);
wolfSSL_CTX_free(serverTls12Ctx);
#endif
#ifndef NO_WOLFSSL_CLIENT
wolfSSL_free(clientTls12Ssl);
wolfSSL_CTX_free(clientTls12Ctx);
#endif
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_ECC) && defined(BUILD_TLS_AES_128_GCM_SHA256) && \
defined(BUILD_TLS_AES_256_GCM_SHA384)
/* Called when writing. */
static int CsSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
(void)ssl;
(void)buf;
(void)sz;
(void)ctx;
/* Force error return from wolfSSL_accept_TLSv13(). */
return WANT_WRITE;
}
/* Called when reading. */
static int CsRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
WOLFSSL_BUFFER_INFO* msg = (WOLFSSL_BUFFER_INFO*)ctx;
int len = (int)msg->length;
(void)ssl;
(void)sz;
/* Pass back as much of message as will fit in buffer. */
if (len > sz)
len = sz;
XMEMCPY(buf, msg->buffer, len);
/* Move over returned data. */
msg->buffer += len;
msg->length -= len;
/* Amount actually copied. */
return len;
}
#endif
static int test_tls13_cipher_suites(void)
{
EXPECT_DECLS;
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_ECC) && defined(BUILD_TLS_AES_128_GCM_SHA256) && \
defined(BUILD_TLS_AES_256_GCM_SHA384)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL *ssl = NULL;
int i;
byte clientHello[] = {
0x16, 0x03, 0x03, 0x01, 0x9b, 0x01, 0x00, 0x01,
0x97, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
0x6e, 0xab, 0x66, 0xdd, 0xcf, 0xe9, 0x65, 0x55,
0xe8, 0xdf, 0xc3, 0x8e, 0x4b, 0x00, 0xbc, 0xf8,
0x23, 0x57, 0x1b, 0xa0, 0xc8, 0xa9, 0xe2, 0x8c,
0x91, 0x6e, 0xf9, 0x20, 0xf7, 0x5c, 0xc5, 0x5b,
0x75, 0x8c, 0x47, 0x0a, 0x0e, 0xc4, 0x1a, 0xda,
0xef, 0x75, 0xe5, 0x21, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x04,
/* Cipher suites: 0x13, 0x01 = TLS13-AES128-GCM-SHA256, twice. */
0x13, 0x01,
0x13, 0x01, 0x01, 0x00, 0x01, 0x4a, 0x00, 0x2d,
0x00, 0x03, 0x02, 0x00, 0x01, 0x00, 0x33, 0x00,
0x47, 0x00, 0x45, 0x00, 0x17, 0x00, 0x41, 0x04,
0x90, 0xfc, 0xe2, 0x97, 0x05, 0x7c, 0xb5, 0x23,
0x5d, 0x5f, 0x5b, 0xcd, 0x0c, 0x1e, 0xe0, 0xe9,
0xab, 0x38, 0x6b, 0x1e, 0x20, 0x5c, 0x1c, 0x90,
0x2a, 0x9e, 0x68, 0x8e, 0x70, 0x05, 0x10, 0xa8,
0x02, 0x1b, 0xf9, 0x5c, 0xef, 0xc9, 0xaf, 0xca,
0x1a, 0x3b, 0x16, 0x8b, 0xe4, 0x1b, 0x3c, 0x15,
0xb8, 0x0d, 0xbd, 0xaf, 0x62, 0x8d, 0xa7, 0x13,
0xa0, 0x7c, 0xe0, 0x59, 0x0c, 0x4f, 0x8a, 0x6d,
0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, 0x04, 0x00,
0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x03, 0x05,
0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06, 0x08,
0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08,
0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03,
0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x04, 0x00,
0x02, 0x00, 0x17, 0x00, 0x16, 0x00, 0x00, 0x00,
0x23, 0x00, 0x00, 0x00, 0x29, 0x00, 0xb9, 0x00,
0x94, 0x00, 0x8e, 0x0f, 0x12, 0xfa, 0x84, 0x1f,
0x76, 0x94, 0xd7, 0x09, 0x5e, 0xad, 0x08, 0x51,
0xb6, 0x80, 0x28, 0x31, 0x8b, 0xfd, 0xc6, 0xbd,
0x9e, 0xf5, 0x3b, 0x4d, 0x02, 0xbe, 0x1d, 0x73,
0xea, 0x13, 0x68, 0x00, 0x4c, 0xfd, 0x3d, 0x48,
0x51, 0xf9, 0x06, 0xbb, 0x92, 0xed, 0x42, 0x9f,
0x7f, 0x2c, 0x73, 0x9f, 0xd9, 0xb4, 0xef, 0x05,
0x26, 0x5b, 0x60, 0x5c, 0x0a, 0xfc, 0xa3, 0xbd,
0x2d, 0x2d, 0x8b, 0xf9, 0xaa, 0x5c, 0x96, 0x3a,
0xf2, 0xec, 0xfa, 0xe5, 0x57, 0x2e, 0x87, 0xbe,
0x27, 0xc5, 0x3d, 0x4f, 0x5d, 0xdd, 0xde, 0x1c,
0x1b, 0xb3, 0xcc, 0x27, 0x27, 0x57, 0x5a, 0xd9,
0xea, 0x99, 0x27, 0x23, 0xa6, 0x0e, 0xea, 0x9c,
0x0d, 0x85, 0xcb, 0x72, 0xeb, 0xd7, 0x93, 0xe3,
0xfe, 0xf7, 0x5c, 0xc5, 0x5b, 0x75, 0x8c, 0x47,
0x0a, 0x0e, 0xc4, 0x1a, 0xda, 0xef, 0x75, 0xe5,
0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0xfb, 0x92, 0xce, 0xaa, 0x00, 0x21, 0x20,
0xcb, 0x73, 0x25, 0x80, 0x46, 0x78, 0x4f, 0xe5,
0x34, 0xf6, 0x91, 0x13, 0x7f, 0xc8, 0x8d, 0xdc,
0x81, 0x04, 0xb7, 0x0d, 0x49, 0x85, 0x2e, 0x12,
0x7a, 0x07, 0x23, 0xe9, 0x13, 0xa4, 0x6d, 0x8c
};
WOLFSSL_BUFFER_INFO msg;
/* Offset into ClientHello message data of first cipher suite. */
const int csOff = 78;
/* Server cipher list. */
const char* serverCs = "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256";
/* Suite list with duplicates. */
const char* dupCs = "TLS13-AES128-GCM-SHA256:"
"TLS13-AES128-GCM-SHA256:"
"TLS13-AES256-GCM-SHA384:"
"TLS13-AES256-GCM-SHA384:"
"TLS13-AES128-GCM-SHA256";
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)
const byte dupCsBytes[] = { TLS13_BYTE, TLS_AES_256_GCM_SHA384,
TLS13_BYTE, TLS_AES_256_GCM_SHA384,
TLS13_BYTE, TLS_AES_128_GCM_SHA256,
TLS13_BYTE, TLS_AES_128_GCM_SHA256,
TLS13_BYTE, TLS_AES_256_GCM_SHA384 };
#endif
/* Set up wolfSSL context. */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
WOLFSSL_FILETYPE_PEM));
/* Read from 'msg'. */
wolfSSL_SetIORecv(ctx, CsRecv);
/* No where to send to - dummy sender. */
wolfSSL_SetIOSend(ctx, CsSend);
/* Test cipher suite list with many copies of a cipher suite. */
ExpectNotNull(ssl = wolfSSL_new(ctx));
msg.buffer = clientHello;
msg.length = (unsigned int)sizeof(clientHello);
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Force server to have as many occurrences of same cipher suite as
* possible. */
if (ssl != NULL) {
Suites* suites = (Suites*)WOLFSSL_SUITES(ssl);
suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
for (i = 0; i < suites->suiteSz; i += 2) {
suites->suites[i + 0] = TLS13_BYTE;
suites->suites[i + 1] = TLS_AES_128_GCM_SHA256;
}
}
/* Test multiple occurrences of same cipher suite. */
ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
wolfSSL_free(ssl);
ssl = NULL;
/* Set client order opposite to server order:
* TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384 */
clientHello[csOff + 0] = TLS13_BYTE;
clientHello[csOff + 1] = TLS_AES_128_GCM_SHA256;
clientHello[csOff + 2] = TLS13_BYTE;
clientHello[csOff + 3] = TLS_AES_256_GCM_SHA384;
/* Test server order negotiation. */
ExpectNotNull(ssl = wolfSSL_new(ctx));
msg.buffer = clientHello;
msg.length = (unsigned int)sizeof(clientHello);
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */
ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
/* Negotiate cipher suites in server order: TLS13-AES256-GCM-SHA384 */
ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
/* Check refined order - server order. */
ExpectIntEQ(ssl->suites->suiteSz, 4);
ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE);
ExpectIntEQ(ssl->suites->suites[1], TLS_AES_256_GCM_SHA384);
ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE);
ExpectIntEQ(ssl->suites->suites[3], TLS_AES_128_GCM_SHA256);
wolfSSL_free(ssl);
ssl = NULL;
/* Test client order negotiation. */
ExpectNotNull(ssl = wolfSSL_new(ctx));
msg.buffer = clientHello;
msg.length = (unsigned int)sizeof(clientHello);
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */
ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_UseClientSuites(ssl), 0);
/* Negotiate cipher suites in client order: TLS13-AES128-GCM-SHA256 */
ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
/* Check refined order - client order. */
ExpectIntEQ(ssl->suites->suiteSz, 4);
ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE);
ExpectIntEQ(ssl->suites->suites[1], TLS_AES_128_GCM_SHA256);
ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE);
ExpectIntEQ(ssl->suites->suites[3], TLS_AES_256_GCM_SHA384);
wolfSSL_free(ssl);
ssl = NULL;
/* Check duplicate detection is working. */
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, dupCs), WOLFSSL_SUCCESS);
ExpectIntEQ(ctx->suites->suiteSz, 4);
ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE);
ExpectIntEQ(ctx->suites->suites[1], TLS_AES_128_GCM_SHA256);
ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE);
ExpectIntEQ(ctx->suites->suites[3], TLS_AES_256_GCM_SHA384);
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)
ExpectIntEQ(wolfSSL_CTX_set_cipher_list_bytes(ctx, dupCsBytes,
sizeof(dupCsBytes)), WOLFSSL_SUCCESS);
ExpectIntEQ(ctx->suites->suiteSz, 4);
ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE);
ExpectIntEQ(ctx->suites->suites[1], TLS_AES_256_GCM_SHA384);
ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE);
ExpectIntEQ(ctx->suites->suites[3], TLS_AES_128_GCM_SHA256);
#endif
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#endif
#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \
!defined(NO_AES) && defined(HAVE_AES_CBC) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int my_DhCallback(WOLFSSL* ssl, struct DhKey* key,
const unsigned char* priv, unsigned int privSz,
const unsigned char* pubKeyDer, unsigned int pubKeySz,
unsigned char* out, unsigned int* outlen,
void* ctx)
{
int result;
/* Test fail when context associated with WOLFSSL is NULL */
if (ctx == NULL) {
return -1;
}
(void)ssl;
/* return 0 on success */
PRIVATE_KEY_UNLOCK();
result = wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz);
PRIVATE_KEY_LOCK();
return result;
}
static int test_dh_ctx_setup(WOLFSSL_CTX* ctx) {
EXPECT_DECLS;
wolfSSL_CTX_SetDhAgreeCb(ctx, my_DhCallback);
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES128-SHA256"),
WOLFSSL_SUCCESS);
#endif
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, "DHE-RSA-AES256-SHA256"),
WOLFSSL_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_dh_ssl_setup(WOLFSSL* ssl)
{
EXPECT_DECLS;
static int dh_test_ctx = 1;
int ret;
wolfSSL_SetDhAgreeCtx(ssl, &dh_test_ctx);
ExpectIntEQ(*((int*)wolfSSL_GetDhAgreeCtx(ssl)), dh_test_ctx);
ret = wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS && ret != SIDE_ERROR) {
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
}
return EXPECT_RESULT();
}
static int test_dh_ssl_setup_fail(WOLFSSL* ssl)
{
EXPECT_DECLS;
int ret;
wolfSSL_SetDhAgreeCtx(ssl, NULL);
ExpectNull(wolfSSL_GetDhAgreeCtx(ssl));
ret = wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS && ret != SIDE_ERROR) {
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
}
return EXPECT_RESULT();
}
#endif
static int test_DhCallbacks(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \
!defined(NO_AES) && defined(HAVE_AES_CBC) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
int test;
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
/* Test that DH callback APIs work. */
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(wolfSSL_CTX_set_cipher_list(NULL, "NONE"), WOLFSSL_FAILURE);
wolfSSL_CTX_SetDhAgreeCb(ctx, &my_DhCallback);
/* load client ca cert */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
WOLFSSL_SUCCESS);
/* test with NULL arguments */
wolfSSL_SetDhAgreeCtx(NULL, &test);
ExpectNull(wolfSSL_GetDhAgreeCtx(NULL));
/* test success case */
test = 1;
ExpectNotNull(ssl = wolfSSL_new(ctx));
wolfSSL_SetDhAgreeCtx(ssl, &test);
ExpectIntEQ(*((int*)wolfSSL_GetDhAgreeCtx(ssl)), test);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
/* set callbacks to use DH functions */
func_cb_client.ctx_ready = &test_dh_ctx_setup;
func_cb_client.ssl_ready = &test_dh_ssl_setup;
func_cb_client.method = wolfTLSv1_2_client_method;
func_cb_server.ctx_ready = &test_dh_ctx_setup;
func_cb_server.ssl_ready = &test_dh_ssl_setup;
func_cb_server.method = wolfTLSv1_2_server_method;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
/* Test fail */
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
/* set callbacks to use DH functions */
func_cb_client.ctx_ready = &test_dh_ctx_setup;
func_cb_client.ssl_ready = &test_dh_ssl_setup_fail;
func_cb_client.method = wolfTLSv1_2_client_method;
func_cb_server.ctx_ready = &test_dh_ctx_setup;
func_cb_server.ssl_ready = &test_dh_ssl_setup_fail;
func_cb_server.method = wolfTLSv1_2_server_method;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_FAIL);
#endif
return EXPECT_RESULT();
}
#endif /* HAVE_PK_CALLBACKS */
#ifdef HAVE_HASHDRBG
#ifdef TEST_RESEED_INTERVAL
static int test_wc_RNG_GenerateBlock_Reseed(void)
{
EXPECT_DECLS;
int i;
WC_RNG rng;
byte key[32];
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
for (i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0);
}
DoExpectIntEQ(wc_FreeRng(&rng), 0);
return EXPECT_RESULT();
}
#endif /* TEST_RESEED_INTERVAL */
static int test_wc_RNG_GenerateBlock(void)
{
EXPECT_DECLS;
int i;
WC_RNG rng;
byte key[32];
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
for (i = 0; i < 10; i++) {
ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0);
}
DoExpectIntEQ(wc_FreeRng(&rng), 0);
return EXPECT_RESULT();
}
#endif /* HAVE_HASHDRBG */
/*
* Testing get_rand_digit
*/
static int test_get_rand_digit(void)
{
EXPECT_DECLS;
#if !defined(WC_NO_RNG) && defined(WOLFSSL_PUBLIC_MP)
WC_RNG rng;
mp_digit d;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(get_rand_digit(&rng, &d), 0);
ExpectIntEQ(get_rand_digit(NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(get_rand_digit(NULL, &d), BAD_FUNC_ARG);
ExpectIntEQ(get_rand_digit(&rng, NULL), BAD_FUNC_ARG);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* End test_get_rand_digit*/
/*
* Testing get_digit_count
*/
static int test_get_digit_count(void)
{
EXPECT_DECLS;
#if !defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_PUBLIC_MP)
mp_int a;
XMEMSET(&a, 0, sizeof(mp_int));
ExpectIntEQ(mp_init(&a), 0);
ExpectIntEQ(get_digit_count(NULL), 0);
ExpectIntEQ(get_digit_count(&a), 0);
mp_clear(&a);
#endif
return EXPECT_RESULT();
} /* End test_get_digit_count*/
/*
* Testing mp_cond_copy
*/
static int test_mp_cond_copy(void)
{
EXPECT_DECLS;
#if (defined(HAVE_ECC) || defined(WOLFSSL_MP_COND_COPY)) && \
defined(WOLFSSL_PUBLIC_MP)
mp_int a;
mp_int b;
int copy = 0;
XMEMSET(&a, 0, sizeof(mp_int));
XMEMSET(&b, 0, sizeof(mp_int));
ExpectIntEQ(mp_init(&a), MP_OKAY);
ExpectIntEQ(mp_init(&b), MP_OKAY);
ExpectIntEQ(mp_cond_copy(NULL, copy, NULL), BAD_FUNC_ARG);
ExpectIntEQ(mp_cond_copy(NULL, copy, &b), BAD_FUNC_ARG);
ExpectIntEQ(mp_cond_copy(&a, copy, NULL), BAD_FUNC_ARG);
ExpectIntEQ(mp_cond_copy(&a, copy, &b), 0);
mp_clear(&a);
mp_clear(&b);
#endif
return EXPECT_RESULT();
} /* End test_mp_cond_copy*/
/*
* Testing mp_rand
*/
static int test_mp_rand(void)
{
EXPECT_DECLS;
#if defined(WC_RSA_BLINDING) && defined(WOLFSSL_PUBLIC_MP)
mp_int a;
WC_RNG rng;
int digits = 1;
XMEMSET(&a, 0, sizeof(mp_int));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(mp_init(&a), MP_OKAY);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(mp_rand(&a, digits, NULL), MISSING_RNG_E);
ExpectIntEQ(mp_rand(NULL, digits, &rng), BAD_FUNC_ARG);
ExpectIntEQ(mp_rand(&a, 0, &rng), BAD_FUNC_ARG);
ExpectIntEQ(mp_rand(&a, digits, &rng), 0);
mp_clear(&a);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* End test_mp_rand*/
/*
* Testing get_digit
*/
static int test_get_digit(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_PUBLIC_MP)
mp_int a;
int n = 0;
XMEMSET(&a, 0, sizeof(mp_int));
ExpectIntEQ(mp_init(&a), MP_OKAY);
ExpectIntEQ(get_digit(NULL, n), 0);
ExpectIntEQ(get_digit(&a, n), 0);
mp_clear(&a);
#endif
return EXPECT_RESULT();
} /* End test_get_digit*/
/*
* Testing wc_export_int
*/
static int test_wc_export_int(void)
{
EXPECT_DECLS;
#if (defined(HAVE_ECC) || defined(WOLFSSL_EXPORT_INT)) && \
defined(WOLFSSL_PUBLIC_MP)
mp_int mp;
byte buf[32];
word32 keySz = (word32)sizeof(buf);
word32 len = (word32)sizeof(buf);
XMEMSET(&mp, 0, sizeof(mp_int));
ExpectIntEQ(mp_init(&mp), MP_OKAY);
ExpectIntEQ(mp_set(&mp, 1234), 0);
ExpectIntEQ(wc_export_int(NULL, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN),
BAD_FUNC_ARG);
len = sizeof(buf)-1;
ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN),
BUFFER_E);
len = sizeof(buf);
ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN), 0);
len = 4; /* test input too small */
ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), BUFFER_E);
len = sizeof(buf);
ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), 0);
/* hex version of 1234 is 04D2 and should be 4 digits + 1 null */
ExpectIntEQ(len, 5);
mp_clear(&mp);
#endif
return EXPECT_RESULT();
} /* End test_wc_export_int*/
static int test_wc_InitRngNonce(void)
{
EXPECT_DECLS;
#if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
HAVE_FIPS_VERSION >= 2))
WC_RNG rng;
byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
"\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
word32 nonceSz = sizeof(nonce);
ExpectIntEQ(wc_InitRngNonce(&rng, nonce, nonceSz), 0);
ExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* End test_wc_InitRngNonce*/
/*
* Testing wc_InitRngNonce_ex
*/
static int test_wc_InitRngNonce_ex(void)
{
EXPECT_DECLS;
#if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
HAVE_FIPS_VERSION >= 2))
WC_RNG rng;
byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
"\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
word32 nonceSz = sizeof(nonce);
ExpectIntEQ(wc_InitRngNonce_ex(&rng, nonce, nonceSz, HEAP_HINT, testDevId),
0);
ExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* End test_wc_InitRngNonce_ex */
static int test_wolfSSL_X509_CRL(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL)
X509_CRL *crl = NULL;
char pem[][100] = {
"./certs/crl/crl.pem",
"./certs/crl/crl2.pem",
"./certs/crl/caEccCrl.pem",
"./certs/crl/eccCliCRL.pem",
"./certs/crl/eccSrvCRL.pem",
""
};
#ifndef NO_BIO
BIO *bio = NULL;
#endif
#ifdef HAVE_TEST_d2i_X509_CRL_fp
char der[][100] = {
"./certs/crl/crl.der",
"./certs/crl/crl2.der",
""};
#endif
XFILE fp = XBADFILE;
int i;
for (i = 0; pem[i][0] != '\0'; i++)
{
ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
ExpectNotNull(crl);
X509_CRL_free(crl);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE);
ExpectNotNull((X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)&crl, NULL,
NULL));
if (EXPECT_FAIL()) {
crl = NULL;
}
ExpectNotNull(crl);
X509_CRL_free(crl);
crl = NULL;
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
}
#ifndef NO_BIO
for (i = 0; pem[i][0] != '\0'; i++)
{
ExpectNotNull(bio = BIO_new_file(pem[i], "rb"));
ExpectNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL));
X509_CRL_free(crl);
crl = NULL;
BIO_free(bio);
bio = NULL;
}
#endif
#ifdef HAVE_TEST_d2i_X509_CRL_fp
for (i = 0; der[i][0] != '\0'; i++) {
ExpectTrue((fp = XFOPEN(der[i], "rb")) != XBADFILE);
ExpectTrue((fp != XBADFILE));
ExpectNotNull(crl = (X509_CRL *)d2i_X509_CRL_fp((fp, X509_CRL **)NULL));
ExpectNotNull(crl);
X509_CRL_free(crl);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
fp = XFOPEN(der[i], "rb");
ExpectTrue((fp != XBADFILE));
ExpectNotNull((X509_CRL *)d2i_X509_CRL_fp(fp, (X509_CRL **)&crl));
if (EXPECT_FAIL()) {
crl = NULL;
}
ExpectNotNull(crl);
X509_CRL_free(crl);
crl = NULL;
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_load_crl_file(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
!defined(NO_STDIO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO) && \
!defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
int i;
char pem[][100] = {
"./certs/crl/crl.pem",
"./certs/crl/crl2.pem",
"./certs/crl/caEccCrl.pem",
"./certs/crl/eccCliCRL.pem",
"./certs/crl/eccSrvCRL.pem",
#ifdef WC_RSA_PSS
"./certs/crl/crl_rsapss.pem",
#endif
""
};
char der[][100] = {
"./certs/crl/crl.der",
"./certs/crl/crl2.der",
""
};
WOLFSSL_X509_STORE* store = NULL;
WOLFSSL_X509_LOOKUP* lookup = NULL;
ExpectNotNull(store = wolfSSL_X509_STORE_new());
ExpectNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem",
X509_FILETYPE_PEM), 1);
#ifdef WC_RSA_PSS
ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/rsapss/ca-rsapss.pem",
X509_FILETYPE_PEM), 1);
#endif
ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/server-revoked-cert.pem",
X509_FILETYPE_PEM), 1);
if (store) {
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile,
WOLFSSL_FILETYPE_PEM), 1);
/* since store hasn't yet known the revoked cert*/
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm,
"certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), 1);
}
for (i = 0; pem[i][0] != '\0'; i++) {
ExpectIntEQ(X509_load_crl_file(lookup, pem[i], WOLFSSL_FILETYPE_PEM),
1);
}
if (store) {
/* since store knows crl list */
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm,
"certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM),
CRL_CERT_REVOKED);
#ifdef WC_RSA_PSS
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm,
"certs/rsapss/server-rsapss-cert.pem", WOLFSSL_FILETYPE_PEM),
CRL_CERT_REVOKED);
#endif
}
/* once feeing store */
X509_STORE_free(store);
store = NULL;
ExpectNotNull(store = wolfSSL_X509_STORE_new());
ExpectNotNull(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()));
ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/ca-cert.pem",
X509_FILETYPE_PEM), 1);
ExpectIntEQ(X509_LOOKUP_load_file(lookup, "certs/server-revoked-cert.pem",
X509_FILETYPE_PEM), 1);
if (store) {
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm, svrCertFile,
WOLFSSL_FILETYPE_PEM), 1);
/* since store hasn't yet known the revoked cert*/
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm,
"certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM), 1);
}
for (i = 0; der[i][0] != '\0'; i++) {
ExpectIntEQ(X509_load_crl_file(lookup, der[i], WOLFSSL_FILETYPE_ASN1),
1);
}
if (store) {
/* since store knows crl list */
ExpectIntEQ(wolfSSL_CertManagerVerify(store->cm,
"certs/server-revoked-cert.pem", WOLFSSL_FILETYPE_PEM),
CRL_CERT_REVOKED);
}
/* test for incorrect parameter */
ExpectIntEQ(X509_load_crl_file(NULL, pem[0], 0), 0);
ExpectIntEQ(X509_load_crl_file(lookup, NULL, 0), 0);
ExpectIntEQ(X509_load_crl_file(NULL, NULL, 0), 0);
X509_STORE_free(store);
store = NULL;
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_X509(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
const unsigned char* cert_buf = server_cert_der_2048;
unsigned char* out = NULL;
unsigned char* tmp = NULL;
X509* cert = NULL;
ExpectNotNull(d2i_X509(&cert, &cert_buf, sizeof_server_cert_der_2048));
/* Pointer should be advanced */
ExpectPtrGT(cert_buf, server_cert_der_2048);
ExpectIntGT(i2d_X509(cert, &out), 0);
ExpectNotNull(out);
tmp = out;
ExpectIntGT(i2d_X509(cert, &tmp), 0);
ExpectPtrGT(tmp, out);
if (out != NULL)
XFREE(out, NULL, DYNAMIC_TYPE_OPENSSL);
X509_free(cert);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_X509_REQ(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && !defined(NO_BIO) && \
(defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && \
!defined(WOLFSSL_SP_MATH)
/* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der
* were generated by libest
* ./certs/csr.attr.der contains sample attributes
* ./certs/csr.ext.der contains sample extensions */
const char* csrFile = "./certs/csr.signed.der";
const char* csrPopFile = "./certs/csr.attr.der";
const char* csrExtFile = "./certs/csr.ext.der";
/* ./certs/csr.dsa.pem is generated using
* openssl req -newkey dsa:certs/dsaparams.pem \
* -keyout certs/csr.dsa.key.pem -keyform PEM -out certs/csr.dsa.pem \
* -outform PEM
* with the passphrase "wolfSSL"
*/
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
const char* csrDsaFile = "./certs/csr.dsa.pem";
XFILE f = XBADFILE;
#endif
BIO* bio = NULL;
X509* req = NULL;
EVP_PKEY *pub_key = NULL;
{
ExpectNotNull(bio = BIO_new_file(csrFile, "rb"));
ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
/*
* Extract the public key from the CSR
*/
ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
X509_free(req);
req = NULL;
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pub_key);
pub_key = NULL;
}
{
#ifdef OPENSSL_ALL
X509_ATTRIBUTE* attr = NULL;
ASN1_TYPE *at = NULL;
#endif
ExpectNotNull(bio = BIO_new_file(csrPopFile, "rb"));
ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
/*
* Extract the public key from the CSR
*/
ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
#ifdef OPENSSL_ALL
/*
* Obtain the challenge password from the CSR
*/
ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword,
-1), 1);
ExpectNotNull(attr = X509_REQ_get_attr(req, 1));
ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
ExpectNotNull(at->value.asn1_string);
ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string),
"2xIE+qqp/rhyTXP+");
ExpectIntEQ(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), -1);
#endif
X509_free(req);
req = NULL;
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pub_key);
pub_key = NULL;
}
{
#ifdef OPENSSL_ALL
X509_ATTRIBUTE* attr = NULL;
ASN1_TYPE *at = NULL;
STACK_OF(X509_EXTENSION) *exts = NULL;
#endif
ExpectNotNull(bio = BIO_new_file(csrExtFile, "rb"));
/* This CSR contains an Extension Request attribute so
* we test extension parsing in a CSR attribute here. */
ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
/*
* Extract the public key from the CSR
*/
ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
#ifdef OPENSSL_ALL
ExpectNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions(
req));
ExpectIntEQ(sk_X509_EXTENSION_num(exts), 2);
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
/*
* Obtain the challenge password from the CSR
*/
ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword,
-1), 0);
ExpectNotNull(attr = X509_REQ_get_attr(req, 0));
ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
ExpectNotNull(at->value.asn1_string);
ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");
ExpectIntGE(X509_get_ext_by_NID(req, NID_key_usage, -1), 0);
ExpectIntGE(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), 0);
#endif
X509_free(req);
req = NULL;
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pub_key);
pub_key = NULL;
}
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
{
ExpectNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
ExpectNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
/*
* Extract the public key from the CSR
*/
ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
X509_free(req);
req = NULL;
BIO_free(bio);
/* Run the same test, but with a file pointer instead of a BIO.
* (PEM_read_X509_REQ)*/
ExpectTrue((f = XFOPEN(csrDsaFile, "rb")) != XBADFILE);
ExpectNotNull(PEM_read_X509_REQ(f, &req, NULL, NULL));
ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
X509_free(req);
EVP_PKEY_free(pub_key);
}
#endif /* !NO_DSA && !HAVE_SELFTEST */
#endif /* WOLFSSL_CERT_REQ && (OPENSSL_ALL || OPENSSL_EXTRA) */
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_X509(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
X509 *x509 = NULL;
XFILE fp = XBADFILE;
ExpectTrue((fp = XFOPEN(svrCertFile, "rb")) != XBADFILE);
ExpectNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL));
X509_free(x509);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO)
const char* filename = "./certs/server-keyEnc.pem";
XFILE fp = XBADFILE;
char* name = NULL;
char* header = NULL;
byte* data = NULL;
long len;
EVP_CIPHER_INFO cipher;
WOLFSSL_BIO* bio = NULL;
byte* fileData = NULL;
size_t fileDataSz = 0;
byte* out;
ExpectNotNull(bio = BIO_new_file(filename, "rb"));
ExpectIntEQ(PEM_read_bio(bio, NULL, &header, &data, &len), 0);
ExpectIntEQ(PEM_read_bio(bio, &name, NULL, &data, &len), 0);
ExpectIntEQ(PEM_read_bio(bio, &name, &header, NULL, &len), 0);
ExpectIntEQ(PEM_read_bio(bio, &name, &header, &data, NULL), 0);
ExpectIntEQ(PEM_read_bio(bio, &name, &header, &data, &len), 1);
ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
ExpectIntGT(XSTRLEN(header), 0);
ExpectIntGT(len, 0);
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
name = NULL;
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
header = NULL;
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
data = NULL;
BIO_free(bio);
bio = NULL;
ExpectTrue((fp = XFOPEN(filename, "rb")) != XBADFILE);
/* Fail cases. */
ExpectIntEQ(PEM_read(fp, NULL, &header, &data, &len), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_read(fp, &name, NULL, &data, &len), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_read(fp, &name, &header, NULL, &len), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_read(fp, &name, &header, &data, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
ExpectIntGT(XSTRLEN(header), 0);
ExpectIntGT(len, 0);
ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
ExpectIntGT((fileDataSz = XFTELL(fp)), 0);
ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
/* Fail cases. */
ExpectIntEQ(PEM_write_bio(NULL, name, header, data, len), 0);
ExpectIntEQ(PEM_write_bio(bio, NULL, header, data, len), 0);
ExpectIntEQ(PEM_write_bio(bio, name, NULL, data, len), 0);
ExpectIntEQ(PEM_write_bio(bio, name, header, NULL, len), 0);
ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
/* Fail cases. */
ExpectIntEQ(PEM_write(XBADFILE, name, header, data, len), 0);
ExpectIntEQ(PEM_write(stderr, NULL, header, data, len), 0);
ExpectIntEQ(PEM_write(stderr, name, NULL, data, len), 0);
ExpectIntEQ(PEM_write(stderr, name, header, NULL, len), 0);
/* Pass case */
ExpectIntEQ(PEM_write(stderr, name, header, data, len), fileDataSz);
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
name = NULL;
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
header = NULL;
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
data = NULL;
/* Read out of a fixed buffer BIO - forces malloc in PEM_read_bio. */
ExpectIntEQ(PEM_read_bio(bio, &name, &header, &data, &len), 1);
ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
ExpectIntGT(XSTRLEN(header), 0);
ExpectIntGT(len, 0);
/* Fail cases. */
ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(NULL, &cipher), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_get_EVP_CIPHER_INFO((char*)"", &cipher), WOLFSSL_FAILURE);
#ifndef NO_DES3
ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, &cipher), WOLFSSL_SUCCESS);
#endif
/* Fail cases. */
ExpectIntEQ(PEM_do_header(NULL, data, &len, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_do_header(&cipher, NULL, &len, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_do_header(&cipher, data, NULL, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_do_header(&cipher, data, &len, NULL,
(void*)"yassl123"), WOLFSSL_FAILURE);
ExpectIntEQ(PEM_do_header(&cipher, data, &len, NoPasswordCallBack,
(void*)"yassl123"), WOLFSSL_FAILURE);
#if !defined(NO_DES3) && !defined(NO_MD5)
ExpectIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_FAILURE);
#endif
BIO_free(bio);
bio = NULL;
XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
fileData = NULL;
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
name = NULL;
header = NULL;
data = NULL;
ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE);
ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
ExpectIntEQ(XSTRLEN(header), 0);
ExpectIntGT(len, 0);
ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
ExpectIntGT((fileDataSz = XFTELL(fp)), 0);
ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
BIO_free(bio);
XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_gcm_AAD_2_parts(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
const byte iv[12] = { 0 };
const byte key[16] = { 0 };
const byte cleartext[16] = { 0 };
const byte aad[] = {
0x01, 0x10, 0x00, 0x2a, 0x08, 0x00, 0x04, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08,
0x00, 0x00, 0xdc, 0x4d, 0xad, 0x6b, 0x06, 0x93,
0x4f
};
byte out1Part[16];
byte outTag1Part[16];
byte out2Part[16];
byte outTag2Part[16];
byte decryptBuf[16];
int len = 0;
int tlen;
EVP_CIPHER_CTX* ctx = NULL;
/* ENCRYPT */
/* Send AAD and data in 1 part */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
ExpectIntEQ(EVP_EncryptUpdate(ctx, out1Part, &len, cleartext,
sizeof(cleartext)), 1);
tlen += len;
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out1Part, &len), 1);
tlen += len;
ExpectIntEQ(tlen, sizeof(cleartext));
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
outTag1Part), 1);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* DECRYPT */
/* Send AAD and data in 1 part */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part,
sizeof(cleartext)), 1);
tlen += len;
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
outTag1Part), 1);
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf, &len), 1);
tlen += len;
ExpectIntEQ(tlen, sizeof(cleartext));
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
/* ENCRYPT */
/* Send AAD and data in 2 parts */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, 1), 1);
ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
1);
ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part, &len, cleartext, 1), 1);
tlen += len;
ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part + tlen, &len, cleartext + 1,
sizeof(cleartext) - 1), 1);
tlen += len;
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out2Part + tlen, &len), 1);
tlen += len;
ExpectIntEQ(tlen, sizeof(cleartext));
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
outTag2Part), 1);
ExpectIntEQ(XMEMCMP(out1Part, out2Part, sizeof(out1Part)), 0);
ExpectIntEQ(XMEMCMP(outTag1Part, outTag2Part, sizeof(outTag1Part)), 0);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* DECRYPT */
/* Send AAD and data in 2 parts */
ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, 1), 1);
ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
1);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, 1), 1);
tlen += len;
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf + tlen, &len, out1Part + 1,
sizeof(cleartext) - 1), 1);
tlen += len;
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
outTag1Part), 1);
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf + tlen, &len), 1);
tlen += len;
ExpectIntEQ(tlen, sizeof(cleartext));
ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
/* Test AAD reuse */
EVP_CIPHER_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* Zero length plain text */
byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte iv[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte plaintxt[1];
int ivSz = 12;
int plaintxtSz = 0;
unsigned char tag[16];
unsigned char tag_kat[] = {
0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9,
0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b
};
byte ciphertxt[AES_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_gcm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
plaintxtSz));
ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
ExpectIntEQ(0, ciphertxtSz);
ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
EVP_CIPHER_CTX_init(de);
ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_gcm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(0, decryptedtxtSz);
EVP_CIPHER_CTX_free(en);
EVP_CIPHER_CTX_free(de);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_gcm(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* A 256 bit key, AES_128 will use the first 128 bit*/
byte *key = (byte*)"01234567890123456789012345678901";
/* A 128 bit IV */
byte *iv = (byte*)"0123456789012345";
int ivSz = AES_BLOCK_SIZE;
/* Message to be encrypted */
byte *plaintxt = (byte*)"for things to change you have to change";
/* Additional non-confidential data */
byte *aad = (byte*)"Don't spend major time on minor things.";
unsigned char tag[AES_BLOCK_SIZE] = {0};
int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
int aadSz = (int)XSTRLEN((char*)aad);
byte ciphertxt[AES_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
int i = 0;
EVP_CIPHER_CTX en[2];
EVP_CIPHER_CTX de[2];
for (i = 0; i < 2; i++) {
EVP_CIPHER_CTX_init(&en[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL,
key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL,
NULL, NULL));
#endif
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
plaintxtSz));
ciphertxtSz = len;
ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG,
AES_BLOCK_SIZE, tag));
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
NULL, NULL));
#endif
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
AES_BLOCK_SIZE, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
/* modify tag*/
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
NULL, NULL));
#endif
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
}
tag[AES_BLOCK_SIZE-1]+=0xBB;
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
AES_BLOCK_SIZE, tag));
/* fail due to wrong tag */
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
ExpectIntEQ(0, len);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
}
#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aria_gcm(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ARIA) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* A 256 bit key, AES_128 will use the first 128 bit*/
byte *key = (byte*)"01234567890123456789012345678901";
/* A 128 bit IV */
byte *iv = (byte*)"0123456789012345";
int ivSz = ARIA_BLOCK_SIZE;
/* Message to be encrypted */
const int plaintxtSz = 40;
byte plaintxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
XMEMCPY(plaintxt,"for things to change you have to change",plaintxtSz);
/* Additional non-confidential data */
byte *aad = (byte*)"Don't spend major time on minor things.";
unsigned char tag[ARIA_BLOCK_SIZE] = {0};
int aadSz = (int)XSTRLEN((char*)aad);
byte ciphertxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
byte decryptedtxt[plaintxtSz];
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
int i = 0;
#define TEST_ARIA_GCM_COUNT 6
EVP_CIPHER_CTX en[TEST_ARIA_GCM_COUNT];
EVP_CIPHER_CTX de[TEST_ARIA_GCM_COUNT];
for (i = 0; i < TEST_ARIA_GCM_COUNT; i++) {
EVP_CIPHER_CTX_init(&en[i]);
switch (i) {
case 0:
/* Default uses 96-bits IV length */
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, key, iv));
break;
case 1:
/* Default uses 96-bits IV length */
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, key, iv));
break;
case 2:
/* Default uses 96-bits IV length */
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, key, iv));
break;
case 3:
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, NULL, NULL));
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
break;
case 4:
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, NULL, NULL));
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
break;
case 5:
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, NULL, NULL));
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
break;
}
XMEMSET(ciphertxt,0,sizeof(ciphertxt));
AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz));
ciphertxtSz = len;
AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
AssertIntNE(0, XMEMCMP(plaintxt, ciphertxt, plaintxtSz));
ciphertxtSz += len;
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, ARIA_BLOCK_SIZE, tag));
AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
EVP_CIPHER_CTX_init(&de[i]);
switch (i) {
case 0:
/* Default uses 96-bits IV length */
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, key, iv));
break;
case 1:
/* Default uses 96-bits IV length */
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, key, iv));
break;
case 2:
/* Default uses 96-bits IV length */
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, key, iv));
break;
case 3:
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, NULL, NULL));
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
break;
case 4:
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, NULL, NULL));
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
break;
case 5:
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, NULL, NULL));
/* non-default must to set the IV length first */
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
break;
}
XMEMSET(decryptedtxt,0,sizeof(decryptedtxt));
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
decryptedtxtSz = len;
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag));
AssertIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
AssertIntEQ(plaintxtSz, decryptedtxtSz);
AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
XMEMSET(decryptedtxt,0,sizeof(decryptedtxt));
/* modify tag*/
tag[AES_BLOCK_SIZE-1]+=0xBB;
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag));
/* fail due to wrong tag */
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
AssertIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
AssertIntEQ(0, len);
AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
}
res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */
return res;
}
static int test_wolfssl_EVP_aes_ccm_zeroLen(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* Zero length plain text */
byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte iv[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte plaintxt[1];
int ivSz = 12;
int plaintxtSz = 0;
unsigned char tag[16];
byte ciphertxt[AES_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_ccm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
plaintxtSz));
ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
ExpectIntEQ(0, ciphertxtSz);
EVP_CIPHER_CTX_init(de);
ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_ccm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(0, decryptedtxtSz);
EVP_CIPHER_CTX_free(en);
EVP_CIPHER_CTX_free(de);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_ccm(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* A 256 bit key, AES_128 will use the first 128 bit*/
byte *key = (byte*)"01234567890123456789012345678901";
/* A 128 bit IV */
byte *iv = (byte*)"0123456789012";
int ivSz = (int)XSTRLEN((char*)iv);
/* Message to be encrypted */
byte *plaintxt = (byte*)"for things to change you have to change";
/* Additional non-confidential data */
byte *aad = (byte*)"Don't spend major time on minor things.";
unsigned char tag[AES_BLOCK_SIZE] = {0};
int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
int aadSz = (int)XSTRLEN((char*)aad);
byte ciphertxt[AES_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
int i = 0;
int ret;
EVP_CIPHER_CTX en[2];
EVP_CIPHER_CTX de[2];
for (i = 0; i < 2; i++) {
EVP_CIPHER_CTX_init(&en[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL,
key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL,
NULL, NULL));
#endif
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
plaintxtSz));
ciphertxtSz = len;
ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG,
AES_BLOCK_SIZE, tag));
ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]);
ExpectIntEQ(ret, 1);
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL,
key, iv));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL,
key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_192)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL,
NULL, NULL));
#elif defined(WOLFSSL_AES_256)
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL,
NULL, NULL));
#endif
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
AES_BLOCK_SIZE, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
/* modify tag*/
tag[AES_BLOCK_SIZE-1]+=0xBB;
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
AES_BLOCK_SIZE, tag));
/* fail due to wrong tag */
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
ExpectIntEQ(0, len);
ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]);
ExpectIntEQ(ret, 1);
}
#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESCCM */
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_chacha20_poly1305(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
byte key[CHACHA20_POLY1305_AEAD_KEYSIZE];
byte iv [CHACHA20_POLY1305_AEAD_IV_SIZE];
byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
byte aad[] = {0xAA, 0XBB, 0xCC, 0xDD, 0xEE, 0xFF};
byte cipherText[sizeof(plainText)];
byte decryptedText[sizeof(plainText)];
byte tag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
EVP_CIPHER_CTX* ctx = NULL;
int outSz;
/* Encrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
/* Invalid IV length. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
CHACHA20_POLY1305_AEAD_IV_SIZE-1, NULL), WOLFSSL_FAILURE);
/* Valid IV length. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS);
/* Invalid tag length. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, NULL), WOLFSSL_FAILURE);
/* Valid tag length. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(aad));
ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
/* Invalid tag length. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, tag), WOLFSSL_FAILURE);
/* Valid tag length. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* Decrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(aad));
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(cipherText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* Test partial Inits. CipherInit() allow setting of key and iv
* in separate calls. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20_poly1305(),
key, NULL, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CipherUpdate(ctx, NULL, &outSz,
aad, sizeof(aad)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(aad));
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(cipherText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_chacha20(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA)
byte key[CHACHA_MAX_KEY_SZ];
byte iv [WOLFSSL_EVP_CHACHA_IV_BYTES];
byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
byte cipherText[sizeof(plainText)];
byte decryptedText[sizeof(plainText)];
EVP_CIPHER_CTX* ctx = NULL;
int outSz;
XMEMSET(key, 0, sizeof(key));
XMEMSET(iv, 0, sizeof(iv));
/* Encrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
/* Any tag length must fail - not an AEAD cipher. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
16, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* Decrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(cipherText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
/* Test partial Inits. CipherInit() allow setting of key and iv
* in separate calls. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20(),
key, NULL, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(cipherText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfssl_EVP_sm4_ecb(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_ECB)
EXPECT_DECLS;
byte key[SM4_KEY_SIZE];
byte plainText[SM4_BLOCK_SIZE] = {
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF,
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
};
byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE];
byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE];
EVP_CIPHER_CTX* ctx;
int outSz;
XMEMSET(key, 0, sizeof(key));
/* Encrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL),
WOLFSSL_SUCCESS);
/* Any tag length must fail - not an AEAD cipher. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, SM4_BLOCK_SIZE);
ExpectBufNE(cipherText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
/* Decrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
res = EXPECT_RESULT();
#endif
return res;
}
static int test_wolfssl_EVP_sm4_cbc(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CBC)
EXPECT_DECLS;
byte key[SM4_KEY_SIZE];
byte iv[SM4_BLOCK_SIZE];
byte plainText[SM4_BLOCK_SIZE] = {
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF,
0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
};
byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE];
byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE];
EVP_CIPHER_CTX* ctx;
int outSz;
XMEMSET(key, 0, sizeof(key));
XMEMSET(iv, 0, sizeof(iv));
/* Encrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL),
WOLFSSL_SUCCESS);
/* Any tag length must fail - not an AEAD cipher. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, SM4_BLOCK_SIZE);
ExpectBufNE(cipherText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
/* Decrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
/* Test partial Inits. CipherInit() allow setting of key and iv
* in separate calls. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_cbc(), key, NULL, 0),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 0),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
res = EXPECT_RESULT();
#endif
return res;
}
static int test_wolfssl_EVP_sm4_ctr(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CTR)
EXPECT_DECLS;
byte key[SM4_KEY_SIZE];
byte iv[SM4_BLOCK_SIZE];
byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
byte cipherText[sizeof(plainText)];
byte decryptedText[sizeof(plainText)];
EVP_CIPHER_CTX* ctx;
int outSz;
XMEMSET(key, 0, sizeof(key));
XMEMSET(iv, 0, sizeof(iv));
/* Encrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL),
WOLFSSL_SUCCESS);
/* Any tag length must fail - not an AEAD cipher. */
ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
WOLFSSL_FAILURE);
ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(plainText));
ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
ExpectBufNE(cipherText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
/* Decrypt. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(cipherText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
/* Test partial Inits. CipherInit() allow setting of key and iv
* in separate calls. */
ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_ctr(), key, NULL, 1),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, sizeof(cipherText));
ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
ExpectIntEQ(outSz, 0);
ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
EVP_CIPHER_CTX_free(ctx);
res = EXPECT_RESULT();
#endif
return res;
}
static int test_wolfssl_EVP_sm4_gcm_zeroLen(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM)
/* Zero length plain text */
EXPECT_DECLS;
byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte iv[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte plaintxt[1];
int ivSz = 12;
int plaintxtSz = 0;
unsigned char tag[16];
unsigned char tag_kat[16] = {
0x23,0x2f,0x0c,0xfe,0x30,0x8b,0x49,0xea,
0x6f,0xc8,0x82,0x29,0xb5,0xdc,0x85,0x8d
};
byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_gcm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
plaintxtSz));
ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
ExpectIntEQ(0, ciphertxtSz);
ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
EVP_CIPHER_CTX_init(de);
ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_gcm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(0, decryptedtxtSz);
EVP_CIPHER_CTX_free(en);
EVP_CIPHER_CTX_free(de);
res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */
return res;
}
static int test_wolfssl_EVP_sm4_gcm(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM)
EXPECT_DECLS;
byte *key = (byte*)"0123456789012345";
/* A 128 bit IV */
byte *iv = (byte*)"0123456789012345";
int ivSz = SM4_BLOCK_SIZE;
/* Message to be encrypted */
byte *plaintxt = (byte*)"for things to change you have to change";
/* Additional non-confidential data */
byte *aad = (byte*)"Don't spend major time on minor things.";
unsigned char tag[SM4_BLOCK_SIZE] = {0};
int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
int aadSz = (int)XSTRLEN((char*)aad);
byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
int i = 0;
EVP_CIPHER_CTX en[2];
EVP_CIPHER_CTX de[2];
for (i = 0; i < 2; i++) {
EVP_CIPHER_CTX_init(&en[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, key,
iv));
}
else {
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, NULL,
NULL));
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
plaintxtSz));
ciphertxtSz = len;
ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG,
SM4_BLOCK_SIZE, tag));
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, key,
iv));
}
else {
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, NULL,
NULL));
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
SM4_BLOCK_SIZE, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
/* modify tag*/
tag[SM4_BLOCK_SIZE-1]+=0xBB;
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
SM4_BLOCK_SIZE, tag));
/* fail due to wrong tag */
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
ExpectIntEQ(0, len);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
}
res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */
return res;
}
static int test_wolfssl_EVP_sm4_ccm_zeroLen(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM)
/* Zero length plain text */
EXPECT_DECLS;
byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte iv[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
}; /* align */
byte plaintxt[1];
int ivSz = 12;
int plaintxtSz = 0;
unsigned char tag[16];
byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_ccm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
plaintxtSz));
ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
ExpectIntEQ(0, ciphertxtSz);
EVP_CIPHER_CTX_init(de);
ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_ccm(), NULL, key, iv));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(0, decryptedtxtSz);
EVP_CIPHER_CTX_free(en);
EVP_CIPHER_CTX_free(de);
res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */
return res;
}
static int test_wolfssl_EVP_sm4_ccm(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM)
EXPECT_DECLS;
byte *key = (byte*)"0123456789012345";
byte *iv = (byte*)"0123456789012";
int ivSz = (int)XSTRLEN((char*)iv);
/* Message to be encrypted */
byte *plaintxt = (byte*)"for things to change you have to change";
/* Additional non-confidential data */
byte *aad = (byte*)"Don't spend major time on minor things.";
unsigned char tag[SM4_BLOCK_SIZE] = {0};
int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
int aadSz = (int)XSTRLEN((char*)aad);
byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
int ciphertxtSz = 0;
int decryptedtxtSz = 0;
int len = 0;
int i = 0;
EVP_CIPHER_CTX en[2];
EVP_CIPHER_CTX de[2];
for (i = 0; i < 2; i++) {
EVP_CIPHER_CTX_init(&en[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, key,
iv));
}
else {
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, NULL,
NULL));
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
plaintxtSz));
ciphertxtSz = len;
ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG,
SM4_BLOCK_SIZE, tag));
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, key,
iv));
}
else {
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, NULL,
NULL));
/* non-default must to set the IV length first */
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN,
ivSz, NULL));
ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
}
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
decryptedtxtSz = len;
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
SM4_BLOCK_SIZE, tag));
ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
/* modify tag*/
tag[SM4_BLOCK_SIZE-1]+=0xBB;
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
SM4_BLOCK_SIZE, tag));
/* fail due to wrong tag */
ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
ciphertxtSz));
ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
ExpectIntEQ(0, len);
ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
}
res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */
return res;
}
static int test_wolfSSL_EVP_PKEY_hkdf(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_HKDF)
EVP_PKEY_CTX* ctx = NULL;
byte salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
byte key[] = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
byte info[] = {0X01, 0x02, 0x03, 0x04, 0x05};
byte info2[] = {0X06, 0x07, 0x08, 0x09, 0x0A};
byte outKey[34];
size_t outKeySz = sizeof(outKey);
/* These expected outputs were gathered by running the same test below using
* OpenSSL. */
const byte extractAndExpand[] = {
0x8B, 0xEB, 0x90, 0xA9, 0x04, 0xFF, 0x05, 0x10, 0xE4, 0xB5, 0xB1, 0x10,
0x31, 0x34, 0xFF, 0x07, 0x5B, 0xE3, 0xC6, 0x93, 0xD4, 0xF8, 0xC7, 0xEE,
0x96, 0xDA, 0x78, 0x7A, 0xE2, 0x9A, 0x2D, 0x05, 0x4B, 0xF6
};
const byte extractOnly[] = {
0xE7, 0x6B, 0x9E, 0x0F, 0xE4, 0x02, 0x1D, 0x62, 0xEA, 0x97, 0x74, 0x5E,
0xF4, 0x3C, 0x65, 0x4D, 0xC1, 0x46, 0x98, 0xAA, 0x79, 0x9A, 0xCB, 0x9C,
0xCC, 0x3E, 0x7F, 0x2A, 0x2B, 0x41, 0xA1, 0x9E
};
const byte expandOnly[] = {
0xFF, 0x29, 0x29, 0x56, 0x9E, 0xA7, 0x66, 0x02, 0xDB, 0x4F, 0xDB, 0x53,
0x7D, 0x21, 0x67, 0x52, 0xC3, 0x0E, 0xF3, 0xFC, 0x71, 0xCE, 0x67, 0x2B,
0xEA, 0x3B, 0xE9, 0xFC, 0xDD, 0xC8, 0xCC, 0xB7, 0x42, 0x74
};
const byte extractAndExpandAddInfo[] = {
0x5A, 0x74, 0x79, 0x83, 0xA3, 0xA4, 0x2E, 0xB7, 0xD4, 0x08, 0xC2, 0x6A,
0x2F, 0xA5, 0xE3, 0x4E, 0xF1, 0xF4, 0x87, 0x3E, 0xA6, 0xC7, 0x88, 0x45,
0xD7, 0xE2, 0x15, 0xBC, 0xB8, 0x10, 0xEF, 0x6C, 0x4D, 0x7A
};
ExpectNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)));
ExpectIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS);
/* NULL ctx. */
ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WOLFSSL_FAILURE);
/* NULL md. */
ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS);
/* NULL ctx. */
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)),
WOLFSSL_FAILURE);
/* NULL salt is ok. */
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)),
WOLFSSL_SUCCESS);
/* Salt length <= 0. */
/* Length 0 salt is ok. */
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)),
WOLFSSL_SUCCESS);
/* NULL ctx. */
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)),
WOLFSSL_FAILURE);
/* NULL key. */
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)),
WOLFSSL_FAILURE);
/* Key length <= 0 */
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)),
WOLFSSL_SUCCESS);
/* NULL ctx. */
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)),
WOLFSSL_FAILURE);
/* NULL info is ok. */
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)),
WOLFSSL_SUCCESS);
/* Info length <= 0 */
/* Length 0 info is ok. */
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)),
WOLFSSL_SUCCESS);
/* NULL ctx. */
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
WOLFSSL_FAILURE);
/* Extract and expand (default). */
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(extractAndExpand));
ExpectIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0);
/* Extract only. */
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(extractOnly));
ExpectIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0);
outKeySz = sizeof(outKey);
/* Expand only. */
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(expandOnly));
ExpectIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0);
outKeySz = sizeof(outKey);
/* Extract and expand with appended additional info. */
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx,
EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(extractAndExpandAddInfo));
ExpectIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0);
EVP_PKEY_CTX_free(ctx);
#endif /* OPENSSL_EXTRA && HAVE_HKDF */
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_X509_INFO_read_bio(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
BIO* bio = NULL;
X509_INFO* info = NULL;
STACK_OF(X509_INFO)* sk = NULL;
char* subject = NULL;
char exp1[] = "/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/"
"CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
char exp2[] = "/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Support/"
"CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0);
ExpectNotNull(sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
ExpectIntEQ(sk_X509_INFO_num(sk), 2);
/* using dereference to maintain testing for Apache port*/
ExpectNotNull(info = sk_X509_INFO_pop(sk));
ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509),
0, 0));
ExpectIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1)));
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
X509_INFO_free(info);
info = NULL;
ExpectNotNull(info = sk_X509_INFO_pop(sk));
ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509),
0, 0));
ExpectIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2)));
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
X509_INFO_free(info);
ExpectNull(info = sk_X509_INFO_pop(sk));
sk_X509_INFO_pop_free(sk, X509_INFO_free);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_wolfSSL_X509_NAME_ENTRY_get_object(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509 *x509 = NULL;
X509_NAME* name = NULL;
int idx = 0;
X509_NAME_ENTRY *ne = NULL;
ASN1_OBJECT *object = NULL;
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(name = X509_get_subject_name(x509));
ExpectIntGE(idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1), 0);
ExpectNotNull(ne = X509_NAME_get_entry(name, idx));
ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne));
X509_free(x509);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_get1_certs(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509_STORE_CTX *storeCtx = NULL;
X509_STORE *store = NULL;
X509 *caX509 = NULL;
X509 *svrX509 = NULL;
X509_NAME *subject = NULL;
WOLF_STACK_OF(WOLFSSL_X509) *certs = NULL;
ExpectNotNull(caX509 = X509_load_certificate_file(caCertFile,
SSL_FILETYPE_PEM));
ExpectNotNull((svrX509 = wolfSSL_X509_load_certificate_file(svrCertFile,
SSL_FILETYPE_PEM)));
ExpectNotNull(storeCtx = X509_STORE_CTX_new());
ExpectNotNull(store = X509_STORE_new());
ExpectNotNull(subject = X509_get_subject_name(caX509));
/* Errors */
ExpectNull(X509_STORE_get1_certs(storeCtx, subject));
ExpectNull(X509_STORE_get1_certs(NULL, subject));
ExpectNull(X509_STORE_get1_certs(storeCtx, NULL));
ExpectIntEQ(X509_STORE_add_cert(store, caX509), SSL_SUCCESS);
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, caX509, NULL),
SSL_SUCCESS);
/* Should find the cert */
ExpectNotNull(certs = X509_STORE_get1_certs(storeCtx, subject));
ExpectIntEQ(1, wolfSSL_sk_X509_num(certs));
sk_X509_pop_free(certs, NULL);
certs = NULL;
/* Should not find the cert */
ExpectNotNull(subject = X509_get_subject_name(svrX509));
ExpectNotNull(certs = X509_STORE_get1_certs(storeCtx, subject));
ExpectIntEQ(0, wolfSSL_sk_X509_num(certs));
sk_X509_pop_free(certs, NULL);
certs = NULL;
X509_STORE_free(store);
X509_STORE_CTX_free(storeCtx);
X509_free(svrX509);
X509_free(caX509);
#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(WOLFSSL_LOCAL_X509_STORE) && \
(defined(OPENSSL_ALL) || defined(WOLFSSL_QT)) && defined(HAVE_CRL)
static int test_wolfSSL_X509_STORE_set_get_crl_provider(X509_STORE_CTX* ctx,
X509_CRL** crl_out, X509* cert) {
X509_CRL *crl = NULL;
XFILE fp = XBADFILE;
char* cert_issuer = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
int ret = 0;
(void)ctx;
if (cert_issuer == NULL)
return 0;
if ((fp = XFOPEN("certs/crl/crl.pem", "rb")) != XBADFILE) {
PEM_read_X509_CRL(fp, &crl, NULL, NULL);
XFCLOSE(fp);
if (crl != NULL) {
char* crl_issuer = X509_NAME_oneline(
X509_CRL_get_issuer(crl), NULL, 0);
if ((crl_issuer != NULL) &&
(XSTRCMP(cert_issuer, crl_issuer) == 0)) {
*crl_out = X509_CRL_dup(crl);
if (*crl_out != NULL)
ret = 1;
}
OPENSSL_free(crl_issuer);
}
}
X509_CRL_free(crl);
OPENSSL_free(cert_issuer);
return ret;
}
static int test_wolfSSL_X509_STORE_set_get_crl_provider2(X509_STORE_CTX* ctx,
X509_CRL** crl_out, X509* cert) {
(void)ctx;
(void)cert;
*crl_out = NULL;
return 1;
}
#ifndef NO_WOLFSSL_STUB
static int test_wolfSSL_X509_STORE_set_get_crl_check(X509_STORE_CTX* ctx,
X509_CRL* crl) {
(void)ctx;
(void)crl;
return 1;
}
#endif
static int test_wolfSSL_X509_STORE_set_get_crl_verify(int ok,
X509_STORE_CTX* ctx) {
int cert_error = X509_STORE_CTX_get_error(ctx);
X509_VERIFY_PARAM* param = X509_STORE_CTX_get0_param(ctx);
int flags = X509_VERIFY_PARAM_get_flags(param);
if ((flags & (X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL)) !=
(X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL)) {
/* Make sure the flags are set */
return 0;
}
/* Ignore CRL missing error */
#ifndef OPENSSL_COMPATIBLE_DEFAULTS
if (cert_error == CRL_MISSING)
#else
if (cert_error == X509_V_ERR_UNABLE_TO_GET_CRL)
#endif
return 1;
return ok;
}
static int test_wolfSSL_X509_STORE_set_get_crl_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
X509_STORE* cert_store = NULL;
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
WOLFSSL_SUCCESS);
ExpectNotNull(cert_store = SSL_CTX_get_cert_store(ctx));
X509_STORE_set_get_crl(cert_store,
test_wolfSSL_X509_STORE_set_get_crl_provider);
#ifndef NO_WOLFSSL_STUB
X509_STORE_set_check_crl(cert_store,
test_wolfSSL_X509_STORE_set_get_crl_check);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_set_get_crl_ctx_ready2(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
X509_STORE* cert_store = NULL;
X509_VERIFY_PARAM* param = NULL;
SSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
WOLFSSL_SUCCESS);
ExpectNotNull(cert_store = SSL_CTX_get_cert_store(ctx));
X509_STORE_set_get_crl(cert_store,
test_wolfSSL_X509_STORE_set_get_crl_provider2);
#ifndef NO_WOLFSSL_STUB
X509_STORE_set_check_crl(cert_store,
test_wolfSSL_X509_STORE_set_get_crl_check);
#endif
X509_STORE_set_verify_cb(cert_store,
test_wolfSSL_X509_STORE_set_get_crl_verify);
ExpectNotNull(param = X509_STORE_get0_param(cert_store));
ExpectIntEQ(X509_VERIFY_PARAM_set_flags(
param, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL), 1);
ExpectIntEQ(X509_STORE_set_flags(cert_store,
X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL), 1);
return EXPECT_RESULT();
}
#endif
/* This test mimics the usage of the CRL provider in gRPC */
static int test_wolfSSL_X509_STORE_set_get_crl(void)
{
EXPECT_DECLS;
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(WOLFSSL_LOCAL_X509_STORE) && \
(defined(OPENSSL_ALL) || defined(WOLFSSL_QT)) && defined(HAVE_CRL)
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ctx_ready = test_wolfSSL_X509_STORE_set_get_crl_ctx_ready;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ctx_ready = test_wolfSSL_X509_STORE_set_get_crl_ctx_ready2;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_dup_CA_list(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_ALL)
EXPECT_DECLS;
STACK_OF(X509_NAME) *originalStack = NULL;
STACK_OF(X509_NAME) *copyStack = NULL;
int originalCount = 0;
int copyCount = 0;
X509_NAME *name = NULL;
int i;
originalStack = sk_X509_NAME_new_null();
ExpectNotNull(originalStack);
for (i = 0; i < 3; i++) {
name = X509_NAME_new();
ExpectNotNull(name);
ExpectIntEQ(sk_X509_NAME_push(originalStack, name), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
X509_NAME_free(name);
}
}
copyStack = SSL_dup_CA_list(originalStack);
ExpectNotNull(copyStack);
originalCount = sk_X509_NAME_num(originalStack);
copyCount = sk_X509_NAME_num(copyStack);
ExpectIntEQ(originalCount, copyCount);
sk_X509_NAME_pop_free(originalStack, X509_NAME_free);
sk_X509_NAME_pop_free(copyStack, X509_NAME_free);
originalStack = NULL;
copyStack = NULL;
res = EXPECT_RESULT();
#endif /* OPENSSL_ALL */
return res;
}
static int test_ForceZero(void)
{
EXPECT_DECLS;
unsigned char data[32];
unsigned int i, j, len;
/* Test case with 0 length */
ForceZero(data, 0);
/* Test ForceZero */
for (i = 0; i < sizeof(data); i++) {
for (len = 1; len < sizeof(data) - i; len++) {
for (j = 0; j < sizeof(data); j++)
data[j] = j + 1;
ForceZero(data + i, len);
for (j = 0; j < sizeof(data); j++) {
if (j < i || j >= i + len) {
ExpectIntNE(data[j], 0x00);
}
else {
ExpectIntEQ(data[j], 0x00);
}
}
}
}
return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_X509_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(XSNPRINTF)
X509 *x509 = NULL;
BIO *bio = NULL;
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR)
const X509_ALGOR *cert_sig_alg = NULL;
#endif
ExpectNotNull(x509 = X509_load_certificate_file(svrCertFile,
WOLFSSL_FILETYPE_PEM));
/* print to memory */
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
#if defined(WC_DISABLE_RADIX_ZERO_PAD)
/* Will print IP address subject alt name. */
ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3349);
#elif defined(NO_ASN_TIME)
/* Will print IP address subject alt name but not Validity. */
ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3235);
#else
/* Will print IP address subject alt name. */
ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3350);
#endif
#elif defined(NO_ASN_TIME)
/* With NO_ASN_TIME defined, X509_print skips printing Validity. */
ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3213);
#else
ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3328);
#endif
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR)
/* Print signature */
ExpectNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509));
ExpectIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS);
#endif
/* print to stderr */
#if !defined(NO_WOLFSSL_DIR)
ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS);
#endif
/* print again */
ExpectIntEQ(X509_print_fp(stderr, x509), SSL_SUCCESS);
X509_free(x509);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_X509_CRL_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(HAVE_CRL)\
&& !defined(NO_FILESYSTEM) && defined(XSNPRINTF)
X509_CRL* crl = NULL;
BIO *bio = NULL;
XFILE fp = XBADFILE;
ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE);
ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
NULL, NULL));
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_CRL_print(bio, crl), SSL_SUCCESS);
X509_CRL_free(crl);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_get_len(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
BIO *bio = NULL;
const char txt[] = "Some example text to push to the BIO.";
ExpectIntEQ(wolfSSL_BIO_get_len(bio), BAD_FUNC_ARG);
ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
ExpectIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt));
ExpectIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
ExpectIntEQ(wolfSSL_BIO_get_len(bio), WOLFSSL_BAD_FILE);
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_wolfSSL_RSA(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
RSA* rsa = NULL;
const BIGNUM *n = NULL;
const BIGNUM *e = NULL;
const BIGNUM *d = NULL;
const BIGNUM *p = NULL;
const BIGNUM *q = NULL;
const BIGNUM *dmp1 = NULL;
const BIGNUM *dmq1 = NULL;
const BIGNUM *iqmp = NULL;
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(RSA_size(NULL), 0);
ExpectIntEQ(RSA_size(rsa), 0);
ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 0);
ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 0);
ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 0);
#ifdef WOLFSSL_RSA_KEY_CHECK
ExpectIntEQ(RSA_check_key(rsa), 0);
#endif
RSA_free(rsa);
rsa = NULL;
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
ExpectIntEQ(RSA_size(rsa), 256);
#ifdef WOLFSSL_RSA_KEY_CHECK
ExpectIntEQ(RSA_check_key(NULL), 0);
ExpectIntEQ(RSA_check_key(rsa), 1);
#endif
/* sanity check */
ExpectIntEQ(RSA_bits(NULL), 0);
/* key */
ExpectIntEQ(RSA_bits(rsa), 2048);
RSA_get0_key(rsa, &n, &e, &d);
ExpectPtrEq(rsa->n, n);
ExpectPtrEq(rsa->e, e);
ExpectPtrEq(rsa->d, d);
n = NULL;
e = NULL;
d = NULL;
ExpectNotNull(n = BN_new());
ExpectNotNull(e = BN_new());
ExpectNotNull(d = BN_new());
ExpectIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1);
if (EXPECT_FAIL()) {
BN_free((BIGNUM*)n);
BN_free((BIGNUM*)e);
BN_free((BIGNUM*)d);
}
ExpectPtrEq(rsa->n, n);
ExpectPtrEq(rsa->e, e);
ExpectPtrEq(rsa->d, d);
ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 1);
ExpectIntEQ(RSA_set0_key(NULL, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 0);
/* crt_params */
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
ExpectPtrEq(rsa->dmp1, dmp1);
ExpectPtrEq(rsa->dmq1, dmq1);
ExpectPtrEq(rsa->iqmp, iqmp);
dmp1 = NULL;
dmq1 = NULL;
iqmp = NULL;
ExpectNotNull(dmp1 = BN_new());
ExpectNotNull(dmq1 = BN_new());
ExpectNotNull(iqmp = BN_new());
ExpectIntEQ(RSA_set0_crt_params(rsa, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
(BIGNUM*)iqmp), 1);
if (EXPECT_FAIL()) {
BN_free((BIGNUM*)dmp1);
BN_free((BIGNUM*)dmq1);
BN_free((BIGNUM*)iqmp);
}
ExpectPtrEq(rsa->dmp1, dmp1);
ExpectPtrEq(rsa->dmq1, dmq1);
ExpectPtrEq(rsa->iqmp, iqmp);
ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 1);
ExpectIntEQ(RSA_set0_crt_params(NULL, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
(BIGNUM*)iqmp), 0);
RSA_get0_crt_params(NULL, NULL, NULL, NULL);
RSA_get0_crt_params(rsa, NULL, NULL, NULL);
RSA_get0_crt_params(NULL, &dmp1, &dmq1, &iqmp);
ExpectNull(dmp1);
ExpectNull(dmq1);
ExpectNull(iqmp);
/* factors */
RSA_get0_factors(rsa, NULL, NULL);
RSA_get0_factors(rsa, &p, &q);
ExpectPtrEq(rsa->p, p);
ExpectPtrEq(rsa->q, q);
p = NULL;
q = NULL;
ExpectNotNull(p = BN_new());
ExpectNotNull(q = BN_new());
ExpectIntEQ(RSA_set0_factors(rsa, (BIGNUM*)p, (BIGNUM*)q), 1);
if (EXPECT_FAIL()) {
BN_free((BIGNUM*)p);
BN_free((BIGNUM*)q);
}
ExpectPtrEq(rsa->p, p);
ExpectPtrEq(rsa->q, q);
ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 1);
ExpectIntEQ(RSA_set0_factors(NULL, (BIGNUM*)p, (BIGNUM*)q), 0);
RSA_get0_factors(NULL, NULL, NULL);
RSA_get0_factors(NULL, &p, &q);
ExpectNull(p);
ExpectNull(q);
ExpectIntEQ(BN_hex2bn(&rsa->n, "1FFFFF"), 1);
ExpectIntEQ(RSA_bits(rsa), 21);
RSA_free(rsa);
rsa = NULL;
#if !defined(USE_FAST_MATH) || (FP_MAX_BITS >= (3072*2))
ExpectNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL));
ExpectIntEQ(RSA_size(rsa), 384);
ExpectIntEQ(RSA_bits(rsa), 3072);
RSA_free(rsa);
rsa = NULL;
#endif
/* remove for now with odd key size until adjusting rsa key size check with
wc_MakeRsaKey()
ExpectNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL));
RSA_free(rsa);
rsa = NULL;
*/
ExpectNull(RSA_generate_key(-1, 3, NULL, NULL));
ExpectNull(RSA_generate_key(RSA_MIN_SIZE - 1, 3, NULL, NULL));
ExpectNull(RSA_generate_key(RSA_MAX_SIZE + 1, 3, NULL, NULL));
ExpectNull(RSA_generate_key(2048, 0, NULL, NULL));
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN)
{
byte buff[FOURK_BUF];
byte der[FOURK_BUF];
const char PrivKeyPemFile[] = "certs/client-keyEnc.pem";
XFILE f = XBADFILE;
int bytes = 0;
/* test loading encrypted RSA private pem w/o password */
ExpectTrue((f = XFOPEN(PrivKeyPemFile, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
XMEMSET(der, 0, sizeof(der));
/* test that error value is returned with no password */
ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), ""),
0);
}
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_DER(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && defined(OPENSSL_EXTRA)
RSA *rsa = NULL;
int i;
const unsigned char *buff = NULL;
unsigned char *newBuff = NULL;
struct tbl_s
{
const unsigned char *der;
int sz;
} tbl[] = {
#ifdef USE_CERT_BUFFERS_1024
{client_key_der_1024, sizeof_client_key_der_1024},
{server_key_der_1024, sizeof_server_key_der_1024},
#endif
#ifdef USE_CERT_BUFFERS_2048
{client_key_der_2048, sizeof_client_key_der_2048},
{server_key_der_2048, sizeof_server_key_der_2048},
#endif
{NULL, 0}
};
/* Public Key DER */
struct tbl_s pub[] = {
#ifdef USE_CERT_BUFFERS_1024
{client_keypub_der_1024, sizeof_client_keypub_der_1024},
#endif
#ifdef USE_CERT_BUFFERS_2048
{client_keypub_der_2048, sizeof_client_keypub_der_2048},
#endif
{NULL, 0}
};
ExpectNull(d2i_RSAPublicKey(&rsa, NULL, pub[0].sz));
buff = pub[0].der;
ExpectNull(d2i_RSAPublicKey(&rsa, &buff, 1));
ExpectNull(d2i_RSAPrivateKey(&rsa, NULL, tbl[0].sz));
buff = tbl[0].der;
ExpectNull(d2i_RSAPrivateKey(&rsa, &buff, 1));
ExpectIntEQ(i2d_RSAPublicKey(NULL, NULL), BAD_FUNC_ARG);
rsa = RSA_new();
ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), 0);
RSA_free(rsa);
rsa = NULL;
for (i = 0; tbl[i].der != NULL; i++)
{
/* Passing in pointer results in pointer moving. */
buff = tbl[i].der;
ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, tbl[i].sz));
ExpectNotNull(rsa);
RSA_free(rsa);
rsa = NULL;
}
for (i = 0; tbl[i].der != NULL; i++)
{
/* Passing in pointer results in pointer moving. */
buff = tbl[i].der;
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &buff, tbl[i].sz));
ExpectNotNull(rsa);
RSA_free(rsa);
rsa = NULL;
}
for (i = 0; pub[i].der != NULL; i++)
{
buff = pub[i].der;
ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, pub[i].sz));
ExpectNotNull(rsa);
ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), pub[i].sz);
newBuff = NULL;
ExpectIntEQ(i2d_RSAPublicKey(rsa, &newBuff), pub[i].sz);
ExpectNotNull(newBuff);
ExpectIntEQ(XMEMCMP((void *)newBuff, (void *)pub[i].der, pub[i].sz), 0);
XFREE((void *)newBuff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
RSA_free(rsa);
rsa = NULL;
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_print(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_STDIO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(NO_BIO) && defined(XFPRINTF)
BIO *bio = NULL;
WOLFSSL_RSA* rsa = NULL;
ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(RSA_print(NULL, rsa, 0), -1);
ExpectIntEQ(RSA_print_fp(XBADFILE, rsa, 0), 0);
ExpectIntEQ(RSA_print(bio, NULL, 0), -1);
ExpectIntEQ(RSA_print_fp(stderr, NULL, 0), 0);
/* Some very large number of indent spaces. */
ExpectIntEQ(RSA_print(bio, rsa, 128), -1);
/* RSA is empty. */
ExpectIntEQ(RSA_print(bio, rsa, 0), 0);
ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 0);
RSA_free(rsa);
rsa = NULL;
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
ExpectIntEQ(RSA_print(bio, rsa, 0), 1);
ExpectIntEQ(RSA_print(bio, rsa, 4), 1);
ExpectIntEQ(RSA_print(bio, rsa, -1), 1);
ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 1);
ExpectIntEQ(RSA_print_fp(stderr, rsa, 4), 1);
ExpectIntEQ(RSA_print_fp(stderr, rsa, -1), 1);
BIO_free(bio);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_padding_add_PKCS1_PSS(void)
{
EXPECT_DECLS;
#ifndef NO_RSA
#if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
RSA *rsa = NULL;
const unsigned char *derBuf = client_key_der_2048;
unsigned char em[256] = {0}; /* len = 2048/8 */
/* Random data simulating a hash */
const unsigned char mHash[WC_SHA256_DIGEST_SIZE] = {
0x28, 0x6e, 0xfd, 0xf8, 0x76, 0xc7, 0x00, 0x3d, 0x91, 0x4e, 0x59, 0xe4,
0x8e, 0xb7, 0x40, 0x7b, 0xd1, 0x0c, 0x98, 0x4b, 0xe3, 0x3d, 0xb3, 0xeb,
0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28
};
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(NULL, em, mHash, EVP_sha256(),
RSA_PSS_SALTLEN_DIGEST), 0);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, NULL, mHash, EVP_sha256(),
RSA_PSS_SALTLEN_DIGEST), 0);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, NULL, EVP_sha256(),
RSA_PSS_SALTLEN_DIGEST), 0);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, NULL,
RSA_PSS_SALTLEN_DIGEST), 0);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), -5), 0);
ExpectIntEQ(RSA_verify_PKCS1_PSS(NULL, mHash, EVP_sha256(), em,
RSA_PSS_SALTLEN_MAX_SIGN), 0);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, NULL, EVP_sha256(), em,
RSA_PSS_SALTLEN_MAX_SIGN), 0);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, NULL, em,
RSA_PSS_SALTLEN_MAX_SIGN), 0);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), NULL,
RSA_PSS_SALTLEN_MAX_SIGN), 0);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
RSA_PSS_SALTLEN_MAX_SIGN), 0);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, -5), 0);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
RSA_PSS_SALTLEN_DIGEST), 1);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
RSA_PSS_SALTLEN_DIGEST), 1);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
RSA_PSS_SALTLEN_MAX_SIGN), 1);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
RSA_PSS_SALTLEN_MAX_SIGN), 1);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
RSA_PSS_SALTLEN_MAX), 1);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
RSA_PSS_SALTLEN_MAX), 1);
ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), 10), 1);
ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, 10), 1);
RSA_free(rsa);
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_sign_sha3(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
#if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG)
RSA* rsa = NULL;
const unsigned char *derBuf = client_key_der_2048;
unsigned char sigRet[256] = {0};
unsigned int sigLen = sizeof(sigRet);
/* Random data simulating a hash */
const unsigned char mHash[WC_SHA3_256_DIGEST_SIZE] = {
0x28, 0x6e, 0xfd, 0xf8, 0x76, 0xc7, 0x00, 0x3d, 0x91, 0x4e, 0x59, 0xe4,
0x8e, 0xb7, 0x40, 0x7b, 0xd1, 0x0c, 0x98, 0x4b, 0xe3, 0x3d, 0xb3, 0xeb,
0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28
};
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
ExpectIntEQ(RSA_sign(NID_sha3_256, mHash, sizeof(mHash), sigRet, &sigLen,
rsa), 1);
RSA_free(rsa);
#endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/
#endif /* !NO_RSA && WOLFSSL_SHA3 && !WOLFSSL_NOSHA3_256*/
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_get0_key(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa = NULL;
const BIGNUM* n = NULL;
const BIGNUM* e = NULL;
const BIGNUM* d = NULL;
const unsigned char* der;
int derSz;
#ifdef USE_CERT_BUFFERS_1024
der = client_key_der_1024;
derSz = sizeof_client_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
der = client_key_der_2048;
derSz = sizeof_client_key_der_2048;
#else
der = NULL;
derSz = 0;
#endif
if (der != NULL) {
RSA_get0_key(NULL, NULL, NULL, NULL);
RSA_get0_key(rsa, NULL, NULL, NULL);
RSA_get0_key(NULL, &n, &e, &d);
ExpectNull(n);
ExpectNull(e);
ExpectNull(d);
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, derSz));
ExpectNotNull(rsa);
RSA_get0_key(rsa, NULL, NULL, NULL);
RSA_get0_key(rsa, &n, NULL, NULL);
ExpectNotNull(n);
RSA_get0_key(rsa, NULL, &e, NULL);
ExpectNotNull(e);
RSA_get0_key(rsa, NULL, NULL, &d);
ExpectNotNull(d);
RSA_get0_key(rsa, &n, &e, &d);
ExpectNotNull(n);
ExpectNotNull(e);
ExpectNotNull(d);
RSA_free(rsa);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_meth(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa = NULL;
RSA_METHOD *rsa_meth = NULL;
#ifdef WOLFSSL_KEY_GEN
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
RSA_free(rsa);
rsa = NULL;
#else
ExpectNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
#endif
ExpectNotNull(RSA_get_default_method());
wolfSSL_RSA_meth_free(NULL);
ExpectNull(wolfSSL_RSA_meth_new(NULL, 0));
ExpectNotNull(rsa_meth = RSA_meth_new("placeholder RSA method",
RSA_METHOD_FLAG_NO_CHECK));
#ifndef NO_WOLFSSL_STUB
ExpectIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1);
ExpectIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1);
ExpectIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1);
ExpectIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1);
ExpectIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1);
ExpectIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1);
ExpectIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1);
#endif
ExpectIntEQ(RSA_flags(NULL), 0);
RSA_set_flags(NULL, RSA_FLAG_CACHE_PUBLIC);
RSA_clear_flags(NULL, RSA_FLAG_CACHE_PUBLIC);
ExpectIntEQ(RSA_test_flags(NULL, RSA_FLAG_CACHE_PUBLIC), 0);
ExpectNotNull(rsa = RSA_new());
/* No method set. */
ExpectIntEQ(RSA_flags(rsa), 0);
RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
ExpectIntEQ(RSA_set_method(NULL, rsa_meth), 1);
ExpectIntEQ(RSA_set_method(rsa, rsa_meth), 1);
if (EXPECT_FAIL()) {
wolfSSL_RSA_meth_free(rsa_meth);
}
ExpectNull(RSA_get_method(NULL));
ExpectPtrEq(RSA_get_method(rsa), rsa_meth);
ExpectIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK);
RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
ExpectIntNE(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
ExpectIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC |
RSA_METHOD_FLAG_NO_CHECK);
RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
ExpectIntNE(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC);
/* rsa_meth is freed here */
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_verify(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
#ifndef NO_BIO
XFILE fp = XBADFILE;
RSA *pKey = NULL;
RSA *pubKey = NULL;
X509 *cert = NULL;
const char *text = "Hello wolfSSL !";
unsigned char hash[SHA256_DIGEST_LENGTH];
unsigned char signature[2048/8];
unsigned int signatureLength;
byte *buf = NULL;
BIO *bio = NULL;
SHA256_CTX c;
EVP_PKEY *evpPkey = NULL;
EVP_PKEY *evpPubkey = NULL;
size_t sz;
/* generate hash */
SHA256_Init(&c);
SHA256_Update(&c, text, strlen(text));
SHA256_Final(hash, &c);
#ifdef WOLFSSL_SMALL_STACK_CACHE
/* workaround for small stack cache case */
wc_Sha256Free((wc_Sha256*)&c);
#endif
/* read privete key file */
ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE);
ExpectIntEQ(XFSEEK(fp, 0, XSEEK_END), 0);
ExpectTrue((sz = XFTELL(fp)) > 0);
ExpectIntEQ(XFSEEK(fp, 0, XSEEK_SET), 0);
ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
ExpectIntEQ(XFREAD(buf, 1, sz, fp), sz);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
/* read private key and sign hash data */
ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL));
ExpectNotNull(pKey = EVP_PKEY_get1_RSA(evpPkey));
ExpectIntEQ(RSA_sign(NID_sha256, hash, SHA256_DIGEST_LENGTH,
signature, &signatureLength, pKey), SSL_SUCCESS);
/* read public key and verify signed data */
ExpectTrue((fp = XFOPEN(svrCertFile,"rb")) != XBADFILE);
ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
if (fp != XBADFILE)
XFCLOSE(fp);
ExpectNotNull(evpPubkey = X509_get_pubkey(cert));
ExpectNotNull(pubKey = EVP_PKEY_get1_RSA(evpPubkey));
ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
signatureLength, pubKey), SSL_SUCCESS);
ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, NULL,
signatureLength, NULL), SSL_FAILURE);
ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, signature,
signatureLength, pubKey), SSL_FAILURE);
ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, NULL,
signatureLength, pubKey), SSL_FAILURE);
ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
signatureLength, NULL), SSL_FAILURE);
RSA_free(pKey);
EVP_PKEY_free(evpPkey);
RSA_free(pubKey);
EVP_PKEY_free(evpPubkey);
X509_free(cert);
BIO_free(bio);
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_sign(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa;
unsigned char hash[SHA256_DIGEST_LENGTH];
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
const unsigned char* pubDer = client_keypub_der_1024;
size_t pubDerSz = sizeof_client_keypub_der_1024;
unsigned char signature[1024/8];
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
const unsigned char* pubDer = client_keypub_der_2048;
size_t pubDerSz = sizeof_client_keypub_der_2048;
unsigned char signature[2048/8];
#endif
unsigned int signatureLen;
const unsigned char* der;
XMEMSET(hash, 0, sizeof(hash));
der = privDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
/* Invalid parameters. */
ExpectIntEQ(RSA_sign(NID_rsaEncryption, NULL, 0, NULL, NULL, NULL), 0);
ExpectIntEQ(RSA_sign(NID_rsaEncryption, hash, sizeof(hash), signature,
&signatureLen, rsa), 0);
ExpectIntEQ(RSA_sign(NID_sha256, NULL, sizeof(hash), signature,
&signatureLen, rsa), 0);
ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), NULL,
&signatureLen, rsa), 0);
ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
NULL, rsa), 0);
ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, NULL), 0);
ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa), 1);
RSA_free(rsa);
der = pubDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
signatureLen, rsa), 1);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_sign_ex(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa = NULL;
unsigned char hash[SHA256_DIGEST_LENGTH];
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
const unsigned char* pubDer = client_keypub_der_1024;
size_t pubDerSz = sizeof_client_keypub_der_1024;
unsigned char signature[1024/8];
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
const unsigned char* pubDer = client_keypub_der_2048;
size_t pubDerSz = sizeof_client_keypub_der_2048;
unsigned char signature[2048/8];
#endif
unsigned int signatureLen;
const unsigned char* der;
unsigned char encodedHash[51];
unsigned int encodedHashLen;
const unsigned char expEncHash[] = {
0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
0x00, 0x04, 0x20,
/* Hash data */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
XMEMSET(hash, 0, sizeof(hash));
ExpectNotNull(rsa = wolfSSL_RSA_new());
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa, 1), 0);
wolfSSL_RSA_free(rsa);
der = privDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption,NULL, 0, NULL, NULL, NULL,
-1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption, hash, sizeof(hash),
signature, &signatureLen, rsa, 1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
&signatureLen, rsa, 1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
&signatureLen, rsa, 1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
NULL, rsa, 1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, NULL, 1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa, -1), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
&signatureLen, rsa, 0), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
&signatureLen, rsa, 0), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
NULL, rsa, 0), 0);
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa, 1), 1);
/* Test returning encoded hash. */
ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), encodedHash,
&encodedHashLen, rsa, 0), 1);
ExpectIntEQ(encodedHashLen, sizeof(expEncHash));
ExpectIntEQ(XMEMCMP(encodedHash, expEncHash, sizeof(expEncHash)), 0);
RSA_free(rsa);
der = pubDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
signatureLen, rsa), 1);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_public_decrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa;
unsigned char msg[SHA256_DIGEST_LENGTH];
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* pubDer = client_keypub_der_1024;
size_t pubDerSz = sizeof_client_keypub_der_1024;
unsigned char decMsg[1024/8];
const unsigned char encMsg[] = {
0x45, 0x8e, 0x6e, 0x7a, 0x9c, 0xe1, 0x67, 0x36,
0x72, 0xfc, 0x9d, 0x05, 0xdf, 0xc2, 0xaf, 0x54,
0xc5, 0x2f, 0x94, 0xb8, 0xc7, 0x82, 0x40, 0xfa,
0xa7, 0x8c, 0xb1, 0x89, 0x40, 0xc3, 0x59, 0x5a,
0x77, 0x08, 0x54, 0x93, 0x43, 0x7f, 0xc4, 0xb7,
0xc4, 0x78, 0xf1, 0xf8, 0xab, 0xbf, 0xc2, 0x81,
0x5d, 0x97, 0xea, 0x7a, 0x60, 0x90, 0x51, 0xb7,
0x47, 0x78, 0x48, 0x1e, 0x88, 0x6b, 0x89, 0xde,
0xce, 0x41, 0x41, 0xae, 0x49, 0xf6, 0xfd, 0x2d,
0x2d, 0x9c, 0x70, 0x7d, 0xf9, 0xcf, 0x77, 0x5f,
0x06, 0xc7, 0x20, 0xe3, 0x57, 0xd4, 0xd8, 0x1a,
0x96, 0xa2, 0x39, 0xb0, 0x6e, 0x8e, 0x68, 0xf8,
0x57, 0x7b, 0x26, 0x88, 0x17, 0xc4, 0xb7, 0xf1,
0x59, 0xfa, 0xb6, 0x95, 0xdd, 0x1e, 0xe8, 0xd8,
0x4e, 0xbd, 0xcd, 0x41, 0xad, 0xc7, 0xe2, 0x39,
0xb8, 0x00, 0xca, 0xf5, 0x59, 0xdf, 0xf8, 0x43
};
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \
defined(WC_RSA_NO_PADDING)
const unsigned char encMsgNoPad[] = {
0x0d, 0x41, 0x5a, 0xc7, 0x60, 0xd7, 0xbe, 0xb6,
0x42, 0xd1, 0x65, 0xb1, 0x7e, 0x59, 0x54, 0xcc,
0x76, 0x62, 0xd0, 0x2f, 0x4d, 0xe3, 0x23, 0x62,
0xc8, 0x14, 0xfe, 0x5e, 0xa1, 0xc7, 0x05, 0xee,
0x9e, 0x28, 0x2e, 0xf5, 0xfd, 0xa4, 0xc0, 0x43,
0x55, 0xa2, 0x6b, 0x6b, 0x16, 0xa7, 0x63, 0x06,
0xa7, 0x78, 0x4f, 0xda, 0xae, 0x10, 0x6d, 0xd1,
0x2e, 0x1d, 0xbb, 0xbc, 0xc4, 0x1d, 0x82, 0xe4,
0xc6, 0x76, 0x77, 0xa6, 0x0a, 0xef, 0xd2, 0x89,
0xff, 0x30, 0x85, 0x22, 0xa0, 0x68, 0x88, 0x54,
0xa3, 0xd1, 0x92, 0xd1, 0x3f, 0x57, 0xe4, 0xc7,
0x43, 0x5a, 0x8b, 0xb3, 0x86, 0xaf, 0xd5, 0x6d,
0x07, 0xe1, 0xa0, 0x5f, 0xe1, 0x9a, 0x06, 0xba,
0x56, 0xd2, 0xb0, 0x73, 0xf5, 0xb3, 0xd0, 0x5f,
0xc0, 0xbf, 0x22, 0x4c, 0x54, 0x4e, 0x11, 0xe2,
0xc5, 0xf8, 0x66, 0x39, 0x9d, 0x70, 0x90, 0x31
};
#endif
#else
const unsigned char* pubDer = client_keypub_der_2048;
size_t pubDerSz = sizeof_client_keypub_der_2048;
unsigned char decMsg[2048/8];
const unsigned char encMsg[] = {
0x16, 0x5d, 0xbb, 0x00, 0x38, 0x73, 0x01, 0x34,
0xca, 0x59, 0xc6, 0x8b, 0x64, 0x70, 0x89, 0xf5,
0x50, 0x2d, 0x1d, 0x69, 0x1f, 0x07, 0x1e, 0x31,
0xae, 0x9b, 0xa6, 0x6e, 0xee, 0x80, 0xd9, 0x9e,
0x59, 0x33, 0x70, 0x30, 0x28, 0x42, 0x7d, 0x24,
0x36, 0x95, 0x6b, 0xf9, 0x0a, 0x23, 0xcb, 0xce,
0x66, 0xa5, 0x07, 0x5e, 0x11, 0xa7, 0xdc, 0xfb,
0xd9, 0xc2, 0x51, 0xf0, 0x05, 0xc9, 0x39, 0xb3,
0xae, 0xff, 0xfb, 0xe9, 0xb1, 0x9a, 0x54, 0xac,
0x1d, 0xca, 0x42, 0x1a, 0xfd, 0x7c, 0x97, 0xa0,
0x60, 0x2b, 0xcd, 0xb6, 0x36, 0x33, 0xfc, 0x44,
0x69, 0xf7, 0x2e, 0x8c, 0x3b, 0x5f, 0xb4, 0x9f,
0xa7, 0x02, 0x8f, 0x6d, 0x6b, 0x79, 0x10, 0x32,
0x7d, 0xf4, 0x5d, 0xa1, 0x63, 0x22, 0x59, 0xc4,
0x44, 0x8e, 0x44, 0x24, 0x8b, 0x14, 0x9d, 0x2b,
0xb5, 0xd3, 0xad, 0x9a, 0x87, 0x0d, 0xe7, 0x70,
0x6d, 0xe9, 0xae, 0xaa, 0x52, 0xbf, 0x1a, 0x9b,
0xc8, 0x3d, 0x45, 0x7c, 0xd1, 0x90, 0xe3, 0xd9,
0x57, 0xcf, 0xc3, 0x29, 0x69, 0x05, 0x07, 0x96,
0x2e, 0x46, 0x74, 0x0a, 0xa7, 0x76, 0x8b, 0xc0,
0x1c, 0x04, 0x80, 0x08, 0xa0, 0x94, 0x7e, 0xbb,
0x2d, 0x99, 0xe9, 0xab, 0x18, 0x4d, 0x48, 0x2d,
0x94, 0x5e, 0x50, 0x21, 0x42, 0xdf, 0xf5, 0x61,
0x42, 0x7d, 0x86, 0x5d, 0x9e, 0x89, 0xc9, 0x5b,
0x24, 0xab, 0xa1, 0xd8, 0x20, 0x45, 0xcb, 0x81,
0xcf, 0xc5, 0x25, 0x7d, 0x11, 0x6e, 0xbd, 0x80,
0xac, 0xba, 0xdc, 0xef, 0xb9, 0x05, 0x9c, 0xd5,
0xc2, 0x26, 0x57, 0x69, 0x8b, 0x08, 0x27, 0xc7,
0xea, 0xbe, 0xaf, 0x52, 0x21, 0x95, 0x9f, 0xa0,
0x2f, 0x2f, 0x53, 0x7c, 0x2f, 0xa3, 0x0b, 0x79,
0x39, 0x01, 0xa3, 0x37, 0x46, 0xa8, 0xc4, 0x34,
0x41, 0x20, 0x7c, 0x3f, 0x70, 0x9a, 0x47, 0xe8
};
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \
defined(WC_RSA_NO_PADDING)
const unsigned char encMsgNoPad[] = {
0x79, 0x69, 0xdc, 0x0d, 0xff, 0x09, 0xeb, 0x91,
0xbc, 0xda, 0xe4, 0xd3, 0xcd, 0xd5, 0xd3, 0x1c,
0xb9, 0x66, 0xa8, 0x02, 0xf3, 0x75, 0x40, 0xf1,
0x38, 0x4a, 0x37, 0x7b, 0x19, 0xc8, 0xcd, 0xea,
0x79, 0xa8, 0x51, 0x32, 0x00, 0x3f, 0x4c, 0xde,
0xaa, 0xe5, 0xe2, 0x7c, 0x10, 0xcd, 0x6e, 0x00,
0xc6, 0xc4, 0x63, 0x98, 0x58, 0x9b, 0x38, 0xca,
0xf0, 0x5d, 0xc8, 0xf0, 0x57, 0xf6, 0x21, 0x50,
0x3f, 0x63, 0x05, 0x9f, 0xbf, 0xb6, 0x3b, 0x50,
0x85, 0x06, 0x34, 0x08, 0x57, 0xb9, 0x44, 0xce,
0xe4, 0x66, 0xbf, 0x0c, 0xfe, 0x36, 0xa4, 0x5b,
0xed, 0x2d, 0x7d, 0xed, 0xf1, 0xbd, 0xda, 0x3e,
0x19, 0x1f, 0x99, 0xc8, 0xe4, 0xc2, 0xbb, 0xb5,
0x6c, 0x83, 0x22, 0xd1, 0xe7, 0x57, 0xcf, 0x1b,
0x91, 0x0c, 0xa5, 0x47, 0x06, 0x71, 0x8f, 0x93,
0xf3, 0xad, 0xdb, 0xe3, 0xf8, 0xa0, 0x0b, 0xcd,
0x89, 0x4e, 0xa5, 0xb5, 0x03, 0x68, 0x61, 0x89,
0x0b, 0xe2, 0x03, 0x8b, 0x1f, 0x54, 0xae, 0x0f,
0xfa, 0xf0, 0xb7, 0x0f, 0x8c, 0x84, 0x35, 0x13,
0x8d, 0x65, 0x1f, 0x2c, 0xd5, 0xce, 0xc4, 0x6c,
0x98, 0x67, 0xe4, 0x1a, 0x85, 0x67, 0x69, 0x17,
0x17, 0x5a, 0x5d, 0xfd, 0x23, 0xdd, 0x03, 0x3f,
0x6d, 0x7a, 0xb6, 0x8b, 0x99, 0xc0, 0xb6, 0x70,
0x86, 0xac, 0xf6, 0x02, 0xc2, 0x28, 0x42, 0xed,
0x06, 0xcf, 0xca, 0x3d, 0x07, 0x16, 0xf0, 0x0e,
0x04, 0x55, 0x1e, 0x59, 0x3f, 0x32, 0xc7, 0x12,
0xc5, 0x0d, 0x9d, 0x64, 0x7d, 0x2e, 0xd4, 0xbc,
0x8c, 0x24, 0x42, 0x94, 0x2b, 0xf6, 0x11, 0x7f,
0xb1, 0x1c, 0x09, 0x12, 0x6f, 0x5e, 0x2e, 0x7a,
0xc6, 0x01, 0xe0, 0x98, 0x31, 0xb7, 0x13, 0x03,
0xce, 0x29, 0xe1, 0xef, 0x9d, 0xdf, 0x9b, 0xa5,
0xba, 0x0b, 0xad, 0xf2, 0xeb, 0x2f, 0xf9, 0xd1
};
#endif
#endif
const unsigned char* der;
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \
defined(WC_RSA_NO_PADDING)
int i;
#endif
XMEMSET(msg, 0, sizeof(msg));
der = pubDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
ExpectIntEQ(RSA_public_decrypt(0, NULL, NULL, NULL, 0), -1);
ExpectIntEQ(RSA_public_decrypt(-1, encMsg, decMsg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), NULL, decMsg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, NULL,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
RSA_PKCS1_PADDING), 32);
ExpectIntEQ(XMEMCMP(decMsg, msg, sizeof(msg)), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \
defined(WC_RSA_NO_PADDING)
ExpectIntEQ(RSA_public_decrypt(sizeof(encMsgNoPad), encMsgNoPad, decMsg,
rsa, RSA_NO_PADDING), sizeof(decMsg));
/* Zeros before actual data. */
for (i = 0; i < (int)(sizeof(decMsg) - sizeof(msg)); i += sizeof(msg)) {
ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
}
/* Check actual data. */
XMEMSET(msg, 0x01, sizeof(msg));
ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
#endif
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_private_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa;
unsigned char msg[SHA256_DIGEST_LENGTH];
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
unsigned char encMsg[1024/8];
const unsigned char expEncMsg[] = {
0x45, 0x8e, 0x6e, 0x7a, 0x9c, 0xe1, 0x67, 0x36,
0x72, 0xfc, 0x9d, 0x05, 0xdf, 0xc2, 0xaf, 0x54,
0xc5, 0x2f, 0x94, 0xb8, 0xc7, 0x82, 0x40, 0xfa,
0xa7, 0x8c, 0xb1, 0x89, 0x40, 0xc3, 0x59, 0x5a,
0x77, 0x08, 0x54, 0x93, 0x43, 0x7f, 0xc4, 0xb7,
0xc4, 0x78, 0xf1, 0xf8, 0xab, 0xbf, 0xc2, 0x81,
0x5d, 0x97, 0xea, 0x7a, 0x60, 0x90, 0x51, 0xb7,
0x47, 0x78, 0x48, 0x1e, 0x88, 0x6b, 0x89, 0xde,
0xce, 0x41, 0x41, 0xae, 0x49, 0xf6, 0xfd, 0x2d,
0x2d, 0x9c, 0x70, 0x7d, 0xf9, 0xcf, 0x77, 0x5f,
0x06, 0xc7, 0x20, 0xe3, 0x57, 0xd4, 0xd8, 0x1a,
0x96, 0xa2, 0x39, 0xb0, 0x6e, 0x8e, 0x68, 0xf8,
0x57, 0x7b, 0x26, 0x88, 0x17, 0xc4, 0xb7, 0xf1,
0x59, 0xfa, 0xb6, 0x95, 0xdd, 0x1e, 0xe8, 0xd8,
0x4e, 0xbd, 0xcd, 0x41, 0xad, 0xc7, 0xe2, 0x39,
0xb8, 0x00, 0xca, 0xf5, 0x59, 0xdf, 0xf8, 0x43
};
#ifdef WC_RSA_NO_PADDING
const unsigned char expEncMsgNoPad[] = {
0x0d, 0x41, 0x5a, 0xc7, 0x60, 0xd7, 0xbe, 0xb6,
0x42, 0xd1, 0x65, 0xb1, 0x7e, 0x59, 0x54, 0xcc,
0x76, 0x62, 0xd0, 0x2f, 0x4d, 0xe3, 0x23, 0x62,
0xc8, 0x14, 0xfe, 0x5e, 0xa1, 0xc7, 0x05, 0xee,
0x9e, 0x28, 0x2e, 0xf5, 0xfd, 0xa4, 0xc0, 0x43,
0x55, 0xa2, 0x6b, 0x6b, 0x16, 0xa7, 0x63, 0x06,
0xa7, 0x78, 0x4f, 0xda, 0xae, 0x10, 0x6d, 0xd1,
0x2e, 0x1d, 0xbb, 0xbc, 0xc4, 0x1d, 0x82, 0xe4,
0xc6, 0x76, 0x77, 0xa6, 0x0a, 0xef, 0xd2, 0x89,
0xff, 0x30, 0x85, 0x22, 0xa0, 0x68, 0x88, 0x54,
0xa3, 0xd1, 0x92, 0xd1, 0x3f, 0x57, 0xe4, 0xc7,
0x43, 0x5a, 0x8b, 0xb3, 0x86, 0xaf, 0xd5, 0x6d,
0x07, 0xe1, 0xa0, 0x5f, 0xe1, 0x9a, 0x06, 0xba,
0x56, 0xd2, 0xb0, 0x73, 0xf5, 0xb3, 0xd0, 0x5f,
0xc0, 0xbf, 0x22, 0x4c, 0x54, 0x4e, 0x11, 0xe2,
0xc5, 0xf8, 0x66, 0x39, 0x9d, 0x70, 0x90, 0x31
};
#endif
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
unsigned char encMsg[2048/8];
const unsigned char expEncMsg[] = {
0x16, 0x5d, 0xbb, 0x00, 0x38, 0x73, 0x01, 0x34,
0xca, 0x59, 0xc6, 0x8b, 0x64, 0x70, 0x89, 0xf5,
0x50, 0x2d, 0x1d, 0x69, 0x1f, 0x07, 0x1e, 0x31,
0xae, 0x9b, 0xa6, 0x6e, 0xee, 0x80, 0xd9, 0x9e,
0x59, 0x33, 0x70, 0x30, 0x28, 0x42, 0x7d, 0x24,
0x36, 0x95, 0x6b, 0xf9, 0x0a, 0x23, 0xcb, 0xce,
0x66, 0xa5, 0x07, 0x5e, 0x11, 0xa7, 0xdc, 0xfb,
0xd9, 0xc2, 0x51, 0xf0, 0x05, 0xc9, 0x39, 0xb3,
0xae, 0xff, 0xfb, 0xe9, 0xb1, 0x9a, 0x54, 0xac,
0x1d, 0xca, 0x42, 0x1a, 0xfd, 0x7c, 0x97, 0xa0,
0x60, 0x2b, 0xcd, 0xb6, 0x36, 0x33, 0xfc, 0x44,
0x69, 0xf7, 0x2e, 0x8c, 0x3b, 0x5f, 0xb4, 0x9f,
0xa7, 0x02, 0x8f, 0x6d, 0x6b, 0x79, 0x10, 0x32,
0x7d, 0xf4, 0x5d, 0xa1, 0x63, 0x22, 0x59, 0xc4,
0x44, 0x8e, 0x44, 0x24, 0x8b, 0x14, 0x9d, 0x2b,
0xb5, 0xd3, 0xad, 0x9a, 0x87, 0x0d, 0xe7, 0x70,
0x6d, 0xe9, 0xae, 0xaa, 0x52, 0xbf, 0x1a, 0x9b,
0xc8, 0x3d, 0x45, 0x7c, 0xd1, 0x90, 0xe3, 0xd9,
0x57, 0xcf, 0xc3, 0x29, 0x69, 0x05, 0x07, 0x96,
0x2e, 0x46, 0x74, 0x0a, 0xa7, 0x76, 0x8b, 0xc0,
0x1c, 0x04, 0x80, 0x08, 0xa0, 0x94, 0x7e, 0xbb,
0x2d, 0x99, 0xe9, 0xab, 0x18, 0x4d, 0x48, 0x2d,
0x94, 0x5e, 0x50, 0x21, 0x42, 0xdf, 0xf5, 0x61,
0x42, 0x7d, 0x86, 0x5d, 0x9e, 0x89, 0xc9, 0x5b,
0x24, 0xab, 0xa1, 0xd8, 0x20, 0x45, 0xcb, 0x81,
0xcf, 0xc5, 0x25, 0x7d, 0x11, 0x6e, 0xbd, 0x80,
0xac, 0xba, 0xdc, 0xef, 0xb9, 0x05, 0x9c, 0xd5,
0xc2, 0x26, 0x57, 0x69, 0x8b, 0x08, 0x27, 0xc7,
0xea, 0xbe, 0xaf, 0x52, 0x21, 0x95, 0x9f, 0xa0,
0x2f, 0x2f, 0x53, 0x7c, 0x2f, 0xa3, 0x0b, 0x79,
0x39, 0x01, 0xa3, 0x37, 0x46, 0xa8, 0xc4, 0x34,
0x41, 0x20, 0x7c, 0x3f, 0x70, 0x9a, 0x47, 0xe8
};
#ifdef WC_RSA_NO_PADDING
const unsigned char expEncMsgNoPad[] = {
0x79, 0x69, 0xdc, 0x0d, 0xff, 0x09, 0xeb, 0x91,
0xbc, 0xda, 0xe4, 0xd3, 0xcd, 0xd5, 0xd3, 0x1c,
0xb9, 0x66, 0xa8, 0x02, 0xf3, 0x75, 0x40, 0xf1,
0x38, 0x4a, 0x37, 0x7b, 0x19, 0xc8, 0xcd, 0xea,
0x79, 0xa8, 0x51, 0x32, 0x00, 0x3f, 0x4c, 0xde,
0xaa, 0xe5, 0xe2, 0x7c, 0x10, 0xcd, 0x6e, 0x00,
0xc6, 0xc4, 0x63, 0x98, 0x58, 0x9b, 0x38, 0xca,
0xf0, 0x5d, 0xc8, 0xf0, 0x57, 0xf6, 0x21, 0x50,
0x3f, 0x63, 0x05, 0x9f, 0xbf, 0xb6, 0x3b, 0x50,
0x85, 0x06, 0x34, 0x08, 0x57, 0xb9, 0x44, 0xce,
0xe4, 0x66, 0xbf, 0x0c, 0xfe, 0x36, 0xa4, 0x5b,
0xed, 0x2d, 0x7d, 0xed, 0xf1, 0xbd, 0xda, 0x3e,
0x19, 0x1f, 0x99, 0xc8, 0xe4, 0xc2, 0xbb, 0xb5,
0x6c, 0x83, 0x22, 0xd1, 0xe7, 0x57, 0xcf, 0x1b,
0x91, 0x0c, 0xa5, 0x47, 0x06, 0x71, 0x8f, 0x93,
0xf3, 0xad, 0xdb, 0xe3, 0xf8, 0xa0, 0x0b, 0xcd,
0x89, 0x4e, 0xa5, 0xb5, 0x03, 0x68, 0x61, 0x89,
0x0b, 0xe2, 0x03, 0x8b, 0x1f, 0x54, 0xae, 0x0f,
0xfa, 0xf0, 0xb7, 0x0f, 0x8c, 0x84, 0x35, 0x13,
0x8d, 0x65, 0x1f, 0x2c, 0xd5, 0xce, 0xc4, 0x6c,
0x98, 0x67, 0xe4, 0x1a, 0x85, 0x67, 0x69, 0x17,
0x17, 0x5a, 0x5d, 0xfd, 0x23, 0xdd, 0x03, 0x3f,
0x6d, 0x7a, 0xb6, 0x8b, 0x99, 0xc0, 0xb6, 0x70,
0x86, 0xac, 0xf6, 0x02, 0xc2, 0x28, 0x42, 0xed,
0x06, 0xcf, 0xca, 0x3d, 0x07, 0x16, 0xf0, 0x0e,
0x04, 0x55, 0x1e, 0x59, 0x3f, 0x32, 0xc7, 0x12,
0xc5, 0x0d, 0x9d, 0x64, 0x7d, 0x2e, 0xd4, 0xbc,
0x8c, 0x24, 0x42, 0x94, 0x2b, 0xf6, 0x11, 0x7f,
0xb1, 0x1c, 0x09, 0x12, 0x6f, 0x5e, 0x2e, 0x7a,
0xc6, 0x01, 0xe0, 0x98, 0x31, 0xb7, 0x13, 0x03,
0xce, 0x29, 0xe1, 0xef, 0x9d, 0xdf, 0x9b, 0xa5,
0xba, 0x0b, 0xad, 0xf2, 0xeb, 0x2f, 0xf9, 0xd1
};
#endif
#endif
const unsigned char* der;
XMEMSET(msg, 0x00, sizeof(msg));
der = privDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectIntEQ(RSA_private_encrypt(0, NULL, NULL, NULL, 0), -1);
ExpectIntEQ(RSA_private_encrypt(0, msg, encMsg, rsa, RSA_PKCS1_PADDING),
-1);
ExpectIntEQ(RSA_private_encrypt(sizeof(msg), NULL, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, NULL,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PADDING), sizeof(encMsg));
ExpectIntEQ(XMEMCMP(encMsg, expEncMsg, sizeof(expEncMsg)), 0);
#ifdef WC_RSA_NO_PADDING
/* Non-zero message. */
XMEMSET(msg, 0x01, sizeof(msg));
ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_NO_PADDING), sizeof(encMsg));
ExpectIntEQ(XMEMCMP(encMsg, expEncMsgNoPad, sizeof(expEncMsgNoPad)), 0);
#endif
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_public_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA* rsa = NULL;
const unsigned char msg[2048/8] = { 0 };
unsigned char encMsg[2048/8];
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(RSA_public_encrypt(-1, msg, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_encrypt(sizeof(msg), NULL, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, NULL,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
/* Empty RSA key. */
ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_private_decrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA* rsa = NULL;
unsigned char msg[2048/8];
const unsigned char encMsg[2048/8] = { 0 };
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(RSA_private_decrypt(-1, encMsg, msg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), NULL, msg, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, NULL,
RSA_PKCS1_PADDING), -1);
ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
/* Empty RSA key. */
ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
RSA_PKCS1_PADDING), -1);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_GenAdd(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
const unsigned char* pubDer = client_keypub_der_1024;
size_t pubDerSz = sizeof_client_keypub_der_1024;
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
const unsigned char* pubDer = client_keypub_der_2048;
size_t pubDerSz = sizeof_client_keypub_der_2048;
#endif
const unsigned char* der;
der = privDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectIntEQ(wolfSSL_RSA_GenAdd(NULL), -1);
#ifndef RSA_LOW_MEM
ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), 1);
#else
/* dmp1 and dmq1 are not set (allocated) when RSA_LOW_MEM. */
ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
#endif
RSA_free(rsa);
der = pubDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
/* Need private values. */
ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_blinding_on(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_STUB)
RSA *rsa;
WOLFSSL_BN_CTX *bnCtx = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
#endif
const unsigned char* der;
der = privDer;
rsa = NULL;
ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectNotNull(bnCtx = wolfSSL_BN_CTX_new());
/* Does nothing so all parameters are valid. */
ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, NULL), 1);
ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, NULL), 1);
ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, bnCtx), 1);
ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, bnCtx), 1);
wolfSSL_BN_CTX_free(bnCtx);
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_ex_data(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA)
RSA* rsa = NULL;
unsigned char data[1];
ExpectNotNull(rsa = RSA_new());
ExpectNull(wolfSSL_RSA_get_ex_data(NULL, 0));
ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0));
#ifdef MAX_EX_DATA
ExpectNull(wolfSSL_RSA_get_ex_data(rsa, MAX_EX_DATA));
ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, MAX_EX_DATA, data), 0);
#endif
ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, NULL), 0);
ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, data), 0);
#ifdef HAVE_EX_DATA
ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 1);
ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 1);
ExpectPtrEq(wolfSSL_RSA_get_ex_data(rsa, 0), data);
#else
ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 0);
ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 0);
ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0));
#endif
RSA_free(rsa);
#endif /* !NO_RSA && OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_LoadDer(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
RSA *rsa = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
#endif
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(wolfSSL_RSA_LoadDer(NULL, privDer, (int)privDerSz), -1);
ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, NULL, (int)privDerSz), -1);
ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, 0), -1);
ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, (int)privDerSz), 1);
RSA_free(rsa);
#endif /* !NO_RSA && OPENSSL_EXTRA */
return EXPECT_RESULT();
}
/* Local API. */
static int test_wolfSSL_RSA_To_Der(void)
{
EXPECT_DECLS;
#ifdef WOLFSSL_TEST_STATIC_BUILD
#if defined(WOLFSSL_KEY_GEN) && defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA* rsa;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
const unsigned char* pubDer = client_keypub_der_1024;
size_t pubDerSz = sizeof_client_keypub_der_1024;
unsigned char out[sizeof(client_key_der_1024)];
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
const unsigned char* pubDer = client_keypub_der_2048;
size_t pubDerSz = sizeof_client_keypub_der_2048;
unsigned char out[sizeof(client_key_der_2048)];
#endif
const unsigned char* der;
unsigned char* outDer = NULL;
der = privDer;
rsa = NULL;
ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectIntEQ(wolfSSL_RSA_To_Der(NULL, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 2, HEAP_HINT), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 0, HEAP_HINT), privDerSz);
outDer = out;
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
ExpectIntEQ(XMEMCMP(out, privDer, privDerSz), 0);
outDer = NULL;
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
ExpectNotNull(outDer);
ExpectIntEQ(XMEMCMP(outDer, privDer, privDerSz), 0);
XFREE(outDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 1, HEAP_HINT), pubDerSz);
outDer = out;
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), pubDerSz);
ExpectIntEQ(XMEMCMP(out, pubDer, pubDerSz), 0);
RSA_free(rsa);
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), BAD_FUNC_ARG);
RSA_free(rsa);
der = pubDer;
rsa = NULL;
ExpectNotNull(wolfSSL_d2i_RSAPublicKey(&rsa, &der, pubDerSz));
ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
RSA_free(rsa);
#endif
#endif
return EXPECT_RESULT();
}
/* wolfSSL_PEM_read_RSAPublicKey is a stub function. */
static int test_wolfSSL_PEM_read_RSAPublicKey(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
XFILE file = XBADFILE;
const char* fname = "./certs/server-keyPub.pem";
RSA *rsa = NULL;
ExpectNull(wolfSSL_PEM_read_RSAPublicKey(XBADFILE, NULL, NULL, NULL));
ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
ExpectNotNull(rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL));
ExpectIntEQ(RSA_size(rsa), 256);
RSA_free(rsa);
if (file != XBADFILE)
XFCLOSE(file);
#endif
return EXPECT_RESULT();
}
/* wolfSSL_PEM_read_RSAPublicKey is a stub function. */
static int test_wolfSSL_PEM_write_RSA_PUBKEY(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_KEY_GEN)
RSA* rsa = NULL;
ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(XBADFILE, NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, NULL), 0);
/* Valid but stub so returns 0. */
ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, rsa), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_RSAPrivateKey(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
(defined(WOLFSSL_PEM_TO_DER) || \
defined(WOLFSSL_DER_TO_PEM)) && !defined(NO_FILESYSTEM)
RSA* rsa = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
#endif
const unsigned char* der;
#ifndef NO_AES
unsigned char passwd[] = "password";
#endif
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
NULL, NULL), 0);
RSA_free(rsa);
der = privDer;
rsa = NULL;
ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0,
NULL, NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0,
NULL, NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
NULL, NULL), 1);
#ifndef NO_AES
ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
NULL, 0, NULL, NULL), 1);
ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
passwd, sizeof(passwd) - 1, NULL, NULL), 1);
#endif
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_mem_RSAPrivateKey(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
(defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM))
RSA* rsa = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
#else
const unsigned char* privDer = client_key_der_2048;
size_t privDerSz = sizeof_client_key_der_2048;
#endif
const unsigned char* der;
#ifndef NO_AES
unsigned char passwd[] = "password";
#endif
unsigned char* pem = NULL;
int plen;
ExpectNotNull(rsa = RSA_new());
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
&plen), 0);
RSA_free(rsa);
der = privDer;
rsa = NULL;
ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(NULL, NULL, NULL, 0, &pem,
&plen), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, NULL,
&plen), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
NULL), 0);
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
&plen), 1);
XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
pem = NULL;
#ifndef NO_AES
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
NULL, 0, &pem, &plen), 1);
XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
pem = NULL;
ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
passwd, sizeof(passwd) - 1, &pem, &plen), 1);
XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
#endif
RSA_free(rsa);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DH(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
DH *dh = NULL;
BIGNUM* p;
BIGNUM* q;
BIGNUM* g;
BIGNUM* pub = NULL;
BIGNUM* priv = NULL;
#if defined(OPENSSL_ALL)
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
FILE* f = NULL;
unsigned char buf[268];
const unsigned char* pt = buf;
long len = 0;
dh = NULL;
XMEMSET(buf, 0, sizeof(buf));
/* Test 2048 bit parameters */
ExpectTrue((f = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(dh = d2i_DHparams(NULL, &pt, len));
ExpectNotNull(dh->p);
ExpectNotNull(dh->g);
ExpectTrue(pt == buf);
ExpectIntEQ(DH_generate_key(dh), 1);
ExpectIntEQ(DH_generate_key(dh), 1);
ExpectIntEQ(DH_compute_key(NULL, NULL, NULL), -1);
ExpectNotNull(pub = BN_new());
ExpectIntEQ(BN_set_word(pub, 1), 1);
ExpectIntEQ(DH_compute_key(buf, NULL, NULL), -1);
ExpectIntEQ(DH_compute_key(NULL, pub, NULL), -1);
ExpectIntEQ(DH_compute_key(NULL, NULL, dh), -1);
ExpectIntEQ(DH_compute_key(buf, pub, NULL), -1);
ExpectIntEQ(DH_compute_key(buf, NULL, dh), -1);
ExpectIntEQ(DH_compute_key(NULL, pub, dh), -1);
ExpectIntEQ(DH_compute_key(buf, pub, dh), -1);
BN_free(pub);
pub = NULL;
DH_get0_pqg(dh, (const BIGNUM**)&p,
(const BIGNUM**)&q,
(const BIGNUM**)&g);
ExpectPtrEq(p, dh->p);
ExpectPtrEq(q, dh->q);
ExpectPtrEq(g, dh->g);
DH_get0_key(NULL, (const BIGNUM**)&pub, (const BIGNUM**)&priv);
DH_get0_key(dh, (const BIGNUM**)&pub, (const BIGNUM**)&priv);
ExpectPtrEq(pub, dh->pub_key);
ExpectPtrEq(priv, dh->priv_key);
DH_get0_key(dh, (const BIGNUM**)&pub, NULL);
ExpectPtrEq(pub, dh->pub_key);
DH_get0_key(dh, NULL, (const BIGNUM**)&priv);
ExpectPtrEq(priv, dh->priv_key);
pub = NULL;
priv = NULL;
ExpectNotNull(pub = BN_new());
ExpectNotNull(priv = BN_new());
ExpectIntEQ(DH_set0_key(NULL, pub, priv), 0);
ExpectIntEQ(DH_set0_key(dh, pub, priv), 1);
if (EXPECT_FAIL()) {
BN_free(pub);
BN_free(priv);
}
pub = NULL;
priv = NULL;
ExpectNotNull(pub = BN_new());
ExpectIntEQ(DH_set0_key(dh, pub, NULL), 1);
if (EXPECT_FAIL()) {
BN_free(pub);
}
ExpectNotNull(priv = BN_new());
ExpectIntEQ(DH_set0_key(dh, NULL, priv), 1);
if (EXPECT_FAIL()) {
BN_free(priv);
}
ExpectPtrEq(pub, dh->pub_key);
ExpectPtrEq(priv, dh->priv_key);
pub = NULL;
priv = NULL;
DH_free(dh);
dh = NULL;
ExpectNotNull(dh = DH_new());
p = NULL;
ExpectNotNull(p = BN_new());
ExpectIntEQ(BN_set_word(p, 1), 1);
ExpectIntEQ(DH_compute_key(buf, p, dh), -1);
ExpectNotNull(pub = BN_new());
ExpectNotNull(priv = BN_new());
ExpectIntEQ(DH_set0_key(dh, pub, priv), 1);
if (EXPECT_FAIL()) {
BN_free(pub);
BN_free(priv);
}
pub = NULL;
priv = NULL;
ExpectIntEQ(DH_compute_key(buf, p, dh), -1);
BN_free(p);
p = NULL;
DH_free(dh);
dh = NULL;
#ifdef WOLFSSL_KEY_GEN
ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
ExpectIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0);
DH_free(dh);
dh = NULL;
#endif
#endif /* !HAVE_FIPS || (HAVE_FIPS_VERSION && HAVE_FIPS_VERSION > 2) */
#endif /* OPENSSL_ALL */
(void)dh;
(void)p;
(void)q;
(void)g;
(void)pub;
(void)priv;
ExpectNotNull(dh = wolfSSL_DH_new());
/* invalid parameters test */
DH_get0_pqg(NULL, (const BIGNUM**)&p,
(const BIGNUM**)&q,
(const BIGNUM**)&g);
DH_get0_pqg(dh, NULL,
(const BIGNUM**)&q,
(const BIGNUM**)&g);
DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g);
DH_get0_pqg(dh, NULL, NULL, NULL);
DH_get0_pqg(dh, (const BIGNUM**)&p,
(const BIGNUM**)&q,
(const BIGNUM**)&g);
ExpectPtrEq(p, NULL);
ExpectPtrEq(q, NULL);
ExpectPtrEq(g, NULL);
DH_free(dh);
dh = NULL;
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS) && !defined(WOLFSSL_DH_EXTRA)) \
|| (defined(HAVE_FIPS_VERSION) && FIPS_VERSION_GT(2,0))
#if defined(OPENSSL_ALL) || \
defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
dh = wolfSSL_DH_new();
ExpectNotNull(dh);
p = wolfSSL_BN_new();
ExpectNotNull(p);
ExpectIntEQ(BN_set_word(p, 11), 1);
g = wolfSSL_BN_new();
ExpectNotNull(g);
ExpectIntEQ(BN_set_word(g, 2), 1);
q = wolfSSL_BN_new();
ExpectNotNull(q);
ExpectIntEQ(BN_set_word(q, 5), 1);
ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, q, NULL), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, g), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, q, g), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, g), 0);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, NULL), 0);
/* Don't need q. */
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
if (EXPECT_FAIL()) {
BN_free(p);
BN_free(g);
}
p = NULL;
g = NULL;
/* Setting again will free the p and g. */
wolfSSL_BN_free(q);
q = NULL;
DH_free(dh);
dh = NULL;
dh = wolfSSL_DH_new();
ExpectNotNull(dh);
p = wolfSSL_BN_new();
ExpectNotNull(p);
ExpectIntEQ(BN_set_word(p, 11), 1);
g = wolfSSL_BN_new();
ExpectNotNull(g);
ExpectIntEQ(BN_set_word(g, 2), 1);
q = wolfSSL_BN_new();
ExpectNotNull(q);
ExpectIntEQ(BN_set_word(q, 5), 1);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, g), 1);
/* p, q and g are now owned by dh - don't free. */
if (EXPECT_FAIL()) {
BN_free(p);
BN_free(q);
BN_free(g);
}
p = NULL;
q = NULL;
g = NULL;
p = wolfSSL_BN_new();
ExpectNotNull(p);
ExpectIntEQ(BN_set_word(p, 11), 1);
g = wolfSSL_BN_new();
ExpectNotNull(g);
ExpectIntEQ(BN_set_word(g, 2), 1);
q = wolfSSL_BN_new();
ExpectNotNull(q);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, NULL), 1);
if (EXPECT_FAIL()) {
BN_free(p);
}
p = NULL;
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, NULL), 1);
if (EXPECT_FAIL()) {
BN_free(q);
}
q = NULL;
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, g), 1);
if (EXPECT_FAIL()) {
BN_free(g);
}
g = NULL;
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 1);
/* p, q and g are now owned by dh - don't free. */
DH_free(dh);
dh = NULL;
ExpectIntEQ(DH_generate_key(NULL), 0);
ExpectNotNull(dh = DH_new());
ExpectIntEQ(DH_generate_key(dh), 0);
p = wolfSSL_BN_new();
ExpectNotNull(p);
ExpectIntEQ(BN_set_word(p, 0), 1);
g = wolfSSL_BN_new();
ExpectNotNull(g);
ExpectIntEQ(BN_set_word(g, 2), 1);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
if (EXPECT_FAIL()) {
BN_free(p);
BN_free(g);
}
p = NULL;
g = NULL;
ExpectIntEQ(DH_generate_key(dh), 0);
DH_free(dh);
dh = NULL;
#endif
#endif
/* Test DH_up_ref() */
dh = wolfSSL_DH_new();
ExpectNotNull(dh);
ExpectIntEQ(wolfSSL_DH_up_ref(NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS);
DH_free(dh); /* decrease ref count */
DH_free(dh); /* free WOLFSSL_DH */
dh = NULL;
q = NULL;
ExpectNull((dh = DH_new_by_nid(NID_sha1)));
#if (defined(HAVE_PUBLIC_FFDHE) || (defined(HAVE_FIPS) && \
FIPS_VERSION_EQ(2,0))) || (!defined(HAVE_PUBLIC_FFDHE) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)))
#ifdef HAVE_FFDHE_2048
ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe2048)));
DH_free(dh);
dh = NULL;
q = NULL;
#endif
#ifdef HAVE_FFDHE_3072
ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe3072)));
DH_free(dh);
dh = NULL;
q = NULL;
#endif
#ifdef HAVE_FFDHE_4096
ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe4096)));
DH_free(dh);
dh = NULL;
q = NULL;
#endif
#else
ExpectNull((dh = DH_new_by_nid(NID_ffdhe2048)));
#endif /* (HAVE_PUBLIC_FFDHE || (HAVE_FIPS && HAVE_FIPS_VERSION == 2)) ||
* (!HAVE_PUBLIC_FFDHE && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2))*/
ExpectIntEQ(wolfSSL_DH_size(NULL), -1);
#endif /* OPENSSL_EXTRA && !NO_DH */
return EXPECT_RESULT();
}
static int test_wolfSSL_DH_dup(void)
{
EXPECT_DECLS;
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
defined(OPENSSL_EXTRA)
DH *dh = NULL;
DH *dhDup = NULL;
ExpectNotNull(dh = wolfSSL_DH_new());
ExpectNull(dhDup = wolfSSL_DH_dup(NULL));
ExpectNull(dhDup = wolfSSL_DH_dup(dh));
#if defined(OPENSSL_ALL) || \
defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
{
WOLFSSL_BIGNUM* p = NULL;
WOLFSSL_BIGNUM* g = NULL;
ExpectNotNull(p = wolfSSL_BN_new());
ExpectNotNull(g = wolfSSL_BN_new());
ExpectIntEQ(wolfSSL_BN_set_word(p, 11), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_BN_set_word(g, 2), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
if (EXPECT_FAIL()) {
wolfSSL_BN_free(p);
wolfSSL_BN_free(g);
}
ExpectNotNull(dhDup = wolfSSL_DH_dup(dh));
wolfSSL_DH_free(dhDup);
}
#endif
wolfSSL_DH_free(dh);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DH_check(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
#ifndef NO_DH
#ifndef NO_BIO
#ifndef NO_DSA
byte buf[6000];
char file[] = "./certs/dsaparams.pem";
XFILE f = XBADFILE;
int bytes;
BIO* bio = NULL;
DSA* dsa = NULL;
#elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)
static const byte dh2048[] = {
0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01,
0x00, 0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13,
0xba, 0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5,
0x00, 0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a,
0xc6, 0x25, 0x27, 0x1c, 0xe8, 0xd2, 0x96, 0x53,
0x0a, 0x5c, 0x91, 0xdd, 0xa2, 0xc2, 0x94, 0x84,
0xbf, 0x7d, 0xb2, 0x44, 0x9f, 0x9b, 0xd2, 0xc1,
0x8a, 0xc5, 0xbe, 0x72, 0x5c, 0xa7, 0xe7, 0x91,
0xe6, 0xd4, 0x9f, 0x73, 0x07, 0x85, 0x5b, 0x66,
0x48, 0xc7, 0x70, 0xfa, 0xb4, 0xee, 0x02, 0xc9,
0x3d, 0x9a, 0x4a, 0xda, 0x3d, 0xc1, 0x46, 0x3e,
0x19, 0x69, 0xd1, 0x17, 0x46, 0x07, 0xa3, 0x4d,
0x9f, 0x2b, 0x96, 0x17, 0x39, 0x6d, 0x30, 0x8d,
0x2a, 0xf3, 0x94, 0xd3, 0x75, 0xcf, 0xa0, 0x75,
0xe6, 0xf2, 0x92, 0x1f, 0x1a, 0x70, 0x05, 0xaa,
0x04, 0x83, 0x57, 0x30, 0xfb, 0xda, 0x76, 0x93,
0x38, 0x50, 0xe8, 0x27, 0xfd, 0x63, 0xee, 0x3c,
0xe5, 0xb7, 0xc8, 0x09, 0xae, 0x6f, 0x50, 0x35,
0x8e, 0x84, 0xce, 0x4a, 0x00, 0xe9, 0x12, 0x7e,
0x5a, 0x31, 0xd7, 0x33, 0xfc, 0x21, 0x13, 0x76,
0xcc, 0x16, 0x30, 0xdb, 0x0c, 0xfc, 0xc5, 0x62,
0xa7, 0x35, 0xb8, 0xef, 0xb7, 0xb0, 0xac, 0xc0,
0x36, 0xf6, 0xd9, 0xc9, 0x46, 0x48, 0xf9, 0x40,
0x90, 0x00, 0x2b, 0x1b, 0xaa, 0x6c, 0xe3, 0x1a,
0xc3, 0x0b, 0x03, 0x9e, 0x1b, 0xc2, 0x46, 0xe4,
0x48, 0x4e, 0x22, 0x73, 0x6f, 0xc3, 0x5f, 0xd4,
0x9a, 0xd6, 0x30, 0x07, 0x48, 0xd6, 0x8c, 0x90,
0xab, 0xd4, 0xf6, 0xf1, 0xe3, 0x48, 0xd3, 0x58,
0x4b, 0xa6, 0xb9, 0xcd, 0x29, 0xbf, 0x68, 0x1f,
0x08, 0x4b, 0x63, 0x86, 0x2f, 0x5c, 0x6b, 0xd6,
0xb6, 0x06, 0x65, 0xf7, 0xa6, 0xdc, 0x00, 0x67,
0x6b, 0xbb, 0xc3, 0xa9, 0x41, 0x83, 0xfb, 0xc7,
0xfa, 0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f,
0x93, 0x02, 0x01, 0x02
};
const byte* params;
#endif
DH* dh = NULL;
WOLFSSL_BIGNUM* p = NULL;
WOLFSSL_BIGNUM* g = NULL;
WOLFSSL_BIGNUM* pTmp = NULL;
WOLFSSL_BIGNUM* gTmp = NULL;
int codes = -1;
#ifndef NO_DSA
/* Initialize DH */
ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL));
ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa));
ExpectNotNull(dh);
BIO_free(bio);
DSA_free(dsa);
#elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)
params = dh2048;
ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &params,
(long)sizeof(dh2048)));
#else
ExpectNotNull(dh = wolfSSL_DH_new_by_nid(NID_ffdhe2048));
#endif
/* Test assumed to be valid dh.
* Should return WOLFSSL_SUCCESS
* codes should be 0
* Invalid codes = {DH_NOT_SUITABLE_GENERATOR, DH_CHECK_P_NOT_PRIME}
*/
ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
ExpectIntEQ(codes, 0);
/* Test NULL dh: expected BAD_FUNC_ARG */
ExpectIntEQ(wolfSSL_DH_check(NULL, &codes), 0);
/* Break dh prime to test if codes = DH_CHECK_P_NOT_PRIME */
if (dh != NULL) {
pTmp = dh->p;
dh->p = NULL;
}
ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME);
/* set dh->p back to normal so it won't fail on next tests */
if (dh != NULL) {
dh->p = pTmp;
pTmp = NULL;
}
/* Break dh generator to test if codes = DH_NOT_SUITABLE_GENERATOR */
if (dh != NULL) {
gTmp = dh->g;
dh->g = NULL;
}
ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR);
if (dh != NULL) {
dh->g = gTmp;
gTmp = NULL;
}
/* Cleanup */
DH_free(dh);
dh = NULL;
dh = DH_new();
ExpectNotNull(dh);
/* Check empty DH. */
ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR | DH_CHECK_P_NOT_PRIME);
/* Check non-prime valued p. */
ExpectNotNull(p = BN_new());
ExpectIntEQ(BN_set_word(p, 4), 1);
ExpectNotNull(g = BN_new());
ExpectIntEQ(BN_set_word(g, 2), 1);
ExpectIntEQ(DH_set0_pqg(dh, p, NULL, g), 1);
if (EXPECT_FAIL()) {
wolfSSL_BN_free(p);
wolfSSL_BN_free(g);
}
ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME);
DH_free(dh);
dh = NULL;
#endif
#endif /* !NO_DH && !NO_DSA */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DH_prime(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
WOLFSSL_BIGNUM* bn = NULL;
#if WOLFSSL_MAX_BN_BITS >= 768
WOLFSSL_BIGNUM* bn2 = NULL;
#endif
bn = wolfSSL_DH_768_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 768
ExpectNotNull(bn);
bn2 = wolfSSL_DH_768_prime(bn);
ExpectNotNull(bn2);
ExpectTrue(bn == bn2);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
bn = wolfSSL_DH_1024_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 1024
ExpectNotNull(bn);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
bn = wolfSSL_DH_2048_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 2048
ExpectNotNull(bn);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
bn = wolfSSL_DH_3072_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 3072
ExpectNotNull(bn);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
bn = wolfSSL_DH_4096_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 4096
ExpectNotNull(bn);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
bn = wolfSSL_DH_6144_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 6144
ExpectNotNull(bn);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
bn = wolfSSL_DH_8192_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 8192
ExpectNotNull(bn);
wolfSSL_BN_free(bn);
bn = NULL;
#else
ExpectNull(bn);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DH_1536_prime(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
BIGNUM* bn = NULL;
unsigned char bits[200];
int sz = 192; /* known binary size */
const byte expected[] = {
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,
0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,
0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,
0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,
0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,
0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,
0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
};
ExpectNotNull(bn = get_rfc3526_prime_1536(NULL));
ExpectIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
ExpectIntEQ(0, XMEMCMP(expected, bits, sz));
BN_free(bn);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DH_get_2048_256(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
WOLFSSL_DH* dh = NULL;
const WOLFSSL_BIGNUM* pBn;
const WOLFSSL_BIGNUM* gBn;
const WOLFSSL_BIGNUM* qBn;
const byte pExpected[] = {
0x87, 0xA8, 0xE6, 0x1D, 0xB4, 0xB6, 0x66, 0x3C, 0xFF, 0xBB, 0xD1, 0x9C,
0x65, 0x19, 0x59, 0x99, 0x8C, 0xEE, 0xF6, 0x08, 0x66, 0x0D, 0xD0, 0xF2,
0x5D, 0x2C, 0xEE, 0xD4, 0x43, 0x5E, 0x3B, 0x00, 0xE0, 0x0D, 0xF8, 0xF1,
0xD6, 0x19, 0x57, 0xD4, 0xFA, 0xF7, 0xDF, 0x45, 0x61, 0xB2, 0xAA, 0x30,
0x16, 0xC3, 0xD9, 0x11, 0x34, 0x09, 0x6F, 0xAA, 0x3B, 0xF4, 0x29, 0x6D,
0x83, 0x0E, 0x9A, 0x7C, 0x20, 0x9E, 0x0C, 0x64, 0x97, 0x51, 0x7A, 0xBD,
0x5A, 0x8A, 0x9D, 0x30, 0x6B, 0xCF, 0x67, 0xED, 0x91, 0xF9, 0xE6, 0x72,
0x5B, 0x47, 0x58, 0xC0, 0x22, 0xE0, 0xB1, 0xEF, 0x42, 0x75, 0xBF, 0x7B,
0x6C, 0x5B, 0xFC, 0x11, 0xD4, 0x5F, 0x90, 0x88, 0xB9, 0x41, 0xF5, 0x4E,
0xB1, 0xE5, 0x9B, 0xB8, 0xBC, 0x39, 0xA0, 0xBF, 0x12, 0x30, 0x7F, 0x5C,
0x4F, 0xDB, 0x70, 0xC5, 0x81, 0xB2, 0x3F, 0x76, 0xB6, 0x3A, 0xCA, 0xE1,
0xCA, 0xA6, 0xB7, 0x90, 0x2D, 0x52, 0x52, 0x67, 0x35, 0x48, 0x8A, 0x0E,
0xF1, 0x3C, 0x6D, 0x9A, 0x51, 0xBF, 0xA4, 0xAB, 0x3A, 0xD8, 0x34, 0x77,
0x96, 0x52, 0x4D, 0x8E, 0xF6, 0xA1, 0x67, 0xB5, 0xA4, 0x18, 0x25, 0xD9,
0x67, 0xE1, 0x44, 0xE5, 0x14, 0x05, 0x64, 0x25, 0x1C, 0xCA, 0xCB, 0x83,
0xE6, 0xB4, 0x86, 0xF6, 0xB3, 0xCA, 0x3F, 0x79, 0x71, 0x50, 0x60, 0x26,
0xC0, 0xB8, 0x57, 0xF6, 0x89, 0x96, 0x28, 0x56, 0xDE, 0xD4, 0x01, 0x0A,
0xBD, 0x0B, 0xE6, 0x21, 0xC3, 0xA3, 0x96, 0x0A, 0x54, 0xE7, 0x10, 0xC3,
0x75, 0xF2, 0x63, 0x75, 0xD7, 0x01, 0x41, 0x03, 0xA4, 0xB5, 0x43, 0x30,
0xC1, 0x98, 0xAF, 0x12, 0x61, 0x16, 0xD2, 0x27, 0x6E, 0x11, 0x71, 0x5F,
0x69, 0x38, 0x77, 0xFA, 0xD7, 0xEF, 0x09, 0xCA, 0xDB, 0x09, 0x4A, 0xE9,
0x1E, 0x1A, 0x15, 0x97
};
const byte gExpected[] = {
0x3F, 0xB3, 0x2C, 0x9B, 0x73, 0x13, 0x4D, 0x0B, 0x2E, 0x77, 0x50, 0x66,
0x60, 0xED, 0xBD, 0x48, 0x4C, 0xA7, 0xB1, 0x8F, 0x21, 0xEF, 0x20, 0x54,
0x07, 0xF4, 0x79, 0x3A, 0x1A, 0x0B, 0xA1, 0x25, 0x10, 0xDB, 0xC1, 0x50,
0x77, 0xBE, 0x46, 0x3F, 0xFF, 0x4F, 0xED, 0x4A, 0xAC, 0x0B, 0xB5, 0x55,
0xBE, 0x3A, 0x6C, 0x1B, 0x0C, 0x6B, 0x47, 0xB1, 0xBC, 0x37, 0x73, 0xBF,
0x7E, 0x8C, 0x6F, 0x62, 0x90, 0x12, 0x28, 0xF8, 0xC2, 0x8C, 0xBB, 0x18,
0xA5, 0x5A, 0xE3, 0x13, 0x41, 0x00, 0x0A, 0x65, 0x01, 0x96, 0xF9, 0x31,
0xC7, 0x7A, 0x57, 0xF2, 0xDD, 0xF4, 0x63, 0xE5, 0xE9, 0xEC, 0x14, 0x4B,
0x77, 0x7D, 0xE6, 0x2A, 0xAA, 0xB8, 0xA8, 0x62, 0x8A, 0xC3, 0x76, 0xD2,
0x82, 0xD6, 0xED, 0x38, 0x64, 0xE6, 0x79, 0x82, 0x42, 0x8E, 0xBC, 0x83,
0x1D, 0x14, 0x34, 0x8F, 0x6F, 0x2F, 0x91, 0x93, 0xB5, 0x04, 0x5A, 0xF2,
0x76, 0x71, 0x64, 0xE1, 0xDF, 0xC9, 0x67, 0xC1, 0xFB, 0x3F, 0x2E, 0x55,
0xA4, 0xBD, 0x1B, 0xFF, 0xE8, 0x3B, 0x9C, 0x80, 0xD0, 0x52, 0xB9, 0x85,
0xD1, 0x82, 0xEA, 0x0A, 0xDB, 0x2A, 0x3B, 0x73, 0x13, 0xD3, 0xFE, 0x14,
0xC8, 0x48, 0x4B, 0x1E, 0x05, 0x25, 0x88, 0xB9, 0xB7, 0xD2, 0xBB, 0xD2,
0xDF, 0x01, 0x61, 0x99, 0xEC, 0xD0, 0x6E, 0x15, 0x57, 0xCD, 0x09, 0x15,
0xB3, 0x35, 0x3B, 0xBB, 0x64, 0xE0, 0xEC, 0x37, 0x7F, 0xD0, 0x28, 0x37,
0x0D, 0xF9, 0x2B, 0x52, 0xC7, 0x89, 0x14, 0x28, 0xCD, 0xC6, 0x7E, 0xB6,
0x18, 0x4B, 0x52, 0x3D, 0x1D, 0xB2, 0x46, 0xC3, 0x2F, 0x63, 0x07, 0x84,
0x90, 0xF0, 0x0E, 0xF8, 0xD6, 0x47, 0xD1, 0x48, 0xD4, 0x79, 0x54, 0x51,
0x5E, 0x23, 0x27, 0xCF, 0xEF, 0x98, 0xC5, 0x82, 0x66, 0x4B, 0x4C, 0x0F,
0x6C, 0xC4, 0x16, 0x59
};
const byte qExpected[] = {
0x8C, 0xF8, 0x36, 0x42, 0xA7, 0x09, 0xA0, 0x97, 0xB4, 0x47, 0x99, 0x76,
0x40, 0x12, 0x9D, 0xA2, 0x99, 0xB1, 0xA4, 0x7D, 0x1E, 0xB3, 0x75, 0x0B,
0xA3, 0x08, 0xB0, 0xFE, 0x64, 0xF5, 0xFB, 0xD3
};
int pSz = 0;
int qSz = 0;
int gSz = 0;
byte* pReturned = NULL;
byte* qReturned = NULL;
byte* gReturned = NULL;
ExpectNotNull((dh = wolfSSL_DH_get_2048_256()));
wolfSSL_DH_get0_pqg(dh, &pBn, &qBn, &gBn);
ExpectIntGT((pSz = wolfSSL_BN_num_bytes(pBn)), 0);
ExpectNotNull(pReturned = (byte*)XMALLOC(pSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntGT((pSz = wolfSSL_BN_bn2bin(pBn, pReturned)), 0);
ExpectIntEQ(pSz, sizeof(pExpected));
ExpectIntEQ(XMEMCMP(pExpected, pReturned, pSz), 0);
ExpectIntGT((qSz = wolfSSL_BN_num_bytes(qBn)), 0);
ExpectNotNull(qReturned = (byte*)XMALLOC(qSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntGT((qSz = wolfSSL_BN_bn2bin(qBn, qReturned)), 0);
ExpectIntEQ(qSz, sizeof(qExpected));
ExpectIntEQ(XMEMCMP(qExpected, qReturned, qSz), 0);
ExpectIntGT((gSz = wolfSSL_BN_num_bytes(gBn)), 0);
ExpectNotNull(gReturned = (byte*)XMALLOC(gSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntGT((gSz = wolfSSL_BN_bn2bin(gBn, gReturned)), 0);
ExpectIntEQ(gSz, sizeof(gExpected));
ExpectIntEQ(XMEMCMP(gExpected, gReturned, gSz), 0);
wolfSSL_DH_free(dh);
XFREE(pReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(gReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(qReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_DHparams(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO) && \
!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH* dh = NULL;
BIO* bio = NULL;
XFILE fp = XBADFILE;
byte pem[2048];
int pemSz = 0;
const char expected[] =
"-----BEGIN DH PARAMETERS-----\n"
"MIIBCAKCAQEAsKEIBpwIE7pZBjy8MNX1AMFPRKfW70rGJScc6NKWUwpckd2iwpSE\n"
"v32yRJ+b0sGKxb5yXKfnkebUn3MHhVtmSMdw+rTuAsk9mkraPcFGPhlp0RdGB6NN\n"
"nyuWFzltMI0q85TTdc+gdebykh8acAWqBINXMPvadpM4UOgn/WPuPOW3yAmub1A1\n"
"joTOSgDpEn5aMdcz/CETdswWMNsM/MVipzW477ewrMA29tnJRkj5QJAAKxuqbOMa\n"
"wwsDnhvCRuRITiJzb8Nf1JrWMAdI1oyQq9T28eNI01hLprnNKb9oHwhLY4YvXGvW\n"
"tgZl96bcAGdru8OpQYP7x/rI4h5+rwA/kwIBAg==\n"
"-----END DH PARAMETERS-----\n";
const char badPem[] =
"-----BEGIN DH PARAMETERS-----\n"
"-----END DH PARAMETERS-----\n";
const char emptySeqPem[] =
"-----BEGIN DH PARAMETERS-----\n"
"MAA=\n"
"-----END DH PARAMETERS-----\n";
ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE);
ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
ExpectNull(PEM_read_bio_DHparams(NULL, NULL, NULL, NULL));
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
ExpectIntEQ(BIO_write(bio, badPem, (int)sizeof(badPem)),
(int)sizeof(badPem));
ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
ExpectIntEQ(BIO_write(bio, emptySeqPem, (int)sizeof(emptySeqPem)),
(int)sizeof(emptySeqPem));
ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ExpectIntEQ(BIO_write(bio, pem, pemSz), pemSz);
ExpectNotNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
ExpectNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb"));
ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS);
ExpectIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE);
DH_free(dh);
dh = NULL;
dh = wolfSSL_DH_new();
ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE);
if (fp != XBADFILE) {
XFCLOSE(fp);
fp = XBADFILE;
}
wolfSSL_DH_free(dh);
dh = NULL;
/* check results */
XMEMSET(pem, 0, sizeof(pem));
ExpectTrue((fp = XFOPEN("./test-write-dhparams.pem", "rb")) != XBADFILE);
ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
ExpectIntEQ(XMEMCMP(pem, expected, pemSz), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_DHparams(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
#if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072))
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
#ifdef HAVE_FFDHE_2048
const char* params1 = "./certs/dh2048.der";
#endif
#ifdef HAVE_FFDHE_3072
const char* params2 = "./certs/dh3072.der";
#endif
long len = 0;
WOLFSSL_DH* dh = NULL;
XMEMSET(buf, 0, sizeof(buf));
/* Test 2048 bit parameters */
#ifdef HAVE_FFDHE_2048
ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
/* Valid case */
ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectNotNull(dh->p);
ExpectNotNull(dh->g);
ExpectTrue(pt == buf);
ExpectIntEQ(DH_set_length(NULL, BN_num_bits(dh->p)), 0);
ExpectIntEQ(DH_set_length(dh, BN_num_bits(dh->p)), 1);
ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
/* Invalid cases */
ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, 10));
DH_free(dh);
dh = NULL;
*buf = 0;
pt = buf;
#endif /* HAVE_FFDHE_2048 */
/* Test 3072 bit parameters */
#ifdef HAVE_FFDHE_3072
ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
/* Valid case */
ExpectNotNull(dh = wolfSSL_d2i_DHparams(&dh, &pt, len));
ExpectNotNull(dh->p);
ExpectNotNull(dh->g);
ExpectTrue(pt != buf);
ExpectIntEQ(DH_generate_key(dh), 1);
/* Invalid cases */
ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
DH_free(dh);
dh = NULL;
#endif /* HAVE_FFDHE_3072 */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_DH */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_DH_LoadDer(void)
{
EXPECT_DECLS;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) && \
defined(OPENSSL_EXTRA)
static const byte dh2048[] = {
0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01,
0x00, 0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13,
0xba, 0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5,
0x00, 0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a,
0xc6, 0x25, 0x27, 0x1c, 0xe8, 0xd2, 0x96, 0x53,
0x0a, 0x5c, 0x91, 0xdd, 0xa2, 0xc2, 0x94, 0x84,
0xbf, 0x7d, 0xb2, 0x44, 0x9f, 0x9b, 0xd2, 0xc1,
0x8a, 0xc5, 0xbe, 0x72, 0x5c, 0xa7, 0xe7, 0x91,
0xe6, 0xd4, 0x9f, 0x73, 0x07, 0x85, 0x5b, 0x66,
0x48, 0xc7, 0x70, 0xfa, 0xb4, 0xee, 0x02, 0xc9,
0x3d, 0x9a, 0x4a, 0xda, 0x3d, 0xc1, 0x46, 0x3e,
0x19, 0x69, 0xd1, 0x17, 0x46, 0x07, 0xa3, 0x4d,
0x9f, 0x2b, 0x96, 0x17, 0x39, 0x6d, 0x30, 0x8d,
0x2a, 0xf3, 0x94, 0xd3, 0x75, 0xcf, 0xa0, 0x75,
0xe6, 0xf2, 0x92, 0x1f, 0x1a, 0x70, 0x05, 0xaa,
0x04, 0x83, 0x57, 0x30, 0xfb, 0xda, 0x76, 0x93,
0x38, 0x50, 0xe8, 0x27, 0xfd, 0x63, 0xee, 0x3c,
0xe5, 0xb7, 0xc8, 0x09, 0xae, 0x6f, 0x50, 0x35,
0x8e, 0x84, 0xce, 0x4a, 0x00, 0xe9, 0x12, 0x7e,
0x5a, 0x31, 0xd7, 0x33, 0xfc, 0x21, 0x13, 0x76,
0xcc, 0x16, 0x30, 0xdb, 0x0c, 0xfc, 0xc5, 0x62,
0xa7, 0x35, 0xb8, 0xef, 0xb7, 0xb0, 0xac, 0xc0,
0x36, 0xf6, 0xd9, 0xc9, 0x46, 0x48, 0xf9, 0x40,
0x90, 0x00, 0x2b, 0x1b, 0xaa, 0x6c, 0xe3, 0x1a,
0xc3, 0x0b, 0x03, 0x9e, 0x1b, 0xc2, 0x46, 0xe4,
0x48, 0x4e, 0x22, 0x73, 0x6f, 0xc3, 0x5f, 0xd4,
0x9a, 0xd6, 0x30, 0x07, 0x48, 0xd6, 0x8c, 0x90,
0xab, 0xd4, 0xf6, 0xf1, 0xe3, 0x48, 0xd3, 0x58,
0x4b, 0xa6, 0xb9, 0xcd, 0x29, 0xbf, 0x68, 0x1f,
0x08, 0x4b, 0x63, 0x86, 0x2f, 0x5c, 0x6b, 0xd6,
0xb6, 0x06, 0x65, 0xf7, 0xa6, 0xdc, 0x00, 0x67,
0x6b, 0xbb, 0xc3, 0xa9, 0x41, 0x83, 0xfb, 0xc7,
0xfa, 0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f,
0x93, 0x02, 0x01, 0x02
};
WOLFSSL_DH* dh = NULL;
ExpectNotNull(dh = wolfSSL_DH_new());
ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, NULL, 0), -1);
ExpectIntEQ(wolfSSL_DH_LoadDer(dh, NULL, 0), -1);
ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, dh2048, sizeof(dh2048)), -1);
ExpectIntEQ(wolfSSL_DH_LoadDer(dh, dh2048, sizeof(dh2048)), 1);
wolfSSL_DH_free(dh);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_DHparams(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
#if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072))
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt;
unsigned char* pt2;
#ifdef HAVE_FFDHE_2048
const char* params1 = "./certs/dh2048.der";
#endif
#ifdef HAVE_FFDHE_3072
const char* params2 = "./certs/dh3072.der";
#endif
long len = 0;
WOLFSSL_DH* dh = NULL;
/* Test 2048 bit parameters */
#ifdef HAVE_FFDHE_2048
pt = buf;
pt2 = buf;
ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
/* Valid case */
ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectTrue(pt == buf);
ExpectIntEQ(DH_generate_key(dh), 1);
ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 268);
/* Invalid case */
ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
/* Return length only */
ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268);
DH_free(dh);
dh = NULL;
*buf = 0;
#endif
/* Test 3072 bit parameters */
#ifdef HAVE_FFDHE_3072
pt = buf;
pt2 = buf;
ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE) {
XFCLOSE(f);
f = XBADFILE;
}
/* Valid case */
ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectTrue(pt == buf);
ExpectIntEQ(DH_generate_key(dh), 1);
ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 396);
/* Invalid case */
ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
/* Return length only */
ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396);
DH_free(dh);
dh = NULL;
#endif
dh = DH_new();
ExpectNotNull(dh);
pt2 = buf;
ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0);
DH_free(dh);
dh = NULL;
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_DH && (HAVE_FFDHE_2048 || HAVE_FFDHE_3072) */
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_ECC) && !defined(OPENSSL_NO_PK)
/*----------------------------------------------------------------------------*
| EC
*----------------------------------------------------------------------------*/
static int test_wolfSSL_EC_GROUP(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
EC_GROUP *group = NULL;
EC_GROUP *group2 = NULL;
EC_GROUP *group3 = NULL;
#ifndef HAVE_ECC_BRAINPOOL
EC_GROUP *group4 = NULL;
#endif
WOLFSSL_BIGNUM* order = NULL;
int group_bits;
int i;
static const int knownEccNids[] = {
NID_X9_62_prime192v1,
NID_X9_62_prime192v2,
NID_X9_62_prime192v3,
NID_X9_62_prime239v1,
NID_X9_62_prime239v2,
NID_X9_62_prime239v3,
NID_X9_62_prime256v1,
NID_secp112r1,
NID_secp112r2,
NID_secp128r1,
NID_secp128r2,
NID_secp160r1,
NID_secp160r2,
NID_secp224r1,
NID_secp384r1,
NID_secp521r1,
NID_secp160k1,
NID_secp192k1,
NID_secp224k1,
NID_secp256k1,
NID_brainpoolP160r1,
NID_brainpoolP192r1,
NID_brainpoolP224r1,
NID_brainpoolP256r1,
NID_brainpoolP320r1,
NID_brainpoolP384r1,
NID_brainpoolP512r1,
};
int knowEccNidsLen = (int)(sizeof(knownEccNids) / sizeof(*knownEccNids));
static const int knownEccEnums[] = {
ECC_SECP192R1,
ECC_PRIME192V2,
ECC_PRIME192V3,
ECC_PRIME239V1,
ECC_PRIME239V2,
ECC_PRIME239V3,
ECC_SECP256R1,
ECC_SECP112R1,
ECC_SECP112R2,
ECC_SECP128R1,
ECC_SECP128R2,
ECC_SECP160R1,
ECC_SECP160R2,
ECC_SECP224R1,
ECC_SECP384R1,
ECC_SECP521R1,
ECC_SECP160K1,
ECC_SECP192K1,
ECC_SECP224K1,
ECC_SECP256K1,
ECC_BRAINPOOLP160R1,
ECC_BRAINPOOLP192R1,
ECC_BRAINPOOLP224R1,
ECC_BRAINPOOLP256R1,
ECC_BRAINPOOLP320R1,
ECC_BRAINPOOLP384R1,
ECC_BRAINPOOLP512R1,
};
int knowEccEnumsLen = (int)(sizeof(knownEccEnums) / sizeof(*knownEccEnums));
ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
ExpectNotNull(group2 = EC_GROUP_dup(group));
ExpectNotNull(group3 = wolfSSL_EC_GROUP_new_by_curve_name(NID_secp384r1));
#ifndef HAVE_ECC_BRAINPOOL
ExpectNotNull(group4 = wolfSSL_EC_GROUP_new_by_curve_name(
NID_brainpoolP256r1));
#endif
ExpectNull(EC_GROUP_dup(NULL));
ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(NULL), 0);
ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
ExpectIntEQ((group_bits = EC_GROUP_order_bits(NULL)), 0);
ExpectIntEQ((group_bits = EC_GROUP_order_bits(group)), 256);
#ifndef HAVE_ECC_BRAINPOOL
ExpectIntEQ((group_bits = EC_GROUP_order_bits(group4)), 0);
#endif
ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(NULL), 0);
ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(group), 256);
ExpectNotNull(order = BN_new());
ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, order, NULL), 0);
ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, order, NULL), 1);
wolfSSL_BN_free(order);
ExpectNotNull(EC_GROUP_method_of(group));
ExpectIntEQ(EC_METHOD_get_field_type(NULL), 0);
ExpectIntEQ(EC_METHOD_get_field_type(EC_GROUP_method_of(group)),
NID_X9_62_prime_field);
ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, NULL, NULL), -1);
ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, NULL, NULL), -1);
ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, group, NULL), -1);
ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, group3, NULL), 1);
#ifndef NO_WOLFSSL_STUB
wolfSSL_EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
#endif
#ifndef HAVE_ECC_BRAINPOOL
EC_GROUP_free(group4);
#endif
EC_GROUP_free(group3);
EC_GROUP_free(group2);
EC_GROUP_free(group);
for (i = 0; i < knowEccNidsLen; i++) {
group = NULL;
ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccNids[i]));
ExpectIntGT(wolfSSL_EC_GROUP_get_degree(group), 0);
EC_GROUP_free(group);
}
for (i = 0; i < knowEccEnumsLen; i++) {
group = NULL;
ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccEnums[i]));
ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), knownEccNids[i]);
EC_GROUP_free(group);
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_bio_ECPKParameters(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && !defined(NO_BIO)
EC_GROUP *group = NULL;
BIO* bio = NULL;
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP)
EC_GROUP *ret = NULL;
static char ec_nc_p384[] = "-----BEGIN EC PARAMETERS-----\n"
"BgUrgQQAIg==\n"
"-----END EC PARAMETERS-----";
#endif
static char ec_nc_bad_1[] = "-----BEGIN EC PARAMETERS-----\n"
"MAA=\n"
"-----END EC PARAMETERS-----";
static char ec_nc_bad_2[] = "-----BEGIN EC PARAMETERS-----\n"
"BgA=\n"
"-----END EC PARAMETERS-----";
static char ec_nc_bad_3[] = "-----BEGIN EC PARAMETERS-----\n"
"BgE=\n"
"-----END EC PARAMETERS-----";
static char ec_nc_bad_4[] = "-----BEGIN EC PARAMETERS-----\n"
"BgE*\n"
"-----END EC PARAMETERS-----";
/* Test that first parameter, bio, being NULL fails. */
ExpectNull(PEM_read_bio_ECPKParameters(NULL, NULL, NULL, NULL));
/* Test that reading named parameters works. */
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntEQ(BIO_read_filename(bio, eccKeyFile), WOLFSSL_SUCCESS);
ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
BIO_free(bio);
bio = NULL;
EC_GROUP_free(group);
group = NULL;
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP)
/* Test that reusing group works. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
sizeof(ec_nc_p384)));
ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
BIO_free(bio);
bio = NULL;
EC_GROUP_free(group);
group = NULL;
/* Test that returning through group works. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
sizeof(ec_nc_p384)));
ExpectNotNull(ret = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
ExpectIntEQ(group == ret, 1);
ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
BIO_free(bio);
bio = NULL;
EC_GROUP_free(group);
group = NULL;
#endif
/* Test 0x30, 0x00 (not and object id) fails. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_1,
sizeof(ec_nc_bad_1)));
ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
/* Test 0x06, 0x00 (empty object id) fails. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_2,
sizeof(ec_nc_bad_2)));
ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
/* Test 0x06, 0x01 (badly formed object id) fails. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_3,
sizeof(ec_nc_bad_3)));
ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
/* Test invalid PEM encoding - invalid character. */
ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_4,
sizeof(ec_nc_bad_4)));
ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_POINT(void)
{
EXPECT_DECLS;
#if !defined(WOLFSSL_SP_MATH) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
#ifdef OPENSSL_EXTRA
BN_CTX* ctx = NULL;
EC_GROUP* group = NULL;
#ifndef HAVE_ECC_BRAINPOOL
EC_GROUP* group2 = NULL;
#endif
EC_POINT* Gxy = NULL;
EC_POINT* new_point = NULL;
EC_POINT* set_point = NULL;
EC_POINT* get_point = NULL;
EC_POINT* infinity = NULL;
BIGNUM* k = NULL;
BIGNUM* Gx = NULL;
BIGNUM* Gy = NULL;
BIGNUM* Gz = NULL;
BIGNUM* X = NULL;
BIGNUM* Y = NULL;
BIGNUM* set_point_bn = NULL;
char* hexStr = NULL;
const char* kTest = "F4F8338AFCC562C5C3F3E1E46A7EFECD"
"17AF381913FF7A96314EA47055EA0FD0";
/* NISTP256R1 Gx/Gy */
const char* kGx = "6B17D1F2E12C4247F8BCE6E563A440F2"
"77037D812DEB33A0F4A13945D898C296";
const char* kGy = "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16"
"2BCE33576B315ECECBB6406837BF51F5";
const char* uncompG
= "046B17D1F2E12C4247F8BCE6E563A440F2"
"77037D812DEB33A0F4A13945D898C296"
"4FE342E2FE1A7F9B8EE7EB4A7C0F9E16"
"2BCE33576B315ECECBB6406837BF51F5";
const char* compG
= "036B17D1F2E12C4247F8BCE6E563A440F2"
"77037D812DEB33A0F4A13945D898C296";
#ifndef HAVE_SELFTEST
EC_POINT *tmp = NULL;
size_t bin_len;
unsigned int blen = 0;
unsigned char* buf = NULL;
unsigned char bufInf[1] = { 0x00 };
const unsigned char binUncompG[] = {
0x04, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc,
0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d,
0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb,
0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31,
0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
};
const unsigned char binUncompGBad[] = {
0x09, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc,
0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d,
0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb,
0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31,
0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
};
#ifdef HAVE_COMP_KEY
const unsigned char binCompG[] = {
0x03, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc,
0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d,
0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
};
#endif
#endif
ExpectNotNull(ctx = BN_CTX_new());
ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
#ifndef HAVE_ECC_BRAINPOOL
/* Used to make groups curve_idx == -1. */
ExpectNotNull(group2 = EC_GROUP_new_by_curve_name(NID_brainpoolP256r1));
#endif
ExpectNull(EC_POINT_new(NULL));
ExpectNotNull(Gxy = EC_POINT_new(group));
ExpectNotNull(new_point = EC_POINT_new(group));
ExpectNotNull(set_point = EC_POINT_new(group));
ExpectNotNull(X = BN_new());
ExpectNotNull(Y = BN_new());
ExpectNotNull(set_point_bn = BN_new());
ExpectNotNull(infinity = EC_POINT_new(group));
/* load test values */
ExpectIntEQ(BN_hex2bn(&k, kTest), WOLFSSL_SUCCESS);
ExpectIntEQ(BN_hex2bn(&Gx, kGx), WOLFSSL_SUCCESS);
ExpectIntEQ(BN_hex2bn(&Gy, kGy), WOLFSSL_SUCCESS);
ExpectIntEQ(BN_hex2bn(&Gz, "1"), WOLFSSL_SUCCESS);
/* populate coordinates for input point */
if (Gxy != NULL) {
Gxy->X = Gx;
Gxy->Y = Gy;
Gxy->Z = Gz;
}
/* Test handling of NULL point. */
EC_POINT_clear_free(NULL);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
NULL, NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
NULL, NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
NULL, NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
X, NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
NULL, Y, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
X, Y, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
X, Y, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
NULL, Y, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
X, NULL, ctx), 0);
/* Getting point at infinity returns an error. */
ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, infinity,
X, Y, ctx), 0);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_add(group, NULL, NULL, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_add(NULL, new_point, NULL, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_add(NULL, NULL, new_point, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, Gxy, ctx), 0);
ExpectIntEQ(EC_POINT_add(NULL, new_point, new_point, Gxy, ctx), 0);
ExpectIntEQ(EC_POINT_add(group, NULL, new_point, Gxy, ctx), 0);
ExpectIntEQ(EC_POINT_add(group, new_point, NULL, Gxy, ctx), 0);
ExpectIntEQ(EC_POINT_add(group, new_point, new_point, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_mul(NULL, NULL, Gx, Gxy, k, ctx), 0);
ExpectIntEQ(EC_POINT_mul(NULL, new_point, Gx, Gxy, k, ctx), 0);
ExpectIntEQ(EC_POINT_mul(group, NULL, Gx, Gxy, k, ctx), 0);
ExpectIntEQ(EC_POINT_add(group, new_point, new_point, Gxy, ctx), 1);
/* perform point multiplication */
ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, Gxy, k, ctx), 1);
ExpectIntEQ(BN_is_zero(new_point->X), 0);
ExpectIntEQ(BN_is_zero(new_point->Y), 0);
ExpectIntEQ(BN_is_zero(new_point->Z), 0);
ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), 1);
ExpectIntEQ(BN_is_zero(new_point->X), 0);
ExpectIntEQ(BN_is_zero(new_point->Y), 0);
ExpectIntEQ(BN_is_zero(new_point->Z), 0);
ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, NULL, NULL, ctx), 1);
ExpectIntEQ(BN_is_zero(new_point->X), 0);
ExpectIntEQ(BN_is_zero(new_point->Y), 0);
ExpectIntEQ(BN_is_zero(new_point->Z), 0);
ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, NULL, NULL, ctx), 1);
ExpectIntEQ(BN_is_zero(new_point->X), 1);
ExpectIntEQ(BN_is_zero(new_point->Y), 1);
ExpectIntEQ(BN_is_zero(new_point->Z), 1);
/* Set point to something. */
ExpectIntEQ(EC_POINT_add(group, new_point, Gxy, Gxy, ctx), 1);
#else
ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, new_point, Gx, Gy,
ctx), 1);
ExpectIntEQ(BN_is_zero(new_point->X), 0);
ExpectIntEQ(BN_is_zero(new_point->Y), 0);
ExpectIntEQ(BN_is_zero(new_point->Z), 0);
#endif
/* check if point X coordinate is zero */
ExpectIntEQ(BN_is_zero(new_point->X), 0);
#if defined(USE_ECC_B_PARAM) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
ExpectIntEQ(EC_POINT_is_on_curve(group, new_point, ctx), 1);
#endif
/* extract the coordinates from point */
ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
ctx), WOLFSSL_SUCCESS);
/* check if point X coordinate is zero */
ExpectIntEQ(BN_is_zero(X), WOLFSSL_FAILURE);
/* set the same X and Y points in another object */
ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, set_point, X, Y,
ctx), WOLFSSL_SUCCESS);
/* compare points as they should be the same */
ExpectIntEQ(EC_POINT_cmp(NULL, NULL, NULL, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(group, NULL, NULL, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(NULL, new_point, NULL, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(NULL, NULL, set_point, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(NULL, new_point, set_point, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(group, NULL, set_point, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(group, new_point, NULL, ctx), -1);
ExpectIntEQ(EC_POINT_cmp(group, new_point, set_point, ctx), 0);
/* Test copying */
ExpectIntEQ(EC_POINT_copy(NULL, NULL), 0);
ExpectIntEQ(EC_POINT_copy(NULL, set_point), 0);
ExpectIntEQ(EC_POINT_copy(new_point, NULL), 0);
ExpectIntEQ(EC_POINT_copy(new_point, set_point), 1);
/* Test inverting */
ExpectIntEQ(EC_POINT_invert(NULL, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_invert(NULL, new_point, ctx), 0);
ExpectIntEQ(EC_POINT_invert(group, NULL, ctx), 0);
ExpectIntEQ(EC_POINT_invert(group, new_point, ctx), 1);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
{
EC_POINT* orig_point = NULL;
ExpectNotNull(orig_point = EC_POINT_new(group));
ExpectIntEQ(EC_POINT_add(group, orig_point, set_point, set_point, NULL),
1);
/* new_point should be set_point inverted so adding it will revert
* the point back to set_point */
ExpectIntEQ(EC_POINT_add(group, orig_point, orig_point, new_point,
NULL), 1);
ExpectIntEQ(EC_POINT_cmp(group, orig_point, set_point, NULL), 0);
EC_POINT_free(orig_point);
}
#endif
/* Test getting affine converts from projective. */
ExpectIntEQ(EC_POINT_copy(set_point, new_point), 1);
/* Force non-affine coordinates */
ExpectIntEQ(BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
(WOLFSSL_BIGNUM*)BN_value_one()), 1);
if (new_point != NULL) {
new_point->inSet = 0;
}
/* extract the coordinates from point */
ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
ctx), WOLFSSL_SUCCESS);
/* check if point ordinates have changed. */
ExpectIntNE(BN_cmp(X, set_point->X), 0);
ExpectIntNE(BN_cmp(Y, set_point->Y), 0);
/* Test check for infinity */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
ExpectIntEQ(EC_POINT_is_at_infinity(NULL, NULL), 0);
ExpectIntEQ(EC_POINT_is_at_infinity(NULL, infinity), 0);
ExpectIntEQ(EC_POINT_is_at_infinity(group, NULL), 0);
ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 1);
ExpectIntEQ(EC_POINT_is_at_infinity(group, Gxy), 0);
#else
ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 0);
#endif
ExpectPtrEq(EC_POINT_point2bn(group, set_point,
POINT_CONVERSION_UNCOMPRESSED, set_point_bn, ctx), set_point_bn);
/* check bn2hex */
hexStr = BN_bn2hex(k);
ExpectStrEQ(hexStr, kTest);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \
defined(XFPRINTF)
BN_print_fp(stderr, k);
fprintf(stderr, "\n");
#endif
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = BN_bn2hex(Gx);
ExpectStrEQ(hexStr, kGx);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \
defined(XFPRINTF)
BN_print_fp(stderr, Gx);
fprintf(stderr, "\n");
#endif
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = BN_bn2hex(Gy);
ExpectStrEQ(hexStr, kGy);
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \
defined(XFPRINTF)
BN_print_fp(stderr, Gy);
fprintf(stderr, "\n");
#endif
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
/* Test point to hex */
ExpectNull(EC_POINT_point2hex(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
ctx));
ExpectNull(EC_POINT_point2hex(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
ctx));
ExpectNull(EC_POINT_point2hex(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
ctx));
#ifndef HAVE_ECC_BRAINPOOL
/* Group not supported in wolfCrypt. */
ExpectNull(EC_POINT_point2hex(group2, Gxy, POINT_CONVERSION_UNCOMPRESSED,
ctx));
#endif
hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx);
ExpectNotNull(hexStr);
ExpectStrEQ(hexStr, uncompG);
ExpectNotNull(get_point = EC_POINT_hex2point(group, hexStr, NULL, ctx));
ExpectIntEQ(EC_POINT_cmp(group, Gxy, get_point, ctx), 0);
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_COMPRESSED, ctx);
ExpectNotNull(hexStr);
ExpectStrEQ(hexStr, compG);
#ifdef HAVE_COMP_KEY
ExpectNotNull(get_point = EC_POINT_hex2point
(group, hexStr, get_point, ctx));
ExpectIntEQ(EC_POINT_cmp(group, Gxy, get_point, ctx), 0);
#endif
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
EC_POINT_free(get_point);
#ifndef HAVE_SELFTEST
/* Test point to oct */
ExpectIntEQ(EC_POINT_point2oct(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx), 0);
ExpectIntEQ(EC_POINT_point2oct(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx), 0);
ExpectIntEQ(EC_POINT_point2oct(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx), 0);
bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx);
ExpectIntEQ(bin_len, sizeof(binUncompG));
ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
DYNAMIC_TYPE_ECC));
ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
buf, bin_len, ctx), bin_len);
ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
/* Infinity (x=0, y=0) encodes as '0x00'. */
ExpectIntEQ(EC_POINT_point2oct(group, infinity,
POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 1);
ExpectIntEQ(EC_POINT_point2oct(group, infinity,
POINT_CONVERSION_UNCOMPRESSED, bufInf, 0, ctx), 0);
ExpectIntEQ(EC_POINT_point2oct(group, infinity,
POINT_CONVERSION_UNCOMPRESSED, bufInf, 1, ctx), 1);
ExpectIntEQ(bufInf[0], 0);
wolfSSL_EC_POINT_dump(NULL, NULL);
/* Test point i2d */
ExpectIntEQ(ECPoint_i2d(NULL, NULL, NULL, &blen), 0);
ExpectIntEQ(ECPoint_i2d(NULL, Gxy, NULL, &blen), 0);
ExpectIntEQ(ECPoint_i2d(group, NULL, NULL, &blen), 0);
ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, NULL), 0);
ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, &blen), 1);
ExpectIntEQ(blen, sizeof(binUncompG));
ExpectNotNull(buf = (unsigned char*)XMALLOC(blen, NULL, DYNAMIC_TYPE_ECC));
blen -= 1;
ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 0);
blen += 1;
ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 1);
ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
#ifdef HAVE_COMP_KEY
/* Test point to oct compressed */
bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, NULL,
0, ctx);
ExpectIntEQ(bin_len, sizeof(binCompG));
ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
DYNAMIC_TYPE_ECC));
ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, buf,
bin_len, ctx), bin_len);
ExpectIntEQ(XMEMCMP(buf, binCompG, sizeof(binCompG)), 0);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
#endif
/* Test point BN */
ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, NULL,
POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, Gxy,
POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
ExpectNull(wolfSSL_EC_POINT_point2bn(group, NULL,
POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
ExpectNull(wolfSSL_EC_POINT_point2bn(group, Gxy, 0, NULL, ctx));
/* Test oct to point */
ExpectNotNull(tmp = EC_POINT_new(group));
ExpectIntEQ(EC_POINT_oct2point(NULL, NULL, binUncompG, sizeof(binUncompG),
ctx), 0);
ExpectIntEQ(EC_POINT_oct2point(NULL, tmp, binUncompG, sizeof(binUncompG),
ctx), 0);
ExpectIntEQ(EC_POINT_oct2point(group, NULL, binUncompG, sizeof(binUncompG),
ctx), 0);
ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompGBad,
sizeof(binUncompGBad), ctx), 0);
ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompG, sizeof(binUncompG),
ctx), 1);
ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
tmp = NULL;
/* Test setting BN ordinates. */
ExpectNotNull(tmp = EC_POINT_new(group));
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, NULL,
NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, NULL,
NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, Gx,
NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
Gy, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, Gx, Gy,
ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, Gx, Gy,
ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, NULL,
Gy, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx,
NULL, ctx), 0);
ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, Gy,
ctx), 1);
EC_POINT_free(tmp);
tmp = NULL;
/* Test point d2i */
ExpectNotNull(tmp = EC_POINT_new(group));
ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, NULL), 0);
ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, NULL), 0);
ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, NULL), 0);
ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, tmp), 0);
ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, tmp), 0);
ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, tmp), 0);
ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, NULL), 0);
ExpectIntEQ(ECPoint_d2i(binUncompGBad, sizeof(binUncompG), group, tmp), 0);
ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, tmp), 1);
ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
tmp = NULL;
#ifdef HAVE_COMP_KEY
/* Test oct compressed to point */
ExpectNotNull(tmp = EC_POINT_new(group));
ExpectIntEQ(EC_POINT_oct2point(group, tmp, binCompG, sizeof(binCompG), ctx),
1);
ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
tmp = NULL;
/* Test point d2i - compressed */
ExpectNotNull(tmp = EC_POINT_new(group));
ExpectIntEQ(ECPoint_d2i(binCompG, sizeof(binCompG), group, tmp), 1);
ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
tmp = NULL;
#endif
#endif
/* test BN_mod_add */
ExpectIntEQ(BN_mod_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
(WOLFSSL_BIGNUM*)BN_value_one(), (WOLFSSL_BIGNUM*)BN_value_one(), NULL),
1);
ExpectIntEQ(BN_is_zero(new_point->Z), 1);
/* cleanup */
BN_free(X);
BN_free(Y);
BN_free(k);
BN_free(set_point_bn);
EC_POINT_free(infinity);
EC_POINT_free(new_point);
EC_POINT_free(set_point);
EC_POINT_clear_free(Gxy);
#ifndef HAVE_ECC_BRAINPOOL
EC_GROUP_free(group2);
#endif
EC_GROUP_free(group);
BN_CTX_free(ctx);
#endif
#endif /* !WOLFSSL_SP_MATH && ( !HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
return EXPECT_RESULT();
}
static int test_wolfSSL_SPAKE(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(WOLFSSL_ATECC508A) \
&& !defined(WOLFSSL_ATECC608A) && !defined(HAVE_SELFTEST) && \
!defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
BIGNUM* x = NULL; /* kdc priv */
BIGNUM* y = NULL; /* client priv */
BIGNUM* w = NULL; /* shared value */
byte M_bytes[] = {
/* uncompressed */
0x04,
/* x */
0x88, 0x6e, 0x2f, 0x97, 0xac, 0xe4, 0x6e, 0x55, 0xba, 0x9d, 0xd7, 0x24,
0x25, 0x79, 0xf2, 0x99, 0x3b, 0x64, 0xe1, 0x6e, 0xf3, 0xdc, 0xab, 0x95,
0xaf, 0xd4, 0x97, 0x33, 0x3d, 0x8f, 0xa1, 0x2f,
/* y */
0x5f, 0xf3, 0x55, 0x16, 0x3e, 0x43, 0xce, 0x22, 0x4e, 0x0b, 0x0e, 0x65,
0xff, 0x02, 0xac, 0x8e, 0x5c, 0x7b, 0xe0, 0x94, 0x19, 0xc7, 0x85, 0xe0,
0xca, 0x54, 0x7d, 0x55, 0xa1, 0x2e, 0x2d, 0x20
};
EC_POINT* M = NULL; /* shared value */
byte N_bytes[] = {
/* uncompressed */
0x04,
/* x */
0xd8, 0xbb, 0xd6, 0xc6, 0x39, 0xc6, 0x29, 0x37, 0xb0, 0x4d, 0x99, 0x7f,
0x38, 0xc3, 0x77, 0x07, 0x19, 0xc6, 0x29, 0xd7, 0x01, 0x4d, 0x49, 0xa2,
0x4b, 0x4f, 0x98, 0xba, 0xa1, 0x29, 0x2b, 0x49,
/* y */
0x07, 0xd6, 0x0a, 0xa6, 0xbf, 0xad, 0xe4, 0x50, 0x08, 0xa6, 0x36, 0x33,
0x7f, 0x51, 0x68, 0xc6, 0x4d, 0x9b, 0xd3, 0x60, 0x34, 0x80, 0x8c, 0xd5,
0x64, 0x49, 0x0b, 0x1e, 0x65, 0x6e, 0xdb, 0xe7
};
EC_POINT* N = NULL; /* shared value */
EC_POINT* T = NULL; /* kdc pub */
EC_POINT* tmp1 = NULL; /* kdc pub */
EC_POINT* tmp2 = NULL; /* kdc pub */
EC_POINT* S = NULL; /* client pub */
EC_POINT* client_secret = NULL;
EC_POINT* kdc_secret = NULL;
EC_GROUP* group = NULL;
BN_CTX* bn_ctx = NULL;
/* Values taken from a test run of Kerberos 5 */
ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
ExpectNotNull(bn_ctx = BN_CTX_new());
ExpectNotNull(M = EC_POINT_new(group));
ExpectNotNull(N = EC_POINT_new(group));
ExpectNotNull(T = EC_POINT_new(group));
ExpectNotNull(tmp1 = EC_POINT_new(group));
ExpectNotNull(tmp2 = EC_POINT_new(group));
ExpectNotNull(S = EC_POINT_new(group));
ExpectNotNull(client_secret = EC_POINT_new(group));
ExpectNotNull(kdc_secret = EC_POINT_new(group));
ExpectIntEQ(BN_hex2bn(&x, "DAC3027CD692B4BDF0EDFE9B7D0E4E7"
"E5D8768A725EAEEA6FC68EC239A17C0"), 1);
ExpectIntEQ(BN_hex2bn(&y, "6F6A1D394E26B1655A54B26DCE30D49"
"90CC47EBE08F809EF3FF7F6AEAABBB5"), 1);
ExpectIntEQ(BN_hex2bn(&w, "1D992AB8BA851B9BA05353453D81EE9"
"506AB395478F0AAB647752CF117B36250"), 1);
ExpectIntEQ(EC_POINT_oct2point(group, M, M_bytes, sizeof(M_bytes), bn_ctx),
1);
ExpectIntEQ(EC_POINT_oct2point(group, N, N_bytes, sizeof(N_bytes), bn_ctx),
1);
/* Function pattern similar to ossl_keygen and ossl_result in krb5 */
/* kdc */
/* T=x*P+w*M */
/* All in one function call */
ExpectIntEQ(EC_POINT_mul(group, T, x, M, w, bn_ctx), 1);
/* Spread into separate calls */
ExpectIntEQ(EC_POINT_mul(group, tmp1, x, NULL, NULL, bn_ctx), 1);
ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, M, w, bn_ctx), 1);
ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx),
1);
ExpectIntEQ(EC_POINT_cmp(group, T, tmp1, bn_ctx), 0);
/* client */
/* S=y*P+w*N */
/* All in one function call */
ExpectIntEQ(EC_POINT_mul(group, S, y, N, w, bn_ctx), 1);
/* Spread into separate calls */
ExpectIntEQ(EC_POINT_mul(group, tmp1, y, NULL, NULL, bn_ctx), 1);
ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, N, w, bn_ctx), 1);
ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx),
1);
ExpectIntEQ(EC_POINT_cmp(group, S, tmp1, bn_ctx), 0);
/* K=y*(T-w*M) */
ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, M, w, bn_ctx), 1);
ExpectIntEQ(EC_POINT_invert(group, client_secret, bn_ctx), 1);
ExpectIntEQ(EC_POINT_add(group, client_secret, T, client_secret, bn_ctx),
1);
ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, client_secret, y,
bn_ctx), 1);
/* kdc */
/* K=x*(S-w*N) */
ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, N, w, bn_ctx), 1);
ExpectIntEQ(EC_POINT_invert(group, kdc_secret, bn_ctx), 1);
ExpectIntEQ(EC_POINT_add(group, kdc_secret, S, kdc_secret, bn_ctx),
1);
ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, kdc_secret, x, bn_ctx),
1);
/* kdc_secret == client_secret */
ExpectIntEQ(EC_POINT_cmp(group, client_secret, kdc_secret, bn_ctx), 0);
BN_free(x);
BN_free(y);
BN_free(w);
EC_POINT_free(M);
EC_POINT_free(N);
EC_POINT_free(T);
EC_POINT_free(tmp1);
EC_POINT_free(tmp2);
EC_POINT_free(S);
EC_POINT_free(client_secret);
EC_POINT_free(kdc_secret);
EC_GROUP_free(group);
BN_CTX_free(bn_ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_generate(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
WOLFSSL_EC_KEY* key = NULL;
#ifndef HAVE_ECC_BRAINPOOL
WOLFSSL_EC_GROUP* group = NULL;
#endif
ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(NULL), 0);
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
wolfSSL_EC_KEY_free(key);
key = NULL;
#ifndef HAVE_ECC_BRAINPOOL
ExpectNotNull(group = wolfSSL_EC_GROUP_new_by_curve_name(
NID_brainpoolP256r1));
ExpectNotNull(key = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_set_group(key, group), 1);
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 0);
wolfSSL_EC_KEY_free(key);
wolfSSL_EC_GROUP_free(group);
#endif
#endif
return EXPECT_RESULT();
}
static int test_EC_i2d(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(HAVE_FIPS)
EC_KEY *key = NULL;
EC_KEY *copy = NULL;
int len = 0;
unsigned char *buf = NULL;
unsigned char *p = NULL;
const unsigned char *tmp = NULL;
const unsigned char octBad[] = {
0x09, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc,
0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d,
0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb,
0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31,
0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
};
ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectIntEQ(EC_KEY_generate_key(key), 1);
ExpectIntGT((len = i2d_EC_PUBKEY(key, NULL)), 0);
ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = buf;
ExpectIntEQ(i2d_EC_PUBKEY(key, &p), len);
ExpectNull(o2i_ECPublicKey(NULL, NULL, -1));
ExpectNull(o2i_ECPublicKey(&copy, NULL, -1));
ExpectNull(o2i_ECPublicKey(&key, NULL, -1));
ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1));
ExpectNull(o2i_ECPublicKey(NULL, NULL, 0));
ExpectNull(o2i_ECPublicKey(&key, NULL, 0));
ExpectNull(o2i_ECPublicKey(&key, &tmp, 0));
tmp = buf;
ExpectNull(o2i_ECPublicKey(NULL, &tmp, 0));
ExpectNull(o2i_ECPublicKey(&copy, &tmp, 0));
ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1));
ExpectNull(o2i_ECPublicKey(&key, &tmp, -1));
ExpectIntEQ(i2o_ECPublicKey(NULL, NULL), 0);
ExpectIntEQ(i2o_ECPublicKey(NULL, &buf), 0);
tmp = buf;
ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 0));
ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 1));
ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 0));
ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 1));
ExpectNull(d2i_ECPrivateKey(&key, &tmp, 0));
ExpectIntEQ(i2d_ECPrivateKey(NULL, &p), 0);
ExpectIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer(NULL, NULL, -1), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, 0), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, -1, 0), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, -1, 0), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, 0, 0), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, len,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, len,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, -1,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, 0), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len,
WOLFSSL_EC_KEY_LOAD_PRIVATE), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
WOLFSSL_EC_KEY_LOAD_PRIVATE), -1);
ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
buf = NULL;
buf = NULL;
ExpectIntGT((len = i2d_ECPrivateKey(key, NULL)), 0);
ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = buf;
ExpectIntEQ(i2d_ECPrivateKey(key, &p), len);
p = NULL;
ExpectIntEQ(i2d_ECPrivateKey(key, &p), len);
XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
p = NULL;
/* Bad point is also an invalid private key. */
tmp = octBad;
ExpectNull(d2i_ECPrivateKey(&copy, &tmp, sizeof(octBad)));
tmp = buf;
ExpectNotNull(d2i_ECPrivateKey(&copy, &tmp, len));
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
buf = NULL;
buf = NULL;
ExpectIntGT((len = i2o_ECPublicKey(key, NULL)), 0);
ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = buf;
ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0);
p = NULL;
ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0);
tmp = buf;
ExpectNotNull(o2i_ECPublicKey(&copy, &tmp, len));
tmp = octBad;
ExpectNull(o2i_ECPublicKey(&key, &tmp, sizeof(octBad)));
ExpectIntEQ(EC_KEY_check_key(NULL), 0);
ExpectIntEQ(EC_KEY_check_key(key), 1);
XFREE(p, NULL, DYNAMIC_TYPE_OPENSSL);
XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL);
EC_KEY_free(key);
EC_KEY_free(copy);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_curve(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
int nid = NID_secp160k1;
const char* nid_name = NULL;
ExpectNull(EC_curve_nid2nist(NID_sha256));
ExpectNotNull(nid_name = EC_curve_nid2nist(nid));
ExpectIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0);
ExpectIntEQ(EC_curve_nist2nid("INVALID"), 0);
ExpectIntEQ(EC_curve_nist2nid(nid_name), nid);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_dup(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS)
WOLFSSL_EC_KEY* ecKey = NULL;
WOLFSSL_EC_KEY* dupKey = NULL;
ecc_key* srcKey = NULL;
ecc_key* destKey = NULL;
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
/* Valid cases */
ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
ExpectIntEQ(EC_KEY_check_key(dupKey), 1);
/* Compare pubkey */
if (ecKey != NULL) {
srcKey = (ecc_key*)ecKey->internal;
}
if (dupKey != NULL) {
destKey = (ecc_key*)dupKey->internal;
}
ExpectIntEQ(wc_ecc_cmp_point(&srcKey->pubkey, &destKey->pubkey), 0);
/* compare EC_GROUP */
ExpectIntEQ(wolfSSL_EC_GROUP_cmp(ecKey->group, dupKey->group, NULL), MP_EQ);
/* compare EC_POINT */
ExpectIntEQ(wolfSSL_EC_POINT_cmp(ecKey->group, ecKey->pub_key, \
dupKey->pub_key, NULL), MP_EQ);
/* compare BIGNUM */
ExpectIntEQ(wolfSSL_BN_cmp(ecKey->priv_key, dupKey->priv_key), MP_EQ);
wolfSSL_EC_KEY_free(dupKey);
dupKey = NULL;
/* Invalid cases */
/* NULL key */
ExpectNull(dupKey = wolfSSL_EC_KEY_dup(NULL));
/* NULL ecc_key */
if (ecKey != NULL) {
wc_ecc_free((ecc_key*)ecKey->internal);
XFREE(ecKey->internal, NULL, DYNAMIC_TYPE_ECC);
ecKey->internal = NULL; /* Set ecc_key to NULL */
}
ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
dupKey = NULL;
/* NULL Group */
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
if (ecKey != NULL) {
wolfSSL_EC_GROUP_free(ecKey->group);
ecKey->group = NULL; /* Set group to NULL */
}
ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
dupKey = NULL;
/* NULL public key */
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
if (ecKey != NULL) {
wc_ecc_del_point((ecc_point*)ecKey->pub_key->internal);
ecKey->pub_key->internal = NULL; /* Set ecc_point to NULL */
}
ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
if (ecKey != NULL) {
wolfSSL_EC_POINT_free(ecKey->pub_key);
ecKey->pub_key = NULL; /* Set pub_key to NULL */
}
ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
dupKey = NULL;
/* NULL private key */
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
if (ecKey != NULL) {
wolfSSL_BN_free(ecKey->priv_key);
ecKey->priv_key = NULL; /* Set priv_key to NULL */
}
ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
dupKey = NULL;
/* Test EC_KEY_up_ref */
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EC_KEY_up_ref(NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EC_KEY_up_ref(ecKey), WOLFSSL_SUCCESS);
/* reference count doesn't follow duplicate */
ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +1 */
ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +2 */
wolfSSL_EC_KEY_free(dupKey); /* 3 */
wolfSSL_EC_KEY_free(dupKey); /* 2 */
wolfSSL_EC_KEY_free(dupKey); /* 1, free */
wolfSSL_EC_KEY_free(ecKey); /* 2 */
wolfSSL_EC_KEY_free(ecKey); /* 1, free */
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_set_group(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \
defined(OPENSSL_EXTRA)
EC_KEY *key = NULL;
EC_GROUP *group = NULL;
const EC_GROUP *group2 = NULL;
ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
ExpectNotNull(key = EC_KEY_new());
ExpectNull(EC_KEY_get0_group(NULL));
ExpectIntEQ(EC_KEY_set_group(NULL, NULL), 0);
ExpectIntEQ(EC_KEY_set_group(key, NULL), 0);
ExpectIntEQ(EC_KEY_set_group(NULL, group), 0);
ExpectIntEQ(EC_KEY_set_group(key, group), WOLFSSL_SUCCESS);
ExpectNotNull(group2 = EC_KEY_get0_group(key));
ExpectIntEQ(EC_GROUP_cmp(group2, group, NULL), 0);
EC_GROUP_free(group);
EC_KEY_free(key);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_set_conv_form(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) && !defined(NO_BIO)
BIO* bio = NULL;
EC_KEY* key = NULL;
/* Error condition: NULL key. */
ExpectIntLT(EC_KEY_get_conv_form(NULL), 0);
ExpectNotNull(bio = BIO_new_file("./certs/ecc-keyPub.pem", "rb"));
ExpectNotNull(key = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
/* Conversion form defaults to uncompressed. */
ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
#ifdef HAVE_COMP_KEY
/* Explicitly set to compressed. */
EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED);
ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_COMPRESSED);
#else
/* Will still work just won't change anything. */
EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED);
ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
EC_KEY_set_conv_form(key, POINT_CONVERSION_UNCOMPRESSED);
ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
#endif
EC_KEY_set_conv_form(NULL, POINT_CONVERSION_UNCOMPRESSED);
BIO_free(bio);
EC_KEY_free(key);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_private_key(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
WOLFSSL_EC_KEY* key = NULL;
WOLFSSL_BIGNUM* priv = NULL;
WOLFSSL_BIGNUM* priv2 = NULL;
WOLFSSL_BIGNUM* bn;
ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectNotNull(priv = wolfSSL_BN_new());
ExpectNotNull(priv2 = wolfSSL_BN_new());
ExpectIntNE(BN_set_word(priv, 2), 0);
ExpectIntNE(BN_set_word(priv2, 2), 0);
ExpectNull(wolfSSL_EC_KEY_get0_private_key(NULL));
/* No private key set. */
ExpectNull(wolfSSL_EC_KEY_get0_private_key(key));
ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, NULL), 0);
ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, priv), 0);
ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv), 1);
ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
ExpectPtrNE(bn, priv);
ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv2), 1);
ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
ExpectPtrNE(bn, priv2);
wolfSSL_BN_free(priv2);
wolfSSL_BN_free(priv);
wolfSSL_EC_KEY_free(key);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_public_key(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
WOLFSSL_EC_KEY* key = NULL;
WOLFSSL_EC_POINT* pub = NULL;
WOLFSSL_EC_POINT* point = NULL;
ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectNull(wolfSSL_EC_KEY_get0_public_key(NULL));
ExpectNotNull(wolfSSL_EC_KEY_get0_public_key(key));
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
ExpectNotNull(pub = wolfSSL_EC_KEY_get0_public_key(key));
ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, NULL), 0);
ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, pub), 0);
ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, pub), 1);
ExpectNotNull(point = wolfSSL_EC_KEY_get0_public_key(key));
ExpectPtrEq(point, pub);
wolfSSL_EC_KEY_free(key);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_print_fp(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && ((defined(HAVE_ECC224) && defined(HAVE_ECC256)) || \
defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 && \
defined(OPENSSL_EXTRA) && defined(XFPRINTF) && !defined(NO_FILESYSTEM) && \
!defined(NO_STDIO_FILESYSTEM)
EC_KEY* key = NULL;
/* Bad file pointer. */
ExpectIntEQ(wolfSSL_EC_KEY_print_fp(NULL, key, 0), WOLFSSL_FAILURE);
/* NULL key. */
ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, NULL, 0), WOLFSSL_FAILURE);
ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(NID_secp224r1)));
/* Negative indent. */
ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, -1), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
wolfSSL_EC_KEY_free(key);
ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(
NID_X9_62_prime256v1)));
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
wolfSSL_EC_KEY_free(key);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EC_get_builtin_curves(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
EC_builtin_curve* curves = NULL;
size_t crv_len = 0;
size_t i = 0;
ExpectIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0);
ExpectNotNull(curves = (EC_builtin_curve*)XMALLOC(
sizeof(EC_builtin_curve) * crv_len, NULL, DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ((EC_get_builtin_curves(curves, 0)), crv_len);
ExpectIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len);
for (i = 0; EXPECT_SUCCESS() && (i < crv_len); i++) {
if (curves[i].comment != NULL) {
ExpectStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment);
}
}
if (crv_len > 1) {
ExpectIntEQ(EC_get_builtin_curves(curves, crv_len - 1), crv_len - 1);
}
XFREE(curves, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
return EXPECT_RESULT();
}
static int test_wolfSSL_ECDSA_SIG(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
WOLFSSL_ECDSA_SIG* sig = NULL;
WOLFSSL_ECDSA_SIG* sig2 = NULL;
WOLFSSL_BIGNUM* r = NULL;
WOLFSSL_BIGNUM* s = NULL;
const WOLFSSL_BIGNUM* r2 = NULL;
const WOLFSSL_BIGNUM* s2 = NULL;
const unsigned char* cp = NULL;
unsigned char* p = NULL;
unsigned char outSig[8];
unsigned char sigData[8] =
{ 0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 };
unsigned char sigDataBad[8] =
{ 0x30, 0x07, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 };
wolfSSL_ECDSA_SIG_free(NULL);
ExpectNotNull(sig = wolfSSL_ECDSA_SIG_new());
ExpectNotNull(r = wolfSSL_BN_new());
ExpectNotNull(s = wolfSSL_BN_new());
ExpectIntEQ(wolfSSL_BN_set_word(r, 1), 1);
ExpectIntEQ(wolfSSL_BN_set_word(s, 1), 1);
wolfSSL_ECDSA_SIG_get0(NULL, NULL, NULL);
wolfSSL_ECDSA_SIG_get0(NULL, &r2, NULL);
wolfSSL_ECDSA_SIG_get0(NULL, NULL, &s2);
wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, NULL), 0);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, NULL), 0);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, s), 0);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, s), 0);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, s), 0);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, NULL), 0);
r2 = NULL;
s2 = NULL;
wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2);
ExpectNull(r2);
ExpectNull(s2);
ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, s), 1);
if (EXPECT_FAIL()) {
wolfSSL_BN_free(r);
wolfSSL_BN_free(s);
}
wolfSSL_ECDSA_SIG_get0(sig, &r2, &s2);
ExpectPtrEq(r2, r);
ExpectPtrEq(s2, s);
r2 = NULL;
wolfSSL_ECDSA_SIG_get0(sig, &r2, NULL);
ExpectPtrEq(r2, r);
s2 = NULL;
wolfSSL_ECDSA_SIG_get0(sig, NULL, &s2);
ExpectPtrEq(s2, s);
/* r and s are freed when sig is freed. */
wolfSSL_ECDSA_SIG_free(sig);
sig = NULL;
ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData)));
cp = sigDataBad;
ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigDataBad)));
cp = sigData;
ExpectNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData))));
ExpectIntEQ((cp == sigData + 8), 1);
cp = sigData;
ExpectNull(wolfSSL_d2i_ECDSA_SIG(&sig, NULL, sizeof(sigData)));
ExpectNotNull((sig2 = wolfSSL_d2i_ECDSA_SIG(&sig, &cp, sizeof(sigData))));
ExpectIntEQ((sig == sig2), 1);
cp = outSig;
p = outSig;
ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, &p), 0);
ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, NULL), 8);
ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), sizeof(sigData));
ExpectIntEQ((p == outSig + 8), 1);
ExpectIntEQ(XMEMCMP(sigData, outSig, 8), 0);
p = NULL;
ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), 8);
#ifndef WOLFSSL_I2D_ECDSA_SIG_ALLOC
ExpectNull(p);
#else
ExpectNotNull(p);
ExpectIntEQ(XMEMCMP(p, outSig, 8), 0);
XFREE(p, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
wolfSSL_ECDSA_SIG_free(sig);
#endif
return EXPECT_RESULT();
}
static int test_ECDSA_size_sign(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP)
EC_KEY* key = NULL;
ECDSA_SIG* ecdsaSig = NULL;
int id;
byte hash[WC_MAX_DIGEST_SIZE];
byte hash2[WC_MAX_DIGEST_SIZE];
byte sig[ECC_MAX_SIG_SIZE];
unsigned int sigSz = sizeof(sig);
XMEMSET(hash, 123, sizeof(hash));
XMEMSET(hash2, 234, sizeof(hash2));
id = wc_ecc_get_curve_id_from_name("SECP256R1");
ExpectIntEQ(id, ECC_SECP256R1);
ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectIntEQ(EC_KEY_generate_key(key), 1);
ExpectIntGE(ECDSA_size(NULL), 0);
ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, NULL), 0);
ExpectIntEQ(ECDSA_sign(0, NULL, sizeof(hash), sig, &sigSz, key), 0);
ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), NULL, &sigSz, key), 0);
ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, (int)sigSz, NULL), 0);
ExpectIntEQ(ECDSA_verify(0, NULL, sizeof(hash), sig, (int)sigSz, key), 0);
ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), NULL, (int)sigSz, key), 0);
ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, key), 1);
ExpectIntGE(ECDSA_size(key), sigSz);
ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, (int)sigSz, key), 1);
ExpectIntEQ(ECDSA_verify(0, hash2, sizeof(hash2), sig, (int)sigSz, key), 0);
ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), NULL));
ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), key));
ExpectNull(ECDSA_do_sign(hash, sizeof(hash), NULL));
ExpectNotNull(ecdsaSig = ECDSA_do_sign(hash, sizeof(hash), key));
ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, NULL), -1);
ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, NULL), -1);
ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, NULL), -1);
ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, key), -1);
ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, key), -1);
ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, key), -1);
ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, NULL), -1);
ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, key), 1);
ExpectIntEQ(ECDSA_do_verify(hash2, sizeof(hash2), ecdsaSig, key), 0);
ECDSA_SIG_free(ecdsaSig);
EC_KEY_free(key);
#endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP */
return EXPECT_RESULT();
}
static int test_ECDH_compute_key(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
EC_KEY* key1 = NULL;
EC_KEY* key2 = NULL;
EC_POINT* pub1 = NULL;
EC_POINT* pub2 = NULL;
byte secret1[32];
byte secret2[32];
int i;
ExpectNotNull(key1 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectIntEQ(EC_KEY_generate_key(key1), 1);
ExpectNotNull(pub1 = wolfSSL_EC_KEY_get0_public_key(key1));
ExpectNotNull(key2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
ExpectIntEQ(EC_KEY_generate_key(key2), 1);
ExpectNotNull(pub2 = wolfSSL_EC_KEY_get0_public_key(key2));
ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, NULL, NULL), 0);
ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, NULL, NULL),
0);
ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, NULL, NULL), 0);
ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, key1, NULL), 0);
ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, key1, NULL), 0);
ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, key1, NULL),
0);
ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, NULL, NULL),
0);
ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1) - 16, pub2, key1,
NULL), 0);
ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, key1, NULL),
sizeof(secret1));
ExpectIntEQ(ECDH_compute_key(secret2, sizeof(secret2), pub1, key2, NULL),
sizeof(secret2));
for (i = 0; i < (int)sizeof(secret1); i++) {
ExpectIntEQ(secret1[i], secret2[i]);
}
EC_KEY_free(key2);
EC_KEY_free(key1);
#endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP &&
* !WOLF_CRYPTO_CB_ONLY_ECC */
return EXPECT_RESULT();
}
#endif /* HAVE_ECC && !OPENSSL_NO_PK */
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
!defined(NO_ASN_TIME)
static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey,
int expectedDerSz)
{
EXPECT_DECLS;
X509* x509 = NULL;
BIGNUM* serial_number = NULL;
X509_NAME* name = NULL;
time_t epoch_off = 0;
ASN1_INTEGER* asn1_serial_number;
long not_before, not_after;
int derSz;
ExpectNotNull(x509 = X509_new());
ExpectIntNE(X509_set_pubkey(x509, pkey), 0);
ExpectNotNull(serial_number = BN_new());
ExpectIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0);
ExpectNotNull(asn1_serial_number = X509_get_serialNumber(x509));
ExpectNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number));
/* version 3 */
ExpectIntNE(X509_set_version(x509, 2L), 0);
ExpectNotNull(name = X509_NAME_new());
ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
(unsigned char*)"www.wolfssl.com", -1, -1, 0), 0);
ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_pkcs9_contentType,
MBSTRING_UTF8,(unsigned char*)"Server", -1, -1, 0), 0);
ExpectIntNE(X509_set_subject_name(x509, name), 0);
ExpectIntNE(X509_set_issuer_name(x509, name), 0);
not_before = (long)wc_Time(NULL);
not_after = not_before + (365 * 24 * 60 * 60);
ExpectNotNull(X509_time_adj(X509_get_notBefore(x509), not_before,
&epoch_off));
ExpectNotNull(X509_time_adj(X509_get_notAfter(x509), not_after,
&epoch_off));
ExpectIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
ExpectNotNull(wolfSSL_X509_get_der(x509, &derSz));
ExpectIntGE(derSz, expectedDerSz);
BN_free(serial_number);
X509_NAME_free(name);
X509_free(x509);
return EXPECT_RESULT();
}
#endif
static int test_openssl_generate_key_and_cert(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
int expectedDerSz;
EVP_PKEY* pkey = NULL;
#ifdef HAVE_ECC
EC_KEY* ec_key = NULL;
#endif
#if !defined(NO_RSA)
int key_length = 2048;
BIGNUM* exponent = NULL;
RSA* rsa = NULL;
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectNotNull(exponent = BN_new());
ExpectNotNull(rsa = RSA_new());
ExpectIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0);
#ifndef WOLFSSL_KEY_GEN
ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
#if defined(USE_CERT_BUFFERS_1024)
ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024,
sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0);
key_length = 1024;
#elif defined(USE_CERT_BUFFERS_2048)
ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0);
#else
RSA_free(rsa);
rsa = NULL;
#endif
#else
ExpectIntEQ(RSA_generate_key_ex(NULL, key_length, exponent, NULL), 0);
ExpectIntEQ(RSA_generate_key_ex(rsa, 0, exponent, NULL), 0);
ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, NULL, NULL), 0);
ExpectIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
#endif
if (rsa) {
ExpectIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0);
if (EXPECT_FAIL()) {
RSA_free(rsa);
}
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
expectedDerSz = 743;
ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey,
expectedDerSz), TEST_SUCCESS);
#endif
}
EVP_PKEY_free(pkey);
pkey = NULL;
BN_free(exponent);
#endif /* !NO_RSA */
#ifdef HAVE_ECC
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectNotNull(ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
#ifndef NO_WOLFSSL_STUB
EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
#endif
ExpectIntNE(EC_KEY_generate_key(ec_key), 0);
ExpectIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
if (EXPECT_FAIL()) {
EC_KEY_free(ec_key);
}
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
expectedDerSz = 344;
ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey, expectedDerSz),
TEST_SUCCESS);
#endif
EVP_PKEY_free(pkey);
#endif /* HAVE_ECC */
(void)pkey;
(void)expectedDerSz;
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_stubs_are_stubs(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx = NULL;
WOLFSSL_CTX* ctxN = NULL;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#elif !defined(NO_WOLFSSL_SERVER)
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
#define CHECKZERO_RET(x, y, z) ExpectIntEQ((int) x(y), 0); \
ExpectIntEQ((int) x(z), 0)
/* test logic, all stubs return same result regardless of ctx being NULL
* as there are no sanity checks, it's just a stub! If at some
* point a stub is not a stub it should begin to return BAD_FUNC_ARG
* if invalid inputs are supplied. Test calling both
* with and without valid inputs, if a stub functionality remains unchanged.
*/
CHECKZERO_RET(wolfSSL_CTX_sess_accept, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_connect, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_accept_good, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_connect_good, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_accept_renegotiate, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_connect_renegotiate, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_hits, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_cb_hits, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_cache_full, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_misses, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_timeouts, ctx, ctxN);
/* when implemented this should take WOLFSSL object instead, right now
* always returns 0 */
ExpectPtrEq(SSL_get_current_expansion(NULL), NULL);
wolfSSL_CTX_free(ctx);
ctx = NULL;
ExpectStrEQ(SSL_COMP_get_name(NULL), "not supported");
ExpectPtrEq(SSL_get_current_expansion(NULL), NULL);
#endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB && (!NO_WOLFSSL_CLIENT ||
* !NO_WOLFSSL_SERVER) */
return EXPECT_RESULT();
}
static int test_CONF_modules_xxx(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
CONF_modules_free();
CONF_modules_unload(0);
CONF_modules_unload(1);
CONF_modules_unload(-1);
res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA */
return res;
}
static int test_CRYPTO_set_dynlock_xxx(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
CRYPTO_set_dynlock_create_callback(
(struct CRYPTO_dynlock_value *(*)(const char*, int))NULL);
CRYPTO_set_dynlock_create_callback(
(struct CRYPTO_dynlock_value *(*)(const char*, int))1);
CRYPTO_set_dynlock_destroy_callback(
(void (*)(struct CRYPTO_dynlock_value*, const char*, int))NULL);
CRYPTO_set_dynlock_destroy_callback(
(void (*)(struct CRYPTO_dynlock_value*, const char*, int))1);
CRYPTO_set_dynlock_lock_callback(
(void (*)(int, struct CRYPTO_dynlock_value *, const char*, int))NULL);
CRYPTO_set_dynlock_lock_callback(
(void (*)(int, struct CRYPTO_dynlock_value *, const char*, int))1);
res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA */
return res;
}
static int test_CRYPTO_THREADID_xxx(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
CRYPTO_THREADID_current((CRYPTO_THREADID*)NULL);
CRYPTO_THREADID_current((CRYPTO_THREADID*)1);
ExpectIntEQ(CRYPTO_THREADID_hash((const CRYPTO_THREADID*)NULL), 0);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_ENGINE_cleanup(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
ENGINE_cleanup();
res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA */
return res;
}
static int test_wolfSSL_CTX_LoadCRL(void)
{
EXPECT_DECLS;
#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* badPath = "dummypath";
const char* validPath = "./certs/crl";
const char* validFilePath = "./certs/crl/cliCrl.pem";
const char* issuerCert = "./certs/client-cert.pem";
int derType = WOLFSSL_FILETYPE_ASN1;
int pemType = WOLFSSL_FILETYPE_PEM;
#ifdef HAVE_CRL_MONITOR
int monitor = WOLFSSL_CRL_MONITOR;
#else
int monitor = 0;
#endif
WOLFSSL_CERT_MANAGER* cm = NULL;
#define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
BAD_FUNC_ARG)
#define FAIL_T2(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
NOT_COMPILED_IN)
#define SUCC_T(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
WOLFSSL_SUCCESS)
#ifndef NO_WOLFSSL_CLIENT
#define NEW_CTX(ctx) ExpectNotNull( \
(ctx) = wolfSSL_CTX_new(wolfSSLv23_client_method()))
#elif !defined(NO_WOLFSSL_SERVER)
#define NEW_CTX(ctx) ExpectNotNull( \
(ctx) = wolfSSL_CTX_new(wolfSSLv23_server_method()))
#else
#define NEW_CTX(ctx) return
#endif
FAIL_T1(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
NEW_CTX(ctx);
#ifndef HAVE_CRL_MONITOR
FAIL_T2(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, WOLFSSL_CRL_MONITOR);
wolfSSL_CTX_free(ctx);
NEW_CTX(ctx);
#endif
SUCC_T (wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
SUCC_T (wolfSSL_CTX_LoadCRL, ctx, badPath, pemType, monitor);
SUCC_T (wolfSSL_CTX_LoadCRL, ctx, badPath, derType, monitor);
wolfSSL_CTX_free(ctx);
ctx = NULL;
NEW_CTX(ctx);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, validFilePath, pemType), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = NULL;
NEW_CTX(ctx);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
WOLFSSL_SUCCESS);
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_LoadCRLFile(ssl, validFilePath, pemType), WOLFSSL_SUCCESS);
wolfSSL_free(ssl);
ssl = NULL;
wolfSSL_CTX_free(ctx);
ctx = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, validFilePath, pemType),
WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL) && \
!defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
static int test_multiple_crls_same_issuer_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/crl.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
#endif
static int test_multiple_crls_same_issuer(void)
{
EXPECT_DECLS;
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL) && \
!defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
test_ssl_cbf client_cbs, server_cbs;
struct {
const char* server_cert;
const char* server_key;
} test_params[] = {
{ "./certs/server-cert.pem", "./certs/server-key.pem" },
{ "./certs/server-revoked-cert.pem", "./certs/server-revoked-key.pem" }
};
size_t i;
for (i = 0; i < (sizeof(test_params)/sizeof(*test_params)); i++) {
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
server_cbs.certPemFile = test_params[i].server_cert;
server_cbs.keyPemFile = test_params[i].server_key;
client_cbs.crlPemFile = "./certs/crl/extra-crls/general-server-crl.pem";
client_cbs.ctx_ready = test_multiple_crls_same_issuer_ctx_ready;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), TEST_FAIL);
}
#endif
return EXPECT_RESULT();
}
static int test_SetTmpEC_DHE_Sz(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpEC_DHE_Sz(ctx, 32));
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpEC_DHE_Sz(ssl, 32));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get0_privatekey(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_CTX* ctx = NULL;
(void)ctx;
#ifndef NO_RSA
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
ExpectNull(SSL_CTX_get0_privatekey(ctx));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectNull(SSL_CTX_get0_privatekey(ctx));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(SSL_CTX_get0_privatekey(ctx));
wolfSSL_CTX_free(ctx);
ctx = NULL;
#endif
#ifdef HAVE_ECC
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
ExpectNull(SSL_CTX_get0_privatekey(ctx));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectNull(SSL_CTX_get0_privatekey(ctx));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectNotNull(SSL_CTX_get0_privatekey(ctx));
wolfSSL_CTX_free(ctx);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_dtls_set_mtu(void)
{
EXPECT_DECLS;
#if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \
!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_DTLS) && \
!defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* testCertFile;
const char* testKeyFile;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#endif
if (testCertFile != NULL && testKeyFile != NULL) {
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, testCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
WOLFSSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_CTX_dtls_set_mtu(NULL, 1488), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_dtls_set_mtu(NULL, 1488), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_dtls_set_mtu(ctx, 20000), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl, 20000), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_get_error(ssl, WOLFSSL_FAILURE), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_dtls_set_mtu(ctx, 1488), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl, 1488), WOLFSSL_SUCCESS);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
static WC_INLINE void generateDTLSMsg(byte* out, int outSz, word32 seq,
enum HandShakeType hsType, word16 length)
{
size_t idx = 0;
byte* l;
/* record layer */
/* handshake type */
out[idx++] = handshake;
/* protocol version */
out[idx++] = 0xfe;
out[idx++] = 0xfd; /* DTLS 1.2 */
/* epoch 0 */
XMEMSET(out + idx, 0, 2);
idx += 2;
/* sequence number */
XMEMSET(out + idx, 0, 6);
c32toa(seq, out + idx + 2);
idx += 6;
/* length in BE */
if (length)
c16toa(length, out + idx);
else
c16toa(outSz - idx - 2, out + idx);
idx += 2;
/* handshake layer */
/* handshake type */
out[idx++] = (byte)hsType;
/* length */
l = out + idx;
idx += 3;
/* message seq */
c16toa(0, out + idx);
idx += 2;
/* frag offset */
c32to24(0, out + idx);
idx += 3;
/* frag length */
c32to24((word32)outSz - (word32)idx - 3, l);
c32to24((word32)outSz - (word32)idx - 3, out + idx);
idx += 3;
XMEMSET(out + idx, 0, outSz - idx);
}
static void test_wolfSSL_dtls_plaintext_server(WOLFSSL* ssl)
{
byte msg[] = "This is a msg for the client";
byte reply[40];
AssertIntGT(wolfSSL_read(ssl, reply, sizeof(reply)),0);
reply[sizeof(reply) - 1] = '\0';
fprintf(stderr, "Client message: %s\n", reply);
AssertIntEQ(wolfSSL_write(ssl, msg, sizeof(msg)), sizeof(msg));
}
static void test_wolfSSL_dtls_plaintext_client(WOLFSSL* ssl)
{
byte ch[50];
int fd = wolfSSL_get_fd(ssl);
byte msg[] = "This is a msg for the server";
byte reply[40];
generateDTLSMsg(ch, sizeof(ch), 20, client_hello, 0);
/* Server should ignore this datagram */
AssertIntEQ(send(fd, ch, sizeof(ch), 0), sizeof(ch));
generateDTLSMsg(ch, sizeof(ch), 20, client_hello, 10000);
/* Server should ignore this datagram */
AssertIntEQ(send(fd, ch, sizeof(ch), 0), sizeof(ch));
AssertIntEQ(wolfSSL_write(ssl, msg, sizeof(msg)), sizeof(msg));
AssertIntGT(wolfSSL_read(ssl, reply, sizeof(reply)),0);
reply[sizeof(reply) - 1] = '\0';
fprintf(stderr, "Server response: %s\n", reply);
}
static int test_wolfSSL_dtls_plaintext(void)
{
callback_functions func_cb_client;
callback_functions func_cb_server;
size_t i;
struct test_params {
method_provider client_meth;
method_provider server_meth;
ssl_callback on_result_server;
ssl_callback on_result_client;
} params[] = {
{wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
test_wolfSSL_dtls_plaintext_server,
test_wolfSSL_dtls_plaintext_client},
};
for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_server.method = params[i].server_meth;
func_cb_client.method = params[i].client_meth;
func_cb_client.on_result = params[i].on_result_client;
func_cb_server.on_result = params[i].on_result_server;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
if (!func_cb_client.return_code)
return TEST_FAIL;
if (!func_cb_server.return_code)
return TEST_FAIL;
}
return TEST_RES_CHECK(1);
}
#else
static int test_wolfSSL_dtls_plaintext(void) {
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
static void test_wolfSSL_dtls12_fragments_spammer(WOLFSSL* ssl)
{
byte b[1100]; /* buffer for the messages to send */
size_t idx = 0;
size_t seq_offset = 0;
size_t msg_offset = 0;
int i;
int fd = wolfSSL_get_fd(ssl);
int ret = wolfSSL_connect_cert(ssl); /* This gets us past the cookie */
word32 seq_number = 100; /* start high so server definitely reads this */
word16 msg_number = 50; /* start high so server has to buffer this */
AssertIntEQ(ret, 1);
/* Now let's start spamming the peer with fragments it needs to store */
XMEMSET(b, -1, sizeof(b));
/* record layer */
/* handshake type */
b[idx++] = 22;
/* protocol version */
b[idx++] = 0xfe;
b[idx++] = 0xfd; /* DTLS 1.2 */
/* epoch 0 */
XMEMSET(b + idx, 0, 2);
idx += 2;
/* sequence number */
XMEMSET(b + idx, 0, 6);
seq_offset = idx + 2; /* increment only the low 32 bits */
idx += 6;
/* static length in BE */
c16toa(42, b + idx);
idx += 2;
/* handshake layer */
/* cert type */
b[idx++] = 11;
/* length */
c32to24(1000, b + idx);
idx += 3;
/* message seq */
c16toa(0, b + idx);
msg_offset = idx;
idx += 2;
/* frag offset */
c32to24(500, b + idx);
idx += 3;
/* frag length */
c32to24(30, b + idx);
idx += 3;
(void)idx; /* inhibit clang-analyzer-deadcode.DeadStores */
for (i = 0; i < DTLS_POOL_SZ * 2 && ret > 0;
seq_number++, msg_number++, i++) {
struct timespec delay;
XMEMSET(&delay, 0, sizeof(delay));
delay.tv_nsec = 10000000; /* wait 0.01 seconds */
c32toa(seq_number, b + seq_offset);
c16toa(msg_number, b + msg_offset);
ret = (int)send(fd, b, 55, 0);
nanosleep(&delay, NULL);
}
}
#ifdef WOLFSSL_DTLS13
static void test_wolfSSL_dtls13_fragments_spammer(WOLFSSL* ssl)
{
const word16 sendCountMax = 100;
byte b[150]; /* buffer for the messages to send */
size_t idx = 0;
size_t msg_offset = 0;
int fd = wolfSSL_get_fd(ssl);
word16 msg_number = 10; /* start high so server has to buffer this */
int ret = wolfSSL_connect_cert(ssl); /* This gets us past the cookie */
AssertIntEQ(ret, 1);
/* Now let's start spamming the peer with fragments it needs to store */
XMEMSET(b, -1, sizeof(b));
/* handshake type */
b[idx++] = 11;
/* length */
c32to24(10000, b + idx);
idx += 3;
/* message_seq */
msg_offset = idx;
idx += 2;
/* fragment_offset */
c32to24(5000, b + idx);
idx += 3;
/* fragment_length */
c32to24(100, b + idx);
idx += 3;
/* fragment contents */
idx += 100;
for (; ret > 0 && msg_number < sendCountMax; msg_number++) {
byte sendBuf[150];
int sendSz = sizeof(sendBuf);
struct timespec delay;
XMEMSET(&delay, 0, sizeof(delay));
delay.tv_nsec = 10000000; /* wait 0.01 seconds */
c16toa(msg_number, b + msg_offset);
sendSz = BuildTls13Message(ssl, sendBuf, sendSz, b,
(int)idx, handshake, 0, 0, 0);
ret = (int)send(fd, sendBuf, (size_t)sendSz, 0);
nanosleep(&delay, NULL);
}
}
#endif
static int test_wolfSSL_dtls_fragments(void)
{
EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
size_t i;
struct test_params {
method_provider client_meth;
method_provider server_meth;
ssl_callback spammer;
} params[] = {
#if !defined(WOLFSSL_NO_TLS12)
{wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
test_wolfSSL_dtls12_fragments_spammer},
#endif
#ifdef WOLFSSL_DTLS13
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
test_wolfSSL_dtls13_fragments_spammer},
#endif
};
for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_server.method = params[i].server_meth;
func_cb_client.method = params[i].client_meth;
func_cb_client.ssl_ready = params[i].spammer;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectFalse(func_cb_client.return_code);
ExpectFalse(func_cb_server.return_code);
/* The socket should be closed by the server resulting in a
* socket error, fatal error or reading a close notify alert */
if (func_cb_client.last_err != SOCKET_ERROR_E &&
func_cb_client.last_err != WOLFSSL_ERROR_ZERO_RETURN &&
func_cb_client.last_err != FATAL_ERROR) {
ExpectIntEQ(func_cb_client.last_err, SOCKET_ERROR_E);
}
/* Check the server returned an error indicating the msg buffer
* was full */
ExpectIntEQ(func_cb_server.last_err, DTLS_TOO_MANY_FRAGMENTS_E);
if (EXPECT_FAIL())
break;
}
return EXPECT_RESULT();
}
static void test_wolfSSL_dtls_send_alert(WOLFSSL* ssl)
{
int fd, ret;
byte alert_msg[] = {
0x15, /* alert type */
0xfe, 0xfd, /* version */
0x00, 0x00, /* epoch */
0x00, 0x00, 0x00, 0x00, 0x00, 0x01, /* seq number */
0x00, 0x02, /* length */
0x02, /* level: fatal */
0x46 /* protocol version */
};
fd = wolfSSL_get_fd(ssl);
ret = (int)send(fd, alert_msg, sizeof(alert_msg), 0);
AssertIntGT(ret, 0);
}
static int _test_wolfSSL_ignore_alert_before_cookie(byte version12)
{
callback_functions client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.doUdp = server_cbs.doUdp = 1;
if (version12) {
#if !defined(WOLFSSL_NO_TLS12)
client_cbs.method = wolfDTLSv1_2_client_method;
server_cbs.method = wolfDTLSv1_2_server_method;
#else
return TEST_SKIPPED;
#endif
}
else
{
#ifdef WOLFSSL_DTLS13
client_cbs.method = wolfDTLSv1_3_client_method;
server_cbs.method = wolfDTLSv1_3_server_method;
#else
return TEST_SKIPPED;
#endif /* WOLFSSL_DTLS13 */
}
client_cbs.ssl_ready = test_wolfSSL_dtls_send_alert;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
if (!client_cbs.return_code)
return TEST_FAIL;
if (!server_cbs.return_code)
return TEST_FAIL;
return TEST_SUCCESS;
}
static int test_wolfSSL_ignore_alert_before_cookie(void)
{
int ret;
ret =_test_wolfSSL_ignore_alert_before_cookie(0);
if (ret != 0)
return ret;
ret =_test_wolfSSL_ignore_alert_before_cookie(1);
if (ret != 0)
return ret;
return 0;
}
static void test_wolfSSL_send_bad_record(WOLFSSL* ssl)
{
int ret;
int fd;
byte bad_msg[] = {
0x17, /* app data */
0xaa, 0xfd, /* bad version */
0x00, 0x01, /* epoch 1 */
0x00, 0x00, 0x00, 0x00, 0x00, 0x55, /* not seen seq number */
0x00, 0x26, /* length: 38 bytes */
0xae, 0x30, 0x31, 0xb1, 0xf1, 0xb9, 0x6f, 0xda, 0x17, 0x19, 0xd9, 0x57,
0xa9, 0x9d, 0x5c, 0x51, 0x9b, 0x53, 0x63, 0xa5, 0x24, 0x70, 0xa1,
0xae, 0xdf, 0x1c, 0xb9, 0xfc, 0xe3, 0xd7, 0x77, 0x6d, 0xb6, 0x89, 0x0f,
0x03, 0x18, 0x72
};
fd = wolfSSL_get_fd(ssl);
AssertIntGE(fd, 0);
ret = (int)send(fd, bad_msg, sizeof(bad_msg), 0);
AssertIntEQ(ret, sizeof(bad_msg));
ret = wolfSSL_write(ssl, "badrecordtest", sizeof("badrecordtest"));
AssertIntEQ(ret, sizeof("badrecordtest"));
}
static void test_wolfSSL_read_string(WOLFSSL* ssl)
{
byte buf[100];
int ret;
ret = wolfSSL_read(ssl, buf, sizeof(buf));
AssertIntGT(ret, 0);
AssertIntEQ(strcmp((char*)buf, "badrecordtest"), 0);
}
static int _test_wolfSSL_dtls_bad_record(
method_provider client_method, method_provider server_method)
{
callback_functions client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.doUdp = server_cbs.doUdp = 1;
client_cbs.method = client_method;
server_cbs.method = server_method;
client_cbs.on_result = test_wolfSSL_send_bad_record;
server_cbs.on_result = test_wolfSSL_read_string;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
if (!client_cbs.return_code)
return TEST_FAIL;
if (!server_cbs.return_code)
return TEST_FAIL;
return TEST_SUCCESS;
}
static int test_wolfSSL_dtls_bad_record(void)
{
int ret = TEST_SUCCESS;
#if !defined(WOLFSSL_NO_TLS12)
ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_2_client_method,
wolfDTLSv1_2_server_method);
#endif
#ifdef WOLFSSL_DTLS13
if (ret == TEST_SUCCESS) {
ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_3_client_method,
wolfDTLSv1_3_server_method);
}
#endif /* WOLFSSL_DTLS13 */
return ret;
}
#else
static int test_wolfSSL_dtls_fragments(void) {
return TEST_SKIPPED;
}
static int test_wolfSSL_ignore_alert_before_cookie(void) {
return TEST_SKIPPED;
}
static int test_wolfSSL_dtls_bad_record(void) {
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_DTLS13) && !defined(WOLFSSL_TLS13_IGNORE_AEAD_LIMITS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
static byte test_AEAD_fail_decryption = 0;
static byte test_AEAD_seq_num = 0;
static byte test_AEAD_done = 0;
static int test_AEAD_cbiorecv(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
int ret = (int)recv(wolfSSL_get_fd(ssl), buf, sz, 0);
if (ret > 0) {
if (test_AEAD_fail_decryption) {
/* Modify the packet to trigger a decryption failure */
buf[ret/2] ^= 0xFF;
if (test_AEAD_fail_decryption == 1)
test_AEAD_fail_decryption = 0;
}
}
(void)ctx;
return ret;
}
static void test_AEAD_get_limits(WOLFSSL* ssl, w64wrapper* hardLimit,
w64wrapper* keyUpdateLimit, w64wrapper* sendLimit)
{
if (sendLimit)
w64Zero(sendLimit);
switch (ssl->specs.bulk_cipher_algorithm) {
case wolfssl_aes_gcm:
if (sendLimit)
*sendLimit = AEAD_AES_LIMIT;
FALL_THROUGH;
case wolfssl_chacha:
if (hardLimit)
*hardLimit = DTLS_AEAD_AES_GCM_CHACHA_FAIL_LIMIT;
if (keyUpdateLimit)
*keyUpdateLimit = DTLS_AEAD_AES_GCM_CHACHA_FAIL_KU_LIMIT;
break;
case wolfssl_aes_ccm:
if (sendLimit)
*sendLimit = DTLS_AEAD_AES_CCM_LIMIT;
if (ssl->specs.aead_mac_size == AES_CCM_8_AUTH_SZ) {
if (hardLimit)
*hardLimit = DTLS_AEAD_AES_CCM_8_FAIL_LIMIT;
if (keyUpdateLimit)
*keyUpdateLimit = DTLS_AEAD_AES_CCM_8_FAIL_KU_LIMIT;
}
else {
if (hardLimit)
*hardLimit = DTLS_AEAD_AES_CCM_FAIL_LIMIT;
if (keyUpdateLimit)
*keyUpdateLimit = DTLS_AEAD_AES_CCM_FAIL_KU_LIMIT;
}
break;
default:
fprintf(stderr, "Unrecognized bulk cipher");
AssertFalse(1);
break;
}
}
static void test_AEAD_limit_client(WOLFSSL* ssl)
{
int ret;
int i;
int didReKey = 0;
char msgBuf[20];
w64wrapper hardLimit;
w64wrapper keyUpdateLimit;
w64wrapper counter;
w64wrapper sendLimit;
test_AEAD_get_limits(ssl, &hardLimit, &keyUpdateLimit, &sendLimit);
w64Zero(&counter);
AssertTrue(w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13Epoch)->dropCount, counter));
wolfSSL_SSLSetIORecv(ssl, test_AEAD_cbiorecv);
for (i = 0; i < 10; i++) {
/* Test some failed decryptions */
test_AEAD_fail_decryption = 1;
w64Increment(&counter);
ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
/* Should succeed since decryption failures are dropped */
AssertIntGT(ret, 0);
AssertTrue(w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount, counter));
}
test_AEAD_fail_decryption = 1;
Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount = keyUpdateLimit;
w64Increment(&Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount);
/* 100 read calls should be enough to complete the key update */
w64Zero(&counter);
for (i = 0; i < 100; i++) {
/* Key update should be sent and negotiated */
ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
AssertIntGT(ret, 0);
/* Epoch after one key update is 4 */
if (w64Equal(ssl->dtls13PeerEpoch, w64From32(0, 4)) &&
w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount, counter)) {
didReKey = 1;
break;
}
}
AssertTrue(didReKey);
if (!w64IsZero(sendLimit)) {
/* Test the sending limit for AEAD ciphers */
Dtls13GetEpoch(ssl, ssl->dtls13Epoch)->nextSeqNumber = sendLimit;
test_AEAD_seq_num = 1;
ret = wolfSSL_write(ssl, msgBuf, sizeof(msgBuf));
AssertIntGT(ret, 0);
didReKey = 0;
w64Zero(&counter);
/* 100 read calls should be enough to complete the key update */
for (i = 0; i < 100; i++) {
/* Key update should be sent and negotiated */
ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
AssertIntGT(ret, 0);
/* Epoch after another key update is 5 */
if (w64Equal(ssl->dtls13Epoch, w64From32(0, 5)) &&
w64Equal(Dtls13GetEpoch(ssl, ssl->dtls13Epoch)->dropCount, counter)) {
didReKey = 1;
break;
}
}
AssertTrue(didReKey);
}
test_AEAD_fail_decryption = 2;
Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount = hardLimit;
w64Decrement(&Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch)->dropCount);
/* Connection should fail with a DECRYPT_ERROR */
ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
AssertIntEQ(ret, WOLFSSL_FATAL_ERROR);
AssertIntEQ(wolfSSL_get_error(ssl, ret), DECRYPT_ERROR);
test_AEAD_done = 1;
}
int counter = 0;
static void test_AEAD_limit_server(WOLFSSL* ssl)
{
char msgBuf[] = "Sending data";
int ret = WOLFSSL_SUCCESS;
w64wrapper sendLimit;
SOCKET_T fd = wolfSSL_get_fd(ssl);
struct timespec delay;
XMEMSET(&delay, 0, sizeof(delay));
delay.tv_nsec = 100000000; /* wait 0.1 seconds */
tcp_set_nonblocking(&fd); /* So that read doesn't block */
wolfSSL_dtls_set_using_nonblock(ssl, 1);
test_AEAD_get_limits(ssl, NULL, NULL, &sendLimit);
while (!test_AEAD_done && ret > 0) {
counter++;
if (test_AEAD_seq_num) {
/* We need to update the seq number so that we can understand the
* peer. Otherwise we will incorrectly interpret the seq number. */
Dtls13Epoch* e = Dtls13GetEpoch(ssl, ssl->dtls13PeerEpoch);
AssertNotNull(e);
e->nextPeerSeqNumber = sendLimit;
test_AEAD_seq_num = 0;
}
(void)wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
ret = wolfSSL_write(ssl, msgBuf, sizeof(msgBuf));
nanosleep(&delay, NULL);
}
}
static int test_wolfSSL_dtls_AEAD_limit(void)
{
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_server.method = wolfDTLSv1_3_server_method;
func_cb_client.method = wolfDTLSv1_3_client_method;
func_cb_server.on_result = test_AEAD_limit_server;
func_cb_client.on_result = test_AEAD_limit_client;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
if (!func_cb_client.return_code)
return TEST_FAIL;
if (!func_cb_server.return_code)
return TEST_FAIL;
return TEST_SUCCESS;
}
#else
static int test_wolfSSL_dtls_AEAD_limit(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_DTLS) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
!defined(DEBUG_VECTOR_REGISTER_ACCESS_FUZZING)
static void test_wolfSSL_dtls_send_ch(WOLFSSL* ssl)
{
int fd, ret;
byte ch_msg[] = {
0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0xfa, 0x01, 0x00, 0x01, 0xee, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0xee, 0xfe, 0xfd, 0xc0, 0xca, 0xb5, 0x6f, 0x3d, 0x23, 0xcc, 0x53, 0x9a,
0x67, 0x17, 0x70, 0xd3, 0xfb, 0x23, 0x16, 0x9e, 0x4e, 0xd6, 0x7e, 0x29,
0xab, 0xfa, 0x4c, 0xa5, 0x84, 0x95, 0xc3, 0xdb, 0x21, 0x9a, 0x52, 0x00,
0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x01,
0x8e, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20,
0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06,
0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01,
0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x0c,
0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00,
0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x01, 0x4b, 0x01, 0x49, 0x00, 0x17,
0x00, 0x41, 0x04, 0x96, 0xcb, 0x2e, 0x4e, 0xd9, 0x88, 0x71, 0xc7, 0xf3,
0x1a, 0x16, 0xdd, 0x7a, 0x7c, 0xf7, 0x67, 0x8a, 0x5d, 0x9a, 0x55, 0xa6,
0x4a, 0x90, 0xd9, 0xfb, 0xc7, 0xfb, 0xbe, 0x09, 0xa9, 0x8a, 0xb5, 0x7a,
0xd1, 0xde, 0x83, 0x74, 0x27, 0x31, 0x1c, 0xaa, 0xae, 0xef, 0x58, 0x43,
0x13, 0x7d, 0x15, 0x4d, 0x7f, 0x68, 0xf6, 0x8a, 0x38, 0xef, 0x0e, 0xb3,
0xcf, 0xb8, 0x4a, 0xa9, 0xb4, 0xd7, 0xcb, 0x01, 0x00, 0x01, 0x00, 0x1d,
0x0a, 0x22, 0x8a, 0xd1, 0x78, 0x85, 0x1e, 0x5a, 0xe1, 0x1d, 0x1e, 0xb7,
0x2d, 0xbc, 0x5f, 0x52, 0xbc, 0x97, 0x5d, 0x8b, 0x6a, 0x8b, 0x9d, 0x1e,
0xb1, 0xfc, 0x8a, 0xb2, 0x56, 0xcd, 0xed, 0x4b, 0xfb, 0x66, 0x3f, 0x59,
0x3f, 0x15, 0x5d, 0x09, 0x9e, 0x2f, 0x60, 0x5b, 0x31, 0x81, 0x27, 0xf0,
0x1c, 0xda, 0xcd, 0x48, 0x66, 0xc6, 0xbb, 0x25, 0xf0, 0x5f, 0xda, 0x4c,
0xcf, 0x1d, 0x88, 0xc8, 0xda, 0x1b, 0x53, 0xea, 0xbd, 0xce, 0x6d, 0xf6,
0x4a, 0x76, 0xdb, 0x75, 0x99, 0xaf, 0xcf, 0x76, 0x4a, 0xfb, 0xe3, 0xef,
0xb2, 0xcb, 0xae, 0x4a, 0xc0, 0xe8, 0x63, 0x1f, 0xd6, 0xe8, 0xe6, 0x45,
0xf9, 0xea, 0x0d, 0x06, 0x19, 0xfc, 0xb1, 0xfd, 0x5d, 0x92, 0x89, 0x7b,
0xc7, 0x9f, 0x1a, 0xb3, 0x2b, 0xc7, 0xad, 0x0e, 0xfb, 0x13, 0x41, 0x83,
0x84, 0x58, 0x3a, 0x25, 0xb9, 0x49, 0x35, 0x1c, 0x23, 0xcb, 0xd6, 0xe7,
0xc2, 0x8c, 0x4b, 0x2a, 0x73, 0xa1, 0xdf, 0x4f, 0x73, 0x9b, 0xb3, 0xd2,
0xb2, 0x95, 0x00, 0x3c, 0x26, 0x09, 0x89, 0x71, 0x05, 0x39, 0xc8, 0x98,
0x8f, 0xed, 0x32, 0x15, 0x78, 0xcd, 0xd3, 0x7e, 0xfb, 0x5a, 0x78, 0x2a,
0xdc, 0xca, 0x20, 0x09, 0xb5, 0x14, 0xf9, 0xd4, 0x58, 0xf6, 0x69, 0xf8,
0x65, 0x9f, 0xb7, 0xe4, 0x93, 0xf1, 0xa3, 0x84, 0x7e, 0x1b, 0x23, 0x5d,
0xea, 0x59, 0x3e, 0x4d, 0xca, 0xfd, 0xa5, 0x55, 0xdd, 0x99, 0xb5, 0x02,
0xf8, 0x0d, 0xe5, 0xf4, 0x06, 0xb0, 0x43, 0x9e, 0x2e, 0xbf, 0x05, 0x33,
0x65, 0x7b, 0x13, 0x8c, 0xf9, 0x16, 0x4d, 0xc5, 0x15, 0x0b, 0x40, 0x2f,
0x66, 0x94, 0xf2, 0x43, 0x95, 0xe7, 0xa9, 0xb6, 0x39, 0x99, 0x73, 0xb3,
0xb0, 0x06, 0xfe, 0x52, 0x9e, 0x57, 0xba, 0x75, 0xfd, 0x76, 0x7b, 0x20,
0x31, 0x68, 0x4c
};
fd = wolfSSL_get_fd(ssl);
ret = (int)send(fd, ch_msg, sizeof(ch_msg), 0);
AssertIntGT(ret, 0);
/* consume the HRR otherwise handshake will fail */
ret = (int)recv(fd, ch_msg, sizeof(ch_msg), 0);
AssertIntGT(ret, 0);
}
#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
static void test_wolfSSL_dtls_send_ch_with_invalid_cookie(WOLFSSL* ssl)
{
int fd, ret;
byte ch_msh_invalid_cookie[] = {
0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02,
0x4e, 0x01, 0x00, 0x02, 0x42, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x02,
0x42, 0xfe, 0xfd, 0x69, 0xca, 0x77, 0x60, 0x6f, 0xfc, 0xd1, 0x5b, 0x60,
0x5d, 0xf1, 0xa6, 0x5c, 0x44, 0x71, 0xae, 0xca, 0x62, 0x19, 0x0c, 0xb6,
0xf7, 0x2c, 0xa6, 0xd5, 0xd2, 0x99, 0x9d, 0x18, 0xae, 0xac, 0x11, 0x00,
0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x01,
0xe2, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20,
0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06,
0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01,
0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x2c, 0x00, 0x45,
0x00, 0x43, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x2d, 0x00,
0x03, 0x02, 0x00, 0x01, 0x00, 0x0a, 0x00, 0x0c, 0x00, 0x0a, 0x00, 0x19,
0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00, 0x00, 0x16, 0x00, 0x00,
0x00, 0x33, 0x01, 0x4b, 0x01, 0x49, 0x00, 0x17, 0x00, 0x41, 0x04, 0x7c,
0x5a, 0xc2, 0x5a, 0xfd, 0xcd, 0x2b, 0x08, 0xb2, 0xeb, 0x8e, 0xc0, 0x02,
0x03, 0x9d, 0xb1, 0xc1, 0x0d, 0x7b, 0x7f, 0x46, 0x43, 0xdf, 0xf3, 0xee,
0x2b, 0x78, 0x0e, 0x29, 0x8c, 0x42, 0x11, 0x2c, 0xde, 0xd7, 0x41, 0x0f,
0x28, 0x94, 0x80, 0x41, 0x70, 0xc4, 0x17, 0xfd, 0x6d, 0xfa, 0xee, 0x9a,
0xf2, 0xc4, 0x15, 0x4c, 0x5f, 0x54, 0xb6, 0x78, 0x6e, 0xf9, 0x63, 0x27,
0x33, 0xb8, 0x7b, 0x01, 0x00, 0x01, 0x00, 0xd4, 0x46, 0x62, 0x9c, 0xbf,
0x8f, 0x1b, 0x65, 0x9b, 0xf0, 0x29, 0x64, 0xd8, 0x50, 0x0e, 0x74, 0xf1,
0x58, 0x10, 0xc9, 0xd9, 0x82, 0x5b, 0xd9, 0xbe, 0x14, 0xdf, 0xde, 0x86,
0xb4, 0x2e, 0x15, 0xee, 0x4f, 0xf6, 0x74, 0x9e, 0x59, 0x11, 0x36, 0x2d,
0xb9, 0x67, 0xaa, 0x5a, 0x09, 0x9b, 0x45, 0xf1, 0x01, 0x4c, 0x4e, 0xf6,
0xda, 0x6a, 0xae, 0xa7, 0x73, 0x7b, 0x2e, 0xb6, 0x24, 0x89, 0x99, 0xb7,
0x52, 0x16, 0x62, 0x0a, 0xab, 0x58, 0xf8, 0x3f, 0x10, 0x5b, 0x83, 0xfd,
0x7b, 0x81, 0x77, 0x81, 0x8d, 0xef, 0x24, 0x56, 0x6d, 0xba, 0x49, 0xd4,
0x8b, 0xb5, 0xa0, 0xb1, 0xc9, 0x8c, 0x32, 0x95, 0x1c, 0x5e, 0x0a, 0x4b,
0xf6, 0x00, 0x50, 0x0a, 0x87, 0x99, 0x59, 0xcf, 0x6f, 0x9d, 0x02, 0xd0,
0x1b, 0xa1, 0x96, 0x45, 0x28, 0x76, 0x40, 0x33, 0x28, 0xc9, 0xa1, 0xfd,
0x46, 0xab, 0x2c, 0x9e, 0x5e, 0xc6, 0x74, 0x19, 0x9a, 0xf5, 0x9b, 0x51,
0x11, 0x4f, 0xc8, 0xb9, 0x99, 0x6b, 0x4e, 0x3e, 0x31, 0x64, 0xb4, 0x92,
0xf4, 0x0d, 0x41, 0x4b, 0x2c, 0x65, 0x23, 0xf7, 0x47, 0xe3, 0xa5, 0x2e,
0xe4, 0x9c, 0x2b, 0xc9, 0x41, 0x22, 0x83, 0x8a, 0x23, 0xef, 0x29, 0x7e,
0x4f, 0x3f, 0xa3, 0xbf, 0x73, 0x2b, 0xd7, 0xcc, 0xc8, 0xc6, 0xe9, 0xbc,
0x01, 0xb7, 0x32, 0x63, 0xd4, 0x7e, 0x7f, 0x9a, 0xaf, 0x5f, 0x05, 0x31,
0x53, 0xd6, 0x1f, 0xa2, 0xd0, 0xdf, 0x67, 0x56, 0xf1, 0x9c, 0x4a, 0x9d,
0x83, 0xb4, 0xef, 0xb3, 0xf2, 0xcc, 0xf1, 0x91, 0x6c, 0x47, 0xc3, 0x8b,
0xd0, 0x92, 0x79, 0x3d, 0xa0, 0xc0, 0x3a, 0x57, 0x26, 0x6d, 0x0a, 0xad,
0x5f, 0xad, 0xb4, 0x74, 0x48, 0x4a, 0x51, 0xe1, 0xb5, 0x82, 0x0a, 0x4c,
0x4f, 0x9d, 0xaf, 0xee, 0x5a, 0xa2, 0x4d, 0x4d, 0x5f, 0xe0, 0x17, 0x00,
0x23, 0x00, 0x00
};
byte alert_reply[50];
byte expected_alert_reply[] = {
0x15, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
0x02, 0x02, 0x2f
};
fd = wolfSSL_get_fd(ssl);
ret = (int)send(fd, ch_msh_invalid_cookie, sizeof(ch_msh_invalid_cookie), 0);
AssertIntGT(ret, 0);
/* should reply with an illegal_parameter reply */
ret = (int)recv(fd, alert_reply, sizeof(alert_reply), 0);
AssertIntEQ(ret, sizeof(expected_alert_reply));
AssertIntEQ(XMEMCMP(alert_reply, expected_alert_reply, sizeof(expected_alert_reply)), 0);
}
#endif
static word32 test_wolfSSL_dtls_stateless_HashWOLFSSL(const WOLFSSL* ssl)
{
#ifndef NO_MD5
enum wc_HashType hashType = WC_HASH_TYPE_MD5;
#elif !defined(NO_SHA)
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
#elif !defined(NO_SHA256)
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
#error "We need a digest to hash the WOLFSSL object"
#endif
byte hashBuf[WC_MAX_DIGEST_SIZE];
wc_HashAlg hash;
const TLSX* exts = ssl->extensions;
WOLFSSL sslCopy; /* Use a copy to omit certain fields */
HS_Hashes* hsHashes = ssl->hsHashes; /* Is re-allocated in
* InitHandshakeHashes */
XMEMCPY(&sslCopy, ssl, sizeof(*ssl));
XMEMSET(hashBuf, 0, sizeof(hashBuf));
/* Following fields are not important to compare */
XMEMSET(sslCopy.buffers.inputBuffer.staticBuffer, 0, STATIC_BUFFER_LEN);
sslCopy.buffers.inputBuffer.buffer = NULL;
sslCopy.buffers.inputBuffer.bufferSize = 0;
sslCopy.buffers.inputBuffer.dynamicFlag = 0;
sslCopy.buffers.inputBuffer.offset = 0;
XMEMSET(sslCopy.buffers.outputBuffer.staticBuffer, 0, STATIC_BUFFER_LEN);
sslCopy.buffers.outputBuffer.buffer = NULL;
sslCopy.buffers.outputBuffer.bufferSize = 0;
sslCopy.buffers.outputBuffer.dynamicFlag = 0;
sslCopy.buffers.outputBuffer.offset = 0;
sslCopy.error = 0;
sslCopy.curSize = 0;
sslCopy.curStartIdx = 0;
sslCopy.keys.curSeq_lo = 0;
XMEMSET(&sslCopy.curRL, 0, sizeof(sslCopy.curRL));
#ifdef WOLFSSL_DTLS13
XMEMSET(&sslCopy.keys.curSeq, 0, sizeof(sslCopy.keys.curSeq));
sslCopy.dtls13FastTimeout = 0;
#endif
sslCopy.keys.dtls_peer_handshake_number = 0;
XMEMSET(&sslCopy.alert_history, 0, sizeof(sslCopy.alert_history));
sslCopy.hsHashes = NULL;
#ifdef WOLFSSL_ASYNC_IO
#ifdef WOLFSSL_ASYNC_CRYPT
sslCopy.asyncDev = NULL;
#endif
sslCopy.async = NULL;
#endif
AssertIntEQ(wc_HashInit(&hash, hashType), 0);
AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)&sslCopy, sizeof(sslCopy)), 0);
/* hash extension list */
while (exts != NULL) {
AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)exts, sizeof(*exts)), 0);
exts = exts->next;
}
/* Hash suites */
if (sslCopy.suites != NULL) {
AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)sslCopy.suites,
sizeof(struct Suites)), 0);
}
/* Hash hsHashes */
AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)hsHashes,
sizeof(*hsHashes)), 0);
AssertIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
AssertIntEQ(wc_HashFree(&hash, hashType), 0);
return MakeWordFromHash(hashBuf);
}
static CallbackIORecv test_wolfSSL_dtls_compare_stateless_cb;
static int test_wolfSSL_dtls_compare_stateless_cb_call_once;
static int test_wolfSSL_dtls_compare_stateless_read_cb_once(WOLFSSL *ssl,
char *buf, int sz, void *ctx)
{
if (test_wolfSSL_dtls_compare_stateless_cb_call_once) {
test_wolfSSL_dtls_compare_stateless_cb_call_once = 0;
return test_wolfSSL_dtls_compare_stateless_cb(ssl, buf, sz, ctx);
}
else {
return WOLFSSL_CBIO_ERR_WANT_READ;
}
}
static void test_wolfSSL_dtls_compare_stateless(WOLFSSL* ssl)
{
/* Compare the ssl object before and after one ClientHello msg */
SOCKET_T fd = wolfSSL_get_fd(ssl);
int res;
int err;
word32 initHash;
test_wolfSSL_dtls_compare_stateless_cb = ssl->CBIORecv;
test_wolfSSL_dtls_compare_stateless_cb_call_once = 1;
wolfSSL_dtls_set_using_nonblock(ssl, 1);
ssl->CBIORecv = test_wolfSSL_dtls_compare_stateless_read_cb_once;
initHash = test_wolfSSL_dtls_stateless_HashWOLFSSL(ssl);
(void)initHash;
res = tcp_select(fd, 5);
/* We are expecting a msg. A timeout indicates failure. */
AssertIntEQ(res, TEST_RECV_READY);
res = wolfSSL_accept(ssl);
err = wolfSSL_get_error(ssl, res);
AssertIntEQ(res, WOLFSSL_FATAL_ERROR);
AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
AssertIntEQ(initHash, test_wolfSSL_dtls_stateless_HashWOLFSSL(ssl));
wolfSSL_dtls_set_using_nonblock(ssl, 0);
ssl->CBIORecv = test_wolfSSL_dtls_compare_stateless_cb;
}
#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
static void test_wolfSSL_dtls_enable_hrrcookie(WOLFSSL* ssl)
{
int ret;
ret = wolfSSL_send_hrr_cookie(ssl, NULL, 0);
AssertIntEQ(ret, WOLFSSL_SUCCESS);
test_wolfSSL_dtls_compare_stateless(ssl);
}
#endif
static int test_wolfSSL_dtls_stateless(void)
{
callback_functions client_cbs, server_cbs;
size_t i;
struct {
method_provider client_meth;
method_provider server_meth;
ssl_callback client_ssl_ready;
ssl_callback server_ssl_ready;
} test_params[] = {
#if !defined(WOLFSSL_NO_TLS12)
{wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_compare_stateless},
#endif
#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_enable_hrrcookie},
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
test_wolfSSL_dtls_send_ch_with_invalid_cookie, test_wolfSSL_dtls_enable_hrrcookie},
#endif
};
if (0 == sizeof(test_params)){
return TEST_SKIPPED;
}
for (i = 0; i < sizeof(test_params)/sizeof(*test_params); i++) {
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.doUdp = server_cbs.doUdp = 1;
client_cbs.method = test_params[i].client_meth;
server_cbs.method = test_params[i].server_meth;
client_cbs.ssl_ready = test_params[i].client_ssl_ready;
server_cbs.ssl_ready = test_params[i].server_ssl_ready;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
if (!client_cbs.return_code)
return TEST_FAIL;
if (!server_cbs.return_code)
return TEST_FAIL;
}
return TEST_SUCCESS;
}
#else
static int test_wolfSSL_dtls_stateless(void)
{
return TEST_SKIPPED;
}
#endif /* WOLFSSL_DTLS13 && WOLFSSL_SEND_HRR_COOKIE &&
* HAVE_IO_TESTS_DEPENDENCIES && !SINGLE_THREADED */
#ifdef HAVE_CERT_CHAIN_VALIDATION
static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA)
{
int ret;
if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != WOLFSSL_SUCCESS) {
fprintf(stderr, "loading cert %s failed\n", certA);
fprintf(stderr, "Error: (%d): %s\n", ret,
wolfSSL_ERR_reason_error_string(ret));
return -1;
}
return 0;
}
static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA)
{
int ret;
if ((ret = wolfSSL_CertManagerVerify(cm, certA, WOLFSSL_FILETYPE_PEM))
!= WOLFSSL_SUCCESS) {
fprintf(stderr, "could not verify the cert: %s\n", certA);
fprintf(stderr, "Error: (%d): %s\n", ret,
wolfSSL_ERR_reason_error_string(ret));
return -1;
}
else {
fprintf(stderr, "successfully verified: %s\n", certA);
}
return 0;
}
#define LOAD_ONE_CA(a, b, c, d) \
do { \
(a) = load_ca_into_cm(c, d); \
if ((a) != 0) \
return (b); \
else \
(b)--; \
} while(0)
#define VERIFY_ONE_CERT(a, b, c, d) \
do { \
(a) = verify_cert_with_cm(c, d);\
if ((a) != 0) \
return (b); \
else \
(b)--; \
} while(0)
static int test_chainG(WOLFSSL_CERT_MANAGER* cm)
{
int ret;
int i = -1;
/* Chain G is a valid chain per RFC 5280 section 4.2.1.9 */
char chainGArr[9][50] = {"certs/ca-cert.pem",
"certs/test-pathlen/chainG-ICA7-pathlen100.pem",
"certs/test-pathlen/chainG-ICA6-pathlen10.pem",
"certs/test-pathlen/chainG-ICA5-pathlen20.pem",
"certs/test-pathlen/chainG-ICA4-pathlen5.pem",
"certs/test-pathlen/chainG-ICA3-pathlen99.pem",
"certs/test-pathlen/chainG-ICA2-pathlen1.pem",
"certs/test-pathlen/chainG-ICA1-pathlen0.pem",
"certs/test-pathlen/chainG-entity.pem"};
LOAD_ONE_CA(ret, i, cm, chainGArr[0]); /* if failure, i = -1 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[1]); /* if failure, i = -2 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[2]); /* if failure, i = -3 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[3]); /* if failure, i = -4 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[4]); /* if failure, i = -5 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[5]); /* if failure, i = -6 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[6]); /* if failure, i = -7 here */
LOAD_ONE_CA(ret, i, cm, chainGArr[7]); /* if failure, i = -8 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[1]); /* if failure, i = -9 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[2]); /* if failure, i = -10 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[3]); /* if failure, i = -11 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[4]); /* if failure, i = -12 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[5]); /* if failure, i = -13 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[6]); /* if failure, i = -14 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[7]); /* if failure, i = -15 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -16 here */
/* test validating the entity twice, should have no effect on pathLen since
* entity/leaf cert */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -17 here */
return ret;
}
static int test_chainH(WOLFSSL_CERT_MANAGER* cm)
{
int ret;
int i = -1;
/* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9:
* ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2)
* ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1)
* ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0)
* ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR)
* Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1
*/
char chainHArr[6][50] = {"certs/ca-cert.pem",
"certs/test-pathlen/chainH-ICA4-pathlen2.pem",
"certs/test-pathlen/chainH-ICA3-pathlen2.pem",
"certs/test-pathlen/chainH-ICA2-pathlen2.pem",
"certs/test-pathlen/chainH-ICA1-pathlen0.pem",
"certs/test-pathlen/chainH-entity.pem"};
LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */
LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */
LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */
LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */
LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */
VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */
VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */
VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */
VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */
VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */
return ret;
}
static int test_chainI(WOLFSSL_CERT_MANAGER* cm)
{
int ret;
int i = -1;
/* Chain I is a valid chain per RFC5280 section 4.2.1.9:
* ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 2)
* ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 1)
* ICA1-no_pathlen signing entity (reduce maxPathLen to 0)
* Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1
*/
char chainIArr[5][50] = {"certs/ca-cert.pem",
"certs/test-pathlen/chainI-ICA3-pathlen2.pem",
"certs/test-pathlen/chainI-ICA2-no_pathlen.pem",
"certs/test-pathlen/chainI-ICA1-no_pathlen.pem",
"certs/test-pathlen/chainI-entity.pem"};
LOAD_ONE_CA(ret, i, cm, chainIArr[0]); /* if failure, i = -1 here */
LOAD_ONE_CA(ret, i, cm, chainIArr[1]); /* if failure, i = -2 here */
LOAD_ONE_CA(ret, i, cm, chainIArr[2]); /* if failure, i = -3 here */
LOAD_ONE_CA(ret, i, cm, chainIArr[3]); /* if failure, i = -4 here */
VERIFY_ONE_CERT(ret, i, cm, chainIArr[1]); /* if failure, i = -5 here */
VERIFY_ONE_CERT(ret, i, cm, chainIArr[2]); /* if failure, i = -6 here */
VERIFY_ONE_CERT(ret, i, cm, chainIArr[3]); /* if failure, i = -7 here */
VERIFY_ONE_CERT(ret, i, cm, chainIArr[4]); /* if failure, i = -8 here */
return ret;
}
static int test_chainJ(WOLFSSL_CERT_MANAGER* cm)
{
int ret;
int i = -1;
/* Chain J is NOT a valid chain per RFC5280 section 4.2.1.9:
* ICA4-pathlen of 2 signing ICA3 without a pathlen (reduce maxPathLen to 2)
* ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 1)
* ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 0)
* ICA1-no_pathlen signing entity (ERROR, pathlen zero and non-leaf cert)
*/
char chainJArr[6][50] = {"certs/ca-cert.pem",
"certs/test-pathlen/chainJ-ICA4-pathlen2.pem",
"certs/test-pathlen/chainJ-ICA3-no_pathlen.pem",
"certs/test-pathlen/chainJ-ICA2-no_pathlen.pem",
"certs/test-pathlen/chainJ-ICA1-no_pathlen.pem",
"certs/test-pathlen/chainJ-entity.pem"};
LOAD_ONE_CA(ret, i, cm, chainJArr[0]); /* if failure, i = -1 here */
LOAD_ONE_CA(ret, i, cm, chainJArr[1]); /* if failure, i = -2 here */
LOAD_ONE_CA(ret, i, cm, chainJArr[2]); /* if failure, i = -3 here */
LOAD_ONE_CA(ret, i, cm, chainJArr[3]); /* if failure, i = -4 here */
LOAD_ONE_CA(ret, i, cm, chainJArr[4]); /* if failure, i = -5 here */
VERIFY_ONE_CERT(ret, i, cm, chainJArr[1]); /* if failure, i = -6 here */
VERIFY_ONE_CERT(ret, i, cm, chainJArr[2]); /* if failure, i = -7 here */
VERIFY_ONE_CERT(ret, i, cm, chainJArr[3]); /* if failure, i = -8 here */
VERIFY_ONE_CERT(ret, i, cm, chainJArr[4]); /* if failure, i = -9 here */
VERIFY_ONE_CERT(ret, i, cm, chainJArr[5]); /* if failure, i = -10 here */
return ret;
}
static int test_various_pathlen_chains(void)
{
EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm = NULL;
/* Test chain G (large chain with varying pathLens) */
ExpectNotNull(cm = wolfSSL_CertManagerNew());
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(test_chainG(cm), -1);
#else
ExpectIntEQ(test_chainG(cm), 0);
#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
/* end test chain G */
/* Test chain H (5 chain with same pathLens) */
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntLT(test_chainH(cm), 0);
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
/* end test chain H */
/* Test chain I (only first ICA has pathLen set and it's set to 2,
* followed by 2 ICA's, should pass) */
ExpectNotNull(cm = wolfSSL_CertManagerNew());
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(test_chainI(cm), -1);
#else
ExpectIntEQ(test_chainI(cm), 0);
#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
cm = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
cm = NULL;
/* Test chain J (Again only first ICA has pathLen set and it's set to 2,
* this time followed by 3 ICA's, should fail */
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntLT(test_chainJ(cm), 0);
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
cm = NULL;
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
return EXPECT_RESULT();
}
#endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */
#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_export_keying_material_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
{
EXPECT_DECLS;
byte ekm[100] = {0};
(void)ctx;
/* Success Cases */
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"Test label", XSTR_SIZEOF("Test label"), NULL, 0, 0), 1);
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"Test label", XSTR_SIZEOF("Test label"), NULL, 0, 1), 1);
/* Use some random context */
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"Test label", XSTR_SIZEOF("Test label"), ekm, 10, 1), 1);
/* Failure cases */
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"client finished", XSTR_SIZEOF("client finished"), NULL, 0, 0), 0);
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"server finished", XSTR_SIZEOF("server finished"), NULL, 0, 0), 0);
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"master secret", XSTR_SIZEOF("master secret"), NULL, 0, 0), 0);
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"extended master secret", XSTR_SIZEOF("extended master secret"),
NULL, 0, 0), 0);
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"key expansion", XSTR_SIZEOF("key expansion"), NULL, 0, 0), 0);
return EXPECT_RESULT();
}
static int test_export_keying_material_ssl_cb(WOLFSSL* ssl)
{
wolfSSL_KeepArrays(ssl);
return TEST_SUCCESS;
}
static int test_export_keying_material(void)
{
EXPECT_DECLS;
test_ssl_cbf serverCb;
test_ssl_cbf clientCb;
XMEMSET(&serverCb, 0, sizeof(serverCb));
XMEMSET(&clientCb, 0, sizeof(clientCb));
clientCb.ssl_ready = test_export_keying_material_ssl_cb;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&clientCb,
&serverCb, test_export_keying_material_cb), TEST_SUCCESS);
return EXPECT_RESULT();
}
#endif /* HAVE_KEYING_MATERIAL */
static int test_wolfSSL_THREADID_hash(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
CRYPTO_THREADID id;
CRYPTO_THREADID_current(NULL);
/* Hash result is unsigned long. */
ExpectTrue(CRYPTO_THREADID_hash(NULL) == 0UL);
XMEMSET(&id, 0, sizeof(id));
ExpectTrue(CRYPTO_THREADID_hash(&id) == 0UL);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_set_ecdh_auto(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
WOLFSSL* ssl = NULL;
ExpectIntEQ(SSL_set_ecdh_auto(NULL,0), 1);
ExpectIntEQ(SSL_set_ecdh_auto(NULL,1), 1);
ExpectIntEQ(SSL_set_ecdh_auto(ssl,0), 1);
ExpectIntEQ(SSL_set_ecdh_auto(ssl,1), 1);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_ecdh_auto(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
WOLFSSL_CTX* ctx = NULL;
ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,0), 1);
ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,1), 1);
ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,0), 1);
ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,1), 1);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
{
EXPECT_DECLS;
callback_functions* callbacks = NULL;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
SOCKET_T sfd = 0;
SOCKET_T cfd = 0;
word16 port;
char msg[] = "I hear you fa shizzle!";
int len = (int) XSTRLEN(msg);
char input[1024];
int ret = 0;
int err = 0;
if (!args)
WOLFSSL_RETURN_FROM_THREAD(0);
((func_args*)args)->return_code = TEST_FAIL;
callbacks = ((func_args*)args)->callbacks;
ctx = wolfSSL_CTX_new(callbacks->method());
#if defined(USE_WINDOWS_API)
port = ((func_args*)args)->signal->port;
#else
/* Let tcp_listen assign port */
port = 0;
#endif
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx,
svrCertFile, WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx,
svrKeyFile, WOLFSSL_FILETYPE_PEM));
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
ExpectIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#elif !defined(NO_DH)
SetDHCtx(ctx); /* will repick suites with DHE, higher priority than PSK */
#endif
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
ssl = wolfSSL_new(ctx);
ExpectNotNull(ssl);
/* listen and accept */
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
CloseSocket(sfd);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
if (EXPECT_SUCCESS()) {
do {
err = 0; /* Reset error */
ret = wolfSSL_accept(ssl);
if (ret != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
}
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
/* read and write data */
XMEMSET(input, 0, sizeof(input));
while (EXPECT_SUCCESS()) {
ret = wolfSSL_read(ssl, input, sizeof(input));
if (ret > 0) {
break;
}
else {
err = wolfSSL_get_error(ssl,ret);
if (err == WOLFSSL_ERROR_WANT_READ) {
continue;
}
break;
}
}
if (EXPECT_SUCCESS() && (err == WOLFSSL_ERROR_ZERO_RETURN)) {
do {
ret = wolfSSL_write(ssl, msg, len);
if (ret > 0) {
break;
}
} while (ret < 0);
}
/* bidirectional shutdown */
while (EXPECT_SUCCESS()) {
ret = wolfSSL_shutdown(ssl);
ExpectIntNE(ret, WOLFSSL_FATAL_ERROR);
if (ret == WOLFSSL_SUCCESS) {
break;
}
}
if (EXPECT_SUCCESS()) {
/* wait for the peer to disconnect the tcp connection */
do {
ret = wolfSSL_read(ssl, input, sizeof(input));
err = wolfSSL_get_error(ssl, ret);
} while (ret > 0 || err != WOLFSSL_ERROR_ZERO_RETURN);
}
/* detect TCP disconnect */
ExpectIntLE(ret,WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_get_error(ssl, ret), WOLFSSL_ERROR_ZERO_RETURN);
((func_args*)args)->return_code = EXPECT_RESULT();
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(cfd);
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
{
EXPECT_DECLS;
callback_functions* callbacks = NULL;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
SOCKET_T sfd = 0;
char msg[] = "hello wolfssl server!";
int len = (int) XSTRLEN(msg);
char input[1024];
int idx;
int ret, err;
if (!args)
WOLFSSL_RETURN_FROM_THREAD(0);
((func_args*)args)->return_code = TEST_FAIL;
callbacks = ((func_args*)args)->callbacks;
ctx = wolfSSL_CTX_new(callbacks->method());
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
caCertFile, 0));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx,
cliCertFile, WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx,
cliKeyFile, WOLFSSL_FILETYPE_PEM));
ExpectNotNull((ssl = wolfSSL_new(ctx)));
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, ssl);
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd));
if (EXPECT_SUCCESS()) {
do {
err = 0; /* Reset error */
ret = wolfSSL_connect(ssl);
if (ret != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
}
} while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
}
ExpectIntGE(wolfSSL_write(ssl, msg, len), 0);
if (EXPECT_SUCCESS()) {
if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
input[idx] = 0;
}
}
if (EXPECT_SUCCESS()) {
ret = wolfSSL_shutdown(ssl);
if (ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
ret = wolfSSL_shutdown(ssl);
}
}
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
((func_args*)args)->return_code = EXPECT_RESULT();
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
CloseSocket(sfd);
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* OPENSSL_EXTRA && WOLFSSL_ERROR_CODE_OPENSSL &&
HAVE_IO_TESTS_DEPENDENCIES && !WOLFSSL_NO_TLS12 */
/* This test is to check wolfSSL_read behaves as same as
* openSSL when it is called after SSL_shutdown completes.
*/
static int test_wolfSSL_read_detect_TCP_disconnect(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
THREAD_TYPE clientThread;
callback_functions server_cbf;
callback_functions client_cbf;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
StartTCP();
InitTcpReady(&ready);
#if defined(USE_WINDOWS_API)
/* use RNG to get random port if using windows */
ready.port = GetRandomPort();
#endif
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
XMEMSET(&server_cbf, 0, sizeof(callback_functions));
XMEMSET(&client_cbf, 0, sizeof(callback_functions));
server_cbf.method = wolfTLSv1_2_server_method;
client_cbf.method = wolfTLSv1_2_client_method;
server_args.callbacks = &server_cbf;
client_args.callbacks = &client_cbf;
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(SSL_read_test_server_thread, &server_args, &serverThread);
wait_tcp_ready(&server_args);
start_thread(SSL_read_test_client_thread, &client_args, &clientThread);
join_thread(clientThread);
join_thread(serverThread);
ExpectTrue(client_args.return_code);
ExpectTrue(server_args.return_code);
FreeTcpReady(&ready);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get_min_proto_version(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, SSL3_VERSION),
WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ALLOW_SSLV3
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
#else
ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
#endif
wolfSSL_CTX_free(ctx);
ctx = NULL;
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_TLSV10
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
#endif
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_VERSION),
WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ALLOW_TLSV10
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
#else
ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
#endif
wolfSSL_CTX_free(ctx);
ctx = NULL;
#endif
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION),
WOLFSSL_SUCCESS);
#ifndef NO_OLD_TLS
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
#else
ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
#endif
wolfSSL_CTX_free(ctx);
ctx = NULL;
#ifndef WOLFSSL_NO_TLS12
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_method()));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
wolfSSL_CTX_free(ctx);
ctx = NULL;
#endif
#ifdef WOLFSSL_TLS13
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_method()));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_3_VERSION);
wolfSSL_CTX_free(ctx);
ctx = NULL;
#endif
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))
static int test_wolfSSL_set_SSL_CTX(void)
{
EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) \
&& !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_TLS13) && \
!defined(NO_RSA)
WOLFSSL_CTX *ctx1 = NULL;
WOLFSSL_CTX *ctx2 = NULL;
WOLFSSL *ssl = NULL;
const byte *session_id1 = (const byte *)"CTX1";
const byte *session_id2 = (const byte *)"CTX2";
ExpectNotNull(ctx1 = wolfSSL_CTX_new(wolfTLS_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx1, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx1, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx1, TLS1_2_VERSION),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx1), TLS1_2_VERSION);
ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx1), TLS1_3_VERSION);
ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx1, session_id1, 4),
WOLFSSL_SUCCESS);
ExpectNotNull(ctx2 = wolfSSL_CTX_new(wolfTLS_server_method()));
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx2, svrCertFile,
WOLFSSL_FILETYPE_PEM));
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx2, svrKeyFile,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx2, TLS1_2_VERSION),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx2, TLS1_2_VERSION),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx2), TLS1_2_VERSION);
ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx2), TLS1_2_VERSION);
ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx2, session_id2, 4),
WOLFSSL_SUCCESS);
#ifdef HAVE_SESSION_TICKET
ExpectIntEQ((wolfSSL_CTX_get_options(ctx1) & SSL_OP_NO_TICKET), 0);
wolfSSL_CTX_set_options(ctx2, SSL_OP_NO_TICKET);
ExpectIntNE((wolfSSL_CTX_get_options(ctx2) & SSL_OP_NO_TICKET), 0);
#endif
ExpectNotNull(ssl = wolfSSL_new(ctx2));
ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
#ifdef WOLFSSL_INT_H
#ifdef WOLFSSL_SESSION_ID_CTX
ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0);
#endif
ExpectTrue(ssl->buffers.certificate == ctx2->certificate);
ExpectTrue(ssl->buffers.certChain == ctx2->certChain);
#endif
#ifdef HAVE_SESSION_TICKET
ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
#endif
/* Set the ctx1 that has TLSv1.3 as max proto version */
ExpectNotNull(wolfSSL_set_SSL_CTX(ssl, ctx1));
/* MUST not change proto versions of ssl */
ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
#ifdef HAVE_SESSION_TICKET
/* MUST not change */
ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
#endif
/* MUST change */
#ifdef WOLFSSL_INT_H
ExpectTrue(ssl->buffers.certificate == ctx1->certificate);
ExpectTrue(ssl->buffers.certChain == ctx1->certChain);
#ifdef WOLFSSL_SESSION_ID_CTX
ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0);
#endif
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx1);
wolfSSL_CTX_free(ctx2);
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
return EXPECT_RESULT();
}
#endif /* defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))) */
static int test_wolfSSL_security_level(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
SSL_CTX *ctx = NULL;
#ifdef WOLFSSL_TLS13
#ifdef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
SSL_CTX_set_security_level(NULL, 1);
SSL_CTX_set_security_level(ctx, 1);
ExpectIntEQ(SSL_CTX_get_security_level(NULL), 0);
/* Stub so nothing happens. */
ExpectIntEQ(SSL_CTX_get_security_level(ctx), 0);
SSL_CTX_free(ctx);
#else
(void)ctx;
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SSL_in_init(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_BIO)
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
const char* testCertFile;
const char* testKeyFile;
#ifdef WOLFSSL_TLS13
#ifdef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
#else
#ifdef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
#endif
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#else
testCertFile = NULL;
testKeyFile = NULL;
#endif
if ((testCertFile != NULL) && (testKeyFile != NULL)) {
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
SSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_in_init(ssl), 1);
SSL_CTX_free(ctx);
SSL_free(ssl);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_timeout(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE)
int timeout;
WOLFSSL_CTX* ctx = NULL;
(void)timeout;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
/* in WOLFSSL_ERROR_CODE_OPENSSL macro guard,
* wolfSSL_CTX_set_timeout returns previous timeout value on success.
*/
ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
/* giving 0 as timeout value sets default timeout */
timeout = wolfSSL_CTX_set_timeout(ctx, 0);
ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 20), timeout);
ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 30), 20);
#else
ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 100), 1);
ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 0), 1);
#endif
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/
return EXPECT_RESULT();
}
static int test_wolfSSL_OpenSSL_version(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
const char* ver;
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
ExpectNotNull(ver = OpenSSL_version(0));
#else
ExpectNotNull(ver = OpenSSL_version());
#endif
ExpectIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING,
XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0);
#endif
return EXPECT_RESULT();
}
static int test_CONF_CTX_CMDLINE(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
SSL_CTX* ctx = NULL;
SSL_CONF_CTX* cctx = NULL;
ExpectNotNull(cctx = SSL_CONF_CTX_new());
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
/* set flags */
ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CMDLINE),
WOLFSSL_CONF_FLAG_CMDLINE);
ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
WOLFSSL_CONF_FLAG_CMDLINE | WOLFSSL_CONF_FLAG_CERTIFICATE);
/* cmd invalid command */
ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
/* cmd Certificate and Private Key*/
{
#if !defined(NO_CERTS) && !defined(NO_RSA)
const char* ourCert = svrCertFile;
const char* ourKey = svrKeyFile;
ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", ourCert), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", ourKey), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
/* cmd curves */
{
#if defined(HAVE_ECC)
const char* curve = "secp256r1";
ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", curve), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
/* cmd CipherString */
{
char* cipher = wolfSSL_get_cipher_list(0/*top priority*/);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", cipher), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
}
/* cmd DH parameter */
{
#if !defined(NO_DH) && !defined(NO_BIO)
const char* ourdhcert = "./certs/dh2048.pem";
ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", ourdhcert), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
SSL_CTX_free(ctx);
SSL_CONF_CTX_free(cctx);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_CONF_CTX_FILE(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
SSL_CTX* ctx = NULL;
SSL_CONF_CTX* cctx = NULL;
ExpectNotNull(cctx = SSL_CONF_CTX_new());
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
/* set flags */
ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_FILE),
WOLFSSL_CONF_FLAG_FILE);
ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
WOLFSSL_CONF_FLAG_FILE | WOLFSSL_CONF_FLAG_CERTIFICATE);
/* sanity check */
ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
/* cmd Certificate and Private Key*/
{
#if !defined(NO_CERTS) && !defined(NO_RSA)
const char* ourCert = svrCertFile;
const char* ourKey = svrKeyFile;
ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", ourCert),
WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", ourKey), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
/* cmd curves */
{
#if defined(HAVE_ECC)
const char* curve = "secp256r1";
ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", curve), WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
/* cmd CipherString */
{
char* cipher = wolfSSL_get_cipher_list(0/*top priority*/);
ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", cipher),
WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
}
/* cmd DH parameter */
{
#if !defined(NO_DH) && !defined(NO_BIO) && defined(HAVE_FFDHE_3072)
const char* ourdhcert = "./certs/dh3072.pem";
ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", NULL), -3);
ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", ourdhcert),
WOLFSSL_SUCCESS);
ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
SSL_CTX_free(ctx);
SSL_CONF_CTX_free(cctx);
#endif /* OPENSSL_EXTRA */
return EXPECT_RESULT();
}
static int test_wolfSSL_CRYPTO_get_ex_new_index(void)
{
EXPECT_DECLS;
#ifdef HAVE_EX_DATA
int idx1, idx2;
/* test for unsupported class index */
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(
WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG,
0,NULL, NULL, NULL, NULL ), -1);
ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20,
0,NULL, NULL, NULL, NULL ), -1);
/* test for supported class index */
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
0,NULL, NULL, NULL, NULL );
ExpectIntNE(idx1, -1);
ExpectIntNE(idx2, -1);
ExpectIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
0,NULL, NULL, NULL, NULL );
ExpectIntNE(idx1, -1);
ExpectIntNE(idx2, -1);
ExpectIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
0,NULL, NULL, NULL, NULL );
ExpectIntNE(idx1, -1);
ExpectIntNE(idx2, -1);
ExpectIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
0,NULL, NULL, NULL, NULL );
ExpectIntNE(idx1, -1);
ExpectIntNE(idx2, -1);
ExpectIntNE(idx1, idx2);
#endif /* HAVE_EX_DATA */
return EXPECT_RESULT();
}
#if defined(HAVE_EX_DATA) && defined(HAVE_EXT_CACHE) && \
(defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))))
#define SESSION_NEW_IDX_LONG 0xDEADBEEF
#define SESSION_NEW_IDX_VAL ((void*)0xAEADAEAD)
#define SESSION_DUP_IDX_VAL ((void*)0xDEDEDEDE)
#define SESSION_NEW_IDX_PTR "Testing"
static void test_wolfSSL_SESSION_get_ex_new_index_new_cb(void* p, void* ptr,
CRYPTO_EX_DATA* a, int idx, long argValue, void* arg)
{
AssertNotNull(p);
AssertNull(ptr);
AssertIntEQ(CRYPTO_set_ex_data(a, idx, SESSION_NEW_IDX_VAL), SSL_SUCCESS);
AssertIntEQ(argValue, SESSION_NEW_IDX_LONG);
AssertStrEQ(arg, SESSION_NEW_IDX_PTR);
}
static int test_wolfSSL_SESSION_get_ex_new_index_dup_cb(CRYPTO_EX_DATA* out,
const CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV,
void* arg)
{
EXPECT_DECLS;
ExpectNotNull(out);
ExpectNotNull(in);
ExpectPtrEq(*(void**)inPtr, SESSION_NEW_IDX_VAL);
ExpectPtrEq(CRYPTO_get_ex_data(in, idx), SESSION_NEW_IDX_VAL);
ExpectPtrEq(CRYPTO_get_ex_data(out, idx), SESSION_NEW_IDX_VAL);
ExpectIntEQ(argV, SESSION_NEW_IDX_LONG);
ExpectStrEQ(arg, SESSION_NEW_IDX_PTR);
*(void**)inPtr = SESSION_DUP_IDX_VAL;
if (EXPECT_SUCCESS()) {
return SSL_SUCCESS;
}
else {
return SSL_FAILURE;
}
}
static int test_wolfSSL_SESSION_get_ex_new_index_free_cb_called = 0;
static void test_wolfSSL_SESSION_get_ex_new_index_free_cb(void* p, void* ptr,
CRYPTO_EX_DATA* a, int idx, long argValue, void* arg)
{
EXPECT_DECLS;
ExpectNotNull(p);
ExpectNull(ptr);
ExpectPtrNE(CRYPTO_get_ex_data(a, idx), 0);
ExpectIntEQ(argValue, SESSION_NEW_IDX_LONG);
ExpectStrEQ(arg, SESSION_NEW_IDX_PTR);
if (EXPECT_SUCCESS()) {
test_wolfSSL_SESSION_get_ex_new_index_free_cb_called++;
}
}
static int test_wolfSSL_SESSION_get_ex_new_index(void)
{
EXPECT_DECLS;
int idx = SSL_SESSION_get_ex_new_index(SESSION_NEW_IDX_LONG,
(void*)SESSION_NEW_IDX_PTR,
test_wolfSSL_SESSION_get_ex_new_index_new_cb,
test_wolfSSL_SESSION_get_ex_new_index_dup_cb,
test_wolfSSL_SESSION_get_ex_new_index_free_cb);
SSL_SESSION* s = SSL_SESSION_new();
SSL_SESSION* d = NULL;
ExpectNotNull(s);
ExpectPtrEq(SSL_SESSION_get_ex_data(s, idx), SESSION_NEW_IDX_VAL);
ExpectNotNull(d = SSL_SESSION_dup(s));
ExpectPtrEq(SSL_SESSION_get_ex_data(d, idx), SESSION_DUP_IDX_VAL);
SSL_SESSION_free(s);
ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 1);
SSL_SESSION_free(d);
ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 2);
crypto_ex_cb_free(crypto_ex_cb_ctx_session);
crypto_ex_cb_ctx_session = NULL;
return EXPECT_RESULT();
}
#else
static int test_wolfSSL_SESSION_get_ex_new_index(void)
{
return TEST_SKIPPED;
}
#endif
static int test_wolfSSL_set_psk_use_session_callback(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
const char* testCertFile;
const char* testKeyFile;
#ifdef WOLFSSL_TLS13
#ifdef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
#else
#ifdef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
#endif
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#else
testCertFile = NULL;
testKeyFile = NULL;
#endif
if ((testCertFile != NULL) && (testKeyFile != NULL)) {
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
SSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = SSL_new(ctx));
SSL_set_psk_use_session_callback(ssl, my_psk_use_session_cb);
SSL_CTX_free(ctx);
SSL_free(ssl);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_ERR_strings(void)
{
EXPECT_DECLS;
#if !defined(NO_ERROR_STRINGS)
const char* err1 = "unsupported cipher suite";
const char* err2 = "wolfSSL PEM routines";
const char* err = NULL;
(void)err;
(void)err1;
(void)err2;
#if defined(OPENSSL_EXTRA)
ExpectNotNull(err = ERR_reason_error_string(UNSUPPORTED_SUITE));
ExpectIntEQ(XSTRNCMP(err, err1, XSTRLEN(err1)), 0);
ExpectNotNull(err = ERR_func_error_string(UNSUPPORTED_SUITE));
ExpectIntEQ((*err == '\0'), 1);
ExpectNotNull(err = ERR_lib_error_string(PEM_R_PROBLEMS_GETTING_PASSWORD));
ExpectIntEQ(XSTRNCMP(err, err2, XSTRLEN(err2)), 0);
#else
ExpectNotNull(err = wolfSSL_ERR_reason_error_string(UNSUPPORTED_SUITE));
ExpectIntEQ(XSTRNCMP(err, err1, XSTRLEN(err1)), 0);
ExpectNotNull(err = wolfSSL_ERR_func_error_string(UNSUPPORTED_SUITE));
ExpectIntEQ((*err == '\0'), 1);
/* The value -MIN_CODE_E+2 is PEM_R_PROBLEMS_GETTING_PASSWORD. */
ExpectNotNull(err = wolfSSL_ERR_lib_error_string(-MIN_CODE_E+2));
ExpectIntEQ((*err == '\0'), 1);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_shake128(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \
defined(WOLFSSL_SHAKE128)
const EVP_MD* md = NULL;
ExpectNotNull(md = EVP_shake128());
ExpectIntEQ(XSTRNCMP(md, "SHAKE128", XSTRLEN("SHAKE128")), 0);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_shake256(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \
defined(WOLFSSL_SHAKE256)
const EVP_MD* md = NULL;
ExpectNotNull(md = EVP_shake256());
ExpectIntEQ(XSTRNCMP(md, "SHAKE256", XSTRLEN("SHAKE256")), 0);
#endif
return EXPECT_RESULT();
}
/*
* Testing EVP digest API with SM3
*/
static int test_wolfSSL_EVP_sm3(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM3)
EXPECT_DECLS;
const EVP_MD* md = NULL;
EVP_MD_CTX* mdCtx = NULL;
byte data[WC_SM3_BLOCK_SIZE * 4];
byte hash[WC_SM3_DIGEST_SIZE];
byte calcHash[WC_SM3_DIGEST_SIZE];
byte expHash[WC_SM3_DIGEST_SIZE] = {
0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27,
0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1,
0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b,
0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6
};
word32 chunk;
word32 i;
unsigned int sz;
int ret;
XMEMSET(data, 0, sizeof(data));
md = EVP_sm3();
ExpectTrue(md != NULL);
ExpectIntEQ(XSTRNCMP(md, "SM3", XSTRLEN("SM3")), 0);
mdCtx = EVP_MD_CTX_new();
ExpectTrue(mdCtx != NULL);
/* Invalid Parameters */
ExpectIntEQ(EVP_DigestInit(NULL, md), BAD_FUNC_ARG);
/* Valid Parameters */
ExpectIntEQ(EVP_DigestInit(mdCtx, md), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestUpdate(NULL, NULL, 1), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 1), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_DigestUpdate(NULL, data, 1), WOLFSSL_FAILURE);
/* Valid Parameters */
ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE - 2),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE * 2),
WOLFSSL_SUCCESS);
/* Ensure too many bytes for lengths. */
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_PAD_SIZE),
WOLFSSL_SUCCESS);
/* Invalid Parameters */
ExpectIntEQ(EVP_DigestFinal(NULL, NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE);
ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE);
/* Valid Parameters */
ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS);
ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE);
/* Chunk tests. */
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, sizeof(data)), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_DigestFinal(mdCtx, calcHash, &sz), WOLFSSL_SUCCESS);
ExpectIntEQ(sz, WC_SM3_DIGEST_SIZE);
for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) {
for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) {
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i, chunk),
WOLFSSL_SUCCESS);
}
if (i < (word32)sizeof(data)) {
ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i,
(word32)sizeof(data) - i), WOLFSSL_SUCCESS);
}
ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS);
ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
}
/* Not testing when the low 32-bit length overflows. */
ret = EVP_MD_CTX_cleanup(mdCtx);
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
wolfSSL_EVP_MD_CTX_free(mdCtx);
res = EXPECT_RESULT();
#endif
return res;
} /* END test_EVP_sm3 */
static int test_EVP_blake2(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && (defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S))
const EVP_MD* md = NULL;
(void)md;
#if defined(HAVE_BLAKE2)
ExpectNotNull(md = EVP_blake2b512());
ExpectIntEQ(XSTRNCMP(md, "BLAKE2B512", XSTRLEN("BLAKE2B512")), 0);
#endif
#if defined(HAVE_BLAKE2S)
ExpectNotNull(md = EVP_blake2s256());
ExpectIntEQ(XSTRNCMP(md, "BLAKE2S256", XSTRLEN("BLAKE2S256")), 0);
#endif
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA)
static void list_md_fn(const EVP_MD* m, const char* from,
const char* to, void* arg)
{
const char* mn;
BIO *bio;
(void) from;
(void) to;
(void) arg;
(void) mn;
(void) bio;
if (!m) {
/* alias */
AssertNull(m);
AssertNotNull(to);
}
else {
AssertNotNull(m);
AssertNull(to);
}
AssertNotNull(from);
#if !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL_VERBOSE)
mn = EVP_get_digestbyname(from);
/* print to stderr */
AssertNotNull(arg);
bio = BIO_new(BIO_s_file());
BIO_set_fp(bio, arg, BIO_NOCLOSE);
BIO_printf(bio, "Use %s message digest algorithm\n", mn);
BIO_free(bio);
#endif
}
#endif
static int test_EVP_MD_do_all(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
EVP_MD_do_all(NULL, stderr);
EVP_MD_do_all(list_md_fn, stderr);
res = TEST_SUCCESS;
#endif
return res;
}
#if defined(OPENSSL_EXTRA)
static void obj_name_t(const OBJ_NAME* nm, void* arg)
{
(void)arg;
(void)nm;
AssertIntGT(nm->type, OBJ_NAME_TYPE_UNDEF);
#if !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL_VERBOSE)
/* print to stderr */
AssertNotNull(arg);
BIO *bio = BIO_new(BIO_s_file());
BIO_set_fp(bio, arg, BIO_NOCLOSE);
BIO_printf(bio, "%s\n", nm);
BIO_free(bio);
#endif
}
#endif
static int test_OBJ_NAME_do_all(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, NULL, NULL);
OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, NULL, stderr);
OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, obj_name_t, stderr);
OBJ_NAME_do_all(OBJ_NAME_TYPE_PKEY_METH, obj_name_t, stderr);
OBJ_NAME_do_all(OBJ_NAME_TYPE_COMP_METH, obj_name_t, stderr);
OBJ_NAME_do_all(OBJ_NAME_TYPE_NUM, obj_name_t, stderr);
OBJ_NAME_do_all(OBJ_NAME_TYPE_UNDEF, obj_name_t, stderr);
OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, obj_name_t, stderr);
OBJ_NAME_do_all(-1, obj_name_t, stderr);
res = TEST_SUCCESS;
#endif
return res;
}
static int test_SSL_CIPHER_get_xxx(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM)
const SSL_CIPHER* cipher = NULL;
STACK_OF(SSL_CIPHER) *supportedCiphers = NULL;
int i, numCiphers = 0;
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
const char* testCertFile;
const char* testKeyFile;
char buf[256] = {0};
const char* cipher_id = NULL;
int expect_nid1 = NID_undef;
int expect_nid2 = NID_undef;
int expect_nid3 = NID_undef;
int expect_nid4 = NID_undef;
int expect_nid5 = 0;
const char* cipher_id2 = NULL;
int expect_nid21 = NID_undef;
int expect_nid22 = NID_undef;
int expect_nid23 = NID_undef;
int expect_nid24 = NID_undef;
int expect_nid25 = 0;
(void)cipher;
(void)supportedCiphers;
(void)i;
(void)numCiphers;
(void)ctx;
(void)ssl;
(void)testCertFile;
(void)testKeyFile;
#if defined(WOLFSSL_TLS13)
cipher_id = "TLS13-AES128-GCM-SHA256";
expect_nid1 = NID_auth_rsa;
expect_nid2 = NID_aes_128_gcm;
expect_nid3 = NID_sha256;
expect_nid4 = NID_kx_any;
expect_nid5 = 1;
#if !defined(WOLFSSL_NO_TLS12)
cipher_id2 = "ECDHE-RSA-AES256-GCM-SHA384";
expect_nid21 = NID_auth_rsa;
expect_nid22 = NID_aes_256_gcm;
expect_nid23 = NID_sha384;
expect_nid24 = NID_kx_ecdhe;
expect_nid25 = 1;
#endif
#endif
#ifdef NO_WOLFSSL_SERVER
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#else
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
if (cipher_id) {
#ifndef NO_RSA
testCertFile = svrCertFile;
testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
testCertFile = eccCertFile;
testKeyFile = eccKeyFile;
#else
testCertFile = NULL;
testKeyFile = NULL;
#endif
if (testCertFile != NULL && testKeyFile != NULL) {
ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
SSL_FILETYPE_PEM));
ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
SSL_FILETYPE_PEM));
}
ExpectNotNull(ssl = SSL_new(ctx));
ExpectIntEQ(SSL_in_init(ssl), 1);
supportedCiphers = SSL_get_ciphers(ssl);
numCiphers = sk_num(supportedCiphers);
for (i = 0; i < numCiphers; ++i) {
if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) {
SSL_CIPHER_description(cipher, buf, sizeof(buf));
}
if (XMEMCMP(cipher_id, buf, XSTRLEN(cipher_id)) == 0) {
break;
}
}
/* test case for */
if (i != numCiphers) {
ExpectIntEQ(wolfSSL_CIPHER_get_auth_nid(cipher), expect_nid1);
ExpectIntEQ(wolfSSL_CIPHER_get_cipher_nid(cipher), expect_nid2);
ExpectIntEQ(wolfSSL_CIPHER_get_digest_nid(cipher), expect_nid3);
ExpectIntEQ(wolfSSL_CIPHER_get_kx_nid(cipher), expect_nid4);
ExpectIntEQ(wolfSSL_CIPHER_is_aead(cipher), expect_nid5);
}
if (cipher_id2) {
for (i = 0; i < numCiphers; ++i) {
if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) {
SSL_CIPHER_description(cipher, buf, sizeof(buf));
}
if (XMEMCMP(cipher_id2, buf, XSTRLEN(cipher_id2)) == 0) {
break;
}
}
/* test case for */
if (i != numCiphers) {
ExpectIntEQ(wolfSSL_CIPHER_get_auth_nid(cipher), expect_nid21);
ExpectIntEQ(wolfSSL_CIPHER_get_cipher_nid(cipher), expect_nid22);
ExpectIntEQ(wolfSSL_CIPHER_get_digest_nid(cipher), expect_nid23);
ExpectIntEQ(wolfSSL_CIPHER_get_kx_nid(cipher), expect_nid24);
ExpectIntEQ(wolfSSL_CIPHER_is_aead(cipher), expect_nid25);
}
}
}
SSL_CTX_free(ctx);
SSL_free(ssl);
#endif
return EXPECT_RESULT();
}
#if defined(WOLF_CRYPTO_CB) && defined(HAVE_IO_TESTS_DEPENDENCIES)
static int load_pem_key_file_as_der(const char* privKeyFile, DerBuffer** pDer,
int* keyFormat)
{
int ret;
byte* key_buf = NULL;
size_t key_sz = 0;
EncryptedInfo encInfo;
XMEMSET(&encInfo, 0, sizeof(encInfo));
ret = load_file(privKeyFile, &key_buf, &key_sz);
if (ret == 0) {
ret = wc_PemToDer(key_buf, key_sz, PRIVATEKEY_TYPE, pDer,
NULL, &encInfo, keyFormat);
}
if (key_buf != NULL) {
free(key_buf); key_buf = NULL;
}
(void)encInfo; /* not used in this test */
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "%s (%d): Loading PEM %s (len %d) to DER (len %d)\n",
(ret == 0) ? "Success" : "Failure", ret, privKeyFile, (int)key_sz,
(*pDer)->length);
#endif
return ret;
}
static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
const char* privKeyFile = (const char*)ctx;
DerBuffer* pDer = NULL;
int keyFormat = 0;
if (info->algo_type == WC_ALGO_TYPE_PK) {
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: Pk Type %d\n", info->pk.type);
#endif
#ifndef NO_RSA
if (info->pk.type == WC_PK_TYPE_RSA) {
switch (info->pk.rsa.type) {
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
/* perform software based RSA public op */
ret = CRYPTOCB_UNAVAILABLE; /* fallback to software */
break;
case RSA_PRIVATE_ENCRYPT:
case RSA_PRIVATE_DECRYPT:
{
RsaKey key;
/* perform software based RSA private op */
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: RSA Priv\n");
#endif
ret = load_pem_key_file_as_der(privKeyFile, &pDer,
&keyFormat);
if (ret != 0) {
return ret;
}
ret = wc_InitRsaKey(&key, HEAP_HINT);
if (ret == 0) {
word32 keyIdx = 0;
/* load RSA private key and perform private transform */
ret = wc_RsaPrivateKeyDecode(pDer->buffer, &keyIdx,
&key, pDer->length);
if (ret == 0) {
ret = wc_RsaFunction(
info->pk.rsa.in, info->pk.rsa.inLen,
info->pk.rsa.out, info->pk.rsa.outLen,
info->pk.rsa.type, &key, info->pk.rsa.rng);
}
else {
/* if decode fails, then fall-back to software based crypto */
fprintf(stderr, "test_CryptoCb_Func: RSA private "
"key decode failed %d, falling back to "
"software\n", ret);
ret = CRYPTOCB_UNAVAILABLE;
}
wc_FreeRsaKey(&key);
}
wc_FreeDer(&pDer); pDer = NULL;
break;
}
}
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: RSA Type %d, Ret %d, Out %d\n",
info->pk.rsa.type, ret, *info->pk.rsa.outLen);
#endif
}
#endif /* !NO_RSA */
#ifdef HAVE_ECC
if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) {
/* mark this key as ephemeral */
if (info->pk.eckg.key != NULL) {
XSTRNCPY(info->pk.eckg.key->label, "ephemeral",
sizeof(info->pk.eckg.key->label));
info->pk.eckg.key->labelLen = (int)XSTRLEN(info->pk.eckg.key->label);
}
}
else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
ecc_key key;
/* perform software based ECC sign */
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: ECC Sign\n");
#endif
if (info->pk.eccsign.key != NULL &&
XSTRCMP(info->pk.eccsign.key->label, "ephemeral") == 0) {
/* this is an empheral key */
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: skipping signing op on "
"ephemeral key\n");
#endif
return CRYPTOCB_UNAVAILABLE;
}
ret = load_pem_key_file_as_der(privKeyFile, &pDer, &keyFormat);
if (ret != 0) {
return ret;
}
ret = wc_ecc_init(&key);
if (ret == 0) {
word32 keyIdx = 0;
/* load ECC private key and perform private transform */
ret = wc_EccPrivateKeyDecode(pDer->buffer, &keyIdx,
&key, pDer->length);
if (ret == 0) {
ret = wc_ecc_sign_hash(
info->pk.eccsign.in, info->pk.eccsign.inlen,
info->pk.eccsign.out, info->pk.eccsign.outlen,
info->pk.eccsign.rng, &key);
}
else {
/* if decode fails, then fall-back to software based crypto */
fprintf(stderr, "test_CryptoCb_Func: ECC private key "
"decode failed %d, falling back to software\n", ret);
ret = CRYPTOCB_UNAVAILABLE;
}
wc_ecc_free(&key);
}
wc_FreeDer(&pDer); pDer = NULL;
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: ECC Ret %d, Out %d\n",
ret, *info->pk.eccsign.outlen);
#endif
}
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
if (info->pk.type == WC_PK_TYPE_ED25519_SIGN) {
ed25519_key key;
/* perform software based ED25519 sign */
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: ED25519 Sign\n");
#endif
ret = load_pem_key_file_as_der(privKeyFile, &pDer, &keyFormat);
if (ret != 0) {
return ret;
}
ret = wc_ed25519_init(&key);
if (ret == 0) {
word32 keyIdx = 0;
/* load ED25519 private key and perform private transform */
ret = wc_Ed25519PrivateKeyDecode(pDer->buffer, &keyIdx,
&key, pDer->length);
if (ret == 0) {
/* calculate public key */
ret = wc_ed25519_make_public(&key, key.p, ED25519_PUB_KEY_SIZE);
if (ret == 0) {
key.pubKeySet = 1;
ret = wc_ed25519_sign_msg_ex(
info->pk.ed25519sign.in, info->pk.ed25519sign.inLen,
info->pk.ed25519sign.out, info->pk.ed25519sign.outLen,
&key, info->pk.ed25519sign.type,
info->pk.ed25519sign.context,
info->pk.ed25519sign.contextLen);
}
}
else {
/* if decode fails, then fall-back to software based crypto */
fprintf(stderr, "test_CryptoCb_Func: ED25519 private key "
"decode failed %d, falling back to software\n", ret);
ret = CRYPTOCB_UNAVAILABLE;
}
wc_ed25519_free(&key);
}
wc_FreeDer(&pDer); pDer = NULL;
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "test_CryptoCb_Func: ED25519 Ret %d, Out %d\n",
ret, *info->pk.ed25519sign.outLen);
#endif
}
#endif /* HAVE_ED25519 */
}
(void)thisDevId;
(void)keyFormat;
return ret;
}
/* tlsVer: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
static int test_wc_CryptoCb_TLS(int tlsVer,
const char* cliCaPemFile, const char* cliCertPemFile,
const char* cliPrivKeyPemFile, const char* cliPubKeyPemFile,
const char* svrCaPemFile, const char* svrCertPemFile,
const char* svrPrivKeyPemFile, const char* svrPubKeyPemFile)
{
EXPECT_DECLS;
callback_functions client_cbf;
callback_functions server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
if (tlsVer == WOLFSSL_TLSV1_3) {
#ifdef WOLFSSL_TLS13
server_cbf.method = wolfTLSv1_3_server_method;
client_cbf.method = wolfTLSv1_3_client_method;
#endif
}
else if (tlsVer == WOLFSSL_TLSV1_2) {
#ifndef WOLFSSL_NO_TLS12
server_cbf.method = wolfTLSv1_2_server_method;
client_cbf.method = wolfTLSv1_2_client_method;
#endif
}
else if (tlsVer == WOLFSSL_TLSV1_1) {
#ifndef NO_OLD_TLS
server_cbf.method = wolfTLSv1_1_server_method;
client_cbf.method = wolfTLSv1_1_client_method;
#endif
}
else if (tlsVer == WOLFSSL_TLSV1) {
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
server_cbf.method = wolfTLSv1_server_method;
client_cbf.method = wolfTLSv1_client_method;
#endif
}
else if (tlsVer == WOLFSSL_SSLV3) {
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3) && \
defined(WOLFSSL_STATIC_RSA)
server_cbf.method = wolfSSLv3_server_method;
client_cbf.method = wolfSSLv3_client_method;
#endif
}
else if (tlsVer == WOLFSSL_DTLSV1_2) {
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
server_cbf.method = wolfDTLSv1_2_server_method;
client_cbf.method = wolfDTLSv1_2_client_method;
#endif
}
else if (tlsVer == WOLFSSL_DTLSV1) {
#if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS)
server_cbf.method = wolfDTLSv1_server_method;
client_cbf.method = wolfDTLSv1_client_method;
#endif
}
if (server_cbf.method == NULL) {
/* not enabled */
return TEST_SUCCESS;
}
/* Setup the keys for the TLS test */
client_cbf.certPemFile = cliCertPemFile;
client_cbf.keyPemFile = cliPubKeyPemFile;
client_cbf.caPemFile = cliCaPemFile;
server_cbf.certPemFile = svrCertPemFile;
server_cbf.keyPemFile = svrPubKeyPemFile;
server_cbf.caPemFile = svrCaPemFile;
/* Setup a crypto callback with pointer to private key file for testing */
client_cbf.devId = 1;
wc_CryptoCb_RegisterDevice(client_cbf.devId, test_CryptoCb_Func,
(void*)cliPrivKeyPemFile);
server_cbf.devId = 2;
wc_CryptoCb_RegisterDevice(server_cbf.devId, test_CryptoCb_Func,
(void*)svrPrivKeyPemFile);
/* Perform TLS server and client test */
/* First test is at WOLFSSL_CTX level */
test_wolfSSL_client_server(&client_cbf, &server_cbf);
/* Check for success */
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
if (EXPECT_SUCCESS()) {
/* Second test is a WOLFSSL object level */
client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
test_wolfSSL_client_server(&client_cbf, &server_cbf);
}
/* Check for success */
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
/* Un register the devId's */
wc_CryptoCb_UnRegisterDevice(client_cbf.devId);
client_cbf.devId = INVALID_DEVID;
wc_CryptoCb_UnRegisterDevice(server_cbf.devId);
server_cbf.devId = INVALID_DEVID;
return EXPECT_RESULT();
}
#endif /* WOLF_CRYPTO_CB && HAVE_IO_TESTS_DEPENDENCIES */
static int test_wc_CryptoCb(void)
{
EXPECT_DECLS;
#ifdef WOLF_CRYPTO_CB
/* TODO: Add crypto callback API tests */
#ifdef HAVE_IO_TESTS_DEPENDENCIES
#if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)
int tlsVer;
#endif
#ifndef NO_RSA
for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
svrCertFile, cliCertFile, cliKeyFile, cliKeyPubFile,
cliCertFile, svrCertFile, svrKeyFile, svrKeyPubFile),
TEST_SUCCESS);
}
#endif
#ifdef HAVE_ECC
for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
caEccCertFile, cliEccCertFile, cliEccKeyFile, cliEccKeyPubFile,
cliEccCertFile, eccCertFile, eccKeyFile, eccKeyPubFile),
TEST_SUCCESS);
}
#endif
#ifdef HAVE_ED25519
for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) {
if (tlsVer == WOLFSSL_DTLSV1) continue;
ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
caEdCertFile, cliEdCertFile, cliEdKeyFile, cliEdKeyPubFile,
cliEdCertFile, edCertFile, edKeyFile, edKeyPubFile),
TEST_SUCCESS);
}
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
#endif /* WOLF_CRYPTO_CB */
return EXPECT_RESULT();
}
#if defined(WOLFSSL_STATIC_MEMORY) && defined(HAVE_IO_TESTS_DEPENDENCIES)
/* tlsVer: Example: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
static int test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
const char* cliCaPemFile, const char* cliCertPemFile,
const char* cliPrivKeyPemFile,
const char* svrCaPemFile, const char* svrCertPemFile,
const char* svrPrivKeyPemFile,
byte* cliMem, word32 cliMemSz, byte* svrMem, word32 svrMemSz)
{
EXPECT_DECLS;
callback_functions client_cbf;
callback_functions server_cbf;
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
if (tlsVer == WOLFSSL_TLSV1_3) {
#ifdef WOLFSSL_TLS13
server_cbf.method_ex = wolfTLSv1_3_server_method_ex;
client_cbf.method_ex = wolfTLSv1_3_client_method_ex;
#endif
}
else if (tlsVer == WOLFSSL_TLSV1_2) {
#ifndef WOLFSSL_NO_TLS12
server_cbf.method_ex = wolfTLSv1_2_server_method_ex;
client_cbf.method_ex = wolfTLSv1_2_client_method_ex;
#endif
}
else if (tlsVer == WOLFSSL_TLSV1_1) {
#ifndef NO_OLD_TLS
server_cbf.method_ex = wolfTLSv1_1_server_method_ex;
client_cbf.method_ex = wolfTLSv1_1_client_method_ex;
#endif
}
else if (tlsVer == WOLFSSL_TLSV1) {
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
server_cbf.method_ex = wolfTLSv1_server_method_ex;
client_cbf.method_ex = wolfTLSv1_client_method_ex;
#endif
}
else if (tlsVer == WOLFSSL_SSLV3) {
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3) && \
defined(WOLFSSL_STATIC_RSA)
server_cbf.method_ex = wolfSSLv3_server_method_ex;
client_cbf.method_ex = wolfSSLv3_client_method_ex;
#endif
}
else if (tlsVer == WOLFSSL_DTLSV1_2) {
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
server_cbf.method_ex = wolfDTLSv1_2_server_method_ex;
client_cbf.method_ex = wolfDTLSv1_2_client_method_ex;
#endif
}
else if (tlsVer == WOLFSSL_DTLSV1) {
#if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS)
server_cbf.method_ex = wolfDTLSv1_server_method_ex;
client_cbf.method_ex = wolfDTLSv1_client_method_ex;
#endif
}
if (server_cbf.method_ex == NULL) {
/* not enabled */
return TEST_SUCCESS;
}
/* Setup the keys for the TLS test */
client_cbf.certPemFile = cliCertPemFile;
client_cbf.keyPemFile = cliPrivKeyPemFile;
client_cbf.caPemFile = cliCaPemFile;
server_cbf.certPemFile = svrCertPemFile;
server_cbf.keyPemFile = svrPrivKeyPemFile;
server_cbf.caPemFile = svrCaPemFile;
client_cbf.mem = cliMem;
client_cbf.memSz = cliMemSz;
server_cbf.mem = svrMem;
server_cbf.memSz = svrMemSz;
client_cbf.devId = INVALID_DEVID;
server_cbf.devId = INVALID_DEVID;
/* Perform TLS server and client test */
/* First test is at WOLFSSL_CTX level */
test_wolfSSL_client_server(&client_cbf, &server_cbf);
/* Check for success */
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
if (EXPECT_SUCCESS()) {
/* Second test is a WOLFSSL object level */
client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
test_wolfSSL_client_server(&client_cbf, &server_cbf);
}
/* Check for success */
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
return EXPECT_RESULT();
}
#endif /* WOLFSSL_STATIC_MEMORY && HAVE_IO_TESTS_DEPENDENCIES */
#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
WOLFSSL *ssl1 = NULL, *ssl2 = NULL, *ssl3 = NULL;
WOLFSSL_MEM_STATS mem_stats;
WOLFSSL_MEM_CONN_STATS ssl_stats;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#endif
ExpectNotNull((ssl1 = wolfSSL_new(ctx)));
ExpectNotNull((ssl2 = wolfSSL_new(ctx)));
#ifndef WOLFSSL_STATIC_MEMORY_LEAN
/* this should fail because kMaxCtxClients == 2 */
ExpectNull((ssl3 = wolfSSL_new(ctx)));
#else
(void)ssl3;
#endif
if (wolfSSL_is_static_memory(ssl1, &ssl_stats) == 1) {
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_STATIC_MEMORY_LEAN)
wolfSSL_PrintStatsConn(&ssl_stats);
#endif
(void)ssl_stats;
}
/* display collected statistics */
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) == 1) {
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_STATIC_MEMORY_LEAN)
wolfSSL_PrintStats(&mem_stats);
#endif
(void)mem_stats;
}
wolfSSL_free(ssl1);
wolfSSL_free(ssl2);
return EXPECT_RESULT();
}
#endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
static int test_wolfSSL_CTX_StaticMemory(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
wolfSSL_method_func method_func;
WOLFSSL_CTX* ctx;
const int kMaxCtxClients = 2;
#ifdef HAVE_IO_TESTS_DEPENDENCIES
#if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)
int tlsVer;
byte cliMem[TEST_TLS_STATIC_MEMSZ];
#endif
#endif
byte svrMem[TEST_TLS_STATIC_MEMSZ];
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
method_func = wolfTLSv1_2_server_method_ex;
#else
method_func = wolfTLSv1_3_server_method_ex;
#endif
#else
#ifndef WOLFSSL_NO_TLS12
method_func = wolfTLSv1_2_client_method_ex;
#else
method_func = wolfTLSv1_3_client_method_ex;
#endif
#endif
/* Test creating CTX directly from static memory pool */
ctx = NULL;
ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, method_func, svrMem,
sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS);
ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = NULL;
/* Test for heap allocated CTX, then assigning static pool to it */
ExpectNotNull(ctx = wolfSSL_CTX_new(method_func(NULL)));
ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, NULL, svrMem,
sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS);
ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS);
wolfSSL_CTX_free(ctx);
/* TLS Level Tests using static memory */
#ifdef HAVE_IO_TESTS_DEPENDENCIES
#ifndef NO_RSA
for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
svrCertFile, cliCertFile, cliKeyFile,
cliCertFile, svrCertFile, svrKeyFile,
cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
TEST_SUCCESS);
}
#endif
#ifdef HAVE_ECC
for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
caEccCertFile, cliEccCertFile, cliEccKeyFile,
cliEccCertFile, eccCertFile, eccKeyFile,
cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
TEST_SUCCESS);
}
#endif
#ifdef HAVE_ED25519
for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) {
if (tlsVer == WOLFSSL_DTLSV1) continue;
ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
caEdCertFile, cliEdCertFile, cliEdKeyFile,
cliEdCertFile, edCertFile, edKeyFile,
cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
TEST_SUCCESS);
}
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
#endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
return EXPECT_RESULT();
}
static int test_openssl_FIPS_drbg(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(WC_NO_RNG) && defined(HAVE_HASHDRBG)
DRBG_CTX* dctx = NULL;
byte data1[32], data2[32], zeroData[32];
byte testSeed[16];
size_t dlen = sizeof(data1);
int i;
XMEMSET(data1, 0, dlen);
XMEMSET(data2, 0, dlen);
XMEMSET(zeroData, 0, sizeof(zeroData));
for (i = 0; i < (int)sizeof(testSeed); i++) {
testSeed[i] = (byte)i;
}
ExpectNotNull(dctx = FIPS_get_default_drbg());
ExpectIntEQ(FIPS_drbg_init(dctx, 0, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(FIPS_drbg_set_callbacks(dctx, NULL, NULL, 20, NULL, NULL),
WOLFSSL_SUCCESS);
ExpectIntEQ(FIPS_drbg_instantiate(dctx, NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(FIPS_drbg_generate(dctx, data1, dlen, 0, NULL, 0),
WOLFSSL_SUCCESS);
ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0);
ExpectIntEQ(FIPS_drbg_reseed(dctx, testSeed, sizeof(testSeed)),
WOLFSSL_SUCCESS);
ExpectIntEQ(FIPS_drbg_generate(dctx, data2, dlen, 0, NULL, 0),
WOLFSSL_SUCCESS);
ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0);
ExpectIntNE(XMEMCMP(data1, data2, dlen), 0);
ExpectIntEQ(FIPS_drbg_uninstantiate(dctx), WOLFSSL_SUCCESS);
#ifndef HAVE_GLOBAL_RNG
/* gets freed by wolfSSL_Cleanup() when HAVE_GLOBAL_RNG defined */
wolfSSL_FIPS_drbg_free(dctx);
#endif
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_FIPS_mode(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
#ifdef HAVE_FIPS
ExpectIntEQ(wolfSSL_FIPS_mode(), 1);
ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_SUCCESS);
#else
ExpectIntEQ(wolfSSL_FIPS_mode(), 0);
ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_FAILURE);
#endif
#endif
return EXPECT_RESULT();
}
#ifdef WOLFSSL_DTLS
/* Prints out the current window */
static void DUW_TEST_print_window_binary(word32 h, word32 l, word32* w) {
#ifdef WOLFSSL_DEBUG_DTLS_WINDOW
int i;
for (i = WOLFSSL_DTLS_WINDOW_WORDS - 1; i >= 0; i--) {
word32 b = w[i];
int j;
/* Prints out a 32 bit binary number in big endian order */
for (j = 0; j < 32; j++, b <<= 1) {
if (b & (((word32)1) << 31))
fprintf(stderr, "1");
else
fprintf(stderr, "0");
}
fprintf(stderr, " ");
}
fprintf(stderr, "cur_hi %u cur_lo %u\n", h, l);
#else
(void)h;
(void)l;
(void)w;
#endif
}
/* a - cur_hi
* b - cur_lo
* c - next_hi
* d - next_lo
* e - window
* f - expected next_hi
* g - expected next_lo
* h - expected window[1]
* i - expected window[0]
*/
#define DUW_TEST(a,b,c,d,e,f,g,h,i) do { \
ExpectIntEQ(wolfSSL_DtlsUpdateWindow((a), (b), &(c), &(d), (e)), 1); \
DUW_TEST_print_window_binary((a), (b), (e)); \
ExpectIntEQ((c), (f)); \
ExpectIntEQ((d), (g)); \
ExpectIntEQ((e)[1], (h)); \
ExpectIntEQ((e)[0], (i)); \
} while (0)
static int test_wolfSSL_DtlsUpdateWindow(void)
{
EXPECT_DECLS;
word32 window[WOLFSSL_DTLS_WINDOW_WORDS];
word32 next_lo = 0;
word16 next_hi = 0;
#ifdef WOLFSSL_DEBUG_DTLS_WINDOW
fprintf(stderr, "\n");
#endif
XMEMSET(window, 0, sizeof window);
DUW_TEST(0, 0, next_hi, next_lo, window, 0, 1, 0, 0x01);
DUW_TEST(0, 1, next_hi, next_lo, window, 0, 2, 0, 0x03);
DUW_TEST(0, 5, next_hi, next_lo, window, 0, 6, 0, 0x31);
DUW_TEST(0, 4, next_hi, next_lo, window, 0, 6, 0, 0x33);
DUW_TEST(0, 100, next_hi, next_lo, window, 0, 101, 0, 0x01);
DUW_TEST(0, 101, next_hi, next_lo, window, 0, 102, 0, 0x03);
DUW_TEST(0, 133, next_hi, next_lo, window, 0, 134, 0x03, 0x01);
DUW_TEST(0, 200, next_hi, next_lo, window, 0, 201, 0, 0x01);
DUW_TEST(0, 264, next_hi, next_lo, window, 0, 265, 0, 0x01);
DUW_TEST(0, 0xFFFFFFFF, next_hi, next_lo, window, 1, 0, 0, 0x01);
DUW_TEST(0, 0xFFFFFFFD, next_hi, next_lo, window, 1, 0, 0, 0x05);
DUW_TEST(0, 0xFFFFFFFE, next_hi, next_lo, window, 1, 0, 0, 0x07);
DUW_TEST(1, 3, next_hi, next_lo, window, 1, 4, 0, 0x71);
DUW_TEST(1, 0, next_hi, next_lo, window, 1, 4, 0, 0x79);
DUW_TEST(1, 0xFFFFFFFF, next_hi, next_lo, window, 2, 0, 0, 0x01);
DUW_TEST(2, 3, next_hi, next_lo, window, 2, 4, 0, 0x11);
DUW_TEST(2, 0, next_hi, next_lo, window, 2, 4, 0, 0x19);
DUW_TEST(2, 25, next_hi, next_lo, window, 2, 26, 0, 0x6400001);
DUW_TEST(2, 27, next_hi, next_lo, window, 2, 28, 0, 0x19000005);
DUW_TEST(2, 29, next_hi, next_lo, window, 2, 30, 0, 0x64000015);
DUW_TEST(2, 33, next_hi, next_lo, window, 2, 34, 6, 0x40000151);
DUW_TEST(2, 60, next_hi, next_lo, window, 2, 61, 0x3200000A, 0x88000001);
DUW_TEST(1, 0xFFFFFFF0, next_hi, next_lo, window, 2, 61, 0x3200000A, 0x88000001);
DUW_TEST(2, 0xFFFFFFFD, next_hi, next_lo, window, 2, 0xFFFFFFFE, 0, 0x01);
DUW_TEST(3, 1, next_hi, next_lo, window, 3, 2, 0, 0x11);
DUW_TEST(99, 66, next_hi, next_lo, window, 99, 67, 0, 0x01);
DUW_TEST(50, 66, next_hi, next_lo, window, 99, 67, 0, 0x01);
DUW_TEST(100, 68, next_hi, next_lo, window, 100, 69, 0, 0x01);
DUW_TEST(99, 50, next_hi, next_lo, window, 100, 69, 0, 0x01);
DUW_TEST(99, 0xFFFFFFFF, next_hi, next_lo, window, 100, 69, 0, 0x01);
DUW_TEST(150, 0xFFFFFFFF, next_hi, next_lo, window, 151, 0, 0, 0x01);
DUW_TEST(152, 0xFFFFFFFF, next_hi, next_lo, window, 153, 0, 0, 0x01);
return EXPECT_RESULT();
}
#endif /* WOLFSSL_DTLS */
#ifdef WOLFSSL_DTLS
static int DFB_TEST(WOLFSSL* ssl, word32 seq, word32 len, word32 f_offset,
word32 f_len, word32 f_count, byte ready, word32 bytesReceived)
{
DtlsMsg* cur;
static byte msg[100];
static byte msgInit = 0;
if (!msgInit) {
int i;
for (i = 0; i < 100; i++)
msg[i] = i + 1;
msgInit = 1;
}
/* Sanitize test parameters */
if (len > sizeof(msg))
return -1;
if (f_offset + f_len > sizeof(msg))
return -1;
DtlsMsgStore(ssl, 0, seq, msg + f_offset, len, certificate, f_offset, f_len, NULL);
if (ssl->dtls_rx_msg_list == NULL)
return -100;
if ((cur = DtlsMsgFind(ssl->dtls_rx_msg_list, 0, seq)) == NULL)
return -200;
if (cur->fragBucketListCount != f_count)
return -300;
if (cur->ready != ready)
return -400;
if (cur->bytesReceived != bytesReceived)
return -500;
if (ready) {
if (cur->fragBucketList != NULL)
return -600;
if (XMEMCMP(cur->fullMsg, msg, cur->sz) != 0)
return -700;
}
else {
DtlsFragBucket* fb;
if (cur->fragBucketList == NULL)
return -800;
for (fb = cur->fragBucketList; fb != NULL; fb = fb->m.m.next) {
if (XMEMCMP(fb->buf, msg + fb->m.m.offset, fb->m.m.sz) != 0)
return -900;
}
}
return 0;
}
static int test_wolfSSL_DTLS_fragment_buckets(void)
{
EXPECT_DECLS;
WOLFSSL ssl[1];
XMEMSET(ssl, 0, sizeof(*ssl));
ExpectIntEQ(DFB_TEST(ssl, 0, 100, 0, 100, 0, 1, 100), 0); /* 0-100 */
ExpectIntEQ(DFB_TEST(ssl, 1, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
ExpectIntEQ(DFB_TEST(ssl, 1, 100, 20, 20, 1, 0, 40), 0); /* 20-40 */
ExpectIntEQ(DFB_TEST(ssl, 1, 100, 40, 20, 1, 0, 60), 0); /* 40-60 */
ExpectIntEQ(DFB_TEST(ssl, 1, 100, 60, 20, 1, 0, 80), 0); /* 60-80 */
ExpectIntEQ(DFB_TEST(ssl, 1, 100, 80, 20, 0, 1, 100), 0); /* 80-100 */
/* Test all permutations of 3 regions */
/* 1 2 3 */
ExpectIntEQ(DFB_TEST(ssl, 2, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
ExpectIntEQ(DFB_TEST(ssl, 2, 100, 30, 30, 1, 0, 60), 0); /* 30-60 */
ExpectIntEQ(DFB_TEST(ssl, 2, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
/* 1 3 2 */
ExpectIntEQ(DFB_TEST(ssl, 3, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
ExpectIntEQ(DFB_TEST(ssl, 3, 100, 60, 40, 2, 0, 70), 0); /* 60-100 */
ExpectIntEQ(DFB_TEST(ssl, 3, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */
/* 2 1 3 */
ExpectIntEQ(DFB_TEST(ssl, 4, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */
ExpectIntEQ(DFB_TEST(ssl, 4, 100, 0, 30, 1, 0, 60), 0); /* 0-30 */
ExpectIntEQ(DFB_TEST(ssl, 4, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
/* 2 3 1 */
ExpectIntEQ(DFB_TEST(ssl, 5, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */
ExpectIntEQ(DFB_TEST(ssl, 5, 100, 60, 40, 1, 0, 70), 0); /* 60-100 */
ExpectIntEQ(DFB_TEST(ssl, 5, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */
/* 3 1 2 */
ExpectIntEQ(DFB_TEST(ssl, 6, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */
ExpectIntEQ(DFB_TEST(ssl, 6, 100, 0, 30, 2, 0, 70), 0); /* 0-30 */
ExpectIntEQ(DFB_TEST(ssl, 6, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */
/* 3 2 1 */
ExpectIntEQ(DFB_TEST(ssl, 7, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */
ExpectIntEQ(DFB_TEST(ssl, 7, 100, 30, 30, 1, 0, 70), 0); /* 30-60 */
ExpectIntEQ(DFB_TEST(ssl, 7, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */
/* Test overlapping regions */
ExpectIntEQ(DFB_TEST(ssl, 8, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 10, 1, 0, 30), 0); /* 20-30 */
ExpectIntEQ(DFB_TEST(ssl, 8, 100, 70, 10, 2, 0, 40), 0); /* 70-80 */
ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 30, 2, 0, 60), 0); /* 20-50 */
ExpectIntEQ(DFB_TEST(ssl, 8, 100, 40, 60, 0, 1, 100), 0); /* 40-100 */
/* Test overlapping multiple regions */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 5, 2, 0, 25), 0); /* 30-35 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 40, 5, 3, 0, 30), 0); /* 40-45 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 50, 5, 4, 0, 35), 0); /* 50-55 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 60, 5, 5, 0, 40), 0); /* 60-65 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 70, 5, 6, 0, 45), 0); /* 70-75 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 25, 4, 0, 55), 0); /* 30-55 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 55, 15, 2, 0, 65), 0); /* 55-70 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 75, 25, 2, 0, 90), 0); /* 75-100 */
ExpectIntEQ(DFB_TEST(ssl, 9, 100, 10, 25, 0, 1, 100), 0); /* 10-35 */
ExpectIntEQ(DFB_TEST(ssl, 10, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
ExpectIntEQ(DFB_TEST(ssl, 10, 100, 30, 20, 2, 0, 40), 0); /* 30-50 */
ExpectIntEQ(DFB_TEST(ssl, 10, 100, 0, 40, 1, 0, 50), 0); /* 0-40 */
ExpectIntEQ(DFB_TEST(ssl, 10, 100, 50, 50, 0, 1, 100), 0); /* 10-35 */
DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);
ssl->dtls_rx_msg_list = NULL;
ssl->dtls_rx_msg_list_sz = 0;
return EXPECT_RESULT();
}
#endif
#if !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_dtls_stateless2(void)
{
EXPECT_DECLS;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_c2 = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c));
wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
/* send CH */
ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
(ssl_c2->error == WANT_READ));
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == WANT_READ));
ExpectIntNE(test_ctx.c_len, 0);
/* consume HRR */
test_ctx.c_len = 0;
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#ifdef HAVE_MAX_FRAGMENT
static int test_wolfSSL_dtls_stateless_maxfrag(void)
{
EXPECT_DECLS;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_c2 = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
word16 max_fragment = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c));
ExpectIntEQ(wolfSSL_UseMaxFragment(ssl_c2, WOLFSSL_MFL_2_8),
WOLFSSL_SUCCESS);
wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
if (ssl_s != NULL) {
max_fragment = ssl_s->max_fragment;
}
/* send CH */
ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
(ssl_c2->error == WANT_READ));
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == WANT_READ));
/* CH without cookie shouldn't change state */
ExpectIntEQ(ssl_s->max_fragment, max_fragment);
ExpectIntNE(test_ctx.c_len, 0);
/* consume HRR from buffer */
test_ctx.c_len = 0;
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#endif /* HAVE_MAX_FRAGMENT */
#if defined(WOLFSSL_DTLS_NO_HVR_ON_RESUME)
#define ROUNDS_WITH_HVR 4
#define ROUNDS_WITHOUT_HVR 2
#define HANDSHAKE_TYPE_OFFSET DTLS_RECORD_HEADER_SZ
static int buf_is_hvr(const byte *data, int len)
{
if (len < DTLS_RECORD_HEADER_SZ + DTLS_HANDSHAKE_HEADER_SZ)
return 0;
return data[HANDSHAKE_TYPE_OFFSET] == hello_verify_request;
}
static int _test_wolfSSL_dtls_stateless_resume(byte useticket, byte bad)
{
EXPECT_DECLS;
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
WOLFSSL_SESSION *sess = NULL;
int round_trips;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c,
&ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
#ifdef HAVE_SESSION_TICKET
if (useticket) {
ExpectIntEQ(wolfSSL_UseSessionTicket(ssl_c), WOLFSSL_SUCCESS);
}
#endif
round_trips = ROUNDS_WITH_HVR;
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, round_trips,
&round_trips), 0);
ExpectIntEQ(round_trips, ROUNDS_WITH_HVR);
ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
wolfSSL_shutdown(ssl_c);
wolfSSL_shutdown(ssl_s);
wolfSSL_free(ssl_c);
ssl_c = NULL;
wolfSSL_free(ssl_s);
ssl_s = NULL;
test_ctx.c_len = test_ctx.s_len = 0;
/* make resumption invalid */
if (bad && (sess != NULL)) {
if (useticket) {
#ifdef HAVE_SESSION_TICKET
if (sess->ticket != NULL) {
sess->ticket[0] = !sess->ticket[0];
}
#endif /* HAVE_SESSION_TICKET */
}
else {
sess->sessionID[0] = !sess->sessionID[0];
}
}
ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c, &test_ctx);
wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_s, &test_ctx);
ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
(ssl_c->error == WANT_READ));
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == WANT_READ));
ExpectFalse(bad && !buf_is_hvr(test_ctx.c_buff, test_ctx.c_len));
ExpectFalse(!bad && buf_is_hvr(test_ctx.c_buff, test_ctx.c_len));
if (!useticket) {
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, &round_trips), 0);
ExpectFalse(bad && round_trips != ROUNDS_WITH_HVR - 1);
ExpectFalse(!bad && round_trips != ROUNDS_WITHOUT_HVR - 1);
}
wolfSSL_SESSION_free(sess);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
static int test_wolfSSL_dtls_stateless_resume(void)
{
EXPECT_DECLS;
#ifdef HAVE_SESSION_TICKET
ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 0), TEST_SUCCESS);
ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 1), TEST_SUCCESS);
#endif /* HAVE_SESION_TICKET */
ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 0), TEST_SUCCESS);
ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 1), TEST_SUCCESS);
return EXPECT_RESULT();
}
#endif /* WOLFSSL_DTLS_NO_HVR_ON_RESUME */
#if !defined(NO_OLD_TLS)
static int test_wolfSSL_dtls_stateless_downgrade(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_c2 = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_c2 = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
ExpectIntEQ(wolfSSL_CTX_SetMinVersion(ctx_s, WOLFSSL_DTLSV1),
WOLFSSL_SUCCESS);
ExpectNotNull(ctx_c2 = wolfSSL_CTX_new(wolfDTLSv1_client_method()));
wolfSSL_SetIORecv(ctx_c2, test_memio_read_cb);
wolfSSL_SetIOSend(ctx_c2, test_memio_write_cb);
ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c2));
wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
/* send CH */
ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
(ssl_c2->error == WANT_READ));
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == WANT_READ));
ExpectIntNE(test_ctx.c_len, 0);
/* consume HRR */
test_ctx.c_len = 0;
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_c2);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#endif /* !defined(NO_OLD_TLS) */
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)*/
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_OLD_TLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_WOLFSSL_dtls_version_alert(void)
{
EXPECT_DECLS;
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLSv1_server_method), 0);
/* client hello */
ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
(ssl_c->error == WANT_READ));
/* hrr */
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == WANT_READ));
/* client hello 1 */
ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
(ssl_c->error == WANT_READ));
/* server hello */
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == WANT_READ));
/* should fail */
ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
(ssl_c->error == VERSION_ERROR));
/* shuould fail */
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
(ssl_s->error == VERSION_ERROR || ssl_s->error == FATAL_ERROR));
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#else
static int test_WOLFSSL_dtls_version_alert(void)
{
return TEST_SKIPPED;
}
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) &&
* !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) &&
* !defined(NO_OLD_TLS) && !defined(NO_RSA)
*/
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
&& defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler)
{
struct test_memio_ctx *test_ctx;
byte buf[2048];
int idx, sz;
word32 tmp;
int ret;
idx = 5; /* space for record header */
buf[idx] = session_ticket; /* type */
idx++;
tmp = OPAQUE32_LEN +
OPAQUE32_LEN +
OPAQUE8_LEN + nonceLength +
OPAQUE16_LEN + OPAQUE8_LEN + OPAQUE16_LEN;
c32to24(tmp, buf + idx);
idx += OPAQUE24_LEN;
c32toa((word32)12345, buf+idx); /* lifetime */
idx += OPAQUE32_LEN;
c32toa((word32)12345, buf+idx); /* add */
idx += OPAQUE32_LEN;
buf[idx] = nonceLength; /* nonce length */
idx++;
XMEMSET(&buf[idx], filler, nonceLength); /* nonce */
idx += nonceLength;
tmp = 1; /* ticket len */
c16toa((word16)tmp, buf+idx);
idx += 2;
buf[idx] = 0xFF; /* ticket */
idx++;
tmp = 0; /* ext len */
c16toa((word16)tmp, buf+idx);
idx += 2;
sz = BuildTls13Message(ssl, buf, 2048, buf+5, idx - 5,
handshake, 0, 0, 0);
AssertIntGT(sz, 0);
test_ctx = (struct test_memio_ctx*)wolfSSL_GetIOWriteCtx(ssl);
AssertNotNull(test_ctx);
ret = test_memio_write_cb(ssl, (char*)buf, sz, test_ctx);
return !(ret == sz);
}
static int test_ticket_nonce_check(WOLFSSL_SESSION *sess, byte len)
{
int ret = 0;
if ((sess == NULL) || (sess->ticketNonce.len != len)) {
ret = -1;
}
else {
int i;
for (i = 0; i < len; i++) {
if (sess->ticketNonce.data[i] != len) {
ret = -1;
break;
}
}
}
return ret;
}
static int test_ticket_nonce_malloc_do(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len)
{
EXPECT_DECLS;
char *buf[1024];
ExpectIntEQ(send_new_session_ticket(ssl_s, len, len), 0);
ExpectTrue((wolfSSL_recv(ssl_c, buf, 1024, 0) == WOLFSSL_FATAL_ERROR) &&
(ssl_c->error == WANT_READ));
ExpectIntEQ(test_ticket_nonce_check(ssl_c->session, len), 0);
return EXPECT_RESULT();
}
static int test_ticket_nonce_cache(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len)
{
EXPECT_DECLS;
WOLFSSL_SESSION *sess = NULL;
WOLFSSL_SESSION *cached = NULL;
WOLFSSL_CTX *ctx = ssl_c->ctx;
ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, len), TEST_SUCCESS);
ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
ExpectIntEQ(AddSessionToCache(ctx, sess, sess->sessionID, sess->sessionIDSz,
NULL, ssl_c->options.side, 1,NULL), 0);
ExpectNotNull(cached = wolfSSL_SESSION_new());
ExpectIntEQ(wolfSSL_GetSessionFromCache(ssl_c, cached), WOLFSSL_SUCCESS);
ExpectIntEQ(test_ticket_nonce_check(cached, len), 0);
wolfSSL_SESSION_free(cached);
wolfSSL_SESSION_free(sess);
return EXPECT_RESULT();
}
static int test_ticket_nonce_malloc(void)
{
EXPECT_DECLS;
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
byte small;
byte medium;
byte big;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
/* will send ticket manually */
ExpectIntEQ(wolfSSL_no_ticket_TLSv13(ssl_s), 0);
wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0);
while (EXPECT_SUCCESS() && (ssl_c->options.handShakeDone == 0) &&
(ssl_s->options.handShakeDone == 0)) {
ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_SUCCESS) ||
(ssl_c->error == WANT_READ));
ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_SUCCESS) ||
(ssl_s->error == WANT_READ));
}
small = TLS13_TICKET_NONCE_STATIC_SZ;
#if TLS13_TICKET_NONCE_STATIC_SZ + 20 <= 255
medium = small + 20;
#else
medium = 255;
#endif
#if TLS13_TICKET_NONCE_STATIC_SZ + 20 + 20 <= 255
big = small + 20;
#else
big = 255;
#endif
ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS);
ExpectPtrEq(ssl_c->session->ticketNonce.data,
ssl_c->session->ticketNonce.dataStatic);
ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium),
TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, big), TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium),
TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, big), TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS);
ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#endif /* WOLFSSL_TICKET_NONCE_MALLOC */
#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12) && \
!defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_RSA) && \
defined(HAVE_ECC) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_ticket_ret_create(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
byte ticket[SESSION_TICKET_LEN];
struct test_memio_ctx test_ctx;
WOLFSSL_SESSION *sess = NULL;
word16 ticketLen = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0);
ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx_c), WOLFSSL_SUCCESS);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
ExpectIntLE(sess->ticketLen, SESSION_TICKET_LEN);
if (sess != NULL) {
ticketLen = sess->ticketLen;
XMEMCPY(ticket, sess->ticket, sess->ticketLen);
}
wolfSSL_free(ssl_c);
ssl_c = NULL;
wolfSSL_free(ssl_s);
ssl_s = NULL;
ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_s, &test_ctx);
ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c, &test_ctx);
ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
ExpectIntLE(ssl_c->session->ticketLen, SESSION_TICKET_LEN);
ExpectIntEQ(ssl_c->session->ticketLen, ticketLen);
ExpectTrue(XMEMCMP(ssl_c->session->ticket, ticket, ticketLen) != 0);
wolfSSL_SESSION_free(sess);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#else
static int test_ticket_ret_create(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && \
defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \
!defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl)
{
int ret;
WOLFSSL_SESSION* session = NULL;
AssertIntEQ(wolfSSL_get_current_cipher_suite(ssl), 0x1301);
if (!wolfSSL_is_server(ssl)) {
session = wolfSSL_SESSION_dup(wolfSSL_get_session(ssl));
AssertNotNull(session);
}
do {
ret = wolfSSL_shutdown(ssl);
} while (ret == WOLFSSL_SHUTDOWN_NOT_DONE);
AssertIntEQ(wolfSSL_clear(ssl), WOLFSSL_SUCCESS);
wolfSSL_set_psk_callback_ctx(ssl, (void*)"TLS13-AES256-GCM-SHA384");
#ifndef OPENSSL_COMPATIBLE_DEFAULTS
/* OpenSSL considers PSK to be verified. We error out with NO_PEER_CERT. */
wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_NONE, NULL);
#endif
if (!wolfSSL_is_server(ssl)) {
/* client */
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:"
"TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS);
wolfSSL_set_session(ssl, session);
wolfSSL_SESSION_free(session);
wolfSSL_set_psk_client_tls13_callback(ssl, my_psk_client_tls13_cb);
AssertIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS);
}
else {
/* server */
/* Different ciphersuite so that the ticket will be invalidated based on
* the ciphersuite */
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384"),
WOLFSSL_SUCCESS);
wolfSSL_set_psk_server_tls13_callback(ssl, my_psk_server_tls13_cb);
AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
}
}
static void test_ticket_and_psk_mixing_ssl_ready(WOLFSSL* ssl)
{
AssertIntEQ(wolfSSL_UseSessionTicket(ssl), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"),
WOLFSSL_SUCCESS);
}
static int test_ticket_and_psk_mixing(void)
{
EXPECT_DECLS;
/* Test mixing tickets and regular PSK */
callback_functions client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.method = wolfTLSv1_3_client_method;
server_cbs.method = wolfTLSv1_3_server_method;
client_cbs.ssl_ready = test_ticket_and_psk_mixing_ssl_ready;
client_cbs.on_result = test_ticket_and_psk_mixing_on_result;
server_cbs.on_result = test_ticket_and_psk_mixing_on_result;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_ticket_and_psk_mixing(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && defined(HAVE_SESSION_TICKET) \
&& defined(OPENSSL_EXTRA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(HAVE_AESGCM) && !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
static int test_prioritize_psk_cb_called = FALSE;
static unsigned int test_prioritize_psk_cb(WOLFSSL* ssl,
const char* identity, unsigned char* key, unsigned int key_max_len,
const char** ciphersuite)
{
test_prioritize_psk_cb_called = TRUE;
return my_psk_server_tls13_cb(ssl, identity, key, key_max_len, ciphersuite);
}
static void test_prioritize_psk_on_result(WOLFSSL* ssl)
{
int ret;
WOLFSSL_SESSION* session = NULL;
AssertIntEQ(wolfSSL_get_current_cipher_suite(ssl), 0x1301);
if (!wolfSSL_is_server(ssl)) {
session = wolfSSL_SESSION_dup(wolfSSL_get_session(ssl));
AssertNotNull(session);
}
do {
ret = wolfSSL_shutdown(ssl);
} while (ret == WOLFSSL_SHUTDOWN_NOT_DONE);
AssertIntEQ(wolfSSL_clear(ssl), WOLFSSL_SUCCESS);
wolfSSL_set_psk_callback_ctx(ssl, (void*)"TLS13-AES256-GCM-SHA384");
/* Previous connection was made with TLS13-AES128-GCM-SHA256. Order is
* important. */
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:"
"TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS);
#ifndef OPENSSL_COMPATIBLE_DEFAULTS
/* OpenSSL considers PSK to be verified. We error out with NO_PEER_CERT. */
wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_NONE, NULL);
#endif
if (!wolfSSL_is_server(ssl)) {
/* client */
wolfSSL_set_psk_client_tls13_callback(ssl, my_psk_client_tls13_cb);
wolfSSL_set_session(ssl, session);
wolfSSL_SESSION_free(session);
AssertIntEQ(wolfSSL_connect(ssl), WOLFSSL_SUCCESS);
}
else {
/* server */
wolfSSL_set_psk_server_tls13_callback(ssl, test_prioritize_psk_cb);
AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_PRIORITIZE_PSK
/* The ticket should be first tried with all ciphersuites and chosen */
AssertFalse(test_prioritize_psk_cb_called);
#else
/* Ciphersuites should be tried with each PSK. This triggers the PSK
* callback that sets this var. */
AssertTrue(test_prioritize_psk_cb_called);
#endif
}
}
static void test_prioritize_psk_ssl_ready(WOLFSSL* ssl)
{
if (!wolfSSL_is_server(ssl))
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"),
WOLFSSL_SUCCESS);
else
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:"
"TLS13-AES128-GCM-SHA256"), WOLFSSL_SUCCESS);
}
static int test_prioritize_psk(void)
{
EXPECT_DECLS;
/* We always send the ticket first. With WOLFSSL_PRIORITIZE_PSK the order
* of the PSK's will be followed instead of the ciphersuite. */
callback_functions client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.method = wolfTLSv1_3_client_method;
server_cbs.method = wolfTLSv1_3_server_method;
client_cbs.ssl_ready = test_prioritize_psk_ssl_ready;
server_cbs.ssl_ready = test_prioritize_psk_ssl_ready;
client_cbs.on_result = test_prioritize_psk_on_result;
server_cbs.on_result = test_prioritize_psk_on_result;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_prioritize_psk(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \
!defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
!defined(WOLFSSL_NO_TLS12)
static int test_wolfSSL_CTX_set_ciphersuites_ctx_ready_server(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectTrue(SSL_CTX_set_cipher_list(ctx, "DEFAULT"));
/* Set TLS 1.3 specific suite */
ExpectTrue(SSL_CTX_set_ciphersuites(ctx, "TLS13-AES128-GCM-SHA256"));
return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_ciphersuites(void)
{
EXPECT_DECLS;
/* Test using SSL_CTX_set_cipher_list and SSL_CTX_set_ciphersuites and then
* do a 1.2 connection. */
test_ssl_cbf client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.method = wolfTLSv1_2_client_method;
server_cbs.method = wolfTLS_server_method; /* Allow downgrade */
server_cbs.ctx_ready = test_wolfSSL_CTX_set_ciphersuites_ctx_ready_server;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_wolfSSL_CTX_set_ciphersuites(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_CRL) && defined(WOLFSSL_CHECK_ALERT_ON_ERR) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_CRL_CERT_REVOKED_alert_ctx_ready(WOLFSSL_CTX* ctx)
{
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
return TEST_SUCCESS;
}
static int test_wolfSSL_CRL_CERT_REVOKED_alert_on_cleanup(WOLFSSL* ssl)
{
EXPECT_DECLS;
WOLFSSL_ALERT_HISTORY h;
ExpectIntEQ(wolfSSL_get_alert_history(ssl, &h), WOLFSSL_SUCCESS);
ExpectIntEQ(h.last_rx.level, alert_fatal);
ExpectIntEQ(h.last_rx.code, certificate_revoked);
return EXPECT_RESULT();
}
static int test_wolfSSL_CRL_CERT_REVOKED_alert(void)
{
EXPECT_DECLS;
test_ssl_cbf client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
server_cbs.certPemFile = "./certs/server-revoked-cert.pem";
server_cbs.keyPemFile = "./certs/server-revoked-key.pem";
client_cbs.crlPemFile = "./certs/crl/crl.revoked";
client_cbs.ctx_ready = test_wolfSSL_CRL_CERT_REVOKED_alert_ctx_ready;
server_cbs.on_cleanup = test_wolfSSL_CRL_CERT_REVOKED_alert_on_cleanup;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), TEST_FAIL);
return EXPECT_RESULT();
}
#else
static int test_wolfSSL_CRL_CERT_REVOKED_alert(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) \
&& defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \
!defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
!defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
static WOLFSSL_CTX* test_TLS_13_ticket_different_ciphers_ctx = NULL;
static WOLFSSL_SESSION* test_TLS_13_ticket_different_ciphers_session = NULL;
static int test_TLS_13_ticket_different_ciphers_run = 0;
static int test_TLS_13_ticket_different_ciphers_ssl_ready(WOLFSSL* ssl)
{
EXPECT_DECLS;
switch (test_TLS_13_ticket_different_ciphers_run) {
case 0:
/* First run */
ExpectIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"),
WOLFSSL_SUCCESS);
if (wolfSSL_is_server(ssl)) {
ExpectNotNull(test_TLS_13_ticket_different_ciphers_ctx =
wolfSSL_get_SSL_CTX(ssl));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_up_ref(
test_TLS_13_ticket_different_ciphers_ctx));
}
break;
case 1:
/* Second run */
ExpectIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384:"
"TLS13-AES128-GCM-SHA256"),
WOLFSSL_SUCCESS);
if (!wolfSSL_is_server(ssl)) {
ExpectIntEQ(wolfSSL_set_session(ssl,
test_TLS_13_ticket_different_ciphers_session),
WOLFSSL_SUCCESS);
}
break;
default:
/* Bad state? */
Fail(("Should not enter here"), ("Should not enter here"));
}
return EXPECT_RESULT();
}
static int test_TLS_13_ticket_different_ciphers_on_result(WOLFSSL* ssl)
{
EXPECT_DECLS;
switch (test_TLS_13_ticket_different_ciphers_run) {
case 0:
/* First run */
ExpectNotNull(test_TLS_13_ticket_different_ciphers_session =
wolfSSL_get1_session(ssl));
break;
case 1:
/* Second run */
ExpectTrue(wolfSSL_session_reused(ssl));
break;
default:
/* Bad state? */
Fail(("Should not enter here"), ("Should not enter here"));
}
return EXPECT_RESULT();
}
static int test_TLS_13_ticket_different_ciphers(void)
{
EXPECT_DECLS;
/* Check that we handle the connection when the ticket doesn't match
* the first ciphersuite. */
test_ssl_cbf client_cbs, server_cbs;
struct test_params {
method_provider client_meth;
method_provider server_meth;
int doUdp;
} params[] = {
#ifdef WOLFSSL_DTLS13
/* Test that the stateless code handles sessions correctly */
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, 1},
#endif
{wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, 0},
};
size_t i;
for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
test_TLS_13_ticket_different_ciphers_run = 0;
client_cbs.doUdp = server_cbs.doUdp = params[i].doUdp;
client_cbs.method = params[i].client_meth;
server_cbs.method = params[i].server_meth;
client_cbs.ssl_ready = test_TLS_13_ticket_different_ciphers_ssl_ready;
server_cbs.ssl_ready = test_TLS_13_ticket_different_ciphers_ssl_ready;
client_cbs.on_result = test_TLS_13_ticket_different_ciphers_on_result;
server_cbs.ticNoInit = 1;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), TEST_SUCCESS);
test_TLS_13_ticket_different_ciphers_run++;
server_cbs.ctx = test_TLS_13_ticket_different_ciphers_ctx;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), TEST_SUCCESS);
wolfSSL_SESSION_free(test_TLS_13_ticket_different_ciphers_session);
test_TLS_13_ticket_different_ciphers_session = NULL;
wolfSSL_CTX_free(test_TLS_13_ticket_different_ciphers_ctx);
test_TLS_13_ticket_different_ciphers_ctx = NULL;
}
return EXPECT_RESULT();
}
#else
static int test_TLS_13_ticket_different_ciphers(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
#define TEST_WRONG_CS_CLIENT "DHE-RSA-AES128-SHA"
/* AKA TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
byte test_extra_alerts_wrong_cs_sh[] = {
0x16, 0x03, 0x03, 0x00, 0x56, 0x02, 0x00, 0x00, 0x52, 0x03, 0x03, 0xef,
0x0c, 0x30, 0x98, 0xa2, 0xac, 0xfa, 0x68, 0xe9, 0x3e, 0xaa, 0x5c, 0xcf,
0xa7, 0x42, 0x72, 0xaf, 0xa0, 0xe8, 0x39, 0x2b, 0x3e, 0x81, 0xa7, 0x7a,
0xa5, 0x62, 0x8a, 0x0e, 0x41, 0xba, 0xda, 0x20, 0x18, 0x9f, 0xe1, 0x8c,
0x1d, 0xc0, 0x37, 0x9c, 0xf4, 0x90, 0x5d, 0x8d, 0xa0, 0x79, 0xa7, 0x4b,
0xa8, 0x79, 0xdf, 0xcd, 0x8d, 0xf5, 0xb5, 0x50, 0x5f, 0xf1, 0xdb, 0x4d,
0xbb, 0x07, 0x54, 0x1c,
0x00, 0x02, /* TLS_RSA_WITH_NULL_SHA */
0x00, 0x00, 0x0a, 0x00, 0x0b, 0x00,
0x02, 0x01, 0x00, 0x00, 0x17, 0x00, 0x00
};
static int test_extra_alerts_wrong_cs(void)
{
EXPECT_DECLS;
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_ALERT_HISTORY h;
WOLFSSL *ssl_c = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
wolfTLSv1_2_client_method, NULL), 0);
ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, TEST_WRONG_CS_CLIENT),
WOLFSSL_SUCCESS);
/* CH */
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
/* consume CH */
test_ctx.s_len = 0;
/* inject SH */
XMEMCPY(test_ctx.c_buff, test_extra_alerts_wrong_cs_sh,
sizeof(test_extra_alerts_wrong_cs_sh));
test_ctx.c_len = sizeof(test_extra_alerts_wrong_cs_sh);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
ExpectIntEQ(h.last_tx.code, handshake_failure);
ExpectIntEQ(h.last_tx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
#endif
return EXPECT_RESULT();
}
#else
static int test_extra_alerts_wrong_cs(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
#define TEST_CS_DOWNGRADE_CLIENT "ECDHE-RSA-AES256-GCM-SHA384"
byte test_wrong_cs_downgrade_sh[] = {
0x16, 0x03, 0x03, 0x00, 0x56, 0x02, 0x00, 0x00, 0x52, 0x03, 0x03, 0x10,
0x2c, 0x88, 0xd9, 0x7a, 0x23, 0xc9, 0xbd, 0x11, 0x3b, 0x64, 0x24, 0xab,
0x5b, 0x45, 0x33, 0xf6, 0x2c, 0x34, 0xe4, 0xcf, 0xf4, 0x78, 0xc8, 0x62,
0x06, 0xc7, 0xe5, 0x30, 0x39, 0xbf, 0xa1, 0x20, 0xa3, 0x06, 0x74, 0xc3,
0xa9, 0x74, 0x52, 0x8a, 0xfb, 0xae, 0xf0, 0xd8, 0x6f, 0xb2, 0x9d, 0xfe,
0x78, 0xf0, 0x3f, 0x51, 0x8f, 0x9c, 0xcf, 0xbe, 0x61, 0x43, 0x9d, 0xf8,
0x85, 0xe5, 0x2f, 0x54,
0xc0, 0x2f, /* ECDHE-RSA-AES128-GCM-SHA256 */
0x00, 0x00, 0x0a, 0x00, 0x0b, 0x00,
0x02, 0x01, 0x00, 0x00, 0x17, 0x00, 0x00
};
static int test_wrong_cs_downgrade(void)
{
EXPECT_DECLS;
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL *ssl_c = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
wolfSSLv23_client_method, NULL), 0);
ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, TEST_CS_DOWNGRADE_CLIENT),
WOLFSSL_SUCCESS);
/* CH */
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
/* consume CH */
test_ctx.s_len = 0;
/* inject SH */
XMEMCPY(test_ctx.c_buff, test_wrong_cs_downgrade_sh,
sizeof(test_wrong_cs_downgrade_sh));
test_ctx.c_len = sizeof(test_wrong_cs_downgrade_sh);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
MATCH_SUITE_ERROR);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
#endif
return EXPECT_RESULT();
}
#else
static int test_wrong_cs_downgrade(void)
{
return TEST_SKIPPED;
}
#endif
#if !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_EXTRA_ALERTS) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH)
static void test_remove_msg(byte *msg, int tail_len, int *len, int msg_length)
{
tail_len -= msg_length;
XMEMMOVE(msg, msg + msg_length, tail_len);
*len = *len - msg_length;
}
static int test_remove_hs_msg_from_buffer(byte *buf, int *len, byte type,
byte *found)
{
const unsigned int _HANDSHAKE_HEADER_SZ = 4;
const unsigned int _RECORD_HEADER_SZ = 5;
const int _change_cipher_hs = 55;
const int _change_cipher = 20;
const int _handshake = 22;
unsigned int tail_len;
byte *idx, *curr;
word8 currType;
word16 rLength;
word32 hLength;
idx = buf;
tail_len = (unsigned int)*len;
*found = 0;
while (tail_len > _RECORD_HEADER_SZ) {
curr = idx;
currType = *idx;
ato16(idx + 3, &rLength);
idx += _RECORD_HEADER_SZ;
tail_len -= _RECORD_HEADER_SZ;
if (tail_len < rLength)
return -1;
if (type == _change_cipher_hs && currType == _change_cipher) {
if (rLength != 1)
return -1;
/* match */
test_remove_msg(curr, *len - (int)(curr - buf),
len, _RECORD_HEADER_SZ + 1);
*found = 1;
return 0;
}
if (currType != _handshake) {
idx += rLength;
tail_len -= rLength;
continue;
}
if (rLength < _HANDSHAKE_HEADER_SZ)
return -1;
currType = *idx;
ato24(idx+1, &hLength);
hLength += _HANDSHAKE_HEADER_SZ;
if (tail_len < hLength)
return -1;
if (currType != type) {
idx += hLength;
tail_len -= hLength;
continue;
}
/* match */
test_remove_msg(curr, *len - (int)(curr - buf), len,
hLength + _RECORD_HEADER_SZ);
*found = 1;
return 0;
}
/* not found */
return 0;
}
static int test_remove_hs_message(byte hs_message_type,
int extra_round, byte alert_type)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_ALERT_HISTORY h;
byte found = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
if (extra_round) {
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
/* this will complete handshake from server side */
ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
}
ExpectIntEQ(test_remove_hs_msg_from_buffer(test_ctx.c_buff,
&test_ctx.c_len, hs_message_type, &found), 0);
if (!found) {
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
return TEST_SKIPPED;
}
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
ExpectTrue(alert_type == 0xff || h.last_tx.code == alert_type);
ExpectIntEQ(h.last_tx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
static int test_extra_alerts_skip_hs(void)
{
EXPECT_DECLS;
const byte _server_key_exchange = 12;
const byte _server_hello = 2;
const byte _certificate = 11;
/* server_hello */
ExpectIntNE(test_remove_hs_message(_server_hello, 0,
unexpected_message), TEST_FAIL);
ExpectIntNE(test_remove_hs_message(_certificate, 0,
0xff), TEST_FAIL);
ExpectIntNE(test_remove_hs_message(_server_key_exchange, 0,
unexpected_message), TEST_FAIL);
return EXPECT_RESULT();
}
#else
static int test_extra_alerts_skip_hs(void)
{
return TEST_SKIPPED;
}
#endif
#if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\
&& defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH)
static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id,
unsigned char* key, unsigned int key_max_len)
{
(void)ssl;
(void)id;
(void)key_max_len;
/* zero means error */
key[0] = 0x10;
return 1;
}
static int test_extra_alerts_bad_psk(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_ALERT_HISTORY h;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, "DHE-PSK-AES128-GCM-SHA256"),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_cipher_list(ssl_s, "DHE-PSK-AES128-GCM-SHA256"),
WOLFSSL_SUCCESS);
wolfSSL_set_psk_server_callback(ssl_s, test_server_psk_cb);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
ExpectIntEQ(h.last_tx.code, handshake_failure);
ExpectIntEQ(h.last_tx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#else
static int test_extra_alerts_bad_psk(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\
&& !defined(NO_PSK)
static unsigned int test_tls13_bad_psk_binder_client_cb(WOLFSSL* ssl,
const char* hint, char* identity, unsigned int id_max_len,
unsigned char* key, unsigned int key_max_len)
{
(void)ssl;
(void)hint;
(void)key_max_len;
/* see internal.h MAX_PSK_ID_LEN for PSK identity limit */
XSTRNCPY(identity, "Client_identity", id_max_len);
key[0] = 0x20;
return 1;
}
static unsigned int test_tls13_bad_psk_binder_server_cb(WOLFSSL* ssl,
const char* id, unsigned char* key, unsigned int key_max_len)
{
(void)ssl;
(void)id;
(void)key_max_len;
/* zero means error */
key[0] = 0x10;
return 1;
}
#endif
static int test_tls13_bad_psk_binder(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_TLS13) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\
&& !defined(NO_PSK)
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_ALERT_HISTORY h;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
wolfSSL_set_psk_client_callback(ssl_c, test_tls13_bad_psk_binder_client_cb);
wolfSSL_set_psk_server_callback(ssl_s, test_tls13_bad_psk_binder_server_cb);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
ExpectIntEQ( wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
BAD_BINDER);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
ExpectIntEQ(h.last_rx.code, illegal_parameter);
ExpectIntEQ(h.last_rx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
#if defined(WOLFSSL_HARDEN_TLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
static int test_harden_no_secure_renegotiation_io_cb(WOLFSSL *ssl, char *buf,
int sz, void *ctx)
{
static int sentServerHello = FALSE;
if (!sentServerHello) {
byte renegExt[] = { 0xFF, 0x01, 0x00, 0x01, 0x00 };
size_t i;
if (sz < (int)sizeof(renegExt))
return WOLFSSL_CBIO_ERR_GENERAL;
/* Remove SCR from ServerHello */
for (i = 0; i < sz - sizeof(renegExt); i++) {
if (XMEMCMP(buf + i, renegExt, sizeof(renegExt)) == 0) {
/* Found the extension. Change it to something unrecognized. */
buf[i+1] = 0x11;
break;
}
}
sentServerHello = TRUE;
}
return EmbedSend(ssl, buf, sz, ctx);
}
static void test_harden_no_secure_renegotiation_ssl_ready(WOLFSSL* ssl)
{
wolfSSL_SSLSetIOSend(ssl, test_harden_no_secure_renegotiation_io_cb);
}
static void test_harden_no_secure_renegotiation_on_cleanup(WOLFSSL* ssl)
{
WOLFSSL_ALERT_HISTORY h;
AssertIntEQ(wolfSSL_get_alert_history(ssl, &h), WOLFSSL_SUCCESS);
AssertIntEQ(h.last_rx.code, handshake_failure);
AssertIntEQ(h.last_rx.level, alert_fatal);
}
static int test_harden_no_secure_renegotiation(void)
{
EXPECT_DECLS;
callback_functions client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.method = wolfTLSv1_2_client_method;
server_cbs.method = wolfTLSv1_2_server_method;
server_cbs.ssl_ready = test_harden_no_secure_renegotiation_ssl_ready;
server_cbs.on_cleanup = test_harden_no_secure_renegotiation_on_cleanup;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
ExpectIntEQ(client_cbs.return_code, TEST_FAIL);
ExpectIntEQ(client_cbs.last_err, SECURE_RENEGOTIATION_E);
ExpectIntEQ(server_cbs.return_code, TEST_FAIL);
ExpectTrue(server_cbs.last_err == SOCKET_ERROR_E ||
server_cbs.last_err == FATAL_ERROR);
return EXPECT_RESULT();
}
#else
static int test_harden_no_secure_renegotiation(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_OCSP) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static int test_override_alt_cert_chain_cert_cb(int preverify,
WOLFSSL_X509_STORE_CTX* store)
{
fprintf(stderr, "preverify: %d\n", preverify);
fprintf(stderr, "store->error: %d\n", store->error);
fprintf(stderr, "error reason: %s\n", wolfSSL_ERR_reason_error_string(store->error));
if (store->error == OCSP_INVALID_STATUS) {
fprintf(stderr, "Overriding OCSP error\n");
return 1;
}
#ifndef WOLFSSL_ALT_CERT_CHAINS
else if ((store->error == ASN_NO_SIGNER_E ||
store->error == ASN_SELF_SIGNED_E
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER)
|| store->error == WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
#endif
) && store->error_depth == store->totalCerts - 1) {
fprintf(stderr, "Overriding no signer error only for root cert\n");
return 1;
}
#endif
else
return preverify;
}
static int test_override_alt_cert_chain_ocsp_cb(void* ioCtx, const char* url,
int urlSz, unsigned char* request, int requestSz,
unsigned char** response)
{
(void)ioCtx;
(void)url;
(void)urlSz;
(void)request;
(void)requestSz;
(void)response;
return -1;
}
static int test_override_alt_cert_chain_client_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER,
test_override_alt_cert_chain_cert_cb);
ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL |
WOLFSSL_OCSP_URL_OVERRIDE), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_SetOCSP_Cb(ctx,
test_override_alt_cert_chain_ocsp_cb, NULL, NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_SetOCSP_OverrideURL(ctx, "not a url"),
WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_override_alt_cert_chain_client_ctx_ready2(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
ExpectIntEQ(wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_CHECKALL |
WOLFSSL_OCSP_URL_OVERRIDE), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_SetOCSP_Cb(ctx,
test_override_alt_cert_chain_ocsp_cb, NULL, NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_SetOCSP_OverrideURL(ctx, "not a url"),
WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_override_alt_cert_chain_server_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx,
"./certs/intermediate/server-chain-alt.pem"), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_override_alt_cert_chain(void)
{
EXPECT_DECLS;
size_t i;
struct test_params {
ctx_cb client_ctx_cb;
ctx_cb server_ctx_cb;
int result;
} params[] = {
{test_override_alt_cert_chain_client_ctx_ready,
test_override_alt_cert_chain_server_ctx_ready, TEST_SUCCESS},
{test_override_alt_cert_chain_client_ctx_ready2,
test_override_alt_cert_chain_server_ctx_ready, TEST_FAIL},
};
for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
test_ssl_cbf client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
fprintf(stderr, "test config: %d\n", (int)i);
client_cbs.ctx_ready = params[i].client_ctx_cb;
server_cbs.ctx_ready = params[i].server_ctx_cb;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
&server_cbs, NULL), params[i].result);
ExpectIntEQ(client_cbs.return_code, params[i].result);
ExpectIntEQ(server_cbs.return_code, params[i].result);
}
return EXPECT_RESULT();
}
#else
static int test_override_alt_cert_chain(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_RPK)
#define svrRpkCertFile "./certs/rpk/server-cert-rpk.der"
#define clntRpkCertFile "./certs/rpk/client-cert-rpk.der"
#if defined(WOLFSSL_ALWAYS_VERIFY_CB) && defined(WOLFSSL_TLS13)
static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx)
{
int ret = WOLFSSL_SUCCESS;
(void)mode;
(void)strctx;
WOLFSSL_ENTER("MyRpkVerifyCb");
return ret;
}
#endif /* WOLFSSL_ALWAYS_VERIFY_CB && WOLFSSL_TLS13 */
static WC_INLINE int test_rpk_memio_setup(
struct test_memio_ctx *ctx,
WOLFSSL_CTX **ctx_c,
WOLFSSL_CTX **ctx_s,
WOLFSSL **ssl_c,
WOLFSSL **ssl_s,
method_provider method_c,
method_provider method_s,
const char* certfile_c, int fmt_cc, /* client cert file path and format */
const char* certfile_s, int fmt_cs, /* server cert file path and format */
const char* pkey_c, int fmt_kc, /* client private key and format */
const char* pkey_s, int fmt_ks /* server private key and format */
)
{
int ret;
if (ctx_c != NULL && *ctx_c == NULL) {
*ctx_c = wolfSSL_CTX_new(method_c());
if (*ctx_c == NULL) {
return -1;
}
wolfSSL_CTX_set_verify(*ctx_c, WOLFSSL_VERIFY_PEER, NULL);
ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
ret = wolfSSL_CTX_use_certificate_file(*ctx_c, certfile_c, fmt_cc);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_c, pkey_c, fmt_kc);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
}
if (ctx_s != NULL && *ctx_s == NULL) {
*ctx_s = wolfSSL_CTX_new(method_s());
if (*ctx_s == NULL) {
return -1;
}
wolfSSL_CTX_set_verify(*ctx_s, WOLFSSL_VERIFY_PEER, NULL);
ret = wolfSSL_CTX_load_verify_locations(*ctx_s, cliCertFile, 0);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, pkey_s, fmt_ks);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
ret = wolfSSL_CTX_use_certificate_file(*ctx_s, certfile_s, fmt_cs);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
if (ctx->s_ciphers != NULL) {
ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
if (ret != WOLFSSL_SUCCESS) {
return -1;
}
}
}
if (ctx_c != NULL && ssl_c != NULL) {
*ssl_c = wolfSSL_new(*ctx_c);
if (*ssl_c == NULL) {
return -1;
}
wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
wolfSSL_SetIOReadCtx(*ssl_c, ctx);
}
if (ctx_s != NULL && ssl_s != NULL) {
*ssl_s = wolfSSL_new(*ctx_s);
if (*ssl_s == NULL) {
return -1;
}
wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
wolfSSL_SetIOReadCtx(*ssl_s, ctx);
#if !defined(NO_DH)
SetDH(*ssl_s);
#endif
}
return 0;
}
#endif /* HAVE_RPK */
static int test_rpk_set_xxx_cert_type(void)
{
EXPECT_DECLS;
#if defined(HAVE_RPK)
char ctype[MAX_CLIENT_CERT_TYPE_CNT + 1]; /* prepare bigger buffer */
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
int tp;
ctx = wolfSSL_CTX_new(wolfTLS_client_method());
ExpectNotNull(ctx);
ssl = wolfSSL_new(ctx);
ExpectNotNull(ssl);
/*--------------------------------------------*/
/* tests for wolfSSL_CTX_set_client_cert_type */
/*--------------------------------------------*/
/* illegal parameter test caces */
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(NULL, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
sizeof(ctype)),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
ctype[1] = WOLFSSL_CERT_TYPE_RPK;
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_X509;
ctype[1] = 10; /* set unknown cert type */
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
BAD_FUNC_ARG);
/* pass larger type count */
ctype[0] = WOLFSSL_CERT_TYPE_RPK;
ctype[1] = WOLFSSL_CERT_TYPE_X509;
ctype[2] = 1; /* pass unacceptable type count */
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
MAX_CLIENT_CERT_TYPE_CNT + 1),
BAD_FUNC_ARG);
/* should accept NULL for type buffer */
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, NULL,
MAX_CLIENT_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/* should accept zero for type count */
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
0),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/*--------------------------------------------*/
/* tests for wolfSSL_CTX_set_server_cert_type */
/*--------------------------------------------*/
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(NULL, ctype,
MAX_SERVER_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
sizeof(ctype)),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
ctype[1] = WOLFSSL_CERT_TYPE_RPK;
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
MAX_SERVER_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_X509;
ctype[1] = 10; /* set unknown cert type */
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
MAX_SERVER_CERT_TYPE_CNT),
BAD_FUNC_ARG);
/* pass larger type count */
ctype[0] = WOLFSSL_CERT_TYPE_RPK;
ctype[1] = WOLFSSL_CERT_TYPE_X509;
ctype[2] = 1; /* pass unacceptable type count */
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
MAX_SERVER_CERT_TYPE_CNT + 1),
BAD_FUNC_ARG);
/* should accept NULL for type buffer */
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, NULL,
MAX_SERVER_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/* should accept zero for type count */
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
0),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/*--------------------------------------------*/
/* tests for wolfSSL_set_client_cert_type */
/*--------------------------------------------*/
ExpectIntEQ(wolfSSL_set_client_cert_type(NULL, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
sizeof(ctype)),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
ctype[1] = WOLFSSL_CERT_TYPE_RPK;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_X509;
ctype[1] = 10; /* set unknown cert type */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
BAD_FUNC_ARG);
/* pass larger type count */
ctype[0] = WOLFSSL_CERT_TYPE_RPK;
ctype[1] = WOLFSSL_CERT_TYPE_X509;
ctype[2] = 1; /* pass unacceptable type count */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
MAX_CLIENT_CERT_TYPE_CNT + 1),
BAD_FUNC_ARG);
/* should accept NULL for type buffer */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, NULL,
MAX_CLIENT_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/* should accept zero for type count */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
0),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
MAX_CLIENT_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/*--------------------------------------------*/
/* tests for wolfSSL_CTX_set_server_cert_type */
/*--------------------------------------------*/
ExpectIntEQ(wolfSSL_set_server_cert_type(NULL, ctype,
MAX_SERVER_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
sizeof(ctype)),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
ctype[1] = WOLFSSL_CERT_TYPE_RPK;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
MAX_SERVER_CERT_TYPE_CNT),
BAD_FUNC_ARG);
ctype[0] = WOLFSSL_CERT_TYPE_X509;
ctype[1] = 10; /* set unknown cert type */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
MAX_SERVER_CERT_TYPE_CNT),
BAD_FUNC_ARG);
/* pass larger type count */
ctype[0] = WOLFSSL_CERT_TYPE_RPK;
ctype[1] = WOLFSSL_CERT_TYPE_X509;
ctype[2] = 1; /* pass unacceptable type count */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
MAX_SERVER_CERT_TYPE_CNT + 1),
BAD_FUNC_ARG);
/* should accept NULL for type buffer */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, NULL,
MAX_SERVER_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/* should accept zero for type count */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
0),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
MAX_SERVER_CERT_TYPE_CNT),
WOLFSSL_SUCCESS);
/*------------------------------------------------*/
/* tests for wolfSSL_get_negotiated_xxx_cert_type */
/*------------------------------------------------*/
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(NULL, &tp),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl, NULL),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(NULL, &tp),
BAD_FUNC_ARG);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl, NULL),
BAD_FUNC_ARG);
/* clean up */
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_tls13_rpk_handshake(void)
{
EXPECT_DECLS;
#if defined(HAVE_RPK) && (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13))
#ifdef WOLFSSL_TLS13
int ret = 0;
#endif
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
struct test_memio_ctx test_ctx;
int err;
char certType_c[MAX_CLIENT_CERT_TYPE_CNT];
char certType_s[MAX_CLIENT_CERT_TYPE_CNT];
int typeCnt_c;
int typeCnt_s;
int tp = 0;
#if defined(WOLFSSL_ALWAYS_VERIFY_CB) && defined(WOLFSSL_TLS13)
int isServer;
#endif
(void)err;
(void)typeCnt_c;
(void)typeCnt_s;
(void)certType_c;
(void)certType_s;
#ifndef WOLFSSL_NO_TLS12
/* TLS1.2
* Both client and server load x509 cert and start handshaking.
* Check no negotiation occurred.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM)
, 0);
/* set client certificate type in client end */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
/* both client and server do not call client/server_cert_type APIs,
* expecting default settings works and no negotiation performed.
*/
if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
/* confirm no negotiation occurred */
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
(void)typeCnt_c;
(void)typeCnt_s;
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
#endif
#ifdef WOLFSSL_TLS13
/* Both client and server load x509 cert and start handshaking.
* Check no negotiation occurred.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* set client certificate type in client end */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
/* both client and server do not call client/server_cert_type APIs,
* expecting default settings works and no negotiation performed.
*/
if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
/* confirm no negotiation occurred */
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
(void)typeCnt_c;
(void)typeCnt_s;
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
/* Both client and server load RPK cert and start handshaking.
* Confirm negotiated cert types match as expected.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* set client certificate type in client end */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* set server certificate type in client end */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* set client certificate type in server end */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* set server certificate type in server end */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
#endif
#ifndef WOLFSSL_NO_TLS12
/* TLS1.2
* Both client and server load RPK cert and start handshaking.
* Confirm negotiated cert types match as expected.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* set client certificate type in client end */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* set server certificate type in client end */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* set client certificate type in server end */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* set server certificate type in server end */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
#endif
#ifdef WOLFSSL_TLS13
/* Both client and server load x509 cert.
* Have client call set_client_cert_type with both RPK and x509.
* This doesn't makes client add client cert type extension to ClientHello,
* since it does not load RPK cert actually.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* set client certificate type in client end
*
* client indicates both RPK and x509 certs are available but loaded RPK
* cert only. It does not have client add client-cert-type extension in CH.
*/
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* client indicates both RPK and x509 certs are acceptable */
certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* server indicates both RPK and x509 certs are acceptable */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* server should indicate only RPK cert is available */
certType_s[0] = WOLFSSL_CERT_TYPE_X509;
certType_s[1] = -1;
typeCnt_s = 1;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
/* Negotiation for client-cert-type should NOT happen. Therefore -1 should
* be returned as cert type.
*/
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
/* Have client load RPK cert and have server load x509 cert.
* Check the negotiation result from both ends.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrCertFile, WOLFSSL_FILETYPE_PEM,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* have client tell to use RPK cert */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = -1;
typeCnt_c = 1;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* have client tell to accept both RPK and x509 cert */
certType_s[0] = WOLFSSL_CERT_TYPE_X509;
certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* have server accept to both RPK and x509 cert */
certType_c[0] = WOLFSSL_CERT_TYPE_X509;
certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
typeCnt_c = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* does not call wolfSSL_set_server_cert_type intentionally in sesrver
* end, expecting the default setting works.
*/
if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
/* Have both client and server load RPK cert, however, have server
* indicate its cert type x509.
* Client is expected to detect the cert type mismatch then to send alert
* with "unsupported_certificate".
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, /* server sends RPK cert */
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* have client tell to use RPK cert */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = -1;
typeCnt_c = 1;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* have client tell to accept both RPK and x509 cert */
certType_s[0] = WOLFSSL_CERT_TYPE_X509;
certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* have server accept to both RPK and x509 cert */
certType_c[0] = WOLFSSL_CERT_TYPE_X509;
certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
typeCnt_c = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* have server tell to use x509 cert intentionally. This will bring
* certificate type mismatch in client side.
*/
certType_s[0] = WOLFSSL_CERT_TYPE_X509;
certType_s[1] = -1;
typeCnt_s = 1;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* expect client detect cert type mismatch then send Alert */
ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
if (ret != -1)
return TEST_FAIL;
ExpectIntEQ(wolfSSL_get_error(ssl_c, ret), UNSUPPORTED_CERTIFICATE);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
/* Have client load x509 cert and server load RPK cert,
* however, have client indicate its cert type RPK.
* Server is expected to detect the cert type mismatch then to send alert
* with "unsupported_certificate".
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
cliCertFile, WOLFSSL_FILETYPE_PEM,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* have client tell to use RPK cert intentionally */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = -1;
typeCnt_c = 1;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* have client tell to accept both RPK and x509 cert */
certType_s[0] = WOLFSSL_CERT_TYPE_X509;
certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* have server accept to both RPK and x509 cert */
certType_c[0] = WOLFSSL_CERT_TYPE_X509;
certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
typeCnt_c = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* have server tell to use x509 cert intentionally. This will bring
* certificate type mismatch in client side.
*/
certType_s[0] = WOLFSSL_CERT_TYPE_X509;
certType_s[1] = -1;
typeCnt_s = 1;
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
/* expect server detect cert type mismatch then send Alert */
ExpectIntNE(ret, 0);
err = wolfSSL_get_error(ssl_c, ret);
ExpectIntEQ(err, UNSUPPORTED_CERTIFICATE);
/* client did not load RPK cert actually, so negotiation did not happen */
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
/* client did not load RPK cert actually, so negotiation did not happen */
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
#if defined(WOLFSSL_ALWAYS_VERIFY_CB)
/* Both client and server load RPK cert and set certificate verify
* callbacks then start handshaking.
* Confirm both side can refer the peer's cert.
*/
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(
test_rpk_memio_setup(
&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
cliKeyFile, WOLFSSL_FILETYPE_PEM,
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* set client certificate type in client end */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* set server certificate type in client end */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* set client certificate type in server end */
ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
WOLFSSL_SUCCESS);
/* set server certificate type in server end */
ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
WOLFSSL_SUCCESS);
/* set certificate verify callback to both client and server */
isServer = 0;
wolfSSL_SetCertCbCtx(ssl_c, &isServer);
wolfSSL_set_verify(ssl_c, SSL_VERIFY_PEER, MyRpkVerifyCb);
isServer = 1;
wolfSSL_SetCertCbCtx(ssl_c, &isServer);
wolfSSL_set_verify(ssl_s, SSL_VERIFY_PEER, MyRpkVerifyCb);
ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
if (ret != 0)
return TEST_FAIL;
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
#endif /* WOLFSSL_ALWAYS_VERIFY_CB */
#endif /* WOLFSSL_TLS13 */
#endif /* HAVE_RPK && (!WOLFSSL_NO_TLS12 || WOLFSSL_TLS13) */
return EXPECT_RESULT();
}
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
static int test_dtls13_bad_epoch_ch(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
const int EPOCH_OFF = 3;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
/* disable hrr cookie so we can later check msgsReceived.got_client_hello
* with just one message */
ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntGE(test_ctx.s_len, EPOCH_OFF + 2);
/* first CH should use epoch 0x0 */
ExpectTrue((test_ctx.s_buff[EPOCH_OFF] == 0x0) &&
(test_ctx.s_buff[EPOCH_OFF + 1] == 0x0));
/* change epoch to 2 */
test_ctx.s_buff[EPOCH_OFF + 1] = 0x2;
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntNE(ssl_s->msgsReceived.got_client_hello, 1);
/* resend the CH */
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#else
static int test_dtls13_bad_epoch_ch(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && !defined(NO_SESSION_CACHE)
static int test_short_session_id_ssl_ready(WOLFSSL* ssl)
{
EXPECT_DECLS;
WOLFSSL_SESSION *sess = NULL;
/* Setup the session to avoid errors */
ssl->session->timeout = -1;
ssl->session->side = WOLFSSL_CLIENT_END;
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
defined(HAVE_SESSION_TICKET))
ssl->session->version = ssl->version;
#endif
/* Force a short session ID to be sent */
ssl->session->sessionIDSz = 4;
#ifndef NO_SESSION_CACHE_REF
/* Allow the client cache to be used */
ssl->session->idLen = 4;
#endif
ssl->session->isSetup = 1;
ExpectNotNull(sess = wolfSSL_get_session(ssl));
ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_short_session_id(void)
{
EXPECT_DECLS;
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
size_t i;
struct {
method_provider client_meth;
method_provider server_meth;
const char* tls_version;
} params[] = {
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID) && \
!defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
/* With WOLFSSL_TLS13_MIDDLEBOX_COMPAT a short ID will result in an error */
{ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" },
#ifdef WOLFSSL_DTLS13
{ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" },
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" },
#ifdef WOLFSSL_DTLS
{ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" },
#endif
#endif
#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
!defined(NO_DES3))
{ wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" },
#ifdef WOLFSSL_DTLS
{ wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" },
#endif
#endif
};
fprintf(stderr, "\n");
for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
fprintf(stderr, "\tTesting short ID with %s\n", params[i].tls_version);
client_cbf.ssl_ready = test_short_session_id_ssl_ready;
client_cbf.method = params[i].client_meth;
server_cbf.method = params[i].server_meth;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
}
return EXPECT_RESULT();
}
#else
static int test_short_session_id(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_NULL_CIPHER) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) \
&& defined(WOLFSSL_DTLS13)
static byte* test_find_string(const char *string,
byte *buf, int buf_size)
{
int string_size, i;
string_size = (int)XSTRLEN(string);
for (i = 0; i < buf_size - string_size - 1; i++) {
if (XSTRCMP((char*)&buf[i], string) == 0)
return &buf[i];
}
return NULL;
}
static int test_wolfSSL_dtls13_null_cipher(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
const char *test_str = "test";
int test_str_size;
byte buf[255], *ptr = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
test_ctx.c_ciphers = test_ctx.s_ciphers = "TLS13-SHA256-SHA256";
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
test_str_size = XSTRLEN("test") + 1;
ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size);
ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0);
ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
/* check that the packet was sent cleartext */
ExpectNotNull(ptr = test_find_string(test_str, test_ctx.s_buff,
test_ctx.s_len));
if (ptr != NULL) {
/* modify the message */
*ptr = 'H';
/* bad messages should be ignored in DTLS */
ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), -1);
ExpectIntEQ(ssl_s->error, WANT_READ);
}
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
return TEST_SUCCESS;
}
#else
static int test_wolfSSL_dtls13_null_cipher(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(SINGLE_THREADED) && !defined(NO_RSA)
static int test_dtls_msg_get_connected_port(int fd, word16 *port)
{
SOCKADDR_S peer;
XSOCKLENT len;
int ret;
XMEMSET((byte*)&peer, 0, sizeof(peer));
len = sizeof(peer);
ret = getpeername(fd, (SOCKADDR*)&peer, &len);
if (ret != 0 || len > (XSOCKLENT)sizeof(peer))
return -1;
switch (peer.ss_family) {
#ifdef WOLFSSL_IPV6
case WOLFSSL_IP6: {
*port = ntohs(((SOCKADDR_IN6*)&peer)->sin6_port);
break;
}
#endif /* WOLFSSL_IPV6 */
case WOLFSSL_IP4:
*port = ntohs(((SOCKADDR_IN*)&peer)->sin_port);
break;
default:
return -1;
}
return 0;
}
static int test_dtls_msg_from_other_peer_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
{
char buf[1] = {'t'};
SOCKADDR_IN_T addr;
int sock_fd;
word16 port;
int err;
(void)ssl;
(void)ctx;
if (ssl == NULL)
return -1;
err = test_dtls_msg_get_connected_port(wolfSSL_get_fd(ssl), &port);
if (err != 0)
return -1;
sock_fd = socket(AF_INET_V, SOCK_DGRAM, 0);
if (sock_fd == -1)
return -1;
build_addr(&addr, wolfSSLIP, port, 1, 0);
/* send a packet to the server. Being another socket, the kernel will ensure
* the source port will be different. */
err = (int)sendto(sock_fd, buf, sizeof(buf), 0, (SOCKADDR*)&addr,
sizeof(addr));
close(sock_fd);
if (err == -1)
return -1;
return 0;
}
/* setup a SSL session but just after the handshake send a packet to the server
* with a source address different than the one of the connected client. The I/O
* callback EmbedRecvFrom should just ignore the packet. Sending of the packet
* is done in test_dtls_msg_from_other_peer_cb */
static int test_dtls_msg_from_other_peer(void)
{
EXPECT_DECLS;
callback_functions client_cbs;
callback_functions server_cbs;
XMEMSET((byte*)&client_cbs, 0, sizeof(client_cbs));
XMEMSET((byte*)&server_cbs, 0, sizeof(server_cbs));
client_cbs.method = wolfDTLSv1_2_client_method;
server_cbs.method = wolfDTLSv1_2_server_method;
client_cbs.doUdp = 1;
server_cbs.doUdp = 1;
test_wolfSSL_client_server_nofail_ex(&client_cbs, &server_cbs,
test_dtls_msg_from_other_peer_cb);
ExpectIntEQ(client_cbs.return_code, WOLFSSL_SUCCESS);
ExpectIntEQ(server_cbs.return_code, WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_dtls_msg_from_other_peer(void)
{
return TEST_SKIPPED;
}
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
* !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
* !defined(SINGLE_THREADED) && !defined(NO_RSA) */
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_IPV6) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
static int test_dtls_ipv6_check(void)
{
EXPECT_DECLS;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
SOCKADDR_IN fake_addr6;
int sockfd = -1;
ExpectNotNull(ctx_c = wolfSSL_CTX_new(wolfDTLSv1_2_client_method()));
ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
ExpectNotNull(ctx_s = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx_s, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx_s, svrCertFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
XMEMSET((byte*)&fake_addr6, 0, sizeof(fake_addr6));
/* mimic a sockaddr_in6 struct, this way we can't test without
* WOLFSSL_IPV6 */
fake_addr6.sin_family = WOLFSSL_IP6;
ExpectIntNE(sockfd = socket(AF_INET, SOCK_DGRAM, 0), -1);
ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS);
/* can't return error here, as the peer is opaque for wolfssl library at
* this point */
ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_c, &fake_addr6, sizeof(fake_addr6)),
WOLFSSL_SUCCESS);
ExpectIntNE(fcntl(sockfd, F_SETFL, O_NONBLOCK), -1);
wolfSSL_dtls_set_using_nonblock(ssl_c, 1);
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(ssl_c->error, SOCKET_ERROR_E);
ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_s, &fake_addr6, sizeof(fake_addr6)),
WOLFSSL_SUCCESS);
/* reuse the socket */
ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS);
wolfSSL_dtls_set_using_nonblock(ssl_s, 1);
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
ExpectIntEQ(ssl_s->error, SOCKET_ERROR_E);
if (sockfd != -1)
close(sockfd);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
return EXPECT_RESULT();
}
#else
static int test_dtls_ipv6_check(void)
{
return TEST_SKIPPED;
}
#endif
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
static WOLFSSL_SESSION* test_wolfSSL_SCR_after_resumption_session = NULL;
static void test_wolfSSL_SCR_after_resumption_ctx_ready(WOLFSSL_CTX* ctx)
{
AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
}
static void test_wolfSSL_SCR_after_resumption_on_result(WOLFSSL* ssl)
{
if (test_wolfSSL_SCR_after_resumption_session == NULL) {
test_wolfSSL_SCR_after_resumption_session = wolfSSL_get1_session(ssl);
AssertNotNull(test_wolfSSL_SCR_after_resumption_session);
}
else {
char testMsg[] = "Message after SCR";
char msgBuf[sizeof(testMsg)];
int ret;
if (!wolfSSL_is_server(ssl)) {
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_set_session(ssl,
test_wolfSSL_SCR_after_resumption_session));
}
AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
sizeof(testMsg));
ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
if (ret != sizeof(msgBuf)) /* Possibly APP_DATA_READY error. Retry. */
ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
AssertIntEQ(ret, sizeof(msgBuf));
}
}
static void test_wolfSSL_SCR_after_resumption_ssl_ready(WOLFSSL* ssl)
{
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_set_session(ssl, test_wolfSSL_SCR_after_resumption_session));
}
static int test_wolfSSL_SCR_after_resumption(void)
{
EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.method = wolfTLSv1_2_client_method;
func_cb_client.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready;
func_cb_client.on_result = test_wolfSSL_SCR_after_resumption_on_result;
func_cb_server.method = wolfTLSv1_2_server_method;
func_cb_server.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
func_cb_client.ssl_ready = test_wolfSSL_SCR_after_resumption_ssl_ready;
func_cb_server.on_result = test_wolfSSL_SCR_after_resumption_on_result;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
wolfSSL_SESSION_free(test_wolfSSL_SCR_after_resumption_session);
return EXPECT_RESULT();
}
#else
static int test_wolfSSL_SCR_after_resumption(void)
{
return TEST_SKIPPED;
}
#endif
static int test_wolfSSL_configure_args(void)
{
EXPECT_DECLS;
#if defined(LIBWOLFSSL_CONFIGURE_ARGS) && defined(HAVE_WC_INTROSPECTION)
ExpectNotNull(wolfSSL_configure_args());
#endif
return EXPECT_RESULT();
}
static int test_dtls_no_extensions(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_NO_TLS12)
WOLFSSL *ssl_s = NULL;
WOLFSSL_CTX *ctx_s = NULL;
struct test_memio_ctx test_ctx;
const byte chNoExtensions[] = {
/* Handshake type */
0x16,
/* Version */
0xfe, 0xff,
/* Epoch */
0x00, 0x00,
/* Seq number */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
/* Length */
0x00, 0x40,
/* CH type */
0x01,
/* Length */
0x00, 0x00, 0x34,
/* Msg Seq */
0x00, 0x00,
/* Frag offset */
0x00, 0x00, 0x00,
/* Frag length */
0x00, 0x00, 0x34,
/* Version */
0xfe, 0xff,
/* Random */
0x62, 0xfe, 0xbc, 0xfe, 0x2b, 0xfe, 0x3f, 0xeb, 0x03, 0xc4, 0xea, 0x37,
0xe7, 0x47, 0x7e, 0x8a, 0xd9, 0xbf, 0x77, 0x0f, 0x6c, 0xb6, 0x77, 0x0b,
0x03, 0x3f, 0x82, 0x2b, 0x21, 0x64, 0x57, 0x1d,
/* Session Length */
0x00,
/* Cookie Length */
0x00,
/* CS Length */
0x00, 0x0c,
/* CS */
0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x39, 0x00, 0x33,
/* Comp Meths Length */
0x01,
/* Comp Meths */
0x00
/* And finally... no extensions */
};
int i;
#ifdef OPENSSL_EXTRA
int repeats = 2;
#else
int repeats = 1;
#endif
for (i = 0; i < repeats; i++) {
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ssl_s = NULL;
ctx_s = NULL;
ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
NULL, wolfDTLS_server_method), 0);
XMEMCPY(test_ctx.s_buff, chNoExtensions, sizeof(chNoExtensions));
test_ctx.s_len = sizeof(chNoExtensions);
#ifdef OPENSSL_EXTRA
if (i > 0) {
ExpectIntEQ(wolfSSL_set_max_proto_version(ssl_s, DTLS1_2_VERSION),
WOLFSSL_SUCCESS);
}
#endif
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Expecting a handshake msg. Either HVR or SH. */
ExpectIntGT(test_ctx.c_len, 0);
ExpectIntEQ(test_ctx.c_buff[0], 0x16);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
}
#endif
return EXPECT_RESULT();
}
static int test_tls_alert_no_server_hello(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
WOLFSSL *ssl_c = NULL;
WOLFSSL_CTX *ctx_c = NULL;
struct test_memio_ctx test_ctx;
unsigned char alert_msg[] = { 0x15, 0x03, 0x01, 0x00, 0x02, 0x02, 0x28 };
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ssl_c = NULL;
ctx_c = NULL;
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
wolfTLSv1_2_client_method, NULL), 0);
XMEMCPY(test_ctx.c_buff, alert_msg, sizeof(alert_msg));
test_ctx.c_len = sizeof(alert_msg);
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), FATAL_ERROR);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
#endif
return EXPECT_RESULT();
}
static int test_TLSX_CA_NAMES_bad_extension(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
!defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA384) && \
defined(HAVE_NULL_CIPHER)
/* This test should only fail (with BUFFER_ERROR) when we actually try to
* parse the CA Names extension. Otherwise it will return other non-related
* errors. If CA Names will be parsed in more configurations, that should
* be reflected in the macro guard above. */
WOLFSSL *ssl_c = NULL;
WOLFSSL_CTX *ctx_c = NULL;
struct test_memio_ctx test_ctx;
/* HRR + SH using TLS_DHE_PSK_WITH_NULL_SHA384 */
const byte shBadCaNamesExt[] = {
0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf,
0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e,
0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07,
0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00,
0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02,
0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00,
0x5c, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x03, 0xcf, 0x21, 0xad, 0x74,
0x00, 0x00, 0x83, 0x3f, 0x3b, 0x80, 0x01, 0xac, 0x65, 0x8c, 0x19, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x02, 0x00, 0x9e, 0x09, 0x1c, 0xe8,
0xa8, 0x09, 0x9c, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00,
0x03, 0x3f, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x13, 0x05,
0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x00, 0x09, 0x00, 0x00,
0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x01, 0xff,
0xff, 0xff, 0xff, 0xfa, 0x0d, 0x00, 0x00, 0x00, 0xad, 0x02
};
const byte shBadCaNamesExt2[] = {
0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf,
0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e,
0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07,
0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00,
0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02,
0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00,
0x5e, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x7f, 0xd0, 0x2d, 0xea, 0x6e,
0x53, 0xa1, 0x6a, 0xc9, 0xc8, 0x54, 0xef, 0x75, 0xe4, 0xd9, 0xc6, 0x3e,
0x74, 0xcb, 0x30, 0x80, 0xcc, 0x83, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0xc0, 0x5a, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00,
0x03, 0x03, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x53, 0x25,
0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x02, 0x05, 0x00, 0x00,
0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x06, 0x00,
0x04, 0x00, 0x03, 0x30, 0x00, 0x13, 0x94, 0x00, 0x06, 0x00, 0x04, 0x02
};
int i = 0;
for (i = 0; i < 2; i++) {
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
wolfTLSv1_3_client_method, NULL), 0);
switch (i) {
case 0:
XMEMCPY(test_ctx.c_buff, shBadCaNamesExt,
sizeof(shBadCaNamesExt));
test_ctx.c_len = sizeof(shBadCaNamesExt);
break;
case 1:
XMEMCPY(test_ctx.c_buff, shBadCaNamesExt2,
sizeof(shBadCaNamesExt2));
test_ctx.c_len = sizeof(shBadCaNamesExt2);
break;
}
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), OUT_OF_ORDER_E);
#else
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), BUFFER_ERROR);
#endif
wolfSSL_free(ssl_c);
ssl_c = NULL;
wolfSSL_CTX_free(ctx_c);
ctx_c = NULL;
}
#endif
return EXPECT_RESULT();
}
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
static void test_dtls_1_0_hvr_downgrade_ctx_ready(WOLFSSL_CTX* ctx)
{
AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
WOLFSSL_SUCCESS);
}
static int test_dtls_1_0_hvr_downgrade(void)
{
EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_client.method = wolfDTLS_client_method;
func_cb_server.method = wolfDTLSv1_2_server_method;
func_cb_client.ctx_ready = test_dtls_1_0_hvr_downgrade_ctx_ready;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_dtls_1_0_hvr_downgrade(void)
{
EXPECT_DECLS;
return EXPECT_RESULT();
}
#endif
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_SESSION_TICKET)
static WOLFSSL_SESSION* test_session_ticket_no_id_session = NULL;
static void test_session_ticket_no_id_on_result(WOLFSSL* ssl)
{
test_session_ticket_no_id_session = wolfSSL_get1_session(ssl);
AssertNotNull(test_session_ticket_no_id_session);
}
static void test_session_ticket_no_id_ctx_ready(WOLFSSL_CTX* ctx)
{
AssertIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
}
static void test_session_ticket_no_id_ssl_ready(WOLFSSL* ssl)
{
test_session_ticket_no_id_session->sessionIDSz = 0;
AssertIntEQ(WOLFSSL_SUCCESS,
wolfSSL_set_session(ssl, test_session_ticket_no_id_session));
}
static int test_session_ticket_no_id(void)
{
/* We are testing an expired (invalid crypto context in out case since the
* ctx changes) session ticket being sent with the session ID being 0
* length. */
EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.method = wolfTLSv1_2_client_method;
func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready;
func_cb_client.on_result = test_session_ticket_no_id_on_result;
func_cb_server.method = wolfTLSv1_2_server_method;
func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.method = wolfTLSv1_2_client_method;
func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready;
func_cb_client.ssl_ready = test_session_ticket_no_id_ssl_ready;
func_cb_server.method = wolfTLSv1_2_server_method;
func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
wolfSSL_SESSION_free(test_session_ticket_no_id_session);
return EXPECT_RESULT();
}
#else
static int test_session_ticket_no_id(void)
{
EXPECT_DECLS;
return EXPECT_RESULT();
}
#endif
static int test_session_ticket_hs_update(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
struct test_memio_ctx test_ctx;
struct test_memio_ctx test_ctx2;
struct test_memio_ctx test_ctx3;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_c2 = NULL;
WOLFSSL *ssl_c3 = NULL;
WOLFSSL *ssl_s = NULL;
WOLFSSL *ssl_s2 = NULL;
WOLFSSL *ssl_s3 = NULL;
WOLFSSL_SESSION *sess = NULL;
byte read_data[1];
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
XMEMSET(&test_ctx2, 0, sizeof(test_ctx2));
XMEMSET(&test_ctx3, 0, sizeof(test_ctx3));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
/* Generate tickets */
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_SetLoggingPrefix("client");
/* Read the ticket msg */
ExpectIntEQ(wolfSSL_read(ssl_c, read_data, sizeof(read_data)),
WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
wolfSSL_SetLoggingPrefix(NULL);
ExpectIntEQ(test_memio_setup(&test_ctx2, &ctx_c, &ctx_s, &ssl_c2, &ssl_s2,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
ExpectIntEQ(test_memio_setup(&test_ctx3, &ctx_c, &ctx_s, &ssl_c3, &ssl_s3,
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
ExpectIntEQ(wolfSSL_set_session(ssl_c2, sess), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_set_session(ssl_c3, sess), WOLFSSL_SUCCESS);
wolfSSL_SetLoggingPrefix("client");
/* Exchange initial flights for the second connection */
ExpectIntEQ(wolfSSL_connect(ssl_c2), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_c2, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
wolfSSL_SetLoggingPrefix(NULL);
wolfSSL_SetLoggingPrefix("server");
ExpectIntEQ(wolfSSL_accept(ssl_s2), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_s2, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
wolfSSL_SetLoggingPrefix(NULL);
/* Complete third connection so that new tickets are exchanged */
ExpectIntEQ(test_memio_do_handshake(ssl_c3, ssl_s3, 10, NULL), 0);
/* Read the ticket msg */
wolfSSL_SetLoggingPrefix("client");
ExpectIntEQ(wolfSSL_read(ssl_c3, read_data, sizeof(read_data)),
WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_c3, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
wolfSSL_SetLoggingPrefix(NULL);
/* Complete second connection */
ExpectIntEQ(test_memio_do_handshake(ssl_c2, ssl_s2, 10, NULL), 0);
ExpectIntEQ(wolfSSL_session_reused(ssl_c2), 1);
ExpectIntEQ(wolfSSL_session_reused(ssl_c3), 1);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c3);
wolfSSL_free(ssl_s);
wolfSSL_free(ssl_s2);
wolfSSL_free(ssl_s3);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
wolfSSL_SESSION_free(sess);
#endif
return EXPECT_RESULT();
}
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
static void test_dtls_downgrade_scr_server_ctx_ready_server(WOLFSSL_CTX* ctx)
{
AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
}
static void test_dtls_downgrade_scr_server_ctx_ready(WOLFSSL_CTX* ctx)
{
AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
}
static void test_dtls_downgrade_scr_server_on_result(WOLFSSL* ssl)
{
char testMsg[] = "Message after SCR";
char msgBuf[sizeof(testMsg)];
if (wolfSSL_is_server(ssl)) {
AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR);
AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY);
AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
sizeof(testMsg));
}
else {
AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
sizeof(testMsg));
AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
}
}
static int test_dtls_downgrade_scr_server(void)
{
EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_client.method = wolfDTLSv1_2_client_method;
func_cb_server.method = wolfDTLS_server_method;
func_cb_client.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready;
func_cb_server.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready_server;
func_cb_client.on_result = test_dtls_downgrade_scr_server_on_result;
func_cb_server.on_result = test_dtls_downgrade_scr_server_on_result;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_dtls_downgrade_scr_server(void)
{
EXPECT_DECLS;
return EXPECT_RESULT();
}
#endif
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
static void test_dtls_downgrade_scr_ctx_ready(WOLFSSL_CTX* ctx)
{
AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
}
static void test_dtls_downgrade_scr_on_result(WOLFSSL* ssl)
{
char testMsg[] = "Message after SCR";
char msgBuf[sizeof(testMsg)];
if (wolfSSL_is_server(ssl)) {
AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR);
AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY);
AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
sizeof(testMsg));
}
else {
AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
sizeof(testMsg));
AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
}
}
static int test_dtls_downgrade_scr(void)
{
EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_client.method = wolfDTLS_client_method;
func_cb_server.method = wolfDTLSv1_2_server_method;
func_cb_client.ctx_ready = test_dtls_downgrade_scr_ctx_ready;
func_cb_client.on_result = test_dtls_downgrade_scr_on_result;
func_cb_server.on_result = test_dtls_downgrade_scr_on_result;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
static int test_dtls_downgrade_scr(void)
{
EXPECT_DECLS;
return EXPECT_RESULT();
}
#endif
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
&& !defined(WOLFSSL_NO_TLS12)
static int test_dtls_client_hello_timeout_downgrade_read_cb(WOLFSSL *ssl,
char *data, int sz, void *ctx)
{
static int call_counter = 0;
call_counter++;
(void)ssl;
(void)data;
(void)sz;
(void)ctx;
switch (call_counter) {
case 1:
case 2:
return WOLFSSL_CBIO_ERR_TIMEOUT;
case 3:
return WOLFSSL_CBIO_ERR_WANT_READ;
default:
AssertIntLE(call_counter, 3);
return -1;
}
}
#endif
/* Make sure we don't send acks before getting a server hello */
static int test_dtls_client_hello_timeout_downgrade(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
&& !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
DtlsRecordLayerHeader* dtlsRH;
size_t len;
byte sequence_number[8];
int i;
for (i = 0; i < 2; i++) {
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLS_client_method, wolfDTLSv1_2_server_method), 0);
if (i == 0) {
/* First time simulate timeout in IO layer */
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* HVR */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH2 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* SH flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Drop the SH */
dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff);
len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
(sizeof(DtlsRecordLayerHeader) + len));
test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
/* Read the remainder of the flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
wolfSSL_SSLSetIORecv(ssl_c,
test_dtls_client_hello_timeout_downgrade_read_cb);
/* CH3 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
wolfSSL_SSLSetIORecv(ssl_c, test_memio_read_cb);
}
else {
/* Second time call wolfSSL_dtls_got_timeout */
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* HVR */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH2 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* SH flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Drop the SH */
dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff);
len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
(sizeof(DtlsRecordLayerHeader) + len));
test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
/* Read the remainder of the flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Quick timeout should be set as we received at least one msg */
ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 1);
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
/* Quick timeout should be cleared after a quick timeout */
/* CH3 */
ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 0);
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
}
/* Parse out to make sure we got exactly one ClientHello message */
XMEMSET(&sequence_number, 0, sizeof(sequence_number));
/* Second ClientHello after HVR */
sequence_number[7] = 2;
dtlsRH = (DtlsRecordLayerHeader*)test_ctx.s_buff;
ExpectIntEQ(dtlsRH->type, handshake);
ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
sizeof(sequence_number)), 0);
len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
ExpectIntEQ(sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
/* Connection should be able to continue */
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
ssl_c = NULL;
ssl_s = NULL;
ctx_c = NULL;
ctx_s = NULL;
if (!EXPECT_SUCCESS())
break;
}
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
static int test_dtls_client_hello_timeout_read_cb(WOLFSSL *ssl, char *data,
int sz, void *ctx)
{
static int call_counter = 0;
call_counter++;
(void)ssl;
(void)data;
(void)sz;
(void)ctx;
switch (call_counter) {
case 1:
return WOLFSSL_CBIO_ERR_TIMEOUT;
case 2:
return WOLFSSL_CBIO_ERR_WANT_READ;
default:
AssertIntLE(call_counter, 2);
return -1;
}
}
#endif
/* Make sure we don't send acks before getting a server hello */
static int test_dtls_client_hello_timeout(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
WOLFSSL *ssl_c = NULL;
WOLFSSL_CTX *ctx_c = NULL;
struct test_memio_ctx test_ctx;
DtlsRecordLayerHeader* dtlsRH;
size_t idx;
size_t len;
byte sequence_number[8];
int i;
for (i = 0; i < 2; i++) {
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
wolfDTLSv1_3_client_method, NULL), 0);
if (i == 0) {
/* First time simulate timeout in IO layer */
wolfSSL_SSLSetIORecv(ssl_c, test_dtls_client_hello_timeout_read_cb);
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
}
else {
/* Second time call wolfSSL_dtls_got_timeout */
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
}
/* Parse out to make sure we got exactly two ClientHello messages */
idx = 0;
XMEMSET(&sequence_number, 0, sizeof(sequence_number));
/* First ClientHello */
dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx);
ExpectIntEQ(dtlsRH->type, handshake);
ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
sizeof(sequence_number)), 0);
len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
ExpectIntLT(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
idx += sizeof(DtlsRecordLayerHeader) + len;
/* Second ClientHello */
sequence_number[7] = 1;
dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx);
ExpectIntEQ(dtlsRH->type, handshake);
ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
sizeof(sequence_number)), 0);
len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
ExpectIntEQ(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
ssl_c = NULL;
ctx_c = NULL;
if (!EXPECT_SUCCESS())
break;
}
#endif
return EXPECT_RESULT();
}
/* DTLS test when dropping the changed cipher spec message */
static int test_dtls_dropped_ccs(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
&& !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
DtlsRecordLayerHeader* dtlsRH;
size_t len;
byte data[1];
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* HVR */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH2 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Server first flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Client flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Server ccs + finished */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), 1);
/* Drop the ccs */
dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff;
len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
ExpectIntEQ(len, 1);
ExpectIntEQ(dtlsRH->type, change_cipher_spec);
if (EXPECT_SUCCESS()) {
XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
(sizeof(DtlsRecordLayerHeader) + len));
}
test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
/* Client rtx flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
/* Server ccs + finished rtx */
ExpectIntEQ(wolfSSL_read(ssl_s, data, sizeof(data)), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Client processes finished */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), 1);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
&& !defined(WOLFSSL_NO_TLS12)
static int test_dtls_seq_num_downgrade_check_num(byte* ioBuf, int ioBufLen,
byte seq_num)
{
EXPECT_DECLS;
DtlsRecordLayerHeader* dtlsRH;
byte sequence_number[8];
XMEMSET(&sequence_number, 0, sizeof(sequence_number));
ExpectIntGE(ioBufLen, sizeof(*dtlsRH));
dtlsRH = (DtlsRecordLayerHeader*)ioBuf;
ExpectIntEQ(dtlsRH->type, handshake);
ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
sequence_number[7] = seq_num;
ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
sizeof(sequence_number)), 0);
return EXPECT_RESULT();
}
#endif
/*
* Make sure that we send the correct sequence number after a HelloVerifyRequest
* and after a HelloRetryRequest. This is testing the server side as it is
* operating statelessly and should copy the sequence number of the ClientHello.
*/
static int test_dtls_seq_num_downgrade(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
&& !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
struct test_memio_ctx test_ctx;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLS_server_method), 0);
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.s_buff,
test_ctx.s_len, 0), TEST_SUCCESS);
/* HVR */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.c_buff,
test_ctx.c_len, 0), TEST_SUCCESS);
/* CH2 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.s_buff,
test_ctx.s_len, 1), TEST_SUCCESS);
/* Server first flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(test_dtls_seq_num_downgrade_check_num(test_ctx.c_buff,
test_ctx.c_len, 1), TEST_SUCCESS);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
/**
* Make sure we don't send RSA Signature Hash Algorithms in the
* CertificateRequest when we don't have any such ciphers set.
* @return EXPECT_RESULT()
*/
static int test_certreq_sighash_algos(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_MAX_STRENGTH) && defined(HAVE_ECC) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
defined(HAVE_AES_CBC) && !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
int idx = 0;
int maxIdx = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
test_ctx.c_ciphers = test_ctx.s_ciphers =
"ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA384";
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx_c,
"./certs/ca-ecc-cert.pem", NULL), WOLFSSL_SUCCESS);
wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_PEER, NULL);
ExpectIntEQ(wolfSSL_use_PrivateKey_file(ssl_s, "./certs/ecc-key.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_certificate_file(ssl_s, "./certs/server-ecc.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_FATAL_ERROR);
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
WOLFSSL_ERROR_WANT_READ);
/* Find the CertificateRequest message */
for (idx = 0; idx < test_ctx.c_len && EXPECT_SUCCESS();) {
word16 len;
ExpectIntEQ(test_ctx.c_buff[idx++], handshake);
ExpectIntEQ(test_ctx.c_buff[idx++], SSLv3_MAJOR);
ExpectIntEQ(test_ctx.c_buff[idx++], TLSv1_2_MINOR);
ato16(test_ctx.c_buff + idx, &len);
idx += OPAQUE16_LEN;
if (test_ctx.c_buff[idx] == certificate_request) {
idx++;
/* length */
idx += OPAQUE24_LEN;
/* cert types */
idx += 1 + test_ctx.c_buff[idx];
/* Sig algos */
ato16(test_ctx.c_buff + idx, &len);
idx += OPAQUE16_LEN;
maxIdx = idx + (int)len;
for (; idx < maxIdx && EXPECT_SUCCESS(); idx += OPAQUE16_LEN) {
if (test_ctx.c_buff[idx+1] == ED25519_SA_MINOR ||
test_ctx.c_buff[idx+1] == ED448_SA_MINOR)
ExpectIntEQ(test_ctx.c_buff[idx], NEW_SA_MAJOR);
else
ExpectIntEQ(test_ctx.c_buff[idx+1], ecc_dsa_sa_algo);
}
break;
}
else {
idx += (int)len;
}
}
ExpectIntLT(idx, test_ctx.c_len);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
static int test_revoked_loaded_int_cert_ctx_ready1(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
myVerifyAction = VERIFY_USE_PREVERFIY;
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
"./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
"./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
"./certs/crl/extra-crls/ca-int-cert-revoked.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
"./certs/crl/ca-int.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
static int test_revoked_loaded_int_cert_ctx_ready2(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
myVerifyAction = VERIFY_USE_PREVERFIY;
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
"./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
"./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
"./certs/intermediate/ca-int2-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
"./certs/crl/ca-int2.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
"./certs/crl/extra-crls/ca-int-cert-revoked.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
"./certs/crl/ca-int.pem",
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
#endif
static int test_revoked_loaded_int_cert(void)
{
EXPECT_DECLS;
#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_CRL_ALLOW_MISSING_CDP)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
struct {
const char* certPemFile;
const char* keyPemFile;
ctx_cb client_ctx_ready;
} test_params[] = {
{"./certs/intermediate/ca-int2-cert.pem",
"./certs/intermediate/ca-int2-key.pem",
test_revoked_loaded_int_cert_ctx_ready1},
{"./certs/intermediate/server-chain.pem",
"./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2},
{"./certs/intermediate/server-chain-short.pem",
"./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2},
};
size_t i;
printf("\n");
for (i = 0; i < XELEM_CNT(test_params); i++) {
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
printf("\tTesting with %s...\n", test_params[i].certPemFile);
server_cbf.certPemFile = test_params[i].certPemFile;
server_cbf.keyPemFile = test_params[i].keyPemFile;
client_cbf.ctx_ready = test_params[i].client_ctx_ready;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_FAIL);
ExpectIntEQ(client_cbf.last_err, CRL_CERT_REVOKED);
ExpectIntEQ(server_cbf.last_err, FATAL_ERROR);
if (!EXPECT_SUCCESS())
break;
printf("\t%s passed\n", test_params[i].certPemFile);
}
#endif
return EXPECT_RESULT();
}
static int test_dtls13_frag_ch_pq(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
&& defined(WOLFSSL_DTLS_CH_FRAG) && defined(HAVE_LIBOQS)
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
const char *test_str = "test";
int test_str_size;
byte buf[255];
int group = WOLFSSL_KYBER_LEVEL5;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
/* Add in a large post-quantum key share to make the CH long. */
ExpectIntEQ(wolfSSL_set_groups(ssl_c, &group, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, group), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
ExpectStrEQ(wolfSSL_get_curve_name(ssl_c), "KYBER_LEVEL5");
ExpectStrEQ(wolfSSL_get_curve_name(ssl_s), "KYBER_LEVEL5");
test_str_size = XSTRLEN("test") + 1;
ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size);
ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0);
ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
&& defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
static int test_dtls_frag_ch_count_records(byte* b, int len)
{
DtlsRecordLayerHeader* dtlsRH;
int records = 0;
size_t recordLen;
while (len > 0) {
records++;
dtlsRH = (DtlsRecordLayerHeader*)b;
recordLen = (dtlsRH->length[0] << 8) | dtlsRH->length[1];
b += sizeof(DtlsRecordLayerHeader) + recordLen;
len -= sizeof(DtlsRecordLayerHeader) + recordLen;
}
return records;
}
#endif
static int test_dtls_frag_ch(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
&& defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
static unsigned int DUMMY_MTU = 256;
unsigned char four_frag_CH[] = {
0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xce, 0xfe, 0xfd, 0xf3, 0x94, 0x01, 0x33, 0x2c, 0xcf, 0x2c, 0x47, 0xb1,
0xe5, 0xa1, 0x7b, 0x19, 0x3e, 0xac, 0x68, 0xdd, 0xe6, 0x17, 0x6b, 0x85,
0xad, 0x5f, 0xfc, 0x7f, 0x6e, 0xf0, 0xb9, 0xe0, 0x2e, 0xca, 0x47, 0x00,
0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x02,
0x7c, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20,
0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06,
0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01,
0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x0c,
0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00,
0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x02, 0x39, 0x02, 0x37, 0x00, 0x17,
0x00, 0x41, 0x04, 0x94, 0xdf, 0x36, 0xd7, 0xb3, 0x90, 0x6d, 0x01, 0xa1,
0xe6, 0xed, 0x67, 0xf4, 0xd9, 0x9d, 0x2c, 0xac, 0x57, 0x74, 0xff, 0x19,
0xbe, 0x5a, 0xc9, 0x30, 0x11, 0xb7, 0x2b, 0x59, 0x47, 0x80, 0x7c, 0xa9,
0xb7, 0x31, 0x8c, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x01, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00,
0xce, 0x00, 0x00, 0xce, 0x9e, 0x13, 0x74, 0x3b, 0x86, 0xba, 0x69, 0x1f,
0x12, 0xf7, 0xcd, 0x78, 0x53, 0xe8, 0x50, 0x4d, 0x71, 0x3f, 0x4b, 0x4e,
0xeb, 0x3e, 0xe5, 0x43, 0x54, 0x78, 0x17, 0x6d, 0x00, 0x18, 0x00, 0x61,
0x04, 0xd1, 0x99, 0x66, 0x4f, 0xda, 0xc7, 0x12, 0x3b, 0xff, 0xb2, 0xd6,
0x2f, 0x35, 0xb6, 0x17, 0x1f, 0xb3, 0xd0, 0xb6, 0x52, 0xff, 0x97, 0x8b,
0x01, 0xe8, 0xd9, 0x68, 0x71, 0x40, 0x02, 0xd5, 0x68, 0x3a, 0x58, 0xb2,
0x5d, 0xee, 0xa4, 0xe9, 0x5f, 0xf4, 0xaf, 0x3e, 0x30, 0x9c, 0x3e, 0x2b,
0xda, 0x61, 0x43, 0x99, 0x02, 0x35, 0x33, 0x9f, 0xcf, 0xb5, 0xd3, 0x28,
0x19, 0x9d, 0x1c, 0xbe, 0x69, 0x07, 0x9e, 0xfc, 0xe4, 0x8e, 0xcd, 0x86,
0x4a, 0x1b, 0xf0, 0xfc, 0x17, 0x94, 0x66, 0x53, 0xda, 0x24, 0x5e, 0xaf,
0xce, 0xec, 0x62, 0x4c, 0x06, 0xb4, 0x52, 0x94, 0xb1, 0x4a, 0x7a, 0x8c,
0x4f, 0x00, 0x19, 0x00, 0x85, 0x04, 0x00, 0x27, 0xeb, 0x99, 0x49, 0x7f,
0xcb, 0x2c, 0x46, 0x54, 0x2d, 0x93, 0x5d, 0x25, 0x92, 0x58, 0x5e, 0x06,
0xc3, 0x7c, 0xfb, 0x9a, 0xa7, 0xec, 0xcd, 0x9f, 0xe1, 0x6b, 0x2d, 0x78,
0xf5, 0x16, 0xa9, 0x20, 0x52, 0x48, 0x19, 0x0f, 0x1a, 0xd0, 0xce, 0xd8,
0x68, 0xb1, 0x4e, 0x7f, 0x33, 0x03, 0x7d, 0x0c, 0x39, 0xdb, 0x9c, 0x4b,
0xf4, 0xe7, 0xc2, 0xf5, 0xdd, 0x51, 0x9b, 0x03, 0xa8, 0x53, 0x2b, 0xe6,
0x00, 0x15, 0x4b, 0xff, 0xd2, 0xa0, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00,
0x00, 0x00, 0x01, 0x9c, 0x00, 0x00, 0xce, 0x58, 0x30, 0x10, 0x3d, 0x46,
0xcc, 0xca, 0x1a, 0x44, 0xc8, 0x58, 0x9b, 0x27, 0x17, 0x67, 0x31, 0x96,
0x8a, 0x66, 0x39, 0xf4, 0xcc, 0xc1, 0x9f, 0x12, 0x1f, 0x01, 0x30, 0x50,
0x16, 0xd6, 0x89, 0x97, 0xa3, 0x66, 0xd7, 0x99, 0x50, 0x09, 0x6e, 0x80,
0x87, 0xe4, 0xa2, 0x88, 0xae, 0xb4, 0x23, 0x57, 0x2f, 0x12, 0x60, 0xe7,
0x7d, 0x44, 0x2d, 0xad, 0xbe, 0xe9, 0x0d, 0x01, 0x00, 0x01, 0x00, 0xd5,
0xdd, 0x62, 0xee, 0xf3, 0x0e, 0xd9, 0x30, 0x0e, 0x38, 0xf3, 0x48, 0xf4,
0xc9, 0x8f, 0x8c, 0x20, 0xf7, 0xd3, 0xa8, 0xb3, 0x87, 0x3c, 0x98, 0x5d,
0x70, 0xc5, 0x03, 0x76, 0xb7, 0xd5, 0x0b, 0x7b, 0x23, 0x97, 0x6b, 0xe3,
0xb5, 0x18, 0xeb, 0x64, 0x55, 0x18, 0xb2, 0x8a, 0x90, 0x1a, 0x8f, 0x0e,
0x15, 0xda, 0xb1, 0x8e, 0x7f, 0xee, 0x1f, 0xe0, 0x3b, 0xb9, 0xed, 0xfc,
0x4e, 0x3f, 0x78, 0x16, 0x39, 0x95, 0x5f, 0xb7, 0xcb, 0x65, 0x55, 0x72,
0x7b, 0x7d, 0x86, 0x2f, 0x8a, 0xe5, 0xee, 0xf7, 0x57, 0x40, 0xf3, 0xc4,
0x96, 0x4f, 0x11, 0x4d, 0x85, 0xf9, 0x56, 0xfa, 0x3d, 0xf0, 0xc9, 0xa4,
0xec, 0x1e, 0xaa, 0x47, 0x90, 0x53, 0xdf, 0xe1, 0xb7, 0x78, 0x18, 0xeb,
0xdd, 0x0d, 0x89, 0xb7, 0xf6, 0x15, 0x0e, 0x55, 0x12, 0xb3, 0x23, 0x17,
0x0b, 0x59, 0x6f, 0x83, 0x05, 0x6b, 0xa6, 0xf8, 0x6c, 0x3a, 0x9b, 0x1b,
0x50, 0x93, 0x51, 0xea, 0x95, 0x2d, 0x99, 0x96, 0x38, 0x16, 0xfe, 0xfd,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x7e, 0x01, 0x00,
0x02, 0xdc, 0x00, 0x00, 0x00, 0x02, 0x6a, 0x00, 0x00, 0x72, 0x2d, 0x66,
0x3e, 0xf2, 0x36, 0x5a, 0xf2, 0x23, 0x8f, 0x28, 0x09, 0xa9, 0x55, 0x8c,
0x8f, 0xc0, 0x0d, 0x61, 0x98, 0x33, 0x56, 0x87, 0x7a, 0xfd, 0xa7, 0x50,
0x71, 0x84, 0x2e, 0x41, 0x58, 0x00, 0x87, 0xd9, 0x27, 0xe5, 0x7b, 0xf4,
0x6d, 0x84, 0x4e, 0x2e, 0x0c, 0x80, 0x0c, 0xf3, 0x8a, 0x02, 0x4b, 0x99,
0x3a, 0x1f, 0x9f, 0x18, 0x7d, 0x1c, 0xec, 0xad, 0x60, 0x54, 0xa6, 0xa3,
0x2c, 0x82, 0x5e, 0xf8, 0x8f, 0xae, 0xe1, 0xc4, 0x82, 0x7e, 0x43, 0x43,
0xc5, 0x99, 0x49, 0x05, 0xd3, 0xf6, 0xdf, 0xa1, 0xb5, 0x2d, 0x0c, 0x13,
0x2f, 0x1e, 0xb6, 0x28, 0x7c, 0x5c, 0xa1, 0x02, 0x6b, 0x8d, 0xa3, 0xeb,
0xd4, 0x58, 0xe6, 0xa0, 0x7e, 0x6b, 0xaa, 0x09, 0x43, 0x67, 0x71, 0x87,
0xa5, 0xcb, 0x68, 0xf3
};
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
/* Fragment msgs */
ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_c, DUMMY_MTU), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_s, DUMMY_MTU), WOLFSSL_SUCCESS);
/* Add in some key shares to make the CH long */
ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP384R1),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP521R1),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_FFDHE_2048),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS);
/* Reject fragmented first CH */
ExpectIntEQ(test_dtls_frag_ch_count_records(four_frag_CH,
sizeof(four_frag_CH)), 4);
XMEMCPY(test_ctx.s_buff, four_frag_CH, sizeof(four_frag_CH));
test_ctx.s_len = sizeof(four_frag_CH);
while (test_ctx.s_len > 0 && EXPECT_SUCCESS()) {
int s_len = test_ctx.s_len;
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Fail if we didn't advance the buffer to avoid infinite loops */
ExpectIntLT(test_ctx.s_len, s_len);
}
/* Expect all fragments read */
ExpectIntEQ(test_ctx.s_len, 0);
/* Expect quietly dropping fragmented first CH */
ExpectIntEQ(test_ctx.c_len, 0);
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Count records. Expect 1 unfragmented CH */
ExpectIntEQ(test_dtls_frag_ch_count_records(test_ctx.s_buff,
test_ctx.s_len), 1);
/* HRR */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH2 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Count records. Expect fragmented CH */
ExpectIntGT(test_dtls_frag_ch_count_records(test_ctx.s_buff,
test_ctx.s_len), 1);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
#endif
return EXPECT_RESULT();
}
static int test_dtls_empty_keyshare_with_cookie(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
unsigned char ch_empty_keyshare_with_cookie[] = {
0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01,
0x12, 0x01, 0x00, 0x01, 0x06, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01,
0x06, 0xfe, 0xfd, 0xfb, 0x8c, 0x9b, 0x28, 0xae, 0x50, 0x1c, 0x4d, 0xf3,
0xb8, 0xcf, 0x4d, 0xd8, 0x7e, 0x93, 0x13, 0x7b, 0x9e, 0xd9, 0xeb, 0xe9,
0x13, 0x4b, 0x0d, 0x7f, 0x2e, 0x43, 0x62, 0x8c, 0xe4, 0x57, 0x79, 0x00,
0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x00,
0xa6, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x2c, 0x00, 0x47,
0x00, 0x45, 0x20, 0xee, 0x4b, 0x17, 0x70, 0x63, 0xa0, 0x4c, 0x82, 0xbf,
0x43, 0x01, 0x7d, 0x8d, 0xc1, 0x1b, 0x4e, 0x9b, 0xa0, 0x3c, 0x53, 0x1f,
0xb7, 0xd1, 0x10, 0x81, 0xa8, 0xdf, 0xdf, 0x8c, 0x7f, 0xf3, 0x11, 0x13,
0x01, 0x02, 0x3d, 0x3b, 0x7d, 0x14, 0x2c, 0x31, 0xb3, 0x60, 0x72, 0x4d,
0xe5, 0x1a, 0xb2, 0xa3, 0x61, 0x77, 0x73, 0x03, 0x40, 0x0e, 0x5f, 0xc5,
0x61, 0x38, 0x43, 0x56, 0x21, 0x4a, 0x95, 0xd5, 0x35, 0xa8, 0x0d, 0x00,
0x0d, 0x00, 0x2a, 0x00, 0x28, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02,
0x03, 0xfe, 0x0b, 0xfe, 0x0e, 0xfe, 0xa0, 0xfe, 0xa3, 0xfe, 0xa5, 0x08,
0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06,
0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00,
0x18, 0x00, 0x16, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01,
0x00, 0x02, 0x3a, 0x02, 0x3c, 0x02, 0x3d, 0x2f, 0x3a, 0x2f, 0x3c, 0x2f,
0x3d, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x00, 0x02, 0x00, 0x00
};
DtlsRecordLayerHeader* dtlsRH;
byte sequence_number[8];
XMEMSET(&sequence_number, 0, sizeof(sequence_number));
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
XMEMCPY(test_ctx.s_buff, ch_empty_keyshare_with_cookie,
sizeof(ch_empty_keyshare_with_cookie));
test_ctx.s_len = sizeof(ch_empty_keyshare_with_cookie);
ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
NULL, wolfDTLSv1_3_server_method), 0);
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Expect an alert. A plaintext alert should be exactly 15 bytes. */
ExpectIntEQ(test_ctx.c_len, 15);
dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff;
ExpectIntEQ(dtlsRH->type, alert);
ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
sequence_number[7] = 1;
ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
sizeof(sequence_number)), 0);
ExpectIntEQ(dtlsRH->length[0], 0);
ExpectIntEQ(dtlsRH->length[1], 2);
ExpectIntEQ(test_ctx.c_buff[13], alert_fatal);
ExpectIntEQ(test_ctx.c_buff[14], illegal_parameter);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
static int test_dtls_old_seq_number(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS)
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
struct test_memio_ctx test_ctx;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* HVR */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* CH2 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Server first flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Client second flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Modify the sequence number */
{
DtlsRecordLayerHeader* dtlsRH = (DtlsRecordLayerHeader*)test_ctx.s_buff;
XMEMSET(dtlsRH->sequence_number, 0, sizeof(dtlsRH->sequence_number));
}
/* Server second flight */
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Server should not do anything as a pkt was dropped */
ExpectIntEQ(test_ctx.c_len, 0);
ExpectIntEQ(test_ctx.s_len, 0);
/* Trigger rtx */
ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
/* Complete connection */
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
defined(HAVE_LIBOQS)
static void test_tls13_pq_groups_ctx_ready(WOLFSSL_CTX* ctx)
{
int group = WOLFSSL_KYBER_LEVEL5;
AssertIntEQ(wolfSSL_CTX_set_groups(ctx, &group, 1), WOLFSSL_SUCCESS);
}
static void test_tls13_pq_groups_on_result(WOLFSSL* ssl)
{
AssertStrEQ(wolfSSL_get_curve_name(ssl), "KYBER_LEVEL5");
}
#endif
static int test_tls13_pq_groups(void)
{
EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
defined(HAVE_LIBOQS)
callback_functions func_cb_client;
callback_functions func_cb_server;
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
func_cb_client.method = wolfTLSv1_3_client_method;
func_cb_server.method = wolfTLSv1_3_server_method;
func_cb_client.ctx_ready = test_tls13_pq_groups_ctx_ready;
func_cb_client.on_result = test_tls13_pq_groups_on_result;
func_cb_server.on_result = test_tls13_pq_groups_on_result;
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
#endif
return EXPECT_RESULT();
}
static int test_tls13_early_data(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
defined(WOLFSSL_EARLY_DATA) && defined(HAVE_SESSION_TICKET)
int written = 0;
int read = 0;
size_t i;
int splitEarlyData;
char msg[] = "This is early data";
char msg2[] = "This is client data";
char msg3[] = "This is server data";
char msg4[] = "This is server immediate data";
char msgBuf[50];
struct {
method_provider client_meth;
method_provider server_meth;
const char* tls_version;
int isUdp;
} params[] = {
#ifdef WOLFSSL_TLS13
{ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
"TLS 1.3", 0 },
#endif
#ifdef WOLFSSL_DTLS13
{ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
"DTLS 1.3", 1 },
#endif
};
for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
for (splitEarlyData = 0; splitEarlyData < 2; splitEarlyData++) {
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
WOLFSSL_SESSION *sess = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
fprintf(stderr, "\tEarly data with %s\n", params[i].tls_version);
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c,
&ssl_s, params[i].client_meth, params[i].server_meth), 0);
/* Get a ticket so that we can do 0-RTT on the next connection */
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
/* Make sure we read the ticket */
ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
wolfSSL_free(ssl_c);
ssl_c = NULL;
wolfSSL_free(ssl_s);
ssl_s = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
params[i].client_meth, params[i].server_meth), 0);
ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_DTLS13
if (params[i].isUdp) {
#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
ExpectIntEQ(wolfSSL_dtls13_no_hrr_on_resume(ssl_s, 1), WOLFSSL_SUCCESS);
#else
/* Let's test this but we generally don't recommend turning off the
* cookie exchange */
ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
#endif
}
#endif
/* Test 0-RTT data */
ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg),
&written), sizeof(msg));
ExpectIntEQ(written, sizeof(msg));
if (splitEarlyData) {
ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg),
&written), sizeof(msg));
ExpectIntEQ(written, sizeof(msg));
}
/* Read first 0-RTT data (if split otherwise entire data) */
ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
&read), sizeof(msg));
ExpectIntEQ(read, sizeof(msg));
ExpectStrEQ(msg, msgBuf);
/* Test 0.5-RTT data */
ExpectIntEQ(wolfSSL_write(ssl_s, msg4, sizeof(msg4)), sizeof(msg4));
if (splitEarlyData) {
/* Read second 0-RTT data */
ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
&read), sizeof(msg));
ExpectIntEQ(read, sizeof(msg));
ExpectStrEQ(msg, msgBuf);
}
if (params[i].isUdp) {
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), APP_DATA_READY);
/* Read server 0.5-RTT data */
ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg4));
ExpectStrEQ(msg4, msgBuf);
/* Complete handshake */
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Use wolfSSL_is_init_finished to check if handshake is complete. Normally
* a user would loop until it is true but here we control both sides so we
* just assert the expected value. wolfSSL_read_early_data does not provide
* handshake status to us with non-blocking IO and we can't use
* wolfSSL_accept as TLS layer may return ZERO_RETURN due to early data
* parsing logic. */
ExpectFalse(wolfSSL_is_init_finished(ssl_s));
ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
&read), 0);
ExpectIntEQ(read, 0);
ExpectTrue(wolfSSL_is_init_finished(ssl_s));
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
}
else {
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
ExpectFalse(wolfSSL_is_init_finished(ssl_s));
ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
&read), 0);
ExpectIntEQ(read, 0);
ExpectTrue(wolfSSL_is_init_finished(ssl_s));
/* Read server 0.5-RTT data */
ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg4));
ExpectStrEQ(msg4, msgBuf);
}
/* Test bi-directional write */
ExpectIntEQ(wolfSSL_write(ssl_c, msg2, sizeof(msg2)), sizeof(msg2));
ExpectIntEQ(wolfSSL_read(ssl_s, msgBuf, sizeof(msgBuf)), sizeof(msg2));
ExpectStrEQ(msg2, msgBuf);
ExpectIntEQ(wolfSSL_write(ssl_s, msg3, sizeof(msg3)), sizeof(msg3));
ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg3));
ExpectStrEQ(msg3, msgBuf);
ExpectTrue(wolfSSL_session_reused(ssl_c));
ExpectTrue(wolfSSL_session_reused(ssl_s));
wolfSSL_SESSION_free(sess);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
}
}
#endif
return EXPECT_RESULT();
}
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
static int test_self_signed_stapling_client_v1_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
ExpectIntEQ(wolfSSL_CTX_UseOCSPStapling(ctx, WOLFSSL_CSR_OCSP,
WOLFSSL_CSR_OCSP_USE_NONCE), 1);
return EXPECT_RESULT();
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
static int test_self_signed_stapling_client_v2_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP,
WOLFSSL_CSR2_OCSP_USE_NONCE), 1);
return EXPECT_RESULT();
}
static int test_self_signed_stapling_client_v2_multi_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP_MULTI,
0), 1);
return EXPECT_RESULT();
}
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
static int test_self_signed_stapling_server_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
return EXPECT_RESULT();
}
#endif
static int test_self_signed_stapling(void)
{
EXPECT_DECLS;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
size_t i;
struct {
method_provider client_meth;
method_provider server_meth;
ctx_cb client_ctx;
const char* tls_version;
} params[] = {
#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
{ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_3 v1" },
#endif
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_2 v1" },
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
test_self_signed_stapling_client_v2_ctx_ready, "TLSv1_2 v2" },
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
test_self_signed_stapling_client_v2_multi_ctx_ready,
"TLSv1_2 v2 multi" },
#endif
#endif
};
for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
printf("\nTesting self-signed cert with status request: %s\n",
params[i].tls_version);
client_cbf.method = params[i].client_meth;
client_cbf.ctx_ready = params[i].client_ctx;
server_cbf.method = params[i].server_meth;
server_cbf.certPemFile = "certs/ca-cert.pem";
server_cbf.keyPemFile = "certs/ca-key.pem";
server_cbf.ctx_ready = test_self_signed_stapling_server_ctx_ready;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
}
#endif
return EXPECT_RESULT();
}
static int test_tls_multi_handshakes_one_record(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
RecordLayerHeader* rh = NULL;
byte *len ;
int newRecIdx = RECORD_HEADER_SZ;
int idx = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLS_client_method, wolfTLSv1_2_server_method), 0);
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Combine server handshake msgs into one record */
while (idx < test_ctx.c_len) {
word16 recLen;
rh = (RecordLayerHeader*)(test_ctx.c_buff + idx);
len = &rh->length[0];
ato16((const byte*)len, &recLen);
idx += RECORD_HEADER_SZ;
XMEMMOVE(test_ctx.c_buff + newRecIdx, test_ctx.c_buff + idx,
(size_t)recLen);
newRecIdx += recLen;
idx += recLen;
}
rh = (RecordLayerHeader*)(test_ctx.c_buff);
len = &rh->length[0];
c16toa(newRecIdx - RECORD_HEADER_SZ, len);
test_ctx.c_len = newRecIdx;
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
static int test_write_dup(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_WRITE_DUP)
size_t i, j;
char hiWorld[] = "dup message";
char readData[sizeof(hiWorld) + 5];
struct {
method_provider client_meth;
method_provider server_meth;
const char* version_name;
int version;
} methods[] = {
#ifndef WOLFSSL_NO_TLS12
{wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLS 1.2", WOLFSSL_TLSV1_2},
#endif
#ifdef WOLFSSL_TLS13
{wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLS 1.3", WOLFSSL_TLSV1_3},
#endif
};
struct {
const char* cipher;
int version;
} ciphers[] = {
/* For simplicity the macros are copied from internal.h */
/* TLS 1.2 */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_SHA256)
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
#ifndef NO_RSA
{"ECDHE-RSA-CHACHA20-POLY1305", WOLFSSL_TLSV1_2},
#endif
#endif
#if !defined(NO_DH) && !defined(NO_RSA) && !defined(NO_TLS_DH)
{"DHE-RSA-CHACHA20-POLY1305", WOLFSSL_TLSV1_2},
#endif
#endif
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
!defined(NO_RSA) && defined(HAVE_AESGCM) && !defined(NO_TLS_DH)
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
{"DHE-RSA-AES128-GCM-SHA256", WOLFSSL_TLSV1_2},
#endif
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
{"DHE-RSA-AES256-GCM-SHA384", WOLFSSL_TLSV1_2},
#endif
#endif
#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) \
&& !defined(NO_TLS) && !defined(NO_AES)
#ifdef HAVE_AESGCM
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
#ifndef NO_RSA
{"ECDHE-RSA-AES128-GCM-SHA256", WOLFSSL_TLSV1_2},
#endif
#endif
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
#ifndef NO_RSA
{"ECDHE-RSA-AES256-GCM-SHA384", WOLFSSL_TLSV1_2},
#endif
#endif
#endif
#endif
/* TLS 1.3 */
#ifdef WOLFSSL_TLS13
#ifdef HAVE_AESGCM
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
{"TLS13-AES128-GCM-SHA256", WOLFSSL_TLSV1_3},
#endif
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
{"TLS13-AES256-GCM-SHA384", WOLFSSL_TLSV1_3},
#endif
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
#ifndef NO_SHA256
{"TLS13-CHACHA20-POLY1305-SHA256", WOLFSSL_TLSV1_3},
#endif
#endif
#ifdef HAVE_AESCCM
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_128)
{"TLS13-AES128-CCM-SHA256", WOLFSSL_TLSV1_3},
#endif
#endif
#endif
};
for (i = 0; i < XELEM_CNT(methods); i++) {
for (j = 0; j < XELEM_CNT(ciphers) && !EXPECT_FAIL(); j++) {
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
WOLFSSL *ssl_c2 = NULL;
if (methods[i].version != ciphers[j].version)
continue;
if (i == 0 && j == 0)
printf("\n");
printf("Testing %s with %s... ", methods[i].version_name,
ciphers[j].cipher);
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
test_ctx.c_ciphers = test_ctx.s_ciphers = ciphers[j].cipher;
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
methods[i].client_meth, methods[i].server_meth), 0);
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
ExpectNotNull(ssl_c2 = wolfSSL_write_dup(ssl_c));
ExpectIntEQ(wolfSSL_write(ssl_c, hiWorld, sizeof(hiWorld)),
WRITE_DUP_WRITE_E);
ExpectIntEQ(wolfSSL_write(ssl_c2, hiWorld, sizeof(hiWorld)),
sizeof(hiWorld));
ExpectIntEQ(wolfSSL_read(ssl_s, readData, sizeof(readData)),
sizeof(hiWorld));
ExpectIntEQ(wolfSSL_write(ssl_s, hiWorld, sizeof(hiWorld)),
sizeof(hiWorld));
ExpectIntEQ(wolfSSL_read(ssl_c2, readData, sizeof(readData)),
WRITE_DUP_READ_E);
ExpectIntEQ(wolfSSL_read(ssl_c, readData, sizeof(readData)),
sizeof(hiWorld));
if (EXPECT_SUCCESS())
printf("ok\n");
else
printf("failed\n");
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
}
}
#endif
return EXPECT_RESULT();
}
static int test_read_write_hs(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX *ctx_s = NULL, *ctx_c = NULL;
WOLFSSL *ssl_s = NULL, *ssl_c = NULL;
struct test_memio_ctx test_ctx;
byte test_buffer[16];
unsigned int test;
/* test == 0 : client writes, server reads */
/* test == 1 : server writes, client reads */
for (test = 0; test < 2; test++) {
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLSv1_2_client_method,
wolfTLSv1_2_server_method), 0);
ExpectIntEQ(wolfSSL_set_group_messages(ssl_s), WOLFSSL_SUCCESS);
/* CH -> */
if (test == 0) {
ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), -1);
} else {
ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer,
sizeof(test_buffer)), -1);
}
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* <- SH + SKE + SHD */
if (test == 0) {
ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer,
sizeof(test_buffer)), -1);
} else {
ExpectIntEQ(wolfSSL_write(ssl_s, "hello", 5), -1);
}
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* -> CKE + CLIENT FINISHED */
if (test == 0) {
ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), -1);
} else {
ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer,
sizeof(test_buffer)), -1);
}
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* abide clang static analyzer */
if (ssl_s != NULL) {
/* disable group message to separate sending of ChangeCipherspec
* from Finished */
ssl_s->options.groupMessages = 0;
}
/* allow writing of CS, but not FINISHED */
test_ctx.c_len = TEST_MEMIO_BUF_SZ - 6;
/* <- CS */
if (test == 0) {
ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer,
sizeof(test_buffer)), -1);
} else {
ExpectIntEQ(wolfSSL_write(ssl_s, "hello", 5), -1);
}
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_WRITE);
/* move CS message where the client can read it */
memmove(test_ctx.c_buff,
(test_ctx.c_buff + TEST_MEMIO_BUF_SZ - 6), 6);
test_ctx.c_len = 6;
/* read CS */
if (test == 0) {
ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), -1);
} else {
ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer,
sizeof(test_buffer)), -1);
}
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(test_ctx.c_len, 0);
if (test == 0) {
/* send SERVER FINISHED */
ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer,
sizeof(test_buffer)), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1),
WOLFSSL_ERROR_WANT_READ);
} else {
/* send SERVER FINISHED + App Data */
ExpectIntEQ(wolfSSL_write(ssl_s, "hello", 5), 5);
}
ExpectIntGT(test_ctx.c_len, 0);
/* Send and receive the data */
if (test == 0) {
ExpectIntEQ(wolfSSL_write(ssl_c, "hello", 5), 5);
ExpectIntEQ(wolfSSL_read(ssl_s, test_buffer,
sizeof(test_buffer)), 5);
} else {
ExpectIntEQ(wolfSSL_read(ssl_c, test_buffer,
sizeof(test_buffer)), 5);
}
ExpectBufEQ(test_buffer, "hello", 5);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL;
}
#endif
return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(OPENSSL_EXTRA)
static const char* test_get_signature_nid_siglag;
static int test_get_signature_nid_sig;
static int test_get_signature_nid_hash;
static int test_get_signature_nid_ssl_ready(WOLFSSL* ssl)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_set_cipher_list(ssl, "ALL"), WOLFSSL_SUCCESS);
if (!wolfSSL_is_server(ssl)) {
ExpectIntEQ(wolfSSL_set1_sigalgs_list(ssl,
test_get_signature_nid_siglag), WOLFSSL_SUCCESS);
}
return EXPECT_RESULT();
}
static int test_get_signature_nid_on_hs_client(WOLFSSL_CTX **ctx, WOLFSSL **ssl)
{
EXPECT_DECLS;
int nid = 0;
(void)ctx;
if (XSTRSTR(wolfSSL_get_cipher(*ssl), "TLS_RSA_") == NULL) {
ExpectIntEQ(SSL_get_peer_signature_type_nid(*ssl, &nid), WOLFSSL_SUCCESS);
ExpectIntEQ(nid, test_get_signature_nid_sig);
ExpectIntEQ(SSL_get_peer_signature_nid(*ssl, &nid), WOLFSSL_SUCCESS);
ExpectIntEQ(nid, test_get_signature_nid_hash);
}
else /* No sigalg info on static ciphersuite */
return TEST_SUCCESS;
return EXPECT_RESULT();
}
static int test_get_signature_nid_on_hs_server(WOLFSSL_CTX **ctx, WOLFSSL **ssl)
{
EXPECT_DECLS;
int nid = 0;
(void)ctx;
ExpectIntEQ(SSL_get_signature_type_nid(*ssl, &nid), WOLFSSL_SUCCESS);
ExpectIntEQ(nid, test_get_signature_nid_sig);
ExpectIntEQ(SSL_get_signature_nid(*ssl, &nid), WOLFSSL_SUCCESS);
ExpectIntEQ(nid, test_get_signature_nid_hash);
return EXPECT_RESULT();
}
#endif
static int test_get_signature_nid(void)
{
EXPECT_DECLS;
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(OPENSSL_EXTRA)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
size_t i;
#define TGSN_TLS12_RSA(sigalg, sig_nid, hash_nid) \
{ sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_2, svrCertFile, svrKeyFile, \
caCertFile }
#define TGSN_TLS12_ECDSA(sigalg, sig_nid, hash_nid) \
{ sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_2, eccCertFile, eccKeyFile, \
caEccCertFile }
#define TGSN_TLS13_RSA(sigalg, sig_nid, hash_nid) \
{ sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, svrCertFile, svrKeyFile, \
caCertFile }
#define TGSN_TLS13_ECDSA(sigalg, sig_nid, hash_nid) \
{ sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, eccCertFile, eccKeyFile, \
caEccCertFile }
#define TGSN_TLS13_ED25519(sigalg, sig_nid, hash_nid) \
{ sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, edCertFile, edKeyFile, \
caEdCertFile }
#define TGSN_TLS13_ED448(sigalg, sig_nid, hash_nid) \
{ sigalg, sig_nid, hash_nid, WOLFSSL_TLSV1_3, ed448CertFile, ed448KeyFile, \
caEd448CertFile }
struct {
const char* siglag;
int sig_nid;
int hash_nid;
int tls_ver;
const char* server_cert;
const char* server_key;
const char* client_ca;
} params[] = {
#ifndef NO_RSA
#ifndef NO_SHA256
TGSN_TLS12_RSA("RSA+SHA256", NID_rsaEncryption, NID_sha256),
#ifdef WC_RSA_PSS
TGSN_TLS12_RSA("RSA-PSS+SHA256", NID_rsassaPss, NID_sha256),
TGSN_TLS13_RSA("RSA-PSS+SHA256", NID_rsassaPss, NID_sha256),
#endif
#endif
#ifdef WOLFSSL_SHA512
TGSN_TLS12_RSA("RSA+SHA512", NID_rsaEncryption, NID_sha512),
#ifdef WC_RSA_PSS
TGSN_TLS12_RSA("RSA-PSS+SHA512", NID_rsassaPss, NID_sha512),
TGSN_TLS13_RSA("RSA-PSS+SHA512", NID_rsassaPss, NID_sha512),
#endif
#endif
#endif
#ifdef HAVE_ECC
#ifndef NO_SHA256
TGSN_TLS12_ECDSA("ECDSA+SHA256", NID_X9_62_id_ecPublicKey, NID_sha256),
TGSN_TLS13_ECDSA("ECDSA+SHA256", NID_X9_62_id_ecPublicKey, NID_sha256),
#endif
#endif
#ifdef HAVE_ED25519
TGSN_TLS13_ED25519("ED25519", NID_ED25519, NID_sha512),
#endif
#ifdef HAVE_ED448
TGSN_TLS13_ED448("ED448", NID_ED448, NID_sha512),
#endif
};
printf("\n");
for (i = 0; i < XELEM_CNT(params) && !EXPECT_FAIL(); i++) {
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
printf("Testing %s with %s...", tls_desc[params[i].tls_ver],
params[i].siglag);
switch (params[i].tls_ver) {
#ifndef WOLFSSL_NO_TLS12
case WOLFSSL_TLSV1_2:
client_cbf.method = wolfTLSv1_2_client_method;
server_cbf.method = wolfTLSv1_2_server_method;
break;
#endif
#ifdef WOLFSSL_TLS13
case WOLFSSL_TLSV1_3:
client_cbf.method = wolfTLSv1_3_client_method;
server_cbf.method = wolfTLSv1_3_server_method;
break;
#endif
default:
printf("skipping\n");
continue;
}
test_get_signature_nid_siglag = params[i].siglag;
test_get_signature_nid_sig = params[i].sig_nid;
test_get_signature_nid_hash = params[i].hash_nid;
client_cbf.ssl_ready = test_get_signature_nid_ssl_ready;
server_cbf.ssl_ready = test_get_signature_nid_ssl_ready;
client_cbf.on_handshake = test_get_signature_nid_on_hs_client;
server_cbf.on_handshake = test_get_signature_nid_on_hs_server;
server_cbf.certPemFile = params[i].server_cert;
server_cbf.keyPemFile = params[i].server_key;
client_cbf.caPemFile = params[i].client_ca;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
if (EXPECT_SUCCESS())
printf("passed\n");
}
#endif
return EXPECT_RESULT();
}
#if !defined(NO_CERTS) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
static word32 test_tls_cert_store_unchanged_HashCaTable(Signer** caTable)
{
#ifndef NO_MD5
enum wc_HashType hashType = WC_HASH_TYPE_MD5;
#elif !defined(NO_SHA)
enum wc_HashType hashType = WC_HASH_TYPE_SHA;
#elif !defined(NO_SHA256)
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
#error "We need a digest to hash the Signer object"
#endif
byte hashBuf[WC_MAX_DIGEST_SIZE];
wc_HashAlg hash;
size_t i;
AssertIntEQ(wc_HashInit(&hash, hashType), 0);
for (i = 0; i < CA_TABLE_SIZE; i++) {
Signer* cur;
for (cur = caTable[i]; cur != NULL; cur = cur->next)
AssertIntEQ(wc_HashUpdate(&hash, hashType, (byte*)cur,
sizeof(*cur)), 0);
}
AssertIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
AssertIntEQ(wc_HashFree(&hash, hashType), 0);
return MakeWordFromHash(hashBuf);
}
static word32 test_tls_cert_store_unchanged_before_hashes[2];
static size_t test_tls_cert_store_unchanged_before_hashes_idx;
static word32 test_tls_cert_store_unchanged_after_hashes[2];
static size_t test_tls_cert_store_unchanged_after_hashes_idx;
static int test_tls_cert_store_unchanged_ctx_ready(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntNE(test_tls_cert_store_unchanged_before_hashes
[test_tls_cert_store_unchanged_before_hashes_idx++] =
test_tls_cert_store_unchanged_HashCaTable(ctx->cm->caTable), 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER |
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
return EXPECT_RESULT();
}
static int test_tls_cert_store_unchanged_ctx_cleanup(WOLFSSL_CTX* ctx)
{
EXPECT_DECLS;
ExpectIntEQ(wolfSSL_CTX_UnloadIntermediateCerts(ctx), WOLFSSL_SUCCESS);
ExpectIntNE(test_tls_cert_store_unchanged_after_hashes
[test_tls_cert_store_unchanged_after_hashes_idx++] =
test_tls_cert_store_unchanged_HashCaTable(ctx->cm->caTable), 0);
return EXPECT_RESULT();
}
static int test_tls_cert_store_unchanged_on_hs(WOLFSSL_CTX **ctx, WOLFSSL **ssl)
{
EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm;
(void)ssl;
/* WARNING: this approach bypasses the reference counter check in
* wolfSSL_CTX_UnloadIntermediateCerts. It is not recommended as it may
* cause unexpected behaviour when other active connections try accessing
* the caTable. */
ExpectNotNull(cm = wolfSSL_CTX_GetCertManager(*ctx));
ExpectIntEQ(wolfSSL_CertManagerUnloadIntermediateCerts(cm),
WOLFSSL_SUCCESS);
ExpectIntNE(test_tls_cert_store_unchanged_after_hashes
[test_tls_cert_store_unchanged_after_hashes_idx++] =
test_tls_cert_store_unchanged_HashCaTable((*ctx)->cm->caTable), 0);
return EXPECT_RESULT();
}
static int test_tls_cert_store_unchanged_ssl_ready(WOLFSSL* ssl)
{
EXPECT_DECLS;
WOLFSSL_CTX* ctx;
ExpectNotNull(ctx = wolfSSL_get_SSL_CTX(ssl));
return EXPECT_RESULT();
}
#endif
static int test_tls_cert_store_unchanged(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
int i;
for (i = 0; i < 2; i++) {
XMEMSET(&client_cbf, 0, sizeof(client_cbf));
XMEMSET(&server_cbf, 0, sizeof(server_cbf));
test_tls_cert_store_unchanged_before_hashes_idx = 0;
XMEMSET(test_tls_cert_store_unchanged_before_hashes, 0,
sizeof(test_tls_cert_store_unchanged_before_hashes));
test_tls_cert_store_unchanged_after_hashes_idx = 0;
XMEMSET(test_tls_cert_store_unchanged_after_hashes, 0,
sizeof(test_tls_cert_store_unchanged_after_hashes));
client_cbf.ctx_ready = test_tls_cert_store_unchanged_ctx_ready;
server_cbf.ctx_ready = test_tls_cert_store_unchanged_ctx_ready;
client_cbf.ssl_ready = test_tls_cert_store_unchanged_ssl_ready;
server_cbf.ssl_ready = test_tls_cert_store_unchanged_ssl_ready;
switch (i) {
case 0:
client_cbf.on_ctx_cleanup =
test_tls_cert_store_unchanged_ctx_cleanup;
server_cbf.on_ctx_cleanup =
test_tls_cert_store_unchanged_ctx_cleanup;
break;
case 1:
client_cbf.on_handshake = test_tls_cert_store_unchanged_on_hs;
server_cbf.on_handshake = test_tls_cert_store_unchanged_on_hs;
break;
default:
Fail(("Should not enter here"), ("Entered here"));
}
client_cbf.certPemFile = "certs/intermediate/client-chain.pem";
server_cbf.certPemFile = "certs/intermediate/server-chain.pem";
server_cbf.caPemFile = caCertFile;
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
ExpectBufEQ(test_tls_cert_store_unchanged_before_hashes,
test_tls_cert_store_unchanged_after_hashes,
sizeof(test_tls_cert_store_unchanged_after_hashes));
}
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_SendUserCanceled(void)
{
EXPECT_DECLS;
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
size_t i;
struct {
method_provider client_meth;
method_provider server_meth;
const char* tls_version;
} params[] = {
#if defined(WOLFSSL_TLS13)
/* With WOLFSSL_TLS13_MIDDLEBOX_COMPAT a short ID will result in an error */
{ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" },
#ifdef WOLFSSL_DTLS13
{ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" },
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
{ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" },
#ifdef WOLFSSL_DTLS
{ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" },
#endif
#endif
#if !defined(NO_OLD_TLS)
{ wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" },
#ifdef WOLFSSL_DTLS
{ wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" },
#endif
#endif
};
for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_ALERT_HISTORY h;
printf("Testing %s\n", params[i].tls_version);
XMEMSET(&h, 0, sizeof(h));
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
params[i].client_meth, params[i].server_meth), 0);
/* CH1 */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_SendUserCanceled(ssl_s), WOLFSSL_SHUTDOWN_NOT_DONE);
/* Alert closed connection */
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_ZERO_RETURN);
/* Last alert will be close notify because user_canceled should be
* followed by a close_notify */
ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
ExpectIntEQ(h.last_rx.code, close_notify);
ExpectIntEQ(h.last_rx.level, alert_warning);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
}
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
| Main
*----------------------------------------------------------------------------*/
typedef int (*TEST_FUNC)(void);
typedef struct {
const char *name;
TEST_FUNC func;
byte run:1;
byte fail:1;
} TEST_CASE;
#define TEST_DECL(func) { #func, func, 0, 0 }
int testAll = 1;
TEST_CASE testCases[] = {
TEST_DECL(test_fileAccess),
/*********************************
* wolfcrypt
*********************************/
TEST_DECL(test_ForceZero),
TEST_DECL(test_wolfCrypt_Init),
TEST_DECL(test_wc_LoadStaticMemory_ex),
/* Locking with Compat Mutex */
TEST_DECL(test_wc_SetMutexCb),
TEST_DECL(test_wc_LockMutex_ex),
/* Digests */
TEST_DECL(test_wc_InitMd5),
TEST_DECL(test_wc_Md5Update),
TEST_DECL(test_wc_Md5Final),
TEST_DECL(test_wc_InitSha),
TEST_DECL(test_wc_ShaUpdate),
TEST_DECL(test_wc_ShaFinal),
TEST_DECL(test_wc_InitSha256),
TEST_DECL(test_wc_Sha256Update),
TEST_DECL(test_wc_Sha256Final),
TEST_DECL(test_wc_Sha256FinalRaw),
TEST_DECL(test_wc_Sha256GetFlags),
TEST_DECL(test_wc_Sha256Free),
TEST_DECL(test_wc_Sha256GetHash),
TEST_DECL(test_wc_Sha256Copy),
TEST_DECL(test_wc_InitSha224),
TEST_DECL(test_wc_Sha224Update),
TEST_DECL(test_wc_Sha224Final),
TEST_DECL(test_wc_Sha224SetFlags),
TEST_DECL(test_wc_Sha224GetFlags),
TEST_DECL(test_wc_Sha224Free),
TEST_DECL(test_wc_Sha224GetHash),
TEST_DECL(test_wc_Sha224Copy),
TEST_DECL(test_wc_InitSha512),
TEST_DECL(test_wc_Sha512Update),
TEST_DECL(test_wc_Sha512Final),
TEST_DECL(test_wc_Sha512GetFlags),
TEST_DECL(test_wc_Sha512FinalRaw),
TEST_DECL(test_wc_Sha512Free),
TEST_DECL(test_wc_Sha512GetHash),
TEST_DECL(test_wc_Sha512Copy),
TEST_DECL(test_wc_InitSha512_224),
TEST_DECL(test_wc_Sha512_224Update),
TEST_DECL(test_wc_Sha512_224Final),
TEST_DECL(test_wc_Sha512_224GetFlags),
TEST_DECL(test_wc_Sha512_224FinalRaw),
TEST_DECL(test_wc_Sha512_224Free),
TEST_DECL(test_wc_Sha512_224GetHash),
TEST_DECL(test_wc_Sha512_224Copy),
TEST_DECL(test_wc_InitSha512_256),
TEST_DECL(test_wc_Sha512_256Update),
TEST_DECL(test_wc_Sha512_256Final),
TEST_DECL(test_wc_Sha512_256GetFlags),
TEST_DECL(test_wc_Sha512_256FinalRaw),
TEST_DECL(test_wc_Sha512_256Free),
TEST_DECL(test_wc_Sha512_256GetHash),
TEST_DECL(test_wc_Sha512_256Copy),
TEST_DECL(test_wc_InitSha384),
TEST_DECL(test_wc_Sha384Update),
TEST_DECL(test_wc_Sha384Final),
TEST_DECL(test_wc_Sha384GetFlags),
TEST_DECL(test_wc_Sha384FinalRaw),
TEST_DECL(test_wc_Sha384Free),
TEST_DECL(test_wc_Sha384GetHash),
TEST_DECL(test_wc_Sha384Copy),
TEST_DECL(test_wc_InitBlake2b),
TEST_DECL(test_wc_InitBlake2b_WithKey),
TEST_DECL(test_wc_InitBlake2s_WithKey),
TEST_DECL(test_wc_InitRipeMd),
TEST_DECL(test_wc_RipeMdUpdate),
TEST_DECL(test_wc_RipeMdFinal),
TEST_DECL(test_wc_InitSha3),
TEST_DECL(testing_wc_Sha3_Update),
TEST_DECL(test_wc_Sha3_224_Final),
TEST_DECL(test_wc_Sha3_256_Final),
TEST_DECL(test_wc_Sha3_384_Final),
TEST_DECL(test_wc_Sha3_512_Final),
TEST_DECL(test_wc_Sha3_224_Copy),
TEST_DECL(test_wc_Sha3_256_Copy),
TEST_DECL(test_wc_Sha3_384_Copy),
TEST_DECL(test_wc_Sha3_512_Copy),
TEST_DECL(test_wc_Sha3_GetFlags),
TEST_DECL(test_wc_InitShake256),
TEST_DECL(testing_wc_Shake256_Update),
TEST_DECL(test_wc_Shake256_Final),
TEST_DECL(test_wc_Shake256_Copy),
TEST_DECL(test_wc_Shake256Hash),
/* SM3 Digest */
TEST_DECL(test_wc_InitSm3Free),
TEST_DECL(test_wc_Sm3UpdateFinal),
TEST_DECL(test_wc_Sm3GetHash),
TEST_DECL(test_wc_Sm3Copy),
TEST_DECL(test_wc_Sm3FinalRaw),
TEST_DECL(test_wc_Sm3GetSetFlags),
TEST_DECL(test_wc_Sm3Hash),
TEST_DECL(test_wc_HashInit),
TEST_DECL(test_wc_HashSetFlags),
TEST_DECL(test_wc_HashGetFlags),
/* HMAC */
TEST_DECL(test_wc_Md5HmacSetKey),
TEST_DECL(test_wc_Md5HmacUpdate),
TEST_DECL(test_wc_Md5HmacFinal),
TEST_DECL(test_wc_ShaHmacSetKey),
TEST_DECL(test_wc_ShaHmacUpdate),
TEST_DECL(test_wc_ShaHmacFinal),
TEST_DECL(test_wc_Sha224HmacSetKey),
TEST_DECL(test_wc_Sha224HmacUpdate),
TEST_DECL(test_wc_Sha224HmacFinal),
TEST_DECL(test_wc_Sha256HmacSetKey),
TEST_DECL(test_wc_Sha256HmacUpdate),
TEST_DECL(test_wc_Sha256HmacFinal),
TEST_DECL(test_wc_Sha384HmacSetKey),
TEST_DECL(test_wc_Sha384HmacUpdate),
TEST_DECL(test_wc_Sha384HmacFinal),
/* CMAC */
TEST_DECL(test_wc_InitCmac),
TEST_DECL(test_wc_CmacUpdate),
TEST_DECL(test_wc_CmacFinal),
TEST_DECL(test_wc_AesCmacGenerate),
/* Cipher */
TEST_DECL(test_wc_AesGcmStream),
TEST_DECL(test_wc_Des3_SetIV),
TEST_DECL(test_wc_Des3_SetKey),
TEST_DECL(test_wc_Des3_CbcEncryptDecrypt),
TEST_DECL(test_wc_Des3_CbcEncryptDecryptWithKey),
TEST_DECL(test_wc_Des3_EcbEncrypt),
TEST_DECL(test_wc_Chacha_SetKey),
TEST_DECL(test_wc_Chacha_Process),
TEST_DECL(test_wc_ChaCha20Poly1305_aead),
TEST_DECL(test_wc_Poly1305SetKey),
TEST_DECL(test_wc_CamelliaSetKey),
TEST_DECL(test_wc_CamelliaSetIV),
TEST_DECL(test_wc_CamelliaEncryptDecryptDirect),
TEST_DECL(test_wc_CamelliaCbcEncryptDecrypt),
TEST_DECL(test_wc_Arc4SetKey),
TEST_DECL(test_wc_Arc4Process),
TEST_DECL(test_wc_Rc2SetKey),
TEST_DECL(test_wc_Rc2SetIV),
TEST_DECL(test_wc_Rc2EcbEncryptDecrypt),
TEST_DECL(test_wc_Rc2CbcEncryptDecrypt),
/* AES cipher and GMAC. */
TEST_DECL(test_wc_AesSetKey),
TEST_DECL(test_wc_AesSetIV),
TEST_DECL(test_wc_AesCbcEncryptDecrypt),
TEST_DECL(test_wc_AesCtrEncryptDecrypt),
TEST_DECL(test_wc_AesGcmSetKey),
TEST_DECL(test_wc_AesGcmEncryptDecrypt),
TEST_DECL(test_wc_AesGcmMixedEncDecLongIV),
TEST_DECL(test_wc_GmacSetKey),
TEST_DECL(test_wc_GmacUpdate),
TEST_DECL(test_wc_AesCcmSetKey),
TEST_DECL(test_wc_AesCcmEncryptDecrypt),
#if defined(WOLFSSL_AES_EAX) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
TEST_DECL(test_wc_AesEaxVectors),
TEST_DECL(test_wc_AesEaxEncryptAuth),
TEST_DECL(test_wc_AesEaxDecryptAuth),
#endif /* WOLFSSL_AES_EAX */
/* SM4 cipher */
TEST_DECL(test_wc_Sm4),
TEST_DECL(test_wc_Sm4Ecb),
TEST_DECL(test_wc_Sm4Cbc),
TEST_DECL(test_wc_Sm4Ctr),
TEST_DECL(test_wc_Sm4Gcm),
TEST_DECL(test_wc_Sm4Ccm),
/* RNG tests */
#ifdef HAVE_HASHDRBG
#ifdef TEST_RESEED_INTERVAL
TEST_DECL(test_wc_RNG_GenerateBlock_Reseed),
#endif
TEST_DECL(test_wc_RNG_GenerateBlock),
#endif
TEST_DECL(test_get_rand_digit),
TEST_DECL(test_wc_InitRngNonce),
TEST_DECL(test_wc_InitRngNonce_ex),
/* MP API tests */
TEST_DECL(test_get_digit_count),
TEST_DECL(test_mp_cond_copy),
TEST_DECL(test_mp_rand),
TEST_DECL(test_get_digit),
TEST_DECL(test_wc_export_int),
/* RSA */
TEST_DECL(test_wc_InitRsaKey),
TEST_DECL(test_wc_RsaPrivateKeyDecode),
TEST_DECL(test_wc_RsaPublicKeyDecode),
TEST_DECL(test_wc_RsaPublicKeyDecodeRaw),
TEST_DECL(test_wc_RsaPrivateKeyDecodeRaw),
TEST_DECL(test_wc_MakeRsaKey),
TEST_DECL(test_wc_CheckProbablePrime),
TEST_DECL(test_wc_RsaPSS_Verify),
TEST_DECL(test_wc_RsaPSS_VerifyCheck),
TEST_DECL(test_wc_RsaPSS_VerifyCheckInline),
TEST_DECL(test_wc_RsaKeyToDer),
TEST_DECL(test_wc_RsaKeyToPublicDer),
TEST_DECL(test_wc_RsaPublicEncryptDecrypt),
TEST_DECL(test_wc_RsaPublicEncryptDecrypt_ex),
TEST_DECL(test_wc_RsaEncryptSize),
TEST_DECL(test_wc_RsaSSL_SignVerify),
TEST_DECL(test_wc_RsaFlattenPublicKey),
TEST_DECL(test_RsaDecryptBoundsCheck),
/* DSA */
TEST_DECL(test_wc_InitDsaKey),
TEST_DECL(test_wc_DsaSignVerify),
TEST_DECL(test_wc_DsaPublicPrivateKeyDecode),
TEST_DECL(test_wc_MakeDsaKey),
TEST_DECL(test_wc_DsaKeyToDer),
TEST_DECL(test_wc_DsaKeyToPublicDer),
TEST_DECL(test_wc_DsaImportParamsRaw),
TEST_DECL(test_wc_DsaImportParamsRawCheck),
TEST_DECL(test_wc_DsaExportParamsRaw),
TEST_DECL(test_wc_DsaExportKeyRaw),
/* DH */
TEST_DECL(test_wc_DhPublicKeyDecode),
/* wolfCrypt ECC tests */
TEST_DECL(test_wc_ecc_get_curve_size_from_name),
TEST_DECL(test_wc_ecc_get_curve_id_from_name),
TEST_DECL(test_wc_ecc_get_curve_id_from_params),
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
!defined(HAVE_SELFTEST) && \
!(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
TEST_DECL(test_wc_ecc_get_curve_id_from_dp_params),
#endif
TEST_DECL(test_wc_ecc_make_key),
TEST_DECL(test_wc_ecc_init),
TEST_DECL(test_wc_ecc_check_key),
TEST_DECL(test_wc_ecc_get_generator),
TEST_DECL(test_wc_ecc_size),
TEST_DECL(test_wc_ecc_params),
TEST_DECL(test_wc_ecc_signVerify_hash),
TEST_DECL(test_wc_ecc_shared_secret),
TEST_DECL(test_wc_ecc_export_x963),
TEST_DECL(test_wc_ecc_export_x963_ex),
TEST_DECL(test_wc_ecc_import_x963),
TEST_DECL(test_wc_ecc_import_private_key),
TEST_DECL(test_wc_ecc_export_private_only),
TEST_DECL(test_wc_ecc_rs_to_sig),
TEST_DECL(test_wc_ecc_import_raw),
TEST_DECL(test_wc_ecc_import_unsigned),
TEST_DECL(test_wc_ecc_sig_size),
TEST_DECL(test_wc_ecc_ctx_new),
TEST_DECL(test_wc_ecc_ctx_reset),
TEST_DECL(test_wc_ecc_ctx_set_peer_salt),
TEST_DECL(test_wc_ecc_ctx_set_info),
TEST_DECL(test_wc_ecc_encryptDecrypt),
TEST_DECL(test_wc_ecc_del_point),
TEST_DECL(test_wc_ecc_pointFns),
TEST_DECL(test_wc_ecc_shared_secret_ssh),
TEST_DECL(test_wc_ecc_verify_hash_ex),
TEST_DECL(test_wc_ecc_mulmod),
TEST_DECL(test_wc_ecc_is_valid_idx),
TEST_DECL(test_wc_ecc_get_curve_id_from_oid),
TEST_DECL(test_wc_ecc_sig_size_calc),
TEST_DECL(test_wc_EccPrivateKeyToDer),
/* SM2 elliptic curve */
TEST_DECL(test_wc_ecc_sm2_make_key),
TEST_DECL(test_wc_ecc_sm2_shared_secret),
TEST_DECL(test_wc_ecc_sm2_create_digest),
TEST_DECL(test_wc_ecc_sm2_verify_hash_ex),
TEST_DECL(test_wc_ecc_sm2_verify_hash),
TEST_DECL(test_wc_ecc_sm2_sign_hash_ex),
TEST_DECL(test_wc_ecc_sm2_sign_hash),
/* Curve25519 */
TEST_DECL(test_wc_curve25519_init),
TEST_DECL(test_wc_curve25519_size),
TEST_DECL(test_wc_curve25519_export_key_raw),
TEST_DECL(test_wc_curve25519_export_key_raw_ex),
TEST_DECL(test_wc_curve25519_make_key),
TEST_DECL(test_wc_curve25519_shared_secret_ex),
TEST_DECL(test_wc_curve25519_make_pub),
TEST_DECL(test_wc_curve25519_export_public_ex),
TEST_DECL(test_wc_curve25519_export_private_raw_ex),
TEST_DECL(test_wc_curve25519_import_private_raw_ex),
TEST_DECL(test_wc_curve25519_import_private),
/* ED25519 */
TEST_DECL(test_wc_ed25519_make_key),
TEST_DECL(test_wc_ed25519_init),
TEST_DECL(test_wc_ed25519_sign_msg),
TEST_DECL(test_wc_ed25519_import_public),
TEST_DECL(test_wc_ed25519_import_private_key),
TEST_DECL(test_wc_ed25519_export),
TEST_DECL(test_wc_ed25519_size),
TEST_DECL(test_wc_ed25519_exportKey),
TEST_DECL(test_wc_Ed25519PublicKeyToDer),
TEST_DECL(test_wc_Ed25519KeyToDer),
TEST_DECL(test_wc_Ed25519PrivateKeyToDer),
/* Curve448 */
TEST_DECL(test_wc_curve448_make_key),
TEST_DECL(test_wc_curve448_shared_secret_ex),
TEST_DECL(test_wc_curve448_export_public_ex),
TEST_DECL(test_wc_curve448_export_private_raw_ex),
TEST_DECL(test_wc_curve448_export_key_raw),
TEST_DECL(test_wc_curve448_import_private_raw_ex),
TEST_DECL(test_wc_curve448_import_private),
TEST_DECL(test_wc_curve448_init),
TEST_DECL(test_wc_curve448_size),
/* Ed448 */
TEST_DECL(test_wc_ed448_make_key),
TEST_DECL(test_wc_ed448_init),
TEST_DECL(test_wc_ed448_sign_msg),
TEST_DECL(test_wc_ed448_import_public),
TEST_DECL(test_wc_ed448_import_private_key),
TEST_DECL(test_wc_ed448_export),
TEST_DECL(test_wc_ed448_size),
TEST_DECL(test_wc_ed448_exportKey),
TEST_DECL(test_wc_Ed448PublicKeyToDer),
TEST_DECL(test_wc_Ed448KeyToDer),
TEST_DECL(test_wc_Ed448PrivateKeyToDer),
TEST_DECL(test_wc_Curve448PrivateKeyToDer),
/* Kyber */
TEST_DECL(test_wc_kyber_make_key_kats),
TEST_DECL(test_wc_kyber_encapsulate_kats),
TEST_DECL(test_wc_kyber_decapsulate_kats),
/* Dilithium */
TEST_DECL(test_wc_dilithium),
TEST_DECL(test_wc_dilithium_make_key),
TEST_DECL(test_wc_dilithium_sign),
TEST_DECL(test_wc_dilithium_verify),
TEST_DECL(test_wc_dilithium_check_key),
TEST_DECL(test_wc_dilithium_public_der_decode),
TEST_DECL(test_wc_dilithium_der),
TEST_DECL(test_wc_dilithium_make_key_from_seed),
TEST_DECL(test_wc_dilithium_verify_kats),
/* Signature API */
TEST_DECL(test_wc_SignatureGetSize_ecc),
TEST_DECL(test_wc_SignatureGetSize_rsa),
/* PEM and DER APIs. */
TEST_DECL(test_wc_PemToDer),
TEST_DECL(test_wc_AllocDer),
TEST_DECL(test_wc_CertPemToDer),
TEST_DECL(test_wc_KeyPemToDer),
TEST_DECL(test_wc_PubKeyPemToDer),
TEST_DECL(test_wc_PemPubKeyToDer),
TEST_DECL(test_wc_GetPubKeyDerFromCert),
TEST_DECL(test_wc_CheckCertSigPubKey),
/* wolfCrypt ASN tests */
TEST_DECL(test_ToTraditional),
TEST_DECL(test_wc_CreateEncryptedPKCS8Key),
TEST_DECL(test_wc_GetPkcs8TraditionalOffset),
/* Certificate */
TEST_DECL(test_wc_SetSubjectRaw),
TEST_DECL(test_wc_GetSubjectRaw),
TEST_DECL(test_wc_SetIssuerRaw),
TEST_DECL(test_wc_SetIssueBuffer),
TEST_DECL(test_wc_SetSubjectKeyId),
TEST_DECL(test_wc_SetSubject),
TEST_DECL(test_CheckCertSignature),
TEST_DECL(test_wc_ParseCert),
TEST_DECL(test_wc_ParseCert_Error),
TEST_DECL(test_MakeCertWithPathLen),
TEST_DECL(test_MakeCertWith0Ser),
TEST_DECL(test_MakeCertWithCaFalse),
TEST_DECL(test_wc_SetKeyUsage),
TEST_DECL(test_wc_SetAuthKeyIdFromPublicKey_ex),
TEST_DECL(test_wc_SetSubjectBuffer),
TEST_DECL(test_wc_SetSubjectKeyIdFromPublicKey_ex),
/* wolfcrypt PKCS#7 */
TEST_DECL(test_wc_PKCS7_New),
TEST_DECL(test_wc_PKCS7_Init),
TEST_DECL(test_wc_PKCS7_InitWithCert),
TEST_DECL(test_wc_PKCS7_EncodeData),
TEST_DECL(test_wc_PKCS7_EncodeSignedData),
TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex),
TEST_DECL(test_wc_PKCS7_VerifySignedData_RSA),
TEST_DECL(test_wc_PKCS7_VerifySignedData_ECC),
TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData),
TEST_DECL(test_wc_PKCS7_EncodeEncryptedData),
TEST_DECL(test_wc_PKCS7_Degenerate),
TEST_DECL(test_wc_PKCS7_BER),
TEST_DECL(test_wc_PKCS7_signed_enveloped),
TEST_DECL(test_wc_PKCS7_NoDefaultSignedAttribs),
TEST_DECL(test_wc_PKCS7_SetOriEncryptCtx),
TEST_DECL(test_wc_PKCS7_SetOriDecryptCtx),
TEST_DECL(test_wc_PKCS7_DecodeCompressedData),
/* wolfCrypt PKCS#12 */
TEST_DECL(test_wc_i2d_PKCS12),
/*
* test_wolfCrypt_Cleanup needs to come after the above wolfCrypt tests to
* avoid memory leaks.
*/
TEST_DECL(test_wolfCrypt_Cleanup),
TEST_DECL(test_wolfSSL_Init),
TEST_DECL(test_dual_alg_support),
/*********************************
* OpenSSL compatibility API tests
*********************************/
/* If at some point a stub get implemented this test should fail indicating
* a need to implement a new test case
*/
TEST_DECL(test_stubs_are_stubs),
/* ASN.1 compatibility API tests */
TEST_DECL(test_wolfSSL_ASN1_BIT_STRING),
TEST_DECL(test_wolfSSL_ASN1_INTEGER),
TEST_DECL(test_wolfSSL_ASN1_INTEGER_cmp),
TEST_DECL(test_wolfSSL_ASN1_INTEGER_BN),
TEST_DECL(test_wolfSSL_ASN1_INTEGER_get_set),
TEST_DECL(test_wolfSSL_d2i_ASN1_INTEGER),
TEST_DECL(test_wolfSSL_a2i_ASN1_INTEGER),
TEST_DECL(test_wolfSSL_i2c_ASN1_INTEGER),
TEST_DECL(test_wolfSSL_ASN1_OBJECT),
TEST_DECL(test_wolfSSL_ASN1_get_object),
TEST_DECL(test_wolfSSL_i2a_ASN1_OBJECT),
TEST_DECL(test_wolfSSL_i2t_ASN1_OBJECT),
TEST_DECL(test_wolfSSL_sk_ASN1_OBJECT),
TEST_DECL(test_wolfSSL_ASN1_STRING),
TEST_DECL(test_wolfSSL_ASN1_STRING_to_UTF8),
TEST_DECL(test_wolfSSL_i2s_ASN1_STRING),
TEST_DECL(test_wolfSSL_ASN1_STRING_canon),
TEST_DECL(test_wolfSSL_ASN1_STRING_print),
TEST_DECL(test_wolfSSL_ASN1_STRING_print_ex),
TEST_DECL(test_wolfSSL_ASN1_UNIVERSALSTRING_to_string),
TEST_DECL(test_wolfSSL_ASN1_GENERALIZEDTIME_free),
TEST_DECL(test_wolfSSL_ASN1_GENERALIZEDTIME_print),
TEST_DECL(test_wolfSSL_ASN1_TIME),
TEST_DECL(test_wolfSSL_ASN1_TIME_to_string),
TEST_DECL(test_wolfSSL_ASN1_TIME_diff_compare),
TEST_DECL(test_wolfSSL_ASN1_TIME_adj),
TEST_DECL(test_wolfSSL_ASN1_TIME_to_tm),
TEST_DECL(test_wolfSSL_ASN1_TIME_to_generalizedtime),
TEST_DECL(test_wolfSSL_ASN1_TIME_print),
TEST_DECL(test_wolfSSL_ASN1_UTCTIME_print),
TEST_DECL(test_wolfSSL_ASN1_TYPE),
TEST_DECL(test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS),
TEST_DECL(test_wolfSSL_lhash),
TEST_DECL(test_wolfSSL_certs),
TEST_DECL(test_wolfSSL_private_keys),
TEST_DECL(test_wolfSSL_PEM_def_callback),
TEST_DECL(test_wolfSSL_PEM_read_PrivateKey),
TEST_DECL(test_wolfSSL_PEM_read_RSA_PUBKEY),
TEST_DECL(test_wolfSSL_PEM_read_PUBKEY),
TEST_DECL(test_wolfSSL_PEM_PrivateKey_rsa),
TEST_DECL(test_wolfSSL_PEM_PrivateKey_ecc),
TEST_DECL(test_wolfSSL_PEM_PrivateKey_dsa),
TEST_DECL(test_wolfSSL_PEM_PrivateKey_dh),
TEST_DECL(test_wolfSSL_PEM_PrivateKey),
TEST_DECL(test_wolfSSL_PEM_file_RSAKey),
TEST_DECL(test_wolfSSL_PEM_file_RSAPrivateKey),
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_BIO),
TEST_DECL(test_wolfSSL_BIO_BIO_ring_read),
TEST_DECL(test_wolfSSL_PEM_read_bio),
TEST_DECL(test_wolfSSL_PEM_bio_RSAKey),
TEST_DECL(test_wolfSSL_PEM_bio_DSAKey),
TEST_DECL(test_wolfSSL_PEM_bio_ECKey),
TEST_DECL(test_wolfSSL_PEM_bio_RSAPrivateKey),
TEST_DECL(test_wolfSSL_PEM_PUBKEY),
#endif
/* EVP API testing */
TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_new),
TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_free),
TEST_DECL(test_wolfSSL_EVP_EncodeInit),
TEST_DECL(test_wolfSSL_EVP_EncodeUpdate),
TEST_DECL(test_wolfSSL_EVP_EncodeFinal),
TEST_DECL(test_wolfSSL_EVP_DecodeInit),
TEST_DECL(test_wolfSSL_EVP_DecodeUpdate),
TEST_DECL(test_wolfSSL_EVP_DecodeFinal),
TEST_DECL(test_wolfSSL_EVP_shake128),
TEST_DECL(test_wolfSSL_EVP_shake256),
TEST_DECL(test_wolfSSL_EVP_sm3),
TEST_DECL(test_EVP_blake2),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_EVP_md4),
TEST_DECL(test_wolfSSL_EVP_ripemd160),
TEST_DECL(test_wolfSSL_EVP_get_digestbynid),
TEST_DECL(test_wolfSSL_EVP_MD_nid),
TEST_DECL(test_wolfSSL_EVP_DigestFinal_ex),
#endif
TEST_DECL(test_EVP_MD_do_all),
TEST_DECL(test_wolfSSL_EVP_MD_size),
TEST_DECL(test_wolfSSL_EVP_MD_pkey_type),
TEST_DECL(test_wolfSSL_EVP_Digest),
TEST_DECL(test_wolfSSL_EVP_Digest_all),
TEST_DECL(test_wolfSSL_EVP_MD_hmac_signing),
TEST_DECL(test_wolfSSL_EVP_MD_rsa_signing),
TEST_DECL(test_wolfSSL_EVP_MD_ecc_signing),
TEST_DECL(test_wolfssl_EVP_aes_gcm),
TEST_DECL(test_wolfssl_EVP_aes_gcm_AAD_2_parts),
TEST_DECL(test_wolfssl_EVP_aes_gcm_zeroLen),
TEST_DECL(test_wolfssl_EVP_aes_ccm),
TEST_DECL(test_wolfssl_EVP_aes_ccm_zeroLen),
TEST_DECL(test_wolfssl_EVP_chacha20),
TEST_DECL(test_wolfssl_EVP_chacha20_poly1305),
TEST_DECL(test_wolfssl_EVP_sm4_ecb),
TEST_DECL(test_wolfssl_EVP_sm4_cbc),
TEST_DECL(test_wolfssl_EVP_sm4_ctr),
TEST_DECL(test_wolfssl_EVP_sm4_gcm_zeroLen),
TEST_DECL(test_wolfssl_EVP_sm4_gcm),
TEST_DECL(test_wolfssl_EVP_sm4_ccm_zeroLen),
TEST_DECL(test_wolfssl_EVP_sm4_ccm),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_EVP_aes_256_gcm),
TEST_DECL(test_wolfSSL_EVP_aes_192_gcm),
TEST_DECL(test_wolfSSL_EVP_aes_256_ccm),
TEST_DECL(test_wolfSSL_EVP_aes_192_ccm),
TEST_DECL(test_wolfSSL_EVP_aes_128_ccm),
TEST_DECL(test_wolfSSL_EVP_rc4),
TEST_DECL(test_wolfSSL_EVP_enc_null),
TEST_DECL(test_wolfSSL_EVP_rc2_cbc),
TEST_DECL(test_wolfSSL_EVP_mdc2),
TEST_DECL(test_evp_cipher_aes_gcm),
#endif
TEST_DECL(test_wolfssl_EVP_aria_gcm),
TEST_DECL(test_wolfSSL_EVP_Cipher_extra),
#ifdef OPENSSL_EXTRA
TEST_DECL(test_wolfSSL_EVP_get_cipherbynid),
TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX),
#endif
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_iv_length),
TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_key_length),
TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_iv),
TEST_DECL(test_wolfSSL_EVP_CIPHER_block_size),
TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length),
TEST_DECL(test_wolfSSL_EVP_X_STATE),
TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN),
TEST_DECL(test_wolfSSL_EVP_BytesToKey),
#endif
TEST_DECL(test_wolfSSL_EVP_PKEY_print_public),
TEST_DECL(test_wolfSSL_EVP_PKEY_new_mac_key),
TEST_DECL(test_wolfSSL_EVP_PKEY_new_CMAC_key),
TEST_DECL(test_wolfSSL_EVP_PKEY_up_ref),
TEST_DECL(test_wolfSSL_EVP_PKEY_hkdf),
TEST_DECL(test_wolfSSL_EVP_PKEY_derive),
TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey),
TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey_ecc),
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_d2i_PUBKEY),
#endif
TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams),
TEST_DECL(test_wolfSSL_i2d_PrivateKey),
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio),
#endif /* !NO_BIO */
#endif
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DSA),
TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY),
TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DH),
TEST_DECL(test_wolfSSL_EVP_PKEY_assign),
TEST_DECL(test_wolfSSL_EVP_PKEY_assign_DH),
TEST_DECL(test_wolfSSL_EVP_PKEY_base_id),
TEST_DECL(test_wolfSSL_EVP_PKEY_id),
TEST_DECL(test_wolfSSL_EVP_PKEY_paramgen),
TEST_DECL(test_wolfSSL_EVP_PKEY_keygen),
TEST_DECL(test_wolfSSL_EVP_PKEY_keygen_init),
TEST_DECL(test_wolfSSL_EVP_PKEY_missing_parameters),
TEST_DECL(test_wolfSSL_EVP_PKEY_copy_parameters),
TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits),
TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_new_id),
TEST_DECL(test_wolfSSL_EVP_PKEY_get0_EC_KEY),
#endif
TEST_DECL(test_EVP_PKEY_rsa),
TEST_DECL(test_EVP_PKEY_ec),
TEST_DECL(test_wolfSSL_EVP_PKEY_encrypt),
TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_rsa),
TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_dsa),
TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_ec),
TEST_DECL(test_EVP_PKEY_cmp),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_EVP_SignInit_ex),
TEST_DECL(test_wolfSSL_EVP_PKEY_param_check),
TEST_DECL(test_wolfSSL_QT_EVP_PKEY_CTX_free),
#endif
TEST_DECL(test_wolfSSL_EVP_PBE_scrypt),
TEST_DECL(test_wolfSSL_CTX_add_extra_chain_cert),
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
TEST_DECL(test_wolfSSL_ERR_peek_last_error_line),
#endif
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_ERR_print_errors_cb),
TEST_DECL(test_wolfSSL_GetLoggingCb),
TEST_DECL(test_WOLFSSL_ERROR_MSG),
TEST_DECL(test_wc_ERR_remove_state),
TEST_DECL(test_wc_ERR_print_errors_fp),
#endif
TEST_DECL(test_wolfSSL_configure_args),
TEST_DECL(test_wolfSSL_sk_SSL_CIPHER),
TEST_DECL(test_wolfSSL_set1_curves_list),
TEST_DECL(test_wolfSSL_curves_mismatch),
TEST_DECL(test_wolfSSL_set1_sigalgs_list),
TEST_DECL(test_wolfSSL_OtherName),
TEST_DECL(test_wolfSSL_FPKI),
TEST_DECL(test_wolfSSL_URI),
TEST_DECL(test_wolfSSL_TBS),
TEST_DECL(test_wolfSSL_X509_STORE_CTX),
TEST_DECL(test_X509_STORE_untrusted),
TEST_DECL(test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup),
TEST_DECL(test_wolfSSL_X509_STORE_CTX_get0_current_issuer),
TEST_DECL(test_wolfSSL_X509_STORE_set_flags),
TEST_DECL(test_wolfSSL_X509_LOOKUP_load_file),
TEST_DECL(test_wolfSSL_X509_Name_canon),
TEST_DECL(test_wolfSSL_X509_LOOKUP_ctrl_file),
TEST_DECL(test_wolfSSL_X509_LOOKUP_ctrl_hash_dir),
TEST_DECL(test_wolfSSL_X509_NID),
TEST_DECL(test_wolfSSL_X509_STORE_CTX_set_time),
TEST_DECL(test_wolfSSL_get0_param),
TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM_set1_host),
TEST_DECL(test_wolfSSL_set1_host),
TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM_set1_ip),
TEST_DECL(test_wolfSSL_X509_STORE_CTX_get0_store),
TEST_DECL(test_wolfSSL_X509_STORE),
TEST_DECL(test_wolfSSL_X509_STORE_load_locations),
TEST_DECL(test_X509_STORE_get0_objects),
TEST_DECL(test_wolfSSL_X509_load_crl_file),
TEST_DECL(test_wolfSSL_X509_STORE_get1_certs),
TEST_DECL(test_wolfSSL_X509_STORE_set_get_crl),
TEST_DECL(test_wolfSSL_X509_NAME_ENTRY_get_object),
TEST_DECL(test_wolfSSL_X509_cmp_time),
TEST_DECL(test_wolfSSL_X509_time_adj),
/* X509 tests */
TEST_DECL(test_wolfSSL_X509_subject_name_hash),
TEST_DECL(test_wolfSSL_X509_issuer_name_hash),
TEST_DECL(test_wolfSSL_X509_check_host),
TEST_DECL(test_wolfSSL_X509_check_email),
TEST_DECL(test_wolfSSL_X509_check_private_key),
TEST_DECL(test_wolfSSL_X509),
TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM),
TEST_DECL(test_wolfSSL_X509_sign),
TEST_DECL(test_wolfSSL_X509_sign2),
TEST_DECL(test_wolfSSL_X509_verify),
TEST_DECL(test_wolfSSL_X509_get0_tbs_sigalg),
TEST_DECL(test_wolfSSL_X509_ALGOR_get0),
TEST_DECL(test_wolfSSL_X509_get_X509_PUBKEY),
TEST_DECL(test_wolfSSL_X509_PUBKEY_RSA),
TEST_DECL(test_wolfSSL_X509_PUBKEY_EC),
TEST_DECL(test_wolfSSL_X509_PUBKEY_DSA),
TEST_DECL(test_wolfSSL_PEM_write_bio_X509),
TEST_DECL(test_wolfSSL_X509_NAME_get_entry),
TEST_DECL(test_wolfSSL_X509_NAME),
TEST_DECL(test_wolfSSL_X509_NAME_hash),
TEST_DECL(test_wolfSSL_X509_NAME_print_ex),
TEST_DECL(test_wolfSSL_X509_NAME_ENTRY),
TEST_DECL(test_wolfSSL_X509_set_name),
TEST_DECL(test_wolfSSL_X509_set_notAfter),
TEST_DECL(test_wolfSSL_X509_set_notBefore),
TEST_DECL(test_wolfSSL_X509_set_version),
TEST_DECL(test_wolfSSL_X509_get_serialNumber),
TEST_DECL(test_wolfSSL_X509_CRL),
TEST_DECL(test_wolfSSL_i2d_X509),
TEST_DECL(test_wolfSSL_d2i_X509_REQ),
TEST_DECL(test_wolfSSL_PEM_read_X509),
TEST_DECL(test_wolfSSL_X509_check_ca),
TEST_DECL(test_wolfSSL_X509_check_ip_asc),
TEST_DECL(test_wolfSSL_X509_bad_altname),
TEST_DECL(test_wolfSSL_X509_name_match),
TEST_DECL(test_wolfSSL_X509_name_match2),
TEST_DECL(test_wolfSSL_X509_name_match3),
TEST_DECL(test_wolfSSL_X509_max_altnames),
TEST_DECL(test_wolfSSL_X509_max_name_constraints),
TEST_DECL(test_wolfSSL_make_cert),
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_X509_INFO_multiple_info),
TEST_DECL(test_wolfSSL_X509_INFO),
TEST_DECL(test_wolfSSL_PEM_X509_INFO_read_bio),
#endif
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_X509_PUBKEY_get),
#endif
TEST_DECL(test_wolfSSL_X509_CA_num),
TEST_DECL(test_wolfSSL_X509_get_version),
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_X509_print),
TEST_DECL(test_wolfSSL_X509_CRL_print),
#endif
TEST_DECL(test_X509_get_signature_nid),
/* X509 extension testing. */
TEST_DECL(test_wolfSSL_X509_get_extension_flags),
TEST_DECL(test_wolfSSL_X509_get_ext),
TEST_DECL(test_wolfSSL_X509_get_ext_by_NID),
TEST_DECL(test_wolfSSL_X509_get_ext_subj_alt_name),
TEST_DECL(test_wolfSSL_X509_get_ext_count),
TEST_DECL(test_wolfSSL_X509_EXTENSION_new),
TEST_DECL(test_wolfSSL_X509_EXTENSION_get_object),
TEST_DECL(test_wolfSSL_X509_EXTENSION_get_data),
TEST_DECL(test_wolfSSL_X509_EXTENSION_get_critical),
TEST_DECL(test_wolfSSL_X509V3_EXT_get),
TEST_DECL(test_wolfSSL_X509V3_EXT_nconf),
TEST_DECL(test_wolfSSL_X509V3_EXT),
TEST_DECL(test_wolfSSL_X509V3_EXT_print),
TEST_DECL(test_wolfSSL_X509_cmp),
TEST_DECL(test_GENERAL_NAME_set0_othername),
TEST_DECL(test_othername_and_SID_ext),
TEST_DECL(test_wolfSSL_dup_CA_list),
/* OpenSSL sk_X509 API test */
TEST_DECL(test_sk_X509),
/* OpenSSL sk_X509_CRL API test */
TEST_DECL(test_sk_X509_CRL),
/* OpenSSL X509 REQ API test */
TEST_DECL(test_X509_REQ),
/* OpenSSL compatibility outside SSL context w/ CRL lookup directory */
TEST_DECL(test_X509_STORE_No_SSL_CTX),
TEST_DECL(test_X509_LOOKUP_add_dir),
/* RAND compatibility API */
TEST_DECL(test_wolfSSL_RAND_set_rand_method),
TEST_DECL(test_wolfSSL_RAND_bytes),
TEST_DECL(test_wolfSSL_RAND),
/* BN compatibility API */
TEST_DECL(test_wolfSSL_BN_CTX),
TEST_DECL(test_wolfSSL_BN),
TEST_DECL(test_wolfSSL_BN_init),
TEST_DECL(test_wolfSSL_BN_enc_dec),
TEST_DECL(test_wolfSSL_BN_word),
TEST_DECL(test_wolfSSL_BN_bits),
TEST_DECL(test_wolfSSL_BN_shift),
TEST_DECL(test_wolfSSL_BN_math),
TEST_DECL(test_wolfSSL_BN_math_mod),
TEST_DECL(test_wolfSSL_BN_math_other),
TEST_DECL(test_wolfSSL_BN_rand),
TEST_DECL(test_wolfSSL_BN_prime),
/* OpenSSL PKCS5 API test */
TEST_DECL(test_wolfSSL_PKCS5),
/* OpenSSL PKCS8 API test */
TEST_DECL(test_wolfSSL_PKCS8_Compat),
TEST_DECL(test_wolfSSL_PKCS8_d2i),
/* OpenSSL PKCS7 API test */
TEST_DECL(test_wolfssl_PKCS7),
TEST_DECL(test_wolfSSL_PKCS7_certs),
TEST_DECL(test_wolfSSL_PKCS7_sign),
TEST_DECL(test_wolfSSL_PKCS7_SIGNED_new),
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_PEM_write_bio_PKCS7),
#ifdef HAVE_SMIME
TEST_DECL(test_wolfSSL_SMIME_read_PKCS7),
TEST_DECL(test_wolfSSL_SMIME_write_PKCS7),
#endif /* HAVE_SMIME */
#endif /* !NO_BIO */
/* OpenSSL PKCS12 API test */
TEST_DECL(test_wolfSSL_PKCS12),
/* Can't memory test as callbacks use Assert. */
TEST_DECL(test_error_queue_per_thread),
TEST_DECL(test_wolfSSL_ERR_put_error),
TEST_DECL(test_wolfSSL_ERR_get_error_order),
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_ERR_print_errors),
#endif
TEST_DECL(test_OBJ_NAME_do_all),
TEST_DECL(test_wolfSSL_OBJ),
TEST_DECL(test_wolfSSL_OBJ_cmp),
TEST_DECL(test_wolfSSL_OBJ_txt2nid),
TEST_DECL(test_wolfSSL_OBJ_txt2obj),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_OBJ_ln),
TEST_DECL(test_wolfSSL_OBJ_sn),
#endif
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_BIO_gets),
TEST_DECL(test_wolfSSL_BIO_puts),
TEST_DECL(test_wolfSSL_BIO_dump),
/* Can't memory test as server hangs. */
TEST_DECL(test_wolfSSL_BIO_should_retry),
TEST_DECL(test_wolfSSL_BIO_write),
TEST_DECL(test_wolfSSL_BIO_printf),
TEST_DECL(test_wolfSSL_BIO_f_md),
TEST_DECL(test_wolfSSL_BIO_up_ref),
TEST_DECL(test_wolfSSL_BIO_reset),
TEST_DECL(test_wolfSSL_BIO_get_len),
#endif
TEST_DECL(test_wolfSSL_check_domain),
TEST_DECL(test_wolfSSL_cert_cb),
TEST_DECL(test_wolfSSL_cert_cb_dyn_ciphers),
TEST_DECL(test_wolfSSL_ciphersuite_auth),
TEST_DECL(test_wolfSSL_sigalg_info),
/* Can't memory test as tcp_connect aborts. */
TEST_DECL(test_wolfSSL_SESSION),
TEST_DECL(test_wolfSSL_SESSION_expire_downgrade),
TEST_DECL(test_wolfSSL_CTX_sess_set_remove_cb),
TEST_DECL(test_wolfSSL_ticket_keys),
TEST_DECL(test_wolfSSL_sk_GENERAL_NAME),
TEST_DECL(test_wolfSSL_GENERAL_NAME_print),
TEST_DECL(test_wolfSSL_sk_DIST_POINT),
TEST_DECL(test_wolfSSL_verify_mode),
TEST_DECL(test_wolfSSL_verify_depth),
TEST_DECL(test_wolfSSL_verify_result),
TEST_DECL(test_wolfSSL_msg_callback),
TEST_DECL(test_wolfSSL_OCSP_id_get0_info),
TEST_DECL(test_wolfSSL_i2d_OCSP_CERTID),
TEST_DECL(test_wolfSSL_d2i_OCSP_CERTID),
TEST_DECL(test_wolfSSL_OCSP_id_cmp),
TEST_DECL(test_wolfSSL_OCSP_SINGLERESP_get0_id),
TEST_DECL(test_wolfSSL_OCSP_single_get0_status),
TEST_DECL(test_wolfSSL_OCSP_resp_count),
TEST_DECL(test_wolfSSL_OCSP_resp_get0),
TEST_DECL(test_wolfSSL_PEM_read),
TEST_DECL(test_wolfSSL_OpenSSL_version),
TEST_DECL(test_wolfSSL_OpenSSL_add_all_algorithms),
TEST_DECL(test_wolfSSL_OPENSSL_hexstr2buf),
TEST_DECL(test_CONF_modules_xxx),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_TXT_DB),
TEST_DECL(test_wolfSSL_NCONF),
#endif
TEST_DECL(test_wolfSSL_CRYPTO_memcmp),
TEST_DECL(test_wolfSSL_CRYPTO_get_ex_new_index),
TEST_DECL(test_wolfSSL_SESSION_get_ex_new_index),
TEST_DECL(test_CRYPTO_set_dynlock_xxx),
TEST_DECL(test_CRYPTO_THREADID_xxx),
TEST_DECL(test_ENGINE_cleanup),
/* test the no op functions for compatibility */
TEST_DECL(test_no_op_functions),
/* OpenSSL error API tests */
TEST_DECL(test_ERR_load_crypto_strings),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_sk_CIPHER_description),
TEST_DECL(test_wolfSSL_get_ciphers_compat),
TEST_DECL(test_wolfSSL_CTX_ctrl),
#endif /* OPENSSL_ALL */
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
TEST_DECL(test_wolfSSL_CTX_use_certificate_ASN1),
#endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */
/*********************************
* Crypto API tests
*********************************/
TEST_DECL(test_wolfSSL_MD4),
TEST_DECL(test_wolfSSL_MD5),
TEST_DECL(test_wolfSSL_MD5_Transform),
TEST_DECL(test_wolfSSL_SHA),
TEST_DECL(test_wolfSSL_SHA_Transform),
TEST_DECL(test_wolfSSL_SHA224),
TEST_DECL(test_wolfSSL_SHA256),
TEST_DECL(test_wolfSSL_SHA256_Transform),
TEST_DECL(test_wolfSSL_SHA512_Transform),
TEST_DECL(test_wolfSSL_SHA512_224_Transform),
TEST_DECL(test_wolfSSL_SHA512_256_Transform),
TEST_DECL(test_wolfSSL_HMAC_CTX),
TEST_DECL(test_wolfSSL_HMAC),
TEST_DECL(test_wolfSSL_CMAC),
TEST_DECL(test_wolfSSL_DES),
TEST_DECL(test_wolfSSL_DES_ncbc),
TEST_DECL(test_wolfSSL_DES_ecb_encrypt),
TEST_DECL(test_wolfSSL_DES_ede3_cbc_encrypt),
TEST_DECL(test_wolfSSL_AES_encrypt),
TEST_DECL(test_wolfSSL_AES_ecb_encrypt),
TEST_DECL(test_wolfSSL_AES_cbc_encrypt),
TEST_DECL(test_wolfSSL_AES_cfb128_encrypt),
TEST_DECL(test_wolfSSL_CRYPTO_cts128),
TEST_DECL(test_wolfSSL_RC4),
TEST_DECL(test_wolfSSL_RSA),
TEST_DECL(test_wolfSSL_RSA_DER),
TEST_DECL(test_wolfSSL_RSA_print),
TEST_DECL(test_wolfSSL_RSA_padding_add_PKCS1_PSS),
TEST_DECL(test_wolfSSL_RSA_sign_sha3),
TEST_DECL(test_wolfSSL_RSA_get0_key),
TEST_DECL(test_wolfSSL_RSA_meth),
TEST_DECL(test_wolfSSL_RSA_verify),
TEST_DECL(test_wolfSSL_RSA_sign),
TEST_DECL(test_wolfSSL_RSA_sign_ex),
TEST_DECL(test_wolfSSL_RSA_public_decrypt),
TEST_DECL(test_wolfSSL_RSA_private_encrypt),
TEST_DECL(test_wolfSSL_RSA_public_encrypt),
TEST_DECL(test_wolfSSL_RSA_private_decrypt),
TEST_DECL(test_wolfSSL_RSA_GenAdd),
TEST_DECL(test_wolfSSL_RSA_blinding_on),
TEST_DECL(test_wolfSSL_RSA_ex_data),
TEST_DECL(test_wolfSSL_RSA_LoadDer),
TEST_DECL(test_wolfSSL_RSA_To_Der),
TEST_DECL(test_wolfSSL_PEM_read_RSAPublicKey),
TEST_DECL(test_wolfSSL_PEM_write_RSA_PUBKEY),
TEST_DECL(test_wolfSSL_PEM_write_RSAPrivateKey),
TEST_DECL(test_wolfSSL_PEM_write_mem_RSAPrivateKey),
TEST_DECL(test_wolfSSL_DH),
TEST_DECL(test_wolfSSL_DH_dup),
TEST_DECL(test_wolfSSL_DH_check),
TEST_DECL(test_wolfSSL_DH_prime),
TEST_DECL(test_wolfSSL_DH_1536_prime),
TEST_DECL(test_wolfSSL_DH_get_2048_256),
TEST_DECL(test_wolfSSL_PEM_write_DHparams),
TEST_DECL(test_wolfSSL_PEM_read_DHparams),
TEST_DECL(test_wolfSSL_d2i_DHparams),
TEST_DECL(test_wolfSSL_DH_LoadDer),
TEST_DECL(test_wolfSSL_i2d_DHparams),
#if defined(HAVE_ECC) && !defined(OPENSSL_NO_PK)
TEST_DECL(test_wolfSSL_EC_GROUP),
TEST_DECL(test_wolfSSL_PEM_read_bio_ECPKParameters),
TEST_DECL(test_wolfSSL_EC_POINT),
TEST_DECL(test_wolfSSL_SPAKE),
TEST_DECL(test_wolfSSL_EC_KEY_generate),
TEST_DECL(test_EC_i2d),
TEST_DECL(test_wolfSSL_EC_curve),
TEST_DECL(test_wolfSSL_EC_KEY_dup),
TEST_DECL(test_wolfSSL_EC_KEY_set_group),
TEST_DECL(test_wolfSSL_EC_KEY_set_conv_form),
TEST_DECL(test_wolfSSL_EC_KEY_private_key),
TEST_DECL(test_wolfSSL_EC_KEY_public_key),
TEST_DECL(test_wolfSSL_EC_KEY_print_fp),
TEST_DECL(test_wolfSSL_EC_get_builtin_curves),
TEST_DECL(test_wolfSSL_ECDSA_SIG),
TEST_DECL(test_ECDSA_size_sign),
TEST_DECL(test_ECDH_compute_key),
#endif
#ifdef OPENSSL_EXTRA
TEST_DECL(test_EC25519),
TEST_DECL(test_ED25519),
TEST_DECL(test_EC448),
TEST_DECL(test_ED448),
#endif
TEST_DECL(test_DSA_do_sign_verify),
#ifdef OPENSSL_ALL
TEST_DECL(test_wolfSSL_DSA_generate_parameters),
TEST_DECL(test_wolfSSL_DSA_SIG),
#endif
TEST_DECL(test_openssl_generate_key_and_cert),
TEST_DECL(test_wolfSSL_FIPS_mode),
TEST_DECL(test_openssl_FIPS_drbg),
/*********************************
* CertManager API tests
*********************************/
TEST_DECL(test_wolfSSL_CertManagerAPI),
TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer),
TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer_ex),
TEST_DECL(test_wolfSSL_CertManagerGetCerts),
TEST_DECL(test_wolfSSL_CertManagerSetVerify),
TEST_DECL(test_wolfSSL_CertManagerNameConstraint),
TEST_DECL(test_wolfSSL_CertManagerNameConstraint2),
TEST_DECL(test_wolfSSL_CertManagerNameConstraint3),
TEST_DECL(test_wolfSSL_CertManagerNameConstraint4),
TEST_DECL(test_wolfSSL_CertManagerNameConstraint5),
TEST_DECL(test_wolfSSL_CertManagerCRL),
TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse),
TEST_DECL(test_wolfSSL_CheckOCSPResponse),
#ifdef HAVE_CERT_CHAIN_VALIDATION
TEST_DECL(test_various_pathlen_chains),
#endif
/*********************************
* SSL/TLS API tests
*********************************/
TEST_DECL(test_wolfSSL_Method_Allocators),
#ifndef NO_WOLFSSL_SERVER
TEST_DECL(test_wolfSSL_CTX_new),
#endif
TEST_DECL(test_server_wolfSSL_new),
TEST_DECL(test_client_wolfSSL_new),
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
TEST_DECL(test_for_double_Free),
#endif
TEST_DECL(test_wolfSSL_set_options),
#ifdef WOLFSSL_TLS13
/* TLS v1.3 API tests */
TEST_DECL(test_tls13_apis),
TEST_DECL(test_tls13_cipher_suites),
#endif
TEST_DECL(test_wolfSSL_tmp_dh),
TEST_DECL(test_wolfSSL_ctrl),
#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))
TEST_DECL(test_wolfSSL_set_SSL_CTX),
#endif
TEST_DECL(test_wolfSSL_CTX_get_min_proto_version),
TEST_DECL(test_wolfSSL_security_level),
TEST_DECL(test_wolfSSL_SSL_in_init),
TEST_DECL(test_wolfSSL_CTX_set_timeout),
TEST_DECL(test_wolfSSL_set_psk_use_session_callback),
TEST_DECL(test_CONF_CTX_FILE),
TEST_DECL(test_CONF_CTX_CMDLINE),
#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
!defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
/* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
/* Bad certificate signature tests */
TEST_DECL(test_EccSigFailure_cm),
TEST_DECL(test_RsaSigFailure_cm),
#endif /* NO_CERTS */
/* PKCS8 testing */
TEST_DECL(test_wolfSSL_no_password_cb),
TEST_DECL(test_wolfSSL_PKCS8),
TEST_DECL(test_wolfSSL_PKCS8_ED25519),
TEST_DECL(test_wolfSSL_PKCS8_ED448),
#ifdef HAVE_IO_TESTS_DEPENDENCIES
TEST_DECL(test_wolfSSL_get_finished),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_CTX_add_session),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls13),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls13),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls12),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls12),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls11),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls1),
#endif
TEST_DECL(test_SSL_CIPHER_get_xxx),
TEST_DECL(test_wolfSSL_ERR_strings),
TEST_DECL(test_wolfSSL_CTX_set_cipher_list_bytes),
TEST_DECL(test_wolfSSL_CTX_use_certificate),
TEST_DECL(test_wolfSSL_CTX_use_certificate_file),
TEST_DECL(test_wolfSSL_CTX_use_certificate_buffer),
TEST_DECL(test_wolfSSL_use_certificate_buffer),
TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file),
TEST_DECL(test_wolfSSL_CTX_use_RSAPrivateKey_file),
TEST_DECL(test_wolfSSL_use_RSAPrivateKey_file),
TEST_DECL(test_wolfSSL_CTX_use_PrivateKey),
TEST_DECL(test_wolfSSL_CTX_load_verify_locations),
/* Large number of memory allocations. */
TEST_DECL(test_wolfSSL_CTX_load_system_CA_certs),
#ifdef HAVE_CERT_CHAIN_VALIDATION
TEST_DECL(test_wolfSSL_CertRsaPss),
#endif
TEST_DECL(test_wolfSSL_CTX_load_verify_locations_ex),
TEST_DECL(test_wolfSSL_CTX_load_verify_buffer_ex),
TEST_DECL(test_wolfSSL_CTX_load_verify_chain_buffer_format),
TEST_DECL(test_wolfSSL_CTX_add1_chain_cert),
TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_buffer_format),
TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_file_format),
TEST_DECL(test_wolfSSL_use_certificate_chain_file),
TEST_DECL(test_wolfSSL_CTX_trust_peer_cert),
TEST_DECL(test_wolfSSL_CTX_LoadCRL),
TEST_DECL(test_multiple_crls_same_issuer),
TEST_DECL(test_wolfSSL_CTX_SetTmpDH_file),
TEST_DECL(test_wolfSSL_CTX_SetTmpDH_buffer),
TEST_DECL(test_wolfSSL_CTX_SetMinMaxDhKey_Sz),
TEST_DECL(test_wolfSSL_CTX_der_load_verify_locations),
TEST_DECL(test_wolfSSL_CTX_enable_disable),
TEST_DECL(test_wolfSSL_CTX_ticket_API),
TEST_DECL(test_wolfSSL_SetTmpDH_file),
TEST_DECL(test_wolfSSL_SetTmpDH_buffer),
TEST_DECL(test_wolfSSL_SetMinMaxDhKey_Sz),
TEST_DECL(test_SetTmpEC_DHE_Sz),
TEST_DECL(test_wolfSSL_CTX_get0_privatekey),
#ifdef WOLFSSL_DTLS
TEST_DECL(test_wolfSSL_DtlsUpdateWindow),
TEST_DECL(test_wolfSSL_DTLS_fragment_buckets),
#endif
TEST_DECL(test_wolfSSL_dtls_set_mtu),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_dtls_plaintext),
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
TEST_DECL(test_wolfSSL_read_write),
/* Can't memory test as server hangs if client fails before second connect.
*/
TEST_DECL(test_wolfSSL_reuse_WOLFSSLobj),
TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_1),
TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_2),
TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_3),
TEST_DECL(test_wolfSSL_CTX_set_cipher_list),
/* Can't memory test as server hangs. */
TEST_DECL(test_wolfSSL_dtls_export),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_tls_export),
#endif
TEST_DECL(test_wolfSSL_dtls_export_peers),
TEST_DECL(test_wolfSSL_SetMinVersion),
TEST_DECL(test_wolfSSL_CTX_SetMinVersion),
/* wolfSSL handshake APIs. */
TEST_DECL(test_wolfSSL_CTX_get0_set1_param),
TEST_DECL(test_wolfSSL_a2i_IPADDRESS),
TEST_DECL(test_wolfSSL_BUF),
TEST_DECL(test_wolfSSL_set_tlsext_status_type),
/* Can't memory test as server hangs. */
TEST_DECL(test_wolfSSL_CTX_set_client_CA_list),
TEST_DECL(test_wolfSSL_CTX_add_client_CA),
TEST_DECL(test_wolfSSL_CTX_set_srp_username),
TEST_DECL(test_wolfSSL_CTX_set_srp_password),
TEST_DECL(test_wolfSSL_CTX_set_keylog_callback),
TEST_DECL(test_wolfSSL_CTX_get_keylog_callback),
TEST_DECL(test_wolfSSL_Tls12_Key_Logging_test),
/* Can't memory test as server hangs. */
TEST_DECL(test_wolfSSL_Tls13_Key_Logging_test),
TEST_DECL(test_wolfSSL_Tls13_postauth),
TEST_DECL(test_wolfSSL_set_ecdh_auto),
TEST_DECL(test_wolfSSL_CTX_set_ecdh_auto),
TEST_DECL(test_wolfSSL_set_minmax_proto_version),
TEST_DECL(test_wolfSSL_CTX_set_max_proto_version),
TEST_DECL(test_wolfSSL_THREADID_hash),
/* TLS extensions tests */
#ifdef HAVE_IO_TESTS_DEPENDENCIES
#ifdef HAVE_SNI
TEST_DECL(test_wolfSSL_UseSNI_params),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_UseSNI_connection),
TEST_DECL(test_wolfSSL_SNI_GetFromBuffer),
#endif /* HAVE_SNI */
#endif
TEST_DECL(test_wolfSSL_UseTrustedCA),
TEST_DECL(test_wolfSSL_UseMaxFragment),
TEST_DECL(test_wolfSSL_UseTruncatedHMAC),
TEST_DECL(test_wolfSSL_UseSupportedCurve),
#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_UseALPN_connection),
TEST_DECL(test_wolfSSL_UseALPN_params),
#endif
#ifdef HAVE_ALPN_PROTOS_SUPPORT
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_set_alpn_protos),
#endif
TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret),
TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation),
TEST_DECL(test_wolfSSL_SCR_Reconnect),
TEST_DECL(test_tls_ext_duplicate),
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
TEST_DECL(test_wolfSSL_Tls13_ECH_params),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_Tls13_ECH),
#endif
TEST_DECL(test_wolfSSL_X509_TLS_version_test_1),
TEST_DECL(test_wolfSSL_X509_TLS_version_test_2),
/* OCSP Stapling */
TEST_DECL(test_wolfSSL_UseOCSPStapling),
TEST_DECL(test_wolfSSL_UseOCSPStaplingV2),
TEST_DECL(test_self_signed_stapling),
/* Multicast */
TEST_DECL(test_wolfSSL_mcast),
TEST_DECL(test_wolfSSL_read_detect_TCP_disconnect),
TEST_DECL(test_wolfSSL_msgCb),
TEST_DECL(test_wolfSSL_either_side),
TEST_DECL(test_wolfSSL_DTLS_either_side),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_dtls_fragments),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_dtls_AEAD_limit),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_ignore_alert_before_cookie),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_dtls_bad_record),
/* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_dtls_stateless),
TEST_DECL(test_generate_cookie),
#ifndef NO_BIO
/* Can't memory test as server hangs. */
TEST_DECL(test_wolfSSL_BIO_connect),
/* Can't memory test as server Asserts in thread. */
TEST_DECL(test_wolfSSL_BIO_accept),
TEST_DECL(test_wolfSSL_BIO_tls),
TEST_DECL(test_wolfSSL_BIO_datagram),
#endif
#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
TEST_DECL(test_DhCallbacks),
#endif
#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
TEST_DECL(test_export_keying_material),
#endif
/* Can't memory test as client/server Asserts in thread. */
TEST_DECL(test_ticket_and_psk_mixing),
/* Can't memory test as client/server Asserts in thread. */
TEST_DECL(test_prioritize_psk),
/* Can't memory test as client/server hangs. */
TEST_DECL(test_wc_CryptoCb),
/* Can't memory test as client/server hangs. */
TEST_DECL(test_wolfSSL_CTX_StaticMemory),
#if !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
TEST_DECL(test_wolfSSL_dtls_stateless_resume),
#endif /* WOLFSSL_DTLS_NO_HVR_ON_RESUME */
#ifdef HAVE_MAX_FRAGMENT
TEST_DECL(test_wolfSSL_dtls_stateless_maxfrag),
#endif /* HAVE_MAX_FRAGMENT */
#ifndef NO_RSA
TEST_DECL(test_wolfSSL_dtls_stateless2),
#if !defined(NO_OLD_TLS)
TEST_DECL(test_wolfSSL_dtls_stateless_downgrade),
#endif /* !defined(NO_OLD_TLS) */
#endif /* ! NO_RSA */
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
* !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) */
TEST_DECL(test_wolfSSL_CTX_set_ciphersuites),
TEST_DECL(test_wolfSSL_CRL_CERT_REVOKED_alert),
TEST_DECL(test_TLS_13_ticket_different_ciphers),
TEST_DECL(test_WOLFSSL_dtls_version_alert),
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
TEST_DECL(test_ticket_nonce_malloc),
#endif
TEST_DECL(test_ticket_ret_create),
TEST_DECL(test_wrong_cs_downgrade),
TEST_DECL(test_extra_alerts_wrong_cs),
TEST_DECL(test_extra_alerts_skip_hs),
TEST_DECL(test_extra_alerts_bad_psk),
TEST_DECL(test_tls13_bad_psk_binder),
/* Can't memory test as client/server Asserts. */
TEST_DECL(test_harden_no_secure_renegotiation),
TEST_DECL(test_override_alt_cert_chain),
TEST_DECL(test_rpk_set_xxx_cert_type),
TEST_DECL(test_tls13_rpk_handshake),
TEST_DECL(test_dtls13_bad_epoch_ch),
TEST_DECL(test_short_session_id),
TEST_DECL(test_wolfSSL_dtls13_null_cipher),
/* Can't memory test as client/server hangs. */
TEST_DECL(test_dtls_msg_from_other_peer),
TEST_DECL(test_dtls_ipv6_check),
TEST_DECL(test_wolfSSL_SCR_after_resumption),
TEST_DECL(test_dtls_no_extensions),
TEST_DECL(test_tls_alert_no_server_hello),
TEST_DECL(test_TLSX_CA_NAMES_bad_extension),
TEST_DECL(test_dtls_1_0_hvr_downgrade),
TEST_DECL(test_session_ticket_no_id),
TEST_DECL(test_session_ticket_hs_update),
TEST_DECL(test_dtls_downgrade_scr_server),
TEST_DECL(test_dtls_downgrade_scr),
TEST_DECL(test_dtls_client_hello_timeout_downgrade),
TEST_DECL(test_dtls_client_hello_timeout),
TEST_DECL(test_dtls_dropped_ccs),
TEST_DECL(test_dtls_seq_num_downgrade),
TEST_DECL(test_certreq_sighash_algos),
TEST_DECL(test_revoked_loaded_int_cert),
TEST_DECL(test_dtls_frag_ch),
TEST_DECL(test_dtls13_frag_ch_pq),
TEST_DECL(test_dtls_empty_keyshare_with_cookie),
TEST_DECL(test_dtls_old_seq_number),
TEST_DECL(test_tls13_pq_groups),
TEST_DECL(test_tls13_early_data),
TEST_DECL(test_tls_multi_handshakes_one_record),
TEST_DECL(test_write_dup),
TEST_DECL(test_read_write_hs),
TEST_DECL(test_get_signature_nid),
TEST_DECL(test_tls_cert_store_unchanged),
TEST_DECL(test_wolfSSL_SendUserCanceled),
/* This test needs to stay at the end to clean up any caches allocated. */
TEST_DECL(test_wolfSSL_Cleanup)
};
#define TEST_CASE_CNT (int)(sizeof(testCases) / sizeof(*testCases))
static void TestSetup(void)
{
/* Stub, for now. Add common test setup code here. */
}
static void TestCleanup(void)
{
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
/* Clear any errors added to the error queue during the test run. */
wolfSSL_ERR_clear_error();
#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
}
/* Print out all API test cases with numeric identifier.
*/
void ApiTest_PrintTestCases(void)
{
int i;
printf("All Test Cases:\n");
for (i = 0; i < TEST_CASE_CNT; i++) {
printf("%3d: %s\n", i + 1, testCases[i].name);
}
}
/* Add test case with index to the list to run.
*
* @param [in] idx Index of test case to run starting at 1.
* @return 0 on success.
* @return BAD_FUNC_ARG when index is out of range of test case identifiers.
*/
int ApiTest_RunIdx(int idx)
{
if (idx < 1 || idx > TEST_CASE_CNT) {
printf("Index out of range (1 - %d): %d\n", TEST_CASE_CNT, idx);
return BAD_FUNC_ARG;
}
testAll = 0;
testCases[idx-1].run = 1;
return 0;
}
/* Add test case with name to the list to run.
*
* @param [in] name Name of test case to run.
* @return 0 on success.
* @return BAD_FUNC_ARG when name is not a known test case name.
*/
int ApiTest_RunName(char* name)
{
int i;
for (i = 0; i < TEST_CASE_CNT; i++) {
if (XSTRCMP(testCases[i].name, name) == 0) {
testAll = 0;
testCases[i].run = 1;
return 0;
}
}
printf("Test case name not found: %s\n", name);
printf("Use --list to see all test case names.\n");
return BAD_FUNC_ARG;
}
/* Converts the result code to a string.
*
* @param [in] res Test result code.
* @return String describing test result.
*/
static const char* apitest_res_string(int res)
{
const char* str = "invalid result";
switch (res) {
case TEST_SUCCESS:
str = "passed";
break;
case TEST_FAIL:
str = "failed";
break;
case TEST_SKIPPED:
str = "skipped";
break;
}
return str;
}
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
static double gettime_secs(void)
#if defined(_MSC_VER) && defined(_WIN32)
{
/* there's no gettimeofday for Windows, so we'll use system time */
#define EPOCH_DIFF 11644473600LL
FILETIME currentFileTime;
GetSystemTimePreciseAsFileTime(&currentFileTime);
ULARGE_INTEGER uli = { 0, 0 };
uli.LowPart = currentFileTime.dwLowDateTime;
uli.HighPart = currentFileTime.dwHighDateTime;
/* Convert to seconds since Unix epoch */
return (double)((uli.QuadPart - (EPOCH_DIFF * 10000000)) / 10000000.0);
}
#else
{
struct timeval tv;
LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
return (double)tv.tv_sec + (double)tv.tv_usec / 1000000.0;
}
#endif
#endif
int ApiTest(void)
{
int i;
int ret;
int res = 0;
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
double timeDiff;
#endif
printf(" Begin API Tests\n");
fflush(stdout);
/* we must perform init and cleanup if not all tests are running */
if (!testAll) {
#ifdef WOLFCRYPT_ONLY
if (wolfCrypt_Init() != 0) {
printf("wolfCrypt Initialization failed\n");
res = 1;
}
#else
if (wolfSSL_Init() != WOLFSSL_SUCCESS) {
printf("wolfSSL Initialization failed\n");
res = 1;
}
#endif
}
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
if (res == 0) {
if (create_tmp_dir(tmpDirName, sizeof(tmpDirName) - 1) == NULL) {
printf("failed to create tmp dir\n");
res = 1;
}
else {
tmpDirNameSet = 1;
}
}
#endif
if (res == 0) {
for (i = 0; i < TEST_CASE_CNT; ++i) {
EXPECT_DECLS;
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
currentTestName = testCases[i].name;
#endif
/* When not testing all cases then skip if not marked for running.
*/
if (!testAll && !testCases[i].run) {
continue;
}
TestSetup();
printf(" %3d: %-52s:", i + 1, testCases[i].name);
fflush(stdout);
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
timeDiff = gettime_secs();
#endif
ret = testCases[i].func();
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
timeDiff = gettime_secs() - timeDiff;
#endif
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
if (ret != TEST_SKIPPED) {
printf(" %s (%9.5lf)\n", apitest_res_string(ret), timeDiff);
}
else
#endif
{
printf(" %s\n", apitest_res_string(ret));
}
fflush(stdout);
/* if return code is < 0 and not skipped then assert error */
Expect((ret > 0 || ret == TEST_SKIPPED),
("Test failed\n"),
("ret %d", ret));
testCases[i].fail = ((ret <= 0) && (ret != TEST_SKIPPED));
res |= ((ret <= 0) && (ret != TEST_SKIPPED));
TestCleanup();
}
}
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \
&& (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE))
wc_ecc_fp_free(); /* free per thread cache */
#endif
if (!testAll) {
#ifdef WOLFCRYPT_ONLY
wolfCrypt_Cleanup();
#else
wolfSSL_Cleanup();
#endif
}
(void)testDevId;
if (res != 0) {
printf("\nFAILURES:\n");
for (i = 0; i < TEST_CASE_CNT; ++i) {
if (testCases[i].fail) {
printf(" %3d: %s\n", i + 1, testCases[i].name);
}
}
printf("\n");
fflush(stdout);
}
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
if (tmpDirNameSet) {
printf("\nBinary dumps of the memio streams can be found in the\n"
"%s directory. This can be imported into\n"
"Wireshark by transforming the file with\n"
"\tod -Ax -tx1 -v stream.dump > stream.dump.hex\n"
"And then loading test_output.dump.hex into Wireshark using\n"
"the \"Import from Hex Dump...\" option and selecting the\n"
"TCP encapsulation option.\n", tmpDirName);
}
#endif
printf(" End API Tests\n");
fflush(stdout);
return res;
}
Reference in New Issue View Git Blame Copy Permalink