VirtualBox

source: vbox/trunk/src/libs/openssl-3.0.2/test/enginetest.c@ 94403

最後變更 在這個檔案從94403是 94320,由 vboxsync 提交於 3 年 前

libs/openssl-3.0.1: Export to OSE and fix copyright headers in Makefiles, bugref:10128
檔案大小: 13.0 KB
 
1/*
2 * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/* We need to use some deprecated APIs */
11#define OPENSSL_SUPPRESS_DEPRECATED
12
13#include <stdio.h>
14#include <string.h>
15#include <stdlib.h>
16#include <openssl/e_os2.h>
17
18# include "testutil.h"
19
20#ifndef OPENSSL_NO_ENGINE
21# include <openssl/buffer.h>
22# include <openssl/crypto.h>
23# include <openssl/engine.h>
24# include <openssl/rsa.h>
25# include <openssl/err.h>
26# include <openssl/x509.h>
27
28static void display_engine_list(void)
29{
30 ENGINE *h;
31 int loop;
32
33 loop = 0;
34 for (h = ENGINE_get_first(); h != NULL; h = ENGINE_get_next(h)) {
35 TEST_info("#%d: id = \"%s\", name = \"%s\"",
36 loop++, ENGINE_get_id(h), ENGINE_get_name(h));
37 }
38
39 /*
40 * ENGINE_get_first() increases the struct_ref counter, so we must call
41 * ENGINE_free() to decrease it again
42 */
43 ENGINE_free(h);
44}
45
46#define NUMTOADD 512
47
48static int test_engines(void)
49{
50 ENGINE *block[NUMTOADD];
51 char *eid[NUMTOADD];
52 char *ename[NUMTOADD];
53 char buf[256];
54 ENGINE *ptr;
55 int loop;
56 int to_return = 0;
57 ENGINE *new_h1 = NULL;
58 ENGINE *new_h2 = NULL;
59 ENGINE *new_h3 = NULL;
60 ENGINE *new_h4 = NULL;
61
62 memset(block, 0, sizeof(block));
63 if (!TEST_ptr(new_h1 = ENGINE_new())
64 || !TEST_true(ENGINE_set_id(new_h1, "test_id0"))
65 || !TEST_true(ENGINE_set_name(new_h1, "First test item"))
66 || !TEST_ptr(new_h2 = ENGINE_new())
67 || !TEST_true(ENGINE_set_id(new_h2, "test_id1"))
68 || !TEST_true(ENGINE_set_name(new_h2, "Second test item"))
69 || !TEST_ptr(new_h3 = ENGINE_new())
70 || !TEST_true(ENGINE_set_id(new_h3, "test_id2"))
71 || !TEST_true(ENGINE_set_name(new_h3, "Third test item"))
72 || !TEST_ptr(new_h4 = ENGINE_new())
73 || !TEST_true(ENGINE_set_id(new_h4, "test_id3"))
74 || !TEST_true(ENGINE_set_name(new_h4, "Fourth test item")))
75 goto end;
76 TEST_info("Engines:");
77 display_engine_list();
78
79 if (!TEST_true(ENGINE_add(new_h1)))
80 goto end;
81 TEST_info("Engines:");
82 display_engine_list();
83
84 ptr = ENGINE_get_first();
85 if (!TEST_true(ENGINE_remove(ptr)))
86 goto end;
87 ENGINE_free(ptr);
88 TEST_info("Engines:");
89 display_engine_list();
90
91 if (!TEST_true(ENGINE_add(new_h3))
92 || !TEST_true(ENGINE_add(new_h2)))
93 goto end;
94 TEST_info("Engines:");
95 display_engine_list();
96
97 if (!TEST_true(ENGINE_remove(new_h2)))
98 goto end;
99 TEST_info("Engines:");
100 display_engine_list();
101
102 if (!TEST_true(ENGINE_add(new_h4)))
103 goto end;
104 TEST_info("Engines:");
105 display_engine_list();
106
107 /* Should fail. */
108 if (!TEST_false(ENGINE_add(new_h3)))
109 goto end;
110 ERR_clear_error();
111
112 /* Should fail. */
113 if (!TEST_false(ENGINE_remove(new_h2)))
114 goto end;
115 ERR_clear_error();
116
117 if (!TEST_true(ENGINE_remove(new_h3)))
118 goto end;
119 TEST_info("Engines:");
120 display_engine_list();
121
122 if (!TEST_true(ENGINE_remove(new_h4)))
123 goto end;
124 TEST_info("Engines:");
125 display_engine_list();
126
127 /*
128 * At this point, we should have an empty list, unless some hardware
129 * support engine got added. However, since we don't allow the config
130 * file to be loaded and don't otherwise load any built in engines,
131 * that is unlikely. Still, we check, if for nothing else, then to
132 * notify that something is a little off (and might mean that |new_h1|
133 * wasn't unloaded when it should have)
134 */
135 if ((ptr = ENGINE_get_first()) != NULL) {
136 if (!ENGINE_remove(ptr))
137 TEST_info("Remove failed - probably no hardware support present");
138 }
139 ENGINE_free(ptr);
140 TEST_info("Engines:");
141 display_engine_list();
142
143 if (!TEST_true(ENGINE_add(new_h1))
144 || !TEST_true(ENGINE_remove(new_h1)))
145 goto end;
146
147 TEST_info("About to beef up the engine-type list");
148 for (loop = 0; loop < NUMTOADD; loop++) {
149 sprintf(buf, "id%d", loop);
150 eid[loop] = OPENSSL_strdup(buf);
151 sprintf(buf, "Fake engine type %d", loop);
152 ename[loop] = OPENSSL_strdup(buf);
153 if (!TEST_ptr(block[loop] = ENGINE_new())
154 || !TEST_true(ENGINE_set_id(block[loop], eid[loop]))
155 || !TEST_true(ENGINE_set_name(block[loop], ename[loop])))
156 goto end;
157 }
158 for (loop = 0; loop < NUMTOADD; loop++) {
159 if (!TEST_true(ENGINE_add(block[loop]))) {
160 test_note("Adding stopped at %d, (%s,%s)",
161 loop, ENGINE_get_id(block[loop]),
162 ENGINE_get_name(block[loop]));
163 goto cleanup_loop;
164 }
165 }
166 cleanup_loop:
167 TEST_info("About to empty the engine-type list");
168 while ((ptr = ENGINE_get_first()) != NULL) {
169 if (!TEST_true(ENGINE_remove(ptr)))
170 goto end;
171 ENGINE_free(ptr);
172 }
173 for (loop = 0; loop < NUMTOADD; loop++) {
174 OPENSSL_free(eid[loop]);
175 OPENSSL_free(ename[loop]);
176 }
177 to_return = 1;
178
179 end:
180 ENGINE_free(new_h1);
181 ENGINE_free(new_h2);
182 ENGINE_free(new_h3);
183 ENGINE_free(new_h4);
184 for (loop = 0; loop < NUMTOADD; loop++)
185 ENGINE_free(block[loop]);
186 return to_return;
187}
188
189/* Test EVP_PKEY method */
190static EVP_PKEY_METHOD *test_rsa = NULL;
191
192static int called_encrypt = 0;
193
194/* Test function to check operation has been redirected */
195static int test_encrypt(EVP_PKEY_CTX *ctx, unsigned char *sig,
196 size_t *siglen, const unsigned char *tbs, size_t tbslen)
197{
198 called_encrypt = 1;
199 return 1;
200}
201
202static int test_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
203 const int **pnids, int nid)
204{
205 static const int rnid = EVP_PKEY_RSA;
206 if (pmeth == NULL) {
207 *pnids = &rnid;
208 return 1;
209 }
210
211 if (nid == EVP_PKEY_RSA) {
212 *pmeth = test_rsa;
213 return 1;
214 }
215
216 *pmeth = NULL;
217 return 0;
218}
219
220/* Return a test EVP_PKEY value */
221
222static EVP_PKEY *get_test_pkey(void)
223{
224 static unsigned char n[] =
225 "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
226 "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
227 "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
228 "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
229 "\xF5";
230 static unsigned char e[] = "\x11";
231
232 RSA *rsa = RSA_new();
233 EVP_PKEY *pk = EVP_PKEY_new();
234
235 if (rsa == NULL || pk == NULL || !EVP_PKEY_assign_RSA(pk, rsa)) {
236 RSA_free(rsa);
237 EVP_PKEY_free(pk);
238 return NULL;
239 }
240
241 if (!RSA_set0_key(rsa, BN_bin2bn(n, sizeof(n)-1, NULL),
242 BN_bin2bn(e, sizeof(e)-1, NULL), NULL)) {
243 EVP_PKEY_free(pk);
244 return NULL;
245 }
246
247 return pk;
248}
249
250static int test_redirect(void)
251{
252 const unsigned char pt[] = "Hello World\n";
253 unsigned char *tmp = NULL;
254 size_t len;
255 EVP_PKEY_CTX *ctx = NULL;
256 ENGINE *e = NULL;
257 EVP_PKEY *pkey = NULL;
258
259 int to_return = 0;
260
261 if (!TEST_ptr(pkey = get_test_pkey()))
262 goto err;
263
264 len = EVP_PKEY_get_size(pkey);
265 if (!TEST_ptr(tmp = OPENSSL_malloc(len)))
266 goto err;
267
268 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
269 goto err;
270 TEST_info("EVP_PKEY_encrypt test: no redirection");
271 /* Encrypt some data: should succeed but not be redirected */
272 if (!TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0)
273 || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0)
274 || !TEST_false(called_encrypt))
275 goto err;
276 EVP_PKEY_CTX_free(ctx);
277 ctx = NULL;
278
279 /* Create a test ENGINE */
280 if (!TEST_ptr(e = ENGINE_new())
281 || !TEST_true(ENGINE_set_id(e, "Test redirect engine"))
282 || !TEST_true(ENGINE_set_name(e, "Test redirect engine")))
283 goto err;
284
285 /*
286 * Try to create a context for this engine and test key.
287 * Try setting test key engine. Both should fail because the
288 * engine has no public key methods.
289 */
290 if (!TEST_ptr_null(ctx = EVP_PKEY_CTX_new(pkey, e))
291 || !TEST_int_le(EVP_PKEY_set1_engine(pkey, e), 0))
292 goto err;
293
294 /* Setup an empty test EVP_PKEY_METHOD and set callback to return it */
295 if (!TEST_ptr(test_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)))
296 goto err;
297 ENGINE_set_pkey_meths(e, test_pkey_meths);
298
299 /* Getting a context for test ENGINE should now succeed */
300 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, e)))
301 goto err;
302 /* Encrypt should fail because operation is not supported */
303 if (!TEST_int_le(EVP_PKEY_encrypt_init(ctx), 0))
304 goto err;
305 EVP_PKEY_CTX_free(ctx);
306 ctx = NULL;
307
308 /* Add test encrypt operation to method */
309 EVP_PKEY_meth_set_encrypt(test_rsa, 0, test_encrypt);
310
311 TEST_info("EVP_PKEY_encrypt test: redirection via EVP_PKEY_CTX_new()");
312 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, e)))
313 goto err;
314 /* Encrypt some data: should succeed and be redirected */
315 if (!TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0)
316 || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0)
317 || !TEST_true(called_encrypt))
318 goto err;
319
320 EVP_PKEY_CTX_free(ctx);
321 ctx = NULL;
322 called_encrypt = 0;
323
324 /* Create context with default engine: should not be redirected */
325 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL))
326 || !TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0)
327 || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0)
328 || !TEST_false(called_encrypt))
329 goto err;
330
331 EVP_PKEY_CTX_free(ctx);
332 ctx = NULL;
333
334 /* Set engine explicitly for test key */
335 if (!TEST_true(EVP_PKEY_set1_engine(pkey, e)))
336 goto err;
337
338 TEST_info("EVP_PKEY_encrypt test: redirection via EVP_PKEY_set1_engine()");
339
340 /* Create context with default engine: should be redirected now */
341 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL))
342 || !TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0)
343 || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0)
344 || !TEST_true(called_encrypt))
345 goto err;
346
347 to_return = 1;
348
349 err:
350 EVP_PKEY_CTX_free(ctx);
351 EVP_PKEY_free(pkey);
352 ENGINE_free(e);
353 OPENSSL_free(tmp);
354 return to_return;
355}
356
357static int test_x509_dup_w_engine(void)
358{
359 ENGINE *e = NULL;
360 X509 *cert = NULL, *dupcert = NULL;
361 X509_PUBKEY *pubkey, *duppubkey = NULL;
362 int ret = 0;
363 BIO *b = NULL;
364 RSA_METHOD *rsameth = NULL;
365
366 if (!TEST_ptr(b = BIO_new_file(test_get_argument(0), "r"))
367 || !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL)))
368 goto err;
369
370 /* Dup without an engine */
371 if (!TEST_ptr(dupcert = X509_dup(cert)))
372 goto err;
373 X509_free(dupcert);
374 dupcert = NULL;
375
376 if (!TEST_ptr(pubkey = X509_get_X509_PUBKEY(cert))
377 || !TEST_ptr(duppubkey = X509_PUBKEY_dup(pubkey))
378 || !TEST_ptr_ne(duppubkey, pubkey)
379 || !TEST_ptr_ne(X509_PUBKEY_get0(duppubkey), X509_PUBKEY_get0(pubkey)))
380 goto err;
381
382 X509_PUBKEY_free(duppubkey);
383 duppubkey = NULL;
384
385 X509_free(cert);
386 cert = NULL;
387
388 /* Create a test ENGINE */
389 if (!TEST_ptr(e = ENGINE_new())
390 || !TEST_true(ENGINE_set_id(e, "Test dummy engine"))
391 || !TEST_true(ENGINE_set_name(e, "Test dummy engine")))
392 goto err;
393
394 if (!TEST_ptr(rsameth = RSA_meth_dup(RSA_get_default_method())))
395 goto err;
396
397 ENGINE_set_RSA(e, rsameth);
398
399 if (!TEST_true(ENGINE_set_default_RSA(e)))
400 goto err;
401
402 if (!TEST_int_ge(BIO_seek(b, 0), 0)
403 || !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL)))
404 goto err;
405
406 /* Dup with an engine set on the key */
407 if (!TEST_ptr(dupcert = X509_dup(cert)))
408 goto err;
409
410 if (!TEST_ptr(pubkey = X509_get_X509_PUBKEY(cert))
411 || !TEST_ptr(duppubkey = X509_PUBKEY_dup(pubkey))
412 || !TEST_ptr_ne(duppubkey, pubkey)
413 || !TEST_ptr_ne(X509_PUBKEY_get0(duppubkey), X509_PUBKEY_get0(pubkey)))
414 goto err;
415
416 ret = 1;
417
418 err:
419 X509_free(cert);
420 X509_free(dupcert);
421 X509_PUBKEY_free(duppubkey);
422 if (e != NULL) {
423 ENGINE_unregister_RSA(e);
424 ENGINE_free(e);
425 }
426 RSA_meth_free(rsameth);
427 BIO_free(b);
428 return ret;
429}
430#endif
431
432int global_init(void)
433{
434 /*
435 * If the config file gets loaded, the dynamic engine will be loaded,
436 * and that interferes with our test above.
437 */
438 return OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL);
439}
440
441OPT_TEST_DECLARE_USAGE("certfile\n")
442
443int setup_tests(void)
444{
445#ifdef OPENSSL_NO_ENGINE
446 TEST_note("No ENGINE support");
447#else
448 int n;
449
450 if (!test_skip_common_options()) {
451 TEST_error("Error parsing test options\n");
452 return 0;
453 }
454
455 n = test_get_argument_count();
456 if (n == 0)
457 return 0;
458
459 ADD_TEST(test_engines);
460 ADD_TEST(test_redirect);
461 ADD_TEST(test_x509_dup_w_engine);
462#endif
463 return 1;
464}
注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette