diff options
author | Tomas Mraz <tomas@openssl.org> | 2023-11-01 18:39:32 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-11-23 17:08:26 +0100 |
commit | 4b5215998142c70a0e8f1a72d6fc06b6e3d69a5c (patch) | |
tree | 9af7395c703ac3f929181de577dda0c8d8845faa /test | |
parent | 21c20bceb5af3cd1152e6b93595d928b1a16f649 (diff) |
Add negative test for key length change
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 1aa08644ecd4005c0f55276b2e8dabd8a2a758f0)
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22613)
Diffstat (limited to 'test')
-rw-r--r-- | test/evp_extra_test.c | 74 |
1 files changed, 73 insertions, 1 deletions
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index d8e892a056..e8700ca8d1 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -4178,7 +4178,6 @@ static int test_ivlen_change(int idx) int outlen; int res = 0; unsigned char outbuf[1024]; - static const unsigned char iv[] = { 0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34 @@ -4222,6 +4221,77 @@ static int test_ivlen_change(int idx) return res; } +static const char *keylen_change_ciphers[] = { +#ifndef OPENSSL_NO_BF + "BF-ECB", +#endif +#ifndef OPENSSL_NO_CAST + "CAST5-ECB", +#endif +#ifndef OPENSSL_NO_RC2 + "RC2-ECB", +#endif +#ifndef OPENSSL_NO_RC4 + "RC4", +#endif +#ifndef OPENSSL_NO_RC5 + "RC5-ECB", +#endif + NULL +}; + +/* Negative test for keylen change after key was set */ +static int test_keylen_change(int idx) +{ + int outlen; + int res = 0; + unsigned char outbuf[1024]; + static const unsigned char key[] = { + 0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82, + 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34 + }; + EVP_CIPHER_CTX *ctx = NULL; + EVP_CIPHER *ciph = NULL; + OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; + size_t keylen = 12; /* non-default key length */ + + if (lgcyprov == NULL) + return TEST_skip("Test requires legacy provider to be loaded"); + + if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) + goto err; + + if (!TEST_ptr(ciph = EVP_CIPHER_fetch(testctx, keylen_change_ciphers[idx], + testpropq))) + goto err; + + if (!TEST_true(EVP_CipherInit_ex(ctx, ciph, NULL, key, NULL, 1))) + goto err; + + if (!TEST_true(EVP_CipherUpdate(ctx, outbuf, &outlen, gcmDefaultPlaintext, + sizeof(gcmDefaultPlaintext)))) + goto err; + + params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, + &keylen); + if (!TEST_true(EVP_CIPHER_CTX_set_params(ctx, params))) + goto err; + + ERR_set_mark(); + if (!TEST_false(EVP_CipherUpdate(ctx, outbuf, &outlen, gcmDefaultPlaintext, + sizeof(gcmDefaultPlaintext)))) { + ERR_clear_last_mark(); + goto err; + } + ERR_pop_to_mark(); + + res = 1; + err: + EVP_CIPHER_CTX_free(ctx); + EVP_CIPHER_free(ciph); + return res; +} + #ifndef OPENSSL_NO_DEPRECATED_3_0 static EVP_PKEY_METHOD *custom_pmeth = NULL; static const EVP_PKEY_METHOD *orig_pmeth = NULL; @@ -5276,6 +5346,8 @@ int setup_tests(void) ADD_ALL_TESTS(test_gcm_reinit, OSSL_NELEM(gcm_reinit_tests)); ADD_ALL_TESTS(test_evp_updated_iv, OSSL_NELEM(evp_updated_iv_tests)); ADD_ALL_TESTS(test_ivlen_change, OSSL_NELEM(ivlen_change_ciphers)); + if (OSSL_NELEM(keylen_change_ciphers) - 1 > 0) + ADD_ALL_TESTS(test_keylen_change, OSSL_NELEM(keylen_change_ciphers) - 1); #ifndef OPENSSL_NO_DEPRECATED_3_0 ADD_ALL_TESTS(test_custom_pmeth, 12); |