Google Git
Sign in
apache / apr / 6e2bbdf64bbec2df86e26bf5d64b4318fcdc993e / . / test / testcrypto.c
blob: 685a8507ad6a3414d98d5c0377f4007359840db4 [file] [log] [blame]
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "testutil.h"
#include "apr.h"
#include "apu.h"
#include "apu_errno.h"
#include "apr_pools.h"
#include "apr_dso.h"
#include "apr_crypto.h"
#include "apr_strings.h"
#include "apr_file_io.h"
#include "apr_thread_proc.h"
#if APU_HAVE_CRYPTO
#define TEST_STRING "12345"
#define ALIGNED_STRING "123456789012345"
static const apr_crypto_driver_t *get_driver(abts_case *tc, apr_pool_t *pool,
const char *name, const char *params)
{
const apr_crypto_driver_t *driver = NULL;
const apu_err_t *result = NULL;
apr_status_t rv;
rv = apr_crypto_init(pool);
ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS);
rv = apr_crypto_get_driver(&driver, name, params, &result, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc,
apr_psprintf(pool, "Crypto driver '%s' not implemented", (char *)name));
return NULL;
}
if (APR_EDSOOPEN == rv) {
ABTS_NOT_IMPL(tc,
apr_psprintf(pool, "Crypto driver '%s' DSO could not be opened", (char *)name));
return NULL;
}
if (APR_SUCCESS != rv && result) {
char err[1024];
apr_strerror(rv, err, sizeof(err) - 1);
fprintf(stderr, "get_driver error %d: %s: '%s' native error %d: %s (%s),",
rv, err, name, result->rc, result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, apr_psprintf(pool, "failed to apr_crypto_get_driver for '%s' with %d",
name, rv), rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_get_driver returned NULL", driver != NULL);
if (!driver || rv) {
return NULL;
}
return driver;
}
#if APU_HAVE_NSS
static const apr_crypto_driver_t *get_nss_driver(abts_case *tc,
apr_pool_t *pool)
{
/* initialise NSS */
return get_driver(tc, pool, "nss", "");
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_OPENSSL
static const apr_crypto_driver_t *get_openssl_driver(abts_case *tc,
apr_pool_t *pool)
{
return get_driver(tc, pool, "openssl", NULL);
}
#endif /* APU_HAVE_OPENSSL */
#if APU_HAVE_COMMONCRYPTO
static const apr_crypto_driver_t *get_commoncrypto_driver(abts_case *tc,
apr_pool_t *pool)
{
return get_driver(tc, pool, "commoncrypto", NULL);
}
#endif /* APU_HAVE_COMMONCRYPTO */
static apr_crypto_t *make(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver)
{
apr_crypto_t *f = NULL;
if (!driver) {
return NULL;
}
/* get the context */
apr_crypto_make(&f, driver, "engine=openssl", pool);
ABTS_ASSERT(tc, "apr_crypto_make returned NULL", f != NULL);
return f;
}
static const apr_crypto_key_t *keyhash(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
apr_crypto_block_key_digest_e digest, const char *description)
{
apr_crypto_key_t *key = NULL;
const apu_err_t *result = NULL;
apr_crypto_key_rec_t *rec = apr_crypto_key_rec_make(APR_CRYPTO_KTYPE_HASH,
pool);
apr_status_t rv;
if (!driver) {
return NULL;
}
if (!f) {
return NULL;
}
rec->k.hash.digest = digest;
/* init the key */
rv = apr_crypto_key(&key, rec, f, pool);
if (APR_ENOCIPHER == rv || APR_ENODIGEST == rv) {
apr_crypto_error(&result, f);
ABTS_NOT_IMPL(tc,
apr_psprintf(pool, "skipped: %s %s key return APR_ENOTIMPL: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""));
return NULL;
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "key: %s %s apr error %d / native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING",
rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE",
rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL);
}
if (rv) {
return NULL;
}
return key;
}
static const apr_crypto_key_t *keyhmac(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
apr_crypto_block_key_digest_e digest, apr_crypto_block_key_type_e type,
apr_crypto_block_key_mode_e mode, int doPad, apr_size_t secretLen,
const char *description)
{
apr_crypto_key_t *key = NULL;
const apu_err_t *result = NULL;
apr_crypto_key_rec_t *rec = apr_crypto_key_rec_make(APR_CRYPTO_KTYPE_HMAC,
pool);
apr_status_t rv;
if (!driver) {
return NULL;
}
if (!f) {
return NULL;
}
rec->type = type;
rec->mode = mode;
rec->pad = doPad;
rec->k.hmac.digest = digest;
rec->k.hmac.secret = apr_pcalloc(pool, secretLen);
rec->k.hmac.secretLen = secretLen;
/* init the key */
rv = apr_crypto_key(&key, rec, f, pool);
if (APR_ENOCIPHER == rv || APR_ENODIGEST == rv) {
apr_crypto_error(&result, f);
ABTS_NOT_IMPL(tc,
apr_psprintf(pool, "skipped: %s %s key return APR_ENOTIMPL: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""));
return NULL;
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "key: %s %s apr error %d / native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING",
rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE",
rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL);
}
if (rv) {
return NULL;
}
return key;
}
static const apr_crypto_key_t *keysecret(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode,
int doPad, apr_size_t secretLen, const char *description)
{
apr_crypto_key_t *key = NULL;
const apu_err_t *result = NULL;
apr_crypto_key_rec_t *rec = apr_crypto_key_rec_make(APR_CRYPTO_KTYPE_SECRET,
pool);
apr_status_t rv;
if (!driver) {
return NULL;
}
if (!f) {
return NULL;
}
rec->type = type;
rec->mode = mode;
rec->pad = doPad;
rec->k.secret.secret = apr_pcalloc(pool, secretLen);
rec->k.secret.secretLen = secretLen;
/* init the passphrase */
rv = apr_crypto_key(&key, rec, f, pool);
if (APR_ENOCIPHER == rv) {
apr_crypto_error(&result, f);
ABTS_NOT_IMPL(tc,
apr_psprintf(pool, "skipped: %s %s key return APR_ENOCIPHER: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""));
return NULL;
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "key: %s %s apr error %d / native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING",
rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE",
rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL);
}
if (rv) {
return NULL;
}
return key;
}
static const apr_crypto_key_t *passphrase(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode,
int doPad, const char *description)
{
apr_crypto_key_t *key = NULL;
const apu_err_t *result = NULL;
const char *pass = "secret";
const char *salt = "salt";
apr_status_t rv;
if (!driver) {
return NULL;
}
if (!f) {
return NULL;
}
/* init the passphrase */
rv = apr_crypto_passphrase(&key, NULL, pass, strlen(pass),
(unsigned char *) salt, strlen(salt), type, mode, doPad, 4096, f,
pool);
if (APR_ENOCIPHER == rv) {
apr_crypto_error(&result, f);
ABTS_NOT_IMPL(tc, apr_psprintf(pool,
"skipped: %s %s passphrase return APR_ENOCIPHER: error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "", result->msg ? result->msg : ""));
return NULL;
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "passphrase: %s %s apr error %d / native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_passphrase returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_passphrase returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_passphrase returned APR_EKEYTYPE", rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "failed to apr_crypto_passphrase", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_passphrase returned NULL context", key != NULL);
}
if (rv) {
return NULL;
}
return key;
}
static const apr_crypto_key_t *keypassphrase(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode,
int doPad, const char *description)
{
apr_crypto_key_t *key = NULL;
const apu_err_t *result = NULL;
const char *pass = "secret";
const char *salt = "salt";
apr_crypto_key_rec_t *rec = apr_pcalloc(pool, sizeof(apr_crypto_key_rec_t));
apr_status_t rv;
if (!driver) {
return NULL;
}
if (!f) {
return NULL;
}
rec->ktype = APR_CRYPTO_KTYPE_PASSPHRASE;
rec->type = type;
rec->mode = mode;
rec->pad = doPad;
rec->k.passphrase.pass = pass;
rec->k.passphrase.passLen = strlen(pass);
rec->k.passphrase.salt = (unsigned char *)salt;
rec->k.passphrase.saltLen = strlen(salt);
rec->k.passphrase.iterations = 4096;
/* init the passphrase */
rv = apr_crypto_key(&key, rec, f, pool);
if (APR_ENOCIPHER == rv) {
apr_crypto_error(&result, f);
ABTS_NOT_IMPL(tc, apr_psprintf(pool,
"skipped: %s %s key passphrase return APR_ENOCIPHER: error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "", result->msg ? result->msg : ""));
return NULL;
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "key passphrase: %s %s apr error %d / native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE", rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL);
}
if (rv) {
return NULL;
}
return key;
}
static unsigned char *encrypt_block(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
const apr_crypto_key_t *key, const unsigned char *in,
const apr_size_t inlen, unsigned char **cipherText,
apr_size_t *cipherTextLen, const unsigned char **iv,
apr_size_t *blockSize, const char *description)
{
apr_crypto_block_t *block = NULL;
const apu_err_t *result = NULL;
apr_size_t len = 0;
apr_status_t rv;
if (!driver || !f || !key || !in) {
return NULL;
}
/* init the encryption */
rv = apr_crypto_block_encrypt_init(&block, iv, key, blockSize, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_block_encrypt_init returned APR_ENOTIMPL");
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"encrypt_init: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_ENOKEY",
rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_ENOIV",
rv != APR_ENOIV);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_EKEYTYPE",
rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_EKEYLENGTH",
rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc,
"apr_crypto_block_encrypt_init returned APR_ENOTENOUGHENTROPY",
rv != APR_ENOTENOUGHENTROPY);
ABTS_ASSERT(tc, "failed to apr_crypto_block_encrypt_init",
rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned NULL context",
block != NULL);
}
if (!block || rv) {
return NULL;
}
/* encrypt the block */
rv = apr_crypto_block_encrypt(cipherText, cipherTextLen, in, inlen, block);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "encrypt: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_block_encrypt returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "failed to apr_crypto_block_encrypt", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt failed to allocate buffer", *cipherText != NULL);
if (rv) {
return NULL;
}
/* finalise the encryption */
rv = apr_crypto_block_encrypt_finish(*cipherText + *cipherTextLen, &len,
block);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"encrypt_finish: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_finish returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_finish returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_block_encrypt_finish returned APR_ENOSPACE", rv != APR_ENOSPACE);
ABTS_ASSERT(tc, "failed to apr_crypto_block_encrypt_finish", rv == APR_SUCCESS);
*cipherTextLen += len;
apr_crypto_block_cleanup(block);
if (rv) {
return NULL;
}
return *cipherText;
}
static unsigned char *decrypt_block(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
const apr_crypto_key_t *key, unsigned char *cipherText,
apr_size_t cipherTextLen, unsigned char **plainText,
apr_size_t *plainTextLen, const unsigned char *iv,
apr_size_t *blockSize, const char *description)
{
apr_crypto_block_t *block = NULL;
const apu_err_t *result = NULL;
apr_size_t len = 0;
apr_status_t rv;
if (!driver || !f || !key || !cipherText) {
return NULL;
}
/* init the decryption */
rv = apr_crypto_block_decrypt_init(&block, blockSize, iv, key, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_block_decrypt_init returned APR_ENOTIMPL");
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"decrypt_init: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_ENOIV", rv != APR_ENOIV);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc, "failed to apr_crypto_block_decrypt_init", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned NULL context", block != NULL);
}
if (!block || rv) {
return NULL;
}
/* decrypt the block */
rv = apr_crypto_block_decrypt(plainText, plainTextLen, cipherText,
cipherTextLen, block);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "decrypt: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_block_decrypt returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "failed to apr_crypto_block_decrypt", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt failed to allocate buffer", *plainText != NULL);
if (rv) {
return NULL;
}
/* finalise the decryption */
rv = apr_crypto_block_decrypt_finish(*plainText + *plainTextLen, &len,
block);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"decrypt_finish: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_finish returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_finish returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_block_decrypt_finish returned APR_ENOSPACE", rv != APR_ENOSPACE);
ABTS_ASSERT(tc, "failed to apr_crypto_block_decrypt_finish", rv == APR_SUCCESS);
if (rv) {
return NULL;
}
*plainTextLen += len;
apr_crypto_block_cleanup(block);
return *plainText;
}
static apr_status_t sign_block(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
const apr_crypto_key_t *key, const unsigned char *in,
const apr_size_t inlen, unsigned char **signature,
apr_size_t *signatureLen,
apr_size_t *blockSize, const char *description)
{
apr_crypto_digest_t *digest = NULL;
const apu_err_t *result = NULL;
apr_crypto_digest_rec_t *rec = apr_crypto_digest_rec_make(
APR_CRYPTO_DTYPE_SIGN, pool);
apr_status_t rv;
if (!driver || !f || !key || !in) {
return APR_EGENERAL;
}
/* init the signature */
rv = apr_crypto_digest_init(&digest, key, rec, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_digest_init returned APR_ENOTIMPL");
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"sign_init: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOKEY",
rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOIV",
rv != APR_ENOIV);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYTYPE",
rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYLENGTH",
rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc,
"apr_crypto_digest_init returned APR_ENOTENOUGHENTROPY",
rv != APR_ENOTENOUGHENTROPY);
ABTS_ASSERT(tc, "failed to apr_crypto_digest_init",
rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned NULL context",
digest != NULL);
}
if (!digest || rv) {
return rv;
}
/* sign the block */
rv = apr_crypto_digest_update(digest, in, inlen);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "sign: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "failed to apr_crypto_digest", rv == APR_SUCCESS);
if (rv) {
return rv;
}
/* finalise the sign */
rv = apr_crypto_digest_final(digest);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"sign_finish: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ENOSPACE", rv != APR_ENOSPACE);
ABTS_ASSERT(tc, "failed to apr_crypto_digest_final", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_digest_final failed to allocate buffer", rec->d.sign.s != NULL);
apr_crypto_digest_cleanup(digest);
*signature = rec->d.sign.s;
*signatureLen = rec->d.sign.slen;
return rv;
}
static apr_status_t hash_block(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
const apr_crypto_key_t *key, const unsigned char *in,
const apr_size_t inlen, unsigned char **hash,
apr_size_t *hashLen,
apr_size_t *blockSize, const char *description)
{
apr_crypto_digest_t *digest = NULL;
const apu_err_t *result = NULL;
apr_crypto_digest_rec_t *rec = apr_crypto_digest_rec_make(
APR_CRYPTO_DTYPE_HASH, pool);
apr_status_t rv;
if (!driver || !f || !key || !in) {
return APR_EGENERAL;
}
rec->d.hash.digest = APR_CRYPTO_DIGEST_SHA256;
/* init the signature */
rv = apr_crypto_digest_init(&digest, key, rec, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_digest_init returned APR_ENOTIMPL");
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"sign_init: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOKEY",
rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOIV",
rv != APR_ENOIV);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYTYPE",
rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYLENGTH",
rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc,
"apr_crypto_digest_init returned APR_ENOTENOUGHENTROPY",
rv != APR_ENOTENOUGHENTROPY);
ABTS_ASSERT(tc, "failed to apr_crypto_digest_init",
rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned NULL context",
digest != NULL);
}
if (!digest || rv) {
return rv;
}
/* sign the block */
rv = apr_crypto_digest_update(digest, in, inlen);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "sign: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "failed to apr_crypto_digest", rv == APR_SUCCESS);
if (rv) {
return rv;
}
/* finalise the sign */
rv = apr_crypto_digest_final(digest);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"sign_finish: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ENOSPACE", rv != APR_ENOSPACE);
ABTS_ASSERT(tc, "failed to apr_crypto_digest_final", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_digest_final failed to allocate buffer", rec->d.hash.s != NULL);
apr_crypto_digest_cleanup(digest);
*hash = rec->d.hash.s;
*hashLen = rec->d.hash.slen;
return rv;
}
static apr_status_t verify_block(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t *driver, const apr_crypto_t *f,
const apr_crypto_key_t *key, const unsigned char *in,
apr_size_t inlen, const unsigned char *signature,
apr_size_t signatureLen,
apr_size_t *blockSize, const char *description)
{
apr_crypto_digest_t *digest = NULL;
const apu_err_t *result = NULL;
apr_crypto_digest_rec_t *rec = apr_crypto_digest_rec_make(
APR_CRYPTO_DTYPE_VERIFY, pool);
apr_status_t rv;
if (!driver || !f || !key || !in || !signature) {
return APR_EGENERAL;
}
rec->d.verify.v = signature;
rec->d.verify.vlen = signatureLen;
/* init the decryption */
rv = apr_crypto_digest_init(&digest, key, rec, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_digest_init returned APR_ENOTIMPL");
}
else {
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"digest_init: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOKEY", rv != APR_ENOKEY);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOIV", rv != APR_ENOIV);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH);
ABTS_ASSERT(tc, "failed to apr_crypto_digest_init", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_digest_init returned NULL context", digest != NULL);
}
if (!digest || rv) {
return APR_EGENERAL;
}
/* decrypt the block */
rv = apr_crypto_digest_update(digest, in, inlen);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr, "decrypt: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "failed to apr_crypto_digest", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_digest failed to allocate buffer", signature != NULL);
if (rv) {
return APR_EGENERAL;
}
/* finalise the decryption */
rv = apr_crypto_digest_final(digest);
if (APR_SUCCESS != rv) {
apr_crypto_error(&result, f);
fprintf(stderr,
"verify_finish: %s %s (APR %d) native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), rv, result->rc,
result->reason ? result->reason : "",
result->msg ? result->msg : "");
}
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ECRYPT", rv != APR_ECRYPT);
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_EPADDING", rv != APR_EPADDING);
ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ENOSPACE", rv != APR_ENOSPACE);
ABTS_ASSERT(tc, "failed to apr_crypto_digest_final", rv == APR_SUCCESS);
apr_crypto_digest_cleanup(digest);
return rv;
}
/**
* Interoperability test.
*
* data must point at an array of two driver structures. Data will be encrypted
* with the first driver, and decrypted with the second.
*
* If the two drivers interoperate, the test passes.
*/
static void crypto_block_cross(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t **drivers,
const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, int doPad,
const unsigned char *in, apr_size_t inlen, apr_size_t secretLen,
const char *description)
{
const apr_crypto_driver_t *driver1 = drivers[0];
const apr_crypto_driver_t *driver2 = drivers[1];
apr_crypto_t *f1 = NULL;
apr_crypto_t *f2 = NULL;
const apr_crypto_key_t *key1 = NULL;
const apr_crypto_key_t *key2 = NULL;
const apr_crypto_key_t *key3 = NULL;
const apr_crypto_key_t *key4 = NULL;
const apr_crypto_key_t *key5 = NULL;
const apr_crypto_key_t *key6 = NULL;
unsigned char *cipherText = NULL;
apr_size_t cipherTextLen = 0;
unsigned char *plainText = NULL;
apr_size_t plainTextLen = 0;
const unsigned char *iv = NULL;
apr_size_t blockSize = 0;
f1 = make(tc, pool, driver1);
f2 = make(tc, pool, driver2);
key1 = passphrase(tc, pool, driver1, f1, type, mode, doPad, description);
key2 = passphrase(tc, pool, driver2, f2, type, mode, doPad, description);
cipherText = encrypt_block(tc, pool, driver1, f1, key1, in, inlen,
&cipherText, &cipherTextLen, &iv, &blockSize, description);
plainText = decrypt_block(tc, pool, driver2, f2, key2, cipherText,
cipherTextLen, &plainText, &plainTextLen, iv, &blockSize,
description);
if (cipherText && plainText) {
if (memcmp(in, plainText, inlen)) {
fprintf(stderr, "passphrase cross mismatch: %s %s/%s\n", description,
apr_crypto_driver_name(driver1), apr_crypto_driver_name(
driver2));
}
ABTS_STR_EQUAL(tc, (char *)in, (char *)plainText);
}
key3 = keysecret(tc, pool, driver1, f1, type, mode, doPad, secretLen, description);
key4 = keysecret(tc, pool, driver2, f2, type, mode, doPad, secretLen, description);
iv = NULL;
blockSize = 0;
cipherText = NULL;
plainText = NULL;
cipherText = encrypt_block(tc, pool, driver1, f1, key3, in, inlen,
&cipherText, &cipherTextLen, &iv, &blockSize, description);
plainText = decrypt_block(tc, pool, driver2, f2, key4, cipherText,
cipherTextLen, &plainText, &plainTextLen, iv, &blockSize,
description);
if (cipherText && plainText) {
if (memcmp(in, plainText, inlen)) {
fprintf(stderr, "key secret cross mismatch: %s %s/%s\n", description,
apr_crypto_driver_name(driver1), apr_crypto_driver_name(
driver2));
}
ABTS_STR_EQUAL(tc, (char *)in, (char *)plainText);
}
key5 = keypassphrase(tc, pool, driver1, f1, type, mode, doPad, description);
key6 = keypassphrase(tc, pool, driver2, f2, type, mode, doPad, description);
iv = NULL;
blockSize = 0;
cipherText = NULL;
plainText = NULL;
cipherText = encrypt_block(tc, pool, driver1, f1, key5, in, inlen,
&cipherText, &cipherTextLen, &iv, &blockSize, description);
plainText = decrypt_block(tc, pool, driver2, f2, key6, cipherText,
cipherTextLen, &plainText, &plainTextLen, iv, &blockSize,
description);
if (cipherText && plainText) {
if (memcmp(in, plainText, inlen)) {
fprintf(stderr, "key passphrase cross mismatch: %s %s/%s\n", description,
apr_crypto_driver_name(driver1), apr_crypto_driver_name(
driver2));
}
ABTS_STR_EQUAL(tc, (char *)in, (char *)plainText);
}
}
/**
* Interoperability test.
*
* data must point at an array of two driver structures. Data will be signed
* with the first driver, and verified with the second.
*
* If the two drivers interoperate, the test passes.
*/
static void crypto_cross_hash(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t **drivers,
const apr_crypto_block_key_digest_e digest,
const unsigned char *in, apr_size_t inlen,
const char *description)
{
const apr_crypto_driver_t *driver1 = drivers[0];
const apr_crypto_driver_t *driver2 = drivers[1];
apr_crypto_t *f1 = NULL;
apr_crypto_t *f2 = NULL;
const apr_crypto_key_t *key7 = NULL;
const apr_crypto_key_t *key8 = NULL;
apr_size_t blockSize = 0;
unsigned char *hash1 = NULL;
unsigned char *hash2 = NULL;
apr_size_t hash1Len = 0;
apr_size_t hash2Len = 0;
apr_status_t rv;
f1 = make(tc, pool, driver1);
f2 = make(tc, pool, driver2);
key7 = keyhash(tc, pool, driver1, f1, digest, description);
key8 = keyhash(tc, pool, driver2, f2, digest, description);
blockSize = 0;
rv = hash_block(tc, pool, driver1, f1, key7, in, inlen,
&hash1, &hash1Len, &blockSize, description);
if (APR_SUCCESS != rv && driver1 && driver2) {
fprintf(stderr, "key hash cross error %d: %s %s/%s\n", rv, description,
apr_crypto_driver_name(driver1),
apr_crypto_driver_name(driver2));
}
rv = hash_block(tc, pool, driver2, f2, key8, in,
inlen, &hash2, &hash2Len, &blockSize,
description);
if (APR_SUCCESS != rv && driver1 && driver2) {
fprintf(stderr, "key hash cross error %d: %s %s/%s\n", rv, description,
apr_crypto_driver_name(driver1),
apr_crypto_driver_name(driver2));
}
if (driver1 && driver2
&& (!hash1 || !hash2 || hash1Len != hash2Len
|| memcmp(hash1, hash2, hash1Len))) {
fprintf(stderr, "key hash cross mismatch (hash): %s %s/%s\n", description,
apr_crypto_driver_name(driver1),
apr_crypto_driver_name(driver2));
}
}
/**
* Interoperability test.
*
* data must point at an array of two driver structures. Data will be signed
* with the first driver, and verified with the second.
*
* If the two drivers interoperate, the test passes.
*/
static void crypto_cross_sign(abts_case *tc, apr_pool_t *pool,
const apr_crypto_driver_t **drivers,
const apr_crypto_block_key_digest_e digest,
const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, int doPad,
const unsigned char *in, apr_size_t inlen, apr_size_t secretLen,
const char *description)
{
const apr_crypto_driver_t *driver1 = drivers[0];
const apr_crypto_driver_t *driver2 = drivers[1];
apr_crypto_t *f1 = NULL;
apr_crypto_t *f2 = NULL;
const apr_crypto_key_t *key7 = NULL;
const apr_crypto_key_t *key8 = NULL;
apr_size_t blockSize = 0;
unsigned char *signature = NULL;
apr_size_t signatureLen = 0;
apr_status_t rv;
f1 = make(tc, pool, driver1);
f2 = make(tc, pool, driver2);
key7 = keyhmac(tc, pool, driver1, f1, digest, type, mode, doPad, secretLen,
description);
key8 = keyhmac(tc, pool, driver2, f2, digest, type, mode, doPad, secretLen,
description);
blockSize = 0;
rv = sign_block(tc, pool, driver1, f1, key7, in, inlen,
&signature, &signatureLen, &blockSize, description);
if (APR_SUCCESS != rv && driver1 && driver2) {
fprintf(stderr, "key hmac cross mismatch (sign): %s %s/%s\n", description,
apr_crypto_driver_name(driver1),
apr_crypto_driver_name(driver2));
}
rv = verify_block(tc, pool, driver2, f2, key8, in,
inlen, signature, signatureLen, &blockSize,
description);
if (APR_SUCCESS != rv && driver1 && driver2) {
fprintf(stderr, "key hmac cross mismatch (verify): %s %s/%s\n", description,
apr_crypto_driver_name(driver1),
apr_crypto_driver_name(driver2));
}
}
/**
* Test initialisation.
*/
static void test_crypto_init(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
apr_status_t rv;
apr_pool_create(&pool, NULL);
rv = apr_crypto_init(apr_pool_parent_get(pool));
ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS);
apr_pool_destroy(pool);
}
#if APU_HAVE_OPENSSL
/**
* Simple test of OpenSSL key.
*/
static void test_crypto_key_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f = NULL;
apr_pool_create(&pool, NULL);
driver = get_openssl_driver(tc, pool);
f = make(tc, pool, driver);
keysecret(tc, pool, driver, f, APR_KEY_AES_256, APR_MODE_CBC, 1, 32,
"KEY_AES_256/MODE_CBC");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_OPENSSL */
#if APU_HAVE_NSS
/**
* Simple test of NSS key.
*/
static void test_crypto_key_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f = NULL;
apr_pool_create(&pool, NULL);
driver = get_nss_driver(tc, pool);
f = make(tc, pool, driver);
keysecret(tc, pool, driver, f, APR_KEY_AES_256, APR_MODE_CBC, 1, 32,
"KEY_AES_256/MODE_CBC");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Simple test of CommonCrypto key.
*/
static void test_crypto_key_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f = NULL;
apr_pool_create(&pool, NULL);
driver = get_commoncrypto_driver(tc, pool);
f = make(tc, pool, driver);
keysecret(tc, pool, driver, f, APR_KEY_AES_256, APR_MODE_CBC, 1, 32,
"KEY_AES_256/MODE_CBC");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
#if APU_HAVE_OPENSSL
/**
* Simple test of OpenSSL block crypt.
*/
static void test_crypto_block_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0,
in, inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Simple test of OpenSSL block signatures.
*/
static void test_crypto_digest_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_3DES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_OPENSSL */
#if APU_HAVE_NSS
/**
* Simple test of NSS block crypt.
*/
static void test_crypto_block_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_nss_driver(tc, pool);
drivers[1] = get_nss_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 0, in, inlen, "KEY_3DES_192/MODE_ECB"); */
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Simple test of NSS block sign/verify.
*/
static void test_crypto_digest_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_nss_driver(tc, pool);
drivers[1] = get_nss_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, KEY_3DES_192, MODE_ECB, 0, in, inlen, "KEY_3DES_192/MODE_ECB"); */
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Simple test of Common Crypto block crypt.
*/
static void test_crypto_block_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_commoncrypto_driver(tc, pool);
drivers[1] = get_commoncrypto_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0,
in, inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Simple test of Common Crypto block sign.
*/
static void test_crypto_digest_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_commoncrypto_driver(tc, pool);
drivers[1] = get_commoncrypto_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_3DES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
#if APU_HAVE_OPENSSL
#if APU_HAVE_NSS
/**
* Encrypt NSS, decrypt OpenSSL.
*/
static void test_crypto_block_nss_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_nss_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Encrypt OpenSSL, decrypt NSS.
*/
static void test_crypto_block_openssl_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_nss_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Sign NSS, verify OpenSSL.
*/
static void test_crypto_digest_nss_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_nss_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_3DES_192/MODE_ECB");*/
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
/**
* Sign OpenSSL, verify NSS.
*/
static void test_crypto_digest_openssl_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_nss_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_3DES_192/MODE_ECB");*/
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Encrypt OpenSSL, decrypt CommonCrypto.
*/
static void test_crypto_block_openssl_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] =
{ NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_commoncrypto_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Sign OpenSSL, verify CommonCrypto.
*/
static void test_crypto_digest_openssl_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_commoncrypto_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_3DES_192/MODE_ECB");*/
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
/**
* Encrypt OpenSSL, decrypt CommonCrypto.
*/
static void test_crypto_block_commoncrypto_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] =
{ NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_commoncrypto_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Sign OpenSSL, verify CommonCrypto.
*/
static void test_crypto_digest_commoncrypto_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) ALIGNED_STRING;
apr_size_t inlen = sizeof(ALIGNED_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_commoncrypto_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_3DES_192/MODE_ECB");*/
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32,
"KEY_AES_256/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32,
"KEY_AES_256/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24,
"KEY_AES_192/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24,
"KEY_AES_192/MODE_ECB");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16,
"KEY_AES_128/MODE_CBC");
crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256,
APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16,
"KEY_AES_128/MODE_ECB");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen,
"DIGEST MD5");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen,
"DIGEST SHA1");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen,
"DIGEST SHA224");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen,
"DIGEST SHA256");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen,
"DIGEST SHA384");
crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen,
"DIGEST SHA512");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
/**
* Simple test of OpenSSL block crypt.
*/
static void test_crypto_block_openssl_pad(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1,
in, inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_OPENSSL */
#if APU_HAVE_NSS
/**
* Simple test of NSS block crypt.
*/
static void test_crypto_block_nss_pad(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] =
{ NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_nss_driver(tc, pool);
drivers[1] = get_nss_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
/* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, KEY_AES_256, MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB");*/
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
/* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, KEY_AES_192, MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB");*/
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
/* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, KEY_AES_128, MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB");*/
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Simple test of Common Crypto block crypt.
*/
static void test_crypto_block_commoncrypto_pad(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_commoncrypto_driver(tc, pool);
drivers[1] = get_commoncrypto_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1,
in, inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
#if APU_HAVE_OPENSSL
#if APU_HAVE_NSS
/**
* Encrypt NSS, decrypt OpenSSL.
*/
static void test_crypto_block_nss_openssl_pad(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_nss_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
/* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, KEY_AES_256, MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB");*/
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
/* KEY_AES_192 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_AES_192/MODE_ECB");*/
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
/* KEY_AES_192 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in,
inlen, 16, "KEY_AES_128/MODE_ECB");*/
apr_pool_destroy(pool);
}
/**
* Encrypt OpenSSL, decrypt NSS.
*/
static void test_crypto_block_openssl_nss_pad(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] = { NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_nss_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1,
in, inlen, 24, "KEY_3DES_192/MODE_CBC");
/* KEY_3DES_192 / MODE_ECB doesn't work on NSS */
/* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
/* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, KEY_AES_256, MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB");*/
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen,
24, "KEY_AES_192/MODE_CBC");
/* KEY_AES_192 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen,
24, "KEY_AES_192/MODE_ECB");*/
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen,
16, "KEY_AES_128/MODE_CBC");
/* KEY_AES_128 / MODE_ECB doesn't support padding on NSS */
/*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen,
16, "KEY_AES_128/MODE_ECB");*/
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Encrypt CommonCrypto, decrypt OpenSSL.
*/
static void test_crypto_block_commoncrypto_openssl_pad(abts_case *tc,
void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] =
{ NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_commoncrypto_driver(tc, pool);
drivers[1] = get_openssl_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
/**
* Encrypt OpenSSL, decrypt CommonCrypto.
*/
static void test_crypto_block_openssl_commoncrypto_pad(abts_case *tc,
void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *drivers[] =
{ NULL, NULL };
const unsigned char *in = (const unsigned char *) TEST_STRING;
apr_size_t inlen = sizeof(TEST_STRING);
apr_pool_create(&pool, NULL);
drivers[0] = get_openssl_driver(tc, pool);
drivers[1] = get_commoncrypto_driver(tc, pool);
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_3DES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_3DES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in,
inlen, 32, "KEY_AES_256/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in,
inlen, 32, "KEY_AES_256/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in,
inlen, 24, "KEY_AES_192/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in,
inlen, 24, "KEY_AES_192/MODE_ECB");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in,
inlen, 16, "KEY_AES_128/MODE_CBC");
crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in,
inlen, 16, "KEY_AES_128/MODE_ECB");
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
/**
* Get Types, OpenSSL.
*/
static void test_crypto_get_block_key_types_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f;
apr_hash_t *types;
int *key_3des_192;
int *key_aes_128;
int *key_aes_192;
int *key_aes_256;
apr_pool_create(&pool, NULL);
driver = get_openssl_driver(tc, pool);
if (driver) {
f = make(tc, pool, driver);
apr_crypto_get_block_key_types(&types, f);
key_3des_192 = apr_hash_get(types, "3des192", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_3des_192);
ABTS_INT_EQUAL(tc, *key_3des_192, APR_KEY_3DES_192);
key_aes_128 = apr_hash_get(types, "aes128", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_128);
ABTS_INT_EQUAL(tc, *key_aes_128, APR_KEY_AES_128);
key_aes_192 = apr_hash_get(types, "aes192", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_192);
ABTS_INT_EQUAL(tc, *key_aes_192, APR_KEY_AES_192);
key_aes_256 = apr_hash_get(types, "aes256", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_256);
ABTS_INT_EQUAL(tc, *key_aes_256, APR_KEY_AES_256);
}
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_OPENSSL */
#if APU_HAVE_NSS
/**
* Get Types, NSS.
*/
static void test_crypto_get_block_key_types_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f;
apr_hash_t *types;
int *key_3des_192;
int *key_aes_128;
int *key_aes_192;
int *key_aes_256;
apr_pool_create(&pool, NULL);
driver = get_nss_driver(tc, pool);
if (driver) {
f = make(tc, pool, driver);
apr_crypto_get_block_key_types(&types, f);
key_3des_192 = apr_hash_get(types, "3des192", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_3des_192);
ABTS_INT_EQUAL(tc, *key_3des_192, APR_KEY_3DES_192);
key_aes_128 = apr_hash_get(types, "aes128", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_128);
ABTS_INT_EQUAL(tc, *key_aes_128, APR_KEY_AES_128);
key_aes_192 = apr_hash_get(types, "aes192", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_192);
ABTS_INT_EQUAL(tc, *key_aes_192, APR_KEY_AES_192);
key_aes_256 = apr_hash_get(types, "aes256", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_256);
ABTS_INT_EQUAL(tc, *key_aes_256, APR_KEY_AES_256);
}
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Get Types, Common Crypto.
*/
static void test_crypto_get_block_key_types_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f;
apr_hash_t *types;
int *key_3des_192;
int *key_aes_128;
int *key_aes_192;
int *key_aes_256;
apr_pool_create(&pool, NULL);
driver = get_commoncrypto_driver(tc, pool);
if (driver) {
f = make(tc, pool, driver);
apr_crypto_get_block_key_types(&types, f);
key_3des_192 = apr_hash_get(types, "3des192", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_3des_192);
ABTS_INT_EQUAL(tc, *key_3des_192, APR_KEY_3DES_192);
key_aes_128 = apr_hash_get(types, "aes128", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_128);
ABTS_INT_EQUAL(tc, *key_aes_128, APR_KEY_AES_128);
key_aes_192 = apr_hash_get(types, "aes192", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_192);
ABTS_INT_EQUAL(tc, *key_aes_192, APR_KEY_AES_192);
key_aes_256 = apr_hash_get(types, "aes256", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, key_aes_256);
ABTS_INT_EQUAL(tc, *key_aes_256, APR_KEY_AES_256);
}
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
#if APU_HAVE_OPENSSL
/**
* Get Modes, OpenSSL.
*/
static void test_crypto_get_block_key_modes_openssl(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f;
apr_hash_t *modes;
int *mode_ecb;
int *mode_cbc;
apr_pool_create(&pool, NULL);
driver = get_openssl_driver(tc, pool);
if (driver) {
f = make(tc, pool, driver);
apr_crypto_get_block_key_modes(&modes, f);
mode_ecb = apr_hash_get(modes, "ecb", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, mode_ecb);
ABTS_INT_EQUAL(tc, *mode_ecb, APR_MODE_ECB);
mode_cbc = apr_hash_get(modes, "cbc", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, mode_cbc);
ABTS_INT_EQUAL(tc, *mode_cbc, APR_MODE_CBC);
}
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_OPENSSL */
#if APU_HAVE_NSS
/**
* Get Modes, NSS.
*/
static void test_crypto_get_block_key_modes_nss(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f;
apr_hash_t *modes;
int *mode_ecb;
int *mode_cbc;
apr_pool_create(&pool, NULL);
driver = get_nss_driver(tc, pool);
if (driver) {
f = make(tc, pool, driver);
apr_crypto_get_block_key_modes(&modes, f);
mode_ecb = apr_hash_get(modes, "ecb", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, mode_ecb);
ABTS_INT_EQUAL(tc, *mode_ecb, APR_MODE_ECB);
mode_cbc = apr_hash_get(modes, "cbc", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, mode_cbc);
ABTS_INT_EQUAL(tc, *mode_cbc, APR_MODE_CBC);
}
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_NSS */
#if APU_HAVE_COMMONCRYPTO
/**
* Get Modes, Common Crypto.
*/
static void test_crypto_get_block_key_modes_commoncrypto(abts_case *tc, void *data)
{
apr_pool_t *pool = NULL;
const apr_crypto_driver_t *driver;
apr_crypto_t *f;
apr_hash_t *modes;
int *mode_ecb;
int *mode_cbc;
apr_pool_create(&pool, NULL);
driver = get_commoncrypto_driver(tc, pool);
if (driver) {
f = make(tc, pool, driver);
apr_crypto_get_block_key_modes(&modes, f);
mode_ecb = apr_hash_get(modes, "ecb", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, mode_ecb);
ABTS_INT_EQUAL(tc, *mode_ecb, APR_MODE_ECB);
mode_cbc = apr_hash_get(modes, "cbc", APR_HASH_KEY_STRING);
ABTS_PTR_NOTNULL(tc, mode_cbc);
ABTS_INT_EQUAL(tc, *mode_cbc, APR_MODE_CBC);
}
apr_pool_destroy(pool);
}
#endif /* APU_HAVE_COMMONCRYPTO */
static void test_crypto_memzero(abts_case *tc, void *data)
{
/* Aligned message */
struct {
char buf[7 * sizeof(int)];
int untouched;
} msg;
/* A bit of type punning such that 'msg' might look unused
* after the call to apr_crypto_memzero().
*/
int *ptr = (int *)&msg;
int i;
/* Fill buf with non-zeros (odds) */
for (i = 1; i < 2 * sizeof(msg.buf); i += 2) {
msg.buf[i / 2] = (char)i;
ABTS_ASSERT(tc, "test_crypto_memzero() barrier", msg.buf[i / 2] != 0);
}
/* Zero out the whole, and check it */
apr_crypto_memzero(&msg, sizeof msg);
for (i = 0; i < sizeof(msg) / sizeof(*ptr); ++i) {
ABTS_ASSERT(tc, "test_crypto_memzero() optimized out", ptr[i] == 0);
}
}
static void test_crypto_equals(abts_case *tc, void *data)
{
/* Buffers of each type of scalar */
union {
char c;
short s;
int i;
long l;
float f;
double d;
void *p;
} buf0[7], buf1[7], buf[7];
char *ptr = (char *)buf;
int i;
#define TEST_SCALAR_MATCH(i, x, r) \
ABTS_ASSERT(tc, "test_crypto_equals(" APR_STRINGIFY(x) ")" \
" != " APR_STRINGIFY(r), \
apr_crypto_equals(&buf##r[i].x, &buf[i].x, \
sizeof(buf[i].x)) == r)
/* Fill buf with non-zeros (odds) */
for (i = 1; i < 2 * sizeof(buf); i += 2) {
ptr[i / 2] = (char)i;
}
/* Set buf1 = buf */
memcpy(buf1, buf, sizeof buf);
/* Set buf0 = {0} */
memset(buf0, 0, sizeof buf0);
/* Check that buf1 == buf for each scalar */
TEST_SCALAR_MATCH(0, c, 1);
TEST_SCALAR_MATCH(1, s, 1);
TEST_SCALAR_MATCH(2, i, 1);
TEST_SCALAR_MATCH(3, l, 1);
TEST_SCALAR_MATCH(4, f, 1);
TEST_SCALAR_MATCH(5, d, 1);
TEST_SCALAR_MATCH(6, p, 1);
/* Check that buf0 != buf for each scalar */
TEST_SCALAR_MATCH(0, c, 0);
TEST_SCALAR_MATCH(1, s, 0);
TEST_SCALAR_MATCH(2, i, 0);
TEST_SCALAR_MATCH(3, l, 0);
TEST_SCALAR_MATCH(4, f, 0);
TEST_SCALAR_MATCH(5, d, 0);
TEST_SCALAR_MATCH(6, p, 0);
}
#if APU_HAVE_CRYPTO_PRNG
/*
* KAT for CHACHA20:
* # iv=$(printf "%.32d" 0)
* # key=$(printf "%.64d" 0)
* # key=$(openssl enc -chacha20 -e \
* -in /dev/zero -K $key -iv $iv \
* | xxd -l32 -c64 -p)
* # openssl enc -chacha20 -e \
* -in /dev/zero -K $key -iv $iv \
* | xxd -l128 -c8 -i
*/
static const unsigned char test_PRNG_kat0_chacha20[128] = {
0xb0, 0xfd, 0x14, 0xff, 0x96, 0xa0, 0xbd, 0xa1,
0x54, 0xc3, 0x29, 0x08, 0x2c, 0x9c, 0x65, 0x33,
0xbb, 0x4c, 0x94, 0x73, 0xbf, 0x5d, 0xde, 0x13,
0x8f, 0x82, 0xc9, 0xac, 0x55, 0x53, 0xd9, 0x58,
0xaf, 0xbd, 0xad, 0x28, 0x45, 0xb9, 0x3c, 0xdb,
0xb2, 0xfe, 0x64, 0x63, 0xd2, 0xfe, 0x16, 0x2a,
0xda, 0xe0, 0xf6, 0xe6, 0x76, 0xf0, 0x49, 0x42,
0x18, 0xf5, 0xce, 0x05, 0x96, 0xe7, 0x9f, 0x5c,
0x55, 0x1a, 0xaa, 0x9b, 0xa4, 0x6f, 0xaa, 0xd5,
0x28, 0xf6, 0x76, 0x3d, 0xde, 0x93, 0xc0, 0x3f,
0xa3, 0xb1, 0x21, 0xb2, 0xff, 0xc0, 0x53, 0x3a,
0x69, 0x5e, 0xd5, 0x6e, 0x8f, 0xda, 0x05, 0x89,
0xa2, 0xed, 0xeb, 0xfa, 0xd4, 0xae, 0xd3, 0x35,
0x7c, 0x7a, 0xad, 0xad, 0x93, 0x28, 0x02, 0x7b,
0xb8, 0x79, 0xb5, 0x57, 0x47, 0x97, 0xa1, 0xb7,
0x3d, 0xce, 0x7c, 0xd0, 0x9f, 0x24, 0x51, 0x01
};
/*
* KAT for AES256-CTR:
* # iv=$(printf "%.32d" 0)
* # key=$(printf "%.64d" 0)
* # key=$(openssl enc -aes-256-ctr -e \
* -in /dev/zero -K $key -iv $iv \
* | xxd -l32 -c64 -p)
* # openssl enc -aes-256-ctr -e \
* -in /dev/zero -K $key -iv $iv \
* | xxd -l128 -c8 -i
*/
static const unsigned char test_PRNG_kat0_aes256[128] = {
0x79, 0x04, 0x2a, 0x33, 0xfa, 0x41, 0x1a, 0x37,
0x97, 0x3a, 0xec, 0xa0, 0xfc, 0xde, 0x6b, 0x2b,
0x16, 0xa4, 0x5f, 0xa1, 0x2a, 0xe3, 0xf5, 0x4c,
0x84, 0x28, 0x83, 0xeb, 0x60, 0xce, 0x44, 0xe9,
0x9c, 0x4c, 0xa2, 0x6e, 0x70, 0xcc, 0x26, 0x68,
0xf8, 0x99, 0x5a, 0xa1, 0x9f, 0xde, 0x99, 0xb9,
0x80, 0x0b, 0xb6, 0x83, 0x14, 0x9d, 0x72, 0x93,
0xf4, 0xd1, 0x49, 0xf3, 0xf0, 0x9e, 0x49, 0x80,
0x76, 0x84, 0x01, 0x1e, 0x79, 0x9e, 0x70, 0x70,
0x61, 0x7c, 0x13, 0xce, 0x2d, 0x64, 0xca, 0x08,
0xb7, 0xc1, 0xd5, 0x61, 0xf1, 0x95, 0x5d, 0x1b,
0x92, 0x8c, 0xd2, 0x70, 0xef, 0x26, 0xfe, 0x24,
0x01, 0xd8, 0x65, 0x63, 0x68, 0x71, 0x09, 0x4e,
0x7b, 0x01, 0x36, 0x19, 0x85, 0x13, 0x16, 0xfd,
0xc5, 0x0c, 0xe6, 0x71, 0x42, 0xbf, 0x81, 0xb0,
0xd1, 0x59, 0x28, 0xa1, 0x04, 0xe9, 0x8d, 0xad
};
static void test_crypto_prng(abts_case *tc, apr_crypto_cipher_e cipher, const unsigned char *test_PRNG_kat0)
{
unsigned char randbytes[128], seed[APR_CRYPTO_PRNG_SEED_SIZE];
apr_crypto_prng_t *cprng = NULL;
apr_pool_t *pool = NULL;
apr_status_t rv;
int i;
rv = apr_pool_create(&pool, NULL);
ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
ABTS_PTR_NOTNULL(tc, pool);
rv = apr_crypto_prng_init(pool, NULL, cipher, 0, NULL, 0);
ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_EREINIT", rv != APR_EREINIT);
ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_ENOTIMPL", rv != APR_ENOTIMPL);
ABTS_ASSERT(tc, "apr_crypto_prng_init failed", rv == APR_SUCCESS || rv == APR_ENOCIPHER);
if (rv != APR_SUCCESS) {
apr_pool_destroy(pool);
return;
}
for (i = 0; i < 10; ++i) {
/* Initial seed full of zeros (deterministic) */
memset(seed, 0, sizeof(seed));
rv = apr_crypto_prng_create(&cprng, NULL, cipher, 0, 0, seed, pool);
ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_EINIT", rv != APR_EINIT);
ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_EINVAL", rv != APR_EINVAL);
ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_ENOTIMPL", rv != APR_ENOTIMPL);
ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_ENOCIPHER", rv != APR_ENOCIPHER);
ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_EDSOOPEN", rv != APR_EDSOOPEN);
ABTS_ASSERT(tc, "apr_crypto_prng_create failed", rv == APR_SUCCESS);
if (rv != APR_SUCCESS) {
break;
}
/* Second time and more, set one random bit of the seed */
if (i != 0) {
unsigned char rnd;
rv = apr_generate_random_bytes(&rnd, sizeof rnd);
ABTS_ASSERT(tc, "apr_generate_random_bytes failed",
rv == APR_SUCCESS);
seed[rnd % APR_CRYPTO_PRNG_SEED_SIZE] = (unsigned char)(1u << (rnd % 8));
rv = apr_crypto_prng_reseed(cprng, seed);
ABTS_ASSERT(tc, "apr_crypto_prng_reseed failed",
rv == APR_SUCCESS);
}
rv = apr_crypto_prng_bytes(cprng, randbytes, 128 - 32);
ABTS_ASSERT(tc, "apr_crypto_prng_bytes failed", rv == APR_SUCCESS);
/* Should match the first time only */
if (i != 0) {
ABTS_ASSERT(tc, "test vector should not match",
/* first 32 bytes (256 bits) are used for the next key */
memcmp(randbytes, test_PRNG_kat0 + 32, 128 - 32) != 0);
}
else {
ABTS_ASSERT(tc, "test vector should match",
/* first 32 bytes (256 bits) are used for the next key */
memcmp(randbytes, test_PRNG_kat0 + 32, 128 - 32) == 0);
}
rv = apr_crypto_prng_destroy(cprng);
ABTS_ASSERT(tc, "apr_crypto_prng_destroy failed", rv == APR_SUCCESS);
}
apr_pool_destroy(pool);
}
static void test_crypto_prng_aes256(abts_case *tc, void *data)
{
return test_crypto_prng(tc, APR_CRYPTO_CIPHER_AES_256_CTR, test_PRNG_kat0_aes256);
}
static void test_crypto_prng_chacha20(abts_case *tc, void *data)
{
return test_crypto_prng(tc, APR_CRYPTO_CIPHER_CHACHA20, test_PRNG_kat0_chacha20);
}
#if APR_HAS_FORK
static void test_crypto_fork_random(abts_case *tc, void *data)
{
unsigned char randbytes[1024];
apr_pool_t *pool = NULL;
apr_file_t *pread = NULL;
apr_file_t *pwrite = NULL;
apr_size_t nbytes;
apr_proc_t proc;
apr_status_t rv;
rv = apr_pool_create(&pool, NULL);
ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
ABTS_PTR_NOTNULL(tc, pool);
rv = apr_crypto_prng_init(pool, NULL, APR_CRYPTO_CIPHER_AUTO, 0, NULL, 0);
ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_EREINIT", rv != APR_EREINIT);
ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_ENOTIMPL", rv != APR_ENOTIMPL);
ABTS_ASSERT(tc, "apr_crypto_prng_init failed", rv == APR_SUCCESS);
rv = apr_file_pipe_create(&pread, &pwrite, p);
ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
ABTS_PTR_NOTNULL(tc, pread);
ABTS_PTR_NOTNULL(tc, pwrite);
rv = apr_proc_fork(&proc, pool);
if (rv == APR_INCHILD) {
apr_file_close(pread);
rv = apr_crypto_random_bytes(randbytes, 1024);
if (rv == APR_SUCCESS) {
apr_file_write_full(pwrite, randbytes, 1024, &nbytes);
}
apr_file_close(pwrite);
exit(rv != APR_SUCCESS);
}
else if (rv == APR_INPARENT) {
int exitcode;
apr_exit_why_e why;
unsigned char childbytes[1024];
apr_file_close(pwrite);
rv = apr_file_read_full(pread, childbytes, 1024, &nbytes);
ABTS_INT_EQUAL(tc, (int)nbytes, 1024);
apr_file_close(pread);
apr_proc_wait(&proc, &exitcode, &why, APR_WAIT);
if (why != APR_PROC_EXIT) {
ABTS_ASSERT(tc, "apr_proc_wait returned APR_PROC_SIGNAL", why != APR_PROC_SIGNAL);
ABTS_ASSERT(tc, "apr_proc_wait returned APR_PROC_SIGNAL_CORE", why != (APR_PROC_SIGNAL | APR_PROC_SIGNAL_CORE));
ABTS_FAIL(tc, "child terminated abnormally");
}
else if (exitcode != 0) {
ABTS_FAIL(tc, "apr_crypto_random_bytes failed in child");
}
rv = apr_crypto_random_bytes(randbytes, 1024);
ABTS_ASSERT(tc, "apr_crypto_random_bytes failed in parent",
rv == APR_SUCCESS);
ABTS_ASSERT(tc, "parent and child generated same random bytes",
memcmp(randbytes, childbytes, 1024) != 0);
}
else {
ABTS_FAIL(tc, "apr_proc_fork failed");
}
apr_pool_destroy(pool);
}
#endif
#if APR_HAS_THREADS
#define NUM_THREADS 8
static void *APR_THREAD_FUNC thread_func(apr_thread_t *thd, void *data)
{
unsigned char *randbytes = data;
apr_status_t rv;
rv = apr_crypto_random_thread_bytes(randbytes, 800);
apr_thread_exit(thd, rv);
return NULL;
}
static void test_crypto_thread_random(abts_case *tc, void *data)
{
static unsigned char zerobytes[800];
unsigned char *randbytes[NUM_THREADS];
apr_thread_t *threads[NUM_THREADS];
int flags = APR_CRYPTO_PRNG_PER_THREAD;
apr_pool_t *pool = NULL;
apr_status_t rv, ret;
int i, j;
rv = apr_pool_create(&pool, NULL);
ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
ABTS_PTR_NOTNULL(tc, pool);
rv = apr_crypto_prng_init(pool, NULL, APR_CRYPTO_CIPHER_AUTO, 0, NULL, flags);
ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_EREINIT", rv != APR_EREINIT);
ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_ENOTIMPL", rv != APR_ENOTIMPL);
ABTS_ASSERT(tc, "apr_crypto_prng_init failed", rv == APR_SUCCESS);
for (i = 0; i < NUM_THREADS; ++i) {
randbytes[i] = apr_pcalloc(pool, 800);
rv = apr_thread_create(&threads[i], NULL, thread_func,
randbytes[i], pool);
ABTS_ASSERT(tc, "apr_thread_create failed", rv == APR_SUCCESS);
}
for (i = 0; i < NUM_THREADS; ++i) {
rv = apr_thread_join(&ret, threads[i]);
ABTS_ASSERT(tc, "apr_thread_join failed", rv == APR_SUCCESS);
ABTS_ASSERT(tc, "apr_crypto_random_thread_bytes failed",
ret == APR_SUCCESS);
}
for (i = 0; i < NUM_THREADS; ++i) {
ABTS_ASSERT(tc, "some thread generated zero bytes",
memcmp(randbytes[i], zerobytes, 800) != 0);
for (j = 0; j < i; ++j) {
ABTS_ASSERT(tc, "two threads generated same random bytes",
memcmp(randbytes[i], randbytes[j], 800) != 0);
}
}
apr_pool_destroy(pool);
}
#endif /* APR_HAS_THREADS */
#endif /* APU_HAVE_CRYPTO_PRNG */
abts_suite *testcrypto(abts_suite *suite)
{
suite = ADD_SUITE(suite);
/* test simple init and shutdown */
abts_run_test(suite, test_crypto_init, NULL);
#if APU_HAVE_OPENSSL
/* test key parsing - openssl */
abts_run_test(suite, test_crypto_key_openssl, NULL);
/* test a simple encrypt / decrypt operation - openssl */
abts_run_test(suite, test_crypto_block_openssl, NULL);
/* test a simple sign / verify operation - openssl */
abts_run_test(suite, test_crypto_digest_openssl, NULL);
/* test a padded encrypt / decrypt operation - openssl */
abts_run_test(suite, test_crypto_block_openssl_pad, NULL);
/* test block key types openssl */
abts_run_test(suite, test_crypto_get_block_key_types_openssl, NULL);
/* test block key modes openssl */
abts_run_test(suite, test_crypto_get_block_key_modes_openssl, NULL);
#endif
#if APU_HAVE_NSS
/* test key parsing - nss */
abts_run_test(suite, test_crypto_key_nss, NULL);
/* test a simple encrypt / decrypt operation - nss */
abts_run_test(suite, test_crypto_block_nss, NULL);
/* test a simple sign / verify operation - nss */
abts_run_test(suite, test_crypto_digest_nss, NULL);
/* test a padded encrypt / decrypt operation - nss */
abts_run_test(suite, test_crypto_block_nss_pad, NULL);
#if APU_HAVE_OPENSSL
/* test encrypt nss / decrypt openssl */
abts_run_test(suite, test_crypto_block_nss_openssl, NULL);
/* test padded encrypt nss / decrypt openssl */
abts_run_test(suite, test_crypto_block_nss_openssl_pad, NULL);
/* test encrypt openssl / decrypt nss */
abts_run_test(suite, test_crypto_block_openssl_nss, NULL);
/* test padded encrypt openssl / decrypt nss */
abts_run_test(suite, test_crypto_block_openssl_nss_pad, NULL);
/* test sign nss / verify openssl */
abts_run_test(suite, test_crypto_digest_nss_openssl, NULL);
/* test sign openssl / verify nss */
abts_run_test(suite, test_crypto_digest_openssl_nss, NULL);
#endif
/* test block key types nss */
abts_run_test(suite, test_crypto_get_block_key_types_nss, NULL);
/* test block key modes nss */
abts_run_test(suite, test_crypto_get_block_key_modes_nss, NULL);
#endif
#if APU_HAVE_COMMONCRYPTO
/* test key parsing - commoncrypto */
abts_run_test(suite, test_crypto_key_commoncrypto, NULL);
/* test a simple encrypt / decrypt operation - commoncrypto */
abts_run_test(suite, test_crypto_block_commoncrypto, NULL);
/* test a simple sign / verify operation - commoncrypto */
abts_run_test(suite, test_crypto_digest_commoncrypto, NULL);
/* test a padded encrypt / decrypt operation - commoncrypto */
abts_run_test(suite, test_crypto_block_commoncrypto_pad, NULL);
#if APU_HAVE_OPENSSL
/* test encrypt openssl / decrypt commoncrypto */
abts_run_test(suite, test_crypto_block_openssl_commoncrypto, NULL);
/* test padded encrypt openssl / decrypt commoncrypto */
abts_run_test(suite, test_crypto_block_openssl_commoncrypto_pad, NULL);
/* test sign openssl / verify commoncrypto */
abts_run_test(suite, test_crypto_digest_openssl_commoncrypto, NULL);
/* test encrypt commoncrypto / decrypt openssl */
abts_run_test(suite, test_crypto_block_commoncrypto_openssl, NULL);
/* test padded encrypt commoncrypto / decrypt openssl */
abts_run_test(suite, test_crypto_block_commoncrypto_openssl_pad, NULL);
/* test sign commoncrypto / verify openssl */
abts_run_test(suite, test_crypto_digest_commoncrypto_openssl, NULL);
#endif
/* test block key types commoncrypto */
abts_run_test(suite, test_crypto_get_block_key_types_commoncrypto, NULL);
/* test block key modes commoncrypto */
abts_run_test(suite, test_crypto_get_block_key_modes_commoncrypto, NULL);
#endif
abts_run_test(suite, test_crypto_memzero, NULL);
abts_run_test(suite, test_crypto_equals, NULL);
#if APU_HAVE_CRYPTO_PRNG
abts_run_test(suite, test_crypto_prng_aes256, NULL);
abts_run_test(suite, test_crypto_prng_chacha20, NULL);
#if APR_HAS_FORK
abts_run_test(suite, test_crypto_fork_random, NULL);
#endif
#if APR_HAS_THREADS
abts_run_test(suite, test_crypto_thread_random, NULL);
#endif
#endif
return suite;
}
#else
/**
* Dummy test suite when crypto is turned off.
*/
abts_suite *testcrypto(abts_suite *suite)
{
return ADD_SUITE(suite);
}
#endif /* APU_HAVE_CRYPTO */