/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "testutil.h" #include "apr.h" #include "apu.h" #include "apu_errno.h" #include "apr_pools.h" #include "apr_dso.h" #include "apr_crypto.h" #include "apr_strings.h" #include "apr_file_io.h" #include "apr_thread_proc.h" #if APU_HAVE_CRYPTO #define TEST_STRING "12345" #define ALIGNED_STRING "123456789012345" static const apr_crypto_driver_t *get_driver(abts_case *tc, apr_pool_t *pool, const char *name, const char *params) { const apr_crypto_driver_t *driver = NULL; const apu_err_t *result = NULL; apr_status_t rv; rv = apr_crypto_init(pool); ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS); rv = apr_crypto_get_driver(&driver, name, params, &result, pool); if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, apr_psprintf(pool, "Crypto driver '%s' not implemented", (char *)name)); return NULL; } if (APR_EDSOOPEN == rv) { ABTS_NOT_IMPL(tc, apr_psprintf(pool, "Crypto driver '%s' DSO could not be opened", (char *)name)); return NULL; } if (APR_SUCCESS != rv && result) { char err[1024]; apr_strerror(rv, err, sizeof(err) - 1); fprintf(stderr, "get_driver error %d: %s: '%s' native error %d: %s (%s),", rv, err, name, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, apr_psprintf(pool, "failed to apr_crypto_get_driver for '%s' with %d", name, rv), rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_get_driver returned NULL", driver != NULL); if (!driver || rv) { return NULL; } return driver; } #if APU_HAVE_NSS static const apr_crypto_driver_t *get_nss_driver(abts_case *tc, apr_pool_t *pool) { /* initialise NSS */ return get_driver(tc, pool, "nss", ""); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_OPENSSL static const apr_crypto_driver_t *get_openssl_driver(abts_case *tc, apr_pool_t *pool) { return get_driver(tc, pool, "openssl", NULL); } #endif /* APU_HAVE_OPENSSL */ #if APU_HAVE_COMMONCRYPTO static const apr_crypto_driver_t *get_commoncrypto_driver(abts_case *tc, apr_pool_t *pool) { return get_driver(tc, pool, "commoncrypto", NULL); } #endif /* APU_HAVE_COMMONCRYPTO */ static apr_crypto_t *make(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver) { apr_crypto_t *f = NULL; if (!driver) { return NULL; } /* get the context */ apr_crypto_make(&f, driver, "engine=openssl", pool); ABTS_ASSERT(tc, "apr_crypto_make returned NULL", f != NULL); return f; } static const apr_crypto_key_t *keyhash(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, apr_crypto_block_key_digest_e digest, const char *description) { apr_crypto_key_t *key = NULL; const apu_err_t *result = NULL; apr_crypto_key_rec_t *rec = apr_crypto_key_rec_make(APR_CRYPTO_KTYPE_HASH, pool); apr_status_t rv; if (!driver) { return NULL; } if (!f) { return NULL; } rec->k.hash.digest = digest; /* init the key */ rv = apr_crypto_key(&key, rec, f, pool); if (APR_ENOCIPHER == rv || APR_ENODIGEST == rv) { apr_crypto_error(&result, f); ABTS_NOT_IMPL(tc, apr_psprintf(pool, "skipped: %s %s key return APR_ENOTIMPL: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : "")); return NULL; } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "key: %s %s apr error %d / native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL); } if (rv) { return NULL; } return key; } static const apr_crypto_key_t *keyhmac(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, apr_crypto_block_key_digest_e digest, apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode, int doPad, apr_size_t secretLen, const char *description) { apr_crypto_key_t *key = NULL; const apu_err_t *result = NULL; apr_crypto_key_rec_t *rec = apr_crypto_key_rec_make(APR_CRYPTO_KTYPE_HMAC, pool); apr_status_t rv; if (!driver) { return NULL; } if (!f) { return NULL; } rec->type = type; rec->mode = mode; rec->pad = doPad; rec->k.hmac.digest = digest; rec->k.hmac.secret = apr_pcalloc(pool, secretLen); rec->k.hmac.secretLen = secretLen; /* init the key */ rv = apr_crypto_key(&key, rec, f, pool); if (APR_ENOCIPHER == rv || APR_ENODIGEST == rv) { apr_crypto_error(&result, f); ABTS_NOT_IMPL(tc, apr_psprintf(pool, "skipped: %s %s key return APR_ENOTIMPL: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : "")); return NULL; } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "key: %s %s apr error %d / native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL); } if (rv) { return NULL; } return key; } static const apr_crypto_key_t *keysecret(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode, int doPad, apr_size_t secretLen, const char *description) { apr_crypto_key_t *key = NULL; const apu_err_t *result = NULL; apr_crypto_key_rec_t *rec = apr_crypto_key_rec_make(APR_CRYPTO_KTYPE_SECRET, pool); apr_status_t rv; if (!driver) { return NULL; } if (!f) { return NULL; } rec->type = type; rec->mode = mode; rec->pad = doPad; rec->k.secret.secret = apr_pcalloc(pool, secretLen); rec->k.secret.secretLen = secretLen; /* init the passphrase */ rv = apr_crypto_key(&key, rec, f, pool); if (APR_ENOCIPHER == rv) { apr_crypto_error(&result, f); ABTS_NOT_IMPL(tc, apr_psprintf(pool, "skipped: %s %s key return APR_ENOCIPHER: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : "")); return NULL; } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "key: %s %s apr error %d / native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL); } if (rv) { return NULL; } return key; } static const apr_crypto_key_t *passphrase(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode, int doPad, const char *description) { apr_crypto_key_t *key = NULL; const apu_err_t *result = NULL; const char *pass = "secret"; const char *salt = "salt"; apr_status_t rv; if (!driver) { return NULL; } if (!f) { return NULL; } /* init the passphrase */ rv = apr_crypto_passphrase(&key, NULL, pass, strlen(pass), (unsigned char *) salt, strlen(salt), type, mode, doPad, 4096, f, pool); if (APR_ENOCIPHER == rv) { apr_crypto_error(&result, f); ABTS_NOT_IMPL(tc, apr_psprintf(pool, "skipped: %s %s passphrase return APR_ENOCIPHER: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : "")); return NULL; } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "passphrase: %s %s apr error %d / native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_passphrase returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_passphrase returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_passphrase returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "failed to apr_crypto_passphrase", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_passphrase returned NULL context", key != NULL); } if (rv) { return NULL; } return key; } static const apr_crypto_key_t *keypassphrase(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, apr_crypto_block_key_type_e type, apr_crypto_block_key_mode_e mode, int doPad, const char *description) { apr_crypto_key_t *key = NULL; const apu_err_t *result = NULL; const char *pass = "secret"; const char *salt = "salt"; apr_crypto_key_rec_t *rec = apr_pcalloc(pool, sizeof(apr_crypto_key_rec_t)); apr_status_t rv; if (!driver) { return NULL; } if (!f) { return NULL; } rec->ktype = APR_CRYPTO_KTYPE_PASSPHRASE; rec->type = type; rec->mode = mode; rec->pad = doPad; rec->k.passphrase.pass = pass; rec->k.passphrase.passLen = strlen(pass); rec->k.passphrase.salt = (unsigned char *)salt; rec->k.passphrase.saltLen = strlen(salt); rec->k.passphrase.iterations = 4096; /* init the passphrase */ rv = apr_crypto_key(&key, rec, f, pool); if (APR_ENOCIPHER == rv) { apr_crypto_error(&result, f); ABTS_NOT_IMPL(tc, apr_psprintf(pool, "skipped: %s %s key passphrase return APR_ENOCIPHER: error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), result->rc, result->reason ? result->reason : "", result->msg ? result->msg : "")); return NULL; } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "key passphrase: %s %s apr error %d / native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_key returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_key returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "failed to apr_crypto_key", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_key returned NULL context", key != NULL); } if (rv) { return NULL; } return key; } static unsigned char *encrypt_block(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, const apr_crypto_key_t *key, const unsigned char *in, const apr_size_t inlen, unsigned char **cipherText, apr_size_t *cipherTextLen, const unsigned char **iv, apr_size_t *blockSize, const char *description) { apr_crypto_block_t *block = NULL; const apu_err_t *result = NULL; apr_size_t len = 0; apr_status_t rv; if (!driver || !f || !key || !in) { return NULL; } /* init the encryption */ rv = apr_crypto_block_encrypt_init(&block, iv, key, blockSize, pool); if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, "apr_crypto_block_encrypt_init returned APR_ENOTIMPL"); } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "encrypt_init: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_ENOIV", rv != APR_ENOIV); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned APR_ENOTENOUGHENTROPY", rv != APR_ENOTENOUGHENTROPY); ABTS_ASSERT(tc, "failed to apr_crypto_block_encrypt_init", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_init returned NULL context", block != NULL); } if (!block || rv) { return NULL; } /* encrypt the block */ rv = apr_crypto_block_encrypt(cipherText, cipherTextLen, in, inlen, block); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "encrypt: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_block_encrypt returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "failed to apr_crypto_block_encrypt", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_block_encrypt failed to allocate buffer", *cipherText != NULL); if (rv) { return NULL; } /* finalise the encryption */ rv = apr_crypto_block_encrypt_finish(*cipherText + *cipherTextLen, &len, block); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "encrypt_finish: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_block_encrypt_finish returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_finish returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_block_encrypt_finish returned APR_ENOSPACE", rv != APR_ENOSPACE); ABTS_ASSERT(tc, "failed to apr_crypto_block_encrypt_finish", rv == APR_SUCCESS); *cipherTextLen += len; apr_crypto_block_cleanup(block); if (rv) { return NULL; } return *cipherText; } static unsigned char *decrypt_block(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, const apr_crypto_key_t *key, unsigned char *cipherText, apr_size_t cipherTextLen, unsigned char **plainText, apr_size_t *plainTextLen, const unsigned char *iv, apr_size_t *blockSize, const char *description) { apr_crypto_block_t *block = NULL; const apu_err_t *result = NULL; apr_size_t len = 0; apr_status_t rv; if (!driver || !f || !key || !cipherText) { return NULL; } /* init the decryption */ rv = apr_crypto_block_decrypt_init(&block, blockSize, iv, key, pool); if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, "apr_crypto_block_decrypt_init returned APR_ENOTIMPL"); } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "decrypt_init: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_ENOIV", rv != APR_ENOIV); ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "failed to apr_crypto_block_decrypt_init", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_block_decrypt_init returned NULL context", block != NULL); } if (!block || rv) { return NULL; } /* decrypt the block */ rv = apr_crypto_block_decrypt(plainText, plainTextLen, cipherText, cipherTextLen, block); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "decrypt: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_block_decrypt returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "failed to apr_crypto_block_decrypt", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_block_decrypt failed to allocate buffer", *plainText != NULL); if (rv) { return NULL; } /* finalise the decryption */ rv = apr_crypto_block_decrypt_finish(*plainText + *plainTextLen, &len, block); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "decrypt_finish: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_block_decrypt_finish returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "apr_crypto_block_decrypt_finish returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_block_decrypt_finish returned APR_ENOSPACE", rv != APR_ENOSPACE); ABTS_ASSERT(tc, "failed to apr_crypto_block_decrypt_finish", rv == APR_SUCCESS); if (rv) { return NULL; } *plainTextLen += len; apr_crypto_block_cleanup(block); return *plainText; } static apr_status_t sign_block(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, const apr_crypto_key_t *key, const unsigned char *in, const apr_size_t inlen, unsigned char **signature, apr_size_t *signatureLen, apr_size_t *blockSize, const char *description) { apr_crypto_digest_t *digest = NULL; const apu_err_t *result = NULL; apr_crypto_digest_rec_t *rec = apr_crypto_digest_rec_make( APR_CRYPTO_DTYPE_SIGN, pool); apr_status_t rv; if (!driver || !f || !key || !in) { return APR_EGENERAL; } /* init the signature */ rv = apr_crypto_digest_init(&digest, key, rec, pool); if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, "apr_crypto_digest_init returned APR_ENOTIMPL"); } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "sign_init: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOIV", rv != APR_ENOIV); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOTENOUGHENTROPY", rv != APR_ENOTENOUGHENTROPY); ABTS_ASSERT(tc, "failed to apr_crypto_digest_init", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_digest_init returned NULL context", digest != NULL); } if (!digest || rv) { return rv; } /* sign the block */ rv = apr_crypto_digest_update(digest, in, inlen); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "sign: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "failed to apr_crypto_digest", rv == APR_SUCCESS); if (rv) { return rv; } /* finalise the sign */ rv = apr_crypto_digest_final(digest); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "sign_finish: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ENOSPACE", rv != APR_ENOSPACE); ABTS_ASSERT(tc, "failed to apr_crypto_digest_final", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_digest_final failed to allocate buffer", rec->d.sign.s != NULL); apr_crypto_digest_cleanup(digest); *signature = rec->d.sign.s; *signatureLen = rec->d.sign.slen; return rv; } static apr_status_t hash_block(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, const apr_crypto_key_t *key, const unsigned char *in, const apr_size_t inlen, unsigned char **hash, apr_size_t *hashLen, apr_size_t *blockSize, const char *description) { apr_crypto_digest_t *digest = NULL; const apu_err_t *result = NULL; apr_crypto_digest_rec_t *rec = apr_crypto_digest_rec_make( APR_CRYPTO_DTYPE_HASH, pool); apr_status_t rv; if (!driver || !f || !key || !in) { return APR_EGENERAL; } rec->d.hash.digest = APR_CRYPTO_DIGEST_SHA256; /* init the signature */ rv = apr_crypto_digest_init(&digest, key, rec, pool); if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, "apr_crypto_digest_init returned APR_ENOTIMPL"); } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "sign_init: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOIV", rv != APR_ENOIV); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOTENOUGHENTROPY", rv != APR_ENOTENOUGHENTROPY); ABTS_ASSERT(tc, "failed to apr_crypto_digest_init", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_digest_init returned NULL context", digest != NULL); } if (!digest || rv) { return rv; } /* sign the block */ rv = apr_crypto_digest_update(digest, in, inlen); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "sign: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "failed to apr_crypto_digest", rv == APR_SUCCESS); if (rv) { return rv; } /* finalise the sign */ rv = apr_crypto_digest_final(digest); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "sign_finish: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ENOSPACE", rv != APR_ENOSPACE); ABTS_ASSERT(tc, "failed to apr_crypto_digest_final", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_digest_final failed to allocate buffer", rec->d.hash.s != NULL); apr_crypto_digest_cleanup(digest); *hash = rec->d.hash.s; *hashLen = rec->d.hash.slen; return rv; } static apr_status_t verify_block(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t *driver, const apr_crypto_t *f, const apr_crypto_key_t *key, const unsigned char *in, apr_size_t inlen, const unsigned char *signature, apr_size_t signatureLen, apr_size_t *blockSize, const char *description) { apr_crypto_digest_t *digest = NULL; const apu_err_t *result = NULL; apr_crypto_digest_rec_t *rec = apr_crypto_digest_rec_make( APR_CRYPTO_DTYPE_VERIFY, pool); apr_status_t rv; if (!driver || !f || !key || !in || !signature) { return APR_EGENERAL; } rec->d.verify.v = signature; rec->d.verify.vlen = signatureLen; /* init the decryption */ rv = apr_crypto_digest_init(&digest, key, rec, pool); if (APR_ENOTIMPL == rv) { ABTS_NOT_IMPL(tc, "apr_crypto_digest_init returned APR_ENOTIMPL"); } else { if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "digest_init: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOKEY", rv != APR_ENOKEY); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_ENOIV", rv != APR_ENOIV); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYTYPE", rv != APR_EKEYTYPE); ABTS_ASSERT(tc, "apr_crypto_digest_init returned APR_EKEYLENGTH", rv != APR_EKEYLENGTH); ABTS_ASSERT(tc, "failed to apr_crypto_digest_init", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_digest_init returned NULL context", digest != NULL); } if (!digest || rv) { return APR_EGENERAL; } /* decrypt the block */ rv = apr_crypto_digest_update(digest, in, inlen); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "decrypt: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "failed to apr_crypto_digest", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_digest failed to allocate buffer", signature != NULL); if (rv) { return APR_EGENERAL; } /* finalise the decryption */ rv = apr_crypto_digest_final(digest); if (APR_SUCCESS != rv) { apr_crypto_error(&result, f); fprintf(stderr, "verify_finish: %s %s (APR %d) native error %d: %s (%s)\n", description, apr_crypto_driver_name(driver), rv, result->rc, result->reason ? result->reason : "", result->msg ? result->msg : ""); } ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ECRYPT", rv != APR_ECRYPT); ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_EPADDING", rv != APR_EPADDING); ABTS_ASSERT(tc, "apr_crypto_digest_final returned APR_ENOSPACE", rv != APR_ENOSPACE); ABTS_ASSERT(tc, "failed to apr_crypto_digest_final", rv == APR_SUCCESS); apr_crypto_digest_cleanup(digest); return rv; } /** * Interoperability test. * * data must point at an array of two driver structures. Data will be encrypted * with the first driver, and decrypted with the second. * * If the two drivers interoperate, the test passes. */ static void crypto_block_cross(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t **drivers, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, int doPad, const unsigned char *in, apr_size_t inlen, apr_size_t secretLen, const char *description) { const apr_crypto_driver_t *driver1 = drivers[0]; const apr_crypto_driver_t *driver2 = drivers[1]; apr_crypto_t *f1 = NULL; apr_crypto_t *f2 = NULL; const apr_crypto_key_t *key1 = NULL; const apr_crypto_key_t *key2 = NULL; const apr_crypto_key_t *key3 = NULL; const apr_crypto_key_t *key4 = NULL; const apr_crypto_key_t *key5 = NULL; const apr_crypto_key_t *key6 = NULL; unsigned char *cipherText = NULL; apr_size_t cipherTextLen = 0; unsigned char *plainText = NULL; apr_size_t plainTextLen = 0; const unsigned char *iv = NULL; apr_size_t blockSize = 0; f1 = make(tc, pool, driver1); f2 = make(tc, pool, driver2); if (!f1 || !f2) { return; } key1 = passphrase(tc, pool, driver1, f1, type, mode, doPad, description); key2 = passphrase(tc, pool, driver2, f2, type, mode, doPad, description); cipherText = encrypt_block(tc, pool, driver1, f1, key1, in, inlen, &cipherText, &cipherTextLen, &iv, &blockSize, description); plainText = decrypt_block(tc, pool, driver2, f2, key2, cipherText, cipherTextLen, &plainText, &plainTextLen, iv, &blockSize, description); if (cipherText && plainText) { if (memcmp(in, plainText, inlen)) { fprintf(stderr, "passphrase cross mismatch: %s %s/%s\n", description, apr_crypto_driver_name(driver1), apr_crypto_driver_name( driver2)); } ABTS_STR_EQUAL(tc, (char *)in, (char *)plainText); } key3 = keysecret(tc, pool, driver1, f1, type, mode, doPad, secretLen, description); key4 = keysecret(tc, pool, driver2, f2, type, mode, doPad, secretLen, description); iv = NULL; blockSize = 0; cipherText = NULL; plainText = NULL; cipherText = encrypt_block(tc, pool, driver1, f1, key3, in, inlen, &cipherText, &cipherTextLen, &iv, &blockSize, description); plainText = decrypt_block(tc, pool, driver2, f2, key4, cipherText, cipherTextLen, &plainText, &plainTextLen, iv, &blockSize, description); if (cipherText && plainText) { if (memcmp(in, plainText, inlen)) { fprintf(stderr, "key secret cross mismatch: %s %s/%s\n", description, apr_crypto_driver_name(driver1), apr_crypto_driver_name( driver2)); } ABTS_STR_EQUAL(tc, (char *)in, (char *)plainText); } key5 = keypassphrase(tc, pool, driver1, f1, type, mode, doPad, description); key6 = keypassphrase(tc, pool, driver2, f2, type, mode, doPad, description); iv = NULL; blockSize = 0; cipherText = NULL; plainText = NULL; cipherText = encrypt_block(tc, pool, driver1, f1, key5, in, inlen, &cipherText, &cipherTextLen, &iv, &blockSize, description); plainText = decrypt_block(tc, pool, driver2, f2, key6, cipherText, cipherTextLen, &plainText, &plainTextLen, iv, &blockSize, description); if (cipherText && plainText) { if (memcmp(in, plainText, inlen)) { fprintf(stderr, "key passphrase cross mismatch: %s %s/%s\n", description, apr_crypto_driver_name(driver1), apr_crypto_driver_name( driver2)); } ABTS_STR_EQUAL(tc, (char *)in, (char *)plainText); } } /** * Interoperability test. * * data must point at an array of two driver structures. Data will be signed * with the first driver, and verified with the second. * * If the two drivers interoperate, the test passes. */ static void crypto_cross_hash(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t **drivers, const apr_crypto_block_key_digest_e digest, const unsigned char *in, apr_size_t inlen, const char *description) { const apr_crypto_driver_t *driver1 = drivers[0]; const apr_crypto_driver_t *driver2 = drivers[1]; apr_crypto_t *f1 = NULL; apr_crypto_t *f2 = NULL; const apr_crypto_key_t *key7 = NULL; const apr_crypto_key_t *key8 = NULL; apr_size_t blockSize = 0; unsigned char *hash1 = NULL; unsigned char *hash2 = NULL; apr_size_t hash1Len = 0; apr_size_t hash2Len = 0; apr_status_t rv; f1 = make(tc, pool, driver1); f2 = make(tc, pool, driver2); if (!f1 || !f2) { return; } key7 = keyhash(tc, pool, driver1, f1, digest, description); key8 = keyhash(tc, pool, driver2, f2, digest, description); blockSize = 0; rv = hash_block(tc, pool, driver1, f1, key7, in, inlen, &hash1, &hash1Len, &blockSize, description); if (APR_SUCCESS != rv && driver1 && driver2) { fprintf(stderr, "key hash cross error %d: %s %s/%s\n", rv, description, apr_crypto_driver_name(driver1), apr_crypto_driver_name(driver2)); } rv = hash_block(tc, pool, driver2, f2, key8, in, inlen, &hash2, &hash2Len, &blockSize, description); if (APR_SUCCESS != rv && driver1 && driver2) { fprintf(stderr, "key hash cross error %d: %s %s/%s\n", rv, description, apr_crypto_driver_name(driver1), apr_crypto_driver_name(driver2)); } if (driver1 && driver2 && (!hash1 || !hash2 || hash1Len != hash2Len || memcmp(hash1, hash2, hash1Len))) { fprintf(stderr, "key hash cross mismatch (hash): %s %s/%s\n", description, apr_crypto_driver_name(driver1), apr_crypto_driver_name(driver2)); } } /** * Interoperability test. * * data must point at an array of two driver structures. Data will be signed * with the first driver, and verified with the second. * * If the two drivers interoperate, the test passes. */ static void crypto_cross_sign(abts_case *tc, apr_pool_t *pool, const apr_crypto_driver_t **drivers, const apr_crypto_block_key_digest_e digest, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, int doPad, const unsigned char *in, apr_size_t inlen, apr_size_t secretLen, const char *description) { const apr_crypto_driver_t *driver1 = drivers[0]; const apr_crypto_driver_t *driver2 = drivers[1]; apr_crypto_t *f1 = NULL; apr_crypto_t *f2 = NULL; const apr_crypto_key_t *key7 = NULL; const apr_crypto_key_t *key8 = NULL; apr_size_t blockSize = 0; unsigned char *signature = NULL; apr_size_t signatureLen = 0; apr_status_t rv; f1 = make(tc, pool, driver1); f2 = make(tc, pool, driver2); if (!f1 || !f2) { return; } key7 = keyhmac(tc, pool, driver1, f1, digest, type, mode, doPad, secretLen, description); key8 = keyhmac(tc, pool, driver2, f2, digest, type, mode, doPad, secretLen, description); blockSize = 0; rv = sign_block(tc, pool, driver1, f1, key7, in, inlen, &signature, &signatureLen, &blockSize, description); if (APR_SUCCESS != rv && driver1 && driver2) { fprintf(stderr, "key hmac cross mismatch (sign): %s %s/%s\n", description, apr_crypto_driver_name(driver1), apr_crypto_driver_name(driver2)); } rv = verify_block(tc, pool, driver2, f2, key8, in, inlen, signature, signatureLen, &blockSize, description); if (APR_SUCCESS != rv && driver1 && driver2) { fprintf(stderr, "key hmac cross mismatch (verify): %s %s/%s\n", description, apr_crypto_driver_name(driver1), apr_crypto_driver_name(driver2)); } } /** * Test initialisation. */ static void test_crypto_init(abts_case *tc, void *data) { apr_pool_t *pool = NULL; apr_status_t rv; apr_pool_create(&pool, NULL); rv = apr_crypto_init(apr_pool_parent_get(pool)); ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS); apr_pool_destroy(pool); } #if APU_HAVE_OPENSSL /** * Simple test of OpenSSL key. */ static void test_crypto_key_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f = NULL; apr_pool_create(&pool, NULL); driver = get_openssl_driver(tc, pool); f = make(tc, pool, driver); if (!f) { return; } keysecret(tc, pool, driver, f, APR_KEY_AES_256, APR_MODE_CBC, 1, 32, "KEY_AES_256/MODE_CBC"); apr_pool_destroy(pool); } #endif /* APU_HAVE_OPENSSL */ #if APU_HAVE_NSS /** * Simple test of NSS key. */ static void test_crypto_key_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f = NULL; apr_pool_create(&pool, NULL); driver = get_nss_driver(tc, pool); f = make(tc, pool, driver); if (!f) { return; } keysecret(tc, pool, driver, f, APR_KEY_AES_256, APR_MODE_CBC, 1, 32, "KEY_AES_256/MODE_CBC"); apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Simple test of CommonCrypto key. */ static void test_crypto_key_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f = NULL; apr_pool_create(&pool, NULL); driver = get_commoncrypto_driver(tc, pool); f = make(tc, pool, driver); if (!f) { return; } keysecret(tc, pool, driver, f, APR_KEY_AES_256, APR_MODE_CBC, 1, 32, "KEY_AES_256/MODE_CBC"); apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ #if APU_HAVE_OPENSSL /** * Simple test of OpenSSL block crypt. */ static void test_crypto_block_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Simple test of OpenSSL block signatures. */ static void test_crypto_digest_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } #endif /* APU_HAVE_OPENSSL */ #if APU_HAVE_NSS /** * Simple test of NSS block crypt. */ static void test_crypto_block_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_nss_driver(tc, pool); drivers[1] = get_nss_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 0, in, inlen, "KEY_3DES_192/MODE_ECB"); */ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Simple test of NSS block sign/verify. */ static void test_crypto_digest_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_nss_driver(tc, pool); drivers[1] = get_nss_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, KEY_3DES_192, MODE_ECB, 0, in, inlen, "KEY_3DES_192/MODE_ECB"); */ crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Simple test of Common Crypto block crypt. */ static void test_crypto_block_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_commoncrypto_driver(tc, pool); drivers[1] = get_commoncrypto_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Simple test of Common Crypto block sign. */ static void test_crypto_digest_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_commoncrypto_driver(tc, pool); drivers[1] = get_commoncrypto_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ #if APU_HAVE_OPENSSL #if APU_HAVE_NSS /** * Encrypt NSS, decrypt OpenSSL. */ static void test_crypto_block_nss_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_nss_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Encrypt OpenSSL, decrypt NSS. */ static void test_crypto_block_openssl_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_nss_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Sign NSS, verify OpenSSL. */ static void test_crypto_digest_nss_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_nss_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB");*/ crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } /** * Sign OpenSSL, verify NSS. */ static void test_crypto_digest_openssl_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_nss_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB");*/ crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Encrypt OpenSSL, decrypt CommonCrypto. */ static void test_crypto_block_openssl_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_commoncrypto_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Sign OpenSSL, verify CommonCrypto. */ static void test_crypto_digest_openssl_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_commoncrypto_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB");*/ crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } /** * Encrypt OpenSSL, decrypt CommonCrypto. */ static void test_crypto_block_commoncrypto_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_commoncrypto_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Sign OpenSSL, verify CommonCrypto. */ static void test_crypto_digest_commoncrypto_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) ALIGNED_STRING; apr_size_t inlen = sizeof(ALIGNED_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_commoncrypto_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_3DES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_3DES_192/MODE_ECB");*/ crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_CBC, 0, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_256, APR_MODE_ECB, 0, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_CBC, 0, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_192, APR_MODE_ECB, 0, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_CBC, 0, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_cross_sign(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, APR_KEY_AES_128, APR_MODE_ECB, 0, in, inlen, 16, "KEY_AES_128/MODE_ECB"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_MD5, in, inlen, "DIGEST MD5"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA1, in, inlen, "DIGEST SHA1"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA224, in, inlen, "DIGEST SHA224"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA256, in, inlen, "DIGEST SHA256"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA384, in, inlen, "DIGEST SHA384"); crypto_cross_hash(tc, pool, drivers, APR_CRYPTO_DIGEST_SHA512, in, inlen, "DIGEST SHA512"); apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ /** * Simple test of OpenSSL block crypt. */ static void test_crypto_block_openssl_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } #endif /* APU_HAVE_OPENSSL */ #if APU_HAVE_NSS /** * Simple test of NSS block crypt. */ static void test_crypto_block_nss_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_nss_driver(tc, pool); drivers[1] = get_nss_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); /* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, KEY_AES_256, MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB");*/ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); /* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, KEY_AES_192, MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB");*/ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); /* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, KEY_AES_128, MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB");*/ apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Simple test of Common Crypto block crypt. */ static void test_crypto_block_commoncrypto_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_commoncrypto_driver(tc, pool); drivers[1] = get_commoncrypto_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ #if APU_HAVE_OPENSSL #if APU_HAVE_NSS /** * Encrypt NSS, decrypt OpenSSL. */ static void test_crypto_block_nss_openssl_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_nss_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); /* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, KEY_AES_256, MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB");*/ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); /* KEY_AES_192 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB");*/ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); /* KEY_AES_192 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB");*/ apr_pool_destroy(pool); } /** * Encrypt OpenSSL, decrypt NSS. */ static void test_crypto_block_openssl_nss_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_nss_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); /* KEY_3DES_192 / MODE_ECB doesn't work on NSS */ /* crypto_block_cross(tc, pool, drivers, KEY_3DES_192, MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); */ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); /* KEY_AES_256 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, KEY_AES_256, MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB");*/ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); /* KEY_AES_192 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB");*/ crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); /* KEY_AES_128 / MODE_ECB doesn't support padding on NSS */ /*crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB");*/ apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Encrypt CommonCrypto, decrypt OpenSSL. */ static void test_crypto_block_commoncrypto_openssl_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_commoncrypto_driver(tc, pool); drivers[1] = get_openssl_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } /** * Encrypt OpenSSL, decrypt CommonCrypto. */ static void test_crypto_block_openssl_commoncrypto_pad(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *drivers[] = { NULL, NULL }; const unsigned char *in = (const unsigned char *) TEST_STRING; apr_size_t inlen = sizeof(TEST_STRING); apr_pool_create(&pool, NULL); drivers[0] = get_openssl_driver(tc, pool); drivers[1] = get_commoncrypto_driver(tc, pool); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_3DES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_3DES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_3DES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_CBC, 1, in, inlen, 32, "KEY_AES_256/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_256, APR_MODE_ECB, 1, in, inlen, 32, "KEY_AES_256/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_CBC, 1, in, inlen, 24, "KEY_AES_192/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_192, APR_MODE_ECB, 1, in, inlen, 24, "KEY_AES_192/MODE_ECB"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_CBC, 1, in, inlen, 16, "KEY_AES_128/MODE_CBC"); crypto_block_cross(tc, pool, drivers, APR_KEY_AES_128, APR_MODE_ECB, 1, in, inlen, 16, "KEY_AES_128/MODE_ECB"); apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ /** * Get Types, OpenSSL. */ static void test_crypto_get_block_key_types_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f; apr_hash_t *types; int *key_3des_192; int *key_aes_128; int *key_aes_192; int *key_aes_256; apr_pool_create(&pool, NULL); driver = get_openssl_driver(tc, pool); if (driver) { f = make(tc, pool, driver); if (!f) { return; } apr_crypto_get_block_key_types(&types, f); key_3des_192 = apr_hash_get(types, "3des192", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_3des_192); ABTS_INT_EQUAL(tc, *key_3des_192, APR_KEY_3DES_192); key_aes_128 = apr_hash_get(types, "aes128", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_128); ABTS_INT_EQUAL(tc, *key_aes_128, APR_KEY_AES_128); key_aes_192 = apr_hash_get(types, "aes192", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_192); ABTS_INT_EQUAL(tc, *key_aes_192, APR_KEY_AES_192); key_aes_256 = apr_hash_get(types, "aes256", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_256); ABTS_INT_EQUAL(tc, *key_aes_256, APR_KEY_AES_256); } apr_pool_destroy(pool); } #endif /* APU_HAVE_OPENSSL */ #if APU_HAVE_NSS /** * Get Types, NSS. */ static void test_crypto_get_block_key_types_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f; apr_hash_t *types; int *key_3des_192; int *key_aes_128; int *key_aes_192; int *key_aes_256; apr_pool_create(&pool, NULL); driver = get_nss_driver(tc, pool); if (driver) { f = make(tc, pool, driver); if (!f) { return; } apr_crypto_get_block_key_types(&types, f); key_3des_192 = apr_hash_get(types, "3des192", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_3des_192); ABTS_INT_EQUAL(tc, *key_3des_192, APR_KEY_3DES_192); key_aes_128 = apr_hash_get(types, "aes128", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_128); ABTS_INT_EQUAL(tc, *key_aes_128, APR_KEY_AES_128); key_aes_192 = apr_hash_get(types, "aes192", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_192); ABTS_INT_EQUAL(tc, *key_aes_192, APR_KEY_AES_192); key_aes_256 = apr_hash_get(types, "aes256", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_256); ABTS_INT_EQUAL(tc, *key_aes_256, APR_KEY_AES_256); } apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Get Types, Common Crypto. */ static void test_crypto_get_block_key_types_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f; apr_hash_t *types; int *key_3des_192; int *key_aes_128; int *key_aes_192; int *key_aes_256; apr_pool_create(&pool, NULL); driver = get_commoncrypto_driver(tc, pool); if (driver) { f = make(tc, pool, driver); if (!f) { return; } apr_crypto_get_block_key_types(&types, f); key_3des_192 = apr_hash_get(types, "3des192", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_3des_192); ABTS_INT_EQUAL(tc, *key_3des_192, APR_KEY_3DES_192); key_aes_128 = apr_hash_get(types, "aes128", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_128); ABTS_INT_EQUAL(tc, *key_aes_128, APR_KEY_AES_128); key_aes_192 = apr_hash_get(types, "aes192", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_192); ABTS_INT_EQUAL(tc, *key_aes_192, APR_KEY_AES_192); key_aes_256 = apr_hash_get(types, "aes256", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, key_aes_256); ABTS_INT_EQUAL(tc, *key_aes_256, APR_KEY_AES_256); } apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ #if APU_HAVE_OPENSSL /** * Get Modes, OpenSSL. */ static void test_crypto_get_block_key_modes_openssl(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f; apr_hash_t *modes; int *mode_ecb; int *mode_cbc; apr_pool_create(&pool, NULL); driver = get_openssl_driver(tc, pool); if (driver) { f = make(tc, pool, driver); if (!f) { return; } apr_crypto_get_block_key_modes(&modes, f); mode_ecb = apr_hash_get(modes, "ecb", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, mode_ecb); ABTS_INT_EQUAL(tc, *mode_ecb, APR_MODE_ECB); mode_cbc = apr_hash_get(modes, "cbc", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, mode_cbc); ABTS_INT_EQUAL(tc, *mode_cbc, APR_MODE_CBC); } apr_pool_destroy(pool); } #endif /* APU_HAVE_OPENSSL */ #if APU_HAVE_NSS /** * Get Modes, NSS. */ static void test_crypto_get_block_key_modes_nss(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f; apr_hash_t *modes; int *mode_ecb; int *mode_cbc; apr_pool_create(&pool, NULL); driver = get_nss_driver(tc, pool); if (driver) { f = make(tc, pool, driver); if (!f) { return; } apr_crypto_get_block_key_modes(&modes, f); mode_ecb = apr_hash_get(modes, "ecb", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, mode_ecb); ABTS_INT_EQUAL(tc, *mode_ecb, APR_MODE_ECB); mode_cbc = apr_hash_get(modes, "cbc", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, mode_cbc); ABTS_INT_EQUAL(tc, *mode_cbc, APR_MODE_CBC); } apr_pool_destroy(pool); } #endif /* APU_HAVE_NSS */ #if APU_HAVE_COMMONCRYPTO /** * Get Modes, Common Crypto. */ static void test_crypto_get_block_key_modes_commoncrypto(abts_case *tc, void *data) { apr_pool_t *pool = NULL; const apr_crypto_driver_t *driver; apr_crypto_t *f; apr_hash_t *modes; int *mode_ecb; int *mode_cbc; apr_pool_create(&pool, NULL); driver = get_commoncrypto_driver(tc, pool); if (driver) { f = make(tc, pool, driver); if (!f) { return; } apr_crypto_get_block_key_modes(&modes, f); mode_ecb = apr_hash_get(modes, "ecb", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, mode_ecb); ABTS_INT_EQUAL(tc, *mode_ecb, APR_MODE_ECB); mode_cbc = apr_hash_get(modes, "cbc", APR_HASH_KEY_STRING); ABTS_PTR_NOTNULL(tc, mode_cbc); ABTS_INT_EQUAL(tc, *mode_cbc, APR_MODE_CBC); } apr_pool_destroy(pool); } #endif /* APU_HAVE_COMMONCRYPTO */ static void test_crypto_memzero(abts_case *tc, void *data) { /* Aligned message */ struct { char buf[7 * sizeof(int)]; int untouched; } msg; /* A bit of type punning such that 'msg' might look unused * after the call to apr_crypto_memzero(). */ int *ptr = (int *)&msg; int i; /* Fill buf with non-zeros (odds) */ for (i = 1; i < 2 * sizeof(msg.buf); i += 2) { msg.buf[i / 2] = (char)i; ABTS_ASSERT(tc, "test_crypto_memzero() barrier", msg.buf[i / 2] != 0); } /* Zero out the whole, and check it */ apr_crypto_memzero(&msg, sizeof msg); for (i = 0; i < sizeof(msg) / sizeof(*ptr); ++i) { ABTS_ASSERT(tc, "test_crypto_memzero() optimized out", ptr[i] == 0); } } static void test_crypto_equals(abts_case *tc, void *data) { /* Buffers of each type of scalar */ union { char c; short s; int i; long l; float f; double d; void *p; } buf0[7], buf1[7], buf[7]; char *ptr = (char *)buf; int i; #define TEST_SCALAR_MATCH(i, x, r) \ ABTS_ASSERT(tc, "test_crypto_equals(" APR_STRINGIFY(x) ")" \ " != " APR_STRINGIFY(r), \ apr_crypto_equals(&buf##r[i].x, &buf[i].x, \ sizeof(buf[i].x)) == r) /* Fill buf with non-zeros (odds) */ for (i = 1; i < 2 * sizeof(buf); i += 2) { ptr[i / 2] = (char)i; } /* Set buf1 = buf */ memcpy(buf1, buf, sizeof buf); /* Set buf0 = {0} */ memset(buf0, 0, sizeof buf0); /* Check that buf1 == buf for each scalar */ TEST_SCALAR_MATCH(0, c, 1); TEST_SCALAR_MATCH(1, s, 1); TEST_SCALAR_MATCH(2, i, 1); TEST_SCALAR_MATCH(3, l, 1); TEST_SCALAR_MATCH(4, f, 1); TEST_SCALAR_MATCH(5, d, 1); TEST_SCALAR_MATCH(6, p, 1); /* Check that buf0 != buf for each scalar */ TEST_SCALAR_MATCH(0, c, 0); TEST_SCALAR_MATCH(1, s, 0); TEST_SCALAR_MATCH(2, i, 0); TEST_SCALAR_MATCH(3, l, 0); TEST_SCALAR_MATCH(4, f, 0); TEST_SCALAR_MATCH(5, d, 0); TEST_SCALAR_MATCH(6, p, 0); } #if APU_HAVE_CRYPTO_PRNG /* * KAT for CHACHA20: * # iv=$(printf "%.32d" 0) * # key=$(printf "%.64d" 0) * # key=$(openssl enc -chacha20 -e \ * -in /dev/zero -K $key -iv $iv \ * | xxd -l32 -c64 -p) * # openssl enc -chacha20 -e \ * -in /dev/zero -K $key -iv $iv \ * | xxd -l128 -c8 -i */ static const unsigned char test_PRNG_kat0_chacha20[128] = { 0xb0, 0xfd, 0x14, 0xff, 0x96, 0xa0, 0xbd, 0xa1, 0x54, 0xc3, 0x29, 0x08, 0x2c, 0x9c, 0x65, 0x33, 0xbb, 0x4c, 0x94, 0x73, 0xbf, 0x5d, 0xde, 0x13, 0x8f, 0x82, 0xc9, 0xac, 0x55, 0x53, 0xd9, 0x58, 0xaf, 0xbd, 0xad, 0x28, 0x45, 0xb9, 0x3c, 0xdb, 0xb2, 0xfe, 0x64, 0x63, 0xd2, 0xfe, 0x16, 0x2a, 0xda, 0xe0, 0xf6, 0xe6, 0x76, 0xf0, 0x49, 0x42, 0x18, 0xf5, 0xce, 0x05, 0x96, 0xe7, 0x9f, 0x5c, 0x55, 0x1a, 0xaa, 0x9b, 0xa4, 0x6f, 0xaa, 0xd5, 0x28, 0xf6, 0x76, 0x3d, 0xde, 0x93, 0xc0, 0x3f, 0xa3, 0xb1, 0x21, 0xb2, 0xff, 0xc0, 0x53, 0x3a, 0x69, 0x5e, 0xd5, 0x6e, 0x8f, 0xda, 0x05, 0x89, 0xa2, 0xed, 0xeb, 0xfa, 0xd4, 0xae, 0xd3, 0x35, 0x7c, 0x7a, 0xad, 0xad, 0x93, 0x28, 0x02, 0x7b, 0xb8, 0x79, 0xb5, 0x57, 0x47, 0x97, 0xa1, 0xb7, 0x3d, 0xce, 0x7c, 0xd0, 0x9f, 0x24, 0x51, 0x01 }; /* * KAT for AES256-CTR: * # iv=$(printf "%.32d" 0) * # key=$(printf "%.64d" 0) * # key=$(openssl enc -aes-256-ctr -e \ * -in /dev/zero -K $key -iv $iv \ * | xxd -l32 -c64 -p) * # openssl enc -aes-256-ctr -e \ * -in /dev/zero -K $key -iv $iv \ * | xxd -l128 -c8 -i */ static const unsigned char test_PRNG_kat0_aes256[128] = { 0x79, 0x04, 0x2a, 0x33, 0xfa, 0x41, 0x1a, 0x37, 0x97, 0x3a, 0xec, 0xa0, 0xfc, 0xde, 0x6b, 0x2b, 0x16, 0xa4, 0x5f, 0xa1, 0x2a, 0xe3, 0xf5, 0x4c, 0x84, 0x28, 0x83, 0xeb, 0x60, 0xce, 0x44, 0xe9, 0x9c, 0x4c, 0xa2, 0x6e, 0x70, 0xcc, 0x26, 0x68, 0xf8, 0x99, 0x5a, 0xa1, 0x9f, 0xde, 0x99, 0xb9, 0x80, 0x0b, 0xb6, 0x83, 0x14, 0x9d, 0x72, 0x93, 0xf4, 0xd1, 0x49, 0xf3, 0xf0, 0x9e, 0x49, 0x80, 0x76, 0x84, 0x01, 0x1e, 0x79, 0x9e, 0x70, 0x70, 0x61, 0x7c, 0x13, 0xce, 0x2d, 0x64, 0xca, 0x08, 0xb7, 0xc1, 0xd5, 0x61, 0xf1, 0x95, 0x5d, 0x1b, 0x92, 0x8c, 0xd2, 0x70, 0xef, 0x26, 0xfe, 0x24, 0x01, 0xd8, 0x65, 0x63, 0x68, 0x71, 0x09, 0x4e, 0x7b, 0x01, 0x36, 0x19, 0x85, 0x13, 0x16, 0xfd, 0xc5, 0x0c, 0xe6, 0x71, 0x42, 0xbf, 0x81, 0xb0, 0xd1, 0x59, 0x28, 0xa1, 0x04, 0xe9, 0x8d, 0xad }; static void test_crypto_prng(abts_case *tc, apr_crypto_cipher_e cipher, const unsigned char *test_PRNG_kat0) { unsigned char randbytes[128], seed[APR_CRYPTO_PRNG_SEED_SIZE]; apr_crypto_prng_t *cprng = NULL; apr_pool_t *pool = NULL; apr_status_t rv; int i; rv = apr_pool_create(&pool, NULL); ABTS_INT_EQUAL(tc, APR_SUCCESS, rv); ABTS_PTR_NOTNULL(tc, pool); rv = apr_crypto_prng_init(pool, NULL, cipher, 0, NULL, 0); ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_EREINIT", rv != APR_EREINIT); ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_ENOTIMPL", rv != APR_ENOTIMPL); ABTS_ASSERT(tc, "apr_crypto_prng_init failed", rv == APR_SUCCESS || rv == APR_ENOCIPHER); if (rv != APR_SUCCESS) { apr_pool_destroy(pool); return; } for (i = 0; i < 10; ++i) { /* Initial seed full of zeros (deterministic) */ memset(seed, 0, sizeof(seed)); rv = apr_crypto_prng_create(&cprng, NULL, cipher, 0, 0, seed, pool); ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_EINIT", rv != APR_EINIT); ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_EINVAL", rv != APR_EINVAL); ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_ENOTIMPL", rv != APR_ENOTIMPL); ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_ENOCIPHER", rv != APR_ENOCIPHER); ABTS_ASSERT(tc, "apr_crypto_prng_create returned APR_EDSOOPEN", rv != APR_EDSOOPEN); ABTS_ASSERT(tc, "apr_crypto_prng_create failed", rv == APR_SUCCESS); if (rv != APR_SUCCESS) { break; } /* Second time and more, set one random bit of the seed */ if (i != 0) { unsigned char rnd; rv = apr_generate_random_bytes(&rnd, sizeof rnd); ABTS_ASSERT(tc, "apr_generate_random_bytes failed", rv == APR_SUCCESS); seed[rnd % APR_CRYPTO_PRNG_SEED_SIZE] = (unsigned char)(1u << (rnd % 8)); rv = apr_crypto_prng_reseed(cprng, seed); ABTS_ASSERT(tc, "apr_crypto_prng_reseed failed", rv == APR_SUCCESS); } rv = apr_crypto_prng_bytes(cprng, randbytes, 128 - 32); ABTS_ASSERT(tc, "apr_crypto_prng_bytes failed", rv == APR_SUCCESS); /* Should match the first time only */ if (i != 0) { ABTS_ASSERT(tc, "test vector should not match", /* first 32 bytes (256 bits) are used for the next key */ memcmp(randbytes, test_PRNG_kat0 + 32, 128 - 32) != 0); } else { ABTS_ASSERT(tc, "test vector should match", /* first 32 bytes (256 bits) are used for the next key */ memcmp(randbytes, test_PRNG_kat0 + 32, 128 - 32) == 0); } rv = apr_crypto_prng_destroy(cprng); ABTS_ASSERT(tc, "apr_crypto_prng_destroy failed", rv == APR_SUCCESS); } apr_pool_destroy(pool); } static void test_crypto_prng_aes256(abts_case *tc, void *data) { return test_crypto_prng(tc, APR_CRYPTO_CIPHER_AES_256_CTR, test_PRNG_kat0_aes256); } static void test_crypto_prng_chacha20(abts_case *tc, void *data) { return test_crypto_prng(tc, APR_CRYPTO_CIPHER_CHACHA20, test_PRNG_kat0_chacha20); } #if APR_HAS_FORK static void test_crypto_fork_random(abts_case *tc, void *data) { unsigned char randbytes[1024]; apr_pool_t *pool = NULL; apr_file_t *pread = NULL; apr_file_t *pwrite = NULL; apr_size_t nbytes; apr_proc_t proc; apr_status_t rv; rv = apr_pool_create(&pool, NULL); ABTS_INT_EQUAL(tc, APR_SUCCESS, rv); ABTS_PTR_NOTNULL(tc, pool); rv = apr_crypto_prng_init(pool, NULL, APR_CRYPTO_CIPHER_AUTO, 0, NULL, 0); ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_EREINIT", rv != APR_EREINIT); ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_ENOTIMPL", rv != APR_ENOTIMPL); ABTS_ASSERT(tc, "apr_crypto_prng_init failed", rv == APR_SUCCESS); rv = apr_file_pipe_create(&pread, &pwrite, p); ABTS_INT_EQUAL(tc, APR_SUCCESS, rv); ABTS_PTR_NOTNULL(tc, pread); ABTS_PTR_NOTNULL(tc, pwrite); rv = apr_proc_fork(&proc, pool); if (rv == APR_INCHILD) { apr_file_close(pread); rv = apr_crypto_random_bytes(randbytes, 1024); if (rv == APR_SUCCESS) { apr_file_write_full(pwrite, randbytes, 1024, &nbytes); } apr_file_close(pwrite); exit(rv != APR_SUCCESS); } else if (rv == APR_INPARENT) { int exitcode; apr_exit_why_e why; unsigned char childbytes[1024]; apr_file_close(pwrite); rv = apr_file_read_full(pread, childbytes, 1024, &nbytes); ABTS_INT_EQUAL(tc, (int)nbytes, 1024); apr_file_close(pread); apr_proc_wait(&proc, &exitcode, &why, APR_WAIT); if (why != APR_PROC_EXIT) { ABTS_ASSERT(tc, "apr_proc_wait returned APR_PROC_SIGNAL", why != APR_PROC_SIGNAL); ABTS_ASSERT(tc, "apr_proc_wait returned APR_PROC_SIGNAL_CORE", why != (APR_PROC_SIGNAL | APR_PROC_SIGNAL_CORE)); ABTS_FAIL(tc, "child terminated abnormally"); } else if (exitcode != 0) { ABTS_FAIL(tc, "apr_crypto_random_bytes failed in child"); } rv = apr_crypto_random_bytes(randbytes, 1024); ABTS_ASSERT(tc, "apr_crypto_random_bytes failed in parent", rv == APR_SUCCESS); ABTS_ASSERT(tc, "parent and child generated same random bytes", memcmp(randbytes, childbytes, 1024) != 0); } else { ABTS_FAIL(tc, "apr_proc_fork failed"); } apr_pool_destroy(pool); } #endif #if APR_HAS_THREADS #define NUM_THREADS 8 static void *APR_THREAD_FUNC thread_func(apr_thread_t *thd, void *data) { unsigned char *randbytes = data; apr_status_t rv; rv = apr_crypto_random_thread_bytes(randbytes, 800); apr_thread_exit(thd, rv); return NULL; } static void test_crypto_thread_random(abts_case *tc, void *data) { static unsigned char zerobytes[800]; unsigned char *randbytes[NUM_THREADS]; apr_thread_t *threads[NUM_THREADS]; int flags = APR_CRYPTO_PRNG_PER_THREAD; apr_pool_t *pool = NULL; apr_status_t rv, ret; int i, j; rv = apr_pool_create(&pool, NULL); ABTS_INT_EQUAL(tc, APR_SUCCESS, rv); ABTS_PTR_NOTNULL(tc, pool); rv = apr_crypto_prng_init(pool, NULL, APR_CRYPTO_CIPHER_AUTO, 0, NULL, flags); ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_EREINIT", rv != APR_EREINIT); ABTS_ASSERT(tc, "apr_crypto_prng_init returned APR_ENOTIMPL", rv != APR_ENOTIMPL); ABTS_ASSERT(tc, "apr_crypto_prng_init failed", rv == APR_SUCCESS); for (i = 0; i < NUM_THREADS; ++i) { randbytes[i] = apr_pcalloc(pool, 800); rv = apr_thread_create(&threads[i], NULL, thread_func, randbytes[i], pool); ABTS_ASSERT(tc, "apr_thread_create failed", rv == APR_SUCCESS); } for (i = 0; i < NUM_THREADS; ++i) { rv = apr_thread_join(&ret, threads[i]); ABTS_ASSERT(tc, "apr_thread_join failed", rv == APR_SUCCESS); ABTS_ASSERT(tc, "apr_crypto_random_thread_bytes failed", ret == APR_SUCCESS); } for (i = 0; i < NUM_THREADS; ++i) { ABTS_ASSERT(tc, "some thread generated zero bytes", memcmp(randbytes[i], zerobytes, 800) != 0); for (j = 0; j < i; ++j) { ABTS_ASSERT(tc, "two threads generated same random bytes", memcmp(randbytes[i], randbytes[j], 800) != 0); } } apr_pool_destroy(pool); } #endif /* APR_HAS_THREADS */ #endif /* APU_HAVE_CRYPTO_PRNG */ abts_suite *testcrypto(abts_suite *suite) { suite = ADD_SUITE(suite); /* test simple init and shutdown */ abts_run_test(suite, test_crypto_init, NULL); #if APU_HAVE_OPENSSL /* test key parsing - openssl */ abts_run_test(suite, test_crypto_key_openssl, NULL); /* test a simple encrypt / decrypt operation - openssl */ abts_run_test(suite, test_crypto_block_openssl, NULL); /* test a simple sign / verify operation - openssl */ abts_run_test(suite, test_crypto_digest_openssl, NULL); /* test a padded encrypt / decrypt operation - openssl */ abts_run_test(suite, test_crypto_block_openssl_pad, NULL); /* test block key types openssl */ abts_run_test(suite, test_crypto_get_block_key_types_openssl, NULL); /* test block key modes openssl */ abts_run_test(suite, test_crypto_get_block_key_modes_openssl, NULL); #endif #if APU_HAVE_NSS /* test key parsing - nss */ abts_run_test(suite, test_crypto_key_nss, NULL); /* test a simple encrypt / decrypt operation - nss */ abts_run_test(suite, test_crypto_block_nss, NULL); /* test a simple sign / verify operation - nss */ abts_run_test(suite, test_crypto_digest_nss, NULL); /* test a padded encrypt / decrypt operation - nss */ abts_run_test(suite, test_crypto_block_nss_pad, NULL); #if APU_HAVE_OPENSSL /* test encrypt nss / decrypt openssl */ abts_run_test(suite, test_crypto_block_nss_openssl, NULL); /* test padded encrypt nss / decrypt openssl */ abts_run_test(suite, test_crypto_block_nss_openssl_pad, NULL); /* test encrypt openssl / decrypt nss */ abts_run_test(suite, test_crypto_block_openssl_nss, NULL); /* test padded encrypt openssl / decrypt nss */ abts_run_test(suite, test_crypto_block_openssl_nss_pad, NULL); /* test sign nss / verify openssl */ abts_run_test(suite, test_crypto_digest_nss_openssl, NULL); /* test sign openssl / verify nss */ abts_run_test(suite, test_crypto_digest_openssl_nss, NULL); #endif /* test block key types nss */ abts_run_test(suite, test_crypto_get_block_key_types_nss, NULL); /* test block key modes nss */ abts_run_test(suite, test_crypto_get_block_key_modes_nss, NULL); #endif #if APU_HAVE_COMMONCRYPTO /* test key parsing - commoncrypto */ abts_run_test(suite, test_crypto_key_commoncrypto, NULL); /* test a simple encrypt / decrypt operation - commoncrypto */ abts_run_test(suite, test_crypto_block_commoncrypto, NULL); /* test a simple sign / verify operation - commoncrypto */ abts_run_test(suite, test_crypto_digest_commoncrypto, NULL); /* test a padded encrypt / decrypt operation - commoncrypto */ abts_run_test(suite, test_crypto_block_commoncrypto_pad, NULL); #if APU_HAVE_OPENSSL /* test encrypt openssl / decrypt commoncrypto */ abts_run_test(suite, test_crypto_block_openssl_commoncrypto, NULL); /* test padded encrypt openssl / decrypt commoncrypto */ abts_run_test(suite, test_crypto_block_openssl_commoncrypto_pad, NULL); /* test sign openssl / verify commoncrypto */ abts_run_test(suite, test_crypto_digest_openssl_commoncrypto, NULL); /* test encrypt commoncrypto / decrypt openssl */ abts_run_test(suite, test_crypto_block_commoncrypto_openssl, NULL); /* test padded encrypt commoncrypto / decrypt openssl */ abts_run_test(suite, test_crypto_block_commoncrypto_openssl_pad, NULL); /* test sign commoncrypto / verify openssl */ abts_run_test(suite, test_crypto_digest_commoncrypto_openssl, NULL); #endif /* test block key types commoncrypto */ abts_run_test(suite, test_crypto_get_block_key_types_commoncrypto, NULL); /* test block key modes commoncrypto */ abts_run_test(suite, test_crypto_get_block_key_modes_commoncrypto, NULL); #endif abts_run_test(suite, test_crypto_memzero, NULL); abts_run_test(suite, test_crypto_equals, NULL); #if APU_HAVE_CRYPTO_PRNG abts_run_test(suite, test_crypto_prng_aes256, NULL); abts_run_test(suite, test_crypto_prng_chacha20, NULL); #if APR_HAS_FORK abts_run_test(suite, test_crypto_fork_random, NULL); #endif #if APR_HAS_THREADS abts_run_test(suite, test_crypto_thread_random, NULL); #endif #endif return suite; } #else /** * Dummy test suite when crypto is turned off. */ abts_suite *testcrypto(abts_suite *suite) { return ADD_SUITE(suite); } #endif /* APU_HAVE_CRYPTO */