tests: added openssl compatibility tests for AES-GCM cipher

5 files changed, 182 insertions, 5 deletions

diff --git a/tests/slow/Makefile.am b/tests/slow/Makefile.am
index 302b9067ba..0582b52664 100644
--- a/tests/slow/Makefile.am
+++ b/tests/slow/Makefile.am
@@ -47,9 +47,18 @@ cipher_override_LDFLAGS = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS) $(LDADD)
 mac_override_LDFLAGS = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS) $(LDADD)
 endif
 
-dist_check_SCRIPTS = test-ciphers override-ciphers test-hash-large
+
+dist_check_SCRIPTS = test-ciphers.sh override-ciphers test-hash-large test-ciphers-common.sh
 check_PROGRAMS = $(ctests) cipher-test cipher-override mac-override cipher-override2 hash-large
-TESTS = $(ctests) test-ciphers override-ciphers test-hash-large
+TESTS = $(ctests) test-ciphers.sh override-ciphers test-hash-large
+
+if HAVE_LIBCRYPTO
+cipher_openssl_compat_LDFLAGS = $(LDADD) $(LIBCRYPTO)
+
+dist_check_SCRIPTS += test-ciphers-openssl.sh
+check_PROGRAMS += cipher-openssl-compat
+TESTS += test-ciphers-openssl.sh
+endif
 
 EXTRA_DIST = README
 
diff --git a/tests/slow/cipher-openssl-compat.c b/tests/slow/cipher-openssl-compat.c
new file mode 100644
index 0000000000..e2b9b28360
--- /dev/null
+++ b/tests/slow/cipher-openssl-compat.c
@@ -0,0 +1,117 @@
+#include <config.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+#include <utils.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+#include <openssl/evp.h>
+
+/* This does check the AES and CHACHA20 implementations for compatibility
+ * with openssl.
+ */
+
+#define BSIZE (64*1024+12)
+#define B2SIZE (1024+7)
+static unsigned char buffer_auth[B2SIZE];
+static unsigned char orig_plain_data[BSIZE];
+static unsigned char enc_data[BSIZE+32]; /* allow for tag */
+static unsigned char dec_data[BSIZE];
+
+static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, unsigned tag_size)
+{
+	int ret;
+	gnutls_aead_cipher_hd_t hd;
+	gnutls_datum_t dkey, dnonce;
+	unsigned char key[32];
+	unsigned char nonce[32];
+	size_t enc_data_size, dec_data_size;
+	int dec_data_size2;
+	EVP_CIPHER_CTX ctx;
+	const EVP_CIPHER *evp_cipher;
+	unsigned char tag[64];
+
+	assert(gnutls_rnd(GNUTLS_RND_NONCE, orig_plain_data, sizeof(orig_plain_data)) >= 0);
+	assert(gnutls_rnd(GNUTLS_RND_NONCE, buffer_auth, sizeof(buffer_auth)) >= 0);
+	assert(gnutls_rnd(GNUTLS_RND_NONCE, key, sizeof(key)) >= 0);
+	assert(gnutls_rnd(GNUTLS_RND_NONCE, nonce, sizeof(nonce)) >= 0);
+
+	dkey.data = (void*)key;
+	dkey.size = gnutls_cipher_get_key_size(gcipher);
+	assert(gnutls_aead_cipher_init(&hd, gcipher, &dkey) >= 0);
+
+	dnonce.data = (void*)nonce;
+	dnonce.size = gnutls_cipher_get_iv_size(gcipher);
+
+	enc_data_size = sizeof(enc_data);
+	assert(gnutls_aead_cipher_encrypt(hd, dnonce.data, dnonce.size, 
+		buffer_auth, sizeof(buffer_auth), tag_size, orig_plain_data, sizeof(orig_plain_data),
+		enc_data, &enc_data_size) >= 0);
+
+	if (debug)
+		success("encrypted %d bytes, to %d\n", (int)sizeof(orig_plain_data), (int)enc_data_size);
+
+	dec_data_size = sizeof(dec_data);
+	ret = gnutls_aead_cipher_decrypt(hd, dnonce.data, dnonce.size, 
+		buffer_auth, sizeof(buffer_auth), tag_size, enc_data, enc_data_size,
+		dec_data, &dec_data_size);
+	if (ret < 0) {
+		fail("error in gnutls_aead_cipher_decrypt for %s: %s\n", ocipher, gnutls_strerror(ret));
+	}
+
+	if (dec_data_size != sizeof(orig_plain_data) || memcmp(dec_data, orig_plain_data, sizeof(orig_plain_data)) != 0) {
+		fail("gnutls encrypt-decrypt failed (got: %d, expected: %d)\n", (int)dec_data_size, (int)sizeof(orig_plain_data));
+	}
+
+	gnutls_aead_cipher_deinit(hd);
+
+	/* decrypt with openssl */
+	evp_cipher = EVP_get_cipherbyname(ocipher);
+	if (!evp_cipher)
+		fail("EVP_get_cipherbyname failed for %s\n", ocipher);
+
+	EVP_CIPHER_CTX_init(&ctx);
+	assert(EVP_CipherInit_ex(&ctx, evp_cipher, NULL, key, nonce, 0) > 0);
+
+	EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, tag_size, enc_data+enc_data_size-tag_size);
+
+	dec_data_size2 = sizeof(dec_data);
+	assert(EVP_CipherUpdate(&ctx, NULL, &dec_data_size2, buffer_auth, sizeof(buffer_auth)) > 0);
+	dec_data_size2 = sizeof(dec_data);
+	assert(EVP_CipherUpdate(&ctx, dec_data, &dec_data_size2, enc_data, enc_data_size-tag_size) > 0);
+
+	dec_data_size = dec_data_size2;
+	dec_data_size2 = tag_size;
+	assert(EVP_CipherFinal_ex(&ctx, tag, &dec_data_size2) > 0);
+
+	if (dec_data_size != sizeof(orig_plain_data) || memcmp(dec_data, orig_plain_data, sizeof(orig_plain_data)) != 0) {
+		fail("openssl decrypt failed for %s\n", ocipher);
+	}
+
+	return 0;
+}
+
+static void tls_log_func(int level, const char *str)
+{
+	fprintf(stderr, "<%d>| %s", level, str);
+}
+
+void doit(void)
+{
+	gnutls_global_set_log_function(tls_log_func);
+	if (debug)
+		gnutls_global_set_log_level(4711);
+
+	global_init();
+	OpenSSL_add_all_algorithms();
+
+	/* ciphers */
+	cipher_test("aes-128-gcm", GNUTLS_CIPHER_AES_128_GCM, 16);
+	cipher_test("aes-256-gcm", GNUTLS_CIPHER_AES_256_GCM, 16);
+
+	gnutls_global_deinit();
+	return;
+}
+
diff --git a/tests/slow/test-ciphers b/tests/slow/test-ciphers-common.sh
index 280f60d066..e5e2d51ac8 100755..100644
--- a/tests/slow/test-ciphers
+++ b/tests/slow/test-ciphers-common.sh
@@ -1,5 +1,3 @@
-#!/bin/sh
-
 # Copyright (C) 2014 Red Hat, Inc.
 #
 # Author: Nikos Mavrogiannopoulos
@@ -20,7 +18,6 @@
 # along with GnuTLS; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
-PROG=./cipher-test${EXEEXT}
 unset RETCODE
 if ! test -z "${VALGRIND}"; then
 	VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
diff --git a/tests/slow/test-ciphers-openssl.sh b/tests/slow/test-ciphers-openssl.sh
new file mode 100755
index 0000000000..b025fcc600
--- /dev/null
+++ b/tests/slow/test-ciphers-openssl.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# Copyright (C) 2016 Nikos Mavrogiannopoulos
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir="${srcdir:-.}"
+PROG=./cipher-openssl-compat${EXEEXT}
+
+. "${srcdir}/test-ciphers-common.sh"
+
diff --git a/tests/slow/test-ciphers.sh b/tests/slow/test-ciphers.sh
new file mode 100755
index 0000000000..abc020be6b
--- /dev/null
+++ b/tests/slow/test-ciphers.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# Copyright (C) 2014 Red Hat, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir="${srcdir:-.}"
+PROG=./cipher-test${EXEEXT}
+
+. "${srcdir}/test-ciphers-common.sh"
+