crypto_test.cc
Go to the documentation of this file.
1 /* Copyright (c) 2020, Google Inc.
2  *
3  * Permission to use, copy, modify, and/or distribute this software for any
4  * purpose with or without fee is hereby granted, provided that the above
5  * copyright notice and this permission notice appear in all copies.
6  *
7  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14 
15 #include <stdio.h>
16 #include <string.h>
17 
18 #include <string>
19 
20 #include <openssl/base.h>
21 #include <openssl/aead.h>
22 #include <openssl/crypto.h>
23 #include <openssl/cipher.h>
24 #include <openssl/mem.h>
25 
26 #include <gtest/gtest.h>
27 
28 // Test that OPENSSL_VERSION_NUMBER and OPENSSL_VERSION_TEXT are consistent.
29 // Node.js parses the version out of OPENSSL_VERSION_TEXT instead of using
30 // OPENSSL_VERSION_NUMBER.
31 TEST(CryptoTest, Version) {
32  char expected[512];
33  snprintf(expected, sizeof(expected), "OpenSSL %d.%d.%d ",
34  OPENSSL_VERSION_NUMBER >> 28, (OPENSSL_VERSION_NUMBER >> 20) & 0xff,
35  (OPENSSL_VERSION_NUMBER >> 12) & 0xff);
36  EXPECT_EQ(expected,
37  std::string(OPENSSL_VERSION_TEXT).substr(0, strlen(expected)));
38 }
39 
40 TEST(CryptoTest, Strndup) {
41  bssl::UniquePtr<char> str(OPENSSL_strndup(nullptr, 0));
42  EXPECT_TRUE(str);
43  EXPECT_STREQ("", str.get());
44 }
45 
46 #if defined(BORINGSSL_FIPS_COUNTERS)
47 using CounterArray = size_t[fips_counter_max + 1];
48 
49 static void read_all_counters(CounterArray counters) {
50  for (fips_counter_t counter = static_cast<fips_counter_t>(0);
51  counter <= fips_counter_max;
52  counter = static_cast<fips_counter_t>(counter + 1)) {
53  counters[counter] = FIPS_read_counter(counter);
54  }
55 }
56 
57 static void expect_counter_delta_is_zero_except_for_a_one_at(
58  CounterArray before, CounterArray after, fips_counter_t position) {
59  for (fips_counter_t counter = static_cast<fips_counter_t>(0);
60  counter <= fips_counter_max;
61  counter = static_cast<fips_counter_t>(counter + 1)) {
62  const size_t expected_delta = counter == position ? 1 : 0;
63  EXPECT_EQ(after[counter], before[counter] + expected_delta) << counter;
64  }
65 }
66 
67 TEST(CryptoTest, FIPSCountersEVP) {
68  constexpr struct {
69  const EVP_CIPHER *(*cipher)();
70  fips_counter_t counter;
71  } kTests[] = {
72  {
73  EVP_aes_128_gcm,
74  fips_counter_evp_aes_128_gcm,
75  },
76  {
77  EVP_aes_256_gcm,
78  fips_counter_evp_aes_256_gcm,
79  },
80  {
81  EVP_aes_128_ctr,
82  fips_counter_evp_aes_128_ctr,
83  },
84  {
85  EVP_aes_256_ctr,
86  fips_counter_evp_aes_256_ctr,
87  },
88  };
89 
90  uint8_t key[EVP_MAX_KEY_LENGTH] = {0};
91  uint8_t iv[EVP_MAX_IV_LENGTH] = {1};
92  CounterArray before, after;
93  for (const auto &test : kTests) {
94  read_all_counters(before);
95  bssl::ScopedEVP_CIPHER_CTX ctx;
96  ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), test.cipher(), /*engine=*/nullptr,
97  key, iv));
98  read_all_counters(after);
99 
100  expect_counter_delta_is_zero_except_for_a_one_at(before, after,
101  test.counter);
102  }
103 }
104 
105 TEST(CryptoTest, FIPSCountersEVP_AEAD) {
106  constexpr struct {
107  const EVP_AEAD *(*aead)();
108  unsigned key_len;
109  fips_counter_t counter;
110  } kTests[] = {
111  {
112  EVP_aead_aes_128_gcm,
113  16,
114  fips_counter_evp_aes_128_gcm,
115  },
116  {
117  EVP_aead_aes_256_gcm,
118  32,
119  fips_counter_evp_aes_256_gcm,
120  },
121  };
122 
123  uint8_t key[EVP_AEAD_MAX_KEY_LENGTH] = {0};
124  CounterArray before, after;
125  for (const auto &test : kTests) {
126  ASSERT_LE(test.key_len, sizeof(key));
127 
128  read_all_counters(before);
129  bssl::ScopedEVP_AEAD_CTX ctx;
130  ASSERT_TRUE(EVP_AEAD_CTX_init(ctx.get(), test.aead(), key, test.key_len,
131  EVP_AEAD_DEFAULT_TAG_LENGTH,
132  /*engine=*/nullptr));
133  read_all_counters(after);
134 
135  expect_counter_delta_is_zero_except_for_a_one_at(before, after,
136  test.counter);
137  }
138 }
139 
140 #endif // BORINGSSL_FIPS_COUNTERS
xds_interop_client.str
str
Definition: xds_interop_client.py:487
ctx
Definition: benchmark-async.c:30
EVP_MAX_KEY_LENGTH
#define EVP_MAX_KEY_LENGTH
Definition: cipher.h:532
test
Definition: spinlock_test.cc:36
position
intern position
Definition: bloaty/third_party/protobuf/php/ext/google/protobuf/array.c:487
string.h
testing::internal::string
::std::string string
Definition: bloaty/third_party/protobuf/third_party/googletest/googletest/include/gtest/internal/gtest-port.h:881
EVP_aes_128_ctr
const OPENSSL_EXPORT EVP_CIPHER * EVP_aes_128_ctr(void)
EVP_aes_128_gcm
const OPENSSL_EXPORT EVP_CIPHER * EVP_aes_128_gcm(void)
kTests
static const HKDFTestVector kTests[]
Definition: hkdf_test.cc:41
test::counter
int64_t counter
Definition: spinlock_test.cc:41
ctx
static struct test_ctx ctx
Definition: test-ipc-send-recv.c:65
grpc::Version
std::string Version()
Return gRPC library version.
Definition: version_cc.cc:28
ASSERT_LE
#define ASSERT_LE(val1, val2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2064
TEST
TEST(CryptoTest, Version)
Definition: crypto_test.cc:31
uint8_t
unsigned char uint8_t
Definition: stdint-msvc2008.h:78
base.h
FIPS_read_counter
#define FIPS_read_counter
Definition: boringssl_prefix_symbols.h:1763
EVP_aes_256_ctr
const OPENSSL_EXPORT EVP_CIPHER * EVP_aes_256_ctr(void)
EXPECT_EQ
#define EXPECT_EQ(a, b)
Definition: iomgr/time_averaged_stats_test.cc:27
EVP_AEAD_DEFAULT_TAG_LENGTH
#define EVP_AEAD_DEFAULT_TAG_LENGTH
Definition: aead.h:240
before
IntBeforeRegisterTypedTestSuiteP before
Definition: googletest/googletest/test/gtest-typed-test_test.cc:376
EVP_aead_aes_256_gcm
const OPENSSL_EXPORT EVP_AEAD * EVP_aead_aes_256_gcm(void)
OPENSSL_VERSION_NUMBER
#define OPENSSL_VERSION_NUMBER
Definition: base.h:187
evp_cipher_st
Definition: cipher.h:585
fips_counter_evp_aes_128_ctr
@ fips_counter_evp_aes_128_ctr
Definition: crypto.h:83
fips_counter_t
fips_counter_t
Definition: crypto.h:80
fips_counter_max
@ fips_counter_max
Definition: crypto.h:86
counter
static int counter
Definition: abseil-cpp/absl/flags/reflection_test.cc:131
crypto.h
cipher.h
EVP_AEAD_CTX_init
#define EVP_AEAD_CTX_init
Definition: boringssl_prefix_symbols.h:1449
aead.h
EVP_EncryptInit_ex
#define EVP_EncryptInit_ex
Definition: boringssl_prefix_symbols.h:1531
after
IntAfterTypedTestSuiteP after
Definition: googletest/googletest/test/gtest-typed-test_test.cc:375
evp_aead_st
Definition: third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h:77
EXPECT_STREQ
#define EXPECT_STREQ(s1, s2)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:2095
EVP_AEAD_MAX_KEY_LENGTH
#define EVP_AEAD_MAX_KEY_LENGTH
Definition: aead.h:227
key
const char * key
Definition: hpack_parser_table.cc:164
fips_counter_evp_aes_256_ctr
@ fips_counter_evp_aes_256_ctr
Definition: crypto.h:84
OPENSSL_VERSION_TEXT
#define OPENSSL_VERSION_TEXT
Definition: crypto.h:99
EVP_MAX_IV_LENGTH
#define EVP_MAX_IV_LENGTH
Definition: cipher.h:533
ASSERT_TRUE
#define ASSERT_TRUE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1973
EVP_aes_256_gcm
const OPENSSL_EXPORT EVP_CIPHER * EVP_aes_256_gcm(void)
EXPECT_TRUE
#define EXPECT_TRUE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1967
mem.h
fips_counter_evp_aes_128_gcm
@ fips_counter_evp_aes_128_gcm
Definition: crypto.h:81
EVP_aead_aes_128_gcm
const OPENSSL_EXPORT EVP_AEAD * EVP_aead_aes_128_gcm(void)
OPENSSL_strndup
#define OPENSSL_strndup
Definition: boringssl_prefix_symbols.h:1896
fips_counter_evp_aes_256_gcm
@ fips_counter_evp_aes_256_gcm
Definition: crypto.h:82

grpc
Author(s):
autogenerated on Fri May 16 2025 02:58:06