summaryrefslogtreecommitdiff
path: root/src/libstrongswan/crypto/crypto_tester.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/crypto/crypto_tester.c')
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c371
1 files changed, 247 insertions, 124 deletions
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 8b1daa885..01e84a133 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -151,7 +151,10 @@ static u_int bench_crypter(private_crypto_tester_t *this,
memset(iv, 0x56, sizeof(iv));
memset(key, 0x12, sizeof(key));
- crypter->set_key(crypter, chunk_from_thing(key));
+ if (!crypter->set_key(crypter, chunk_from_thing(key)))
+ {
+ return 0;
+ }
buf = chunk_alloc(this->bench_size);
memset(buf.ptr, 0x34, buf.len);
@@ -160,10 +163,14 @@ static u_int bench_crypter(private_crypto_tester_t *this,
start_timing(&start);
while (end_timing(&start) < this->bench_time)
{
- crypter->encrypt(crypter, buf, chunk_from_thing(iv), NULL);
- runs++;
- crypter->decrypt(crypter, buf, chunk_from_thing(iv), NULL);
- runs++;
+ if (crypter->encrypt(crypter, buf, chunk_from_thing(iv), NULL))
+ {
+ runs++;
+ }
+ if (crypter->decrypt(crypter, buf, chunk_from_thing(iv), NULL))
+ {
+ runs++;
+ }
}
free(buf.ptr);
crypter->destroy(crypter);
@@ -186,7 +193,7 @@ METHOD(crypto_tester_t, test_crypter, bool,
while (enumerator->enumerate(enumerator, &vector))
{
crypter_t *crypter;
- chunk_t key, plain, cipher, iv;
+ chunk_t key, iv, plain = chunk_empty, cipher = chunk_empty;
if (vector->alg != alg)
{
@@ -196,53 +203,69 @@ METHOD(crypto_tester_t, test_crypter, bool,
{ /* test only vectors with a specific key size, if key size given */
continue;
}
+
+ tested++;
+ failed = TRUE;
crypter = create(alg, vector->key_size);
if (!crypter)
{
DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
encryption_algorithm_names, alg, plugin_name,
BITS_PER_BYTE * vector->key_size);
- failed = TRUE;
continue;
}
- failed = FALSE;
- tested++;
-
key = chunk_create(vector->key, crypter->get_key_size(crypter));
- crypter->set_key(crypter, key);
+ if (!crypter->set_key(crypter, key))
+ {
+ goto failure;
+ }
iv = chunk_create(vector->iv, crypter->get_iv_size(crypter));
/* allocated encryption */
plain = chunk_create(vector->plain, vector->len);
- crypter->encrypt(crypter, plain, iv, &cipher);
+ if (!crypter->encrypt(crypter, plain, iv, &cipher))
+ {
+ goto failure;
+ }
if (!memeq(vector->cipher, cipher.ptr, cipher.len))
{
- failed = TRUE;
+ goto failure;
}
/* inline decryption */
- crypter->decrypt(crypter, cipher, iv, NULL);
+ if (!crypter->decrypt(crypter, cipher, iv, NULL))
+ {
+ goto failure;
+ }
if (!memeq(vector->plain, cipher.ptr, cipher.len))
{
- failed = TRUE;
+ goto failure;
}
- free(cipher.ptr);
/* allocated decryption */
- cipher = chunk_create(vector->cipher, vector->len);
- crypter->decrypt(crypter, cipher, iv, &plain);
+ if (!crypter->decrypt(crypter,
+ chunk_create(vector->cipher, vector->len), iv, &plain))
+ {
+ goto failure;
+ }
if (!memeq(vector->plain, plain.ptr, plain.len))
{
- failed = TRUE;
+ goto failure;
}
/* inline encryption */
- crypter->encrypt(crypter, plain, iv, NULL);
+ if (!crypter->encrypt(crypter, plain, iv, NULL))
+ {
+ goto failure;
+ }
if (!memeq(vector->cipher, plain.ptr, plain.len))
{
- failed = TRUE;
+ goto failure;
}
- free(plain.ptr);
+ failed = FALSE;
+failure:
crypter->destroy(crypter);
+ chunk_free(&cipher);
+ chunk_free(&plain);
if (failed)
{
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
@@ -306,7 +329,10 @@ static u_int bench_aead(private_crypto_tester_t *this,
memset(iv, 0x56, sizeof(iv));
memset(key, 0x12, sizeof(key));
memset(assoc, 0x78, sizeof(assoc));
- aead->set_key(aead, chunk_from_thing(key));
+ if (!aead->set_key(aead, chunk_from_thing(key)))
+ {
+ return 0;
+ }
icv = aead->get_icv_size(aead);
buf = chunk_alloc(this->bench_size + icv);
@@ -317,12 +343,16 @@ static u_int bench_aead(private_crypto_tester_t *this,
start_timing(&start);
while (end_timing(&start) < this->bench_time)
{
- aead->encrypt(aead, buf, chunk_from_thing(assoc),
- chunk_from_thing(iv), NULL);
- runs += 2;
- aead->decrypt(aead, chunk_create(buf.ptr, buf.len + icv),
- chunk_from_thing(assoc), chunk_from_thing(iv), NULL);
- runs += 2;
+ if (aead->encrypt(aead, buf, chunk_from_thing(assoc),
+ chunk_from_thing(iv), NULL))
+ {
+ runs += 2;
+ }
+ if (aead->decrypt(aead, chunk_create(buf.ptr, buf.len + icv),
+ chunk_from_thing(assoc), chunk_from_thing(iv), NULL))
+ {
+ runs += 2;
+ }
}
free(buf.ptr);
aead->destroy(aead);
@@ -345,7 +375,7 @@ METHOD(crypto_tester_t, test_aead, bool,
while (enumerator->enumerate(enumerator, &vector))
{
aead_t *aead;
- chunk_t key, plain, cipher, iv, assoc;
+ chunk_t key, iv, assoc, plain = chunk_empty, cipher = chunk_empty;
size_t icv;
if (vector->alg != alg)
@@ -356,63 +386,72 @@ METHOD(crypto_tester_t, test_aead, bool,
{ /* test only vectors with a specific key size, if key size given */
continue;
}
+
+ tested++;
+ failed = TRUE;
aead = create(alg, vector->key_size);
if (!aead)
{
DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
encryption_algorithm_names, alg, plugin_name,
BITS_PER_BYTE * vector->key_size);
- failed = TRUE;
continue;
}
- failed = FALSE;
- tested++;
-
key = chunk_create(vector->key, aead->get_key_size(aead));
- aead->set_key(aead, key);
+ if (!aead->set_key(aead, key))
+ {
+ goto failure;
+ }
iv = chunk_create(vector->iv, aead->get_iv_size(aead));
assoc = chunk_create(vector->adata, vector->alen);
icv = aead->get_icv_size(aead);
/* allocated encryption */
plain = chunk_create(vector->plain, vector->len);
- aead->encrypt(aead, plain, assoc, iv, &cipher);
+ if (!aead->encrypt(aead, plain, assoc, iv, &cipher))
+ {
+ goto failure;
+ }
if (!memeq(vector->cipher, cipher.ptr, cipher.len))
{
- failed = TRUE;
+ goto failure;
}
/* inline decryption */
if (!aead->decrypt(aead, cipher, assoc, iv, NULL))
{
- failed = TRUE;
+ goto failure;
}
if (!memeq(vector->plain, cipher.ptr, cipher.len - icv))
{
- failed = TRUE;
+ goto failure;
}
- free(cipher.ptr);
/* allocated decryption */
- cipher = chunk_create(vector->cipher, vector->len + icv);
- if (!aead->decrypt(aead, cipher, assoc, iv, &plain))
+ if (!aead->decrypt(aead, chunk_create(vector->cipher, vector->len + icv),
+ assoc, iv, &plain))
{
- plain = chunk_empty;
- failed = TRUE;
+ goto failure;
}
- else if (!memeq(vector->plain, plain.ptr, plain.len))
+ if (!memeq(vector->plain, plain.ptr, plain.len))
{
- failed = TRUE;
+ goto failure;
}
plain.ptr = realloc(plain.ptr, plain.len + icv);
/* inline encryption */
- aead->encrypt(aead, plain, assoc, iv, NULL);
+ if (!aead->encrypt(aead, plain, assoc, iv, NULL))
+ {
+ goto failure;
+ }
if (!memeq(vector->cipher, plain.ptr, plain.len + icv))
{
- failed = TRUE;
+ goto failure;
}
- free(plain.ptr);
+ failed = FALSE;
+failure:
aead->destroy(aead);
+ chunk_free(&cipher);
+ chunk_free(&plain);
if (failed)
{
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
@@ -458,7 +497,7 @@ METHOD(crypto_tester_t, test_aead, bool,
* Benchmark a signer
*/
static u_int bench_signer(private_crypto_tester_t *this,
- encryption_algorithm_t alg, signer_constructor_t create)
+ integrity_algorithm_t alg, signer_constructor_t create)
{
signer_t *signer;
@@ -472,7 +511,10 @@ static u_int bench_signer(private_crypto_tester_t *this,
u_int runs;
memset(key, 0x12, sizeof(key));
- signer->set_key(signer, chunk_from_thing(key));
+ if (!signer->set_key(signer, chunk_from_thing(key)))
+ {
+ return 0;
+ }
buf = chunk_alloc(this->bench_size);
memset(buf.ptr, 0x34, buf.len);
@@ -481,10 +523,14 @@ static u_int bench_signer(private_crypto_tester_t *this,
start_timing(&start);
while (end_timing(&start) < this->bench_time)
{
- signer->get_signature(signer, buf, mac);
- runs++;
- signer->verify_signature(signer, buf, chunk_from_thing(mac));
- runs++;
+ if (signer->get_signature(signer, buf, mac))
+ {
+ runs++;
+ }
+ if (signer->verify_signature(signer, buf, chunk_from_thing(mac)))
+ {
+ runs++;
+ }
}
free(buf.ptr);
signer->destroy(signer);
@@ -507,7 +553,7 @@ METHOD(crypto_tester_t, test_signer, bool,
while (enumerator->enumerate(enumerator, &vector))
{
signer_t *signer;
- chunk_t key, data, mac;
+ chunk_t key, data, mac = chunk_empty;
if (vector->alg != alg)
{
@@ -515,63 +561,79 @@ METHOD(crypto_tester_t, test_signer, bool,
}
tested++;
+ failed = TRUE;
signer = create(alg);
if (!signer)
{
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
integrity_algorithm_names, alg, plugin_name);
- failed = TRUE;
break;
}
- failed = FALSE;
-
key = chunk_create(vector->key, signer->get_key_size(signer));
- signer->set_key(signer, key);
-
+ if (!signer->set_key(signer, key))
+ {
+ goto failure;
+ }
/* allocated signature */
data = chunk_create(vector->data, vector->len);
- signer->allocate_signature(signer, data, &mac);
+ if (!signer->allocate_signature(signer, data, &mac))
+ {
+ goto failure;
+ }
if (mac.len != signer->get_block_size(signer))
{
- failed = TRUE;
+ goto failure;
}
if (!memeq(vector->mac, mac.ptr, mac.len))
{
- failed = TRUE;
+ goto failure;
}
/* signature to existing buffer */
memset(mac.ptr, 0, mac.len);
- signer->get_signature(signer, data, mac.ptr);
+ if (!signer->get_signature(signer, data, mac.ptr))
+ {
+ goto failure;
+ }
if (!memeq(vector->mac, mac.ptr, mac.len))
{
- failed = TRUE;
+ goto failure;
}
/* signature verification, good case */
if (!signer->verify_signature(signer, data, mac))
{
- failed = TRUE;
+ goto failure;
}
/* signature verification, bad case */
*(mac.ptr + mac.len - 1) += 1;
if (signer->verify_signature(signer, data, mac))
{
- failed = TRUE;
+ goto failure;
}
/* signature to existing buffer, using append mode */
if (data.len > 2)
{
- signer->allocate_signature(signer, chunk_create(data.ptr, 1), NULL);
- signer->get_signature(signer, chunk_create(data.ptr + 1, 1), NULL);
+ if (!signer->allocate_signature(signer,
+ chunk_create(data.ptr, 1), NULL))
+ {
+ goto failure;
+ }
+ if (!signer->get_signature(signer,
+ chunk_create(data.ptr + 1, 1), NULL))
+ {
+ goto failure;
+ }
if (!signer->verify_signature(signer, chunk_skip(data, 2),
chunk_create(vector->mac, mac.len)))
{
- failed = TRUE;
+ goto failure;
}
}
- free(mac.ptr);
+ failed = FALSE;
+failure:
signer->destroy(signer);
+ chunk_free(&mac);
if (failed)
{
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
@@ -627,8 +689,10 @@ static u_int bench_hasher(private_crypto_tester_t *this,
start_timing(&start);
while (end_timing(&start) < this->bench_time)
{
- hasher->get_hash(hasher, buf, hash);
- runs++;
+ if (hasher->get_hash(hasher, buf, hash))
+ {
+ runs++;
+ }
}
free(buf.ptr);
hasher->destroy(hasher);
@@ -659,50 +723,73 @@ METHOD(crypto_tester_t, test_hasher, bool,
}
tested++;
+ failed = TRUE;
hasher = create(alg);
if (!hasher)
{
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
hash_algorithm_names, alg, plugin_name);
- failed = TRUE;
break;
}
- failed = FALSE;
-
/* allocated hash */
data = chunk_create(vector->data, vector->len);
- hasher->allocate_hash(hasher, data, &hash);
+ if (!hasher->allocate_hash(hasher, data, &hash))
+ {
+ goto failure;
+ }
if (hash.len != hasher->get_hash_size(hasher))
{
- failed = TRUE;
+ goto failure;
}
if (!memeq(vector->hash, hash.ptr, hash.len))
{
- failed = TRUE;
+ goto failure;
}
- /* hash to existing buffer */
+ /* hash to existing buffer, with a reset */
memset(hash.ptr, 0, hash.len);
- hasher->get_hash(hasher, data, hash.ptr);
+ if (!hasher->get_hash(hasher, data, NULL))
+ {
+ goto failure;
+ }
+ if (!hasher->reset(hasher))
+ {
+ goto failure;
+ }
+ if (!hasher->get_hash(hasher, data, hash.ptr))
+ {
+ goto failure;
+ }
if (!memeq(vector->hash, hash.ptr, hash.len))
{
- failed = TRUE;
+ goto failure;
}
/* hasher to existing buffer, using append mode */
if (data.len > 2)
{
memset(hash.ptr, 0, hash.len);
- hasher->allocate_hash(hasher, chunk_create(data.ptr, 1), NULL);
- hasher->get_hash(hasher, chunk_create(data.ptr + 1, 1), NULL);
- hasher->get_hash(hasher, chunk_skip(data, 2), hash.ptr);
+ if (!hasher->allocate_hash(hasher, chunk_create(data.ptr, 1), NULL))
+ {
+ goto failure;
+ }
+ if (!hasher->get_hash(hasher, chunk_create(data.ptr + 1, 1), NULL))
+ {
+ goto failure;
+ }
+ if (!hasher->get_hash(hasher, chunk_skip(data, 2), hash.ptr))
+ {
+ goto failure;
+ }
if (!memeq(vector->hash, hash.ptr, hash.len))
{
- failed = TRUE;
+ goto failure;
}
}
- free(hash.ptr);
+ failed = FALSE;
+failure:
hasher->destroy(hasher);
+ chunk_free(&hash);
if (failed)
{
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
@@ -746,11 +833,18 @@ static u_int bench_prf(private_crypto_tester_t *this,
prf = create(alg);
if (prf)
{
- char bytes[prf->get_block_size(prf)];
+ char bytes[prf->get_block_size(prf)], key[prf->get_block_size(prf)];
chunk_t buf;
struct timespec start;
u_int runs;
+ memset(key, 0x56, prf->get_block_size(prf));
+ if (!prf->set_key(prf, chunk_create(key, prf->get_block_size(prf))))
+ {
+ prf->destroy(prf);
+ return 0;
+ }
+
buf = chunk_alloc(this->bench_size);
memset(buf.ptr, 0x34, buf.len);
@@ -758,8 +852,10 @@ static u_int bench_prf(private_crypto_tester_t *this,
start_timing(&start);
while (end_timing(&start) < this->bench_time)
{
- prf->get_bytes(prf, buf, bytes);
- runs++;
+ if (prf->get_bytes(prf, buf, bytes))
+ {
+ runs++;
+ }
}
free(buf.ptr);
prf->destroy(prf);
@@ -782,7 +878,7 @@ METHOD(crypto_tester_t, test_prf, bool,
while (enumerator->enumerate(enumerator, &vector))
{
prf_t *prf;
- chunk_t key, seed, out;
+ chunk_t key, seed, out = chunk_empty;
if (vector->alg != alg)
{
@@ -790,41 +886,50 @@ METHOD(crypto_tester_t, test_prf, bool,
}
tested++;
+ failed = TRUE;
prf = create(alg);
if (!prf)
{
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
pseudo_random_function_names, alg, plugin_name);
- failed = TRUE;
break;
}
- failed = FALSE;
-
key = chunk_create(vector->key, vector->key_size);
- prf->set_key(prf, key);
-
+ if (!prf->set_key(prf, key))
+ {
+ goto failure;
+ }
/* allocated bytes */
seed = chunk_create(vector->seed, vector->len);
- prf->allocate_bytes(prf, seed, &out);
+ if (!prf->allocate_bytes(prf, seed, &out))
+ {
+ goto failure;
+ }
if (out.len != prf->get_block_size(prf))
{
- failed = TRUE;
+ goto failure;
}
if (!memeq(vector->out, out.ptr, out.len))
{
- failed = TRUE;
+ goto failure;
}
/* bytes to existing buffer */
memset(out.ptr, 0, out.len);
if (vector->stateful)
{
- prf->set_key(prf, key);
+ if (!prf->set_key(prf, key))
+ {
+ goto failure;
+ }
+ }
+ if (!prf->get_bytes(prf, seed, out.ptr))
+ {
+ goto failure;
}
- prf->get_bytes(prf, seed, out.ptr);
if (!memeq(vector->out, out.ptr, out.len))
{
- failed = TRUE;
+ goto failure;
}
/* bytes to existing buffer, using append mode */
if (seed.len > 2)
@@ -832,19 +937,33 @@ METHOD(crypto_tester_t, test_prf, bool,
memset(out.ptr, 0, out.len);
if (vector->stateful)
{
- prf->set_key(prf, key);
+ if (!prf->set_key(prf, key))
+ {
+ goto failure;
+ }
+ }
+ if (!prf->allocate_bytes(prf, chunk_create(seed.ptr, 1), NULL))
+ {
+ goto failure;
+ }
+ if (!prf->get_bytes(prf, chunk_create(seed.ptr + 1, 1), NULL))
+ {
+ goto failure;
+ }
+ if (!prf->get_bytes(prf, chunk_skip(seed, 2), out.ptr))
+ {
+ goto failure;
}
- prf->allocate_bytes(prf, chunk_create(seed.ptr, 1), NULL);
- prf->get_bytes(prf, chunk_create(seed.ptr + 1, 1), NULL);
- prf->get_bytes(prf, chunk_skip(seed, 2), out.ptr);
if (!memeq(vector->out, out.ptr, out.len))
{
- failed = TRUE;
+ goto failure;
}
}
- free(out.ptr);
+ failed = FALSE;
+failure:
prf->destroy(prf);
+ chunk_free(&out);
if (failed)
{
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
@@ -897,7 +1016,11 @@ static u_int bench_rng(private_crypto_tester_t *this,
start_timing(&start);
while (end_timing(&start) < this->bench_time)
{
- rng->get_bytes(rng, buf.len, buf.ptr);
+ if (!rng->get_bytes(rng, buf.len, buf.ptr))
+ {
+ runs = 0;
+ break;
+ }
runs++;
}
free(buf.ptr);
@@ -927,8 +1050,8 @@ METHOD(crypto_tester_t, test_rng, bool,
enumerator = this->rng->create_enumerator(this->rng);
while (enumerator->enumerate(enumerator, &vector))
{
+ chunk_t data = chunk_empty;
rng_t *rng;
- chunk_t data;
if (vector->quality != quality)
{
@@ -936,37 +1059,37 @@ METHOD(crypto_tester_t, test_rng, bool,
}
tested++;
+ failed = TRUE;
rng = create(quality);
if (!rng)
{
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
rng_quality_names, quality, plugin_name);
- failed = TRUE;
break;
}
- failed = FALSE;
-
/* allocated bytes */
- rng->allocate_bytes(rng, vector->len, &data);
- if (data.len != vector->len)
+ if (!rng->allocate_bytes(rng, vector->len, &data) ||
+ data.len != vector->len ||
+ !vector->test(vector->user, data))
{
- failed = TRUE;
+ goto failure;
}
- if (!vector->test(vector->user, data))
+ /* write bytes into existing buffer */
+ memset(data.ptr, 0, data.len);
+ if (!rng->get_bytes(rng, vector->len, data.ptr))
{
- failed = TRUE;
+ goto failure;
}
- /* bytes to existing buffer */
- memset(data.ptr, 0, data.len);
- rng->get_bytes(rng, vector->len, data.ptr);
if (!vector->test(vector->user, data))
{
- failed = TRUE;
+ goto failure;
}
- free(data.ptr);
+ failed = FALSE;
+failure:
rng->destroy(rng);
+ chunk_free(&data);
if (failed)
{
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",