Add file-based test framework and convert hmac_test.

This adds a file-based test framework to crypto/test. It knows how to parse formats similar to either upstream's evp_test and our aead_test. hmac_test has been converted to that with tests from upstream's evp_test. Upstream tests it against the deprecated EVP_PKEY_HMAC API, which will be tested by running evp_test against the same input file, to avoid having to duplicate the test vectors. hmac_test runs those same inputs against the supported HMAC_CTX APIs. Change-Id: I9d2b6adb9be519760d1db282b9d43efd6f9adffb Reviewed-on: https://boringssl-review.googlesource.com/4701 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2015-05-10 05:46:47 +0300
committer: Adam Langley <agl@google.com> 2015-05-12 00:34:42 +0300
commit: 06b94de820126db70c7a953817308ca2244beaf6 (patch)
tree: b031aa879f42d815fe9f21309b8746bb0d749b8a /crypto/hmac
parent: 6a08da2cf8c4bb506ccc97a0b702788555348435 (diff)
3 files changed, 188 insertions, 139 deletions
diff --git a/crypto/hmac/CMakeLists.txt b/crypto/hmac/CMakeLists.txt
index 5d8c2986..1a08c557 100644
--- a/crypto/hmac/CMakeLists.txt
+++ b/crypto/hmac/CMakeLists.txt
@@ -13,6 +13,7 @@ add_executable(
   hmac_test
 
   hmac_test.cc
+  $<TARGET_OBJECTS:test_support>
 )
 
 target_link_libraries(hmac_test crypto)
diff --git a/crypto/hmac/hmac_test.cc b/crypto/hmac/hmac_test.cc
index 68e6c8f0..e5128278 100644
--- a/crypto/hmac/hmac_test.cc
+++ b/crypto/hmac/hmac_test.cc
@@ -54,169 +54,118 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.] */
 
-#include <assert.h>
 #include <stdio.h>
 #include <string.h>
 
 #include <string>
+#include <vector>
 
 #include <openssl/crypto.h>
 #include <openssl/digest.h>
 #include <openssl/hmac.h>
-#include <openssl/mem.h>
 
+#include "../test/file_test.h"
 #include "../test/scoped_types.h"
-
-
-struct Test {
-  uint8_t key[16];
-  size_t key_len;
-  uint8_t data[64];
-  size_t data_len;
-  const char *hex_digest;
-};
-
-static const Test kTests[] = {
-  {
-    "", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
-    "e9139d1e6ee064ef8cf514fc7dc83e86",
-  },
-  {
-    {
-      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
-      0x0b, 0x0b, 0x0b, 0x0b,
-    },
-    16,
-    "Hi There",
-    8,
-    "9294727a3638bb1c13f48ef8158bfc9d",
-  },
-  {
-    "Jefe", 4, "what do ya want for nothing?", 28,
-    "750c783e6ab0b503eaa86e310a5db738",
-  },
-  {
-    {
-      0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
-      0xaa, 0xaa, 0xaa, 0xaa,
-    },
-    16,
-    {
-      0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-      0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-      0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-      0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
-      0xdd, 0xdd,
-    },
-    50,
-    "56be34521d144c88dbb8c733f0e8b3f6",
-  },
-};
-
-static std::string ToHex(const uint8_t *md, size_t md_len) {
-  std::string ret;
-  for (size_t i = 0; i < md_len; i++) {
-    char buf[2 + 1 /* NUL */];
-    BIO_snprintf(buf, sizeof(buf), "%02x", md[i]);
-    ret.append(buf, 2);
+#include "../test/stl_compat.h"
+
+
+static const EVP_MD *GetDigest(const std::string &name) {
+  if (name == "MD5") {
+    return EVP_md5();
+  } else if (name == "SHA1") {
+    return EVP_sha1();
+  } else if (name == "SHA224") {
+    return EVP_sha224();
+  } else if (name == "SHA256") {
+    return EVP_sha256();
+  } else if (name == "SHA384") {
+    return EVP_sha384();
+  } else if (name == "SHA512") {
+    return EVP_sha512();
   }
-  return ret;
+  return nullptr;
 }
 
-int main(int argc, char *argv[]) {
-  int err = 0;
-  uint8_t out[EVP_MAX_MD_SIZE];
-  unsigned out_len;
-
-  CRYPTO_library_init();
-
-  for (unsigned i = 0; i < sizeof(kTests) / sizeof(kTests[0]); i++) {
-    const Test *test = &kTests[i];
+static bool TestHMAC(FileTest *t) {
+  std::string digest_str;
+  if (!t->GetAttribute(&digest_str, "HMAC")) {
+    return false;
+  }
+  const EVP_MD *digest = GetDigest(digest_str);
+  if (digest == nullptr) {
+    t->PrintLine("Unknown digest '%s'", digest_str.c_str());
+    return false;
+  }
 
-    // Test using the one-shot API.
-    if (NULL == HMAC(EVP_md5(), test->key, test->key_len, test->data,
-                     test->data_len, out, &out_len)) {
-      fprintf(stderr, "%u: HMAC failed.\n", i);
-      err++;
-      continue;
-    }
-    std::string out_hex = ToHex(out, out_len);
-    if (out_hex != test->hex_digest) {
-      fprintf(stderr, "%u: got %s instead of %s\n", i, out_hex.c_str(),
-              test->hex_digest);
-      err++;
-    }
+  std::vector<uint8_t> key, input, output;
+  if (!t->GetBytes(&key, "Key") ||
+      !t->GetBytes(&input, "Input") ||
+      !t->GetBytes(&output, "Output")) {
+    return false;
+  }
 
-    // Test using HMAC_CTX.
-    ScopedHMAC_CTX ctx;
-    if (!HMAC_Init_ex(ctx.get(), test->key, test->key_len, EVP_md5(), NULL) ||
-        !HMAC_Update(ctx.get(), test->data, test->data_len) ||
-        !HMAC_Final(ctx.get(), out, &out_len)) {
-      fprintf(stderr, "%u: HMAC failed.\n", i);
-      err++;
-      continue;
-    }
-    out_hex = ToHex(out, out_len);
-    if (out_hex != test->hex_digest) {
-      fprintf(stderr, "%u: got %s instead of %s\n", i, out_hex.c_str(),
-              test->hex_digest);
-      err++;
-    }
+  // Test using the one-shot API.
+  uint8_t mac[EVP_MAX_MD_SIZE];
+  unsigned mac_len;
+  if (nullptr == HMAC(digest, bssl::vector_data(&key), key.size(),
+                      bssl::vector_data(&input), input.size(), mac,
+                      &mac_len) ||
+      !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+                           mac_len)) {
+    t->PrintLine("One-shot API failed.");
+    return false;
+  }
 
-    // Test that an HMAC_CTX may be reset with the same key.
-    if (!HMAC_Init_ex(ctx.get(), NULL, 0, EVP_md5(), NULL) ||
-        !HMAC_Update(ctx.get(), test->data, test->data_len) ||
-        !HMAC_Final(ctx.get(), out, &out_len)) {
-      fprintf(stderr, "%u: HMAC failed.\n", i);
-      err++;
-      continue;
-    }
-    out_hex = ToHex(out, out_len);
-    if (out_hex != test->hex_digest) {
-      fprintf(stderr, "%u: got %s instead of %s\n", i, out_hex.c_str(),
-              test->hex_digest);
-      err++;
-    }
+  // Test using HMAC_CTX.
+  ScopedHMAC_CTX ctx;
+  if (!HMAC_Init_ex(ctx.get(), bssl::vector_data(&key), key.size(), digest,
+                    nullptr) ||
+      !HMAC_Update(ctx.get(), bssl::vector_data(&input), input.size()) ||
+      !HMAC_Final(ctx.get(), mac, &mac_len) ||
+      !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+                           mac_len)) {
+    t->PrintLine("HMAC_CTX failed.");
+   return false;
   }
 
-  // Test that HMAC() uses the empty key when called with key = NULL.
-  const Test *test = &kTests[0];
-  assert(test->key_len == 0);
-  if (NULL == HMAC(EVP_md5(), NULL, 0, test->data, test->data_len, out,
-                   &out_len)) {
-    fprintf(stderr, "HMAC failed.\n");
-    err++;
-  } else {
-    std::string out_hex = ToHex(out, out_len);
-    if (out_hex != test->hex_digest) {
-      fprintf(stderr, "got %s instead of %s\n", out_hex.c_str(),
-              test->hex_digest);
-      err++;
-    }
+  // Test that an HMAC_CTX may be reset with the same key.
+  if (!HMAC_Init_ex(ctx.get(), nullptr, 0, digest, nullptr) ||
+      !HMAC_Update(ctx.get(), bssl::vector_data(&input), input.size()) ||
+      !HMAC_Final(ctx.get(), mac, &mac_len) ||
+      !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+                           mac_len)) {
+    t->PrintLine("HMAC_CTX with reset failed.");
+   return false;
   }
 
-  // Test that HMAC_Init, etc., uses the empty key when called initially with
-  // key = NULL.
-  assert(test->key_len == 0);
-  ScopedHMAC_CTX ctx;
-  if (!HMAC_Init_ex(ctx.get(), NULL, 0, EVP_md5(), NULL) ||
-      !HMAC_Update(ctx.get(), test->data, test->data_len) ||
-      !HMAC_Final(ctx.get(), out, &out_len)) {
-    fprintf(stderr, "HMAC failed.\n");
-    err++;
-  } else {
-    std::string out_hex = ToHex(out, out_len);
-    if (out_hex != test->hex_digest) {
-      fprintf(stderr, "got %s instead of %s\n", out_hex.c_str(),
-              test->hex_digest);
-      err++;
+  // Test feeding the input in byte by byte.
+  if (!HMAC_Init_ex(ctx.get(), nullptr, 0, nullptr, nullptr)) {
+   t->PrintLine("HMAC_CTX streaming failed.");
+   return false;
+  }
+  for (size_t i = 0; i < input.size(); i++) {
+    if (!HMAC_Update(ctx.get(), &input[i], 1)) {
+      t->PrintLine("HMAC_CTX streaming failed.");
+      return false;
     }
   }
+  if (!HMAC_Final(ctx.get(), mac, &mac_len) ||
+      !t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), mac,
+                           mac_len)) {
+    t->PrintLine("HMAC_CTX streaming failed.");
+    return false;
+  }
+
+  return true;
+}
+
+int main(int argc, char *argv[]) {
+  CRYPTO_library_init();
 
-  if (err) {
+  if (argc != 2) {
+    fprintf(stderr, "%s <test file.txt>\n", argv[0]);
     return 1;
   }
 
-  printf("PASS\n");
-  return 0;
+  return FileTestMain(TestHMAC, argv[1]);
 }
diff --git a/crypto/hmac/hmac_tests.txt b/crypto/hmac/hmac_tests.txt
new file mode 100644
index 00000000..141b1ed4
--- /dev/null
+++ b/crypto/hmac/hmac_tests.txt
@@ -0,0 +1,99 @@
+HMAC = MD5
+# Note: The empty key results in passing NULL to HMAC_Init_ex, so this tests
+# that HMAC_CTX and HMAC treat NULL as the empty key initially.
+Key =
+Input = "More text test vectors to stuff up EBCDIC machines :-)"
+Output = e9139d1e6ee064ef8cf514fc7dc83e86
+
+# HMAC tests from RFC2104
+HMAC = MD5
+Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+Input = "Hi There"
+Output = 9294727a3638bb1c13f48ef8158bfc9d
+
+HMAC = MD5
+Key = "Jefe"
+Input = "what do ya want for nothing?"
+Output = 750c783e6ab0b503eaa86e310a5db738
+
+HMAC = MD5
+Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
+Output = 56be34521d144c88dbb8c733f0e8b3f6
+
+# HMAC tests from NIST test data
+
+HMAC = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
+
+HMAC = SHA1
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F10111213
+Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
+
+HMAC = SHA1
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
+
+HMAC = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
+
+HMAC = SHA224
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B
+Output = E3D249A8CFB67EF8B7A169E9A0A599714A2CECBA65999A51BEB8FBBE
+
+HMAC = SHA224
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = 91C52509E5AF8531601AE6230099D90BEF88AAEFB961F4080ABC014D
+
+HMAC = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
+
+HMAC = SHA256
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+Output = A28CF43130EE696A98F14A37678B56BCFCBDD9E5CF69717FECF5480F0EBDF790
+
+HMAC = SHA256
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
+Output = BDCCB6C72DDEADB500AE768386CB38CC41C63DBB0878DDB9C7A38A431B78378D
+
+HMAC = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = 63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
+
+HMAC = SHA384
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F
+Output = 6EB242BDBB582CA17BEBFA481B1E23211464D2B7F8C20B9FF2201637B93646AF5AE9AC316E98DB45D9CAE773675EEED0
+
+HMAC = SHA384
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = 5B664436DF69B0CA22551231A3F0A3D5B4F97991713CFA84BFF4D0792EFF96C27DCCBBB6F79B65D548B40E8564CEF594
+
+HMAC = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Output = FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
+
+HMAC = SHA512
+Input = "Sample message for keylen<blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Output = FD44C18BDA0BB0A6CE0E82B031BF2818F6539BD56EC00BDC10A8A2D730B3634DE2545D639B0F2CF710D0692C72A1896F1F211C2B922D1A96C392E07E7EA9FEDC
+
+HMAC = SHA512
+Input = "Sample message for keylen=blocklen"
+Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3
author	David Benjamin <davidben@chromium.org>	2015-05-10 05:46:47 +0300
committer	Adam Langley <agl@google.com>	2015-05-12 00:34:42 +0300
commit	06b94de820126db70c7a953817308ca2244beaf6 (patch)
tree	b031aa879f42d815fe9f21309b8746bb0d749b8a /crypto/hmac
parent	6a08da2cf8c4bb506ccc97a0b702788555348435 (diff)