Add file-based test framework and convert hmac_test.

This adds a file-based test framework to crypto/test. It knows how to
parse formats similar to either upstream's evp_test and our aead_test.

hmac_test has been converted to that with tests from upstream's
evp_test. Upstream tests it against the deprecated EVP_PKEY_HMAC API,
which will be tested by running evp_test against the same input file, to
avoid having to duplicate the test vectors. hmac_test runs those same
inputs against the supported HMAC_CTX APIs.

Change-Id: I9d2b6adb9be519760d1db282b9d43efd6f9adffb
Reviewed-on: https://boringssl-review.googlesource.com/4701
Reviewed-by: Adam Langley <agl@google.com>

3 files changed, 461 insertions, 0 deletions

diff --git a/crypto/test/CMakeLists.txt b/crypto/test/CMakeLists.txt
new file mode 100644
index 00000000..0d5ca811
--- /dev/null
+++ b/crypto/test/CMakeLists.txt
@@ -0,0 +1,7 @@
+add_library(
+  test_support
+
+  OBJECT
+
+  file_test.cc
+)
diff --git a/crypto/test/file_test.cc b/crypto/test/file_test.cc
new file mode 100644
index 00000000..907e57b0
--- /dev/null
+++ b/crypto/test/file_test.cc
@@ -0,0 +1,295 @@
+/* Copyright (c) 2015, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "file_test.h"
+
+#include <ctype.h>
+#include <errno.h>
+#include <stdarg.h>
+#include <string.h>
+
+#include "stl_compat.h"
+
+
+FileTest::FileTest(const char *path) {
+  file_ = fopen(path, "r");
+  if (file_ == nullptr) {
+    fprintf(stderr, "Could not open file %s: %s.\n", path, strerror(errno));
+  }
+}
+
+FileTest::~FileTest() {
+  if (file_ != nullptr) {
+    fclose(file_);
+  }
+}
+
+// FindDelimiter returns a pointer to the first '=' or ':' in |str| or nullptr
+// if there is none.
+static const char *FindDelimiter(const char *str) {
+  while (*str) {
+    if (*str == ':' || *str == '=') {
+      return str;
+    }
+    str++;
+  }
+  return nullptr;
+}
+
+// StripSpace returns a string containing up to |len| characters from |str| with
+// leading and trailing whitespace removed.
+static std::string StripSpace(const char *str, size_t len) {
+  // Remove leading space.
+  while (len > 0 && isspace(*str)) {
+    str++;
+    len--;
+  }
+  while (len > 0 && isspace(str[len-1])) {
+    len--;
+  }
+  return std::string(str, len);
+}
+
+FileTest::ReadResult FileTest::ReadNext() {
+  // If the previous test had unused attributes or block, it is an error.
+  if (!unused_attributes_.empty()) {
+    for (const std::string &key : unused_attributes_) {
+      PrintLine("Unused attribute: %s", key.c_str());
+    }
+    return kReadError;
+  }
+  if (!block_.empty() && !used_block_) {
+    PrintLine("Unused block");
+    return kReadError;
+  }
+
+  ClearTest();
+
+  bool in_block = false;
+  while (true) {
+    // Read the next line.
+    char buf[4096];
+    if (fgets(buf, sizeof(buf), file_) == nullptr) {
+      if (feof(file_)) {
+        if (in_block) {
+          fprintf(stderr, "Unterminated block.\n");
+          return kReadError;
+        }
+        // EOF is a valid terminator for a test.
+        return start_line_ > 0 ? kReadSuccess : kReadEOF;
+      }
+      fprintf(stderr, "Error reading from input.\n");
+      return kReadError;
+    }
+
+    line_++;
+    size_t len = strlen(buf);
+    // Check for truncation.
+    if (len > 0 && buf[len - 1] != '\n' && !feof(file_)) {
+      fprintf(stderr, "Line %u too long.\n", line_);
+      return kReadError;
+    }
+
+    bool is_delimiter = strncmp(buf, "---", 3) == 0;
+    if (in_block) {
+      block_ += buf;
+      if (is_delimiter) {
+        // Ending the block completes the test.
+        return kReadSuccess;
+      }
+    } else if (is_delimiter) {
+      if (start_line_ == 0) {
+        fprintf(stderr, "Line %u: Unexpected block.\n", line_);
+        return kReadError;
+      }
+      in_block = true;
+      block_ += buf;
+    } else if (buf[0] == '\n' || buf[0] == '\0') {
+      // Empty lines delimit tests.
+      if (start_line_ > 0) {
+        return kReadSuccess;
+      }
+    } else if (buf[0] != '#') {  // Comment lines are ignored.
+      // Parse the line as an attribute.
+      const char *delimiter = FindDelimiter(buf);
+      if (delimiter == nullptr) {
+        fprintf(stderr, "Line %u: Could not parse attribute.\n", line_);
+      }
+      std::string key = StripSpace(buf, delimiter - buf);
+      std::string value = StripSpace(delimiter + 1,
+                                     buf + len - delimiter - 1);
+
+      unused_attributes_.insert(key);
+      attributes_[key] = value;
+      if (start_line_ == 0) {
+        // This is the start of a test.
+        type_ = key;
+        parameter_ = value;
+        start_line_ = line_;
+      }
+    }
+  }
+}
+
+void FileTest::PrintLine(const char *format, ...) {
+  va_list args;
+  va_start(args, format);
+
+  fprintf(stderr, "Line %u: ", start_line_);
+  vfprintf(stderr, format, args);
+  fprintf(stderr, "\n");
+
+  va_end(args);
+}
+
+const std::string &FileTest::GetType() {
+  OnKeyUsed(type_);
+  return type_;
+}
+
+const std::string &FileTest::GetParameter() {
+  OnKeyUsed(type_);
+  return parameter_;
+}
+
+const std::string &FileTest::GetBlock() {
+  used_block_ = true;
+  return block_;
+}
+
+bool FileTest::HasAttribute(const std::string &key) {
+  OnKeyUsed(key);
+  return attributes_.count(key) > 0;
+}
+
+bool FileTest::GetAttribute(std::string *out_value, const std::string &key) {
+  OnKeyUsed(key);
+  auto iter = attributes_.find(key);
+  if (iter == attributes_.end()) {
+    PrintLine("Missing attribute '%s'.", key.c_str());
+    return false;
+  }
+  *out_value = iter->second;
+  return true;
+}
+
+static bool FromHexDigit(uint8_t *out, char c) {
+  if ('0' <= c && c <= '9') {
+    *out = c - '0';
+    return true;
+  }
+  if ('a' <= c && c <= 'f') {
+    *out = c - 'a' + 10;
+    return true;
+  }
+  if ('A' <= c && c <= 'F') {
+    *out = c - 'A' + 10;
+    return true;
+  }
+  return false;
+}
+
+bool FileTest::GetBytes(std::vector<uint8_t> *out, const std::string &key) {
+  std::string value;
+  if (!GetAttribute(&value, key)) {
+    return false;
+  }
+
+  if (value.size() >= 2 && value[0] == '"' && value[value.size() - 1] == '"') {
+    out->assign(value.begin() + 1, value.end() - 1);
+    return true;
+  }
+
+  if (value.size() % 2 != 0) {
+    PrintLine("Error decoding value: %s", value.c_str());
+    return false;
+  }
+  out->reserve(value.size() / 2);
+  for (size_t i = 0; i < value.size(); i += 2) {
+    uint8_t hi, lo;
+    if (!FromHexDigit(&hi, value[i]) || !FromHexDigit(&lo, value[i+1])) {
+      PrintLine("Error decoding value: %s", value.c_str());
+      return false;
+    }
+    out->push_back((hi << 4) | lo);
+  }
+  return true;
+}
+
+static std::string EncodeHex(const uint8_t *in, size_t in_len) {
+  static const char kHexDigits[] = "0123456789abcdef";
+  std::string ret;
+  ret.reserve(in_len * 2);
+  for (size_t i = 0; i < in_len; i++) {
+    ret += kHexDigits[in[i] >> 4];
+    ret += kHexDigits[in[i] & 0xf];
+  }
+  return ret;
+}
+
+bool FileTest::ExpectBytesEqual(const uint8_t *expected, size_t expected_len,
+                                const uint8_t *actual, size_t actual_len) {
+  if (expected_len == actual_len &&
+      memcmp(expected, actual, expected_len) == 0) {
+    return true;
+  }
+
+  std::string expected_hex = EncodeHex(expected, expected_len);
+  std::string actual_hex = EncodeHex(actual, actual_len);
+  PrintLine("Expected: %s", expected_hex.c_str());
+  PrintLine("Actual:   %s", actual_hex.c_str());
+  return false;
+}
+
+void FileTest::ClearTest() {
+  start_line_ = 0;
+  type_.clear();
+  parameter_.clear();
+  attributes_.clear();
+  block_.clear();
+  unused_attributes_.clear();
+  used_block_ = false;
+}
+
+void FileTest::OnKeyUsed(const std::string &key) {
+  unused_attributes_.erase(key);
+}
+
+int FileTestMain(bool (*run_test)(FileTest *t), const char *path) {
+  FileTest t(path);
+  if (!t.is_open()) {
+    return 1;
+  }
+
+  bool failed = false;
+  while (true) {
+    FileTest::ReadResult ret = t.ReadNext();
+    if (ret == FileTest::kReadError) {
+      return 1;
+    } else if (ret == FileTest::kReadEOF) {
+      break;
+    }
+
+    if (!run_test(&t)) {
+      failed = true;
+    }
+  }
+
+  if (failed) {
+    return 1;
+  }
+
+  printf("PASS\n");
+  return 0;
+}
diff --git a/crypto/test/file_test.h b/crypto/test/file_test.h
new file mode 100644
index 00000000..5ea65c11
--- /dev/null
+++ b/crypto/test/file_test.h
@@ -0,0 +1,159 @@
+/* Copyright (c) 2015, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_CRYPTO_TEST_FILE_TEST_H
+#define OPENSSL_HEADER_CRYPTO_TEST_FILE_TEST_H
+
+#include <stdint.h>
+#include <stdio.h>
+
+#include <string>
+#include <map>
+#include <set>
+#include <vector>
+
+
+// File-based test framework.
+//
+// This module provides a file-based test framework. The file format is based on
+// that of OpenSSL upstream's evp_test and BoringSSL's aead_test. Each input
+// file is a sequence of attributes, blocks, and blank lines.
+//
+// Each attribute has the form:
+//
+//   Name = Value
+//
+// Either '=' or ':' may be used to delimit the name from the value. Both the
+// name and value have leading and trailing spaces stripped.
+//
+// Blocks are delimited by lines beginning with three hyphens, "---". One such
+// line begins a block and another ends it. Blocks are intended as a convenient
+// way to embed PEM data and include their delimiters.
+//
+// Outside a block, lines beginning with # are ignored.
+//
+// A test is a sequence of one or more attributes followed by a block or blank
+// line. Blank lines are otherwise ignored. For tests that process multiple
+// kinds of test cases, the first attribute is parsed out as the test's type and
+// parameter. Otherwise, attributes are unordered. The first attribute is also
+// included in the set of attributes, so tests which do not dispatch may ignore
+// this mechanism.
+//
+// Functions in this module freely output to |stderr| on failure. Tests should
+// also do so, and it is recommended they include the corresponding test's line
+// number in any output. |PrintLine| does this automatically.
+//
+// Each attribute in a test must be consumed. When a test completes, if any
+// attributes haven't been processed, the framework reports an error.
+
+
+class FileTest {
+ public:
+  explicit FileTest(const char *path);
+  ~FileTest();
+
+  // is_open returns true if the file was successfully opened.
+  bool is_open() const { return file_ != nullptr; }
+
+  enum ReadResult {
+    kReadSuccess,
+    kReadEOF,
+    kReadError,
+  };
+
+  // ReadNext reads the next test from the file. It returns |kReadSuccess| if
+  // successfully reading a test and |kReadEOF| at the end of the file. On
+  // error or if the previous test had unconsumed attributes, it returns
+  // |kReadError|.
+  ReadResult ReadNext();
+
+  // PrintLine is a variant of printf which prepends the line number and appends
+  // a trailing newline.
+  void PrintLine(const char *format, ...)
+#ifdef __GNUC__
+      __attribute__((__format__(__printf__, 2, 3)))
+#endif
+  ;
+
+  unsigned start_line() const { return start_line_; }
+
+  // GetType returns the name of the first attribute of the current test.
+  const std::string &GetType();
+  // GetParameter returns the value of the first attribute of the current test.
+  const std::string &GetParameter();
+  // GetBlock returns the optional block of the current test, or the empty
+  // if there was no block.
+  const std::string &GetBlock();
+
+  // HasAttribute returns true if the current test has an attribute named |key|.
+  bool HasAttribute(const std::string &key);
+
+  // GetAttribute looks up the attribute with key |key|. It sets |*out_value| to
+  // the value and returns true if it exists and returns false with an error to
+  // |stderr| otherwise.
+  bool GetAttribute(std::string *out_value, const std::string &key);
+
+  // GetBytes looks up the attribute with key |key| and decodes it as a byte
+  // string. On success, it writes the result to |*out| and returns
+  // true. Otherwise it returns false with an error to |stderr|. The value may
+  // be either a hexadecimal string or a quoted ASCII string. It returns true on
+  // success and returns false with an error to |stderr| on failure.
+  bool GetBytes(std::vector<uint8_t> *out, const std::string &key);
+
+  // ExpectBytesEqual returns true if |expected| and |actual| are equal.
+  // Otherwise, it returns false and prints a message to |stderr|.
+  bool ExpectBytesEqual(const uint8_t *expected, size_t expected_len,
+                        const uint8_t *actual, size_t actual_len);
+
+ private:
+  void ClearTest();
+  void OnKeyUsed(const std::string &key);
+
+  FILE *file_ = nullptr;
+  // line_ is the number of lines read.
+  unsigned line_ = 0;
+
+  // start_line_ is the line number of the first attribute of the test.
+  unsigned start_line_ = 0;
+  // type_ is the name of the first attribute of the test.
+  std::string type_;
+  // parameter_ is the value of the first attribute.
+  std::string parameter_;
+  // attributes_ contains all attributes in the test, including the first.
+  std::map<std::string, std::string> attributes_;
+  // block_, if non-empty, is the test's optional trailing block.
+  std::string block_;
+
+  // unused_attributes_ is the set of attributes that have been queried.
+  std::set<std::string> unused_attributes_;
+  // used_block_ is true if the block has been queried.
+  bool used_block_ = false;
+
+  FileTest(const FileTest&) = delete;
+  FileTest &operator=(const FileTest&) = delete;
+};
+
+// FileTestMain runs a file-based test out of |path| and returns an exit code
+// suitable to return out of |main|. |run_test| should return true on pass and
+// false on failure.
+//
+// Tests are guaranteed to run serially and may affect global state if need be.
+// It is legal to use "tests" which, for example, import a private key into a
+// list of keys. This may be used to initialize a shared set of keys for many
+// tests. However, if one test fails, the framework will continue to run
+// subsequent tests.
+int FileTestMain(bool (*run_test)(FileTest *t), const char *path);
+
+
+#endif /* OPENSSL_HEADER_CRYPTO_TEST_FILE_TEST_H */