From d1248b7f3658abd851ad112ac6ac7c40fac4bbd6 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 29 Aug 2018 19:00:41 +0000 Subject: [PATCH] Calculate and check tag during AES-CCM encryption test. --- .../lib/libcrypto/wycheproof/wycheproof.go | 26 ++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/regress/lib/libcrypto/wycheproof/wycheproof.go b/regress/lib/libcrypto/wycheproof/wycheproof.go index 5e61ebb30b6..9022279346a 100644 --- a/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/regress/lib/libcrypto/wycheproof/wycheproof.go @@ -1,4 +1,4 @@ -/* $OpenBSD: wycheproof.go,v 1.33 2018/08/29 18:59:22 tb Exp $ */ +/* $OpenBSD: wycheproof.go,v 1.34 2018/08/29 19:00:41 tb Exp $ */ /* * Copyright (c) 2018 Joel Sing * Copyright (c) 2018 Theo Buehler @@ -480,6 +480,18 @@ func checkAesCcm(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen int, i return false } + if doEncrypt == 1 { + var tmpLen C.int + dummyOut := make([]byte, 16) + + ret = C.EVP_CipherFinal_ex(ctx, (*C.uchar)(unsafe.Pointer(&dummyOut[0])), &tmpLen) + if ret != 1 { + fmt.Printf("FAIL: Test case %d (%q) [%v] - EVP_CipherFinal_ex() failed: got %d, want %v\n", wt.TCID, wt.Comment, action, ret, wt.Result) + return false + } + cipherOutLen += tmpLen + } + if cipherOutLen != C.int(outLen) { fmt.Printf("FAIL: Test case %d (%q) [%v] - cipherOutLen %d != outLen %d. Result %v\n", wt.TCID, wt.Comment, cipherOutLen, action, outLen, wt.Result) return false @@ -490,6 +502,18 @@ func checkAesCcm(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen int, i fmt.Printf("FAIL: Test case %d (%q) [%v] - expected and computed output do not match. Result: %v\n", wt.TCID, wt.Comment, action, wt.Result) success = false } + if doEncrypt == 1 { + tagOut := make([]byte, tagLen) + ret = C.EVP_CIPHER_CTX_ctrl(ctx, C.EVP_CTRL_CCM_GET_TAG, C.int(tagLen), unsafe.Pointer(&tagOut[0])) + if ret != 1 { + fmt.Printf("FAIL: Test case %d (%q) [%v] - EVP_CIPHER_CTX_ctrl() failed: got %d, want %v\n", wt.TCID, wt.Comment, action, ret, wt.Result) + return false + } + if bytes.Equal(tagOut, tag) != (wt.Result == "valid") { + fmt.Printf("FAIL: Test case %d (%q) [%v] - expected and computed tag do not match. Result: %v\n", wt.TCID, wt.Comment, action, ret, wt.Result) + success = false + } + } return success } -- 2.20.1