mac: allow XOF MACs to be specified either via control or via the dedicated function

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15061)
author: Pauli <pauli@openssl.org> 2021-04-28 12:58:08 +1000
committer: Pauli <pauli@openssl.org> 2021-05-05 22:11:04 +1000
commit: 6a38b09a7fa6eaac6bcbe567382fbe7d3d719503 (patch)
tree: 07110a5ae63f133d29d4fd45fbc38a740e35533b /test/evp_test.c
parent: f14a2c9d7ac79afb36cacbf910a6363c7abc3135 (diff)
download: openssl-new-6a38b09a7fa6eaac6bcbe567382fbe7d3d719503.tar.gz
1 files changed, 36 insertions, 14 deletions
diff --git a/test/evp_test.c b/test/evp_test.c
index 79ca676c87..abb0485459 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1029,6 +1029,8 @@ typedef struct mac_data_st {
     /* MAC salt (blake2) */
     unsigned char *salt;
     size_t salt_len;
+    /* XOF mode? */
+    int xof;
     /* Collection of controls */
     STACK_OF(OPENSSL_STRING) *controls;
 } MAC_DATA;
@@ -1123,6 +1125,8 @@ static int mac_test_parse(EVP_TEST *t,
         return parse_bin(value, &mdata->input, &mdata->input_len);
     if (strcmp(keyword, "Output") == 0)
         return parse_bin(value, &mdata->output, &mdata->output_len);
+    if (strcmp(keyword, "XOF") == 0)
+        return mdata->xof = 1;
     if (strcmp(keyword, "Ctrl") == 0)
         return sk_OPENSSL_STRING_push(mdata->controls,
                                       OPENSSL_strdup(value)) != 0;
@@ -1164,6 +1168,10 @@ static int mac_test_run_pkey(EVP_TEST *t)
     size_t got_len;
     int i;
 
+    /* We don't do XOF mode via PKEY */
+    if (expected->xof)
+        return 1;
+
     if (expected->alg == NULL)
         TEST_info("Trying the EVP_PKEY %s test", OBJ_nid2sn(expected->type));
     else
@@ -1360,20 +1368,34 @@ static int mac_test_run_mac(EVP_TEST *t)
         t->err = "MAC_UPDATE_ERROR";
         goto err;
     }
-    if (!EVP_MAC_final(ctx, NULL, &got_len, 0)) {
-        t->err = "MAC_FINAL_LENGTH_ERROR";
-        goto err;
-    }
-    if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
-        t->err = "TEST_FAILURE";
-        goto err;
-    }
-    if (!EVP_MAC_final(ctx, got, &got_len, got_len)
-        || !memory_err_compare(t, "TEST_MAC_ERR",
-                               expected->output, expected->output_len,
-                               got, got_len)) {
-        t->err = "TEST_MAC_ERR";
-        goto err;
+    if (expected->xof) {
+        if (!TEST_ptr(got = OPENSSL_malloc(expected->output_len))) {
+            t->err = "TEST_FAILURE";
+            goto err;
+        }
+        if (!EVP_MAC_finalXOF(ctx, got, expected->output_len)
+            || !memory_err_compare(t, "TEST_MAC_ERR",
+                                   expected->output, expected->output_len,
+                                   got, expected->output_len)) {
+            t->err = "MAC_FINAL_ERROR";
+            goto err;
+        }
+    } else {
+        if (!EVP_MAC_final(ctx, NULL, &got_len, 0)) {
+            t->err = "MAC_FINAL_LENGTH_ERROR";
+            goto err;
+        }
+        if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
+            t->err = "TEST_FAILURE";
+            goto err;
+        }
+        if (!EVP_MAC_final(ctx, got, &got_len, got_len)
+            || !memory_err_compare(t, "TEST_MAC_ERR",
+                                   expected->output, expected->output_len,
+                                   got, got_len)) {
+            t->err = "TEST_MAC_ERR";
+            goto err;
+        }
     }
     t->err = NULL;
  err:
author	Pauli <pauli@openssl.org>	2021-04-28 12:58:08 +1000
committer	Pauli <pauli@openssl.org>	2021-05-05 22:11:04 +1000
commit	6a38b09a7fa6eaac6bcbe567382fbe7d3d719503 (patch)
tree	07110a5ae63f133d29d4fd45fbc38a740e35533b /test/evp_test.c
parent	f14a2c9d7ac79afb36cacbf910a6363c7abc3135 (diff)
download	openssl-new-6a38b09a7fa6eaac6bcbe567382fbe7d3d719503.tar.gz