xref: /openssl/test/fake_rsaprov.c (revision f80cdee7) 
1 /*
2  * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  * https://www.openssl.org/source/license.html
8  * or in the file LICENSE in the source distribution.
9  */
10 
11 #include <string.h>
12 #include <openssl/core_names.h>
13 #include <openssl/core_object.h>
14 #include <openssl/rand.h>
15 #include <openssl/provider.h>
16 #include "testutil.h"
17 #include "fake_rsaprov.h"
18 
19 static OSSL_FUNC_keymgmt_new_fn fake_rsa_keymgmt_new;
20 static OSSL_FUNC_keymgmt_free_fn fake_rsa_keymgmt_free;
21 static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has;
22 static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query;
23 static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import;
24 static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes;
25 static OSSL_FUNC_keymgmt_load_fn fake_rsa_keymgmt_load;
26 
27 static int has_selection;
28 static int imptypes_selection;
29 static int query_id;
30 
fake_rsa_keymgmt_new(void * provctx)31 static void *fake_rsa_keymgmt_new(void *provctx)
32 {
33     unsigned char *keydata = OPENSSL_zalloc(1);
34 
35     TEST_ptr(keydata);
36 
37     /* clear test globals */
38     has_selection = 0;
39     imptypes_selection = 0;
40     query_id = 0;
41 
42     return keydata;
43 }
44 
fake_rsa_keymgmt_free(void * keydata)45 static void fake_rsa_keymgmt_free(void *keydata)
46 {
47     OPENSSL_free(keydata);
48 }
49 
fake_rsa_keymgmt_has(const void * key,int selection)50 static int fake_rsa_keymgmt_has(const void *key, int selection)
51 {
52     /* record global for checking */
53     has_selection = selection;
54 
55     return 1;
56 }
57 
58 
fake_rsa_keymgmt_query(int id)59 static const char *fake_rsa_keymgmt_query(int id)
60 {
61     /* record global for checking */
62     query_id = id;
63 
64     return "RSA";
65 }
66 
fake_rsa_keymgmt_import(void * keydata,int selection,const OSSL_PARAM * p)67 static int fake_rsa_keymgmt_import(void *keydata, int selection,
68                                    const OSSL_PARAM *p)
69 {
70     unsigned char *fake_rsa_key = keydata;
71 
72     /* key was imported */
73     *fake_rsa_key = 1;
74 
75     return 1;
76 }
77 
78 static const OSSL_PARAM fake_rsa_import_key_types[] = {
79     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0),
80     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0),
81     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0),
82     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0),
83     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0),
84     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0),
85     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0),
86     OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0),
87     OSSL_PARAM_END
88 };
89 
fake_rsa_keymgmt_imptypes(int selection)90 static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection)
91 {
92     /* record global for checking */
93     imptypes_selection = selection;
94 
95     return fake_rsa_import_key_types;
96 }
97 
fake_rsa_keymgmt_load(const void * reference,size_t reference_sz)98 static void *fake_rsa_keymgmt_load(const void *reference, size_t reference_sz)
99 {
100     unsigned char *key = NULL;
101 
102     if (reference_sz != sizeof(key))
103         return NULL;
104 
105     key = *(unsigned char **)reference;
106     if (*key != 1)
107         return NULL;
108 
109     /* detach the reference */
110     *(unsigned char **)reference = NULL;
111 
112     return key;
113 }
114 
fake_rsa_gen_init(void * provctx,int selection,const OSSL_PARAM params[])115 static void *fake_rsa_gen_init(void *provctx, int selection,
116                                const OSSL_PARAM params[])
117 {
118     unsigned char *gctx = NULL;
119 
120     if (!TEST_ptr(gctx = OPENSSL_malloc(1)))
121         return NULL;
122 
123     *gctx = 1;
124 
125     return gctx;
126 }
127 
fake_rsa_gen(void * genctx,OSSL_CALLBACK * osslcb,void * cbarg)128 static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
129 {
130     unsigned char *gctx = genctx;
131     static const unsigned char inited[] = { 1 };
132     unsigned char *keydata;
133 
134     if (!TEST_ptr(gctx)
135         || !TEST_mem_eq(gctx, sizeof(*gctx), inited, sizeof(inited)))
136         return NULL;
137 
138     if (!TEST_ptr(keydata = fake_rsa_keymgmt_new(NULL)))
139         return NULL;
140 
141     *keydata = 2;
142     return keydata;
143 }
144 
fake_rsa_gen_cleanup(void * genctx)145 static void fake_rsa_gen_cleanup(void *genctx)
146 {
147    OPENSSL_free(genctx);
148 }
149 
150 static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = {
151     { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))fake_rsa_keymgmt_new },
152     { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))fake_rsa_keymgmt_free} ,
153     { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))fake_rsa_keymgmt_has },
154     { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME,
155         (void (*)(void))fake_rsa_keymgmt_query },
156     { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import },
157     { OSSL_FUNC_KEYMGMT_IMPORT_TYPES,
158         (void (*)(void))fake_rsa_keymgmt_imptypes },
159     { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))fake_rsa_keymgmt_load },
160     { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))fake_rsa_gen_init },
161     { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))fake_rsa_gen },
162     { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))fake_rsa_gen_cleanup },
163     { 0, NULL }
164 };
165 
166 static const OSSL_ALGORITHM fake_rsa_keymgmt_algs[] = {
167     { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_keymgmt_funcs, "Fake RSA Key Management" },
168     { NULL, NULL, NULL, NULL }
169 };
170 
171 static OSSL_FUNC_signature_newctx_fn fake_rsa_sig_newctx;
172 static OSSL_FUNC_signature_freectx_fn fake_rsa_sig_freectx;
173 static OSSL_FUNC_signature_sign_init_fn fake_rsa_sig_sign_init;
174 static OSSL_FUNC_signature_sign_fn fake_rsa_sig_sign;
175 
fake_rsa_sig_newctx(void * provctx,const char * propq)176 static void *fake_rsa_sig_newctx(void *provctx, const char *propq)
177 {
178     unsigned char *sigctx = OPENSSL_zalloc(1);
179 
180     TEST_ptr(sigctx);
181 
182     return sigctx;
183 }
184 
fake_rsa_sig_freectx(void * sigctx)185 static void fake_rsa_sig_freectx(void *sigctx)
186 {
187     OPENSSL_free(sigctx);
188 }
189 
fake_rsa_sig_sign_init(void * ctx,void * provkey,const OSSL_PARAM params[])190 static int fake_rsa_sig_sign_init(void *ctx, void *provkey,
191                                   const OSSL_PARAM params[])
192 {
193     unsigned char *sigctx = ctx;
194     unsigned char *keydata = provkey;
195 
196     /* we must have a ctx */
197     if (!TEST_ptr(sigctx))
198         return 0;
199 
200     /* we must have some initialized key */
201     if (!TEST_ptr(keydata) || !TEST_int_gt(keydata[0], 0))
202         return 0;
203 
204     /* record that sign init was called */
205     *sigctx = 1;
206     return 1;
207 }
208 
fake_rsa_sig_sign(void * ctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)209 static int fake_rsa_sig_sign(void *ctx, unsigned char *sig,
210                              size_t *siglen, size_t sigsize,
211                              const unsigned char *tbs, size_t tbslen)
212 {
213     unsigned char *sigctx = ctx;
214 
215     /* we must have a ctx and init was called upon it */
216     if (!TEST_ptr(sigctx) || !TEST_int_eq(*sigctx, 1))
217         return 0;
218 
219     *siglen = 256;
220     /* record that the real sign operation was called */
221     if (sig != NULL) {
222         if (!TEST_int_ge(sigsize, *siglen))
223             return 0;
224         *sigctx = 2;
225         /* produce a fake signature */
226         memset(sig, 'a', *siglen);
227     }
228 
229     return 1;
230 }
231 
232 static const OSSL_DISPATCH fake_rsa_sig_funcs[] = {
233     { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))fake_rsa_sig_newctx },
234     { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))fake_rsa_sig_freectx },
235     { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))fake_rsa_sig_sign_init },
236     { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))fake_rsa_sig_sign },
237     { 0, NULL }
238 };
239 
240 static const OSSL_ALGORITHM fake_rsa_sig_algs[] = {
241     { "RSA:rsaEncryption", "provider=fake-rsa", fake_rsa_sig_funcs, "Fake RSA Signature" },
242     { NULL, NULL, NULL, NULL }
243 };
244 
245 static OSSL_FUNC_store_open_fn fake_rsa_st_open;
246 static OSSL_FUNC_store_settable_ctx_params_fn fake_rsa_st_settable_ctx_params;
247 static OSSL_FUNC_store_set_ctx_params_fn fake_rsa_st_set_ctx_params;
248 static OSSL_FUNC_store_load_fn fake_rsa_st_load;
249 static OSSL_FUNC_store_eof_fn fake_rsa_st_eof;
250 static OSSL_FUNC_store_close_fn fake_rsa_st_close;
251 
252 static const char fake_rsa_scheme[] = "fake_rsa:";
253 
fake_rsa_st_open(void * provctx,const char * uri)254 static void *fake_rsa_st_open(void *provctx, const char *uri)
255 {
256     unsigned char *storectx = NULL;
257 
258     /* First check whether the uri is ours */
259     if (strncmp(uri, fake_rsa_scheme, sizeof(fake_rsa_scheme) - 1) != 0)
260         return NULL;
261 
262     storectx = OPENSSL_zalloc(1);
263     if (!TEST_ptr(storectx))
264         return NULL;
265 
266     TEST_info("fake_rsa_open called");
267 
268     return storectx;
269 }
270 
fake_rsa_st_settable_ctx_params(void * provctx)271 static const OSSL_PARAM *fake_rsa_st_settable_ctx_params(void *provctx)
272 {
273     static const OSSL_PARAM known_settable_ctx_params[] = {
274         OSSL_PARAM_END
275     };
276     return known_settable_ctx_params;
277 }
278 
fake_rsa_st_set_ctx_params(void * loaderctx,const OSSL_PARAM params[])279 static int fake_rsa_st_set_ctx_params(void *loaderctx,
280                                       const OSSL_PARAM params[])
281 {
282     return 1;
283 }
284 
fake_rsa_st_load(void * loaderctx,OSSL_CALLBACK * object_cb,void * object_cbarg,OSSL_PASSPHRASE_CALLBACK * pw_cb,void * pw_cbarg)285 static int fake_rsa_st_load(void *loaderctx,
286                             OSSL_CALLBACK *object_cb, void *object_cbarg,
287                             OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
288 {
289     unsigned char *storectx = loaderctx;
290     OSSL_PARAM params[4];
291     int object_type = OSSL_OBJECT_PKEY;
292     void *key = NULL;
293     int rv = 0;
294 
295     switch (*storectx) {
296     case 0:
297         /* Construct a new key using our keymgmt functions */
298         if (!TEST_ptr(key = fake_rsa_keymgmt_new(NULL)))
299             break;
300         if (!TEST_int_gt(fake_rsa_keymgmt_import(key, 0, NULL), 0))
301             break;
302         params[0] =
303             OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type);
304         params[1] =
305             OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE,
306                                              "RSA", 0);
307         /* The address of the key becomes the octet string */
308         params[2] =
309             OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE,
310                                               &key, sizeof(key));
311         params[3] = OSSL_PARAM_construct_end();
312         rv = object_cb(params, object_cbarg);
313         *storectx = 1;
314         break;
315 
316     case 2:
317         TEST_info("fake_rsa_load() called in error state");
318         break;
319 
320     default:
321         TEST_info("fake_rsa_load() called in eof state");
322         break;
323     }
324 
325     TEST_info("fake_rsa_load called - rv: %d", rv);
326 
327     if (rv == 0) {
328         fake_rsa_keymgmt_free(key);
329         *storectx = 2;
330     }
331     return rv;
332 }
333 
fake_rsa_st_eof(void * loaderctx)334 static int fake_rsa_st_eof(void *loaderctx)
335 {
336     unsigned char *storectx = loaderctx;
337 
338     /* just one key for now in the fake_rsa store */
339     return *storectx != 0;
340 }
341 
fake_rsa_st_close(void * loaderctx)342 static int fake_rsa_st_close(void *loaderctx)
343 {
344     OPENSSL_free(loaderctx);
345     return 1;
346 }
347 
348 static const OSSL_DISPATCH fake_rsa_store_funcs[] = {
349     { OSSL_FUNC_STORE_OPEN, (void (*)(void))fake_rsa_st_open },
350     { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS,
351       (void (*)(void))fake_rsa_st_settable_ctx_params },
352     { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))fake_rsa_st_set_ctx_params },
353     { OSSL_FUNC_STORE_LOAD, (void (*)(void))fake_rsa_st_load },
354     { OSSL_FUNC_STORE_EOF, (void (*)(void))fake_rsa_st_eof },
355     { OSSL_FUNC_STORE_CLOSE, (void (*)(void))fake_rsa_st_close },
356     { 0, NULL },
357 };
358 
359 static const OSSL_ALGORITHM fake_rsa_store_algs[] = {
360     { "fake_rsa", "provider=fake-rsa", fake_rsa_store_funcs },
361     { NULL, NULL, NULL }
362 };
363 
fake_rsa_query(void * provctx,int operation_id,int * no_cache)364 static const OSSL_ALGORITHM *fake_rsa_query(void *provctx,
365                                             int operation_id,
366                                             int *no_cache)
367 {
368     *no_cache = 0;
369     switch (operation_id) {
370     case OSSL_OP_SIGNATURE:
371         return fake_rsa_sig_algs;
372 
373     case OSSL_OP_KEYMGMT:
374         return fake_rsa_keymgmt_algs;
375 
376     case OSSL_OP_STORE:
377         return fake_rsa_store_algs;
378     }
379     return NULL;
380 }
381 
382 /* Functions we provide to the core */
383 static const OSSL_DISPATCH fake_rsa_method[] = {
384     { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OSSL_LIB_CTX_free },
385     { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fake_rsa_query },
386     { 0, NULL }
387 };
388 
fake_rsa_provider_init(const OSSL_CORE_HANDLE * handle,const OSSL_DISPATCH * in,const OSSL_DISPATCH ** out,void ** provctx)389 static int fake_rsa_provider_init(const OSSL_CORE_HANDLE *handle,
390                                   const OSSL_DISPATCH *in,
391                                   const OSSL_DISPATCH **out, void **provctx)
392 {
393     if (!TEST_ptr(*provctx = OSSL_LIB_CTX_new()))
394         return 0;
395     *out = fake_rsa_method;
396     return 1;
397 }
398 
fake_rsa_start(OSSL_LIB_CTX * libctx)399 OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx)
400 {
401     OSSL_PROVIDER *p;
402 
403     if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "fake-rsa",
404                                              fake_rsa_provider_init))
405             || !TEST_ptr(p = OSSL_PROVIDER_try_load(libctx, "fake-rsa", 1)))
406         return NULL;
407 
408     return p;
409 }
410 
fake_rsa_finish(OSSL_PROVIDER * p)411 void fake_rsa_finish(OSSL_PROVIDER *p)
412 {
413     OSSL_PROVIDER_unload(p);
414 }
415