diff options
author | Mårten Nordheim <marten.nordheim@qt.io> | 2019-03-12 12:28:47 +0100 |
---|---|---|
committer | Mårten Nordheim <marten.nordheim@qt.io> | 2019-03-26 13:08:16 +0000 |
commit | a06dfed4cc94fefca3f0db7eca679f083a984c9b (patch) | |
tree | e0deb7247d1a9700b01a75d9748c13362f1747b4 | |
parent | 03ada0217c201903b8282f77e292f1964e00b880 (diff) |
tst_qsslkey: test AES encryption in the 'encrypt' test
And export the required symbols in OpenSSL so we can run the test there
as well even if it's not needed for any functionality.
Change-Id: I4246d2b0bbdd42079d255f97f3c66ce8bb37390b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
-rw-r--r-- | src/network/ssl/qsslkey_openssl.cpp | 9 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols.cpp | 10 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols_p.h | 5 | ||||
-rw-r--r-- | tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp | 92 |
4 files changed, 94 insertions, 22 deletions
diff --git a/src/network/ssl/qsslkey_openssl.cpp b/src/network/ssl/qsslkey_openssl.cpp index dfb80bd829..888058df22 100644 --- a/src/network/ssl/qsslkey_openssl.cpp +++ b/src/network/ssl/qsslkey_openssl.cpp @@ -334,12 +334,13 @@ static QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, #endif break; case QSslKeyPrivate::Aes128Cbc: + type = q_EVP_aes_128_cbc(); + break; case QSslKeyPrivate::Aes192Cbc: + type = q_EVP_aes_192_cbc(); + break; case QSslKeyPrivate::Aes256Cbc: - // Just to avoid compiler warnings/errors. OpenSSL uses a different - // codepath when reading encrypted keys, and they all correctly - // deduce the cipher and know how to derive a key. - Q_UNREACHABLE(); + type = q_EVP_aes_256_cbc(); break; } diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index f136c92a65..e04d45c10c 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -359,6 +359,11 @@ DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return null #ifndef OPENSSL_NO_RC2 DEFINEFUNC(const EVP_CIPHER *, EVP_rc2_cbc, DUMMYARG, DUMMYARG, return nullptr, return) #endif +#ifndef OPENSSL_NO_AES +DEFINEFUNC(const EVP_CIPHER *, EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return nullptr, return) +DEFINEFUNC(const EVP_CIPHER *, EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return nullptr, return) +DEFINEFUNC(const EVP_CIPHER *, EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return nullptr, return) +#endif DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return nullptr, return) DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return) DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return) @@ -1179,6 +1184,11 @@ bool q_resolveOpenSslSymbols() #ifndef OPENSSL_NO_RC2 RESOLVEFUNC(EVP_rc2_cbc) #endif +#ifndef OPENSSL_NO_AES + RESOLVEFUNC(EVP_aes_128_cbc) + RESOLVEFUNC(EVP_aes_192_cbc) + RESOLVEFUNC(EVP_aes_256_cbc) +#endif RESOLVEFUNC(EVP_sha1) RESOLVEFUNC(EVP_PKEY_assign) RESOLVEFUNC(EVP_PKEY_set1_RSA) diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index 59b6e53940..fcf96dbd47 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -281,6 +281,11 @@ const EVP_CIPHER *q_EVP_des_ede3_cbc(); #ifndef OPENSSL_NO_RC2 const EVP_CIPHER *q_EVP_rc2_cbc(); #endif +#ifndef OPENSSL_NO_AES +const EVP_CIPHER *q_EVP_aes_128_cbc(); +const EVP_CIPHER *q_EVP_aes_192_cbc(); +const EVP_CIPHER *q_EVP_aes_256_cbc(); +#endif Q_AUTOTEST_EXPORT const EVP_MD *q_EVP_sha1(); int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c); Q_AUTOTEST_EXPORT int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b); diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp index 0ce4256ce1..f94756ed73 100644 --- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp +++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp @@ -562,79 +562,135 @@ void tst_QSslKey::encrypt_data() QTest::addColumn<QByteArray>("key"); QTest::addColumn<QByteArray>("plainText"); QTest::addColumn<QByteArray>("cipherText"); + QTest::addColumn<QByteArray>("iv"); + QByteArray iv("abcdefgh"); QTest::newRow("DES-CBC, length 0") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray() - << QByteArray::fromHex("956585228BAF9B1F"); + << QByteArray::fromHex("956585228BAF9B1F") + << iv; QTest::newRow("DES-CBC, length 1") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(1, 'a') - << QByteArray::fromHex("E6880AF202BA3C12"); + << QByteArray::fromHex("E6880AF202BA3C12") + << iv; QTest::newRow("DES-CBC, length 2") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(2, 'a') - << QByteArray::fromHex("A82492386EED6026"); + << QByteArray::fromHex("A82492386EED6026") + << iv; QTest::newRow("DES-CBC, length 3") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(3, 'a') - << QByteArray::fromHex("90B76D5B79519CBA"); + << QByteArray::fromHex("90B76D5B79519CBA") + << iv; QTest::newRow("DES-CBC, length 4") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(4, 'a') - << QByteArray::fromHex("63E3DD6FED87052A"); + << QByteArray::fromHex("63E3DD6FED87052A") + << iv; QTest::newRow("DES-CBC, length 5") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(5, 'a') - << QByteArray::fromHex("03ACDB0EACBDFA94"); + << QByteArray::fromHex("03ACDB0EACBDFA94") + << iv; QTest::newRow("DES-CBC, length 6") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(6, 'a') - << QByteArray::fromHex("7D95024E42A3A88A"); + << QByteArray::fromHex("7D95024E42A3A88A") + << iv; QTest::newRow("DES-CBC, length 7") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(7, 'a') - << QByteArray::fromHex("5003436B8A8E42E9"); + << QByteArray::fromHex("5003436B8A8E42E9") + << iv; QTest::newRow("DES-CBC, length 8") << QSslKeyPrivate::DesCbc << QByteArray("01234567") << QByteArray(8, 'a') - << QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1"); + << QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1") + << iv; QTest::newRow("DES-EDE3-CBC, length 0") << QSslKeyPrivate::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn") << QByteArray() - << QByteArray::fromHex("3B2B4CD0B0FD495F"); + << QByteArray::fromHex("3B2B4CD0B0FD495F") + << iv; QTest::newRow("DES-EDE3-CBC, length 8") << QSslKeyPrivate::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn") << QByteArray(8, 'a') - << QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03"); + << QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03") + << iv; QTest::newRow("RC2-40-CBC, length 0") << QSslKeyPrivate::Rc2Cbc << QByteArray("01234") << QByteArray() - << QByteArray::fromHex("6D05D52392FF6E7A"); + << QByteArray::fromHex("6D05D52392FF6E7A") + << iv; QTest::newRow("RC2-40-CBC, length 8") << QSslKeyPrivate::Rc2Cbc << QByteArray("01234") << QByteArray(8, 'a') - << QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005"); + << QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005") + << iv; QTest::newRow("RC2-64-CBC, length 0") << QSslKeyPrivate::Rc2Cbc << QByteArray("01234567") << QByteArray() - << QByteArray::fromHex("ADAE6BF70F420130"); + << QByteArray::fromHex("ADAE6BF70F420130") + << iv; QTest::newRow("RC2-64-CBC, length 8") << QSslKeyPrivate::Rc2Cbc << QByteArray("01234567") << QByteArray(8, 'a') - << QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF"); + << QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF") + << iv; QTest::newRow("RC2-128-CBC, length 0") << QSslKeyPrivate::Rc2Cbc << QByteArray("012345679abcdefg") << QByteArray() - << QByteArray::fromHex("1E965D483A13C8FB"); + << QByteArray::fromHex("1E965D483A13C8FB") + << iv; QTest::newRow("RC2-128-CBC, length 8") << QSslKeyPrivate::Rc2Cbc << QByteArray("012345679abcdefg") << QByteArray(8, 'a') - << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE"); + << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE") + << iv; + +#if (!defined(QT_NO_OPENSSL) && !defined(OPENSSL_NO_AES)) || (defined(QT_NO_OPENSSL) && QT_CONFIG(ssl)) + // AES needs a longer IV + iv = QByteArray("abcdefghijklmnop"); + QTest::newRow("AES-128-CBC, length 0") + << QSslKeyPrivate::Aes128Cbc << QByteArray("012345679abcdefg") + << QByteArray() + << QByteArray::fromHex("28DE1A9AA26601C30DD2527407121D1A") + << iv; + QTest::newRow("AES-128-CBC, length 8") + << QSslKeyPrivate::Aes128Cbc << QByteArray("012345679abcdefg") + << QByteArray(8, 'a') + << QByteArray::fromHex("08E880B1BA916F061C1E801D7F44D0EC") + << iv; + + QTest::newRow("AES-192-CBC, length 0") + << QSslKeyPrivate::Aes192Cbc << QByteArray("0123456789abcdefghijklmn") + << QByteArray() + << QByteArray::fromHex("E169E0E205CDC2BA895B7CF6097673B1") + << iv; + QTest::newRow("AES-192-CBC, length 8") + << QSslKeyPrivate::Aes192Cbc << QByteArray("0123456789abcdefghijklmn") + << QByteArray(8, 'a') + << QByteArray::fromHex("3A227D6A3A13237316D30AA17FF9B0A7") + << iv; + + QTest::newRow("AES-256-CBC, length 0") + << QSslKeyPrivate::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv") + << QByteArray() + << QByteArray::fromHex("4BAACAA0D22199C97DE206C465B7B14A") + << iv; + QTest::newRow("AES-256-CBC, length 8") + << QSslKeyPrivate::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv") + << QByteArray(8, 'a') + << QByteArray::fromHex("879C8C25EC135CDF0B14490A0A7C2F67") + << iv; +#endif // (OpenSSL && AES) || generic backend } void tst_QSslKey::encrypt() @@ -643,7 +699,7 @@ void tst_QSslKey::encrypt() QFETCH(QByteArray, key); QFETCH(QByteArray, plainText); QFETCH(QByteArray, cipherText); - QByteArray iv("abcdefgh"); + QFETCH(QByteArray, iv); #if defined(Q_OS_WINRT) || QT_CONFIG(schannel) QEXPECT_FAIL("RC2-40-CBC, length 0", "WinRT/Schannel treats RC2 as 128-bit", Abort); |