lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-07-31 00:03:07 +03:00
Code Activity

tests: Verify the right implementation is used

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
Jakub Jelen
2025-01-03 20:44:48 +01:00
parent 39fcaac3ca
commit 1ea9708409
5 changed files with 142 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/CMakeLists.txt
View File

@ -60,6 +60,10 @@ if (CLIENT_TESTING)
list(APPEND WRAP_SYMBOLS
"-Wl,--wrap=crypto_scalarmult_base"
"-Wl,--wrap=crypto_scalarmult")
list(APPEND WRAP_SYMBOLS
"-Wl,--wrap=sntrup761_keypair"
"-Wl,--wrap=sntrup761_enc"
"-Wl,--wrap=sntrup761_dec")
add_library(${TORTURE_SHARED_LIBRARY}
SHARED

17
tests/external_override/CMakeLists.txt
View File

@ -77,8 +77,19 @@ target_link_libraries(curve25519_override
set(CURVE25519_OVERRIDE_LIBRARY
${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}curve25519_override${CMAKE_SHARED_LIBRARY_SUFFIX})
# sntrup761_override
add_library(sntrup761_override SHARED
sntrup761_override.c
${libssh_SOURCE_DIR}/src/external/sntrup761.c
${override_src}
)
target_link_libraries(sntrup761_override
PRIVATE ${override_libs})
set(SNTRUP761_OVERRIDE_LIBRARY
${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}sntrup761_override${CMAKE_SHARED_LIBRARY_SUFFIX})
set(OVERRIDE_LIBRARIES
${CHACHA20_OVERRIDE_LIBRARY}:${POLY1305_OVERRIDE_LIBRARY}:${ED25519_OVERRIDE_LIBRARY}:${CURVE25519_OVERRIDE_LIBRARY}
${CHACHA20_OVERRIDE_LIBRARY}:${POLY1305_OVERRIDE_LIBRARY}:${ED25519_OVERRIDE_LIBRARY}:${CURVE25519_OVERRIDE_LIBRARY}:${SNTRUP761_OVERRIDE_LIBRARY}
)
if (WITH_MBEDTLS)
@ -89,6 +100,7 @@ if (WITH_MBEDTLS)
endif ()
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_ED25519=1")
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_CURVE25519=1")
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_SNTRUP761=1")
elseif (WITH_GCRYPT)
if (HAVE_GCRYPT_CHACHA_POLY)
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_CHACHAPOLY=0")
@ -97,6 +109,7 @@ elseif (WITH_GCRYPT)
endif ()
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_ED25519=1")
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_CURVE25519=1")
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_SNTRUP761=0")
else ()
if (HAVE_OPENSSL_EVP_CHACHA20)
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_CHACHAPOLY=0")
@ -105,6 +118,7 @@ else ()
endif ()
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_CURVE25519=0")
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_ED25519=0")
list(APPEND OVERRIDE_RESULTS "-DSHOULD_CALL_INTERNAL_SNTRUP761=1")
endif ()
if (NOT OSX)
@ -135,6 +149,7 @@ foreach(_OVERRIDE_TEST ${LIBSSH_OVERRIDE_TESTS})
poly1305_override
ed25519_override
curve25519_override
sntrup761_override
)
if (OSX)

73
tests/external_override/sntrup761_override.c Normal file
View File

@ -0,0 +1,73 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2021 - 2025 Red Hat, Inc.
*
* Authors: Anderson Toshiyuki Sasaki
* Jakub Jelen <jjelen@redhat.com>
*
* The SSH Library is free software: you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation, either
* version 2.1 of the License, or (at your option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with the SSH Library; see the file COPYING. If not,
* see <https://www.gnu.org/licenses/>.
*/
#include "config.h"
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <libssh/priv.h>
#include <libssh/sntrup761.h>
#include "sntrup761_override.h"
static bool internal_function_called = false;
void __wrap_sntrup761_keypair(uint8_t *pk,
uint8_t *sk,
void *random_ctx,
sntrup761_random_func *random)
{
fprintf(stderr, "%s: Internal implementation was called\n", __func__);
internal_function_called = true;
return sntrup761_keypair(pk, sk, random_ctx, random);
}
void __wrap_sntrup761_enc(uint8_t *c,
uint8_t *k,
const uint8_t *pk,
void *random_ctx,
sntrup761_random_func *random)
{
fprintf(stderr, "%s: Internal implementation was called\n", __func__);
internal_function_called = true;
return sntrup761_enc(c, k, pk, random_ctx, random);
}
void __wrap_sntrup761_dec(uint8_t *k, const uint8_t *c, const uint8_t *sk)
{
fprintf(stderr, "%s: Internal implementation was called\n", __func__);
internal_function_called = true;
return sntrup761_dec(k, c, sk);
}
bool internal_sntrup761_function_called(void)
{
return internal_function_called;
}
void reset_sntrup761_function_called(void)
{
internal_function_called = false;
}

40
tests/external_override/sntrup761_override.h Normal file
View File

@ -0,0 +1,40 @@
/*
* This file is part of the SSH Library
*
* Copyright (c) 2021 - 2025 Red Hat, Inc.
*
* Authors: Anderson Toshiyuki Sasaki
* Jakub Jelen <jjelen@redhat.com>
*
* The SSH Library is free software: you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation, either
* version 2.1 of the License, or (at your option) any later version.
*
* The SSH Library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with the SSH Library; see the file COPYING. If not,
* see <https://www.gnu.org/licenses/>.
*/
#include "libssh/sntrup761.h"
void __wrap_sntrup761_keypair(uint8_t *pk,
uint8_t *sk,
void *random_ctx,
sntrup761_random_func *random);
void __wrap_sntrup761_enc(uint8_t *c,
uint8_t *k,
const uint8_t *pk,
void *random_ctx,
sntrup761_random_func *random);
void __wrap_sntrup761_dec(uint8_t *k, const uint8_t *c, const uint8_t *sk);
bool internal_sntrup761_function_called(void);
void reset_sntrup761_function_called(void);

14
tests/external_override/torture_override.c
View File

@ -30,9 +30,10 @@
#include <pwd.h>
#include "chacha20_override.h"
#include "poly1305_override.h"
#include "curve25519_override.h"
#include "ed25519_override.h"
#include "poly1305_override.h"
#include "sntrup761_override.h"
const char template[] = "temp_dir_XXXXXX";
@ -261,6 +262,7 @@ torture_override_ecdh_sntrup761x25519_sha512_openssh_com(void **state)
{
struct torture_state *s = *state;
bool internal_curve25519_called;
bool internal_sntrup761_called;
if (ssh_fips_mode()) {
skip();
@ -272,11 +274,13 @@ torture_override_ecdh_sntrup761x25519_sha512_openssh_com(void **state)
NULL /* hostkey */);
internal_curve25519_called = internal_curve25519_function_called();
internal_sntrup761_called = internal_sntrup761_function_called();
/* TODO: when non-internal sntrup761 is supported, this is a good
place to add override checks of the sntrup761-related functions
too. Currently none of our external crypto libraries supports
sntrup761. */
#if SHOULD_CALL_INTERNAL_SNTRUP761
assert_true(internal_sntrup761_called);
#else
assert_false(internal_sntrup761_called);
#endif
#if SHOULD_CALL_INTERNAL_CURVE25519
assert_true(internal_curve25519_called);