Skip to content

Commit 81af264

Browse files
dgarskedgarske
authored
Merge pull request #148 from danielinux/wolfssl-interop-tests
Added interoperability test against wolfSSL master
2 parents 793e264 + 08a5597 commit 81af264

5 files changed

Lines changed: 1706 additions & 0 deletions

File tree

.github/workflows/wolfssl-master-compatibility.yml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
name: wolfPKCS11 interoperability tests against wolfSSL upstream
2+
3+
on:
4+
push:
5+
branches: [ 'master', 'main', 'release/**' ]
6+
pull_request:
7+
branches: [ '*' ]
8+
schedule:
9+
- cron: "0 1 * * *"
10+
11+
jobs:
12+
build:
13+
runs-on: ubuntu-latest
14+
steps:
15+
#pull wolfPKCS11
16+
- uses: actions/checkout@v4
17+
with:
18+
submodules: true
19+
20+
#setup wolfssl at master branch
21+
- uses: actions/checkout@v4
22+
with:
23+
repository: wolfssl/wolfssl
24+
ref: master
25+
path: wolfssl
26+
27+
# build + run tests
28+
- name: Build and run interoperability test
29+
working-directory: ./
30+
run: make -C tests/wolfssl-interoperability
31+
32+

tests/testdata.h

Lines changed: 173 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -422,6 +422,124 @@ static const int sizeof_dh_2048_exp = sizeof(dh_2048_exp);
422422
#endif
423423

424424
#ifndef NO_AES
425+
/* NIST SP 800-38D, Test Case 4 */
426+
static const unsigned char aes_gcm_key[16] = {
427+
0xFE, 0xFF, 0xE9, 0x92, 0x86, 0x65, 0x73, 0x1C,
428+
0x6D, 0x6A, 0x8F, 0x94, 0x67, 0x30, 0x83, 0x08
429+
};
430+
static const unsigned char aes_gcm_iv[12] = {
431+
0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, 0xDB, 0xAD,
432+
0xDE, 0xCA, 0xF8, 0x88
433+
};
434+
static const unsigned char aes_gcm_plain[32] = {
435+
0xD9, 0x31, 0x32, 0x25, 0xF8, 0x84, 0x06, 0xE5,
436+
0xA5, 0x59, 0x09, 0xC5, 0xAF, 0xF5, 0x26, 0x9A,
437+
0x86, 0xA7, 0xA9, 0x53, 0x15, 0x34, 0xF7, 0xDA,
438+
0x2E, 0x4C, 0x30, 0x3D, 0x8A, 0x31, 0x8A, 0x72
439+
};
440+
static const unsigned char aes_gcm_aad[] = {
441+
0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
442+
0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
443+
0xAB, 0xAD, 0xDA, 0xD2
444+
};
445+
static const unsigned char aes_gcm_cipher[32] = {
446+
0x42, 0x83, 0x1E, 0xC2, 0x21, 0x77, 0x74, 0x24,
447+
0x4B, 0x72, 0x21, 0xB7, 0x84, 0xD0, 0xD4, 0x9C,
448+
0xE3, 0xAA, 0x21, 0x2F, 0x2C, 0x02, 0xA4, 0xE0,
449+
0x35, 0xC1, 0x7E, 0x23, 0x29, 0xAC, 0xA1, 0x2E
450+
};
451+
static const unsigned char aes_gcm_tag[16] = {
452+
0xE1, 0x3E, 0x14, 0x34, 0x28, 0x5A, 0x94, 0x26,
453+
0xAD, 0xDF, 0xBF, 0xC2, 0x70, 0xD2, 0x7F, 0x16
454+
};
455+
456+
static const unsigned char aes_cbc_key[16] = {
457+
0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
458+
0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
459+
};
460+
static const unsigned char aes_cbc_iv[16] = {
461+
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
462+
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
463+
};
464+
static const unsigned char aes_cbc_plain[16] = {
465+
0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
466+
0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
467+
};
468+
static const unsigned char aes_cbc_cipher[16] = {
469+
0x76, 0x49, 0xAB, 0xAC, 0x81, 0x19, 0xB2, 0x46,
470+
0xCE, 0xE9, 0x8E, 0x9B, 0x12, 0xE9, 0x19, 0x7D
471+
};
472+
473+
static const unsigned char aes_cbc256_key[32] = {
474+
0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
475+
0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
476+
0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
477+
0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
478+
};
479+
static const unsigned char aes_cbc256_iv[16] = {
480+
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
481+
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
482+
};
483+
static const unsigned char aes_cbc256_cipher[16] = {
484+
0xF5, 0x8C, 0x4C, 0x04, 0xD6, 0xE5, 0xF1, 0xBA,
485+
0x77, 0x9E, 0xAB, 0xFB, 0x5F, 0x7B, 0xFB, 0xD6
486+
};
487+
488+
static const unsigned char aes_ctr_key[16] = {
489+
0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
490+
0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
491+
};
492+
static const unsigned char aes_ctr_iv[16] = {
493+
0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7,
494+
0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
495+
};
496+
static const unsigned char aes_ctr_plain[16] = {
497+
0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
498+
0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
499+
};
500+
static const unsigned char aes_ctr_cipher[16] = {
501+
0x87, 0x4D, 0x61, 0x91, 0xB6, 0x20, 0xE3, 0x26,
502+
0x1B, 0xEF, 0x68, 0x64, 0x99, 0x0D, 0xB6, 0xCE
503+
};
504+
505+
static const unsigned char aes_ctr256_key[32] = {
506+
0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
507+
0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
508+
0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
509+
0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
510+
};
511+
static const unsigned char aes_ctr256_iv[16] = {
512+
0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7,
513+
0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
514+
};
515+
static const unsigned char aes_ctr256_cipher[16] = {
516+
0x60, 0x1E, 0xC3, 0x13, 0x77, 0x57, 0x89, 0xA5,
517+
0xB7, 0xA7, 0xF5, 0x04, 0xBB, 0xF3, 0xD2, 0x28
518+
};
519+
520+
static const unsigned char aes_xts_key[32] = {
521+
0x39, 0x25, 0x79, 0x05, 0xDF, 0xCC, 0x77, 0x76,
522+
0x6C, 0x87, 0x0A, 0x80, 0x6A, 0x60, 0xE3, 0xC0,
523+
0x93, 0xD1, 0x2A, 0xCF, 0xCB, 0x51, 0x42, 0xFA,
524+
0x09, 0x69, 0x89, 0x62, 0x5B, 0x60, 0xDB, 0x16
525+
};
526+
static const unsigned char aes_xts_tweak[16] = {
527+
0x5C, 0xF7, 0x9D, 0xB6, 0xC5, 0xCD, 0x99, 0x1A,
528+
0x1C, 0x78, 0x81, 0x42, 0x24, 0x95, 0x1E, 0x84
529+
};
530+
static const unsigned char aes_xts_plain[32] = {
531+
0xBD, 0xC5, 0x46, 0x8F, 0xBC, 0x8D, 0x50, 0xA1,
532+
0x0D, 0x1C, 0x85, 0x7F, 0x79, 0x1C, 0x5C, 0xBA,
533+
0xB3, 0x81, 0x0D, 0x0D, 0x73, 0xCF, 0x8F, 0x20,
534+
0x46, 0xB1, 0xD1, 0x9E, 0x7D, 0x5D, 0x8A, 0x56
535+
};
536+
static const unsigned char aes_xts_cipher[32] = {
537+
0xD6, 0xBE, 0x04, 0x6D, 0x41, 0xF2, 0x3B, 0x5E,
538+
0xD7, 0x0B, 0x6B, 0x3D, 0x5C, 0x8E, 0x66, 0x23,
539+
0x2B, 0xE6, 0xB8, 0x07, 0xD4, 0xDC, 0xC6, 0x0E,
540+
0xFF, 0x8D, 0xBC, 0x1D, 0x9F, 0x7F, 0xC8, 0x22
541+
};
542+
425543
static unsigned char aes_128_key[] = {
426544
0xf7, 0x88, 0x9e, 0x9a, 0x5f, 0xe2, 0xaa, 0xca,
427545
0xba, 0x14, 0x8a, 0xd3, 0xd1, 0x2d, 0x39, 0xe0,
@@ -472,6 +590,61 @@ static unsigned char aes_128_cts_exp[] = {
472590
#endif
473591
#endif
474592

593+
static const unsigned char hmac_key[20] = {
594+
0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
595+
0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
596+
0x0B, 0x0B, 0x0B, 0x0B
597+
};
598+
static const unsigned char hmac_msg[] = {
599+
'H', 'i', ' ', 'T', 'h', 'e', 'r', 'e'
600+
};
601+
static const unsigned char hmac_digest[32] = {
602+
0xB0, 0x34, 0x4C, 0x61, 0xD8, 0xDB, 0x38, 0x53,
603+
0x5C, 0xA8, 0xAF, 0xCE, 0xAF, 0x0B, 0xF1, 0x2B,
604+
0x88, 0x1D, 0xC2, 0x00, 0xC9, 0x83, 0x3D, 0xA7,
605+
0x26, 0xE9, 0x37, 0x6C, 0x2E, 0x32, 0xCF, 0xF7
606+
};
607+
608+
static const unsigned char sha_test_msg[] = { 'a', 'b', 'c' };
609+
static const unsigned char sha224_expected[] = {
610+
0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
611+
0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
612+
0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
613+
0xE3, 0x6C, 0x9D, 0xA7
614+
};
615+
static const unsigned char sha256_expected[] = {
616+
0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
617+
0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
618+
0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
619+
0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD
620+
};
621+
static const unsigned char sha384_expected[] = {
622+
0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
623+
0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
624+
0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
625+
0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
626+
0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
627+
0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7
628+
};
629+
static const unsigned char sha512_expected[] = {
630+
0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
631+
0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
632+
0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
633+
0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
634+
0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
635+
0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
636+
0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
637+
0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F
638+
};
639+
#ifdef WOLFSSL_SHA3
640+
static const unsigned char sha3_256_expected[] = {
641+
0x3A, 0x98, 0x5D, 0xA7, 0x4F, 0xE2, 0x25, 0xB2,
642+
0x04, 0x5C, 0x17, 0x2D, 0x6B, 0xD3, 0x90, 0xBD,
643+
0x85, 0x5F, 0x08, 0x6E, 0x3E, 0x9D, 0x52, 0x5B,
644+
0x46, 0xBF, 0xE2, 0x45, 0x11, 0x43, 0x15, 0x32
645+
};
646+
#endif /* WOLFSSL_SHA3 */
647+
475648

476649
#ifndef WOLFPKCS11_NO_ENV
477650
#include <stdio.h>

tests/wolfssl-interoperability/Makefile

Lines changed: 105 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,105 @@
1+
CC ?= gcc
2+
AR ?= ar
3+
CFLAGS ?= -O2 -g
4+
CFLAGS += -Wall -Wextra -Wno-unused-parameter -fPIC
5+
LDFLAGS ?=
6+
LDLIBS ?=
7+
LDLIBS += -ldl -lpthread -lm
8+
WOLFSSL_DIR ?= ../../wolfssl
9+
WOLFPKCS11_DIR ?= ../..
10+
11+
BUILD_DIR := build
12+
13+
COMMON_CPPFLAGS := -DWOLFSSL_USER_SETTINGS -I. -I.. \
14+
-I$(WOLFSSL_DIR) -I$(WOLFSSL_DIR)/wolfssl -I$(WOLFSSL_DIR)/wolfssl/wolfcrypt \
15+
-I$(WOLFPKCS11_DIR) -I$(WOLFPKCS11_DIR)/wolfpkcs11 -I$(WOLFPKCS11_DIR)/src
16+
WOLFCRYPT_CPPFLAGS := $(COMMON_CPPFLAGS) -DWOLFSSL_LIB
17+
ENGINE_CPPFLAGS := $(COMMON_CPPFLAGS) -DBUILDING_WOLFPKCS11 -DDEBUG_WOLFPKCS11
18+
TEST_CPPFLAGS := $(COMMON_CPPFLAGS)
19+
20+
WOLFCRYPT_SRCS := \
21+
$(WOLFSSL_DIR)/wolfcrypt/src/aes.c \
22+
$(WOLFSSL_DIR)/wolfcrypt/src/asn.c \
23+
$(WOLFSSL_DIR)/wolfcrypt/src/coding.c \
24+
$(WOLFSSL_DIR)/wolfcrypt/src/cryptocb.c \
25+
$(WOLFSSL_DIR)/wolfcrypt/src/des3.c \
26+
$(WOLFSSL_DIR)/wolfcrypt/src/dsa.c \
27+
$(WOLFSSL_DIR)/wolfcrypt/src/dh.c \
28+
$(WOLFSSL_DIR)/wolfcrypt/src/ecc.c \
29+
$(WOLFSSL_DIR)/wolfcrypt/src/ecc_fp.c \
30+
$(WOLFSSL_DIR)/wolfcrypt/src/error.c \
31+
$(WOLFSSL_DIR)/wolfcrypt/src/hash.c \
32+
$(WOLFSSL_DIR)/wolfcrypt/src/md5.c \
33+
$(WOLFSSL_DIR)/wolfcrypt/src/hmac.c \
34+
$(WOLFSSL_DIR)/wolfcrypt/src/integer.c \
35+
$(WOLFSSL_DIR)/wolfcrypt/src/logging.c \
36+
$(WOLFSSL_DIR)/wolfcrypt/src/memory.c \
37+
$(WOLFSSL_DIR)/wolfcrypt/src/random.c \
38+
$(WOLFSSL_DIR)/wolfcrypt/src/kdf.c \
39+
$(WOLFSSL_DIR)/wolfcrypt/src/rsa.c \
40+
$(WOLFSSL_DIR)/wolfcrypt/src/sha.c \
41+
$(WOLFSSL_DIR)/wolfcrypt/src/sha256.c \
42+
$(WOLFSSL_DIR)/wolfcrypt/src/sha512.c \
43+
$(WOLFSSL_DIR)/wolfcrypt/src/sha3.c \
44+
$(WOLFSSL_DIR)/wolfcrypt/src/signature.c \
45+
$(WOLFSSL_DIR)/wolfcrypt/src/pwdbased.c \
46+
$(WOLFSSL_DIR)/wolfcrypt/src/sp_int.c \
47+
$(WOLFSSL_DIR)/wolfcrypt/src/sp_c32.c \
48+
$(WOLFSSL_DIR)/wolfcrypt/src/wc_encrypt.c \
49+
$(WOLFSSL_DIR)/wolfcrypt/src/wc_pkcs11.c \
50+
$(WOLFSSL_DIR)/wolfcrypt/src/wc_port.c \
51+
$(WOLFSSL_DIR)/wolfcrypt/src/wolfmath.c
52+
53+
ENGINE_SRCS := \
54+
$(WOLFPKCS11_DIR)/src/internal.c \
55+
$(WOLFPKCS11_DIR)/src/wolfpkcs11.c \
56+
$(WOLFPKCS11_DIR)/src/slot.c \
57+
$(WOLFPKCS11_DIR)/src/crypto.c
58+
59+
TEST_SRCS := pkcs11_interop.c
60+
61+
WOLFCRYPT_OBJS := $(patsubst $(WOLFSSL_DIR)/%.c,$(BUILD_DIR)/wolfssl/%.o,$(WOLFCRYPT_SRCS))
62+
ENGINE_OBJS := $(patsubst $(WOLFPKCS11_DIR)/%.c,$(BUILD_DIR)/wolfpkcs11/%.o,$(ENGINE_SRCS))
63+
TEST_OBJS := $(patsubst %.c,$(BUILD_DIR)/interop-test/%.o,$(TEST_SRCS))
64+
65+
all: test
66+
67+
interop: $(BUILD_DIR)/pkcs11_interop
68+
69+
$(BUILD_DIR)/wolfssl/%.o: $(WOLFSSL_DIR)/%.c
70+
@mkdir -p $(dir $@)
71+
$(CC) $(CPPFLAGS) $(WOLFCRYPT_CPPFLAGS) $(CFLAGS) -c $< -o $@
72+
73+
$(BUILD_DIR)/wolfpkcs11/%.o: $(WOLFPKCS11_DIR)/%.c
74+
@mkdir -p $(dir $@)
75+
$(CC) $(CPPFLAGS) $(ENGINE_CPPFLAGS) $(CFLAGS) -c $< -o $@
76+
77+
$(BUILD_DIR)/interop-test/%.o: %.c
78+
@mkdir -p $(dir $@)
79+
$(CC) $(CPPFLAGS) $(TEST_CPPFLAGS) $(CFLAGS) -c $< -o $@
80+
81+
$(BUILD_DIR)/libwolfcrypt-interop.so: $(WOLFCRYPT_OBJS)
82+
@mkdir -p $(dir $@)
83+
$(CC) -shared -o $@ $(WOLFCRYPT_OBJS) $(LDFLAGS) $(LDLIBS)
84+
85+
$(BUILD_DIR)/libwolfpkcs11-interop.so: $(ENGINE_OBJS) $(BUILD_DIR)/libwolfcrypt-interop.so
86+
@mkdir -p $(dir $@)
87+
$(CC) -shared -o $@ $(ENGINE_OBJS) -L$(BUILD_DIR) -lwolfcrypt-interop $(LDFLAGS) $(LDLIBS)
88+
89+
$(BUILD_DIR)/pkcs11_interop: $(TEST_OBJS) $(BUILD_DIR)/libwolfpkcs11-interop.so $(BUILD_DIR)/libwolfcrypt-interop.so
90+
$(CC) -o $@ $(TEST_OBJS) -L$(BUILD_DIR) -lwolfpkcs11-interop -lwolfcrypt-interop $(LDFLAGS) $(LDLIBS)
91+
92+
.PHONY: test
93+
test: $(BUILD_DIR)/pkcs11_interop
94+
WOLFPKCS11_MODULE=$(BUILD_DIR)/libwolfpkcs11-interop.so LD_LIBRARY_PATH=$(BUILD_DIR) $(BUILD_DIR)/pkcs11_interop
95+
debug: $(BUILD_DIR)/pkcs11_interop
96+
WOLFPKCS11_MODULE=$(BUILD_DIR)/libwolfpkcs11-interop.so LD_LIBRARY_PATH=$(BUILD_DIR) gdb $(BUILD_DIR)/pkcs11_interop
97+
98+
.PHONY: clean
99+
clean:
100+
rm -rf $(BUILD_DIR)/wolfssl $(BUILD_DIR)/wolfPKCS11 $(BUILD_DIR)/interop-test \
101+
$(BUILD_DIR)/libwolfcrypt-interop.so $(BUILD_DIR)/libwolfpkcs11-interop.so \
102+
$(BUILD_DIR)/pkcs11_interop
103+
rm -rf token-store
104+
@# Safely remove build directory, if local
105+
rm -rf ./build

0 commit comments

Comments
 (0)