tst_qsslkey: test AES encryption in the 'encrypt' test

And export the required symbols in OpenSSL so we can run the test there as well even if it's not needed for any functionality. Change-Id: I4246d2b0bbdd42079d255f97f3c66ce8bb37390b Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-12 12:28:47 +01:00 · 2019-03-12 12:28:47 +01:00 · a06dfed4cc
commit a06dfed4cc
parent 03ada0217c
4 changed files with 94 additions and 22 deletions
--- a/src/network/ssl/qsslkey_openssl.cpp
+++ b/src/network/ssl/qsslkey_openssl.cpp
@ -334,12 +334,13 @@ static QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data,
 #endif
        break;
    case QSslKeyPrivate::Aes128Cbc:
+        type = q_EVP_aes_128_cbc();
+        break;
    case QSslKeyPrivate::Aes192Cbc:
+        type = q_EVP_aes_192_cbc();
+        break;
    case QSslKeyPrivate::Aes256Cbc:
-        // Just to avoid compiler warnings/errors. OpenSSL uses a different
-        // codepath when reading encrypted keys, and they all correctly
-        // deduce the cipher and know how to derive a key.
-        Q_UNREACHABLE();
+        type = q_EVP_aes_256_cbc();
        break;
    }

--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
@ -359,6 +359,11 @@ DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return null
 #ifndef OPENSSL_NO_RC2
 DEFINEFUNC(const EVP_CIPHER *, EVP_rc2_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
 #endif
+#ifndef OPENSSL_NO_AES
+DEFINEFUNC(const EVP_CIPHER *, EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
+DEFINEFUNC(const EVP_CIPHER *, EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
+DEFINEFUNC(const EVP_CIPHER *, EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
+#endif
 DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return nullptr, return)
 DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return)
 DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return)
@ -1178,6 +1183,11 @@ bool q_resolveOpenSslSymbols()
 #endif
 #ifndef OPENSSL_NO_RC2
    RESOLVEFUNC(EVP_rc2_cbc)
+#endif
+#ifndef OPENSSL_NO_AES
+    RESOLVEFUNC(EVP_aes_128_cbc)
+    RESOLVEFUNC(EVP_aes_192_cbc)
+    RESOLVEFUNC(EVP_aes_256_cbc)
 #endif
    RESOLVEFUNC(EVP_sha1)
    RESOLVEFUNC(EVP_PKEY_assign)
--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
@ -281,6 +281,11 @@ const EVP_CIPHER *q_EVP_des_ede3_cbc();
 #ifndef OPENSSL_NO_RC2
 const EVP_CIPHER *q_EVP_rc2_cbc();
 #endif
+#ifndef OPENSSL_NO_AES
+const EVP_CIPHER *q_EVP_aes_128_cbc();
+const EVP_CIPHER *q_EVP_aes_192_cbc();
+const EVP_CIPHER *q_EVP_aes_256_cbc();
+#endif
 Q_AUTOTEST_EXPORT const EVP_MD *q_EVP_sha1();
 int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c);
 Q_AUTOTEST_EXPORT int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b);
--- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
@ -562,79 +562,135 @@ void tst_QSslKey::encrypt_data()
    QTest::addColumn<QByteArray>("key");
    QTest::addColumn<QByteArray>("plainText");
    QTest::addColumn<QByteArray>("cipherText");
+    QTest::addColumn<QByteArray>("iv");

+    QByteArray iv("abcdefgh");
    QTest::newRow("DES-CBC, length 0")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray()
-        << QByteArray::fromHex("956585228BAF9B1F");
+        << QByteArray::fromHex("956585228BAF9B1F")
+        << iv;
    QTest::newRow("DES-CBC, length 1")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(1, 'a')
-        << QByteArray::fromHex("E6880AF202BA3C12");
+        << QByteArray::fromHex("E6880AF202BA3C12")
+        << iv;
    QTest::newRow("DES-CBC, length 2")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(2, 'a')
-        << QByteArray::fromHex("A82492386EED6026");
+        << QByteArray::fromHex("A82492386EED6026")
+        << iv;
    QTest::newRow("DES-CBC, length 3")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(3, 'a')
-        << QByteArray::fromHex("90B76D5B79519CBA");
+        << QByteArray::fromHex("90B76D5B79519CBA")
+        << iv;
    QTest::newRow("DES-CBC, length 4")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(4, 'a')
-        << QByteArray::fromHex("63E3DD6FED87052A");
+        << QByteArray::fromHex("63E3DD6FED87052A")
+        << iv;
    QTest::newRow("DES-CBC, length 5")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(5, 'a')
-        << QByteArray::fromHex("03ACDB0EACBDFA94");
+        << QByteArray::fromHex("03ACDB0EACBDFA94")
+        << iv;
    QTest::newRow("DES-CBC, length 6")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(6, 'a')
-        << QByteArray::fromHex("7D95024E42A3A88A");
+        << QByteArray::fromHex("7D95024E42A3A88A")
+        << iv;
    QTest::newRow("DES-CBC, length 7")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(7, 'a')
-        << QByteArray::fromHex("5003436B8A8E42E9");
+        << QByteArray::fromHex("5003436B8A8E42E9")
+        << iv;
    QTest::newRow("DES-CBC, length 8")
        << QSslKeyPrivate::DesCbc << QByteArray("01234567")
        << QByteArray(8, 'a')
-        << QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1");
+        << QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1")
+        << iv;

    QTest::newRow("DES-EDE3-CBC, length 0")
        << QSslKeyPrivate::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
        << QByteArray()
-        << QByteArray::fromHex("3B2B4CD0B0FD495F");
+        << QByteArray::fromHex("3B2B4CD0B0FD495F")
+        << iv;
    QTest::newRow("DES-EDE3-CBC, length 8")
        << QSslKeyPrivate::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
        << QByteArray(8, 'a')
-        << QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03");
+        << QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03")
+        << iv;

    QTest::newRow("RC2-40-CBC, length 0")
        << QSslKeyPrivate::Rc2Cbc << QByteArray("01234")
        << QByteArray()
-        << QByteArray::fromHex("6D05D52392FF6E7A");
+        << QByteArray::fromHex("6D05D52392FF6E7A")
+        << iv;
    QTest::newRow("RC2-40-CBC, length 8")
        << QSslKeyPrivate::Rc2Cbc << QByteArray("01234")
        << QByteArray(8, 'a')
-        << QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005");
+        << QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005")
+        << iv;

    QTest::newRow("RC2-64-CBC, length 0")
        << QSslKeyPrivate::Rc2Cbc << QByteArray("01234567")
        << QByteArray()
-        << QByteArray::fromHex("ADAE6BF70F420130");
+        << QByteArray::fromHex("ADAE6BF70F420130")
+        << iv;
    QTest::newRow("RC2-64-CBC, length 8")
        << QSslKeyPrivate::Rc2Cbc << QByteArray("01234567")
        << QByteArray(8, 'a')
-        << QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF");
+        << QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF")
+        << iv;

    QTest::newRow("RC2-128-CBC, length 0")
        << QSslKeyPrivate::Rc2Cbc << QByteArray("012345679abcdefg")
        << QByteArray()
-        << QByteArray::fromHex("1E965D483A13C8FB");
+        << QByteArray::fromHex("1E965D483A13C8FB")
+        << iv;
    QTest::newRow("RC2-128-CBC, length 8")
        << QSslKeyPrivate::Rc2Cbc << QByteArray("012345679abcdefg")
        << QByteArray(8, 'a')
-        << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE");
+        << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE")
+        << iv;
+
+#if (!defined(QT_NO_OPENSSL) && !defined(OPENSSL_NO_AES)) || (defined(QT_NO_OPENSSL) && QT_CONFIG(ssl))
+    // AES needs a longer IV
+    iv = QByteArray("abcdefghijklmnop");
+    QTest::newRow("AES-128-CBC, length 0")
+        << QSslKeyPrivate::Aes128Cbc << QByteArray("012345679abcdefg")
+        << QByteArray()
+        << QByteArray::fromHex("28DE1A9AA26601C30DD2527407121D1A")
+        << iv;
+    QTest::newRow("AES-128-CBC, length 8")
+        << QSslKeyPrivate::Aes128Cbc << QByteArray("012345679abcdefg")
+        << QByteArray(8, 'a')
+        << QByteArray::fromHex("08E880B1BA916F061C1E801D7F44D0EC")
+        << iv;
+
+    QTest::newRow("AES-192-CBC, length 0")
+        << QSslKeyPrivate::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
+        << QByteArray()
+        << QByteArray::fromHex("E169E0E205CDC2BA895B7CF6097673B1")
+        << iv;
+    QTest::newRow("AES-192-CBC, length 8")
+        << QSslKeyPrivate::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
+        << QByteArray(8, 'a')
+        << QByteArray::fromHex("3A227D6A3A13237316D30AA17FF9B0A7")
+        << iv;
+
+    QTest::newRow("AES-256-CBC, length 0")
+        << QSslKeyPrivate::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
+        << QByteArray()
+        << QByteArray::fromHex("4BAACAA0D22199C97DE206C465B7B14A")
+        << iv;
+    QTest::newRow("AES-256-CBC, length 8")
+        << QSslKeyPrivate::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
+        << QByteArray(8, 'a')
+        << QByteArray::fromHex("879C8C25EC135CDF0B14490A0A7C2F67")
+        << iv;
+#endif // (OpenSSL && AES) || generic backend
 }

 void tst_QSslKey::encrypt()
@ -643,7 +699,7 @@ void tst_QSslKey::encrypt()
    QFETCH(QByteArray, key);
    QFETCH(QByteArray, plainText);
    QFETCH(QByteArray, cipherText);
-    QByteArray iv("abcdefgh");
+    QFETCH(QByteArray, iv);

 #if defined(Q_OS_WINRT) || QT_CONFIG(schannel)
    QEXPECT_FAIL("RC2-40-CBC, length 0", "WinRT/Schannel treats RC2 as 128-bit", Abort);