fipsoracle: Remove fax sample verification baked into test suites. This is covered by run_cavp.go.
Change-Id: If2514337bc444ec68e0f4ffeecb85e47b1ed9c09
Reviewed-on: https://boringssl-review.googlesource.com/15906
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/fipsoracle/cavp_aes_gcm_test.cc b/fipsoracle/cavp_aes_gcm_test.cc
index 30e1e7b..30d5f66 100644
--- a/fipsoracle/cavp_aes_gcm_test.cc
+++ b/fipsoracle/cavp_aes_gcm_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_aes_gcm_test processes a NIST CAVP AES GCM test vector request file and
-// emits the corresponding response. An optional sample vector file can be
-// passed to verify the result.
+// emits the corresponding response.
#include <stdlib.h>
@@ -31,7 +30,6 @@
struct TestCtx {
const EVP_AEAD *aead;
- std::unique_ptr<FileTest> response_sample;
};
}
@@ -78,27 +76,6 @@
printf("CT = %s\r\n", EncodeHex(ct.data(), ct.size()).c_str());
printf("Tag = %s\r\n\r\n", EncodeHex(tag.data(), tag.size()).c_str());
- // Check if sample response file matches.
- if (ctx->response_sample) {
- ctx->response_sample->ReadNext();
- std::string expected_count;
- std::vector<uint8_t> expected_iv, expected_ct, expected_tag;
- if (!ctx->response_sample->GetAttribute(&expected_count, "Count") ||
- count != expected_count ||
- !ctx->response_sample->GetBytes(&expected_iv, "IV") ||
- !t->ExpectBytesEqual(expected_iv.data(), expected_iv.size(), iv.data(),
- iv.size()) ||
- !ctx->response_sample->GetBytes(&expected_ct, "CT") ||
- !t->ExpectBytesEqual(expected_ct.data(), expected_ct.size(), ct.data(),
- ct.size()) ||
- !ctx->response_sample->GetBytes(&expected_tag, "Tag") ||
- !t->ExpectBytesEqual(expected_tag.data(), expected_tag.size(),
- tag.data(), tag.size())) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
return true;
}
@@ -143,37 +120,16 @@
printf("FAIL\r\n\r\n");
}
- // Check if sample response file matches.
- if (ctx->response_sample) {
- ctx->response_sample->ReadNext();
- std::string expected_count;
- std::vector<uint8_t> expected_pt;
- if (!ctx->response_sample->GetAttribute(&expected_count, "Count") ||
- count != expected_count ||
- (!aead_result && (ctx->response_sample->HasAttribute("PT") ||
- !ctx->response_sample->HasAttribute("FAIL"))) ||
- (aead_result &&
- (ctx->response_sample->HasAttribute("FAIL") ||
- !ctx->response_sample->GetBytes(&expected_pt, "PT") ||
- !t->ExpectBytesEqual(expected_pt.data(), expected_pt.size(),
- pt.data(), pt.size())))) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
return true;
}
static int usage(char *arg) {
- fprintf(stderr,
- "usage: %s (enc|dec) <cipher> <test file> [<sample response file>]\n",
- arg);
+ fprintf(stderr, "usage: %s (enc|dec) <cipher> <test file>\n", arg);
return 1;
}
int cavp_aes_gcm_test_main(int argc, char **argv) {
- if (argc < 4 || argc > 5) {
+ if (argc != 4) {
return usage(argv[0]);
}
@@ -193,15 +149,7 @@
return 1;
}
- TestCtx ctx = {aead, nullptr};
-
- if (argc == 5) {
- ctx.response_sample.reset(new FileTest(argv[4]));
- if (!ctx.response_sample->is_open()) {
- return 1;
- }
- ctx.response_sample->SetIgnoreUnusedAttributes(true);
- }
+ TestCtx ctx = {aead};
printf("# Generated by");
for (int i = 0; i < argc; i++) {
diff --git a/fipsoracle/cavp_aes_test.cc b/fipsoracle/cavp_aes_test.cc
index d116759..ad1d50c 100644
--- a/fipsoracle/cavp_aes_test.cc
+++ b/fipsoracle/cavp_aes_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_aes_test processes a NIST CAVP AES test vector request file and emits
-// the corresponding response. An optional sample vector file can be passed to
-// verify the result.
+// the corresponding response.
#include <stdlib.h>
@@ -30,7 +29,6 @@
struct TestCtx {
const EVP_CIPHER *cipher;
- std::unique_ptr<FileTest> response_sample;
bool has_iv;
enum Mode {
kKAT, // Known Answer Test
@@ -93,25 +91,6 @@
printf("%s = %s\r\n\r\n", result_label.c_str(),
EncodeHex(result.data(), result.size()).c_str());
- // Check if sample response file matches.
- if (ctx->response_sample) {
- if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) {
- t->PrintLine("invalid sample file");
- return false;
- }
- std::string expected_count;
- std::vector<uint8_t> expected_key, expected_result;
- if (!ctx->response_sample->GetBytes(&expected_key, "KEY") ||
- !t->ExpectBytesEqual(expected_key.data(), expected_key.size(),
- key.data(), key.size()) ||
- !ctx->response_sample->GetBytes(&expected_result, result_label) ||
- !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
- result.data(), result.size())) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
const size_t key_len = key.size() * 8;
if (key_len == 128) {
for (size_t k = 0; k < key.size(); k++) {
@@ -187,30 +166,6 @@
operation == kEncrypt ? "CIPHERTEXT" : "PLAINTEXT";
printf("%s%s = %s\r\n\r\n", t->CurrentTestToString().c_str(), label.c_str(),
EncodeHex(result.data(), result.size()).c_str());
-
- // Check if sample response file matches.
- if (ctx->response_sample) {
- if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) {
- t->PrintLine("invalid sample file");
- return false;
- }
- std::string expected_count;
- std::vector<uint8_t> expected_result;
- if (!ctx->response_sample->GetAttribute(&expected_count, "COUNT") ||
- count != expected_count ||
- (operation == kEncrypt &&
- (!ctx->response_sample->GetBytes(&expected_result, "CIPHERTEXT") ||
- !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
- result.data(), result.size()))) ||
- (operation == kDecrypt &&
- (!ctx->response_sample->GetBytes(&expected_result, "PLAINTEXT") ||
- !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
- result.data(), result.size())))) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
} else { // ctx->mode == kMCT
const std::string op_label =
operation == kEncrypt ? "[ENCRYPT]" : "[DECRYPT]";
@@ -229,14 +184,12 @@
}
static int usage(char *arg) {
- fprintf(stderr,
- "usage: %s (kat|mct) <cipher> <test file> [<sample response file>]\n",
- arg);
+ fprintf(stderr, "usage: %s (kat|mct) <cipher> <test file>\n", arg);
return 1;
}
int cavp_aes_test_main(int argc, char **argv) {
- if (argc < 4 || argc > 5) {
+ if (argc != 4) {
return usage(argv[0]);
}
@@ -262,15 +215,7 @@
cipher_name != "aes-192-ecb" &&
cipher_name != "aes-256-ecb");
- TestCtx ctx = {cipher, nullptr, has_iv, test_mode};
-
- if (argc == 5) {
- ctx.response_sample.reset(new FileTest(argv[4]));
- if (!ctx.response_sample->is_open()) {
- return 1;
- }
- ctx.response_sample->SetIgnoreUnusedAttributes(true);
- }
+ TestCtx ctx = {cipher, has_iv, test_mode};
printf("# Generated by");
for (int i = 0; i < argc; i++) {
diff --git a/fipsoracle/cavp_ctr_drbg_test.cc b/fipsoracle/cavp_ctr_drbg_test.cc
index e3c6076..b18c437 100644
--- a/fipsoracle/cavp_ctr_drbg_test.cc
+++ b/fipsoracle/cavp_ctr_drbg_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_ctr_drbg_test processes a NIST CAVP DRBG800-90A test vector request
-// file and emits the corresponding response. An optional sample vector file
-// can be passed to verify the result.
+// file and emits the corresponding response.
#include <openssl/crypto.h>
@@ -25,17 +24,7 @@
#include "../crypto/test/file_test.h"
-namespace {
-
-struct TestCtx {
- std::unique_ptr<FileTest> response_sample;
-};
-
-}
-
static bool TestCTRDRBG(FileTest *t, void *arg) {
- TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
-
std::string test_type, prediction_resistance, entropy_input_len, nonce_len,
personalization_str_len, additional_input_len, returned_bits_len;
if (!t->GetInstruction(&test_type, "AES-256 no df") ||
@@ -95,49 +84,24 @@
printf("ReturnedBits = %s\r\n\r\n",
EncodeHex(out.data(), out.size()).c_str());
- // Check if sample response file matches.
- if (ctx->response_sample) {
- ctx->response_sample->ReadNext();
- std::string expected_count;
- std::vector<uint8_t> expected_bits;
- if (!ctx->response_sample->GetAttribute(&expected_count, "COUNT") ||
- count != expected_count ||
- !ctx->response_sample->GetBytes(&expected_bits, "ReturnedBits") ||
- !t->ExpectBytesEqual(expected_bits.data(), expected_bits.size(),
- out.data(), out.size())) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
return true;
}
static int usage(char *arg) {
- fprintf(stderr, "usage: %s <test file> [<sample response file>]\n", arg);
+ fprintf(stderr, "usage: %s <test file>\n", arg);
return 1;
}
int cavp_ctr_drbg_test_main(int argc, char **argv) {
- if (argc != 2 && argc != 3) {
+ if (argc != 2) {
return usage(argv[0]);
}
- TestCtx ctx = {nullptr};
-
- if (argc == 3) {
- ctx.response_sample.reset(new FileTest(argv[2]));
- if (!ctx.response_sample->is_open()) {
- return 1;
- }
- ctx.response_sample->SetIgnoreUnusedAttributes(true);
- }
-
printf("# Generated by");
for (int i = 0; i < argc; i++) {
printf(" %s", argv[i]);
}
printf("\r\n# CTR_DRBG options: AES-256 no df\r\n\r\n");
- return FileTestMainSilent(TestCTRDRBG, &ctx, argv[1]);
+ return FileTestMainSilent(TestCTRDRBG, nullptr, argv[1]);
}
diff --git a/fipsoracle/cavp_ecdsa2_pkv_test.cc b/fipsoracle/cavp_ecdsa2_pkv_test.cc
index 942405e..a5c09e7 100644
--- a/fipsoracle/cavp_ecdsa2_pkv_test.cc
+++ b/fipsoracle/cavp_ecdsa2_pkv_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_ecdsa2_pkv_test processes a NIST CAVP ECDSA2 PKV test vector request file
-// and emits the corresponding response. An optional sample vector file can be
-// passed to verify the result.
+// and emits the corresponding response.
#include <vector>
diff --git a/fipsoracle/cavp_ecdsa2_sigver_test.cc b/fipsoracle/cavp_ecdsa2_sigver_test.cc
index 93c1b48..ea7649e 100644
--- a/fipsoracle/cavp_ecdsa2_sigver_test.cc
+++ b/fipsoracle/cavp_ecdsa2_sigver_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_ecdsa2_sigver_test processes a NIST CAVP ECDSA2 SigVer test vector
-// request file and emits the corresponding response. An optional sample vector
-// file can be passed to verify the result.
+// request file and emits the corresponding response.
#include <vector>
diff --git a/fipsoracle/cavp_keywrap_test.cc b/fipsoracle/cavp_keywrap_test.cc
index ebb40b4..19f8ba0 100644
--- a/fipsoracle/cavp_keywrap_test.cc
+++ b/fipsoracle/cavp_keywrap_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_keywrap_test processes a NIST CAVP AES test vector request file and
-// emits the corresponding response. An optional sample vector file can be
-// passed to verify the result.
+// emits the corresponding response.
#include <stdlib.h>
@@ -29,7 +28,6 @@
struct TestCtx {
bool encrypt;
- std::unique_ptr<FileTest> response_sample;
};
}
@@ -89,37 +87,19 @@
EncodeHex(result.data(), result.size()).c_str());
}
- // Check if sample response file matches.
- if (ctx->response_sample) {
- if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) {
- t->PrintLine("invalid sample file");
- return false;
- }
- std::string expected_count;
- std::vector<uint8_t> expected_result;
- if (!ctx->response_sample->GetAttribute(&expected_count, "COUNT") ||
- count != expected_count ||
- (!ctx->response_sample->GetBytes(&expected_result, result_label) ||
- !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
- result.data(), result.size()))) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
return true;
}
static int usage(char *arg) {
fprintf(
stderr,
- "usage: %s (enc|dec) (128|256) <test file> [<sample response file>]\n",
+ "usage: %s (enc|dec) (128|256) <test file>\n",
arg);
return 1;
}
int cavp_keywrap_test_main(int argc, char **argv) {
- if (argc < 4 || argc > 5) {
+ if (argc != 4) {
return usage(argv[0]);
}
@@ -133,15 +113,7 @@
return usage(argv[0]);
}
- TestCtx ctx = {encrypt, nullptr};
-
- if (argc == 5) {
- ctx.response_sample.reset(new FileTest(argv[4]));
- if (!ctx.response_sample->is_open()) {
- return 1;
- }
- ctx.response_sample->SetIgnoreUnusedAttributes(true);
- }
+ TestCtx ctx = {encrypt};
printf("# Generated by");
for (int i = 0; i < argc; i++) {
diff --git a/fipsoracle/cavp_sha_monte_test.cc b/fipsoracle/cavp_sha_monte_test.cc
index 91fbc6c..1609c98 100644
--- a/fipsoracle/cavp_sha_monte_test.cc
+++ b/fipsoracle/cavp_sha_monte_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_sha_monte_test processes a NIST CAVP SHA-Monte test vector request file
-// and emits the corresponding response. An optional sample vector file can be
-// passed to verify the result.
+// and emits the corresponding response.
#include <stdlib.h>
diff --git a/fipsoracle/cavp_sha_test.cc b/fipsoracle/cavp_sha_test.cc
index a7d6ba1..131866a 100644
--- a/fipsoracle/cavp_sha_test.cc
+++ b/fipsoracle/cavp_sha_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_sha_test processes a NIST CAVP SHA test vector request file and emits
-// the corresponding response. An optional sample vector file can be passed to
-// verify the result.
+// the corresponding response.
#include <stdlib.h>
diff --git a/fipsoracle/cavp_tdes_test.cc b/fipsoracle/cavp_tdes_test.cc
index fd357ff..ad608de 100644
--- a/fipsoracle/cavp_tdes_test.cc
+++ b/fipsoracle/cavp_tdes_test.cc
@@ -13,8 +13,7 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
// cavp_tdes_test processes a NIST TMOVS test vector request file and emits the
-// corresponding response. An optional sample vector file can be passed to
-// verify the result.
+// corresponding response.
#include <stdlib.h>
@@ -30,7 +29,6 @@
struct TestCtx {
const EVP_CIPHER *cipher;
- std::unique_ptr<FileTest> response_sample;
enum Mode {
kKAT, // Known Answer Test
kMCT, // Monte Carlo Test
@@ -148,24 +146,6 @@
printf("%s = %s\r\n\r\n", result_label.c_str(),
EncodeHex(result.data(), result.size()).c_str());
- // Check if sample response file matches.
- if (ctx->response_sample) {
- if (ctx->response_sample->ReadNext() != FileTest::kReadSuccess) {
- t->PrintLine("invalid sample file");
- return false;
- }
- std::string expected_count;
- std::vector<uint8_t> expected_result;
- if (!ctx->response_sample->GetAttribute(&expected_count, "COUNT") ||
- count != expected_count ||
- (!ctx->response_sample->GetBytes(&expected_result, result_label)) ||
- !t->ExpectBytesEqual(expected_result.data(), expected_result.size(),
- result.data(), result.size())) {
- t->PrintLine("result doesn't match");
- return false;
- }
- }
-
return true;
}
@@ -322,15 +302,12 @@
}
static int usage(char *arg) {
- fprintf(stderr,
- "usage: %s (kat|mct) <cipher> <test file> [<sample response "
- "file>]\n",
- arg);
+ fprintf(stderr, "usage: %s (kat|mct) <cipher> <test file>\n", arg);
return 1;
}
int cavp_tdes_test_main(int argc, char **argv) {
- if (argc < 4 || argc > 5) {
+ if (argc != 4) {
return usage(argv[0]);
}
@@ -352,15 +329,7 @@
return 1;
}
bool has_iv = cipher_name != "des-ede" && cipher_name != "des-ede3";
- TestCtx ctx = {cipher, nullptr, has_iv, test_mode};
-
- if (argc == 5) {
- ctx.response_sample.reset(new FileTest(argv[4]));
- if (!ctx.response_sample->is_open()) {
- return 1;
- }
- ctx.response_sample->SetIgnoreUnusedAttributes(true);
- }
+ TestCtx ctx = {cipher, has_iv, test_mode};
printf("# Generated by");
for (int i = 0; i < argc; i++) {