Merge pull request #7804 from douzzer/20240728-EVP_PKEY_is_a

julek-wolfssl · web-flow · commit 055d68db9c86 · 2024-08-14T16:36:06.000+02:00
20240728-EVP_PKEY_is_a
diff --git a/tests/api.c b/tests/api.c
@@ -62722,6 +62722,215 @@ static int test_wolfSSL_EVP_X_STATE_LEN(void)
     return EXPECT_RESULT();
 }
 
+static int test_EVP_PKEY_is_a(void)
+{
+    EXPECT_DECLS;
+    EVP_PKEY *pkey = NULL;
+
+    ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DH"), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "RSA"), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "EC"), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DSA"), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, NULL), 0);
+
+#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
+
+    {
+        const unsigned char* key = dh_key_der_2048;
+        ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
+                                             sizeof_dh_key_der_2048)));
+
+        ExpectIntNE(wolfSSL_EVP_PKEY_is_a(pkey, "DH"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "RSA"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "EC"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DSA"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, NULL), 0);
+
+        EVP_PKEY_free(pkey);
+        pkey = NULL;
+    }
+#endif /* !NO_DH && (!HAVE_FIPS || FIPS_VERSION_GT(2,0)) */
+
+#ifndef NO_DSA
+    {
+#ifdef USE_CERT_BUFFERS_1024
+        const unsigned char* dsaKeyDer = dsa_key_der_1024;
+        int dsaKeySz  = sizeof_dsa_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+        const unsigned char* dsaKeyDer = dsa_key_der_2048;
+        int dsaKeySz  = sizeof_dsa_key_der_2048;
+#endif
+        ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
+                                     (long)dsaKeySz));
+
+        ExpectIntNE(wolfSSL_EVP_PKEY_is_a(pkey, "DSA"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "RSA"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "EC"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DH"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, NULL), 0);
+
+        EVP_PKEY_free(pkey);
+        pkey = NULL;
+    }
+#endif /* !NO_DSA */
+
+#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
+    {
+
+        const unsigned char* server_key =
+            (const unsigned char*)server_key_der_2048;
+        ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key,
+            (long)sizeof_server_key_der_2048));
+
+        ExpectIntNE(wolfSSL_EVP_PKEY_is_a(pkey, "RSA"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DSA"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "EC"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DH"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, NULL), 0);
+
+        EVP_PKEY_free(pkey);
+        pkey = NULL;
+    }
+#endif /* !NO_RSA && USE_CERT_BUFFERS_2048 */
+
+#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
+    {
+        const unsigned char* client_key =
+            (const unsigned char*)ecc_clikey_der_256;
+        ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key,
+            (long)sizeof_ecc_clikey_der_256)));
+
+        ExpectIntNE(wolfSSL_EVP_PKEY_is_a(pkey, "EC"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DSA"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "RSA"), 0);
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, "DH"), 0);
+
+        ExpectIntEQ(wolfSSL_EVP_PKEY_is_a(pkey, NULL), 0);
+
+        EVP_PKEY_free(pkey);
+        pkey = NULL;
+    }
+#endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */
+
+    return EXPECT_RESULT();
+}
+
+static int test_EVP_CIPHER_key_length(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESGCM) || \
+    defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_ECB) || \
+    defined(WOLFSSL_AES_OFB) || !defined(NO_RC4) || \
+    (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+
+#ifdef HAVE_AES_CBC
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_128_cbc()), AES_128_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_192_cbc()), AES_192_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_256_cbc()), AES_256_KEY_SIZE);
+    #endif
+#endif
+
+#ifdef HAVE_AESGCM
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_128_gcm()), AES_128_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_192_gcm()), AES_192_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_256_gcm()), AES_256_KEY_SIZE);
+    #endif
+#endif
+
+#ifdef HAVE_AESCCM
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_128_ccm()), AES_128_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_192_ccm()), AES_192_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_256_ccm()), AES_256_KEY_SIZE);
+    #endif
+#endif
+
+#ifdef WOLFSSL_AES_COUNTER
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_128_ctr()), AES_128_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_192_ctr()), AES_192_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_256_ctr()), AES_256_KEY_SIZE);
+    #endif
+#endif
+
+#ifdef HAVE_AES_ECB
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_128_ecb()), AES_128_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_192_ecb()), AES_192_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_256_ecb()), AES_256_KEY_SIZE);
+    #endif
+#endif
+
+#ifdef WOLFSSL_AES_OFB
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_128_ofb()), AES_128_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_192_ofb()), AES_192_KEY_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_aes_256_ofb()), AES_256_KEY_SIZE);
+    #endif
+#endif
+
+#ifndef NO_RC4
+    ExpectIntEQ(EVP_CIPHER_key_length(wolfSSL_EVP_rc4()), RC4_KEY_SIZE);
+#endif
+
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+    ExpectIntEQ(EVP_CIPHER_key_length(wolfSSL_EVP_chacha20_poly1305()),
+                CHACHA20_POLY1305_AEAD_KEYSIZE);
+#endif
+#endif
+
+#ifdef WOLFSSL_SM4_ECB
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_sm4_ecb()), SM4_KEY_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_sm4_cbc()), SM4_KEY_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_sm4_ctr()), SM4_KEY_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_sm4_gcm()), SM4_KEY_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    ExpectIntEQ(EVP_CIPHER_key_length(EVP_sm4_ccm()), SM4_KEY_SIZE);
+#endif
+
+    return EXPECT_RESULT();
+}
+
 static int test_wolfSSL_EVP_CIPHER_block_size(void)
 {
     EXPECT_DECLS;
@@ -85139,6 +85348,8 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length),
     TEST_DECL(test_wolfSSL_EVP_X_STATE),
     TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN),
+    TEST_DECL(test_EVP_PKEY_is_a),
+    TEST_DECL(test_EVP_CIPHER_key_length),
     TEST_DECL(test_wolfSSL_EVP_BytesToKey),
 #endif
 
diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
@@ -283,6 +283,40 @@ static const struct s_ent {
 
 static const char EVP_NULL[] = "NULL";
 
+static const struct pkey_type_name_ent {
+    int type;
+    const char *name;
+} pkey_type_names[] = {
+    { EVP_PKEY_RSA,     "RSA" },
+    { EVP_PKEY_EC,      "EC" },
+    { EVP_PKEY_DH,      "DH" },
+    { EVP_PKEY_DSA,     "DSA" }
+};
+
+static int pkey_type_by_name(const char *name) {
+    unsigned int i;
+    if (name == NULL)
+        return EVP_PKEY_NONE;
+    for (i = 0; i < XELEM_CNT(pkey_type_names); ++i) {
+        if (XSTRCMP(name, pkey_type_names[i].name) == 0)
+            return pkey_type_names[i].type;
+    }
+    return EVP_PKEY_NONE;
+}
+
+int wolfSSL_EVP_PKEY_is_a(const WOLFSSL_EVP_PKEY *pkey, const char *name) {
+    int type;
+
+    if (pkey == NULL)
+        return WOLFSSL_FAILURE;
+
+    type = pkey_type_by_name(name);
+    if (type == EVP_PKEY_NONE)
+        return WOLFSSL_FAILURE;
+
+    return (pkey->type == type) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
+}
+
 #define EVP_CIPHER_TYPE_MATCHES(x, y) (XSTRCMP(x,y) == 0)
 
 #define EVP_PKEY_PRINT_LINE_WIDTH_MAX  80
@@ -364,6 +398,9 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
       case DES_ECB_TYPE:      return 8;
       case DES_EDE3_ECB_TYPE: return 24;
   #endif
+  #ifndef NO_RC4
+      case ARC4_TYPE:         return 16;
+  #endif
   #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
       case CHACHA20_POLY1305_TYPE: return 32;
   #endif
diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h
@@ -722,6 +722,8 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_keygen_init(WOLFSSL_EVP_PKEY_CTX *ctx);
 WOLFSSL_API int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
   WOLFSSL_EVP_PKEY **ppkey);
 WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey);
+WOLFSSL_API int wolfSSL_EVP_PKEY_is_a(const WOLFSSL_EVP_PKEY *pkey,
+                                      const char *name);
 #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
 WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
 #else
@@ -1111,6 +1113,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
 #define EVP_PKEY_keygen                wolfSSL_EVP_PKEY_keygen
 #define EVP_PKEY_keygen_init           wolfSSL_EVP_PKEY_keygen_init
 #define EVP_PKEY_bits                  wolfSSL_EVP_PKEY_bits
+#define EVP_PKEY_is_a                  wolfSSL_EVP_PKEY_is_a
 #define EVP_PKEY_CTX_free              wolfSSL_EVP_PKEY_CTX_free
 #define EVP_PKEY_CTX_new               wolfSSL_EVP_PKEY_CTX_new
 #define EVP_PKEY_CTX_set_rsa_padding   wolfSSL_EVP_PKEY_CTX_set_rsa_padding
