try to turn on fips

awslabs · Jul 5, 2024 · 8d1f8d9 · 8d1f8d9
1 parent 71810b1
commit 8d1f8d9
Show file tree

Hide file tree

Showing 9 changed files with 96 additions and 55 deletions.
diff --git a/tests/aes256_test.c b/tests/aes256_test.c
@@ -6,6 +6,8 @@
 
 #include <aws/testing/aws_test_harness.h>
 
+#include "test_case_helper.h"
+
 static int s_check_single_block_cbc(
     struct aws_allocator *allocator,
     const struct aws_byte_cursor key,

diff --git a/tests/der_test.c b/tests/der_test.c
@@ -8,6 +8,8 @@
 
 #include <aws/testing/aws_test_harness.h>
 
+#include "test_case_helper.h"
+
 /* clang-format off */
 /* note that this int is unsigned, with the high bit set, so needs to be encoded specially */
 static uint8_t s_bigint[] = {

diff --git a/tests/ecc_test.c b/tests/ecc_test.c
@@ -10,6 +10,8 @@
 #include <aws/common/string.h>
 #include <aws/testing/aws_test_harness.h>
 
+#include "test_case_helper.h"
+
 static int s_test_key_derivation(
     struct aws_allocator *allocator,
     enum aws_ecc_curve_name curve_name,
@@ -112,7 +114,7 @@ static int s_test_known_signing_value(
     struct aws_byte_cursor pub_x,
     struct aws_byte_cursor pub_y) {
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_ecc_key_pair *signing_key = aws_ecc_key_pair_new_from_private_key(allocator, curve_name, &private_key);
     ASSERT_NOT_NULL(signing_key);
@@ -221,7 +223,7 @@ AWS_TEST_CASE(ecdsa_p384_test_known_signing_value, s_ecdsa_p384_test_known_signi
 static int s_ecdsa_test_invalid_signature_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_ecc_key_pair *key_pair = aws_ecc_key_pair_new_generate_random(allocator, AWS_CAL_ECDSA_P256);
     ASSERT_NOT_NULL(key_pair);
@@ -270,7 +272,7 @@ static int s_ecdsa_test_invalid_signature_fn(struct aws_allocator *allocator, vo
 AWS_TEST_CASE(ecdsa_test_invalid_signature, s_ecdsa_test_invalid_signature_fn)
 
 static int s_test_key_gen(struct aws_allocator *allocator, enum aws_ecc_curve_name curve_name) {
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_ecc_key_pair *key_pair = aws_ecc_key_pair_new_generate_random(allocator, curve_name);
 
@@ -340,7 +342,7 @@ AWS_TEST_CASE(ecdsa_p384_test_key_gen, s_ecdsa_p384_test_key_gen_fn)
 
 static int s_test_key_gen_export(struct aws_allocator *allocator, enum aws_ecc_curve_name curve_name) {
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_ecc_key_pair *key_pair = aws_ecc_key_pair_new_generate_random(allocator, curve_name);
 
@@ -440,7 +442,7 @@ static int s_ecdsa_test_import_asn1_key_pair(
     struct aws_byte_cursor asn1_cur,
     enum aws_ecc_curve_name expected_curve_name) {
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_ecc_key_pair *imported_key = aws_ecc_key_pair_new_from_asn1(allocator, &asn1_cur);
     ASSERT_NOT_NULL(imported_key);
@@ -531,7 +533,7 @@ AWS_TEST_CASE(ecdsa_p384_test_import_asn1_key_pair, s_ecdsa_p384_test_import_asn
 static int s_ecdsa_test_import_asn1_key_pair_public_only_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     uint8_t asn1_encoded_full_key_raw[] = {
         0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x99, 0x16, 0x2a, 0x5b, 0x4e, 0x63, 0x86, 0x4c, 0x5f, 0x8e, 0x37,
@@ -606,7 +608,7 @@ AWS_TEST_CASE(ecdsa_test_import_asn1_key_pair_public_only, s_ecdsa_test_import_a
 static int s_ecdsa_test_import_asn1_key_pair_invalid_fails_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     /* I changed the OID to nonsense */
     uint8_t bad_asn1_encoded_full_key_raw[] = {
@@ -643,7 +645,7 @@ AWS_TEST_CASE(ecdsa_test_import_asn1_key_pair_invalid_fails, s_ecdsa_test_import
 static int s_ecdsa_test_signature_format_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     uint8_t asn1_encoded_signature_raw[] = {
         0x30, 0x45, 0x02, 0x21, 0x00, 0xd7, 0xc5, 0xb9, 0x9e, 0x0b, 0xb1, 0x1a, 0x1f, 0x32, 0xda, 0x66, 0xe0, 0xff,
@@ -751,7 +753,7 @@ static int s_test_key_ref_counting(struct aws_ecc_key_pair *key_pair, enum aws_e
 static int s_ecc_key_pair_random_ref_count_test(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_ecc_key_pair *key_pair = aws_ecc_key_pair_new_generate_random(allocator, AWS_CAL_ECDSA_P256);
     ASSERT_NOT_NULL(key_pair);
@@ -768,7 +770,7 @@ AWS_TEST_CASE(ecc_key_pair_random_ref_count_test, s_ecc_key_pair_random_ref_coun
 static int s_ecc_key_pair_public_ref_count_test(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     uint8_t x[] = {
         0x1c, 0xcb, 0xe9, 0x1c, 0x07, 0x5f, 0xc7, 0xf4, 0xf0, 0x33, 0xbf, 0xa2, 0x48, 0xdb, 0x8f, 0xcc,
@@ -798,7 +800,7 @@ AWS_TEST_CASE(ecc_key_pair_public_ref_count_test, s_ecc_key_pair_public_ref_coun
 static int s_ecc_key_pair_asn1_ref_count_test(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     uint8_t asn1_encoded_full_key_raw[] = {
         0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x99, 0x16, 0x2a, 0x5b, 0x4e, 0x63, 0x86, 0x4c, 0x5f, 0x8e, 0x37,
@@ -828,7 +830,7 @@ AWS_TEST_CASE(ecc_key_pair_asn1_ref_count_test, s_ecc_key_pair_asn1_ref_count_te
 static int s_ecc_key_pair_private_ref_count_test(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     uint8_t d[] = {
         0xc9, 0x80, 0x68, 0x98, 0xa0, 0x33, 0x49, 0x16, 0xc8, 0x60, 0x74, 0x88, 0x80, 0xa5, 0x41, 0xf0,
@@ -992,7 +994,7 @@ static int s_test_key_gen_from_private_fuzz(
 static int s_ecc_key_gen_from_private_fuzz_test(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
     ASSERT_SUCCESS(s_test_key_gen_from_private_fuzz(allocator, AWS_CAL_ECDSA_P256, 1000));
     ASSERT_SUCCESS(s_test_key_gen_from_private_fuzz(allocator, AWS_CAL_ECDSA_P384, 1000));
     aws_cal_library_clean_up();

diff --git a/tests/md5_test.c b/tests/md5_test.c
@@ -5,7 +5,7 @@
 #include <aws/cal/hash.h>
 #include <aws/testing/aws_test_harness.h>
 
-#include <test_case_helper.h>
+#include "test_case_helper.h"
 
 /*
  * these are the rfc1321 test vectors
@@ -241,7 +241,7 @@ AWS_TEST_CASE(md5_rfc1321_test_case_7_truncated, s_md5_rfc1321_test_case_7_trunc
 static int s_md5_verify_known_collision_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     uint8_t message_1[] = {
         0xd1, 0x31, 0xdd, 0x02, 0xc5, 0xe6, 0xee, 0xc4, 0x69, 0x3d, 0x9a, 0x06, 0x98, 0xaf, 0xf9, 0x5c,
@@ -312,7 +312,7 @@ AWS_TEST_CASE(md5_verify_known_collision, s_md5_verify_known_collision_fn)
 static int s_md5_invalid_buffer_size_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("123456789012345678901234567890123456789012345"
                                                               "67890123456789012345678901234567890");
@@ -333,7 +333,7 @@ AWS_TEST_CASE(md5_invalid_buffer_size, s_md5_invalid_buffer_size_fn)
 static int s_md5_test_invalid_state_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("123456789012345678901234567890123456789012345"
                                                               "67890123456789012345678901234567890");
@@ -361,7 +361,7 @@ AWS_TEST_CASE(md5_test_invalid_state, s_md5_test_invalid_state_fn)
 static int s_md5_test_extra_buffer_space_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("123456789012345678901234567890123456789012345"
                                                               "67890123456789012345678901234567890");

diff --git a/tests/rsa_test.c b/tests/rsa_test.c
@@ -10,6 +10,8 @@
 #include <aws/common/encoding.h>
 #include <aws/testing/aws_test_harness.h>
 
+#include "test_case_helper.h"
+
 /*
  * TODO: Need better test vectors. NIST ones are a pain to use.
  * For now using manually generated vectors and relying on round tripping.
@@ -123,7 +125,7 @@ static int s_rsa_encryption_roundtrip_from_user(
 static int s_rsa_encryption_roundtrip_pkcs1_from_user(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     ASSERT_SUCCESS(s_rsa_encryption_roundtrip_from_user(allocator, AWS_CAL_RSA_ENCRYPTION_PKCS1_5));
 
@@ -136,7 +138,7 @@ AWS_TEST_CASE(rsa_encryption_roundtrip_pkcs1_from_user, s_rsa_encryption_roundtr
 static int s_rsa_encryption_roundtrip_oaep_sha256_from_user(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     ASSERT_SUCCESS(s_rsa_encryption_roundtrip_from_user(allocator, AWS_CAL_RSA_ENCRYPTION_OAEP_SHA256));
 
@@ -149,7 +151,7 @@ AWS_TEST_CASE(rsa_encryption_roundtrip_oaep_sha256_from_user, s_rsa_encryption_r
 static int s_rsa_encryption_roundtrip_oaep_sha512_from_user(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     ASSERT_SUCCESS(s_rsa_encryption_roundtrip_from_user(allocator, AWS_CAL_RSA_ENCRYPTION_OAEP_SHA512));
 
@@ -211,7 +213,7 @@ static int s_rsa_verify_signing_pkcs1_sha256(struct aws_allocator *allocator, vo
     (void)ctx;
     struct aws_byte_cursor message = aws_byte_cursor_from_c_str(TEST_ENCRYPTION_STRING);
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf public_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -249,7 +251,7 @@ static int s_rsa_verify_signing_pss_sha256(struct aws_allocator *allocator, void
     (void)ctx;
     struct aws_byte_cursor message = aws_byte_cursor_from_c_str(TEST_ENCRYPTION_STRING);
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf public_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -286,7 +288,7 @@ AWS_TEST_CASE(rsa_verify_signing_pss_sha256, s_rsa_verify_signing_pss_sha256);
 static int s_rsa_decrypt_pkcs1(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf private_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -324,7 +326,7 @@ AWS_TEST_CASE(rsa_decrypt_pkcs1, s_rsa_decrypt_pkcs1);
 static int s_rsa_decrypt_oaep256(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf private_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -362,7 +364,7 @@ AWS_TEST_CASE(rsa_decrypt_oaep256, s_rsa_decrypt_oaep256);
 static int s_rsa_decrypt_oaep512(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf private_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -481,7 +483,7 @@ static int s_rsa_signing_roundtrip_from_user(
 static int s_rsa_signing_roundtrip_pkcs1_sha256_from_user(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     ASSERT_SUCCESS(
         s_rsa_signing_roundtrip_from_user(allocator, AWS_CAL_RSA_SIGNATURE_PKCS1_5_SHA256, TEST_RSA_SIGNATURE_PKCS1));
@@ -495,7 +497,7 @@ AWS_TEST_CASE(rsa_signing_roundtrip_pkcs1_sha256_from_user, s_rsa_signing_roundt
 static int s_rsa_signing_roundtrip_pss_sha256_from_user(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
 #if defined(AWS_OS_MACOS)
     if (__builtin_available(macOS 10.12, *)) {
@@ -518,7 +520,7 @@ AWS_TEST_CASE(rsa_signing_roundtrip_pss_sha256_from_user, s_rsa_signing_roundtri
 static int s_rsa_getters(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf private_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -615,7 +617,7 @@ static int s_rsa_private_pkcs1_der_parsing(struct aws_allocator *allocator, void
                              0x6e, 0xc1, 0x19, 0x6a, 0x82, 0xaf, 0xdc, 0xbd, 0x9c, 0x1b, 0x7d, 0x2a, 0xec,
                              0x8d, 0xd5, 0x59, 0x4d, 0x6f, 0x38, 0x89, 0xa7, 0xe5, 0x1c, 0x29, 0x57};
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf private_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -665,7 +667,7 @@ static int s_rsa_public_pkcs1_der_parsing(struct aws_allocator *allocator, void
 
     static uint8_t e[] = {0x01, 0x00, 0x01};
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf public_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(
@@ -694,7 +696,7 @@ static int s_rsa_signing_mismatch_pkcs1_sha256(struct aws_allocator *allocator,
     (void)ctx;
     struct aws_byte_cursor message = aws_byte_cursor_from_c_str(TEST_ENCRYPTION_STRING);
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_buf public_key_buf;
     ASSERT_SUCCESS(s_byte_buf_decoded_from_base64_cur(

diff --git a/tests/sha1_test.c b/tests/sha1_test.c
@@ -6,7 +6,7 @@
 #include <aws/common/byte_buf.h>
 #include <aws/testing/aws_test_harness.h>
 
-#include <test_case_helper.h>
+#include "test_case_helper.h"
 /*
  * these are the NIST test vectors, as compiled here:
  * https://www.di-mgt.com.au/sha_testvectors.html
@@ -78,7 +78,7 @@ AWS_TEST_CASE(sha1_nist_test_case_4, s_sha1_nist_test_case_4_fn)
 static int s_sha1_nist_test_case_5_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_hash *hash = aws_sha1_new(allocator);
     ASSERT_NOT_NULL(hash);
@@ -112,7 +112,7 @@ AWS_TEST_CASE(sha1_nist_test_case_5, s_sha1_nist_test_case_5_fn)
 static int s_sha1_nist_test_case_5_truncated_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_hash *hash = aws_sha1_new(allocator);
     ASSERT_NOT_NULL(hash);
@@ -144,7 +144,7 @@ AWS_TEST_CASE(sha1_nist_test_case_5_truncated, s_sha1_nist_test_case_5_truncated
 static int s_sha1_nist_test_case_6_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_hash *hash = aws_sha1_new(allocator);
     ASSERT_NOT_NULL(hash);
@@ -180,7 +180,7 @@ AWS_TEST_CASE(sha1_nist_test_case_6, s_sha1_nist_test_case_6_fn)
 static int s_sha1_test_invalid_buffer_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("abcdefghbcdefghicdefghijdefghijkefghijklfghij"
                                                               "klmghijklmnhijklmnoijklmnopjklmnopqklm"
@@ -201,7 +201,7 @@ AWS_TEST_CASE(sha1_test_invalid_buffer, s_sha1_test_invalid_buffer_fn)
 static int s_sha1_test_oneshot_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("abcdefghbcdefghicdefghijdefghijkefghijklfghij"
                                                               "klmghijklmnhijklmnoijklmnopjklmnopqklm"
@@ -228,7 +228,7 @@ AWS_TEST_CASE(sha1_test_oneshot, s_sha1_test_oneshot_fn)
 static int s_sha1_test_invalid_state_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("abcdefghbcdefghicdefghijdefghijkefghijklfghij"
                                                               "klmghijklmnhijklmnoijklmnopjklmnopqklm"
@@ -257,7 +257,7 @@ AWS_TEST_CASE(sha1_test_invalid_state, s_sha1_test_invalid_state_fn)
 static int s_sha1_test_extra_buffer_space_fn(struct aws_allocator *allocator, void *ctx) {
     (void)ctx;
 
-    aws_cal_library_init(allocator);
+    aws_cal_library_test_init(allocator);
 
     struct aws_byte_cursor input = aws_byte_cursor_from_c_str("123456789012345678901234567890123456789012345"
                                                               "67890123456789012345678901234567890");