Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update unit test code #141

Merged
merged 7 commits into from
Nov 18, 2022
Merged

Conversation

jinghe-INTC
Copy link
Contributor

  • Update rsa_key_gen() and ec_key_gen(), fix the issue 140
  • Use generated key file

Jing He added 6 commits November 11, 2022 01:06
Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Jing He <jing.j.he@intel.com>
if (!ctx)
{
printf("EVP_PKEY_CTX_new_id: %ld\n", ERR_get_error());
EVP_PKEY_CTX_free(ctx);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems no need to free if allocation fails.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

EVP_PKEY_CTX_free(ctx);
return;
}
unsigned char *tbuf = buf;

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the tbuf is not needed. You can directly use i2d_PublicKey(ec_pkey, &buf). I didn't see any other use for tbuf.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a requirement from OpenSSL's i2d_PublicKey() and related APIs like i2d_x509(), according to:
https://www.openssl.org/docs/man1.1.1/man3/i2d_RSAPublicKey.html
if

to attempt to use a buffer directly:

will result in buf apparently containing garbage because it was incremented after the call to point after the data just written. Also buf will no longer contain the pointer allocated by OPENSSL_malloc() and the subsequent call to OPENSSL_free() is likely to crash.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, you are right. Thanks.

fix
Signed-off-by: Jing He <jing.j.he@intel.com>
@jinghe-INTC jinghe-INTC merged commit 71e84cd into intel:master Nov 18, 2022
@jinghe-INTC jinghe-INTC deleted the update_unittest_keygen branch November 18, 2022 02:44
jinghe-INTC pushed a commit that referenced this pull request Mar 2, 2023
* update architecture doc (#115)

Signed-off-by: Jing He <jing.j.he@intel.com>

* Linux: small fixes (#111)

* Linux: fix Nix detection

Detect the `OS_ID` of Nix by probing for the presence of the `NIX_STORE`
environment variable instead of `NIX_PATH`. The latter is only set in a
`nix-shell` session but isn't when building a derivation through
`nix-build`. In contrast, the `NIX_STORE` environment variable is set in
both cases.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* Linux: call binaries relative to PATH

Using an absolute path to call binaries is incompatible with
distributions which do not follow the Filesystem Hierachy Standard;
Nix is an example. Also, it is inconsistent with the rest of the code
base, let alone superfluous.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* Linux: properly extract GCC major version

Calling `gcc -dumpversion` yields the full version string, e.g.,
`10.3.0`. The `build_openssl.sh` bash script uses the `-ge` number
comparison operator to check if the returned version is at least
8. This results in an error if the returned GCC version includes a patch
version; "10.3.0" isn't a valid number.

This commit fixes the version detection by only extracting the relevant
major version of GCC.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* add an option to make it possible to build on non-intel platform (#116)

* add a built flag "SKIP_INTELCPU_CHECK" for non-intel platform, ref #113
* Update README.md

Signed-off-by: Jing He <jing.j.he@intel.com>

* Update build script (#119)

* update build scripts, removing OPENSSL_INSTALL_DIR
* update tsgxssl file to remove full path

Signed-off-by: Jing He <jing.j.he@intel.com>

* Upgrade to take OpenSSL 1.1.1n (#120)

* Fix windows tsgxssl code (#122)

* use the _t.h of the generated version instead of the saved one

Signed-off-by: Jing He <jing.j.he@intel.com>

* fix the last file

Signed-off-by: Jing He <jing.j.he@intel.com>

* remove unnecessary including of sgx_trts.h

Signed-off-by: Jing He <jing.j.he@intel.com>

* correct the tcommon.h file name

Signed-off-by: Jing He <jing.j.he@intel.com>

* upgrade to OpenSSL 1.1.1o (#124)

* add build dependence path for td migration build (#130)

* add build dependence path for td migration build

* revert untrusted part changes, since only need trusted part

* Upgrade for OpenSSL 1.1.1p (#131)

* upgrade for openssl 1.1.1p

Signed-off-by: Jing He <jing.j.he@intel.com>

* generated by:  $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.s ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.s

Signed-off-by: Jing He <jing.j.he@intel.com>

* generated by: (WSL) $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.asm ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.asm

Signed-off-by: Jing He <jing.j.he@intel.com>

* upgrade for openssl 1.1.1p

Signed-off-by: Jing He <jing.j.he@intel.com>

* correct the result of tool.txt (#117)

Signed-off-by: Jing He <jing.j.he@intel.com>

* update for OpenSSL upgrading to 1.1.1q (#132)

* update for OpenSSL upgrading to 1.1.1q

Signed-off-by: Jing He <jing.j.he@intel.com>

* update

Signed-off-by: Jing He <jing.j.he@intel.com>

* Directly use the macro value instead of including a header file. (#136)

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

* Remove the permission modification line in Makefile.

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

* Update unit test code (#141)

* update unit test code: keygen test of RSA and EC
* update project settings
* update Windows test code


Signed-off-by: Jing He <jing.j.he@intel.com>

* *upgrade for openssl 1.1.1s (#139)

*upgrade for openssl 1.1.1s
*update unit test sample with generated key file

Signed-off-by: Jing He <jing.j.he@intel.com>

* enhance security of the test app (#145)

Signed-off-by: Jing He <jing.j.he@intel.com>

* Upgrade 1.1.1t (#150)

* upgrade to 1.1.1t


Signed-off-by: Jing He <jing.j.he@intel.com>

* update version

---------

Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>
Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>
Co-authored-by: jinghe-INTC <jing.j.he@intel.com>
Co-authored-by: Vincent Haupert <mail@vincent-haupert.de>
Co-authored-by: dashuaic <dashuai.cheng@intel.com>
Co-authored-by: lzha101 <lili.z.zhang@intel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants