Enable openssl AES tests

diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index dc4f3e5e955432ab03800a5ac3af7f0860c407f1..e424dac1f35d97fcc60a1603d8de6ee2521eb530 100644 (file)
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -314,6 +314,7 @@ rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
                EVP_CIPHER_CTX *s;
 
                s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT);
+               memset (s, 0, sizeof (*s));
                g_assert (EVP_EncryptInit_ex (s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1);
                g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_SET_IVLEN, 24, NULL) == 1);
                g_assert (EVP_EncryptInit_ex (s, NULL, NULL, nm, nonce) == 1);
@@ -477,6 +478,7 @@ rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
                EVP_CIPHER_CTX *s;
 
                s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT);
+               memset (s, 0, sizeof (*s));
                g_assert (EVP_DecryptInit_ex(s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1);
                g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_SET_IVLEN, 24, NULL) == 1);
                g_assert (EVP_DecryptInit_ex (s, NULL, NULL, nm, nonce) == 1);
@@ -639,7 +641,7 @@ rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx)
 #else
                EVP_CIPHER_CTX *s = enc_ctx;
 
-               EVP_CIPHER_CTX_free (s);
+               EVP_CIPHER_CTX_cleanup (s);
 #endif
        }
 }
@@ -923,12 +925,12 @@ rspamd_cryptobox_pbkdf (const char *pass, gsize pass_len,
        return TRUE;
 }
 
-void
+gboolean
 rspamd_cryptobox_openssl_mode (gboolean enable)
 {
 #ifdef HAVE_USABLE_OPENSSL
        use_openssl = enable;
-#else
-       g_assert (0);
 #endif
+
+       return use_openssl;
 }

diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h
index 3305fccc1a9d9b922386e1c634e60b80bd197940..aed90079c101bb5e5310322efdb532c3af339559 100644 (file)
--- a/src/libcryptobox/cryptobox.h
+++ b/src/libcryptobox/cryptobox.h
@@ -178,6 +178,6 @@ gboolean rspamd_cryptobox_pbkdf(const char *pass, gsize pass_len,
  * Enable openssl mode in rspamd_cryptobox
  * @param enable if TRUE then crypto code will use openssl, chacha20/poly1305 otherwize
  */
-void rspamd_cryptobox_openssl_mode (gboolean enable);
+gboolean rspamd_cryptobox_openssl_mode (gboolean enable);
 
 #endif /* CRYPTOBOX_H_ */

diff --git a/test/rspamd_cryptobox_test.c b/test/rspamd_cryptobox_test.c
index d01d99ee3ab82711e0f0ff3866612a879d1f73f8..97a21ec487137a7a8dc4473be90a833e19bb9548 100644 (file)
--- a/test/rspamd_cryptobox_test.c
+++ b/test/rspamd_cryptobox_test.c
@@ -172,6 +172,7 @@ rspamd_cryptobox_test_func (void)
        struct rspamd_cryptobox_segment *seg;
        double t1, t2;
        gint i, cnt, ms;
+       gboolean checked_openssl = FALSE;
 
        map = create_mapping (mapping_size, &begin, &end);
 
@@ -188,6 +189,22 @@ rspamd_cryptobox_test_func (void)
        check_result (key, nonce, mac, begin, end);
 
        msg_info ("baseline encryption: %.6f", t2 - t1);
+
+       if (rspamd_cryptobox_openssl_mode (TRUE)) {
+               t1 = rspamd_get_ticks ();
+               rspamd_cryptobox_encrypt_nm_inplace (begin,
+                               end - begin,
+                               nonce,
+                               key,
+                               mac);
+               t2 = rspamd_get_ticks ();
+               check_result (key, nonce, mac, begin, end);
+
+               msg_info ("openssl baseline encryption: %.6f", t2 - t1);
+               rspamd_cryptobox_openssl_mode (FALSE);
+       }
+
+start:
        /* A single chunk as vector */
        seg[0].data = begin;
        seg[0].len = end - begin;
@@ -330,4 +347,9 @@ rspamd_cryptobox_test_func (void)
                        msg_info ("constrainted fuzz iterations: %d", i);
                }
        }
+
+       if (!checked_openssl && rspamd_cryptobox_openssl_mode (TRUE)) {
+               checked_openssl = TRUE;
+               goto start;
+       }
 }