From 744b030cff61fd25114b0b25394c62782c153343 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 19 Feb 2016 12:57:00 +0100
Subject: Add new private header gcrypt-testapi.h.

* src/gcrypt-testapi.h: New.
* src/Makefile.am (libgcrypt_la_SOURCES): Add new file.
* random/random.h: Include gcrypt-testapi.h.
(struct gcry_drbg_test_vector) : Move to gcrypt-testapi.h.
* src/global.c: Include gcrypt-testapi.h.
(_gcry_vcontrol): Use PRIV_CTL_* constants instead of 58, 59, 60, 61.
* cipher/cipher.c: Include gcrypt-testapi.h.
(_gcry_cipher_ctl): Use PRIV_CIPHERCTL_ constants instead of 61, 62.
* tests/fipsdrv.c: Include gcrypt-testapi.h.  Remove definition of
PRIV_CTL_ constants and replace their use by the new PRIV_CIPHERCTL_
constants.
* tests/t-lock.c: Include gcrypt-testapi.h.  Remove
PRIV_CTL_EXTERNAL_LOCK_TEST and EXTERNAL_LOCK_TEST_ constants.

* random/random-drbg.c (gcry_rngdrbg_cavs_test): Rename to ...
(_gcry_rngdrbg_cavs_test): this.
(gcry_rngdrbg_healthcheck_one): Rename to ...
(_gcry_rngdrbg_healthcheck_one): this.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 cipher/cipher.c      |  5 ++--
 random/random-drbg.c | 23 +++++++++---------
 random/random.h      | 29 ++++------------------
 src/Makefile.am      |  2 +-
 src/gcrypt-testapi.h | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/global.c         | 13 +++++-----
 tests/fipsdrv.c      | 14 ++++-------
 tests/t-lock.c       |  7 +-----
 8 files changed, 100 insertions(+), 61 deletions(-)
 create mode 100644 src/gcrypt-testapi.h

diff --git a/cipher/cipher.c b/cipher/cipher.c
index f163bde2..802ffad8 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -26,6 +26,7 @@
 #include <errno.h>
 
 #include "g10lib.h"
+#include "../src/gcrypt-testapi.h"
 #include "cipher.h"
 #include "./cipher-internal.h"
 
@@ -1321,7 +1322,7 @@ _gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
       disable_cipher_algo( *(int*)buffer );
       break;
 
-    case 61:  /* Disable weak key detection (private).  */
+    case PRIV_CIPHERCTL_DISABLE_WEAK_KEY:  /* (private)  */
       if (h->spec->set_extra_info)
         rc = h->spec->set_extra_info
           (&h->context.c, CIPHER_INFO_NO_WEAK_KEY, NULL, 0);
@@ -1329,7 +1330,7 @@ _gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
         rc = GPG_ERR_NOT_SUPPORTED;
       break;
 
-    case 62: /* Return current input vector (private).  */
+    case PRIV_CIPHERCTL_GET_INPUT_VECTOR: /* (private)  */
       /* This is the input block as used in CFB and OFB mode which has
          initially been set as IV.  The returned format is:
            1 byte  Actual length of the block in bytes.
diff --git a/random/random-drbg.c b/random/random-drbg.c
index f45a0c99..a73aacb0 100644
--- a/random/random-drbg.c
+++ b/random/random-drbg.c
@@ -2338,7 +2338,7 @@ struct gcry_drbg_test_vector drbg_test_nopr[] = {
  * call for the CAVS test tool.
  */
 gpg_err_code_t
-gcry_rngdrbg_cavs_test (struct gcry_drbg_test_vector *test, unsigned char *buf)
+_gcry_rngdrbg_cavs_test (struct gcry_drbg_test_vector *test, unsigned char *buf)
 {
   gpg_err_code_t ret = 0;
   drbg_state_t drbg = NULL;
@@ -2414,14 +2414,15 @@ gcry_rngdrbg_cavs_test (struct gcry_drbg_test_vector *test, unsigned char *buf)
  * call for the CAVS test tool.
  */
 gpg_err_code_t
-gcry_rngdrbg_healthcheck_one (struct gcry_drbg_test_vector * test)
+_gcry_rngdrbg_healthcheck_one (struct gcry_drbg_test_vector * test)
 {
   gpg_err_code_t ret = GPG_ERR_ENOMEM;
   unsigned char *buf = xcalloc_secure (1, test->expectedlen);
   if (!buf)
     return GPG_ERR_ENOMEM;
 
-  ret = gcry_rngdrbg_cavs_test (test, buf);
+  ret = _gcry_rngdrbg_cavs_test (test, buf);
+  /* FIXME: The next line is wrong.   */
   ret = memcmp (test->expected, buf, test->expectedlen);
 
   xfree (buf);
@@ -2528,14 +2529,14 @@ static int
 drbg_healthcheck (void)
 {
   int ret = 0;
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[0]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[1]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[2]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[3]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[4]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_pr[0]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_pr[1]);
-  ret += gcry_rngdrbg_healthcheck_one (&drbg_test_pr[2]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[0]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[1]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[2]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[3]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_nopr[4]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_pr[0]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_pr[1]);
+  ret += _gcry_rngdrbg_healthcheck_one (&drbg_test_pr[2]);
   ret += drbg_healthcheck_sanity (&drbg_test_nopr[0]);
   return ret;
 }
diff --git a/random/random.h b/random/random.h
index ee05cfe3..30e6fdf4 100644
--- a/random/random.h
+++ b/random/random.h
@@ -21,6 +21,7 @@
 #define G10_RANDOM_H
 
 #include "types.h"
+#include "../src/gcrypt-testapi.h"  /* struct gcry_drbg_test_vector */
 
 /*-- random.c --*/
 void _gcry_register_random_progress (void (*cb)(void *,const char*,int,int,int),
@@ -57,31 +58,9 @@ void            _gcry_random_deinit_external_test (void *context);
 /*-- random-drbg.c --*/
 gpg_err_code_t _gcry_rngdrbg_reinit (const char *flagstr,
                                      gcry_buffer_t *pers, int npers);
-/* private interfaces for testing of DRBG */
-struct gcry_drbg_test_vector
-{
-  const char *flagstr;
-  unsigned char *entropy;
-  size_t entropylen;
-  unsigned char *entpra;
-  unsigned char *entprb;
-  size_t entprlen;
-  unsigned char *addtla;
-  unsigned char *addtlb;
-  size_t addtllen;
-  unsigned char *pers;
-  size_t perslen;
-  unsigned char *expected;
-  size_t expectedlen;
-  unsigned char *entropyreseed;
-  size_t entropyreseed_len;
-  unsigned char *addtl_reseed;
-  size_t addtl_reseed_len;
-};
-
-gpg_err_code_t gcry_rngdrbg_cavs_test (struct gcry_drbg_test_vector *t,
-                                       unsigned char *buf);
-gpg_err_code_t gcry_rngdrbg_healthcheck_one (struct gcry_drbg_test_vector *t);
+gpg_err_code_t _gcry_rngdrbg_cavs_test (struct gcry_drbg_test_vector *t,
+                                        unsigned char *buf);
+gpg_err_code_t _gcry_rngdrbg_healthcheck_one (struct gcry_drbg_test_vector *t);
 
 /*-- rndegd.c --*/
 gpg_error_t _gcry_rndegd_set_socket_name (const char *name);
diff --git a/src/Makefile.am b/src/Makefile.am
index cd0d354d..4ef95cbd 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -56,7 +56,7 @@ endif
 libgcrypt_la_CFLAGS = $(GPG_ERROR_CFLAGS)
 libgcrypt_la_SOURCES = \
         gcrypt-int.h g10lib.h visibility.c visibility.h types.h \
-	cipher.h cipher-proto.h \
+	gcrypt-testapi.h cipher.h cipher-proto.h \
 	misc.c global.c sexp.c hwfeatures.c hwf-common.h \
 	stdmem.c stdmem.h secmem.c secmem.h \
 	mpi.h missing-string.c fips.c \
diff --git a/src/gcrypt-testapi.h b/src/gcrypt-testapi.h
new file mode 100644
index 00000000..23d38008
--- /dev/null
+++ b/src/gcrypt-testapi.h
@@ -0,0 +1,68 @@
+/* gcrypt-testapi.h - Definitiona for the Regression test API
+ * Copyright (C) 2016 g10 Code GmbH
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+/*
+ * WARNING: This is a private API to be used by regression tests.  In
+ * particular this API does not constitute a well defined ABI.  The
+ * header may only be used with its matching Libgcrypt version.
+ */
+
+#ifndef GCRY_GCRYPT_TESTAPI_H
+#define GCRY_GCRYPT_TESTAPI_H
+
+/* For use with gcry_control:  */
+#define PRIV_CTL_INIT_EXTRNG_TEST   58
+#define PRIV_CTL_RUN_EXTRNG_TEST    59
+#define PRIV_CTL_DEINIT_EXTRNG_TEST 60
+#define PRIV_CTL_EXTERNAL_LOCK_TEST 61
+
+#define EXTERNAL_LOCK_TEST_INIT       30111
+#define EXTERNAL_LOCK_TEST_LOCK       30112
+#define EXTERNAL_LOCK_TEST_UNLOCK     30113
+#define EXTERNAL_LOCK_TEST_DESTROY    30114
+
+/* For use with gcry_cipher_ctl:  */
+#define PRIV_CIPHERCTL_DISABLE_WEAK_KEY   61
+#define PRIV_CIPHERCTL_GET_INPUT_VECTOR   62
+
+
+/* Private interfaces for testing of random-drbg.c. */
+struct gcry_drbg_test_vector
+{
+  const char *flagstr;
+  unsigned char *entropy;
+  size_t entropylen;
+  unsigned char *entpra;
+  unsigned char *entprb;
+  size_t entprlen;
+  unsigned char *addtla;
+  unsigned char *addtlb;
+  size_t addtllen;
+  unsigned char *pers;
+  size_t perslen;
+  unsigned char *expected;
+  size_t expectedlen;
+  unsigned char *entropyreseed;
+  size_t entropyreseed_len;
+  unsigned char *addtl_reseed;
+  size_t addtl_reseed_len;
+};
+
+
+#endif /*GCRY_GCRYPT_TESTAPI_H*/
diff --git a/src/global.c b/src/global.c
index b4954bad..4bd928b9 100644
--- a/src/global.c
+++ b/src/global.c
@@ -35,6 +35,7 @@
 #endif /*HAVE_SYSLOG*/
 
 #include "g10lib.h"
+#include "gcrypt-testapi.h"
 #include "cipher.h"
 #include "stdmem.h" /* our own memory allocator */
 #include "secmem.h" /* our own secmem allocator */
@@ -575,25 +576,25 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr)
 # pragma GCC diagnostic push
 # pragma GCC diagnostic ignored "-Wswitch"
 #endif
-    case 58:  /* Init external random test.  */
+    case PRIV_CTL_INIT_EXTRNG_TEST:  /* Init external random test.  */
       rc = GPG_ERR_NOT_SUPPORTED;
       break;
-    case 59:  /* Run external DRBG test.  */
+    case PRIV_CTL_RUN_EXTRNG_TEST:  /* Run external DRBG test.  */
       {
         struct gcry_drbg_test_vector *test =
 	  va_arg (arg_ptr, struct gcry_drbg_test_vector *);
         unsigned char *buf = va_arg (arg_ptr, unsigned char *);
 
         if (buf)
-          rc = gcry_rngdrbg_cavs_test (test, buf);
+          rc = _gcry_rngdrbg_cavs_test (test, buf);
         else
-          rc = gcry_rngdrbg_healthcheck_one (test);
+          rc = _gcry_rngdrbg_healthcheck_one (test);
       }
       break;
-    case 60:  /* Deinit external random test.  */
+    case PRIV_CTL_DEINIT_EXTRNG_TEST:  /* Deinit external random test.  */
       rc = GPG_ERR_NOT_SUPPORTED;
       break;
-    case 61:  /* Run external lock test */
+    case PRIV_CTL_EXTERNAL_LOCK_TEST:  /* Run external lock test */
       rc = external_lock_test (va_arg (arg_ptr, int));
       break;
     case 62:  /* RFU */
diff --git a/tests/fipsdrv.c b/tests/fipsdrv.c
index b3da2a30..d7574201 100644
--- a/tests/fipsdrv.c
+++ b/tests/fipsdrv.c
@@ -41,7 +41,7 @@
 # define PACKAGE_BUGREPORT "devnull@example.org"
 # define PACKAGE_VERSION "[build on " __DATE__ " " __TIME__ "]"
 #endif
-
+#include "../src/gcrypt-testapi.h"
 
 #define PGM "fipsdrv"
 
@@ -57,12 +57,6 @@
 #define DIMof(type,member)   DIM(((type *)0)->member)
 
 
-#define PRIV_CTL_INIT_EXTRNG_TEST   58
-#define PRIV_CTL_RUN_EXTRNG_TEST    59
-#define PRIV_CTL_DEINIT_EXTRNG_TEST 60
-#define PRIV_CTL_DISABLE_WEAK_KEY   61
-#define PRIV_CTL_GET_INPUT_VECTOR   62
-
 
 /* Verbose mode flag.  */
 static int verbose;
@@ -1069,7 +1063,7 @@ run_encrypt_decrypt (int encrypt_mode,
   blocklen = gcry_cipher_get_algo_blklen (cipher_algo);
   assert (blocklen);
 
-  gcry_cipher_ctl (hd, PRIV_CTL_DISABLE_WEAK_KEY, NULL, 0);
+  gcry_cipher_ctl (hd, PRIV_CIPHERCTL_DISABLE_WEAK_KEY, NULL, 0);
 
   err = gcry_cipher_setkey (hd, key_buffer, key_buflen);
   if (err)
@@ -1124,7 +1118,7 @@ get_current_iv (gcry_cipher_hd_t hd, void *buffer, size_t buflen)
 {
   unsigned char tmp[17];
 
-  if (gcry_cipher_ctl (hd, PRIV_CTL_GET_INPUT_VECTOR, tmp, sizeof tmp))
+  if (gcry_cipher_ctl (hd, PRIV_CIPHERCTL_GET_INPUT_VECTOR, tmp, sizeof tmp))
     die ("error getting current input vector\n");
   if (buflen > *tmp)
     die ("buffer too short to store the current input vector\n");
@@ -1159,7 +1153,7 @@ run_cipher_mct_loop (int encrypt_mode, int cipher_algo, int cipher_mode,
     die ("invalid block length %d\n", blocklen);
 
 
-  gcry_cipher_ctl (hd, PRIV_CTL_DISABLE_WEAK_KEY, NULL, 0);
+  gcry_cipher_ctl (hd, PRIV_CIPHERCTL_DISABLE_WEAK_KEY, NULL, 0);
 
   err = gcry_cipher_setkey (hd, key_buffer, key_buflen);
   if (err)
diff --git a/tests/t-lock.c b/tests/t-lock.c
index 815f63b9..2c1997d3 100644
--- a/tests/t-lock.c
+++ b/tests/t-lock.c
@@ -34,6 +34,7 @@
 #define PGMNAME "t-lock"
 
 #include "t-common.h"
+#include "../src/gcrypt-testapi.h"
 
 /* Mingw requires us to include windows.h after winsock2.h which is
    included by gcrypt.h.  */
@@ -49,12 +50,6 @@
 # define THREAD_RET_VALUE NULL
 #endif
 
-#define PRIV_CTL_EXTERNAL_LOCK_TEST   61
-#define EXTERNAL_LOCK_TEST_INIT       30111
-#define EXTERNAL_LOCK_TEST_LOCK       30112
-#define EXTERNAL_LOCK_TEST_UNLOCK     30113
-#define EXTERNAL_LOCK_TEST_DESTROY    30114
-
 
 /* Number of threads to run.  */
 #define N_NONCE_THREADS 8
-- 
cgit v1.2.1