Add tests for deprecated APIs

Signed-off-by: Steffen Jaeckel <[email protected]>

.github/workflows/main.yml

@@ -52,6 +52,7 @@ jobs:
           - { BUILDNAME: 'NO_FAST',                 BUILDOPTIONS: '-DLTC_NO_FAST',                                                        BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'NO_FAST+SMALL+NO_TABLES', BUILDOPTIONS: '-DLTC_NO_FAST -DLTC_SMALL_CODE -DLTC_NO_TABLES',                       BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'NO_ASM',                  BUILDOPTIONS: '-DLTC_NO_ASM',                                                         BUILDSCRIPT: '.ci/run.sh' }
+          - { BUILDNAME: 'NO_DEPRECATED_APIS',      BUILDOPTIONS: '-DLTC_NO_DEPRECATED_APIS',                                             BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'NO_TIMING_RESISTANCE',    BUILDOPTIONS: '-DLTC_NO_ECC_TIMING_RESISTANT -DLTC_NO_RSA_BLINDING',                  BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'FORTUNA_CUSTOM_OPTIONS',  BUILDOPTIONS: '-DLTC_FORTUNA_USE_ENCRYPT_ONLY -DLTC_FORTUNA_RESEED_RATELIMIT_STATIC', BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'PTHREAD',                 BUILDOPTIONS: '-DLTC_PTHREAD',                                                        BUILDSCRIPT: '.ci/run.sh' }

src/misc/crypt/crypt.c

@@ -580,6 +580,9 @@ const char *crypt_build_settings =
 #endif
 #if defined(LTC_CLOCK_GETTIME)
     " LTC_CLOCK_GETTIME "
+#endif
+#if defined(LTC_NO_DEPRECATED_APIS)
+    " LTC_NO_DEPRECATED_APIS "
 #endif
     "\n"
     ;

tests/deprecated_test.c

@@ -0,0 +1,48 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis */
+/* SPDX-License-Identifier: Unlicense */
+#define LTC_DEPRECATED(x)
+#include  <tomcrypt_test.h>
+
+#ifdef LTC_MECC
+static void s_ecc_test(void)
+{
+   const ltc_ecc_curve* dp;
+   unsigned char buf[128];
+   unsigned long len;
+   ecc_key key;
+   int stat;
+   unsigned char data16[16] = { 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1, 0xd1 };
+
+   /* We need an MPI provider for ECC */
+   if (ltc_mp.name == NULL) return;
+
+   ENSURE(ltc_ecc_curves[0].OID != NULL);
+
+   DO(ecc_find_curve(ltc_ecc_curves[0].OID, &dp));
+   DO(ecc_make_key_ex(&yarrow_prng, find_prng ("yarrow"), &key, dp));
+
+   len = sizeof(buf);
+   DO(ecc_sign_hash(data16, 16, buf, &len, &yarrow_prng, find_prng ("yarrow"), &key));
+   stat = 0;
+   DO(ecc_verify_hash(buf, len, data16, 16, &stat, &key));
+
+   SHOULD_FAIL(ecc_verify_hash_rfc7518(buf, len, data16, 16, &stat, &key));
+
+   len = sizeof(buf);
+   DO(ecc_sign_hash_rfc7518(data16, 16, buf, &len, &yarrow_prng, find_prng ("yarrow"), &key));
+   stat = 0;
+   DO(ecc_verify_hash_rfc7518(buf, len, data16, 16, &stat, &key));
+
+   SHOULD_FAIL(ecc_verify_hash(buf, len, data16, 16, &stat, &key));
+
+   ecc_free(&key);
+}
+#endif
+
+int deprecated_test(void)
+{
+#ifdef LTC_MECC
+   s_ecc_test();
+#endif
+   return 0;
+}

tests/sources.cmake

@@ -5,6 +5,7 @@ base64_test.c
 bcrypt_test.c
 cipher_hash_test.c
 common.c
+deprecated_test.c
 der_test.c
 dh_test.c
 dsa_test.c

tests/test.c

@@ -37,6 +37,7 @@ static const test_function test_functions[] =
       LTC_TEST_FN(file_test),
       LTC_TEST_FN(multi_test),
       LTC_TEST_FN(pem_test),
+      LTC_TEST_FN(deprecated_test),
       /* keep the prng_test always at the end as
        * it has to be handled specially when
        * testing with LTC_PTHREAD enabled

tests/tomcrypt_test.h

@@ -45,6 +45,7 @@ int ssh_test(void);
 int bcrypt_test(void);
 int no_null_termination_check_test(void);
 int pk_oid_test(void);
+int deprecated_test(void);
 
 #ifdef LTC_PKCS_1
 struct ltc_prng_descriptor* no_prng_desc_get(void);