2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
25 #include "helpers/predefined_dhparams.h"
29 static BN_CTX *bnctx = NULL;
30 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
31 static OSSL_PARAM_BLD *bld_prime = NULL;
32 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
33 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
35 # ifndef OPENSSL_NO_EC2M
36 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
37 static OSSL_PARAM_BLD *bld_tri = NULL;
38 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
39 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
43 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) \
44 || !defined(OPENSSL_NO_EC)
45 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
47 EVP_PKEY *pkey = NULL;
48 EVP_PKEY_CTX *ctx = NULL;
50 # ifndef OPENSSL_NO_DH
52 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
53 * for testing only. Use a minimum key size of 2048 for security purposes.
55 if (strcmp(type, "DH") == 0)
56 return get_dh512(NULL);
57 if (strcmp(type, "X9.42 DH") == 0)
58 return get_dhx512(NULL);
62 * No real need to check the errors other than for the cascade
63 * effect. |pkey| will simply remain NULL if something goes wrong.
65 (void)((ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL)) != NULL
66 && EVP_PKEY_paramgen_init(ctx) > 0
68 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
69 && EVP_PKEY_gen(ctx, &pkey) > 0);
70 EVP_PKEY_CTX_free(ctx);
76 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
77 OSSL_PARAM *genparams)
79 EVP_PKEY *pkey = NULL;
82 ? EVP_PKEY_CTX_new(template, NULL)
83 : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
86 * No real need to check the errors other than for the cascade
87 * effect. |pkey| will simply remain NULL if something goes wrong.
90 && EVP_PKEY_keygen_init(ctx) > 0
92 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
93 && EVP_PKEY_keygen(ctx, &pkey) > 0);
94 EVP_PKEY_CTX_free(ctx);
98 /* Main test driver */
101 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
102 * and __LINE__ as first two arguments, and have them use the lower case
103 * functions, such as test_strn_eq(), rather than the uppercase macros
104 * (TEST_strn2_eq(), for example).
107 typedef int (encoder)(void **encoded, long *encoded_len,
108 void *object, int selection,
109 const char *output_type, const char *output_structure,
110 const char *pass, const char *pcipher);
111 typedef int (decoder)(void **object, void *encoded, long encoded_len,
112 const char *keytype, const char *input_type,
113 int selection, const char *pass);
114 typedef int (tester)(const void *data1, size_t data1_len,
115 const void *data2, size_t data2_len);
116 typedef int (checker)(const char *type, const void *data, size_t data_len);
117 typedef void (dumper)(const char *label, const void *data, size_t data_len);
119 #define FLAG_DECODE_WITH_TYPE 0x0001
121 static int test_encode_decode(const char *type, EVP_PKEY *pkey,
122 int selection, const char *output_type,
123 const char *output_structure,
124 const char *pass, const char *pcipher,
125 encoder *encode_cb, decoder *decode_cb,
126 tester *test_cb, checker *check_cb,
127 dumper *dump_cb, int flags)
129 void *encoded = NULL;
130 long encoded_len = 0;
131 EVP_PKEY *pkey2 = NULL;
132 void *encoded2 = NULL;
133 long encoded2_len = 0;
137 * Encode |pkey|, decode the result into |pkey2|, and finish off by
138 * encoding |pkey2| as well. That last encoding is for checking and
141 if (!TEST_true(encode_cb(&encoded, &encoded_len, pkey, selection,
142 output_type, output_structure, pass, pcipher))
143 || !TEST_true(check_cb(type, encoded, encoded_len))
144 || !TEST_true(decode_cb((void **)&pkey2, encoded, encoded_len,
145 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
146 output_type, selection, pass))
147 || !TEST_true(encode_cb(&encoded2, &encoded2_len, pkey2, selection,
148 output_type, output_structure, pass, pcipher)))
151 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
152 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
155 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
160 * Double check the encoding, but only for unprotected keys,
161 * as protected keys have a random component, which makes the output
164 if ((pass == NULL && pcipher == NULL)
165 && !test_cb(encoded, encoded_len, encoded2, encoded2_len))
171 if (encoded != NULL && encoded_len != 0)
172 dump_cb("|pkey| encoded", encoded, encoded_len);
173 if (encoded2 != NULL && encoded2_len != 0)
174 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
177 OPENSSL_free(encoded);
178 OPENSSL_free(encoded2);
179 EVP_PKEY_free(pkey2);
183 /* Encoding and decoding methods */
185 static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
186 void *object, int selection,
187 const char *output_type,
188 const char *output_structure,
189 const char *pass, const char *pcipher)
191 EVP_PKEY *pkey = object;
192 OSSL_ENCODER_CTX *ectx = NULL;
194 BUF_MEM *mem_buf = NULL;
195 const unsigned char *upass = (const unsigned char *)pass;
198 if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection,
202 || !TEST_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
204 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
207 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
208 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
209 || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
210 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
211 || !TEST_ptr(*encoded = mem_buf->data)
212 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
215 /* Detach the encoded output */
216 mem_buf->data = NULL;
221 OSSL_ENCODER_CTX_free(ectx);
225 static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len,
226 const char *keytype, const char *input_type,
227 int selection, const char *pass)
229 EVP_PKEY *pkey = NULL, *testpkey = NULL;
230 OSSL_DECODER_CTX *dctx = NULL;
231 BIO *encoded_bio = NULL;
232 const unsigned char *upass = (const unsigned char *)pass;
237 if (strcmp(input_type, "DER") == 0)
242 if (!TEST_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
246 * We attempt the decode 3 times. The first time we provide the expected
247 * starting input type. The second time we provide NULL for the starting
248 * type. The third time we provide a bad starting input type.
249 * The bad starting input type should fail. The other two should succeed
250 * and produce the same result.
252 for (i = 0; i < 3; i++) {
253 const char *testtype = (i == 0) ? input_type
254 : ((i == 1) ? NULL : badtype);
256 if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey,
263 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
264 || !TEST_int_gt(BIO_reset(encoded_bio), 0)
265 /* We expect to fail when using a bad input type */
266 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
269 OSSL_DECODER_CTX_free(dctx);
276 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
277 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
280 if (!TEST_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
291 EVP_PKEY_free(testpkey);
292 BIO_free(encoded_bio);
293 OSSL_DECODER_CTX_free(dctx);
297 static int encode_EVP_PKEY_legacy_PEM(void **encoded, long *encoded_len,
298 void *object, ossl_unused int selection,
299 ossl_unused const char *output_type,
300 ossl_unused const char *output_structure,
301 const char *pass, const char *pcipher)
303 EVP_PKEY *pkey = object;
304 EVP_CIPHER *cipher = NULL;
306 BUF_MEM *mem_buf = NULL;
307 const unsigned char *upass = (const unsigned char *)pass;
311 if (pcipher != NULL && pass != NULL) {
312 passlen = strlen(pass);
313 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
316 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
317 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
321 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
322 || !TEST_ptr(*encoded = mem_buf->data)
323 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
326 /* Detach the encoded output */
327 mem_buf->data = NULL;
332 EVP_CIPHER_free(cipher);
336 static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
337 void *object, int selection,
338 ossl_unused const char *output_type,
339 ossl_unused const char *output_structure,
340 ossl_unused const char *pass,
341 ossl_unused const char *pcipher)
343 EVP_PKEY *pkey = object;
345 BUF_MEM *mem_buf = NULL;
348 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem())))
351 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
352 if (!TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
355 if (!TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
359 if (!TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
360 || !TEST_ptr(*encoded = mem_buf->data)
361 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
364 /* Detach the encoded output */
365 mem_buf->data = NULL;
373 static pem_password_cb pass_pw;
374 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
376 OPENSSL_strlcpy(buf, userdata, size);
377 return strlen(userdata);
380 static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
381 void *object, int selection,
382 ossl_unused const char *output_type,
383 ossl_unused const char *output_structure,
385 ossl_unused const char *pcipher)
387 EVP_PKEY *pkey = object;
389 BUF_MEM *mem_buf = NULL;
390 int enc = (pass != NULL);
393 if (!TEST_true(ossl_assert((selection
394 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
395 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
396 || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
397 pass_pw, (void *)pass), 0)
398 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
399 || !TEST_ptr(*encoded = mem_buf->data)
400 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
403 /* Detach the encoded output */
404 mem_buf->data = NULL;
412 static int test_text(const void *data1, size_t data1_len,
413 const void *data2, size_t data2_len)
415 return TEST_strn2_eq(data1, data1_len, data2, data2_len);
418 static int test_mem(const void *data1, size_t data1_len,
419 const void *data2, size_t data2_len)
421 return TEST_mem_eq(data1, data1_len, data2, data2_len);
424 /* Test cases and their dumpers / checkers */
426 static void collect_name(const char *name, void *arg)
428 char **namelist = arg;
432 space = strlen(name);
433 if (*namelist != NULL)
434 space += strlen(*namelist) + 2 /* for comma and space */;
435 space++; /* for terminating null byte */
437 new_namelist = OPENSSL_realloc(*namelist, space);
438 if (new_namelist == NULL)
440 if (*namelist != NULL) {
441 strcat(new_namelist, ", ");
442 strcat(new_namelist, name);
444 strcpy(new_namelist, name);
446 *namelist = new_namelist;
449 static void dump_der(const char *label, const void *data, size_t data_len)
451 test_output_memory(label, data, data_len);
454 static void dump_pem(const char *label, const void *data, size_t data_len)
456 test_output_string(label, data, data_len - 1);
459 static int check_unprotected_PKCS8_DER(const char *type,
460 const void *data, size_t data_len)
462 const unsigned char *datap = data;
463 PKCS8_PRIV_KEY_INFO *p8inf =
464 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
467 if (TEST_ptr(p8inf)) {
468 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
469 char *namelist = NULL;
471 if (TEST_ptr(pkey)) {
472 if (!(ok = TEST_true(EVP_PKEY_is_a(pkey, type)))) {
473 EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist);
474 if (namelist != NULL)
475 TEST_note("%s isn't any of %s", type, namelist);
476 OPENSSL_free(namelist);
481 PKCS8_PRIV_KEY_INFO_free(p8inf);
485 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
487 return test_encode_decode(type, key,
488 OSSL_KEYMGMT_SELECT_KEYPAIR
489 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
490 "DER", "pkcs8", NULL, NULL,
491 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
492 test_mem, check_unprotected_PKCS8_DER,
496 static int check_unprotected_PKCS8_PEM(const char *type,
497 const void *data, size_t data_len)
499 static const char expected_pem_header[] =
500 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
502 return TEST_strn_eq(data, expected_pem_header,
503 sizeof(expected_pem_header) - 1);
506 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
508 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_KEYPAIR
509 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
510 "PEM", "pkcs8", NULL, NULL,
511 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
512 test_text, check_unprotected_PKCS8_PEM,
516 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) \
517 || !defined(OPENSSL_NO_EC)
518 static int check_params_DER(const char *type, const void *data, size_t data_len)
520 const unsigned char *datap = data;
522 int itype = NID_undef;
523 EVP_PKEY *pkey = NULL;
525 if (strcmp(type, "DH") == 0)
527 else if (strcmp(type, "X9.42 DH") == 0)
528 itype = EVP_PKEY_DHX;
529 else if (strcmp(type, "DSA") == 0)
530 itype = EVP_PKEY_DSA;
531 else if (strcmp(type, "EC") == 0)
534 if (itype != NID_undef) {
535 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
543 static int check_params_PEM(const char *type,
544 const void *data, size_t data_len)
546 static char expected_pem_header[80];
549 TEST_int_gt(BIO_snprintf(expected_pem_header,
550 sizeof(expected_pem_header),
551 "-----BEGIN %s PARAMETERS-----", type), 0)
552 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
555 static int test_params_via_DER(const char *type, EVP_PKEY *key)
557 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
558 "DER", "type-specific", NULL, NULL,
559 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
560 test_mem, check_params_DER,
561 dump_der, FLAG_DECODE_WITH_TYPE);
564 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
566 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
567 "PEM", "type-specific", NULL, NULL,
568 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
569 test_text, check_params_PEM,
572 #endif /* ndef(OPENSSL_NO_DH) || ndef(OPENSSL_NO_DSA) || ndef(OPENSSL_NO_EC) */
574 static int check_unprotected_legacy_PEM(const char *type,
575 const void *data, size_t data_len)
577 static char expected_pem_header[80];
580 TEST_int_gt(BIO_snprintf(expected_pem_header,
581 sizeof(expected_pem_header),
582 "-----BEGIN %s PRIVATE KEY-----", type), 0)
583 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
586 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
588 return test_encode_decode(type, key,
589 OSSL_KEYMGMT_SELECT_KEYPAIR
590 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
591 "PEM", "type-specific", NULL, NULL,
592 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
593 test_text, check_unprotected_legacy_PEM,
597 static int check_MSBLOB(const char *type, const void *data, size_t data_len)
599 const unsigned char *datap = data;
600 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
601 int ok = TEST_ptr(pkey);
607 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
609 return test_encode_decode(type, key,
610 OSSL_KEYMGMT_SELECT_KEYPAIR
611 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
612 "MSBLOB", NULL, NULL, NULL,
613 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
614 test_mem, check_MSBLOB,
618 static int check_PVK(const char *type, const void *data, size_t data_len)
620 const unsigned char *in = data;
621 unsigned int saltlen = 0, keylen = 0;
622 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
627 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
629 return test_encode_decode(type, key,
630 OSSL_KEYMGMT_SELECT_KEYPAIR
631 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
632 "PVK", NULL, NULL, NULL,
633 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
638 static const char *pass_cipher = "AES-256-CBC";
639 static const char *pass = "the holy handgrenade of antioch";
641 static int check_protected_PKCS8_DER(const char *type,
642 const void *data, size_t data_len)
644 const unsigned char *datap = data;
645 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
646 int ok = TEST_ptr(p8);
652 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
654 return test_encode_decode(type, key,
655 OSSL_KEYMGMT_SELECT_KEYPAIR
656 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
657 "DER", "pkcs8", pass, pass_cipher,
658 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
659 test_mem, check_protected_PKCS8_DER,
663 static int check_protected_PKCS8_PEM(const char *type,
664 const void *data, size_t data_len)
666 static const char expected_pem_header[] =
667 "-----BEGIN " PEM_STRING_PKCS8 "-----";
669 return TEST_strn_eq(data, expected_pem_header,
670 sizeof(expected_pem_header) - 1);
673 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
675 return test_encode_decode(type, key,
676 OSSL_KEYMGMT_SELECT_KEYPAIR
677 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
678 "PEM", "pkcs8", pass, pass_cipher,
679 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
680 test_text, check_protected_PKCS8_PEM,
684 static int check_protected_legacy_PEM(const char *type,
685 const void *data, size_t data_len)
687 static char expected_pem_header[80];
690 TEST_int_gt(BIO_snprintf(expected_pem_header,
691 sizeof(expected_pem_header),
692 "-----BEGIN %s PRIVATE KEY-----", type), 0)
693 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
694 && TEST_ptr(strstr(data, "\nDEK-Info: "));
697 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
699 return test_encode_decode(type, key,
700 OSSL_KEYMGMT_SELECT_KEYPAIR
701 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
702 "PEM", "type-specific", pass, pass_cipher,
703 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
704 test_text, check_protected_legacy_PEM,
708 #ifndef OPENSSL_NO_RC4
709 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
711 return test_encode_decode(type, key,
712 OSSL_KEYMGMT_SELECT_KEYPAIR
713 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
714 "PVK", NULL, pass, NULL,
715 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
716 test_mem, check_PVK, dump_der, 0);
720 static int check_public_DER(const char *type, const void *data, size_t data_len)
722 const unsigned char *datap = data;
723 EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
724 int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
730 static int test_public_via_DER(const char *type, EVP_PKEY *key)
732 return test_encode_decode(type, key,
733 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
734 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
735 "DER", "SubjectPublicKeyInfo", NULL, NULL,
736 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
737 test_mem, check_public_DER, dump_der, 0);
740 static int check_public_PEM(const char *type, const void *data, size_t data_len)
742 static const char expected_pem_header[] =
743 "-----BEGIN " PEM_STRING_PUBLIC "-----";
746 TEST_strn_eq(data, expected_pem_header,
747 sizeof(expected_pem_header) - 1);
750 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
752 return test_encode_decode(type, key,
753 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
754 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
755 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
756 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
757 test_text, check_public_PEM, dump_pem, 0);
760 static int check_public_MSBLOB(const char *type,
761 const void *data, size_t data_len)
763 const unsigned char *datap = data;
764 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
765 int ok = TEST_ptr(pkey);
771 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
773 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
774 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
775 "MSBLOB", NULL, NULL, NULL,
776 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
777 test_mem, check_public_MSBLOB, dump_der, 0);
780 #define KEYS(KEYTYPE) \
781 static EVP_PKEY *key_##KEYTYPE = NULL
782 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
784 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
785 #define FREE_KEYS(KEYTYPE) \
786 EVP_PKEY_free(key_##KEYTYPE); \
788 #define DOMAIN_KEYS(KEYTYPE) \
789 static EVP_PKEY *template_##KEYTYPE = NULL; \
790 static EVP_PKEY *key_##KEYTYPE = NULL
791 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
793 && TEST_ptr(template_##KEYTYPE = \
794 make_template(KEYTYPEstr, params)) \
795 && TEST_ptr(key_##KEYTYPE = \
796 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
797 #define FREE_DOMAIN_KEYS(KEYTYPE) \
798 EVP_PKEY_free(template_##KEYTYPE); \
799 EVP_PKEY_free(key_##KEYTYPE)
801 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
802 static int test_unprotected_##KEYTYPE##_via_DER(void) \
804 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
806 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
808 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
810 static int test_protected_##KEYTYPE##_via_DER(void) \
812 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
814 static int test_protected_##KEYTYPE##_via_PEM(void) \
816 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
818 static int test_public_##KEYTYPE##_via_DER(void) \
820 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
822 static int test_public_##KEYTYPE##_via_PEM(void) \
824 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
827 #define ADD_TEST_SUITE(KEYTYPE) \
828 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
829 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
830 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
831 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
832 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
833 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
835 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
836 static int test_params_##KEYTYPE##_via_DER(void) \
838 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
840 static int test_params_##KEYTYPE##_via_PEM(void) \
842 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
845 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
846 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
847 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
849 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
850 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
853 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
855 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
858 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
861 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
862 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
863 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
865 #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
866 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
868 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
870 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
872 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
875 #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
876 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
877 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
879 #ifndef OPENSSL_NO_RC4
880 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
881 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
883 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
885 static int test_protected_##KEYTYPE##_via_PVK(void) \
887 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
890 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
891 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
892 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
894 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
895 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
897 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
900 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
901 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
904 #ifndef OPENSSL_NO_DH
906 IMPLEMENT_TEST_SUITE(DH, "DH")
907 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
909 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
910 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
912 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
913 * so no legacy tests.
916 #ifndef OPENSSL_NO_DSA
918 IMPLEMENT_TEST_SUITE(DSA, "DSA")
919 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
920 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
921 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
922 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
924 #ifndef OPENSSL_NO_EC
926 IMPLEMENT_TEST_SUITE(EC, "EC")
927 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
928 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
929 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
930 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
931 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
932 DOMAIN_KEYS(ECExplicitPrime2G);
933 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
934 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
935 # ifndef OPENSSL_NO_EC2M
936 DOMAIN_KEYS(ECExplicitTriNamedCurve);
937 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
938 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
939 DOMAIN_KEYS(ECExplicitTri2G);
940 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
941 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
944 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
946 IMPLEMENT_TEST_SUITE(ED448, "ED448")
948 IMPLEMENT_TEST_SUITE(X25519, "X25519")
950 IMPLEMENT_TEST_SUITE(X448, "X448")
952 * ED25519, ED448, X25519 and X448 have no support for
953 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
957 IMPLEMENT_TEST_SUITE(RSA, "RSA")
958 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
960 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
962 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
963 * so no legacy tests.
965 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
966 IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
968 #ifndef OPENSSL_NO_EC
969 /* Explicit parameters that match a named curve */
970 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
971 const unsigned char *gen,
974 BIGNUM *a, *b, *prime, *order;
976 /* Curve prime256v1 */
977 static const unsigned char prime_data[] = {
978 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
979 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
980 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
981 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
984 static const unsigned char a_data[] = {
985 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
986 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
987 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
988 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
991 static const unsigned char b_data[] = {
992 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
993 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
994 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
995 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
997 static const unsigned char seed[] = {
998 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
999 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1000 0x81, 0x9f, 0x7e, 0x90
1002 static const unsigned char order_data[] = {
1003 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1004 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1005 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1006 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1008 return TEST_ptr(a = BN_CTX_get(bnctx))
1009 && TEST_ptr(b = BN_CTX_get(bnctx))
1010 && TEST_ptr(prime = BN_CTX_get(bnctx))
1011 && TEST_ptr(order = BN_CTX_get(bnctx))
1012 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1013 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1014 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1015 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1016 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1017 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1019 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1020 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1021 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1022 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1023 OSSL_PKEY_PARAM_EC_ORDER, order))
1024 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1025 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1026 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1027 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1028 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1032 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1034 static const unsigned char prime256v1_gen[] = {
1036 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1037 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1038 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1039 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1040 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1041 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1042 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1043 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1045 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1046 sizeof(prime256v1_gen));
1049 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1052 static const unsigned char prime256v1_gen2[] = {
1054 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1055 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1056 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1057 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1058 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1059 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1060 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1061 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1063 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1064 sizeof(prime256v1_gen2));
1067 # ifndef OPENSSL_NO_EC2M
1068 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1069 const unsigned char *gen,
1072 BIGNUM *a, *b, *poly, *order, *cofactor;
1073 /* sect233k1 characteristic-two-field tpBasis */
1074 static const unsigned char poly_data[] = {
1075 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1076 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1077 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1079 static const unsigned char a_data[] = {
1080 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1081 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1082 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1084 static const unsigned char b_data[] = {
1085 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1086 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1087 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1089 static const unsigned char order_data[] = {
1090 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1091 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1092 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1094 static const unsigned char cofactor_data[]= {
1097 return TEST_ptr(a = BN_CTX_get(bnctx))
1098 && TEST_ptr(b = BN_CTX_get(bnctx))
1099 && TEST_ptr(poly = BN_CTX_get(bnctx))
1100 && TEST_ptr(order = BN_CTX_get(bnctx))
1101 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1102 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1103 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1104 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1105 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1106 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1107 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1108 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1109 SN_X9_62_characteristic_two_field, 0))
1110 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1111 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1112 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1113 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1114 OSSL_PKEY_PARAM_EC_ORDER, order))
1115 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1116 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1117 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1121 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1123 static const unsigned char gen[] = {
1125 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1126 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1127 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1128 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1129 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1130 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1132 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1135 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1137 static const unsigned char gen2[] = {
1139 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1140 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1141 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1142 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1143 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1144 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1146 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1148 # endif /* OPENSSL_NO_EC2M */
1149 #endif /* OPENSSL_NO_EC */
1151 int setup_tests(void)
1155 #ifndef OPENSSL_NO_DSA
1156 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1157 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1158 OSSL_PARAM DSA_params[] = {
1159 OSSL_PARAM_size_t("pbits", &pbits),
1160 OSSL_PARAM_size_t("qbits", &qbits),
1165 #ifndef OPENSSL_NO_EC
1166 static char groupname[] = "prime256v1";
1167 OSSL_PARAM EC_params[] = {
1168 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1173 /* 7 is the default magic number */
1174 static unsigned int rsapss_min_saltlen = 7;
1175 OSSL_PARAM RSA_PSS_params[] = {
1176 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
1180 #ifndef OPENSSL_NO_EC
1181 if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
1182 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1183 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1184 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1185 || !create_ec_explicit_prime_params(bld_prime)
1186 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1187 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1188 # ifndef OPENSSL_NO_EC2M
1189 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1190 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1191 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1192 || !create_ec_explicit_trinomial_params(bld_tri)
1193 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1194 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1200 TEST_info("Generating keys...");
1202 #ifndef OPENSSL_NO_DH
1203 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1204 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1205 TEST_info("Generating keys...DH done");
1207 #ifndef OPENSSL_NO_DSA
1208 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1209 TEST_info("Generating keys...DSA done");
1211 #ifndef OPENSSL_NO_EC
1212 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1213 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1214 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1215 # ifndef OPENSSL_NO_EC2M
1216 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1217 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1219 MAKE_KEYS(ED25519, "ED25519", NULL);
1220 MAKE_KEYS(ED448, "ED448", NULL);
1221 MAKE_KEYS(X25519, "X25519", NULL);
1222 MAKE_KEYS(X448, "X448", NULL);
1223 TEST_info("Generating keys...EC done");
1225 MAKE_KEYS(RSA, "RSA", NULL);
1226 TEST_info("Generating keys...RSA done");
1227 MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1228 TEST_info("Generating keys...RSA_PSS done");
1231 #ifndef OPENSSL_NO_DH
1233 ADD_TEST_SUITE_PARAMS(DH);
1234 ADD_TEST_SUITE(DHX);
1235 ADD_TEST_SUITE_PARAMS(DHX);
1237 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1238 * so no legacy tests.
1241 #ifndef OPENSSL_NO_DSA
1242 ADD_TEST_SUITE(DSA);
1243 ADD_TEST_SUITE_PARAMS(DSA);
1244 ADD_TEST_SUITE_LEGACY(DSA);
1245 ADD_TEST_SUITE_MSBLOB(DSA);
1246 ADD_TEST_SUITE_PVK(DSA);
1248 #ifndef OPENSSL_NO_EC
1250 ADD_TEST_SUITE_PARAMS(EC);
1251 ADD_TEST_SUITE_LEGACY(EC);
1252 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1253 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1254 ADD_TEST_SUITE(ECExplicitPrime2G);
1255 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1256 # ifndef OPENSSL_NO_EC2M
1257 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1258 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1259 ADD_TEST_SUITE(ECExplicitTri2G);
1260 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1262 ADD_TEST_SUITE(ED25519);
1263 ADD_TEST_SUITE(ED448);
1264 ADD_TEST_SUITE(X25519);
1265 ADD_TEST_SUITE(X448);
1267 * ED25519, ED448, X25519 and X448 have no support for
1268 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1271 ADD_TEST_SUITE(RSA);
1272 ADD_TEST_SUITE_LEGACY(RSA);
1273 ADD_TEST_SUITE(RSA_PSS);
1275 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1276 * so no legacy tests.
1278 ADD_TEST_SUITE_MSBLOB(RSA);
1279 ADD_TEST_SUITE_PVK(RSA);
1285 void cleanup_tests(void)
1287 #ifndef OPENSSL_NO_EC
1288 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1289 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1290 OSSL_PARAM_BLD_free(bld_prime_nc);
1291 OSSL_PARAM_BLD_free(bld_prime);
1292 # ifndef OPENSSL_NO_EC2M
1293 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1294 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1295 OSSL_PARAM_BLD_free(bld_tri_nc);
1296 OSSL_PARAM_BLD_free(bld_tri);
1299 #endif /* OPENSSL_NO_EC */
1301 #ifndef OPENSSL_NO_DH
1302 FREE_DOMAIN_KEYS(DH);
1303 FREE_DOMAIN_KEYS(DHX);
1305 #ifndef OPENSSL_NO_DSA
1306 FREE_DOMAIN_KEYS(DSA);
1308 #ifndef OPENSSL_NO_EC
1309 FREE_DOMAIN_KEYS(EC);
1310 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1311 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1312 # ifndef OPENSSL_NO_EC2M
1313 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1314 FREE_DOMAIN_KEYS(ECExplicitTri2G);
projects / openssl.git / blob