2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
25 #include "helpers/predefined_dhparams.h"
29 static BN_CTX *bnctx = NULL;
30 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
31 static OSSL_PARAM_BLD *bld_prime = NULL;
32 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
33 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
35 # ifndef OPENSSL_NO_EC2M
36 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
37 static OSSL_PARAM_BLD *bld_tri = NULL;
38 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
39 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
43 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) \
44 || !defined(OPENSSL_NO_EC)
45 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
47 EVP_PKEY *pkey = NULL;
48 EVP_PKEY_CTX *ctx = NULL;
50 # ifndef OPENSSL_NO_DH
52 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
53 * for testing only. Use a minimum key size of 2048 for security purposes.
55 if (strcmp(type, "DH") == 0)
56 return get_dh512(NULL);
57 if (strcmp(type, "X9.42 DH") == 0)
58 return get_dhx512(NULL);
62 * No real need to check the errors other than for the cascade
63 * effect. |pkey| will simply remain NULL if something goes wrong.
65 (void)((ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL)) != NULL
66 && EVP_PKEY_paramgen_init(ctx) > 0
68 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
69 && EVP_PKEY_gen(ctx, &pkey) > 0);
70 EVP_PKEY_CTX_free(ctx);
76 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
77 OSSL_PARAM *genparams)
79 EVP_PKEY *pkey = NULL;
82 ? EVP_PKEY_CTX_new(template, NULL)
83 : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
86 * No real need to check the errors other than for the cascade
87 * effect. |pkey| will simply remain NULL if something goes wrong.
90 && EVP_PKEY_keygen_init(ctx) > 0
92 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
93 && EVP_PKEY_keygen(ctx, &pkey) > 0);
94 EVP_PKEY_CTX_free(ctx);
98 /* Main test driver */
101 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
102 * and __LINE__ as first two arguments, and have them use the lower case
103 * functions, such as test_strn_eq(), rather than the uppercase macros
104 * (TEST_strn2_eq(), for example).
107 typedef int (encoder)(void **encoded, long *encoded_len,
108 void *object, int selection,
109 const char *output_type, const char *output_structure,
110 const char *pass, const char *pcipher);
111 typedef int (decoder)(void **object, void *encoded, long encoded_len,
112 const char *keytype, const char *input_type,
113 int selection, const char *pass);
114 typedef int (tester)(const void *data1, size_t data1_len,
115 const void *data2, size_t data2_len);
116 typedef int (checker)(const char *type, const void *data, size_t data_len);
117 typedef void (dumper)(const char *label, const void *data, size_t data_len);
119 #define FLAG_DECODE_WITH_TYPE 0x0001
121 static int test_encode_decode(const char *type, EVP_PKEY *pkey,
122 int selection, const char *output_type,
123 const char *output_structure,
124 const char *pass, const char *pcipher,
125 encoder *encode_cb, decoder *decode_cb,
126 tester *test_cb, checker *check_cb,
127 dumper *dump_cb, int flags)
129 void *encoded = NULL;
130 long encoded_len = 0;
131 EVP_PKEY *pkey2 = NULL;
132 void *encoded2 = NULL;
133 long encoded2_len = 0;
137 * Encode |pkey|, decode the result into |pkey2|, and finish off by
138 * encoding |pkey2| as well. That last encoding is for checking and
141 if (!TEST_true(encode_cb(&encoded, &encoded_len, pkey, selection,
142 output_type, output_structure, pass, pcipher))
143 || !TEST_true(check_cb(type, encoded, encoded_len))
144 || !TEST_true(decode_cb((void **)&pkey2, encoded, encoded_len,
145 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
146 output_type, selection, pass))
147 || !TEST_true(encode_cb(&encoded2, &encoded2_len, pkey2, selection,
148 output_type, output_structure, pass, pcipher)))
151 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
152 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
155 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
160 * Double check the encoding, but only for unprotected keys,
161 * as protected keys have a random component, which makes the output
164 if ((pass == NULL && pcipher == NULL)
165 && !test_cb(encoded, encoded_len, encoded2, encoded2_len))
171 if (encoded != NULL && encoded_len != 0)
172 dump_cb("|pkey| encoded", encoded, encoded_len);
173 if (encoded2 != NULL && encoded2_len != 0)
174 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
177 OPENSSL_free(encoded);
178 OPENSSL_free(encoded2);
179 EVP_PKEY_free(pkey2);
183 /* Encoding and decoding methods */
185 static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
186 void *object, int selection,
187 const char *output_type,
188 const char *output_structure,
189 const char *pass, const char *pcipher)
191 EVP_PKEY *pkey = object;
192 OSSL_ENCODER_CTX *ectx = NULL;
194 BUF_MEM *mem_buf = NULL;
195 const unsigned char *upass = (const unsigned char *)pass;
198 if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection,
202 || !TEST_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
204 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
207 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
208 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
209 || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
210 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
211 || !TEST_ptr(*encoded = mem_buf->data)
212 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
215 /* Detach the encoded output */
216 mem_buf->data = NULL;
221 OSSL_ENCODER_CTX_free(ectx);
225 static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len,
226 const char *keytype, const char *input_type,
227 int selection, const char *pass)
229 EVP_PKEY *pkey = NULL, *testpkey = NULL;
230 OSSL_DECODER_CTX *dctx = NULL;
231 BIO *encoded_bio = NULL;
232 const unsigned char *upass = (const unsigned char *)pass;
237 if (strcmp(input_type, "DER") == 0)
242 if (!TEST_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
246 * We attempt the decode 3 times. The first time we provide the expected
247 * starting input type. The second time we provide NULL for the starting
248 * type. The third time we provide a bad starting input type.
249 * The bad starting input type should fail. The other two should succeed
250 * and produce the same result.
252 for (i = 0; i < 3; i++) {
253 const char *testtype = (i == 0) ? input_type
254 : ((i == 1) ? NULL : badtype);
256 if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey,
263 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
264 || !TEST_int_gt(BIO_reset(encoded_bio), 0)
265 /* We expect to fail when using a bad input type */
266 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
269 OSSL_DECODER_CTX_free(dctx);
276 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
277 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
280 if (!TEST_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
291 EVP_PKEY_free(testpkey);
292 BIO_free(encoded_bio);
293 OSSL_DECODER_CTX_free(dctx);
297 static int encode_EVP_PKEY_legacy_PEM(void **encoded, long *encoded_len,
298 void *object, ossl_unused int selection,
299 ossl_unused const char *output_type,
300 ossl_unused const char *output_structure,
301 const char *pass, const char *pcipher)
303 EVP_PKEY *pkey = object;
304 EVP_CIPHER *cipher = NULL;
306 BUF_MEM *mem_buf = NULL;
307 const unsigned char *upass = (const unsigned char *)pass;
311 if (pcipher != NULL && pass != NULL) {
312 passlen = strlen(pass);
313 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
316 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
317 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
321 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
322 || !TEST_ptr(*encoded = mem_buf->data)
323 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
326 /* Detach the encoded output */
327 mem_buf->data = NULL;
332 EVP_CIPHER_free(cipher);
336 #ifndef OPENSSL_NO_DSA
337 static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
338 void *object, int selection,
339 ossl_unused const char *output_type,
340 ossl_unused const char *output_structure,
341 ossl_unused const char *pass,
342 ossl_unused const char *pcipher)
344 EVP_PKEY *pkey = object;
346 BUF_MEM *mem_buf = NULL;
349 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem())))
352 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
353 if (!TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
356 if (!TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
360 if (!TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
361 || !TEST_ptr(*encoded = mem_buf->data)
362 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
365 /* Detach the encoded output */
366 mem_buf->data = NULL;
374 # ifndef OPENSSL_NO_RC4
375 static pem_password_cb pass_pw;
376 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
378 OPENSSL_strlcpy(buf, userdata, size);
379 return strlen(userdata);
382 static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
383 void *object, int selection,
384 ossl_unused const char *output_type,
385 ossl_unused const char *output_structure,
387 ossl_unused const char *pcipher)
389 EVP_PKEY *pkey = object;
391 BUF_MEM *mem_buf = NULL;
392 int enc = (pass != NULL);
395 if (!TEST_true(ossl_assert((selection
396 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
397 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
398 || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
399 pass_pw, (void *)pass), 0)
400 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
401 || !TEST_ptr(*encoded = mem_buf->data)
402 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
405 /* Detach the encoded output */
406 mem_buf->data = NULL;
416 static int test_text(const void *data1, size_t data1_len,
417 const void *data2, size_t data2_len)
419 return TEST_strn2_eq(data1, data1_len, data2, data2_len);
422 static int test_mem(const void *data1, size_t data1_len,
423 const void *data2, size_t data2_len)
425 return TEST_mem_eq(data1, data1_len, data2, data2_len);
428 /* Test cases and their dumpers / checkers */
430 static void collect_name(const char *name, void *arg)
432 char **namelist = arg;
436 space = strlen(name);
437 if (*namelist != NULL)
438 space += strlen(*namelist) + 2 /* for comma and space */;
439 space++; /* for terminating null byte */
441 new_namelist = OPENSSL_realloc(*namelist, space);
442 if (new_namelist == NULL)
444 if (*namelist != NULL) {
445 strcat(new_namelist, ", ");
446 strcat(new_namelist, name);
448 strcpy(new_namelist, name);
450 *namelist = new_namelist;
453 static void dump_der(const char *label, const void *data, size_t data_len)
455 test_output_memory(label, data, data_len);
458 static void dump_pem(const char *label, const void *data, size_t data_len)
460 test_output_string(label, data, data_len - 1);
463 static int check_unprotected_PKCS8_DER(const char *type,
464 const void *data, size_t data_len)
466 const unsigned char *datap = data;
467 PKCS8_PRIV_KEY_INFO *p8inf =
468 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
471 if (TEST_ptr(p8inf)) {
472 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
473 char *namelist = NULL;
475 if (TEST_ptr(pkey)) {
476 if (!(ok = TEST_true(EVP_PKEY_is_a(pkey, type)))) {
477 EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist);
478 if (namelist != NULL)
479 TEST_note("%s isn't any of %s", type, namelist);
480 OPENSSL_free(namelist);
485 PKCS8_PRIV_KEY_INFO_free(p8inf);
489 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
491 return test_encode_decode(type, key,
492 OSSL_KEYMGMT_SELECT_KEYPAIR
493 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
494 "DER", "pkcs8", NULL, NULL,
495 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
496 test_mem, check_unprotected_PKCS8_DER,
500 static int check_unprotected_PKCS8_PEM(const char *type,
501 const void *data, size_t data_len)
503 static const char expected_pem_header[] =
504 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
506 return TEST_strn_eq(data, expected_pem_header,
507 sizeof(expected_pem_header) - 1);
510 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
512 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_KEYPAIR
513 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
514 "PEM", "pkcs8", NULL, NULL,
515 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
516 test_text, check_unprotected_PKCS8_PEM,
520 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) \
521 || !defined(OPENSSL_NO_EC)
522 static int check_params_DER(const char *type, const void *data, size_t data_len)
524 const unsigned char *datap = data;
526 int itype = NID_undef;
527 EVP_PKEY *pkey = NULL;
529 if (strcmp(type, "DH") == 0)
531 else if (strcmp(type, "X9.42 DH") == 0)
532 itype = EVP_PKEY_DHX;
533 else if (strcmp(type, "DSA") == 0)
534 itype = EVP_PKEY_DSA;
535 else if (strcmp(type, "EC") == 0)
538 if (itype != NID_undef) {
539 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
547 static int check_params_PEM(const char *type,
548 const void *data, size_t data_len)
550 static char expected_pem_header[80];
553 TEST_int_gt(BIO_snprintf(expected_pem_header,
554 sizeof(expected_pem_header),
555 "-----BEGIN %s PARAMETERS-----", type), 0)
556 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
559 static int test_params_via_DER(const char *type, EVP_PKEY *key)
561 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
562 "DER", "type-specific", NULL, NULL,
563 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
564 test_mem, check_params_DER,
565 dump_der, FLAG_DECODE_WITH_TYPE);
568 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
570 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
571 "PEM", "type-specific", NULL, NULL,
572 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
573 test_text, check_params_PEM,
576 #endif /* ndef(OPENSSL_NO_DH) || ndef(OPENSSL_NO_DSA) || ndef(OPENSSL_NO_EC) */
578 static int check_unprotected_legacy_PEM(const char *type,
579 const void *data, size_t data_len)
581 static char expected_pem_header[80];
584 TEST_int_gt(BIO_snprintf(expected_pem_header,
585 sizeof(expected_pem_header),
586 "-----BEGIN %s PRIVATE KEY-----", type), 0)
587 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
590 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
592 return test_encode_decode(type, key,
593 OSSL_KEYMGMT_SELECT_KEYPAIR
594 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
595 "PEM", "type-specific", NULL, NULL,
596 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
597 test_text, check_unprotected_legacy_PEM,
601 #ifndef OPENSSL_NO_DSA
602 static int check_MSBLOB(const char *type, const void *data, size_t data_len)
604 const unsigned char *datap = data;
605 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
606 int ok = TEST_ptr(pkey);
612 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
614 return test_encode_decode(type, key,
615 OSSL_KEYMGMT_SELECT_KEYPAIR
616 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
617 "MSBLOB", NULL, NULL, NULL,
618 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
619 test_mem, check_MSBLOB,
623 # ifndef OPENSSL_NO_RC4
624 static int check_PVK(const char *type, const void *data, size_t data_len)
626 const unsigned char *in = data;
627 unsigned int saltlen = 0, keylen = 0;
628 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
633 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
635 return test_encode_decode(type, key,
636 OSSL_KEYMGMT_SELECT_KEYPAIR
637 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
638 "PVK", NULL, NULL, NULL,
639 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
646 static const char *pass_cipher = "AES-256-CBC";
647 static const char *pass = "the holy handgrenade of antioch";
649 static int check_protected_PKCS8_DER(const char *type,
650 const void *data, size_t data_len)
652 const unsigned char *datap = data;
653 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
654 int ok = TEST_ptr(p8);
660 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
662 return test_encode_decode(type, key,
663 OSSL_KEYMGMT_SELECT_KEYPAIR
664 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
665 "DER", "pkcs8", pass, pass_cipher,
666 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
667 test_mem, check_protected_PKCS8_DER,
671 static int check_protected_PKCS8_PEM(const char *type,
672 const void *data, size_t data_len)
674 static const char expected_pem_header[] =
675 "-----BEGIN " PEM_STRING_PKCS8 "-----";
677 return TEST_strn_eq(data, expected_pem_header,
678 sizeof(expected_pem_header) - 1);
681 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
683 return test_encode_decode(type, key,
684 OSSL_KEYMGMT_SELECT_KEYPAIR
685 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
686 "PEM", "pkcs8", pass, pass_cipher,
687 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
688 test_text, check_protected_PKCS8_PEM,
692 static int check_protected_legacy_PEM(const char *type,
693 const void *data, size_t data_len)
695 static char expected_pem_header[80];
698 TEST_int_gt(BIO_snprintf(expected_pem_header,
699 sizeof(expected_pem_header),
700 "-----BEGIN %s PRIVATE KEY-----", type), 0)
701 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
702 && TEST_ptr(strstr(data, "\nDEK-Info: "));
705 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
707 return test_encode_decode(type, key,
708 OSSL_KEYMGMT_SELECT_KEYPAIR
709 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
710 "PEM", "type-specific", pass, pass_cipher,
711 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
712 test_text, check_protected_legacy_PEM,
716 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
717 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
719 return test_encode_decode(type, key,
720 OSSL_KEYMGMT_SELECT_KEYPAIR
721 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
722 "PVK", NULL, pass, NULL,
723 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
724 test_mem, check_PVK, dump_der, 0);
728 static int check_public_DER(const char *type, const void *data, size_t data_len)
730 const unsigned char *datap = data;
731 EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
732 int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
738 static int test_public_via_DER(const char *type, EVP_PKEY *key)
740 return test_encode_decode(type, key,
741 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
742 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
743 "DER", "SubjectPublicKeyInfo", NULL, NULL,
744 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
745 test_mem, check_public_DER, dump_der, 0);
748 static int check_public_PEM(const char *type, const void *data, size_t data_len)
750 static const char expected_pem_header[] =
751 "-----BEGIN " PEM_STRING_PUBLIC "-----";
754 TEST_strn_eq(data, expected_pem_header,
755 sizeof(expected_pem_header) - 1);
758 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
760 return test_encode_decode(type, key,
761 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
762 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
763 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
764 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
765 test_text, check_public_PEM, dump_pem, 0);
768 #ifndef OPENSSL_NO_DSA
769 static int check_public_MSBLOB(const char *type,
770 const void *data, size_t data_len)
772 const unsigned char *datap = data;
773 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
774 int ok = TEST_ptr(pkey);
780 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
782 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
783 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
784 "MSBLOB", NULL, NULL, NULL,
785 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
786 test_mem, check_public_MSBLOB, dump_der, 0);
790 #define KEYS(KEYTYPE) \
791 static EVP_PKEY *key_##KEYTYPE = NULL
792 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
794 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
795 #define FREE_KEYS(KEYTYPE) \
796 EVP_PKEY_free(key_##KEYTYPE); \
798 #define DOMAIN_KEYS(KEYTYPE) \
799 static EVP_PKEY *template_##KEYTYPE = NULL; \
800 static EVP_PKEY *key_##KEYTYPE = NULL
801 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
803 && TEST_ptr(template_##KEYTYPE = \
804 make_template(KEYTYPEstr, params)) \
805 && TEST_ptr(key_##KEYTYPE = \
806 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
807 #define FREE_DOMAIN_KEYS(KEYTYPE) \
808 EVP_PKEY_free(template_##KEYTYPE); \
809 EVP_PKEY_free(key_##KEYTYPE)
811 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
812 static int test_unprotected_##KEYTYPE##_via_DER(void) \
814 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
816 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
818 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
820 static int test_protected_##KEYTYPE##_via_DER(void) \
822 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
824 static int test_protected_##KEYTYPE##_via_PEM(void) \
826 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
828 static int test_public_##KEYTYPE##_via_DER(void) \
830 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
832 static int test_public_##KEYTYPE##_via_PEM(void) \
834 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
837 #define ADD_TEST_SUITE(KEYTYPE) \
838 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
839 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
840 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
841 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
842 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
843 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
845 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
846 static int test_params_##KEYTYPE##_via_DER(void) \
848 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
850 static int test_params_##KEYTYPE##_via_PEM(void) \
852 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
855 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
856 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
857 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
859 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
860 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
863 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
865 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
868 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
871 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
872 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
873 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
875 #ifndef OPENSSL_NO_DSA
876 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
877 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
879 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
881 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
883 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
886 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
887 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
888 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
890 # ifndef OPENSSL_NO_RC4
891 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
892 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
894 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
896 static int test_protected_##KEYTYPE##_via_PVK(void) \
898 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
901 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
902 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
903 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
907 #ifndef OPENSSL_NO_DH
909 IMPLEMENT_TEST_SUITE(DH, "DH")
910 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
912 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
913 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
915 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
916 * so no legacy tests.
919 #ifndef OPENSSL_NO_DSA
921 IMPLEMENT_TEST_SUITE(DSA, "DSA")
922 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
923 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
924 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
925 # ifndef OPENSSL_NO_RC4
926 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
929 #ifndef OPENSSL_NO_EC
931 IMPLEMENT_TEST_SUITE(EC, "EC")
932 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
933 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
934 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
935 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
936 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
937 DOMAIN_KEYS(ECExplicitPrime2G);
938 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
939 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
940 # ifndef OPENSSL_NO_EC2M
941 DOMAIN_KEYS(ECExplicitTriNamedCurve);
942 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
943 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
944 DOMAIN_KEYS(ECExplicitTri2G);
945 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
946 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
949 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
951 IMPLEMENT_TEST_SUITE(ED448, "ED448")
953 IMPLEMENT_TEST_SUITE(X25519, "X25519")
955 IMPLEMENT_TEST_SUITE(X448, "X448")
957 * ED25519, ED448, X25519 and X448 have no support for
958 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
962 IMPLEMENT_TEST_SUITE(RSA, "RSA")
963 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
965 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
967 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
968 * so no legacy tests.
970 #ifndef OPENSSL_NO_DSA
971 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
972 # ifndef OPENSSL_NO_RC4
973 IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
977 #ifndef OPENSSL_NO_EC
978 /* Explicit parameters that match a named curve */
979 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
980 const unsigned char *gen,
983 BIGNUM *a, *b, *prime, *order;
985 /* Curve prime256v1 */
986 static const unsigned char prime_data[] = {
987 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
988 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
989 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
990 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
993 static const unsigned char a_data[] = {
994 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
995 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
996 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
997 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1000 static const unsigned char b_data[] = {
1001 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1002 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1003 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1004 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1006 static const unsigned char seed[] = {
1007 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1008 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1009 0x81, 0x9f, 0x7e, 0x90
1011 static const unsigned char order_data[] = {
1012 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1013 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1014 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1015 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1017 return TEST_ptr(a = BN_CTX_get(bnctx))
1018 && TEST_ptr(b = BN_CTX_get(bnctx))
1019 && TEST_ptr(prime = BN_CTX_get(bnctx))
1020 && TEST_ptr(order = BN_CTX_get(bnctx))
1021 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1022 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1023 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1024 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1025 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1026 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1028 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1029 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1030 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1031 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1032 OSSL_PKEY_PARAM_EC_ORDER, order))
1033 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1034 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1035 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1036 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1037 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1041 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1043 static const unsigned char prime256v1_gen[] = {
1045 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1046 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1047 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1048 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1049 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1050 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1051 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1052 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1054 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1055 sizeof(prime256v1_gen));
1058 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1061 static const unsigned char prime256v1_gen2[] = {
1063 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1064 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1065 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1066 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1067 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1068 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1069 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1070 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1072 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1073 sizeof(prime256v1_gen2));
1076 # ifndef OPENSSL_NO_EC2M
1077 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1078 const unsigned char *gen,
1081 BIGNUM *a, *b, *poly, *order, *cofactor;
1082 /* sect233k1 characteristic-two-field tpBasis */
1083 static const unsigned char poly_data[] = {
1084 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1085 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1086 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1088 static const unsigned char a_data[] = {
1089 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1090 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1091 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1093 static const unsigned char b_data[] = {
1094 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1095 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1096 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1098 static const unsigned char order_data[] = {
1099 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1100 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1101 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1103 static const unsigned char cofactor_data[]= {
1106 return TEST_ptr(a = BN_CTX_get(bnctx))
1107 && TEST_ptr(b = BN_CTX_get(bnctx))
1108 && TEST_ptr(poly = BN_CTX_get(bnctx))
1109 && TEST_ptr(order = BN_CTX_get(bnctx))
1110 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1111 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1112 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1113 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1114 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1115 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1116 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1117 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1118 SN_X9_62_characteristic_two_field, 0))
1119 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1120 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1121 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1122 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1123 OSSL_PKEY_PARAM_EC_ORDER, order))
1124 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1125 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1126 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1130 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1132 static const unsigned char gen[] = {
1134 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1135 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1136 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1137 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1138 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1139 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1141 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1144 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1146 static const unsigned char gen2[] = {
1148 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1149 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1150 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1151 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1152 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1153 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1155 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1157 # endif /* OPENSSL_NO_EC2M */
1158 #endif /* OPENSSL_NO_EC */
1160 int setup_tests(void)
1164 #ifndef OPENSSL_NO_DSA
1165 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1166 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1167 OSSL_PARAM DSA_params[] = {
1168 OSSL_PARAM_size_t("pbits", &pbits),
1169 OSSL_PARAM_size_t("qbits", &qbits),
1174 #ifndef OPENSSL_NO_EC
1175 static char groupname[] = "prime256v1";
1176 OSSL_PARAM EC_params[] = {
1177 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1182 /* 7 is the default magic number */
1183 static unsigned int rsapss_min_saltlen = 7;
1184 OSSL_PARAM RSA_PSS_params[] = {
1185 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
1189 #ifndef OPENSSL_NO_EC
1190 if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
1191 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1192 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1193 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1194 || !create_ec_explicit_prime_params(bld_prime)
1195 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1196 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1197 # ifndef OPENSSL_NO_EC2M
1198 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1199 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1200 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1201 || !create_ec_explicit_trinomial_params(bld_tri)
1202 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1203 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1209 TEST_info("Generating keys...");
1211 #ifndef OPENSSL_NO_DH
1212 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1213 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1214 TEST_info("Generating keys...DH done");
1216 #ifndef OPENSSL_NO_DSA
1217 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1218 TEST_info("Generating keys...DSA done");
1220 #ifndef OPENSSL_NO_EC
1221 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1222 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1223 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1224 # ifndef OPENSSL_NO_EC2M
1225 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1226 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1228 MAKE_KEYS(ED25519, "ED25519", NULL);
1229 MAKE_KEYS(ED448, "ED448", NULL);
1230 MAKE_KEYS(X25519, "X25519", NULL);
1231 MAKE_KEYS(X448, "X448", NULL);
1232 TEST_info("Generating keys...EC done");
1234 MAKE_KEYS(RSA, "RSA", NULL);
1235 TEST_info("Generating keys...RSA done");
1236 MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1237 TEST_info("Generating keys...RSA_PSS done");
1240 #ifndef OPENSSL_NO_DH
1242 ADD_TEST_SUITE_PARAMS(DH);
1243 ADD_TEST_SUITE(DHX);
1244 ADD_TEST_SUITE_PARAMS(DHX);
1246 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1247 * so no legacy tests.
1250 #ifndef OPENSSL_NO_DSA
1251 ADD_TEST_SUITE(DSA);
1252 ADD_TEST_SUITE_PARAMS(DSA);
1253 ADD_TEST_SUITE_LEGACY(DSA);
1254 ADD_TEST_SUITE_MSBLOB(DSA);
1255 # ifndef OPENSSL_NO_RC4
1256 ADD_TEST_SUITE_PVK(DSA);
1259 #ifndef OPENSSL_NO_EC
1261 ADD_TEST_SUITE_PARAMS(EC);
1262 ADD_TEST_SUITE_LEGACY(EC);
1263 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1264 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1265 ADD_TEST_SUITE(ECExplicitPrime2G);
1266 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1267 # ifndef OPENSSL_NO_EC2M
1268 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1269 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1270 ADD_TEST_SUITE(ECExplicitTri2G);
1271 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1273 ADD_TEST_SUITE(ED25519);
1274 ADD_TEST_SUITE(ED448);
1275 ADD_TEST_SUITE(X25519);
1276 ADD_TEST_SUITE(X448);
1278 * ED25519, ED448, X25519 and X448 have no support for
1279 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1282 ADD_TEST_SUITE(RSA);
1283 ADD_TEST_SUITE_LEGACY(RSA);
1284 ADD_TEST_SUITE(RSA_PSS);
1286 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1287 * so no legacy tests.
1289 #ifndef OPENSSL_NO_DSA
1290 ADD_TEST_SUITE_MSBLOB(RSA);
1291 # ifndef OPENSSL_NO_RC4
1292 ADD_TEST_SUITE_PVK(RSA);
1300 void cleanup_tests(void)
1302 #ifndef OPENSSL_NO_EC
1303 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1304 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1305 OSSL_PARAM_BLD_free(bld_prime_nc);
1306 OSSL_PARAM_BLD_free(bld_prime);
1307 # ifndef OPENSSL_NO_EC2M
1308 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1309 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1310 OSSL_PARAM_BLD_free(bld_tri_nc);
1311 OSSL_PARAM_BLD_free(bld_tri);
1314 #endif /* OPENSSL_NO_EC */
1316 #ifndef OPENSSL_NO_DH
1317 FREE_DOMAIN_KEYS(DH);
1318 FREE_DOMAIN_KEYS(DHX);
1320 #ifndef OPENSSL_NO_DSA
1321 FREE_DOMAIN_KEYS(DSA);
1323 #ifndef OPENSSL_NO_EC
1324 FREE_DOMAIN_KEYS(EC);
1325 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1326 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1327 # ifndef OPENSSL_NO_EC2M
1328 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1329 FREE_DOMAIN_KEYS(ECExplicitTri2G);