2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) x, sizeof(x)
12 #define ITM_STR(x) x, (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
22 /* used to store raw parameters for keys and algorithms */
23 typedef struct st_kat_param_st {
24 const char *name; /* an OSSL_PARAM name */
25 size_t type; /* the type associated with the data */
26 const void *data; /* unsigned char [], or char [] depending on the type */
27 size_t data_len; /* the length of the data */
30 typedef struct st_kat_st {
32 const char *algorithm;
33 const unsigned char *pt;
35 const unsigned char *expected;
39 typedef ST_KAT ST_KAT_DIGEST;
40 typedef struct st_kat_cipher_st {
42 const unsigned char *key;
44 const unsigned char *iv;
46 const unsigned char *aad;
48 const unsigned char *tag;
52 typedef struct st_kat_kdf_st {
54 const char *algorithm;
55 const ST_KAT_PARAM *params;
56 const unsigned char *expected;
60 typedef struct st_kat_drbg_st {
62 const char *algorithm;
63 const char *param_name;
65 const unsigned char *entropyin;
67 const unsigned char *nonce;
69 const unsigned char *persstr;
71 const unsigned char *entropyinpr1;
72 size_t entropyinpr1len;
73 const unsigned char *entropyinpr2;
74 size_t entropyinpr2len;
75 const unsigned char *entropyaddin1;
76 size_t entropyaddin1len;
77 const unsigned char *entropyaddin2;
78 size_t entropyaddin2len;
79 const unsigned char *expected;
83 typedef struct st_kat_kas_st {
85 const char *algorithm;
87 const ST_KAT_PARAM *key_group;
88 const ST_KAT_PARAM *key_host_data;
89 const ST_KAT_PARAM *key_peer_data;
91 const unsigned char *expected;
95 typedef struct st_kat_sign_st {
97 const char *algorithm;
98 const char *mdalgorithm;
99 const ST_KAT_PARAM *key;
100 const unsigned char *sig_expected; /* Set to NULL if this value changes */
101 size_t sig_expected_len;
104 /*- DIGEST TEST DATA */
105 static const unsigned char sha1_pt[] = "abc";
106 static const unsigned char sha1_digest[] = {
107 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
108 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
111 static const unsigned char sha512_pt[] = "abc";
112 static const unsigned char sha512_digest[] = {
113 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
114 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
115 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
116 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
117 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
118 0xA5, 0x4C, 0xA4, 0x9F
120 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
121 static const unsigned char sha3_256_digest[] = {
122 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
123 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
124 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
127 static const ST_KAT_DIGEST st_kat_digest_tests[] =
130 OSSL_SELF_TEST_DESC_MD_SHA1,
136 OSSL_SELF_TEST_DESC_MD_SHA2,
142 OSSL_SELF_TEST_DESC_MD_SHA3,
145 ITM(sha3_256_digest),
150 /*- CIPHER TEST DATA */
153 static const unsigned char des_ede3_cbc_pt[] = {
154 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
155 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
156 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
157 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
159 static const unsigned char des_ede3_cbc_key[] = {
160 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
161 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
162 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
164 static const unsigned char des_ede3_cbc_iv[] = {
165 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
167 static const unsigned char des_ede3_cbc_ct[] = {
168 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
169 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
170 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
171 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
174 /* AES-256 GCM test data */
175 static const unsigned char aes_256_gcm_key[] = {
176 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
177 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
178 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
179 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
181 static const unsigned char aes_256_gcm_iv[] = {
182 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
183 0xe9, 0x02, 0xf2, 0x1a
185 static const unsigned char aes_256_gcm_pt[] = {
186 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
187 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
189 static const unsigned char aes_256_gcm_aad[] = {
190 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
191 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
193 static const unsigned char aes_256_gcm_ct[] = {
194 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
195 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
197 static const unsigned char aes_256_gcm_tag[] = {
198 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
199 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
202 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
203 #ifndef OPENSSL_NO_DES
206 OSSL_SELF_TEST_DESC_CIPHER_TDES,
208 ITM(des_ede3_cbc_pt),
211 ITM(des_ede3_cbc_key),
212 ITM(des_ede3_cbc_iv),
217 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
222 ITM(aes_256_gcm_key),
224 ITM(aes_256_gcm_aad),
229 static const char hkdf_digest[] = "SHA256";
230 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
231 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
232 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
234 static const ST_KAT_PARAM hkdf_params[] = {
235 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
236 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
237 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
238 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
241 static const unsigned char hkdf_expected[] = {
242 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
246 static const char sskdf_digest[] = "SHA224";
247 static const unsigned char sskdf_secret[] = {
248 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
249 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
250 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
251 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
252 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
253 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
254 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
256 static const unsigned char sskdf_otherinfo[] = {
257 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
258 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
259 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
260 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
261 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
262 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
264 static const unsigned char sskdf_expected[] = {
265 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
266 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
268 static const ST_KAT_PARAM sskdf_params[] = {
269 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
270 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
271 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
275 static const ST_KAT_KDF st_kat_kdf_tests[] =
278 OSSL_SELF_TEST_DESC_KDF_HKDF,
284 OSSL_SELF_TEST_DESC_KDF_SSKDF,
292 * DRBG test vectors are a small subset of
293 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
294 * Using the folder drbgvectors_pr_true
295 * Generated for CAVS 14.3.
302 * [PredictionResistance = True]
303 * [EntropyInputLen = 256]
305 * [PersonalizationStringLen = 256]
306 * [AdditionalInputLen = 256]
307 * [ReturnedBitsLen = 1024]
311 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
312 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
313 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
314 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
316 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
317 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
318 0xf0, 0xe5, 0x07, 0x1f
320 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
321 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
322 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
323 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
325 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
326 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
327 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
328 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
330 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
331 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
332 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
333 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
335 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
336 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
337 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
338 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
340 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
341 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
342 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
343 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
345 static const unsigned char drbg_hash_sha256_pr_expected[] = {
346 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
347 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
348 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
349 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
350 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
351 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
352 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
353 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
354 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
355 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
356 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
363 * [PredictionResistance = True]
364 * [EntropyInputLen = 128]
366 * [PersonalizationStringLen = 128]
367 * [AdditionalInputLen = 128]
368 * [ReturnedBitsLen = 512]
372 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
373 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
374 0x43, 0xdf, 0xf8, 0x18
376 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
377 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
379 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
380 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
381 0x37, 0x3c, 0x5c, 0x0b
383 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
384 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
385 0xc4, 0x2c, 0xe8, 0x10
387 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
388 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
389 0x08, 0xf7, 0xa5, 0x01
391 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
392 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
393 0x23, 0x6d, 0xad, 0x1d
395 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
396 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
397 0xbc, 0x59, 0x31, 0x8c
399 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
400 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
401 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
402 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
403 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
404 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
405 0x23, 0xc5, 0x1f, 0x68
412 * [PredictionResistance = True]
413 * [EntropyInputLen = 128]
415 * [PersonalizationStringLen = 128]
416 * [AdditionalInputLen = 128]
417 * [ReturnedBitsLen = 640]
421 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
422 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
423 0x79, 0x9e, 0xe5, 0xd8
425 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
426 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
428 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
429 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
430 0xa9, 0x31, 0x3d, 0xd7
432 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
433 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
434 0x5f, 0x22, 0xc6, 0xa4
436 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
437 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
438 0x2d, 0x1a, 0xf7, 0xa6
440 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
441 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
442 0xc1, 0x8c, 0xd9, 0xd7
444 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
445 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
446 0xa1, 0x37, 0x12, 0x0c
448 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
449 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
450 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
451 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
452 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
453 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
454 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
455 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
458 static const ST_KAT_DRBG st_kat_drbg_tests[] =
461 OSSL_SELF_TEST_DESC_DRBG_HASH,
462 "HASH-DRBG", "digest", "SHA256",
463 ITM(drbg_hash_sha256_pr_entropyin),
464 ITM(drbg_hash_sha256_pr_nonce),
465 ITM(drbg_hash_sha256_pr_persstr),
466 ITM(drbg_hash_sha256_pr_entropyinpr0),
467 ITM(drbg_hash_sha256_pr_entropyinpr1),
468 ITM(drbg_hash_sha256_pr_addin0),
469 ITM(drbg_hash_sha256_pr_addin1),
470 ITM(drbg_hash_sha256_pr_expected)
473 OSSL_SELF_TEST_DESC_DRBG_CTR,
474 "CTR-DRBG", "cipher", "AES-128-CTR",
475 ITM(drbg_ctr_aes128_pr_df_entropyin),
476 ITM(drbg_ctr_aes128_pr_df_nonce),
477 ITM(drbg_ctr_aes128_pr_df_persstr),
478 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
479 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
480 ITM(drbg_ctr_aes128_pr_df_addin0),
481 ITM(drbg_ctr_aes128_pr_df_addin1),
482 ITM(drbg_ctr_aes128_pr_df_expected)
485 OSSL_SELF_TEST_DESC_DRBG_HMAC,
486 "HMAC-DRBG", "digest", "SHA1",
487 ITM(drbg_hmac_sha1_pr_entropyin),
488 ITM(drbg_hmac_sha1_pr_nonce),
489 ITM(drbg_hmac_sha1_pr_persstr),
490 ITM(drbg_hmac_sha1_pr_entropyinpr0),
491 ITM(drbg_hmac_sha1_pr_entropyinpr1),
492 ITM(drbg_hmac_sha1_pr_addin0),
493 ITM(drbg_hmac_sha1_pr_addin1),
494 ITM(drbg_hmac_sha1_pr_expected)
498 /* KEY EXCHANGE TEST DATA */
500 #ifndef OPENSSL_NO_DH
502 static const unsigned char dh_p[] = {
503 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
504 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
505 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
506 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
507 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
508 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
509 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
510 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
511 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
512 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
513 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
514 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
515 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
516 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
517 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
518 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
519 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
520 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
521 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
522 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
523 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
524 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
525 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
526 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
527 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
528 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
529 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
530 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
531 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
532 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
533 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
534 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
536 static const unsigned char dh_q[] = {
537 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
538 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
539 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
540 0x11, 0xac, 0xb5, 0x7d
542 static const unsigned char dh_g[] = {
543 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
544 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
545 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
546 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
547 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
548 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
549 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
550 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
551 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
552 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
553 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
554 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
555 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
556 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
557 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
558 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
559 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
560 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
561 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
562 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
563 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
564 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
565 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
566 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
567 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
568 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
569 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
570 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
571 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
572 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
573 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
574 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
576 static const unsigned char dh_priv[] = {
577 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
578 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
579 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
580 0x40, 0xb8, 0xfc, 0xe6
582 static const unsigned char dh_pub[] = {
583 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
584 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
585 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
586 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
587 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
588 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
589 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
590 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
591 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
592 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
593 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
594 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
595 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
596 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
597 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
598 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
599 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
600 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
601 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
602 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
603 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
604 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
605 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
606 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
607 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
608 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
609 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
610 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
611 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
612 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
613 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
614 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
616 static const unsigned char dh_peer_pub[] = {
617 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
618 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
619 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
620 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
621 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
622 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
623 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
624 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
625 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
626 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
627 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
628 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
629 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
630 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
631 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
632 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
633 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
634 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
635 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
636 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
637 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
638 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
639 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
640 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
641 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
642 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
643 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
644 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
645 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
646 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
647 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
648 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
651 static const unsigned char dh_secret_expected[] = {
652 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
653 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
654 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
655 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
656 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
657 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
658 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
659 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
660 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
661 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
662 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
663 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
664 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
665 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
666 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
667 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
668 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
669 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
670 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
671 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
672 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
673 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
674 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
675 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
676 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
677 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
678 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
679 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
680 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
681 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
682 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
683 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
686 static const ST_KAT_PARAM dh_group[] = {
687 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
688 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
689 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
693 /* The host's private key */
694 static const ST_KAT_PARAM dh_host_key[] = {
695 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
696 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
700 /* The peer's public key */
701 static const ST_KAT_PARAM dh_peer_key[] = {
702 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
705 #endif /* OPENSSL_NO_DH */
708 #ifndef OPENSSL_NO_EC
709 static const char ecdh_curve_name[] = "prime256v1";
710 static const unsigned char ecdh_privd[] = {
711 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
712 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
713 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
714 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
716 static const unsigned char ecdh_pub[] = {
718 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
719 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
720 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
721 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
722 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
723 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
724 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
725 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
727 static const unsigned char ecdh_peer_pub[] = {
729 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
730 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
731 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
732 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
733 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
734 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
735 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
736 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
739 static const ST_KAT_PARAM ecdh_group[] = {
740 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
743 static const ST_KAT_PARAM ecdh_host_key[] = {
744 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
745 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
748 static const ST_KAT_PARAM ecdh_peer_key[] = {
749 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
752 static const unsigned char ecdh_secret_expected[] = {
753 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
754 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
755 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
756 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
758 #endif /* OPENSSL_NO_EC */
760 static const ST_KAT_KAS st_kat_kas_tests[] =
762 #ifndef OPENSSL_NO_DH
764 OSSL_SELF_TEST_DESC_KA_DH,
769 ITM(dh_secret_expected)
771 #endif /* OPENSSL_NO_DH */
772 #ifndef OPENSSL_NO_EC
774 OSSL_SELF_TEST_DESC_KA_ECDH,
779 ITM(ecdh_secret_expected)
781 #endif /* OPENSSL_NO_EC */
784 #if !defined(OPENSSL_NO_RSA)
786 static const unsigned char rsa_n[] = {
787 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
788 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
789 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
790 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
791 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
792 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
793 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
794 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
795 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
796 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
797 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
798 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
799 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
800 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
801 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
802 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
803 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
804 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
805 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
806 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
807 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
808 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
809 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
810 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
811 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
812 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
813 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
814 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
815 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
816 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
817 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
818 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
820 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
821 static const unsigned char rsa_d[] = {
822 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
823 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
824 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
825 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
826 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
827 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
828 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
829 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
830 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
831 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
832 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
833 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
834 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
835 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
836 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
837 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
838 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
839 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
840 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
841 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
842 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
843 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
844 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
845 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
846 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
847 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
848 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
849 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
850 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
851 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
852 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
853 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
855 static const unsigned char rsa_p[] = {
856 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
857 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
858 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
859 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
860 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
861 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
862 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
863 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
864 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
865 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
866 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
867 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
868 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
869 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
870 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
871 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
873 static const unsigned char rsa_q[] = {
874 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
875 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
876 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
877 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
878 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
879 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
880 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
881 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
882 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
883 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
884 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
885 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
886 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
887 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
888 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
889 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
891 static const unsigned char rsa_dp[] = {
892 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
893 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
894 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
895 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
896 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
897 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
898 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
899 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
900 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
901 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
902 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
903 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
904 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
905 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
906 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
907 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
909 static const unsigned char rsa_dq[] = {
910 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
911 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
912 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
913 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
914 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
915 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
916 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
917 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
918 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
919 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
920 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
921 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
922 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
923 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
924 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
925 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
927 static const unsigned char rsa_qInv[] = {
928 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
929 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
930 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
931 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
932 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
933 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
934 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
935 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
936 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
937 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
938 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
939 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
940 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
941 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
942 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
943 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
946 static const ST_KAT_PARAM rsa_key[] = {
947 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
948 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
949 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
950 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
951 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
952 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
953 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
954 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
958 static const unsigned char rsa_expected_sig[256] = {
959 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
960 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
961 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
962 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
963 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
964 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
965 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
966 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
967 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
968 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
969 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
970 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
971 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
972 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
973 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
974 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
975 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
976 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
977 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
978 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
979 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
980 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
981 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
982 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
983 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
984 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
985 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
986 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
987 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
988 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
989 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
990 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
993 #endif /* OPENSSL_NO_RSA */
995 #ifndef OPENSSL_NO_EC
997 static const char ecd_curve_name[] = "secp224r1";
998 static const unsigned char ecd_priv[] = {
999 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1000 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1001 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1002 0x80, 0x93, 0x50, 0x30
1004 static const unsigned char ecd_pub[] = {
1005 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1006 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1007 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1008 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1009 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1010 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1011 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1015 static const ST_KAT_PARAM ecdsa_key[] = {
1016 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_curve_name),
1017 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1018 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1021 #endif /* OPENSSL_NO_EC */
1023 #ifndef OPENSSL_NO_DSA
1025 static const unsigned char dsa_p[] = {
1026 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1027 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1028 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1029 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1030 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1031 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1032 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1033 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1034 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1035 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1036 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1037 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1038 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1039 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1040 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1041 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1042 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1043 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1044 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1045 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1046 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1047 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1048 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1049 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1050 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1051 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1052 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1053 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1054 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1055 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1056 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1057 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1059 static const unsigned char dsa_q[] = {
1060 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1061 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1062 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1063 0x18, 0x90, 0x28, 0x67
1065 static const unsigned char dsa_g[] = {
1066 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1067 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1068 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1069 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1070 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1071 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1072 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1073 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1074 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1075 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1076 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1077 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1078 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1079 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1080 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1081 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1082 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1083 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1084 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1085 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1086 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1087 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1088 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1089 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1090 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1091 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1092 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1093 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1094 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1095 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1096 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1097 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1099 static const unsigned char dsa_pub[] = {
1100 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1101 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1102 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1103 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1104 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1105 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1106 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1107 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1108 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1109 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1110 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1111 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1112 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1113 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1114 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1115 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1116 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1117 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1118 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1119 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1120 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1121 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1122 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1123 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1124 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1125 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1126 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1127 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1128 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1129 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1130 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1131 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1133 static const unsigned char dsa_priv[] = {
1134 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1135 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1136 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1137 0x40, 0x7e, 0x5c, 0xb7
1140 static const ST_KAT_PARAM dsa_key[] = {
1141 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1142 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1143 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1144 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1145 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1148 #endif /* OPENSSL_NO_DSA */
1150 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1151 #ifndef OPENSSL_NO_RSA
1153 OSSL_SELF_TEST_DESC_SIGN_RSA,
1157 ITM(rsa_expected_sig)
1159 #endif /* OPENSSL_NO_RSA */
1160 #ifndef OPENSSL_NO_EC
1162 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1167 * The ECDSA signature changes each time due to it using a random k.
1168 * So there is no expected KAT for this case.
1171 #endif /* OPENSSL_NO_EC */
1172 #ifndef OPENSSL_NO_DSA
1174 OSSL_SELF_TEST_DESC_SIGN_DSA,
1179 * The DSA signature changes each time due to it using a random k.
1180 * So there is no expected KAT for this case.
1183 #endif /* OPENSSL_NO_DSA */