X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=test%2Fevp_extra_test.c;h=eac0c43ba10db3a504c7ef0bf8ca0745187336a5;hb=5dc40a83c74be579575a512b30d9c1e0364e6a7b;hp=b8cfc0d204c2254169089e20eabcb9924929657b;hpb=adcd8e37db682a5818415b1e0e1d8847dd9ab1e6;p=openssl.git diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index b8cfc0d204..eac0c43ba1 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -1,7 +1,7 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html @@ -9,14 +9,18 @@ #include #include +#include #include #include #include #include #include #include +#include +#include #include "testutil.h" -#include "test_main.h" +#include "internal/nelem.h" +#include "internal/evp_int.h" /* * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you @@ -76,6 +80,102 @@ static const unsigned char kExampleRSAKeyDER[] = { 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf, }; +/* + * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private + * components are not correct. + */ +static const unsigned char kExampleBadRSAKeyDER[] = { + 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, + 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef, + 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9, + 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4, + 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3, + 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05, + 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26, + 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0, + 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33, + 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66, + 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde, + 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa, + 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53, + 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c, + 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75, + 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7, + 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c, + 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a, + 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87, + 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd, + 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0, + 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18, + 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, + 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5, + 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06, + 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0, + 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75, + 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1, + 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00, + 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd, + 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29, + 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5, + 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05, + 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e, + 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf, + 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d, + 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb, + 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5, + 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef, + 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9, + 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2, + 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7, + 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff, + 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99, + 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78, + 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb, + 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35, + 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46, + 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6, + 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f, + 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56, + 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d, + 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55, + 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20, + 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6, + 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81, + 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a, + 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e, + 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3, + 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1, + 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6, + 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77, + 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a, + 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d, + 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b, + 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a, + 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf, + 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28, + 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12, + 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd, + 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a, + 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5, + 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e, + 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b, + 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84, + 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e, + 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97, + 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81, + 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b, + 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6, + 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74, + 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e, + 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9, + 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98, + 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05, + 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef, + 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf, + 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69, + 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce, +}; + static const unsigned char kMsg[] = { 1, 2, 3, 4 }; static const unsigned char kSignature[] = { @@ -186,18 +286,67 @@ static const unsigned char kExampleBadECKeyDER[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 }; + +/* prime256v1 */ +static const unsigned char kExampleECPubKeyDER[] = { + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, + 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53, + 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8, + 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7, + 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b, + 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20, + 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5 +}; + +/* + * kExampleBadECKeyDER is a sample EC public key with a wrong OID + * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key + */ +static const unsigned char kExampleBadECPubKeyDER[] = { + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, + 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53, + 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8, + 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7, + 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b, + 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20, + 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5 +}; + +static const unsigned char pExampleECParamDER[] = { + 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 +}; #endif typedef struct APK_DATA_st { const unsigned char *kder; size_t size; int evptype; + int check; + int pub_check; + int param_check; + int type; /* 0 for private, 1 for public, 2 for params */ } APK_DATA; static APK_DATA keydata[] = { {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA}, {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA}, +#ifndef OPENSSL_NO_EC {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC} +#endif +}; + +static APK_DATA keycheckdata[] = { + {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0}, + {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA, + 0, -2, -2, 0}, +#ifndef OPENSSL_NO_EC + {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0}, + /* group is also associated in our pub key */ + {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1}, + {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2} +#endif }; static EVP_PKEY *load_example_rsa_key(void) @@ -224,6 +373,50 @@ end: return ret; } +static int test_EVP_Enveloped(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx = NULL; + EVP_PKEY *keypair = NULL; + unsigned char *kek = NULL; + unsigned char iv[EVP_MAX_IV_LENGTH]; + static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 }; + int len, kek_len, ciphertext_len, plaintext_len; + unsigned char ciphertext[32], plaintext[16]; + const EVP_CIPHER *type = EVP_aes_256_cbc(); + + if (!TEST_ptr(keypair = load_example_rsa_key()) + || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair))) + || !TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv, + &keypair, 1)) + || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len, + msg, sizeof(msg))) + || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len, + &len))) + goto err; + + ciphertext_len += len; + + if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair)) + || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len, + ciphertext, ciphertext_len)) + || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len))) + goto err; + + plaintext_len += len; + if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len)) + goto err; + + ret = 1; +err: + OPENSSL_free(kek); + EVP_PKEY_free(keypair); + EVP_CIPHER_CTX_free(ctx); + return ret; +} + + static int test_EVP_DigestSignInit(void) { int ret = 0; @@ -345,13 +538,503 @@ static int test_EVP_PKCS82PKEY(void) } #endif -void register_tests(void) +#ifndef OPENSSL_NO_SM2 + +static int test_EVP_SM2_verify(void) +{ + /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */ + const char *pubkey = + "-----BEGIN PUBLIC KEY-----\n" + "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n" + "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n" + "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n" + "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n" + "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n" + "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n" + "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n" + "-----END PUBLIC KEY-----\n"; + + const char *msg = "message digest"; + const char *id = "ALICE123@YAHOO.COM"; + + const uint8_t signature[] = { + 0x30, 0x44, 0x02, 0x20, + + 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC, + 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2, + 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1, + + 0x02, 0x20, + + 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF, + 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0, + 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7 + }; + + int rc = 0; + BIO *bio = NULL; + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mctx = NULL; + EVP_PKEY_CTX *pctx = NULL; + + bio = BIO_new_mem_buf(pubkey, strlen(pubkey)); + if (!TEST_true(bio != NULL)) + goto done; + + pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); + if (!TEST_true(pkey != NULL)) + goto done; + + if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2))) + goto done; + + if (!TEST_ptr(mctx = EVP_MD_CTX_new())) + goto done; + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id, + strlen(id)), 0)) + goto done; + + EVP_MD_CTX_set_pkey_ctx(mctx, pctx); + + if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey))) + goto done; + + if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg)))) + goto done; + + if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature)))) + goto done; + rc = 1; + + done: + BIO_free(bio); + EVP_PKEY_free(pkey); + EVP_PKEY_CTX_free(pctx); + EVP_MD_CTX_free(mctx); + return rc; +} + +static int test_EVP_SM2(void) +{ + int ret = 0; + EVP_PKEY *pkey = NULL; + EVP_PKEY *params = NULL; + EVP_PKEY_CTX *pctx = NULL; + EVP_PKEY_CTX *kctx = NULL; + EVP_PKEY_CTX *sctx = NULL; + size_t sig_len = 0; + unsigned char *sig = NULL; + EVP_MD_CTX *md_ctx = NULL; + EVP_MD_CTX *md_ctx_verify = NULL; + EVP_PKEY_CTX *cctx = NULL; + + uint8_t ciphertext[128]; + size_t ctext_len = sizeof(ciphertext); + + uint8_t plaintext[8]; + size_t ptext_len = sizeof(plaintext); + + uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'}; + + pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); + if (!TEST_ptr(pctx)) + goto done; + + if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1)) + goto done; + + if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2))) + goto done; + + if (!TEST_true(EVP_PKEY_paramgen(pctx, ¶ms))) + goto done; + + kctx = EVP_PKEY_CTX_new(params, NULL); + if (!TEST_ptr(kctx)) + goto done; + + if (!TEST_true(EVP_PKEY_keygen_init(kctx))) + goto done; + + if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey))) + goto done; + + if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2))) + goto done; + + if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())) + goto done; + + if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())) + goto done; + + if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx); + EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx); + + if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0)) + goto done; + + if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey))) + goto done; + + if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg)))) + goto done; + + /* Determine the size of the signature. */ + if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))) + goto done; + + if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey))) + goto done; + + if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))) + goto done; + + if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len))) + goto done; + + /* Ensure that the signature round-trips. */ + + if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey))) + goto done; + + if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg)))) + goto done; + + if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) + goto done; + + /* now check encryption/decryption */ + + if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + if (!TEST_true(EVP_PKEY_encrypt_init(cctx))) + goto done; + + if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg)))) + goto done; + + if (!TEST_true(EVP_PKEY_decrypt_init(cctx))) + goto done; + + if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len))) + goto done; + + if (!TEST_true(ptext_len == sizeof(kMsg))) + goto done; + + if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0)) + goto done; + + ret = 1; +done: + EVP_PKEY_CTX_free(pctx); + EVP_PKEY_CTX_free(kctx); + EVP_PKEY_CTX_free(sctx); + EVP_PKEY_CTX_free(cctx); + EVP_PKEY_free(pkey); + EVP_PKEY_free(params); + EVP_MD_CTX_free(md_ctx); + EVP_MD_CTX_free(md_ctx_verify); + OPENSSL_free(sig); + return ret; +} + +#endif + +static struct keys_st { + int type; + char *priv; + char *pub; +} keys[] = { + { + EVP_PKEY_HMAC, "0123456789", NULL + }, { + EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL + }, { + EVP_PKEY_SIPHASH, "0123456789012345", NULL + }, +#ifndef OPENSSL_NO_EC + { + EVP_PKEY_X25519, "01234567890123456789012345678901", + "abcdefghijklmnopqrstuvwxyzabcdef" + }, { + EVP_PKEY_ED25519, "01234567890123456789012345678901", + "abcdefghijklmnopqrstuvwxyzabcdef" + }, { + EVP_PKEY_X448, + "01234567890123456789012345678901234567890123456789012345", + "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd" + }, { + EVP_PKEY_ED448, + "012345678901234567890123456789012345678901234567890123456", + "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde" + } +#endif +}; + +static int test_set_get_raw_keys_int(int tst, int pub) +{ + int ret = 0; + unsigned char buf[80]; + unsigned char *in; + size_t inlen, len = 0; + EVP_PKEY *pkey; + + /* Check if this algorithm supports public keys */ + if (keys[tst].pub == NULL) + return 1; + + memset(buf, 0, sizeof(buf)); + + if (pub) { + inlen = strlen(keys[tst].pub); + in = (unsigned char *)keys[tst].pub; + pkey = EVP_PKEY_new_raw_public_key(keys[tst].type, + NULL, + in, + inlen); + } else { + inlen = strlen(keys[tst].priv); + in = (unsigned char *)keys[tst].priv; + pkey = EVP_PKEY_new_raw_private_key(keys[tst].type, + NULL, + in, + inlen); + } + + if (!TEST_ptr(pkey) + || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len))) + || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len))) + || !TEST_true(len == inlen) + || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len))) + || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len))) + || !TEST_mem_eq(in, inlen, buf, len)) + goto done; + + ret = 1; + done: + EVP_PKEY_free(pkey); + return ret; +} + +static int test_set_get_raw_keys(int tst) +{ + return test_set_get_raw_keys_int(tst, 0) + && test_set_get_raw_keys_int(tst, 1); +} + +static int pkey_custom_check(EVP_PKEY *pkey) +{ + return 0xbeef; +} + +static int pkey_custom_pub_check(EVP_PKEY *pkey) +{ + return 0xbeef; +} + +static int pkey_custom_param_check(EVP_PKEY *pkey) +{ + return 0xbeef; +} + +static EVP_PKEY_METHOD *custom_pmeth; + +static int test_EVP_PKEY_check(int i) +{ + int ret = 0; + const unsigned char *p; + EVP_PKEY *pkey = NULL; +#ifndef OPENSSL_NO_EC + EC_KEY *eckey = NULL; +#endif + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY_CTX *ctx2 = NULL; + const APK_DATA *ak = &keycheckdata[i]; + const unsigned char *input = ak->kder; + size_t input_len = ak->size; + int expected_id = ak->evptype; + int expected_check = ak->check; + int expected_pub_check = ak->pub_check; + int expected_param_check = ak->param_check; + int type = ak->type; + BIO *pubkey = NULL; + + p = input; + + switch (type) { + case 0: + if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len)) + || !TEST_ptr_eq(p, input + input_len) + || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id)) + goto done; + break; +#ifndef OPENSSL_NO_EC + case 1: + if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len)) + || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL)) + || !TEST_ptr(pkey = EVP_PKEY_new()) + || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey))) + goto done; + break; + case 2: + if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len)) + || !TEST_ptr_eq(p, input + input_len) + || !TEST_ptr(pkey = EVP_PKEY_new()) + || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey))) + goto done; + break; +#endif + default: + return 0; + } + + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check)) + goto done; + + ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL); + /* assign the pkey directly, as an internal test */ + EVP_PKEY_up_ref(pkey); + ctx2->pkey = pkey; + + if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef)) + goto done; + + ret = 1; + + done: + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_CTX_free(ctx2); + EVP_PKEY_free(pkey); + BIO_free(pubkey); + return ret; +} + +static int test_HKDF(void) +{ + EVP_PKEY_CTX *pctx; + unsigned char out[20]; + size_t outlen; + int i, ret = 0; + unsigned char salt[] = "0123456789"; + unsigned char key[] = "012345678901234567890123456789"; + unsigned char info[] = "infostring"; + const unsigned char expected[] = { + 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5, + 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca + }; + size_t expectedlen = sizeof(expected); + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL))) + goto done; + + /* We do this twice to test reuse of the EVP_PKEY_CTX */ + for (i = 0; i < 2; i++) { + outlen = sizeof(out); + memset(out, 0, outlen); + + if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, + sizeof(salt) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key, + sizeof(key) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info, + sizeof(info) - 1), 0) + || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0) + || !TEST_mem_eq(out, outlen, expected, expectedlen)) + goto done; + } + + ret = 1; + + done: + EVP_PKEY_CTX_free(pctx); + + return ret; +} + +#ifndef OPENSSL_NO_EC +static int test_X509_PUBKEY_inplace(void) +{ + int ret = 0; + X509_PUBKEY *xp = NULL; + const unsigned char *p = kExampleECPubKeyDER; + size_t input_len = sizeof(kExampleECPubKeyDER); + + if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len))) + goto done; + + if (!TEST_ptr(X509_PUBKEY_get0(xp))) + goto done; + + p = kExampleBadECPubKeyDER; + input_len = sizeof(kExampleBadECPubKeyDER); + + if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len))) + goto done; + + if (!TEST_true(X509_PUBKEY_get0(xp) == NULL)) + goto done; + + ret = 1; + +done: + X509_PUBKEY_free(xp); + return ret; +} +#endif + +int setup_tests(void) { ADD_TEST(test_EVP_DigestSignInit); ADD_TEST(test_EVP_DigestVerifyInit); - ADD_ALL_TESTS(test_d2i_AutoPrivateKey, - sizeof(keydata) / sizeof(keydata[0])); + ADD_TEST(test_EVP_Enveloped); + ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata)); #ifndef OPENSSL_NO_EC ADD_TEST(test_EVP_PKCS82PKEY); #endif +#ifndef OPENSSL_NO_SM2 + ADD_TEST(test_EVP_SM2); + ADD_TEST(test_EVP_SM2_verify); +#endif + ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys)); + custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0); + if (!TEST_ptr(custom_pmeth)) + return 0; + EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check); + EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check); + EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check); + if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1)) + return 0; + ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata)); + ADD_TEST(test_HKDF); +#ifndef OPENSSL_NO_EC + ADD_TEST(test_X509_PUBKEY_inplace); +#endif + return 1; }