2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) ((void *)&x), sizeof(x)
12 #define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21 #define ST_KAT_PARAM_UTF8CHAR(name, data) \
22 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
23 #define ST_KAT_PARAM_INT(name, i) \
24 { name, OSSL_PARAM_INTEGER, ITM(i) }
26 /* used to store raw parameters for keys and algorithms */
27 typedef struct st_kat_param_st {
28 const char *name; /* an OSSL_PARAM name */
29 size_t type; /* the type associated with the data */
30 const void *data; /* unsigned char [], or char [] depending on the type */
31 size_t data_len; /* the length of the data */
34 typedef struct st_kat_st {
36 const char *algorithm;
37 const unsigned char *pt;
39 const unsigned char *expected;
43 typedef ST_KAT ST_KAT_DIGEST;
44 typedef struct st_kat_cipher_st {
46 const unsigned char *key;
48 const unsigned char *iv;
50 const unsigned char *aad;
52 const unsigned char *tag;
56 typedef struct st_kat_kdf_st {
58 const char *algorithm;
59 const ST_KAT_PARAM *params;
60 const unsigned char *expected;
64 typedef struct st_kat_drbg_st {
66 const char *algorithm;
67 const char *param_name;
69 const unsigned char *entropyin;
71 const unsigned char *nonce;
73 const unsigned char *persstr;
75 const unsigned char *entropyinpr1;
76 size_t entropyinpr1len;
77 const unsigned char *entropyinpr2;
78 size_t entropyinpr2len;
79 const unsigned char *entropyaddin1;
80 size_t entropyaddin1len;
81 const unsigned char *entropyaddin2;
82 size_t entropyaddin2len;
83 const unsigned char *expected;
87 typedef struct st_kat_kas_st {
89 const char *algorithm;
91 const ST_KAT_PARAM *key_group;
92 const ST_KAT_PARAM *key_host_data;
93 const ST_KAT_PARAM *key_peer_data;
95 const unsigned char *expected;
99 typedef struct st_kat_sign_st {
101 const char *algorithm;
102 const char *mdalgorithm;
103 const ST_KAT_PARAM *key;
104 const unsigned char *sig_expected; /* Set to NULL if this value changes */
105 size_t sig_expected_len;
108 typedef struct st_kat_asym_cipher_st {
110 const char *algorithm;
112 const ST_KAT_PARAM *key;
113 const ST_KAT_PARAM *postinit;
114 const unsigned char *in;
116 const unsigned char *expected;
118 } ST_KAT_ASYM_CIPHER;
120 /*- DIGEST TEST DATA */
121 static const unsigned char sha1_pt[] = "abc";
122 static const unsigned char sha1_digest[] = {
123 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
124 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
127 static const unsigned char sha512_pt[] = "abc";
128 static const unsigned char sha512_digest[] = {
129 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
130 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
131 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
132 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
133 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
134 0xA5, 0x4C, 0xA4, 0x9F
136 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
137 static const unsigned char sha3_256_digest[] = {
138 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
139 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
140 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
143 static const ST_KAT_DIGEST st_kat_digest_tests[] =
146 OSSL_SELF_TEST_DESC_MD_SHA1,
152 OSSL_SELF_TEST_DESC_MD_SHA2,
158 OSSL_SELF_TEST_DESC_MD_SHA3,
161 ITM(sha3_256_digest),
166 /*- CIPHER TEST DATA */
169 static const unsigned char des_ede3_cbc_pt[] = {
170 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
171 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
172 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
173 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
175 static const unsigned char des_ede3_cbc_key[] = {
176 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
177 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
178 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
180 static const unsigned char des_ede3_cbc_iv[] = {
181 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
183 static const unsigned char des_ede3_cbc_ct[] = {
184 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
185 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
186 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
187 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
190 /* AES-256 GCM test data */
191 static const unsigned char aes_256_gcm_key[] = {
192 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
193 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
194 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
195 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
197 static const unsigned char aes_256_gcm_iv[] = {
198 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
199 0xe9, 0x02, 0xf2, 0x1a
201 static const unsigned char aes_256_gcm_pt[] = {
202 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
203 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
205 static const unsigned char aes_256_gcm_aad[] = {
206 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
207 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
209 static const unsigned char aes_256_gcm_ct[] = {
210 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
211 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
213 static const unsigned char aes_256_gcm_tag[] = {
214 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
215 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
218 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
219 #ifndef OPENSSL_NO_DES
222 OSSL_SELF_TEST_DESC_CIPHER_TDES,
224 ITM(des_ede3_cbc_pt),
227 ITM(des_ede3_cbc_key),
228 ITM(des_ede3_cbc_iv),
233 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
238 ITM(aes_256_gcm_key),
240 ITM(aes_256_gcm_aad),
245 static const char hkdf_digest[] = "SHA256";
246 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
247 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
248 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
250 static const ST_KAT_PARAM hkdf_params[] = {
251 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
252 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
253 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
254 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
257 static const unsigned char hkdf_expected[] = {
258 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
262 static const char sskdf_digest[] = "SHA224";
263 static const unsigned char sskdf_secret[] = {
264 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
265 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
266 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
267 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
268 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
269 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
270 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
272 static const unsigned char sskdf_otherinfo[] = {
273 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
274 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
275 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
276 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
277 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
278 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
280 static const unsigned char sskdf_expected[] = {
281 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
282 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
284 static const ST_KAT_PARAM sskdf_params[] = {
285 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
286 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
287 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
291 static const char x942kdf_digest[] = "SHA1";
292 static const char x942kdf_cekalg[] = "AES-128-WRAP";
293 static const unsigned char x942kdf_secret[] = {
294 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
295 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
296 0x10, 0x11, 0x12, 0x13
298 static const unsigned char x942kdf_expected[] = {
299 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
300 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
302 static const ST_KAT_PARAM x942kdf_params[] = {
303 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
304 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
305 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
309 static const char x963kdf_digest[] = "SHA256";
310 static const unsigned char x963kdf_otherinfo[] = {
311 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
312 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
314 static const unsigned char x963kdf_secret[] = {
315 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
316 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
317 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
319 static const unsigned char x963kdf_expected[] = {
320 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
321 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
322 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
323 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
325 static const ST_KAT_PARAM x963kdf_params[] = {
326 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
327 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
328 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
332 static const char pbkdf2_digest[] = "SHA256";
333 static const unsigned char pbkdf2_password[] = {
334 0x70, 0x61, 0x73, 0x73, 0x00, 0x77, 0x6f, 0x72,
337 static const unsigned char pbkdf2_salt[] = {
338 0x73, 0x61, 0x00, 0x6c, 0x74
340 static const unsigned char pbkdf2_expected[] = {
341 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
342 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
344 static int pbkdf2_iterations = 4096;
345 static int pbkdf2_pkcs5 = 1;
346 static const ST_KAT_PARAM pbkdf2_params[] = {
347 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
348 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
349 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
350 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
351 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
355 static const char sshkdf_digest[] = "SHA1";
356 static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
357 static const unsigned char sshkdf_key[] = {
358 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
359 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
360 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
361 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
362 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
363 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
364 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
365 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
366 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
367 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
368 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
369 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
370 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
371 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
372 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
373 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
374 0xfb, 0xa9, 0x4a, 0x59,
376 static const unsigned char sshkdf_xcghash[] = {
377 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
378 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
379 0xdc, 0x88, 0x92, 0x45,
381 static const unsigned char sshkdf_session_id[] = {
382 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
383 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
384 0xdc, 0x88, 0x92, 0x45,
386 static const unsigned char sshkdf_expected[] = {
387 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
389 static const ST_KAT_PARAM sshkdf_params[] = {
390 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
391 ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
392 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
393 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
394 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
398 static const char tls12prf_digest[] = "SHA256";
399 static const unsigned char tls12prf_secret[] = {
400 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
401 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
402 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
403 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
404 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
405 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
407 static const unsigned char tls12prf_seed[] = {
408 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
409 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
410 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
411 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
412 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
413 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
414 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
415 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
416 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
418 static const unsigned char tls12prf_expected[] = {
419 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
420 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
421 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
422 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
423 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
424 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
425 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
426 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
427 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
428 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
429 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
430 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
431 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
432 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
433 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
434 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
436 static const ST_KAT_PARAM tls12prf_params[] = {
437 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
438 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
439 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
443 static const char kbkdf_digest[] = "SHA256";
444 static const char kbkdf_mac[] = "HMAC";
445 static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
446 static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
447 static unsigned char kbkdf_key[] = {
448 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
449 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
451 static unsigned char kbkdf_expected[] = {
452 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
453 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
454 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
455 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
457 static const ST_KAT_PARAM kbkdf_params[] = {
458 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
459 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
460 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
461 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
462 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
466 static const ST_KAT_KDF st_kat_kdf_tests[] =
469 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
470 OSSL_KDF_NAME_TLS1_PRF,
472 ITM(tls12prf_expected)
475 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
476 OSSL_KDF_NAME_PBKDF2,
481 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
482 OSSL_KDF_NAME_SSHKDF,
487 OSSL_SELF_TEST_DESC_KDF_KBKDF,
493 OSSL_SELF_TEST_DESC_KDF_HKDF,
499 OSSL_SELF_TEST_DESC_KDF_SSKDF,
505 OSSL_SELF_TEST_DESC_KDF_X963KDF,
506 OSSL_KDF_NAME_X963KDF,
508 ITM(x963kdf_expected)
511 OSSL_SELF_TEST_DESC_KDF_X942KDF,
512 OSSL_KDF_NAME_X942KDF_ASN1,
514 ITM(x942kdf_expected)
519 * DRBG test vectors are a small subset of
520 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
521 * Using the folder drbgvectors_pr_true
522 * Generated for CAVS 14.3.
529 * [PredictionResistance = True]
530 * [EntropyInputLen = 256]
532 * [PersonalizationStringLen = 256]
533 * [AdditionalInputLen = 256]
534 * [ReturnedBitsLen = 1024]
538 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
539 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
540 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
541 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
543 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
544 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
545 0xf0, 0xe5, 0x07, 0x1f
547 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
548 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
549 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
550 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
552 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
553 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
554 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
555 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
557 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
558 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
559 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
560 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
562 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
563 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
564 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
565 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
567 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
568 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
569 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
570 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
572 static const unsigned char drbg_hash_sha256_pr_expected[] = {
573 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
574 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
575 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
576 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
577 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
578 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
579 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
580 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
581 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
582 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
583 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
590 * [PredictionResistance = True]
591 * [EntropyInputLen = 128]
593 * [PersonalizationStringLen = 128]
594 * [AdditionalInputLen = 128]
595 * [ReturnedBitsLen = 512]
599 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
600 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
601 0x43, 0xdf, 0xf8, 0x18
603 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
604 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
606 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
607 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
608 0x37, 0x3c, 0x5c, 0x0b
610 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
611 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
612 0xc4, 0x2c, 0xe8, 0x10
614 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
615 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
616 0x08, 0xf7, 0xa5, 0x01
618 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
619 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
620 0x23, 0x6d, 0xad, 0x1d
622 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
623 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
624 0xbc, 0x59, 0x31, 0x8c
626 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
627 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
628 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
629 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
630 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
631 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
632 0x23, 0xc5, 0x1f, 0x68
639 * [PredictionResistance = True]
640 * [EntropyInputLen = 128]
642 * [PersonalizationStringLen = 128]
643 * [AdditionalInputLen = 128]
644 * [ReturnedBitsLen = 640]
648 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
649 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
650 0x79, 0x9e, 0xe5, 0xd8
652 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
653 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
655 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
656 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
657 0xa9, 0x31, 0x3d, 0xd7
659 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
660 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
661 0x5f, 0x22, 0xc6, 0xa4
663 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
664 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
665 0x2d, 0x1a, 0xf7, 0xa6
667 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
668 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
669 0xc1, 0x8c, 0xd9, 0xd7
671 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
672 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
673 0xa1, 0x37, 0x12, 0x0c
675 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
676 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
677 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
678 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
679 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
680 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
681 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
682 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
685 static const ST_KAT_DRBG st_kat_drbg_tests[] =
688 OSSL_SELF_TEST_DESC_DRBG_HASH,
689 "HASH-DRBG", "digest", "SHA256",
690 ITM(drbg_hash_sha256_pr_entropyin),
691 ITM(drbg_hash_sha256_pr_nonce),
692 ITM(drbg_hash_sha256_pr_persstr),
693 ITM(drbg_hash_sha256_pr_entropyinpr0),
694 ITM(drbg_hash_sha256_pr_entropyinpr1),
695 ITM(drbg_hash_sha256_pr_addin0),
696 ITM(drbg_hash_sha256_pr_addin1),
697 ITM(drbg_hash_sha256_pr_expected)
700 OSSL_SELF_TEST_DESC_DRBG_CTR,
701 "CTR-DRBG", "cipher", "AES-128-CTR",
702 ITM(drbg_ctr_aes128_pr_df_entropyin),
703 ITM(drbg_ctr_aes128_pr_df_nonce),
704 ITM(drbg_ctr_aes128_pr_df_persstr),
705 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
706 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
707 ITM(drbg_ctr_aes128_pr_df_addin0),
708 ITM(drbg_ctr_aes128_pr_df_addin1),
709 ITM(drbg_ctr_aes128_pr_df_expected)
712 OSSL_SELF_TEST_DESC_DRBG_HMAC,
713 "HMAC-DRBG", "digest", "SHA1",
714 ITM(drbg_hmac_sha1_pr_entropyin),
715 ITM(drbg_hmac_sha1_pr_nonce),
716 ITM(drbg_hmac_sha1_pr_persstr),
717 ITM(drbg_hmac_sha1_pr_entropyinpr0),
718 ITM(drbg_hmac_sha1_pr_entropyinpr1),
719 ITM(drbg_hmac_sha1_pr_addin0),
720 ITM(drbg_hmac_sha1_pr_addin1),
721 ITM(drbg_hmac_sha1_pr_expected)
725 /* KEY EXCHANGE TEST DATA */
727 #ifndef OPENSSL_NO_DH
729 static const unsigned char dh_p[] = {
730 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
731 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
732 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
733 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
734 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
735 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
736 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
737 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
738 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
739 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
740 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
741 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
742 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
743 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
744 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
745 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
746 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
747 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
748 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
749 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
750 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
751 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
752 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
753 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
754 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
755 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
756 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
757 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
758 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
759 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
760 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
761 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
763 static const unsigned char dh_q[] = {
764 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
765 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
766 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
767 0x11, 0xac, 0xb5, 0x7d
769 static const unsigned char dh_g[] = {
770 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
771 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
772 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
773 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
774 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
775 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
776 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
777 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
778 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
779 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
780 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
781 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
782 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
783 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
784 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
785 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
786 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
787 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
788 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
789 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
790 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
791 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
792 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
793 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
794 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
795 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
796 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
797 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
798 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
799 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
800 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
801 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
803 static const unsigned char dh_priv[] = {
804 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
805 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
806 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
807 0x40, 0xb8, 0xfc, 0xe6
809 static const unsigned char dh_pub[] = {
810 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
811 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
812 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
813 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
814 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
815 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
816 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
817 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
818 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
819 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
820 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
821 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
822 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
823 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
824 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
825 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
826 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
827 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
828 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
829 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
830 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
831 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
832 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
833 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
834 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
835 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
836 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
837 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
838 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
839 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
840 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
841 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
843 static const unsigned char dh_peer_pub[] = {
844 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
845 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
846 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
847 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
848 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
849 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
850 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
851 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
852 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
853 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
854 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
855 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
856 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
857 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
858 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
859 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
860 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
861 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
862 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
863 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
864 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
865 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
866 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
867 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
868 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
869 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
870 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
871 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
872 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
873 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
874 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
875 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
878 static const unsigned char dh_secret_expected[] = {
879 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
880 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
881 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
882 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
883 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
884 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
885 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
886 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
887 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
888 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
889 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
890 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
891 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
892 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
893 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
894 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
895 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
896 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
897 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
898 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
899 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
900 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
901 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
902 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
903 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
904 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
905 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
906 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
907 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
908 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
909 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
910 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
913 static const ST_KAT_PARAM dh_group[] = {
914 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
915 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
916 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
920 /* The host's private key */
921 static const ST_KAT_PARAM dh_host_key[] = {
922 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
923 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
927 /* The peer's public key */
928 static const ST_KAT_PARAM dh_peer_key[] = {
929 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
932 #endif /* OPENSSL_NO_DH */
935 #ifndef OPENSSL_NO_EC
936 static const char ecdh_curve_name[] = "prime256v1";
937 static const unsigned char ecdh_privd[] = {
938 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
939 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
940 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
941 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
943 static const unsigned char ecdh_pub[] = {
945 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
946 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
947 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
948 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
949 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
950 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
951 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
952 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
954 static const unsigned char ecdh_peer_pub[] = {
956 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
957 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
958 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
959 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
960 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
961 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
962 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
963 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
966 static const ST_KAT_PARAM ecdh_group[] = {
967 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
970 static const ST_KAT_PARAM ecdh_host_key[] = {
971 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
972 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
975 static const ST_KAT_PARAM ecdh_peer_key[] = {
976 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
979 static const unsigned char ecdh_secret_expected[] = {
980 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
981 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
982 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
983 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
985 #endif /* OPENSSL_NO_EC */
987 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
988 static const ST_KAT_KAS st_kat_kas_tests[] =
990 # ifndef OPENSSL_NO_DH
992 OSSL_SELF_TEST_DESC_KA_DH,
997 ITM(dh_secret_expected)
999 # endif /* OPENSSL_NO_DH */
1000 # ifndef OPENSSL_NO_EC
1002 OSSL_SELF_TEST_DESC_KA_ECDH,
1007 ITM(ecdh_secret_expected)
1009 # endif /* OPENSSL_NO_EC */
1011 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1014 static const unsigned char rsa_n[] = {
1015 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1016 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1017 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1018 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1019 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1020 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1021 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1022 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1023 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1024 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1025 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1026 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1027 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1028 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1029 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1030 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1031 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1032 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1033 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1034 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1035 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1036 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1037 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1038 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1039 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1040 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1041 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1042 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1043 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1044 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1045 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1046 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1048 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1049 static const unsigned char rsa_d[] = {
1050 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1051 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1052 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1053 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1054 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1055 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1056 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1057 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1058 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1059 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1060 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1061 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1062 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1063 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1064 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1065 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1066 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1067 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1068 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1069 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1070 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1071 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1072 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1073 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1074 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1075 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1076 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1077 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1078 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1079 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1080 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1081 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1083 static const unsigned char rsa_p[] = {
1084 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1085 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1086 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1087 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1088 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1089 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1090 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1091 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1092 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1093 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1094 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1095 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1096 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1097 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1098 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1099 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1101 static const unsigned char rsa_q[] = {
1102 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1103 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1104 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1105 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1106 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1107 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1108 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1109 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1110 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1111 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1112 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1113 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1114 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1115 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1116 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1117 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1119 static const unsigned char rsa_dp[] = {
1120 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1121 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1122 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1123 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1124 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1125 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1126 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1127 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1128 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1129 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1130 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1131 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1132 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1133 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1134 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1135 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1137 static const unsigned char rsa_dq[] = {
1138 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1139 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1140 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1141 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1142 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1143 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1144 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1145 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1146 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1147 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1148 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1149 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1150 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1151 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1152 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1153 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1155 static const unsigned char rsa_qInv[] = {
1156 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1157 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1158 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1159 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1160 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1161 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1162 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1163 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1164 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1165 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1166 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1167 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1168 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1169 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1170 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1171 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1174 static const ST_KAT_PARAM rsa_crt_key[] = {
1175 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1176 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1177 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1178 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
1179 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
1180 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
1181 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
1182 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
1186 static const ST_KAT_PARAM rsa_pub_key[] = {
1187 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1188 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1192 static const ST_KAT_PARAM rsa_priv_key[] = {
1193 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1194 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1195 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1199 static const ST_KAT_PARAM rsa_enc_params[] = {
1200 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
1201 OSSL_PKEY_RSA_PAD_MODE_NONE),
1205 static const unsigned char rsa_expected_sig[256] = {
1206 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1207 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1208 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1209 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1210 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1211 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1212 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1213 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1214 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1215 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1216 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1217 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1218 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1219 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1220 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1221 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1222 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1223 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1224 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1225 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1226 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1227 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1228 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1229 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1230 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1231 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1232 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1233 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1234 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1235 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1236 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1237 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1240 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1241 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1242 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1244 static const unsigned char rsa_asym_expected_encrypt[256] = {
1245 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1246 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1247 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1248 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1249 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1250 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1251 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1252 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1253 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1254 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1255 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1256 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1257 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1258 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1259 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1260 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1261 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1262 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1263 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1264 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1265 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1266 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1267 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1268 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1269 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1270 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1271 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1272 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1273 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1274 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1275 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1276 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1279 #ifndef OPENSSL_NO_EC
1280 /* ECDSA key data */
1281 static const char ecd_curve_name[] = "secp224r1";
1282 static const unsigned char ecd_priv[] = {
1283 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1284 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1285 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1286 0x80, 0x93, 0x50, 0x30
1288 static const unsigned char ecd_pub[] = {
1289 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1290 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1291 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1292 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1293 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1294 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1295 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1299 static const ST_KAT_PARAM ecdsa_key[] = {
1300 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_curve_name),
1301 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1302 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1305 #endif /* OPENSSL_NO_EC */
1307 #ifndef OPENSSL_NO_DSA
1309 static const unsigned char dsa_p[] = {
1310 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1311 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1312 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1313 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1314 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1315 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1316 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1317 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1318 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1319 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1320 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1321 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1322 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1323 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1324 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1325 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1326 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1327 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1328 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1329 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1330 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1331 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1332 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1333 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1334 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1335 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1336 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1337 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1338 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1339 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1340 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1341 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1343 static const unsigned char dsa_q[] = {
1344 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1345 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1346 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1347 0x18, 0x90, 0x28, 0x67
1349 static const unsigned char dsa_g[] = {
1350 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1351 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1352 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1353 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1354 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1355 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1356 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1357 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1358 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1359 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1360 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1361 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1362 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1363 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1364 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1365 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1366 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1367 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1368 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1369 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1370 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1371 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1372 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1373 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1374 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1375 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1376 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1377 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1378 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1379 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1380 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1381 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1383 static const unsigned char dsa_pub[] = {
1384 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1385 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1386 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1387 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1388 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1389 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1390 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1391 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1392 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1393 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1394 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1395 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1396 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1397 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1398 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1399 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1400 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1401 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1402 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1403 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1404 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1405 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1406 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1407 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1408 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1409 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1410 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1411 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1412 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1413 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1414 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1415 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1417 static const unsigned char dsa_priv[] = {
1418 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1419 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1420 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1421 0x40, 0x7e, 0x5c, 0xb7
1424 static const ST_KAT_PARAM dsa_key[] = {
1425 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1426 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1427 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1428 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1429 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1432 #endif /* OPENSSL_NO_DSA */
1434 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1436 OSSL_SELF_TEST_DESC_SIGN_RSA,
1440 ITM(rsa_expected_sig)
1442 #ifndef OPENSSL_NO_EC
1444 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1449 * The ECDSA signature changes each time due to it using a random k.
1450 * So there is no expected KAT for this case.
1453 #endif /* OPENSSL_NO_EC */
1454 #ifndef OPENSSL_NO_DSA
1456 OSSL_SELF_TEST_DESC_SIGN_DSA,
1461 * The DSA signature changes each time due to it using a random k.
1462 * So there is no expected KAT for this case.
1465 #endif /* OPENSSL_NO_DSA */
1468 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1470 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1475 ITM(rsa_asym_plaintext_encrypt),
1476 ITM(rsa_asym_expected_encrypt),
1479 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1484 ITM(rsa_asym_expected_encrypt),
1485 ITM(rsa_asym_plaintext_encrypt),
1488 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1493 ITM(rsa_asym_expected_encrypt),
1494 ITM(rsa_asym_plaintext_encrypt),