2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) ((void *)&x), sizeof(x)
12 #define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21 #define ST_KAT_PARAM_UTF8CHAR(name, data) \
22 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
23 #define ST_KAT_PARAM_INT(name, i) \
24 { name, OSSL_PARAM_INTEGER, ITM(i) }
26 /* used to store raw parameters for keys and algorithms */
27 typedef struct st_kat_param_st {
28 const char *name; /* an OSSL_PARAM name */
29 size_t type; /* the type associated with the data */
30 const void *data; /* unsigned char [], or char [] depending on the type */
31 size_t data_len; /* the length of the data */
34 typedef struct st_kat_st {
36 const char *algorithm;
37 const unsigned char *pt;
39 const unsigned char *expected;
43 #define CIPHER_MODE_ENCRYPT 1
44 #define CIPHER_MODE_DECRYPT 2
45 #define CIPHER_MODE_ALL (CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT)
47 typedef ST_KAT ST_KAT_DIGEST;
48 typedef struct st_kat_cipher_st {
51 const unsigned char *key;
53 const unsigned char *iv;
55 const unsigned char *aad;
57 const unsigned char *tag;
61 typedef struct st_kat_kdf_st {
63 const char *algorithm;
64 const ST_KAT_PARAM *params;
65 const unsigned char *expected;
69 typedef struct st_kat_drbg_st {
71 const char *algorithm;
72 const char *param_name;
74 const unsigned char *entropyin;
76 const unsigned char *nonce;
78 const unsigned char *persstr;
80 const unsigned char *entropyinpr1;
81 size_t entropyinpr1len;
82 const unsigned char *entropyinpr2;
83 size_t entropyinpr2len;
84 const unsigned char *entropyaddin1;
85 size_t entropyaddin1len;
86 const unsigned char *entropyaddin2;
87 size_t entropyaddin2len;
88 const unsigned char *expected;
92 typedef struct st_kat_kas_st {
94 const char *algorithm;
96 const ST_KAT_PARAM *key_group;
97 const ST_KAT_PARAM *key_host_data;
98 const ST_KAT_PARAM *key_peer_data;
100 const unsigned char *expected;
104 typedef struct st_kat_sign_st {
106 const char *algorithm;
107 const char *mdalgorithm;
108 const ST_KAT_PARAM *key;
109 const unsigned char *sig_expected; /* Set to NULL if this value changes */
110 size_t sig_expected_len;
113 typedef struct st_kat_asym_cipher_st {
115 const char *algorithm;
117 const ST_KAT_PARAM *key;
118 const ST_KAT_PARAM *postinit;
119 const unsigned char *in;
121 const unsigned char *expected;
123 } ST_KAT_ASYM_CIPHER;
125 /*- DIGEST TEST DATA */
126 static const unsigned char sha1_pt[] = "abc";
127 static const unsigned char sha1_digest[] = {
128 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
129 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
132 static const unsigned char sha512_pt[] = "abc";
133 static const unsigned char sha512_digest[] = {
134 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
135 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
136 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
137 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
138 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
139 0xA5, 0x4C, 0xA4, 0x9F
141 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
142 static const unsigned char sha3_256_digest[] = {
143 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
144 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
145 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
148 static const ST_KAT_DIGEST st_kat_digest_tests[] =
151 OSSL_SELF_TEST_DESC_MD_SHA1,
157 OSSL_SELF_TEST_DESC_MD_SHA2,
163 OSSL_SELF_TEST_DESC_MD_SHA3,
166 ITM(sha3_256_digest),
171 /*- CIPHER TEST DATA */
174 static const unsigned char des_ede3_cbc_pt[] = {
175 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
176 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
177 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
178 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
180 static const unsigned char des_ede3_cbc_key[] = {
181 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
182 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
183 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
185 static const unsigned char des_ede3_cbc_iv[] = {
186 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
188 static const unsigned char des_ede3_cbc_ct[] = {
189 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
190 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
191 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
192 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
195 /* AES-256 GCM test data */
196 static const unsigned char aes_256_gcm_key[] = {
197 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
198 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
199 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
200 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
202 static const unsigned char aes_256_gcm_iv[] = {
203 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
204 0xe9, 0x02, 0xf2, 0x1a
206 static const unsigned char aes_256_gcm_pt[] = {
207 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
208 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
210 static const unsigned char aes_256_gcm_aad[] = {
211 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
212 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
214 static const unsigned char aes_256_gcm_ct[] = {
215 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
216 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
218 static const unsigned char aes_256_gcm_tag[] = {
219 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
220 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
223 /* AES-ECB test data */
224 static const unsigned char aes_128_ecb_key[] = {
225 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3,
226 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
228 static const unsigned char aes_128_ecb_pt[] = {
229 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
230 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
232 static const unsigned char aes_128_ecb_ct[] = {
233 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0,
234 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
237 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
238 #ifndef OPENSSL_NO_DES
241 OSSL_SELF_TEST_DESC_CIPHER_TDES,
243 ITM(des_ede3_cbc_pt),
246 CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
247 ITM(des_ede3_cbc_key),
248 ITM(des_ede3_cbc_iv),
253 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
259 ITM(aes_256_gcm_key),
261 ITM(aes_256_gcm_aad),
266 OSSL_SELF_TEST_DESC_CIPHER_AES_ECB,
276 static const char hkdf_digest[] = "SHA256";
277 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
278 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
279 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
281 static const ST_KAT_PARAM hkdf_params[] = {
282 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
283 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
284 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
285 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
288 static const unsigned char hkdf_expected[] = {
289 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
293 static const char sskdf_digest[] = "SHA224";
294 static const unsigned char sskdf_secret[] = {
295 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
296 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
297 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
298 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
299 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
300 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
301 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
303 static const unsigned char sskdf_otherinfo[] = {
304 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
305 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
306 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
307 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
308 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
309 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
311 static const unsigned char sskdf_expected[] = {
312 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
313 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
315 static const ST_KAT_PARAM sskdf_params[] = {
316 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
317 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
318 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
322 static const char x942kdf_digest[] = "SHA1";
323 static const char x942kdf_cekalg[] = "AES-128-WRAP";
324 static const unsigned char x942kdf_secret[] = {
325 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
326 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
327 0x10, 0x11, 0x12, 0x13
329 static const unsigned char x942kdf_expected[] = {
330 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
331 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
333 static const ST_KAT_PARAM x942kdf_params[] = {
334 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
335 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
336 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
340 static const char x963kdf_digest[] = "SHA256";
341 static const unsigned char x963kdf_otherinfo[] = {
342 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
343 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
345 static const unsigned char x963kdf_secret[] = {
346 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
347 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
348 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
350 static const unsigned char x963kdf_expected[] = {
351 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
352 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
353 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
354 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
356 static const ST_KAT_PARAM x963kdf_params[] = {
357 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
358 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
359 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
363 static const char pbkdf2_digest[] = "SHA256";
364 static const unsigned char pbkdf2_password[] = {
365 0x70, 0x61, 0x73, 0x73, 0x00, 0x77, 0x6f, 0x72,
368 static const unsigned char pbkdf2_salt[] = {
369 0x73, 0x61, 0x00, 0x6c, 0x74
371 static const unsigned char pbkdf2_expected[] = {
372 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
373 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
375 static int pbkdf2_iterations = 4096;
376 static int pbkdf2_pkcs5 = 1;
377 static const ST_KAT_PARAM pbkdf2_params[] = {
378 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
379 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
380 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
381 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
382 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
386 static const char sshkdf_digest[] = "SHA1";
387 static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
388 static const unsigned char sshkdf_key[] = {
389 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
390 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
391 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
392 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
393 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
394 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
395 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
396 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
397 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
398 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
399 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
400 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
401 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
402 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
403 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
404 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
405 0xfb, 0xa9, 0x4a, 0x59,
407 static const unsigned char sshkdf_xcghash[] = {
408 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
409 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
410 0xdc, 0x88, 0x92, 0x45,
412 static const unsigned char sshkdf_session_id[] = {
413 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
414 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
415 0xdc, 0x88, 0x92, 0x45,
417 static const unsigned char sshkdf_expected[] = {
418 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
420 static const ST_KAT_PARAM sshkdf_params[] = {
421 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
422 ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
423 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
424 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
425 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
429 static const char tls12prf_digest[] = "SHA256";
430 static const unsigned char tls12prf_secret[] = {
431 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
432 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
433 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
434 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
435 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
436 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
438 static const unsigned char tls12prf_seed[] = {
439 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
440 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
441 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
442 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
443 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
444 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
445 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
446 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
447 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
449 static const unsigned char tls12prf_expected[] = {
450 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
451 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
452 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
453 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
454 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
455 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
456 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
457 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
458 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
459 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
460 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
461 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
462 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
463 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
464 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
465 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
467 static const ST_KAT_PARAM tls12prf_params[] = {
468 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
469 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
470 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
474 static const char kbkdf_digest[] = "SHA256";
475 static const char kbkdf_mac[] = "HMAC";
476 static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
477 static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
478 static unsigned char kbkdf_key[] = {
479 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
480 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
482 static unsigned char kbkdf_expected[] = {
483 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
484 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
485 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
486 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
488 static const ST_KAT_PARAM kbkdf_params[] = {
489 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
490 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
491 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
492 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
493 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
497 static const ST_KAT_KDF st_kat_kdf_tests[] =
500 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
501 OSSL_KDF_NAME_TLS1_PRF,
503 ITM(tls12prf_expected)
506 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
507 OSSL_KDF_NAME_PBKDF2,
512 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
513 OSSL_KDF_NAME_SSHKDF,
518 OSSL_SELF_TEST_DESC_KDF_KBKDF,
524 OSSL_SELF_TEST_DESC_KDF_HKDF,
530 OSSL_SELF_TEST_DESC_KDF_SSKDF,
536 OSSL_SELF_TEST_DESC_KDF_X963KDF,
537 OSSL_KDF_NAME_X963KDF,
539 ITM(x963kdf_expected)
542 OSSL_SELF_TEST_DESC_KDF_X942KDF,
543 OSSL_KDF_NAME_X942KDF_ASN1,
545 ITM(x942kdf_expected)
550 * DRBG test vectors are a small subset of
551 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
552 * Using the folder drbgvectors_pr_true
553 * Generated for CAVS 14.3.
560 * [PredictionResistance = True]
561 * [EntropyInputLen = 256]
563 * [PersonalizationStringLen = 256]
564 * [AdditionalInputLen = 256]
565 * [ReturnedBitsLen = 1024]
569 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
570 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
571 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
572 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
574 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
575 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
576 0xf0, 0xe5, 0x07, 0x1f
578 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
579 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
580 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
581 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
583 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
584 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
585 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
586 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
588 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
589 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
590 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
591 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
593 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
594 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
595 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
596 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
598 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
599 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
600 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
601 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
603 static const unsigned char drbg_hash_sha256_pr_expected[] = {
604 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
605 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
606 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
607 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
608 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
609 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
610 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
611 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
612 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
613 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
614 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
621 * [PredictionResistance = True]
622 * [EntropyInputLen = 128]
624 * [PersonalizationStringLen = 128]
625 * [AdditionalInputLen = 128]
626 * [ReturnedBitsLen = 512]
630 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
631 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
632 0x43, 0xdf, 0xf8, 0x18
634 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
635 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
637 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
638 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
639 0x37, 0x3c, 0x5c, 0x0b
641 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
642 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
643 0xc4, 0x2c, 0xe8, 0x10
645 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
646 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
647 0x08, 0xf7, 0xa5, 0x01
649 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
650 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
651 0x23, 0x6d, 0xad, 0x1d
653 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
654 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
655 0xbc, 0x59, 0x31, 0x8c
657 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
658 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
659 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
660 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
661 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
662 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
663 0x23, 0xc5, 0x1f, 0x68
670 * [PredictionResistance = True]
671 * [EntropyInputLen = 128]
673 * [PersonalizationStringLen = 128]
674 * [AdditionalInputLen = 128]
675 * [ReturnedBitsLen = 640]
679 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
680 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
681 0x79, 0x9e, 0xe5, 0xd8
683 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
684 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
686 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
687 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
688 0xa9, 0x31, 0x3d, 0xd7
690 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
691 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
692 0x5f, 0x22, 0xc6, 0xa4
694 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
695 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
696 0x2d, 0x1a, 0xf7, 0xa6
698 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
699 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
700 0xc1, 0x8c, 0xd9, 0xd7
702 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
703 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
704 0xa1, 0x37, 0x12, 0x0c
706 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
707 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
708 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
709 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
710 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
711 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
712 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
713 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
716 static const ST_KAT_DRBG st_kat_drbg_tests[] =
719 OSSL_SELF_TEST_DESC_DRBG_HASH,
720 "HASH-DRBG", "digest", "SHA256",
721 ITM(drbg_hash_sha256_pr_entropyin),
722 ITM(drbg_hash_sha256_pr_nonce),
723 ITM(drbg_hash_sha256_pr_persstr),
724 ITM(drbg_hash_sha256_pr_entropyinpr0),
725 ITM(drbg_hash_sha256_pr_entropyinpr1),
726 ITM(drbg_hash_sha256_pr_addin0),
727 ITM(drbg_hash_sha256_pr_addin1),
728 ITM(drbg_hash_sha256_pr_expected)
731 OSSL_SELF_TEST_DESC_DRBG_CTR,
732 "CTR-DRBG", "cipher", "AES-128-CTR",
733 ITM(drbg_ctr_aes128_pr_df_entropyin),
734 ITM(drbg_ctr_aes128_pr_df_nonce),
735 ITM(drbg_ctr_aes128_pr_df_persstr),
736 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
737 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
738 ITM(drbg_ctr_aes128_pr_df_addin0),
739 ITM(drbg_ctr_aes128_pr_df_addin1),
740 ITM(drbg_ctr_aes128_pr_df_expected)
743 OSSL_SELF_TEST_DESC_DRBG_HMAC,
744 "HMAC-DRBG", "digest", "SHA1",
745 ITM(drbg_hmac_sha1_pr_entropyin),
746 ITM(drbg_hmac_sha1_pr_nonce),
747 ITM(drbg_hmac_sha1_pr_persstr),
748 ITM(drbg_hmac_sha1_pr_entropyinpr0),
749 ITM(drbg_hmac_sha1_pr_entropyinpr1),
750 ITM(drbg_hmac_sha1_pr_addin0),
751 ITM(drbg_hmac_sha1_pr_addin1),
752 ITM(drbg_hmac_sha1_pr_expected)
756 /* KEY EXCHANGE TEST DATA */
758 #ifndef OPENSSL_NO_DH
760 static const unsigned char dh_p[] = {
761 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
762 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
763 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
764 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
765 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
766 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
767 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
768 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
769 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
770 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
771 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
772 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
773 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
774 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
775 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
776 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
777 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
778 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
779 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
780 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
781 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
782 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
783 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
784 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
785 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
786 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
787 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
788 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
789 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
790 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
791 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
792 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
794 static const unsigned char dh_q[] = {
795 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
796 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
797 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
798 0x11, 0xac, 0xb5, 0x7d
800 static const unsigned char dh_g[] = {
801 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
802 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
803 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
804 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
805 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
806 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
807 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
808 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
809 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
810 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
811 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
812 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
813 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
814 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
815 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
816 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
817 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
818 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
819 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
820 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
821 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
822 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
823 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
824 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
825 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
826 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
827 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
828 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
829 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
830 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
831 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
832 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
834 static const unsigned char dh_priv[] = {
835 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
836 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
837 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
838 0x40, 0xb8, 0xfc, 0xe6
840 static const unsigned char dh_pub[] = {
841 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
842 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
843 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
844 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
845 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
846 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
847 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
848 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
849 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
850 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
851 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
852 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
853 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
854 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
855 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
856 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
857 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
858 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
859 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
860 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
861 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
862 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
863 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
864 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
865 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
866 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
867 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
868 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
869 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
870 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
871 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
872 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
874 static const unsigned char dh_peer_pub[] = {
875 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
876 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
877 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
878 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
879 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
880 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
881 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
882 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
883 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
884 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
885 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
886 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
887 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
888 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
889 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
890 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
891 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
892 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
893 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
894 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
895 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
896 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
897 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
898 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
899 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
900 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
901 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
902 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
903 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
904 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
905 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
906 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
909 static const unsigned char dh_secret_expected[] = {
910 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
911 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
912 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
913 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
914 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
915 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
916 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
917 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
918 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
919 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
920 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
921 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
922 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
923 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
924 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
925 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
926 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
927 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
928 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
929 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
930 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
931 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
932 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
933 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
934 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
935 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
936 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
937 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
938 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
939 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
940 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
941 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
944 static const ST_KAT_PARAM dh_group[] = {
945 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
946 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
947 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
951 /* The host's private key */
952 static const ST_KAT_PARAM dh_host_key[] = {
953 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
954 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
958 /* The peer's public key */
959 static const ST_KAT_PARAM dh_peer_key[] = {
960 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
963 #endif /* OPENSSL_NO_DH */
966 #ifndef OPENSSL_NO_EC
967 static const char ecdh_curve_name[] = "prime256v1";
968 static const unsigned char ecdh_privd[] = {
969 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
970 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
971 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
972 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
974 static const unsigned char ecdh_pub[] = {
976 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
977 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
978 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
979 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
980 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
981 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
982 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
983 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
985 static const unsigned char ecdh_peer_pub[] = {
987 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
988 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
989 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
990 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
991 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
992 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
993 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
994 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
997 static const ST_KAT_PARAM ecdh_group[] = {
998 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
1001 static const ST_KAT_PARAM ecdh_host_key[] = {
1002 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
1003 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
1006 static const ST_KAT_PARAM ecdh_peer_key[] = {
1007 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
1010 static const unsigned char ecdh_secret_expected[] = {
1011 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
1012 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
1013 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
1014 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
1016 #endif /* OPENSSL_NO_EC */
1018 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
1019 static const ST_KAT_KAS st_kat_kas_tests[] =
1021 # ifndef OPENSSL_NO_DH
1023 OSSL_SELF_TEST_DESC_KA_DH,
1028 ITM(dh_secret_expected)
1030 # endif /* OPENSSL_NO_DH */
1031 # ifndef OPENSSL_NO_EC
1033 OSSL_SELF_TEST_DESC_KA_ECDH,
1038 ITM(ecdh_secret_expected)
1040 # endif /* OPENSSL_NO_EC */
1042 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1045 static const unsigned char rsa_n[] = {
1046 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1047 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1048 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1049 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1050 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1051 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1052 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1053 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1054 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1055 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1056 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1057 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1058 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1059 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1060 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1061 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1062 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1063 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1064 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1065 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1066 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1067 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1068 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1069 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1070 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1071 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1072 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1073 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1074 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1075 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1076 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1077 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1079 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1080 static const unsigned char rsa_d[] = {
1081 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1082 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1083 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1084 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1085 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1086 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1087 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1088 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1089 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1090 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1091 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1092 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1093 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1094 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1095 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1096 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1097 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1098 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1099 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1100 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1101 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1102 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1103 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1104 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1105 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1106 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1107 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1108 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1109 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1110 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1111 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1112 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1114 static const unsigned char rsa_p[] = {
1115 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1116 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1117 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1118 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1119 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1120 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1121 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1122 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1123 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1124 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1125 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1126 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1127 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1128 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1129 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1130 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1132 static const unsigned char rsa_q[] = {
1133 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1134 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1135 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1136 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1137 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1138 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1139 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1140 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1141 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1142 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1143 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1144 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1145 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1146 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1147 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1148 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1150 static const unsigned char rsa_dp[] = {
1151 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1152 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1153 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1154 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1155 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1156 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1157 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1158 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1159 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1160 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1161 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1162 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1163 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1164 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1165 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1166 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1168 static const unsigned char rsa_dq[] = {
1169 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1170 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1171 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1172 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1173 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1174 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1175 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1176 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1177 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1178 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1179 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1180 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1181 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1182 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1183 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1184 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1186 static const unsigned char rsa_qInv[] = {
1187 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1188 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1189 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1190 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1191 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1192 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1193 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1194 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1195 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1196 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1197 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1198 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1199 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1200 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1201 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1202 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1205 static const ST_KAT_PARAM rsa_crt_key[] = {
1206 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1207 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1208 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1209 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
1210 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
1211 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
1212 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
1213 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
1217 static const ST_KAT_PARAM rsa_pub_key[] = {
1218 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1219 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1223 static const ST_KAT_PARAM rsa_priv_key[] = {
1224 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1225 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1226 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1230 static const ST_KAT_PARAM rsa_enc_params[] = {
1231 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
1232 OSSL_PKEY_RSA_PAD_MODE_NONE),
1236 static const unsigned char rsa_expected_sig[256] = {
1237 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1238 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1239 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1240 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1241 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1242 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1243 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1244 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1245 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1246 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1247 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1248 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1249 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1250 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1251 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1252 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1253 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1254 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1255 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1256 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1257 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1258 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1259 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1260 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1261 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1262 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1263 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1264 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1265 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1266 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1267 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1268 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1271 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1272 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1273 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1275 static const unsigned char rsa_asym_expected_encrypt[256] = {
1276 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1277 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1278 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1279 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1280 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1281 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1282 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1283 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1284 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1285 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1286 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1287 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1288 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1289 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1290 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1291 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1292 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1293 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1294 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1295 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1296 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1297 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1298 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1299 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1300 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1301 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1302 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1303 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1304 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1305 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1306 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1307 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1310 #ifndef OPENSSL_NO_EC
1311 /* ECDSA key data */
1312 static const char ecd_prime_curve_name[] = "secp224r1";
1313 static const unsigned char ecd_prime_priv[] = {
1314 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1315 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1316 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1317 0x80, 0x93, 0x50, 0x30
1319 static const unsigned char ecd_prime_pub[] = {
1320 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1321 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1322 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1323 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1324 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1325 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1326 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1329 static const ST_KAT_PARAM ecdsa_prime_key[] = {
1330 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name),
1331 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub),
1332 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),
1336 # ifndef OPENSSL_NO_EC2M
1337 static const char ecd_bin_curve_name[] = "sect233r1";
1338 static const unsigned char ecd_bin_priv[] = {
1339 0x00, 0x6d, 0xd6, 0x39, 0x9d, 0x2a, 0xa2, 0xc8,
1340 0x8c, 0xfc, 0x7b, 0x80, 0x66, 0xaa, 0xe1, 0xaa,
1341 0xba, 0xee, 0xcb, 0xfd, 0xc9, 0xe5, 0x36, 0x38,
1342 0x2e, 0xf7, 0x37, 0x6d, 0xd3, 0x20
1344 static const unsigned char ecd_bin_pub[] = {
1345 0x04, 0x00, 0x06, 0xe2, 0x56, 0xf7, 0x37, 0xf9,
1346 0xea, 0xb6, 0xd1, 0x0f, 0x59, 0xfa, 0x23, 0xc3,
1347 0x93, 0xa8, 0xb2, 0x26, 0xe2, 0x5c, 0x08, 0xbe,
1348 0x63, 0x49, 0x26, 0xdc, 0xc7, 0x1e, 0x6f, 0x01,
1349 0x32, 0x3b, 0xe6, 0x54, 0x8d, 0xc1, 0x13, 0x3e,
1350 0x54, 0xb2, 0x66, 0x89, 0xb2, 0x82, 0x0a, 0x72,
1351 0x02, 0xa8, 0xe9, 0x6f, 0x54, 0xfd, 0x3a, 0x6b,
1352 0x99, 0xb6, 0x8f, 0x80, 0x46
1354 static const ST_KAT_PARAM ecdsa_bin_key[] = {
1355 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_bin_curve_name),
1356 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_bin_pub),
1357 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_bin_priv),
1360 # endif /* OPENSSL_NO_EC2M */
1361 #endif /* OPENSSL_NO_EC */
1363 #ifndef OPENSSL_NO_DSA
1365 static const unsigned char dsa_p[] = {
1366 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1367 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1368 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1369 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1370 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1371 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1372 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1373 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1374 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1375 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1376 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1377 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1378 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1379 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1380 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1381 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1382 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1383 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1384 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1385 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1386 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1387 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1388 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1389 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1390 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1391 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1392 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1393 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1394 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1395 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1396 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1397 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1399 static const unsigned char dsa_q[] = {
1400 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1401 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1402 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1403 0x18, 0x90, 0x28, 0x67
1405 static const unsigned char dsa_g[] = {
1406 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1407 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1408 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1409 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1410 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1411 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1412 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1413 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1414 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1415 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1416 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1417 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1418 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1419 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1420 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1421 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1422 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1423 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1424 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1425 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1426 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1427 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1428 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1429 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1430 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1431 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1432 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1433 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1434 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1435 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1436 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1437 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1439 static const unsigned char dsa_pub[] = {
1440 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1441 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1442 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1443 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1444 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1445 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1446 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1447 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1448 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1449 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1450 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1451 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1452 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1453 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1454 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1455 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1456 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1457 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1458 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1459 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1460 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1461 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1462 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1463 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1464 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1465 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1466 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1467 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1468 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1469 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1470 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1471 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1473 static const unsigned char dsa_priv[] = {
1474 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1475 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1476 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1477 0x40, 0x7e, 0x5c, 0xb7
1480 static const ST_KAT_PARAM dsa_key[] = {
1481 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1482 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1483 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1484 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1485 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1488 #endif /* OPENSSL_NO_DSA */
1490 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1492 OSSL_SELF_TEST_DESC_SIGN_RSA,
1496 ITM(rsa_expected_sig)
1498 #ifndef OPENSSL_NO_EC
1500 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1505 * The ECDSA signature changes each time due to it using a random k.
1506 * So there is no expected KAT for this case.
1509 # ifndef OPENSSL_NO_EC2M
1511 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1516 * The ECDSA signature changes each time due to it using a random k.
1517 * So there is no expected KAT for this case.
1521 #endif /* OPENSSL_NO_EC */
1522 #ifndef OPENSSL_NO_DSA
1524 OSSL_SELF_TEST_DESC_SIGN_DSA,
1529 * The DSA signature changes each time due to it using a random k.
1530 * So there is no expected KAT for this case.
1533 #endif /* OPENSSL_NO_DSA */
1536 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1538 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1543 ITM(rsa_asym_plaintext_encrypt),
1544 ITM(rsa_asym_expected_encrypt),
1547 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1552 ITM(rsa_asym_expected_encrypt),
1553 ITM(rsa_asym_plaintext_encrypt),
1556 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1561 ITM(rsa_asym_expected_encrypt),
1562 ITM(rsa_asym_plaintext_encrypt),