2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) x, sizeof(x)
12 #define ITM_STR(x) x, (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21 #define ST_KAT_PARAM_INT(name, i) \
22 { name, OSSL_PARAM_INTEGER, &i, sizeof(i) }
24 /* used to store raw parameters for keys and algorithms */
25 typedef struct st_kat_param_st {
26 const char *name; /* an OSSL_PARAM name */
27 size_t type; /* the type associated with the data */
28 const void *data; /* unsigned char [], or char [] depending on the type */
29 size_t data_len; /* the length of the data */
32 typedef struct st_kat_st {
34 const char *algorithm;
35 const unsigned char *pt;
37 const unsigned char *expected;
41 typedef ST_KAT ST_KAT_DIGEST;
42 typedef struct st_kat_cipher_st {
44 const unsigned char *key;
46 const unsigned char *iv;
48 const unsigned char *aad;
50 const unsigned char *tag;
54 typedef struct st_kat_kdf_st {
56 const char *algorithm;
57 const ST_KAT_PARAM *params;
58 const unsigned char *expected;
62 typedef struct st_kat_drbg_st {
64 const char *algorithm;
65 const char *param_name;
67 const unsigned char *entropyin;
69 const unsigned char *nonce;
71 const unsigned char *persstr;
73 const unsigned char *entropyinpr1;
74 size_t entropyinpr1len;
75 const unsigned char *entropyinpr2;
76 size_t entropyinpr2len;
77 const unsigned char *entropyaddin1;
78 size_t entropyaddin1len;
79 const unsigned char *entropyaddin2;
80 size_t entropyaddin2len;
81 const unsigned char *expected;
85 typedef struct st_kat_kas_st {
87 const char *algorithm;
89 const ST_KAT_PARAM *key_group;
90 const ST_KAT_PARAM *key_host_data;
91 const ST_KAT_PARAM *key_peer_data;
93 const unsigned char *expected;
97 typedef struct st_kat_sign_st {
99 const char *algorithm;
100 const char *mdalgorithm;
101 const ST_KAT_PARAM *key;
102 const unsigned char *sig_expected; /* Set to NULL if this value changes */
103 size_t sig_expected_len;
106 typedef struct st_kat_asym_cipher_st {
108 const char *algorithm;
110 const ST_KAT_PARAM *key;
111 const ST_KAT_PARAM *postinit;
112 const unsigned char *in;
114 const unsigned char *expected;
116 } ST_KAT_ASYM_CIPHER;
118 /*- DIGEST TEST DATA */
119 static const unsigned char sha1_pt[] = "abc";
120 static const unsigned char sha1_digest[] = {
121 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
122 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
125 static const unsigned char sha512_pt[] = "abc";
126 static const unsigned char sha512_digest[] = {
127 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
128 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
129 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
130 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
131 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
132 0xA5, 0x4C, 0xA4, 0x9F
134 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
135 static const unsigned char sha3_256_digest[] = {
136 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
137 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
138 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
141 static const ST_KAT_DIGEST st_kat_digest_tests[] =
144 OSSL_SELF_TEST_DESC_MD_SHA1,
150 OSSL_SELF_TEST_DESC_MD_SHA2,
156 OSSL_SELF_TEST_DESC_MD_SHA3,
159 ITM(sha3_256_digest),
164 /*- CIPHER TEST DATA */
167 static const unsigned char des_ede3_cbc_pt[] = {
168 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
169 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
170 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
171 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
173 static const unsigned char des_ede3_cbc_key[] = {
174 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
175 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
176 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
178 static const unsigned char des_ede3_cbc_iv[] = {
179 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
181 static const unsigned char des_ede3_cbc_ct[] = {
182 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
183 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
184 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
185 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
188 /* AES-256 GCM test data */
189 static const unsigned char aes_256_gcm_key[] = {
190 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
191 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
192 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
193 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
195 static const unsigned char aes_256_gcm_iv[] = {
196 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
197 0xe9, 0x02, 0xf2, 0x1a
199 static const unsigned char aes_256_gcm_pt[] = {
200 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
201 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
203 static const unsigned char aes_256_gcm_aad[] = {
204 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
205 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
207 static const unsigned char aes_256_gcm_ct[] = {
208 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
209 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
211 static const unsigned char aes_256_gcm_tag[] = {
212 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
213 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
216 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
217 #ifndef OPENSSL_NO_DES
220 OSSL_SELF_TEST_DESC_CIPHER_TDES,
222 ITM(des_ede3_cbc_pt),
225 ITM(des_ede3_cbc_key),
226 ITM(des_ede3_cbc_iv),
231 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
236 ITM(aes_256_gcm_key),
238 ITM(aes_256_gcm_aad),
243 static const char hkdf_digest[] = "SHA256";
244 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
245 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
246 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
248 static const ST_KAT_PARAM hkdf_params[] = {
249 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
250 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
251 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
252 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
255 static const unsigned char hkdf_expected[] = {
256 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
260 static const char sskdf_digest[] = "SHA224";
261 static const unsigned char sskdf_secret[] = {
262 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
263 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
264 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
265 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
266 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
267 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
268 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
270 static const unsigned char sskdf_otherinfo[] = {
271 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
272 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
273 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
274 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
275 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
276 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
278 static const unsigned char sskdf_expected[] = {
279 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
280 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
282 static const ST_KAT_PARAM sskdf_params[] = {
283 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
284 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
285 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
289 static const char x942kdf_digest[] = "SHA1";
290 static const char x942kdf_cekalg[] = "AES-128-WRAP";
291 static const unsigned char x942kdf_secret[] = {
292 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
293 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
294 0x10, 0x11, 0x12, 0x13
296 static const unsigned char x942kdf_expected[] = {
297 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
298 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
300 static const ST_KAT_PARAM x942kdf_params[] = {
301 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
302 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
303 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
307 static const char x963kdf_digest[] = "SHA256";
308 static const unsigned char x963kdf_otherinfo[] = {
309 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
310 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
312 static const unsigned char x963kdf_secret[] = {
313 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
314 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
315 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
317 static const unsigned char x963kdf_expected[] = {
318 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
319 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
320 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
321 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
323 static const ST_KAT_PARAM x963kdf_params[] = {
324 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
325 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
326 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
330 static const char pbkdf2_digest[] = "SHA256";
331 static const unsigned char pbkdf2_password[] = {
332 0x70, 0x61, 0x73, 0x73, 0x00, 0x77, 0x6f, 0x72,
335 static const unsigned char pbkdf2_salt[] = {
336 0x73, 0x61, 0x00, 0x6c, 0x74
338 static const unsigned char pbkdf2_expected[] = {
339 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
340 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
342 static int pbkdf2_iterations = 4096;
343 static int pbkdf2_pkcs5 = 1;
344 static const ST_KAT_PARAM pbkdf2_params[] = {
345 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
346 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
347 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
348 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
349 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
353 static const char sshkdf_digest[] = "SHA1";
354 static const char sshkdf_type[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
355 static const unsigned char sshkdf_key[] = {
356 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
357 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
358 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
359 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
360 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
361 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
362 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
363 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
364 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
365 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
366 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
367 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
368 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
369 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
370 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
371 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
372 0xfb, 0xa9, 0x4a, 0x59,
374 static const unsigned char sshkdf_xcghash[] = {
375 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
376 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
377 0xdc, 0x88, 0x92, 0x45,
379 static const unsigned char sshkdf_session_id[] = {
380 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
381 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
382 0xdc, 0x88, 0x92, 0x45,
384 static const unsigned char sshkdf_expected[] = {
385 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
387 static const ST_KAT_PARAM sshkdf_params[] = {
388 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
389 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
390 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
391 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
392 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
396 static const char tls12prf_digest[] = "SHA256";
397 static const unsigned char tls12prf_secret[] = {
398 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
399 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
400 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
401 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
402 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
403 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
405 static const unsigned char tls12prf_seed[] = {
406 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
407 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
408 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
409 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
410 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
411 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
412 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
413 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
414 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
416 static const unsigned char tls12prf_expected[] = {
417 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
418 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
419 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
420 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
421 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
422 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
423 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
424 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
425 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
426 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
427 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
428 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
429 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
430 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
431 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
432 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
434 static const ST_KAT_PARAM tls12prf_params[] = {
435 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
436 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
437 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
441 static const char kbkdf_digest[] = "SHA256";
442 static const char kbkdf_mac[] = "HMAC";
443 static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
444 static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
445 static unsigned char kbkdf_key[] = {
446 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
447 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
449 static unsigned char kbkdf_expected[] = {
450 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
451 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
452 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
453 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
455 static const ST_KAT_PARAM kbkdf_params[] = {
456 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
457 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
458 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
459 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
460 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
464 static const ST_KAT_KDF st_kat_kdf_tests[] =
467 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
468 OSSL_KDF_NAME_TLS1_PRF,
470 ITM(tls12prf_expected)
473 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
474 OSSL_KDF_NAME_PBKDF2,
479 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
480 OSSL_KDF_NAME_SSHKDF,
485 OSSL_SELF_TEST_DESC_KDF_KBKDF,
491 OSSL_SELF_TEST_DESC_KDF_HKDF,
497 OSSL_SELF_TEST_DESC_KDF_SSKDF,
503 OSSL_SELF_TEST_DESC_KDF_X963KDF,
504 OSSL_KDF_NAME_X963KDF,
506 ITM(x963kdf_expected)
509 OSSL_SELF_TEST_DESC_KDF_X942KDF,
510 OSSL_KDF_NAME_X942KDF_ASN1,
512 ITM(x942kdf_expected)
517 * DRBG test vectors are a small subset of
518 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
519 * Using the folder drbgvectors_pr_true
520 * Generated for CAVS 14.3.
527 * [PredictionResistance = True]
528 * [EntropyInputLen = 256]
530 * [PersonalizationStringLen = 256]
531 * [AdditionalInputLen = 256]
532 * [ReturnedBitsLen = 1024]
536 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
537 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
538 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
539 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
541 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
542 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
543 0xf0, 0xe5, 0x07, 0x1f
545 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
546 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
547 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
548 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
550 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
551 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
552 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
553 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
555 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
556 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
557 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
558 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
560 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
561 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
562 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
563 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
565 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
566 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
567 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
568 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
570 static const unsigned char drbg_hash_sha256_pr_expected[] = {
571 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
572 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
573 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
574 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
575 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
576 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
577 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
578 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
579 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
580 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
581 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
588 * [PredictionResistance = True]
589 * [EntropyInputLen = 128]
591 * [PersonalizationStringLen = 128]
592 * [AdditionalInputLen = 128]
593 * [ReturnedBitsLen = 512]
597 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
598 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
599 0x43, 0xdf, 0xf8, 0x18
601 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
602 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
604 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
605 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
606 0x37, 0x3c, 0x5c, 0x0b
608 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
609 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
610 0xc4, 0x2c, 0xe8, 0x10
612 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
613 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
614 0x08, 0xf7, 0xa5, 0x01
616 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
617 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
618 0x23, 0x6d, 0xad, 0x1d
620 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
621 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
622 0xbc, 0x59, 0x31, 0x8c
624 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
625 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
626 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
627 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
628 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
629 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
630 0x23, 0xc5, 0x1f, 0x68
637 * [PredictionResistance = True]
638 * [EntropyInputLen = 128]
640 * [PersonalizationStringLen = 128]
641 * [AdditionalInputLen = 128]
642 * [ReturnedBitsLen = 640]
646 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
647 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
648 0x79, 0x9e, 0xe5, 0xd8
650 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
651 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
653 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
654 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
655 0xa9, 0x31, 0x3d, 0xd7
657 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
658 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
659 0x5f, 0x22, 0xc6, 0xa4
661 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
662 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
663 0x2d, 0x1a, 0xf7, 0xa6
665 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
666 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
667 0xc1, 0x8c, 0xd9, 0xd7
669 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
670 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
671 0xa1, 0x37, 0x12, 0x0c
673 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
674 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
675 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
676 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
677 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
678 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
679 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
680 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
683 static const ST_KAT_DRBG st_kat_drbg_tests[] =
686 OSSL_SELF_TEST_DESC_DRBG_HASH,
687 "HASH-DRBG", "digest", "SHA256",
688 ITM(drbg_hash_sha256_pr_entropyin),
689 ITM(drbg_hash_sha256_pr_nonce),
690 ITM(drbg_hash_sha256_pr_persstr),
691 ITM(drbg_hash_sha256_pr_entropyinpr0),
692 ITM(drbg_hash_sha256_pr_entropyinpr1),
693 ITM(drbg_hash_sha256_pr_addin0),
694 ITM(drbg_hash_sha256_pr_addin1),
695 ITM(drbg_hash_sha256_pr_expected)
698 OSSL_SELF_TEST_DESC_DRBG_CTR,
699 "CTR-DRBG", "cipher", "AES-128-CTR",
700 ITM(drbg_ctr_aes128_pr_df_entropyin),
701 ITM(drbg_ctr_aes128_pr_df_nonce),
702 ITM(drbg_ctr_aes128_pr_df_persstr),
703 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
704 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
705 ITM(drbg_ctr_aes128_pr_df_addin0),
706 ITM(drbg_ctr_aes128_pr_df_addin1),
707 ITM(drbg_ctr_aes128_pr_df_expected)
710 OSSL_SELF_TEST_DESC_DRBG_HMAC,
711 "HMAC-DRBG", "digest", "SHA1",
712 ITM(drbg_hmac_sha1_pr_entropyin),
713 ITM(drbg_hmac_sha1_pr_nonce),
714 ITM(drbg_hmac_sha1_pr_persstr),
715 ITM(drbg_hmac_sha1_pr_entropyinpr0),
716 ITM(drbg_hmac_sha1_pr_entropyinpr1),
717 ITM(drbg_hmac_sha1_pr_addin0),
718 ITM(drbg_hmac_sha1_pr_addin1),
719 ITM(drbg_hmac_sha1_pr_expected)
723 /* KEY EXCHANGE TEST DATA */
725 #ifndef OPENSSL_NO_DH
727 static const unsigned char dh_p[] = {
728 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
729 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
730 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
731 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
732 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
733 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
734 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
735 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
736 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
737 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
738 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
739 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
740 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
741 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
742 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
743 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
744 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
745 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
746 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
747 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
748 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
749 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
750 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
751 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
752 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
753 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
754 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
755 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
756 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
757 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
758 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
759 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
761 static const unsigned char dh_q[] = {
762 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
763 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
764 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
765 0x11, 0xac, 0xb5, 0x7d
767 static const unsigned char dh_g[] = {
768 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
769 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
770 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
771 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
772 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
773 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
774 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
775 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
776 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
777 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
778 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
779 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
780 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
781 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
782 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
783 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
784 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
785 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
786 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
787 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
788 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
789 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
790 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
791 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
792 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
793 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
794 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
795 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
796 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
797 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
798 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
799 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
801 static const unsigned char dh_priv[] = {
802 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
803 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
804 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
805 0x40, 0xb8, 0xfc, 0xe6
807 static const unsigned char dh_pub[] = {
808 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
809 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
810 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
811 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
812 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
813 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
814 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
815 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
816 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
817 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
818 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
819 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
820 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
821 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
822 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
823 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
824 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
825 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
826 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
827 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
828 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
829 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
830 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
831 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
832 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
833 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
834 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
835 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
836 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
837 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
838 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
839 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
841 static const unsigned char dh_peer_pub[] = {
842 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
843 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
844 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
845 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
846 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
847 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
848 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
849 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
850 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
851 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
852 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
853 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
854 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
855 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
856 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
857 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
858 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
859 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
860 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
861 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
862 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
863 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
864 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
865 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
866 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
867 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
868 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
869 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
870 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
871 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
872 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
873 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
876 static const unsigned char dh_secret_expected[] = {
877 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
878 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
879 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
880 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
881 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
882 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
883 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
884 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
885 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
886 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
887 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
888 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
889 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
890 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
891 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
892 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
893 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
894 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
895 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
896 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
897 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
898 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
899 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
900 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
901 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
902 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
903 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
904 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
905 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
906 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
907 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
908 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
911 static const ST_KAT_PARAM dh_group[] = {
912 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
913 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
914 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
918 /* The host's private key */
919 static const ST_KAT_PARAM dh_host_key[] = {
920 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
921 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
925 /* The peer's public key */
926 static const ST_KAT_PARAM dh_peer_key[] = {
927 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
930 #endif /* OPENSSL_NO_DH */
933 #ifndef OPENSSL_NO_EC
934 static const char ecdh_curve_name[] = "prime256v1";
935 static const unsigned char ecdh_privd[] = {
936 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
937 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
938 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
939 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
941 static const unsigned char ecdh_pub[] = {
943 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
944 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
945 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
946 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
947 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
948 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
949 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
950 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
952 static const unsigned char ecdh_peer_pub[] = {
954 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
955 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
956 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
957 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
958 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
959 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
960 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
961 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
964 static const ST_KAT_PARAM ecdh_group[] = {
965 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
968 static const ST_KAT_PARAM ecdh_host_key[] = {
969 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
970 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
973 static const ST_KAT_PARAM ecdh_peer_key[] = {
974 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
977 static const unsigned char ecdh_secret_expected[] = {
978 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
979 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
980 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
981 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
983 #endif /* OPENSSL_NO_EC */
985 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
986 static const ST_KAT_KAS st_kat_kas_tests[] =
988 # ifndef OPENSSL_NO_DH
990 OSSL_SELF_TEST_DESC_KA_DH,
995 ITM(dh_secret_expected)
997 # endif /* OPENSSL_NO_DH */
998 # ifndef OPENSSL_NO_EC
1000 OSSL_SELF_TEST_DESC_KA_ECDH,
1005 ITM(ecdh_secret_expected)
1007 # endif /* OPENSSL_NO_EC */
1009 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1012 static const unsigned char rsa_n[] = {
1013 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1014 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1015 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1016 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1017 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1018 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1019 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1020 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1021 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1022 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1023 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1024 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1025 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1026 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1027 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1028 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1029 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1030 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1031 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1032 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1033 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1034 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1035 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1036 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1037 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1038 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1039 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1040 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1041 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1042 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1043 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1044 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1046 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1047 static const unsigned char rsa_d[] = {
1048 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1049 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1050 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1051 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1052 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1053 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1054 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1055 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1056 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1057 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1058 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1059 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1060 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1061 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1062 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1063 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1064 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1065 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1066 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1067 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1068 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1069 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1070 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1071 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1072 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1073 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1074 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1075 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1076 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1077 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1078 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1079 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1081 static const unsigned char rsa_p[] = {
1082 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1083 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1084 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1085 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1086 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1087 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1088 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1089 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1090 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1091 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1092 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1093 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1094 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1095 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1096 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1097 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1099 static const unsigned char rsa_q[] = {
1100 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1101 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1102 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1103 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1104 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1105 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1106 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1107 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1108 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1109 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1110 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1111 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1112 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1113 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1114 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1115 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1117 static const unsigned char rsa_dp[] = {
1118 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1119 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1120 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1121 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1122 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1123 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1124 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1125 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1126 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1127 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1128 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1129 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1130 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1131 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1132 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1133 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1135 static const unsigned char rsa_dq[] = {
1136 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1137 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1138 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1139 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1140 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1141 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1142 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1143 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1144 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1145 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1146 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1147 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1148 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1149 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1150 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1151 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1153 static const unsigned char rsa_qInv[] = {
1154 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1155 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1156 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1157 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1158 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1159 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1160 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1161 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1162 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1163 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1164 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1165 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1166 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1167 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1168 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1169 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1172 static const ST_KAT_PARAM rsa_crt_key[] = {
1173 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1174 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1175 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1176 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
1177 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
1178 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
1179 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
1180 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
1184 static const ST_KAT_PARAM rsa_pub_key[] = {
1185 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1186 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1190 static const ST_KAT_PARAM rsa_priv_key[] = {
1191 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1192 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1193 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1197 static const ST_KAT_PARAM rsa_enc_params[] = {
1198 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
1199 OSSL_PKEY_RSA_PAD_MODE_NONE),
1203 static const unsigned char rsa_expected_sig[256] = {
1204 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1205 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1206 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1207 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1208 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1209 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1210 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1211 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1212 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1213 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1214 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1215 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1216 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1217 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1218 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1219 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1220 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1221 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1222 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1223 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1224 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1225 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1226 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1227 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1228 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1229 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1230 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1231 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1232 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1233 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1234 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1235 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1238 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1239 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1240 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1242 static const unsigned char rsa_asym_expected_encrypt[256] = {
1243 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1244 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1245 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1246 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1247 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1248 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1249 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1250 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1251 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1252 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1253 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1254 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1255 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1256 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1257 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1258 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1259 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1260 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1261 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1262 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1263 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1264 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1265 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1266 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1267 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1268 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1269 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1270 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1271 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1272 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1273 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1274 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1277 #ifndef OPENSSL_NO_EC
1278 /* ECDSA key data */
1279 static const char ecd_curve_name[] = "secp224r1";
1280 static const unsigned char ecd_priv[] = {
1281 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1282 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1283 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1284 0x80, 0x93, 0x50, 0x30
1286 static const unsigned char ecd_pub[] = {
1287 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1288 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1289 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1290 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1291 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1292 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1293 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1297 static const ST_KAT_PARAM ecdsa_key[] = {
1298 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_curve_name),
1299 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1300 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1303 #endif /* OPENSSL_NO_EC */
1305 #ifndef OPENSSL_NO_DSA
1307 static const unsigned char dsa_p[] = {
1308 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1309 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1310 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1311 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1312 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1313 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1314 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1315 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1316 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1317 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1318 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1319 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1320 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1321 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1322 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1323 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1324 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1325 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1326 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1327 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1328 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1329 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1330 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1331 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1332 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1333 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1334 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1335 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1336 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1337 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1338 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1339 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1341 static const unsigned char dsa_q[] = {
1342 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1343 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1344 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1345 0x18, 0x90, 0x28, 0x67
1347 static const unsigned char dsa_g[] = {
1348 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1349 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1350 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1351 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1352 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1353 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1354 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1355 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1356 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1357 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1358 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1359 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1360 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1361 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1362 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1363 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1364 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1365 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1366 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1367 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1368 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1369 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1370 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1371 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1372 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1373 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1374 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1375 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1376 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1377 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1378 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1379 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1381 static const unsigned char dsa_pub[] = {
1382 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1383 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1384 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1385 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1386 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1387 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1388 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1389 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1390 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1391 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1392 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1393 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1394 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1395 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1396 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1397 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1398 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1399 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1400 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1401 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1402 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1403 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1404 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1405 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1406 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1407 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1408 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1409 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1410 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1411 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1412 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1413 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1415 static const unsigned char dsa_priv[] = {
1416 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1417 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1418 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1419 0x40, 0x7e, 0x5c, 0xb7
1422 static const ST_KAT_PARAM dsa_key[] = {
1423 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1424 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1425 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1426 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1427 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1430 #endif /* OPENSSL_NO_DSA */
1432 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1434 OSSL_SELF_TEST_DESC_SIGN_RSA,
1438 ITM(rsa_expected_sig)
1440 #ifndef OPENSSL_NO_EC
1442 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1447 * The ECDSA signature changes each time due to it using a random k.
1448 * So there is no expected KAT for this case.
1451 #endif /* OPENSSL_NO_EC */
1452 #ifndef OPENSSL_NO_DSA
1454 OSSL_SELF_TEST_DESC_SIGN_DSA,
1459 * The DSA signature changes each time due to it using a random k.
1460 * So there is no expected KAT for this case.
1463 #endif /* OPENSSL_NO_DSA */
1466 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1468 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1473 ITM(rsa_asym_plaintext_encrypt),
1474 ITM(rsa_asym_expected_encrypt),
1477 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1482 ITM(rsa_asym_expected_encrypt),
1483 ITM(rsa_asym_plaintext_encrypt),
1486 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1491 ITM(rsa_asym_expected_encrypt),
1492 ITM(rsa_asym_plaintext_encrypt),
projects / openssl.git / blob