5a66162caee64f1f812f918e27434cdb75312ade
[openssl.git] / test / evp_pkey_provided_test.c
1 /*
2  * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/serializer.h>
14 #include <openssl/provider.h>
15 #include <openssl/params.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "internal/nelem.h"
19 #include "openssl/param_build.h"
20 #include "crypto/evp.h"          /* For the internal API */
21 #include "testutil.h"
22
23 static char *datadir = NULL;
24
25 #define PRIV_TEXT    0
26 #define PRIV_PEM     1
27 #define PRIV_DER     2
28 #define PUB_TEXT     3
29 #define PUB_PEM      4
30 #define PUB_DER      5
31
32 static void stripcr(char *buf, size_t *len)
33 {
34     size_t i;
35     char *curr, *writ;
36
37     for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
38         if (*curr == '\r') {
39             (*len)--;
40             continue;
41         }
42         if (curr != writ)
43             *writ = *curr;
44         writ++;
45     }
46 }
47
48 static int compare_with_file(const char *alg, int type, BIO *membio)
49 {
50     char filename[80];
51     BIO *file = NULL;
52     char buf[4096];
53     char *memdata, *fullfile = NULL;
54     const char *suffix;
55     size_t readbytes;
56     int ret = 0;
57     int len;
58     size_t slen;
59
60     switch (type) {
61     case PRIV_TEXT:
62         suffix = "priv.txt";
63         break;
64
65     case PRIV_PEM:
66         suffix = "priv.pem";
67         break;
68
69     case PRIV_DER:
70         suffix = "priv.der";
71         break;
72
73     case PUB_TEXT:
74         suffix = "pub.txt";
75         break;
76
77     case PUB_PEM:
78         suffix = "pub.pem";
79         break;
80
81     case PUB_DER:
82         suffix = "pub.der";
83         break;
84
85     default:
86         TEST_error("Invalid file type");
87         goto err;
88     }
89
90     BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91     fullfile = test_mk_file_path(datadir, filename);
92     if (!TEST_ptr(fullfile))
93         goto err;
94
95     file = BIO_new_file(fullfile, "rb");
96     if (!TEST_ptr(file))
97         goto err;
98
99     if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100             || !TEST_true(BIO_eof(file))
101             || !TEST_size_t_lt(readbytes, sizeof(buf)))
102         goto err;
103
104     len = BIO_get_mem_data(membio, &memdata);
105     if (!TEST_int_gt(len, 0))
106         goto err;
107
108     slen = len;
109     if (type != PRIV_DER && type != PUB_DER) {
110         stripcr(memdata, &slen);
111         stripcr(buf, &readbytes);
112     }
113
114     if (!TEST_mem_eq(memdata, slen, buf, readbytes))
115         goto err;
116
117     ret = 1;
118  err:
119     OPENSSL_free(fullfile);
120     (void)BIO_reset(membio);
121     BIO_free(file);
122     return ret;
123 }
124
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
126 {
127     BIO *membio = BIO_new(BIO_s_mem());
128     int ret = 0;
129
130     if (!TEST_ptr(membio))
131         goto err;
132
133     if (!TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
134         || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
135         /* Public key in PEM form */
136         || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
137         || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
138         /* Unencrypted private key in PEM form */
139         || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
140                                                NULL, NULL, 0, NULL, NULL))
141         || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
142         /* Encrypted private key in PEM form */
143         || !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
144                                                (unsigned char *)"pass", 4,
145                                                NULL, NULL)))
146         goto err;
147
148     ret = 1;
149  err:
150     BIO_free(membio);
151     return ret;
152 }
153
154 static int test_print_key_type_using_serializer(const char *alg, int type,
155                                                 const EVP_PKEY *pk)
156 {
157     const char *pq;
158     OSSL_SERIALIZER_CTX *ctx = NULL;
159     BIO *membio = BIO_new(BIO_s_mem());
160     int ret = 0;
161
162     switch (type) {
163     case PRIV_TEXT:
164         pq = OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ;
165         break;
166
167     case PRIV_PEM:
168         pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
169         break;
170
171     case PRIV_DER:
172         pq = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
173         break;
174
175     case PUB_TEXT:
176         pq = OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ;
177         break;
178
179     case PUB_PEM:
180         pq = OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ;
181         break;
182
183     case PUB_DER:
184         pq = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
185         break;
186
187     default:
188         TEST_error("Invalid serialization type");
189         goto err;
190     }
191
192     if (!TEST_ptr(membio))
193         goto err;
194
195     /* Make a context, it's valid for several prints */
196     TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
197     if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
198         /* Check that this operation is supported */
199         || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx)))
200         goto err;
201
202     /* Use no cipher.  This should give us an unencrypted PEM */
203     TEST_note("Testing with no encryption");
204     if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
205         || !TEST_true(compare_with_file(alg, type, membio)))
206         goto err;
207
208     if (type == PRIV_PEM) {
209         /* Set a passphrase to be used later */
210         if (!TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
211                                                           (unsigned char *)"pass",
212                                                           4)))
213             goto err;
214
215         /* Use a valid cipher name */
216         TEST_note("Displaying PEM encrypted with AES-256-CBC");
217         if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
218             || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
219             goto err;
220
221         /* Use an invalid cipher name, which should generate no output */
222         TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
223         if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
224             || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
225             goto err;
226
227         /* Clear the cipher.  This should give us an unencrypted PEM again */
228         TEST_note("Testing with encryption cleared (no encryption)");
229         if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
230             || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
231             || !TEST_true(compare_with_file(alg, type, membio)))
232             goto err;
233     }
234     ret = 1;
235 err:
236     BIO_free(membio);
237     OSSL_SERIALIZER_CTX_free(ctx);
238     return ret;
239 }
240
241 static int test_print_key_using_serializer(const char *alg, const EVP_PKEY *pk)
242 {
243     int i;
244     int ret = 1;
245
246     for (i = 0; i < 6; i++)
247         ret = ret && test_print_key_type_using_serializer(alg, i, pk);
248
249     return ret;
250 }
251
252 /* Array indexes used in test_fromdata_rsa */
253 #define N       0
254 #define E       1
255 #define D       2
256 #define P       3
257 #define Q       4
258 #define DP      5
259 #define DQ      6
260 #define QINV    7
261
262 static int test_fromdata_rsa(void)
263 {
264     int ret = 0, i;
265     EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
266     EVP_PKEY *pk = NULL, *copy_pk = NULL;
267     /*
268      * 32-bit RSA key, extracted from this command,
269      * executed with OpenSSL 1.0.2:
270      *
271      * openssl genrsa 32 | openssl rsa -text
272      */
273     static unsigned long key_numbers[] = {
274         0xbc747fc5,              /* N */
275         0x10001,                 /* E */
276         0x7b133399,              /* D */
277         0xe963,                  /* P */
278         0xceb7,                  /* Q */
279         0x8599,                  /* DP */
280         0xbd87,                  /* DQ */
281         0xcc3b,                  /* QINV */
282     };
283     OSSL_PARAM fromdata_params[] = {
284         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
285         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
286         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
287         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
288         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
289         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
290         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
291         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
292         OSSL_PARAM_END
293     };
294     BIGNUM *bn = BN_new();
295     BIGNUM *bn_from = BN_new();
296
297     if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
298         goto err;
299
300     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
301         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
302         || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
303         || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
304         || !TEST_int_eq(EVP_PKEY_size(pk), 4))
305         goto err;
306
307     if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
308         goto err;
309
310     if (!TEST_true(EVP_PKEY_check(key_ctx))
311         || !TEST_true(EVP_PKEY_public_check(key_ctx))
312         || !TEST_true(EVP_PKEY_private_check(key_ctx))
313         || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
314         goto err;
315
316     /* EVP_PKEY_copy_parameters() should fail for RSA */
317     if (!TEST_ptr(copy_pk = EVP_PKEY_new())
318         || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
319         goto err;
320
321     for (i = 0; fromdata_params[i].key != NULL; ++i) {
322         if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
323             || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
324             || !TEST_BN_eq(bn, bn_from))
325             goto err;
326     }
327     ret = test_print_key_using_pem("RSA", pk)
328           && test_print_key_using_serializer("RSA", pk);
329  err:
330     BN_free(bn_from);
331     BN_free(bn);
332     EVP_PKEY_free(pk);
333     EVP_PKEY_free(copy_pk);
334     EVP_PKEY_CTX_free(key_ctx);
335     EVP_PKEY_CTX_free(ctx);
336
337     return ret;
338 }
339
340 static int test_evp_pkey_get_bn_param_large(void)
341 {
342     int ret = 0;
343     EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
344     EVP_PKEY *pk = NULL;
345     OSSL_PARAM_BLD *bld = NULL;
346     OSSL_PARAM *fromdata_params = NULL;
347     BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
348     /*
349      * The buffer size chosen here for n_data larger than the buffer used
350      * internally in EVP_PKEY_get_bn_param.
351      */
352     static unsigned char n_data[2050];
353     static const unsigned char e_data[] = {
354         0x1, 0x00, 0x01
355     };
356     static const unsigned char d_data[]= {
357        0x99, 0x33, 0x13, 0x7b
358     };
359
360     /* N is a large buffer */
361     memset(n_data, 0xCE, sizeof(n_data));
362
363     if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
364         || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
365         || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
366         || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
367         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
368         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
369         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
370         || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
371         || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
372         || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
373         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
374         || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
375         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
376         || !TEST_BN_eq(n, n_out))
377         goto err;
378     ret = 1;
379  err:
380     BN_free(n_out);
381     BN_free(n);
382     BN_free(e);
383     BN_free(d);
384     EVP_PKEY_free(pk);
385     EVP_PKEY_CTX_free(key_ctx);
386     EVP_PKEY_CTX_free(ctx);
387     OSSL_PARAM_BLD_free_params(fromdata_params);
388     OSSL_PARAM_BLD_free(bld);
389     return ret;
390 }
391
392
393 #ifndef OPENSSL_NO_DH
394 /* Array indexes used in test_fromdata_dh */
395 #define PRIV_KEY        0
396 #define PUB_KEY         1
397 #define FFC_P           2
398 #define FFC_G           3
399
400 static int test_fromdata_dh(void)
401 {
402     int ret = 0;
403     EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
404     EVP_PKEY *pk = NULL, *copy_pk = NULL;
405     /*
406      * 32-bit DH key, extracted from this command,
407      * executed with OpenSSL 1.0.2:
408      *
409      * openssl dhparam -out dhp.pem 32
410      * openssl genpkey -paramfile dhp.pem | openssl pkey -text
411      */
412     static unsigned long key_numbers[] = {
413         0x666c2b06,              /* priv-key */
414         0x6fa6de50,              /* pub-key */
415         0x8bb45f53,              /* P */
416         0x2,                     /* G */
417     };
418     OSSL_PARAM fromdata_params[] = {
419         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_PRIV_KEY, &key_numbers[PRIV_KEY]),
420         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_PUB_KEY, &key_numbers[PUB_KEY]),
421         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_FFC_P, &key_numbers[FFC_P]),
422         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_FFC_G, &key_numbers[FFC_G]),
423         OSSL_PARAM_END
424     };
425
426     if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
427         goto err;
428
429     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
430         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
431         || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
432         || !TEST_int_eq(EVP_PKEY_security_bits(pk), 0) /* Missing Q */
433         || !TEST_int_eq(EVP_PKEY_size(pk), 4))
434         goto err;
435
436     if (!TEST_ptr(copy_pk = EVP_PKEY_new())
437         || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
438         goto err;
439
440     if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
441         goto err;
442
443     if (!TEST_false(EVP_PKEY_check(key_ctx))
444         || !TEST_true(EVP_PKEY_public_check(key_ctx))
445         || !TEST_false(EVP_PKEY_private_check(key_ctx)) /* Need a q */
446         || !TEST_false(EVP_PKEY_pairwise_check(key_ctx)))
447         goto err;
448
449     ret = test_print_key_using_pem("DH", pk)
450           && test_print_key_using_serializer("DH", pk);
451  err:
452     EVP_PKEY_free(pk);
453     EVP_PKEY_free(copy_pk);
454     EVP_PKEY_CTX_free(ctx);
455     EVP_PKEY_CTX_free(key_ctx);
456
457     return ret;
458 }
459 #endif
460
461 #ifndef OPENSSL_NO_EC
462 /* Array indexes used in test_fromdata_ecx */
463 # define PRIV_KEY        0
464 # define PUB_KEY         1
465
466 # define X25519_IDX      0
467 # define X448_IDX        1
468 # define ED25519_IDX     2
469 # define ED448_IDX       3
470
471 static int test_fromdata_ecx(int tst)
472 {
473     int ret = 0;
474     EVP_PKEY_CTX *ctx = NULL;
475     EVP_PKEY *pk = NULL, *copy_pk = NULL;
476     const char *alg = NULL;
477     size_t len;
478     unsigned char out_pub[ED448_KEYLEN];
479     unsigned char out_priv[ED448_KEYLEN];
480
481     /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
482     static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
483         /* X25519: Keys from RFC 7748 6.1 */
484         {
485             /* Private Key */
486             {
487                 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
488                 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
489                 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
490                 0x2c, 0x2a
491             },
492             /* Public Key */
493             {
494                 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
495                 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
496                 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
497                 0x4e, 0x6a
498             }
499         },
500         /* X448: Keys from RFC 7748 6.2 */
501         {
502             /* Private Key */
503             {
504                 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
505                 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
506                 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
507                 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
508                 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
509                 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
510             },
511             /* Public Key */
512             {
513                 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
514                 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
515                 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
516                 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
517                 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
518                 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
519             }
520         },
521         /* ED25519: Keys from RFC 8032 */
522         {
523             /* Private Key */
524             {
525                 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
526                 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
527                 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
528                 0x7f, 0x60
529             },
530             /* Public Key */
531             {
532                 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
533                 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
534                 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
535                 0x51, 0x1a
536             }
537         },
538         /* ED448: Keys from RFC 8032 */
539         {
540             /* Private Key */
541             {
542                 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
543                 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
544                 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
545                 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
546                 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
547                 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
548             },
549             /* Public Key */
550             {
551                 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
552                 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
553                 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
554                 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
555                 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
556                 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
557             }
558         }
559     };
560     OSSL_PARAM x25519_fromdata_params[] = {
561         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
562                                 key_numbers[X25519_IDX][PRIV_KEY],
563                                 X25519_KEYLEN),
564         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
565                                 key_numbers[X25519_IDX][PUB_KEY],
566                                 X25519_KEYLEN),
567         OSSL_PARAM_END
568     };
569     OSSL_PARAM x448_fromdata_params[] = {
570         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
571                                 key_numbers[X448_IDX][PRIV_KEY],
572                                 X448_KEYLEN),
573         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
574                                 key_numbers[X448_IDX][PUB_KEY],
575                                 X448_KEYLEN),
576         OSSL_PARAM_END
577     };
578     OSSL_PARAM ed25519_fromdata_params[] = {
579         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
580                                 key_numbers[ED25519_IDX][PRIV_KEY],
581                                 ED25519_KEYLEN),
582         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
583                                 key_numbers[ED25519_IDX][PUB_KEY],
584                                 ED25519_KEYLEN),
585         OSSL_PARAM_END
586     };
587     OSSL_PARAM ed448_fromdata_params[] = {
588         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
589                                 key_numbers[ED448_IDX][PRIV_KEY],
590                                 ED448_KEYLEN),
591         OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
592                                 key_numbers[ED448_IDX][PUB_KEY],
593                                 ED448_KEYLEN),
594         OSSL_PARAM_END
595     };
596     OSSL_PARAM *fromdata_params = NULL;
597     int bits = 0, security_bits = 0, size = 0;
598
599     switch (tst) {
600     case X25519_IDX:
601         fromdata_params = x25519_fromdata_params;
602         bits = X25519_BITS;
603         security_bits = X25519_SECURITY_BITS;
604         size = X25519_KEYLEN;
605         alg = "X25519";
606         break;
607
608     case X448_IDX:
609         fromdata_params = x448_fromdata_params;
610         bits = X448_BITS;
611         security_bits = X448_SECURITY_BITS;
612         size = X448_KEYLEN;
613         alg = "X448";
614         break;
615
616     case ED25519_IDX:
617         fromdata_params = ed25519_fromdata_params;
618         bits = ED25519_BITS;
619         security_bits = ED25519_SECURITY_BITS;
620         size = ED25519_KEYLEN;
621         alg = "ED25519";
622         break;
623
624     case ED448_IDX:
625         fromdata_params = ed448_fromdata_params;
626         bits = ED448_BITS;
627         security_bits = ED448_SECURITY_BITS;
628         size = ED448_KEYLEN;
629         alg = "ED448";
630         break;
631     }
632
633     ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
634     if (!TEST_ptr(ctx))
635         goto err;
636
637     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
638         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
639         || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
640         || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
641         || !TEST_int_eq(EVP_PKEY_size(pk), size))
642         goto err;
643
644     if (!TEST_ptr(copy_pk = EVP_PKEY_new())
645         || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
646         goto err;
647
648     if (!TEST_true(EVP_PKEY_get_octet_string_param(
649                        pk, fromdata_params[PRIV_KEY].key,
650                        out_priv, sizeof(out_priv), &len))
651         || !TEST_mem_eq(out_priv, len,
652                         fromdata_params[PRIV_KEY].data,
653                         fromdata_params[PRIV_KEY].data_size)
654         || !TEST_true(EVP_PKEY_get_octet_string_param(
655                           pk, fromdata_params[PUB_KEY].key,
656                           out_pub, sizeof(out_pub), &len))
657         || !TEST_mem_eq(out_pub, len,
658                         fromdata_params[PUB_KEY].data,
659                         fromdata_params[PUB_KEY].data_size))
660         goto err;
661
662     ret = test_print_key_using_pem(alg, pk)
663           && test_print_key_using_serializer(alg, pk);
664
665 err:
666     EVP_PKEY_free(pk);
667     EVP_PKEY_free(copy_pk);
668     EVP_PKEY_CTX_free(ctx);
669
670     return ret;
671 }
672
673 #define CURVE_NAME 2
674
675 static int test_fromdata_ec(void)
676 {
677     int ret = 0;
678     EVP_PKEY_CTX *ctx = NULL;
679     EVP_PKEY *pk = NULL, *copy_pk = NULL;
680     OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
681     BIGNUM *ec_priv_bn = NULL;
682     BIGNUM *bn_priv = NULL;
683     OSSL_PARAM *fromdata_params = NULL;
684     const char *alg = "EC";
685     const char *curve = "prime256v1";
686     /* UNCOMPRESSED FORMAT */
687     static const unsigned char ec_pub_keydata[] = {
688        POINT_CONVERSION_UNCOMPRESSED,
689        0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
690        0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
691        0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
692        0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
693        0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
694        0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
695        0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
696        0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
697     };
698     static const unsigned char ec_priv_keydata[] = {
699         0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
700         0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
701         0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
702         0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
703     };
704     const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
705     unsigned char out_pub[sizeof(ec_pub_keydata)];
706     char out_curve_name[80];
707     const OSSL_PARAM *gettable = NULL;
708     size_t len;
709
710
711     if (!TEST_ptr(bld))
712         goto err;
713     if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
714                                          sizeof(ec_priv_keydata), NULL)))
715         goto err;
716
717     if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME,
718                                         curve, 0) <= 0)
719         goto err;
720     if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
721                                          ec_pub_keydata,
722                                          sizeof(ec_pub_keydata)) <= 0)
723         goto err;
724     if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
725         goto err;
726     if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
727         goto err;
728     ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
729     if (!TEST_ptr(ctx))
730         goto err;
731
732     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
733         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
734         || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
735         || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
736         || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
737         goto err;
738
739     if (!TEST_ptr(copy_pk = EVP_PKEY_new())
740         || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
741         goto err;
742
743     if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
744         || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_NAME))
745         || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
746         || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
747         goto err;
748
749     if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_EC_NAME,
750                                         out_curve_name, sizeof(out_curve_name),
751                                         &len)
752         || !TEST_str_eq(out_curve_name, curve)
753         || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
754                                             out_pub, sizeof(out_pub), &len)
755         || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
756         || !TEST_mem_eq(out_pub + 1, len - 1,
757                         ec_pub_keydata + 1, compressed_sz - 1)
758         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
759                                             &bn_priv))
760         || !TEST_BN_eq(ec_priv_bn, bn_priv))
761         goto err;
762
763     ret = test_print_key_using_pem(alg, pk)
764           && test_print_key_using_serializer(alg, pk);
765 err:
766     BN_free(bn_priv);
767     BN_free(ec_priv_bn);
768     OSSL_PARAM_BLD_free_params(fromdata_params);
769     OSSL_PARAM_BLD_free(bld);
770     EVP_PKEY_free(pk);
771     EVP_PKEY_free(copy_pk);
772     EVP_PKEY_CTX_free(ctx);
773     return ret;
774 }
775
776 #endif /* OPENSSL_NO_EC */
777
778 #ifndef OPENSSL_NO_DSA
779 static int test_fromdata_dsa_fips186_4(void)
780 {
781     int ret = 0;
782     EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
783     EVP_PKEY *pk = NULL, *copy_pk = NULL;
784     BIGNUM *pub = NULL, *priv = NULL;
785     BIGNUM *p = NULL, *q = NULL, *g = NULL;
786     BIGNUM *pub_out = NULL, *priv_out = NULL;
787     BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
788     int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
789     char name_out[80];
790     unsigned char seed_out[32];
791     size_t len;
792     OSSL_PARAM_BLD *bld = NULL;
793     OSSL_PARAM *fromdata_params = NULL;
794
795     /*
796      * DSA parameter data was generated using the following:
797      * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
798      *                 -pkeyopt qbits:256 -pkeyopt type:0 \
799      *                 -pkeyopt gindex:1 -out dsa_params.pem -text
800      */
801     static const unsigned char p_data[] = {
802         0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
803         0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
804         0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
805         0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
806         0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
807         0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
808         0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
809         0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
810         0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
811         0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
812         0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
813         0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
814         0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
815         0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
816         0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
817         0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
818         0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
819         0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
820         0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
821         0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
822         0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
823         0x7c, 0xfe, 0xaf, 0x6a, 0x05
824     };
825     static const unsigned char q_data[] = {
826         0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
827         0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
828         0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
829     };
830     static const unsigned char g_data[] = {
831         0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
832         0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
833         0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
834         0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
835         0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
836         0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
837         0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
838         0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
839         0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
840         0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
841         0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
842         0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
843         0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
844         0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
845         0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
846         0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
847         0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
848         0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
849         0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
850         0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
851         0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
852         0x02, 0x6f, 0x96, 0x36
853     };
854     static const unsigned char seed_data[] = {
855         0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
856         0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
857         0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
858     };
859     const int gindex = 1;
860     const int pcounter = 53;
861     /*
862      * The keypair was generated using
863      * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
864      *                 -pkeyopt gindex:1 \
865      *                 -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
866      */
867     static const unsigned char priv_data[] = {
868         0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
869         0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
870         0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
871     };
872     static const unsigned char pub_data[] = {
873         0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
874         0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
875         0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
876         0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
877         0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
878         0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
879         0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
880         0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
881         0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
882         0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
883         0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
884         0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
885         0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
886         0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
887         0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
888         0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
889         0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
890         0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
891         0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
892         0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
893         0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
894         0x48, 0xd1, 0x8a, 0xbd
895     };
896
897     if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
898         || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
899         || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
900         || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
901         || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
902         || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
903
904         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
905         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
906         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
907         || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
908                                                        OSSL_PKEY_PARAM_FFC_SEED,
909                                                        seed_data,
910                                                        sizeof(seed_data)))
911         || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
912                                               gindex))
913         || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
914                                               OSSL_PKEY_PARAM_FFC_PCOUNTER,
915                                               pcounter))
916         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
917                                              pub))
918         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
919                                              priv))
920         || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
921         goto err;
922
923     if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
924         goto err;
925
926     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
927         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
928         || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
929         || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
930         || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
931         goto err;
932
933     if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
934                                                    name_out, sizeof(name_out),
935                                                    &len))
936         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
937                                             &pub_out))
938         || !TEST_BN_eq(pub, pub_out)
939         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
940                                             &priv_out))
941         || !TEST_BN_eq(priv, priv_out)
942         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
943         || !TEST_BN_eq(p, p_out)
944         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
945         || !TEST_BN_eq(q, q_out)
946         || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
947         || !TEST_BN_eq(g, g_out)
948         || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
949                                              &j_out))
950         || !TEST_ptr_null(j_out)
951         || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
952                                                       OSSL_PKEY_PARAM_FFC_SEED,
953                                                       seed_out, sizeof(seed_out),
954                                                       &len))
955         || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
956                                              &gindex_out))
957         || !TEST_int_eq(gindex, gindex_out)
958         || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
959                                              &hindex_out))
960         || !TEST_int_eq(hindex_out, 0)
961         || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
962                                              &pcounter_out))
963         || !TEST_int_eq(pcounter, pcounter_out))
964         goto err;
965
966     if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
967         goto err;
968
969     if (!TEST_true(EVP_PKEY_check(key_ctx))
970         || !TEST_true(EVP_PKEY_public_check(key_ctx))
971         || !TEST_true(EVP_PKEY_private_check(key_ctx))
972         || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
973         goto err;
974
975     if (!TEST_ptr(copy_pk = EVP_PKEY_new())
976         || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
977         goto err;
978
979     ret = test_print_key_using_pem("DSA", pk)
980           && test_print_key_using_serializer("DSA", pk);
981  err:
982     OSSL_PARAM_BLD_free_params(fromdata_params);
983     OSSL_PARAM_BLD_free(bld);
984     BN_free(p);
985     BN_free(q);
986     BN_free(g);
987     BN_free(pub);
988     BN_free(priv);
989     BN_free(p_out);
990     BN_free(q_out);
991     BN_free(g_out);
992     BN_free(pub_out);
993     BN_free(priv_out);
994     BN_free(j_out);
995     EVP_PKEY_free(pk);
996     EVP_PKEY_free(copy_pk);
997     EVP_PKEY_CTX_free(ctx);
998     EVP_PKEY_CTX_free(key_ctx);
999
1000     return ret;
1001 }
1002 #endif /* OPENSSL_NO_DSA */
1003
1004
1005 int setup_tests(void)
1006 {
1007     if (!test_skip_common_options()) {
1008         TEST_error("Error parsing test options\n");
1009         return 0;
1010     }
1011
1012     if (!TEST_ptr(datadir = test_get_argument(0)))
1013         return 0;
1014
1015     ADD_TEST(test_evp_pkey_get_bn_param_large);
1016     ADD_TEST(test_fromdata_rsa);
1017 #ifndef OPENSSL_NO_DH
1018     ADD_TEST(test_fromdata_dh);
1019 #endif
1020 #ifndef OPENSSL_NO_DSA
1021     ADD_TEST(test_fromdata_dsa_fips186_4);
1022 #endif
1023 #ifndef OPENSSL_NO_EC
1024     ADD_ALL_TESTS(test_fromdata_ecx, 4);
1025     ADD_TEST(test_fromdata_ec);
1026 #endif
1027     return 1;
1028 }