2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include <openssl/sha.h>
18 #include "crypto/ecx.h"
19 #include "crypto/evp.h" /* For the internal API */
20 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21 #include "internal/nelem.h"
24 static char *datadir = NULL;
27 * Do not change the order of the following defines unless you also
28 * update the for loop bounds used inside test_print_key_using_encoder() and
29 * test_print_key_using_encoder_public().
38 static void stripcr(char *buf, size_t *len)
43 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
54 static int compare_with_file(const char *alg, int type, BIO *membio)
59 char *memdata, *fullfile = NULL;
92 TEST_error("Invalid file type");
96 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97 fullfile = test_mk_file_path(datadir, filename);
98 if (!TEST_ptr(fullfile))
101 file = BIO_new_file(fullfile, "rb");
105 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106 || !TEST_true(BIO_eof(file))
107 || !TEST_size_t_lt(readbytes, sizeof(buf)))
110 len = BIO_get_mem_data(membio, &memdata);
111 if (!TEST_int_gt(len, 0))
115 if (type != PRIV_DER && type != PUB_DER) {
116 stripcr(memdata, &slen);
117 stripcr(buf, &readbytes);
120 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
125 OPENSSL_free(fullfile);
126 (void)BIO_reset(membio);
131 static int pass_cb(char *buf, int size, int rwflag, void *u)
136 static int pass_cb_error(char *buf, int size, int rwflag, void *u)
141 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
143 BIO *membio = BIO_new(BIO_s_mem());
146 if (!TEST_ptr(membio))
149 if (/* Output Encrypted private key in PEM form */
150 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151 (unsigned char *)"pass", 4,
153 /* Output zero-length passphrase encrypted private key in PEM form */
154 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
158 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
161 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
163 NULL, 0, pass_cb, NULL))
164 || !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
166 NULL, 0, pass_cb_error,
168 #ifndef OPENSSL_NO_DES
169 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
170 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
171 (const char *)~0, 0, NULL, NULL))
172 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
173 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
175 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
176 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
178 || !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
179 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
180 pass_cb_error, NULL))
182 /* Private key in text form */
183 || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
184 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
185 /* Public key in PEM form */
186 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
187 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
188 /* Unencrypted private key in PEM form */
189 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
190 NULL, NULL, 0, NULL, NULL))
191 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
200 static int test_print_key_type_using_encoder(const char *alg, int type,
203 const char *output_type, *output_structure;
205 OSSL_ENCODER_CTX *ctx = NULL;
206 BIO *membio = BIO_new(BIO_s_mem());
211 output_type = "TEXT";
212 output_structure = NULL;
213 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
214 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
219 output_structure = "PrivateKeyInfo";
220 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
221 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
226 output_structure = "PrivateKeyInfo";
227 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
228 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
232 output_type = "TEXT";
233 output_structure = NULL;
234 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
235 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
240 output_structure = "SubjectPublicKeyInfo";
241 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
242 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
247 output_structure = "SubjectPublicKeyInfo";
248 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
249 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
253 TEST_error("Invalid encoding type");
257 if (!TEST_ptr(membio))
260 /* Make a context, it's valid for several prints */
261 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
262 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
266 /* Check that this operation is supported */
267 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
270 /* Use no cipher. This should give us an unencrypted PEM */
271 TEST_note("Testing with no encryption");
272 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
273 || !TEST_true(compare_with_file(alg, type, membio)))
276 if (type == PRIV_PEM) {
277 /* Set a passphrase to be used later */
278 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
279 (unsigned char *)"pass",
283 /* Use a valid cipher name */
284 TEST_note("Displaying PEM encrypted with AES-256-CBC");
285 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
286 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
289 /* Use an invalid cipher name, which should generate no output */
290 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
291 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
292 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
295 /* Clear the cipher. This should give us an unencrypted PEM again */
296 TEST_note("Testing with encryption cleared (no encryption)");
297 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
298 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
299 || !TEST_true(compare_with_file(alg, type, membio)))
305 OSSL_ENCODER_CTX_free(ctx);
309 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
314 for (i = PRIV_TEXT; i <= PUB_DER; i++)
315 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
320 #ifndef OPENSSL_NO_EC
321 static int test_print_key_using_encoder_public(const char *alg,
327 for (i = PUB_TEXT; i <= PUB_DER; i++)
328 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
334 /* Array indexes used in test_fromdata_rsa */
344 static int test_fromdata_rsa(void)
347 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
348 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
350 * 32-bit RSA key, extracted from this command,
351 * executed with OpenSSL 1.0.2:
353 * openssl genrsa 32 | openssl rsa -text
355 static unsigned long key_numbers[] = {
365 OSSL_PARAM fromdata_params[] = {
366 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
367 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
368 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
369 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
370 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
371 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
372 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
373 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
376 BIGNUM *bn = BN_new();
377 BIGNUM *bn_from = BN_new();
379 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
382 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
383 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
384 fromdata_params), 1))
387 while (dup_pk == NULL) {
389 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
390 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
391 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
392 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
395 EVP_PKEY_CTX_free(key_ctx);
396 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
399 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
400 || !TEST_true(EVP_PKEY_public_check(key_ctx))
401 || !TEST_true(EVP_PKEY_private_check(key_ctx))
402 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
405 /* EVP_PKEY_copy_parameters() should fail for RSA */
406 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
407 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
409 EVP_PKEY_free(copy_pk);
412 ret = test_print_key_using_pem("RSA", pk)
413 && test_print_key_using_encoder("RSA", pk);
415 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
417 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
424 /* for better diagnostics always compare key params */
425 for (i = 0; fromdata_params[i].key != NULL; ++i) {
426 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
427 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
428 || !TEST_BN_eq(bn, bn_from))
434 EVP_PKEY_free(copy_pk);
435 EVP_PKEY_CTX_free(key_ctx);
436 EVP_PKEY_CTX_free(ctx);
441 static int test_evp_pkey_get_bn_param_large(void)
444 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
446 OSSL_PARAM_BLD *bld = NULL;
447 OSSL_PARAM *fromdata_params = NULL;
448 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
450 * The buffer size chosen here for n_data larger than the buffer used
451 * internally in EVP_PKEY_get_bn_param.
453 static unsigned char n_data[2050];
454 static const unsigned char e_data[] = {
457 static const unsigned char d_data[]= {
458 0x99, 0x33, 0x13, 0x7b
461 /* N is a large buffer */
462 memset(n_data, 0xCE, sizeof(n_data));
464 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
465 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
466 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
467 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
468 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
469 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
470 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
471 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
472 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
473 || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
474 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
476 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
477 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
478 || !TEST_BN_eq(n, n_out))
487 EVP_PKEY_CTX_free(key_ctx);
488 EVP_PKEY_CTX_free(ctx);
489 OSSL_PARAM_free(fromdata_params);
490 OSSL_PARAM_BLD_free(bld);
495 #ifndef OPENSSL_NO_DH
496 static int test_fromdata_dh_named_group(void)
499 int gindex = 0, pcounter = 0, hindex = 0;
500 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
501 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
503 BIGNUM *pub = NULL, *priv = NULL;
504 BIGNUM *pub_out = NULL, *priv_out = NULL;
505 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
506 OSSL_PARAM *fromdata_params = NULL;
507 OSSL_PARAM_BLD *bld = NULL;
509 unsigned char seed_out[32];
512 * DH key data was generated using the following:
513 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
514 * -pkeyopt priv_len:224 -text
516 static const unsigned char priv_data[] = {
517 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
518 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
519 0x87, 0xe8, 0xa9, 0x7b,
521 static const unsigned char pub_data[] = {
522 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
523 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
524 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
525 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
526 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
527 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
528 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
529 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
530 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
531 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
532 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
533 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
534 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
535 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
536 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
537 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
538 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
539 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
540 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
541 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
542 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
543 0xcf, 0x33, 0x42, 0x83, 0x42
545 static const char group_name[] = "ffdhe2048";
546 static const long priv_len = 224;
548 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
549 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
550 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
551 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
552 OSSL_PKEY_PARAM_GROUP_NAME,
554 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
556 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
557 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
558 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
561 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
564 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
565 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
566 fromdata_params), 1))
570 * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
571 * it behaves as expected with regards to string length and terminating
574 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
575 OSSL_PKEY_PARAM_GROUP_NAME,
576 NULL, sizeof(name_out),
578 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
579 /* Just enough space to hold the group name and a terminating NUL */
580 || !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
581 OSSL_PKEY_PARAM_GROUP_NAME,
585 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
586 /* Too small buffer to hold the terminating NUL byte */
587 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
588 OSSL_PKEY_PARAM_GROUP_NAME,
590 sizeof(group_name) - 1,
592 /* Too small buffer to hold the whole group name, even! */
593 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
594 OSSL_PKEY_PARAM_GROUP_NAME,
596 sizeof(group_name) - 2,
600 while (dup_pk == NULL) {
602 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
603 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
604 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
605 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
608 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
609 OSSL_PKEY_PARAM_GROUP_NAME,
613 || !TEST_str_eq(name_out, group_name)
614 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
617 || !TEST_BN_eq(pub, pub_out)
618 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
620 || !TEST_BN_eq(priv, priv_out)
621 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
622 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
623 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
625 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
626 || !TEST_BN_eq(&ossl_bignum_const_2, g)
627 || !TEST_false(EVP_PKEY_get_bn_param(pk,
628 OSSL_PKEY_PARAM_FFC_COFACTOR,
631 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
632 OSSL_PKEY_PARAM_FFC_SEED,
636 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
638 || !TEST_int_eq(gindex, -1)
639 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
641 || !TEST_int_eq(hindex, 0)
642 || !TEST_true(EVP_PKEY_get_int_param(pk,
643 OSSL_PKEY_PARAM_FFC_PCOUNTER,
645 || !TEST_int_eq(pcounter, -1))
660 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
663 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
664 || !TEST_true(EVP_PKEY_public_check(key_ctx))
665 || !TEST_true(EVP_PKEY_private_check(key_ctx))
666 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
668 EVP_PKEY_CTX_free(key_ctx);
671 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
672 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
674 EVP_PKEY_free(copy_pk);
677 ret = test_print_key_using_pem("DH", pk)
678 && test_print_key_using_encoder("DH", pk);
680 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
682 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
697 EVP_PKEY_free(copy_pk);
699 EVP_PKEY_CTX_free(ctx);
700 EVP_PKEY_CTX_free(key_ctx);
701 OSSL_PARAM_free(fromdata_params);
702 OSSL_PARAM_BLD_free(bld);
707 static int test_fromdata_dh_fips186_4(void)
710 int gindex = 0, pcounter = 0, hindex = 0;
711 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
712 EVP_PKEY *pk = NULL, *dup_pk = NULL;
714 BIGNUM *pub = NULL, *priv = NULL;
715 BIGNUM *pub_out = NULL, *priv_out = NULL;
716 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
717 OSSL_PARAM_BLD *bld = NULL;
718 OSSL_PARAM *fromdata_params = NULL;
720 unsigned char seed_out[32];
723 * DH key data was generated using the following:
724 * openssl genpkey -algorithm DH
725 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
727 static const unsigned char priv_data[] = {
728 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
729 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
730 0x87, 0xe8, 0xa9, 0x7b,
732 static const unsigned char pub_data[] = {
733 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
734 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
735 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
736 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
737 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
738 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
739 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
740 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
741 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
742 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
743 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
744 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
745 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
746 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
747 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
748 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
749 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
750 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
751 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
752 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
753 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
754 0x33, 0x42, 0x83, 0x42
756 static const char group_name[] = "ffdhe2048";
757 static const long priv_len = 224;
760 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
761 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
762 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
763 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
764 OSSL_PKEY_PARAM_GROUP_NAME,
766 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
768 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
769 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
770 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
773 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
776 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
777 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
778 fromdata_params), 1))
781 while (dup_pk == NULL) {
783 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
784 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
785 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
786 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
789 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
790 OSSL_PKEY_PARAM_GROUP_NAME,
794 || !TEST_str_eq(name_out, group_name)
795 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
797 || !TEST_BN_eq(pub, pub_out)
798 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
800 || !TEST_BN_eq(priv, priv_out)
801 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
802 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
803 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
805 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
806 || !TEST_BN_eq(&ossl_bignum_const_2, g)
807 || !TEST_false(EVP_PKEY_get_bn_param(pk,
808 OSSL_PKEY_PARAM_FFC_COFACTOR,
811 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
812 OSSL_PKEY_PARAM_FFC_SEED,
816 || !TEST_true(EVP_PKEY_get_int_param(pk,
817 OSSL_PKEY_PARAM_FFC_GINDEX,
819 || !TEST_int_eq(gindex, -1)
820 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
822 || !TEST_int_eq(hindex, 0)
823 || !TEST_true(EVP_PKEY_get_int_param(pk,
824 OSSL_PKEY_PARAM_FFC_PCOUNTER,
826 || !TEST_int_eq(pcounter, -1))
841 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
844 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
845 || !TEST_true(EVP_PKEY_public_check(key_ctx))
846 || !TEST_true(EVP_PKEY_private_check(key_ctx))
847 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
849 EVP_PKEY_CTX_free(key_ctx);
852 ret = test_print_key_using_pem("DH", pk)
853 && test_print_key_using_encoder("DH", pk);
855 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
857 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
873 EVP_PKEY_CTX_free(ctx);
874 EVP_PKEY_CTX_free(key_ctx);
875 OSSL_PARAM_free(fromdata_params);
876 OSSL_PARAM_BLD_free(bld);
885 #ifndef OPENSSL_NO_EC
886 /* Array indexes used in test_fromdata_ecx */
890 # define X25519_IDX 0
892 # define ED25519_IDX 2
896 * tst uses indexes 0 ... (3 * 4 - 1)
897 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
898 * 0..3 = public + private key.
899 * 4..7 = private key (This will generate the public key from the private key)
902 static int test_fromdata_ecx(int tst)
905 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
906 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
907 const char *alg = NULL;
909 unsigned char out_pub[ED448_KEYLEN];
910 unsigned char out_priv[ED448_KEYLEN];
911 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
913 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
914 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
915 /* X25519: Keys from RFC 7748 6.1 */
919 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
920 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
921 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
926 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
927 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
928 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
932 /* X448: Keys from RFC 7748 6.2 */
936 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
937 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
938 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
939 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
940 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
941 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
945 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
946 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
947 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
948 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
949 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
950 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
953 /* ED25519: Keys from RFC 8032 */
957 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
958 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
959 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
964 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
965 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
966 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
970 /* ED448: Keys from RFC 8032 */
974 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
975 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
976 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
977 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
978 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
979 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
983 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
984 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
985 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
986 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
987 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
988 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
992 OSSL_PARAM x25519_fromdata_params[] = {
993 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
994 key_numbers[X25519_IDX][PRIV_KEY],
996 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
997 key_numbers[X25519_IDX][PUB_KEY],
1001 OSSL_PARAM x448_fromdata_params[] = {
1002 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1003 key_numbers[X448_IDX][PRIV_KEY],
1005 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1006 key_numbers[X448_IDX][PUB_KEY],
1010 OSSL_PARAM ed25519_fromdata_params[] = {
1011 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1012 key_numbers[ED25519_IDX][PRIV_KEY],
1014 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1015 key_numbers[ED25519_IDX][PUB_KEY],
1019 OSSL_PARAM ed448_fromdata_params[] = {
1020 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1021 key_numbers[ED448_IDX][PRIV_KEY],
1023 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1024 key_numbers[ED448_IDX][PUB_KEY],
1028 OSSL_PARAM *fromdata_params = NULL;
1029 int bits = 0, security_bits = 0, size = 0;
1030 OSSL_PARAM *orig_fromdata_params = NULL;
1034 fromdata_params = x25519_fromdata_params;
1036 security_bits = X25519_SECURITY_BITS;
1037 size = X25519_KEYLEN;
1042 fromdata_params = x448_fromdata_params;
1044 security_bits = X448_SECURITY_BITS;
1050 fromdata_params = ed25519_fromdata_params;
1051 bits = ED25519_BITS;
1052 security_bits = ED25519_SECURITY_BITS;
1053 size = ED25519_SIGSIZE;
1058 fromdata_params = ed448_fromdata_params;
1060 security_bits = ED448_SECURITY_BITS;
1061 size = ED448_SIGSIZE;
1068 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1072 orig_fromdata_params = fromdata_params;
1074 /* public key only */
1076 } else if (tst > 3) {
1077 /* private key only */
1078 params[0] = fromdata_params[0];
1079 params[1] = fromdata_params[2];
1080 fromdata_params = params;
1083 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1084 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1085 fromdata_params), 1))
1088 while (dup_pk == NULL) {
1090 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1091 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1092 || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1093 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1096 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1099 if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
1101 if (!TEST_true(EVP_PKEY_get_octet_string_param(
1102 pk, orig_fromdata_params[PRIV_KEY].key,
1103 out_priv, sizeof(out_priv), &len))
1104 || !TEST_mem_eq(out_priv, len,
1105 orig_fromdata_params[PRIV_KEY].data,
1106 orig_fromdata_params[PRIV_KEY].data_size)
1107 || !TEST_true(EVP_PKEY_get_octet_string_param(
1108 pk, orig_fromdata_params[PUB_KEY].key,
1109 out_pub, sizeof(out_pub), &len))
1110 || !TEST_mem_eq(out_pub, len,
1111 orig_fromdata_params[PUB_KEY].data,
1112 orig_fromdata_params[PUB_KEY].data_size))
1115 /* The private key check should fail if there is only a public key */
1116 if (!TEST_true(EVP_PKEY_public_check(ctx2))
1117 || !TEST_false(EVP_PKEY_private_check(ctx2))
1118 || !TEST_int_le(EVP_PKEY_check(ctx2), 0))
1121 EVP_PKEY_CTX_free(ctx2);
1124 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1125 /* This should succeed because there are no parameters to copy */
1126 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1128 EVP_PKEY_free(copy_pk);
1132 ret = test_print_key_using_encoder_public(alg, pk);
1134 ret = test_print_key_using_pem(alg, pk)
1135 && test_print_key_using_encoder(alg, pk);
1137 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1139 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1148 EVP_PKEY_free(copy_pk);
1149 EVP_PKEY_CTX_free(ctx);
1150 EVP_PKEY_CTX_free(ctx2);
1155 static int test_fromdata_ec(void)
1158 EVP_PKEY_CTX *ctx = NULL;
1159 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1160 OSSL_PARAM_BLD *bld = NULL;
1161 BIGNUM *ec_priv_bn = NULL;
1162 BIGNUM *bn_priv = NULL;
1163 OSSL_PARAM *fromdata_params = NULL;
1164 const char *alg = "EC";
1165 const char *curve = "prime256v1";
1166 const char bad_curve[] = "nonexistent-curve";
1167 OSSL_PARAM nokey_params[2] = {
1171 /* UNCOMPRESSED FORMAT */
1172 static const unsigned char ec_pub_keydata[] = {
1173 POINT_CONVERSION_UNCOMPRESSED,
1174 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1175 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1176 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1177 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1178 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1179 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1180 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1181 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1183 static const unsigned char ec_priv_keydata[] = {
1184 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1185 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1186 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1187 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1189 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1190 unsigned char out_pub[sizeof(ec_pub_keydata)];
1191 char out_curve_name[80];
1192 const OSSL_PARAM *gettable = NULL;
1194 EC_GROUP *group = NULL;
1195 BIGNUM *group_a = NULL;
1196 BIGNUM *group_b = NULL;
1197 BIGNUM *group_p = NULL;
1203 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1205 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1206 sizeof(ec_priv_keydata), NULL)))
1209 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1212 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1214 sizeof(ec_pub_keydata)) <= 0)
1216 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1218 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1220 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1224 /* try importing parameters with bad curve first */
1226 OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1227 (char *)bad_curve, sizeof(bad_curve));
1228 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1229 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1231 || !TEST_ptr_null(pk))
1234 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1235 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1236 fromdata_params), 1))
1239 while (dup_pk == NULL) {
1241 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1242 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1243 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1244 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1247 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1248 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1250 EVP_PKEY_free(copy_pk);
1253 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1254 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1255 OSSL_PKEY_PARAM_GROUP_NAME))
1256 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1257 OSSL_PKEY_PARAM_PUB_KEY))
1258 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1259 OSSL_PKEY_PARAM_PRIV_KEY)))
1262 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1263 || !TEST_ptr(group_p = BN_new())
1264 || !TEST_ptr(group_a = BN_new())
1265 || !TEST_ptr(group_b = BN_new())
1266 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1269 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1270 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1271 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1274 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
1275 || !TEST_BN_eq(group_b, b))
1278 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1280 sizeof(out_curve_name),
1282 || !TEST_str_eq(out_curve_name, curve)
1283 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1284 out_pub, sizeof(out_pub), &len)
1285 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1286 || !TEST_mem_eq(out_pub + 1, len - 1,
1287 ec_pub_keydata + 1, compressed_sz - 1)
1288 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1290 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1295 ret = test_print_key_using_pem(alg, pk)
1296 && test_print_key_using_encoder(alg, pk);
1298 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1300 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1308 EC_GROUP_free(group);
1316 BN_free(ec_priv_bn);
1317 OSSL_PARAM_free(fromdata_params);
1318 OSSL_PARAM_BLD_free(bld);
1320 EVP_PKEY_free(copy_pk);
1321 EVP_PKEY_CTX_free(ctx);
1325 static int test_ec_dup_no_operation(void)
1328 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1329 EVP_PKEY *param = NULL, *pkey = NULL;
1331 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1332 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1333 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1334 NID_X9_62_prime256v1), 0)
1335 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1336 || !TEST_ptr(param))
1339 EVP_PKEY_CTX_free(pctx);
1342 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1343 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1344 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1345 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1349 EVP_PKEY_free(pkey);
1350 EVP_PKEY_free(param);
1351 EVP_PKEY_CTX_free(ctx);
1352 EVP_PKEY_CTX_free(kctx);
1353 EVP_PKEY_CTX_free(pctx);
1357 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1358 static int test_ec_dup_keygen_operation(void)
1361 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1362 EVP_PKEY *param = NULL, *pkey = NULL;
1364 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1365 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1366 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1367 NID_X9_62_prime256v1), 0)
1368 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1369 || !TEST_ptr(param))
1372 EVP_PKEY_CTX_free(pctx);
1375 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1376 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1377 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1381 EVP_PKEY_free(pkey);
1382 EVP_PKEY_free(param);
1383 EVP_PKEY_CTX_free(ctx);
1384 EVP_PKEY_CTX_free(kctx);
1385 EVP_PKEY_CTX_free(pctx);
1389 #endif /* OPENSSL_NO_EC */
1391 #ifndef OPENSSL_NO_DSA
1392 static int test_fromdata_dsa_fips186_4(void)
1395 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1396 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1397 BIGNUM *pub = NULL, *priv = NULL;
1398 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1399 BIGNUM *pub_out = NULL, *priv_out = NULL;
1400 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1401 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1403 unsigned char seed_out[32];
1405 OSSL_PARAM_BLD *bld = NULL;
1406 OSSL_PARAM *fromdata_params = NULL;
1409 * DSA parameter data was generated using the following:
1410 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1411 * -pkeyopt qbits:256 -pkeyopt type:0 \
1412 * -pkeyopt gindex:1 -out dsa_params.pem -text
1414 static const unsigned char p_data[] = {
1415 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1416 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1417 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1418 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1419 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1420 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1421 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1422 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1423 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1424 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1425 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1426 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1427 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1428 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1429 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1430 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1431 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1432 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1433 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1434 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1435 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1436 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1438 static const unsigned char q_data[] = {
1439 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1440 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1441 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1443 static const unsigned char g_data[] = {
1444 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1445 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1446 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1447 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1448 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1449 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1450 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1451 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1452 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1453 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1454 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1455 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1456 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1457 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1458 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1459 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1460 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1461 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1462 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1463 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1464 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1465 0x02, 0x6f, 0x96, 0x36
1467 static const unsigned char seed_data[] = {
1468 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1469 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1470 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1472 const int gindex = 1;
1473 const int pcounter = 53;
1475 * The keypair was generated using
1476 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1477 * -pkeyopt gindex:1 \
1478 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1480 static const unsigned char priv_data[] = {
1481 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1482 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1483 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1485 static const unsigned char pub_data[] = {
1486 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1487 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1488 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1489 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1490 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1491 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1492 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1493 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1494 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1495 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1496 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1497 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1498 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1499 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1500 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1501 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1502 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1503 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1504 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1505 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1506 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1507 0x48, 0xd1, 0x8a, 0xbd
1510 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1511 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1512 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1513 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1514 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1515 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1517 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1518 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1519 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1520 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1521 OSSL_PKEY_PARAM_FFC_SEED,
1524 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1526 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1527 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1529 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1531 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1533 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1536 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1539 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1540 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1541 fromdata_params), 1))
1544 while (dup_pk == NULL) {
1546 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1547 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1548 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1549 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1552 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1553 OSSL_PKEY_PARAM_GROUP_NAME,
1557 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1559 || !TEST_BN_eq(pub, pub_out)
1560 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1562 || !TEST_BN_eq(priv, priv_out)
1563 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1565 || !TEST_BN_eq(p, p_out)
1566 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1568 || !TEST_BN_eq(q, q_out)
1569 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1571 || !TEST_BN_eq(g, g_out)
1572 || !TEST_false(EVP_PKEY_get_bn_param(pk,
1573 OSSL_PKEY_PARAM_FFC_COFACTOR,
1575 || !TEST_ptr_null(j_out)
1576 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1577 OSSL_PKEY_PARAM_FFC_SEED,
1581 || !TEST_true(EVP_PKEY_get_int_param(pk,
1582 OSSL_PKEY_PARAM_FFC_GINDEX,
1584 || !TEST_int_eq(gindex, gindex_out)
1585 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1587 || !TEST_int_eq(hindex_out, 0)
1588 || !TEST_true(EVP_PKEY_get_int_param(pk,
1589 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1591 || !TEST_int_eq(pcounter, pcounter_out))
1606 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1609 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
1610 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1611 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1612 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1614 EVP_PKEY_CTX_free(key_ctx);
1617 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1618 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1620 EVP_PKEY_free(copy_pk);
1623 ret = test_print_key_using_pem("DSA", pk)
1624 && test_print_key_using_encoder("DSA", pk);
1626 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1628 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1636 OSSL_PARAM_free(fromdata_params);
1637 OSSL_PARAM_BLD_free(bld);
1650 EVP_PKEY_free(copy_pk);
1651 EVP_PKEY_CTX_free(ctx);
1652 EVP_PKEY_CTX_free(key_ctx);
1657 static int test_check_dsa(void)
1660 EVP_PKEY_CTX *ctx = NULL;
1662 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1663 || !TEST_int_le(EVP_PKEY_check(ctx), 0)
1664 || !TEST_false(EVP_PKEY_public_check(ctx))
1665 || !TEST_false(EVP_PKEY_private_check(ctx))
1666 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1671 EVP_PKEY_CTX_free(ctx);
1675 #endif /* OPENSSL_NO_DSA */
1678 static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key,
1679 size_t keylen, char *salt)
1681 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
1682 OSSL_PARAM *p = params;
1684 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1685 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1686 salt, strlen(salt));
1687 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1688 (unsigned char *)key, keylen);
1689 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1691 *p = OSSL_PARAM_construct_end();
1696 static int test_evp_pkey_ctx_dup_kdf(void)
1699 size_t len = 0, dlen = 0;
1700 EVP_PKEY_CTX *pctx = NULL, *dctx = NULL;
1701 OSSL_PARAM *params = NULL;
1703 if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1706 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1708 if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1710 if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
1712 if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1713 || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
1714 || !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
1715 || !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
1719 OPENSSL_free(params);
1720 EVP_PKEY_CTX_free(dctx);
1721 EVP_PKEY_CTX_free(pctx);
1725 int setup_tests(void)
1727 if (!test_skip_common_options()) {
1728 TEST_error("Error parsing test options\n");
1732 if (!TEST_ptr(datadir = test_get_argument(0)))
1735 ADD_TEST(test_evp_pkey_ctx_dup_kdf);
1736 ADD_TEST(test_evp_pkey_get_bn_param_large);
1737 ADD_TEST(test_fromdata_rsa);
1738 #ifndef OPENSSL_NO_DH
1739 ADD_TEST(test_fromdata_dh_fips186_4);
1740 ADD_TEST(test_fromdata_dh_named_group);
1742 #ifndef OPENSSL_NO_DSA
1743 ADD_TEST(test_check_dsa);
1744 ADD_TEST(test_fromdata_dsa_fips186_4);
1746 #ifndef OPENSSL_NO_EC
1747 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1748 ADD_TEST(test_fromdata_ec);
1749 ADD_TEST(test_ec_dup_no_operation);
1750 ADD_TEST(test_ec_dup_keygen_operation);