2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/serializer.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
32 static void stripcr(char *buf, size_t *len)
37 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
48 static int compare_with_file(const char *alg, int type, BIO *membio)
53 char *memdata, *fullfile = NULL;
86 TEST_error("Invalid file type");
90 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91 fullfile = test_mk_file_path(datadir, filename);
92 if (!TEST_ptr(fullfile))
95 file = BIO_new_file(fullfile, "rb");
99 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100 || !TEST_true(BIO_eof(file))
101 || !TEST_size_t_lt(readbytes, sizeof(buf)))
104 len = BIO_get_mem_data(membio, &memdata);
105 if (!TEST_int_gt(len, 0))
109 if (type != PRIV_DER && type != PUB_DER) {
110 stripcr(memdata, &slen);
111 stripcr(buf, &readbytes);
114 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
119 OPENSSL_free(fullfile);
120 (void)BIO_reset(membio);
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
127 BIO *membio = BIO_new(BIO_s_mem());
130 if (!TEST_ptr(membio))
133 if (!TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
134 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
135 /* Public key in PEM form */
136 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
137 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
138 /* Unencrypted private key in PEM form */
139 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
140 NULL, NULL, 0, NULL, NULL))
141 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
142 /* Encrypted private key in PEM form */
143 || !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
144 (unsigned char *)"pass", 4,
154 static int test_print_key_type_using_serializer(const char *alg, int type,
158 OSSL_SERIALIZER_CTX *ctx = NULL;
159 BIO *membio = BIO_new(BIO_s_mem());
164 pq = OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ;
168 pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
172 pq = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
176 pq = OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ;
180 pq = OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ;
184 pq = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
188 TEST_error("Invalid serialization type");
192 if (!TEST_ptr(membio))
195 /* Make a context, it's valid for several prints */
196 TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
197 if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
198 /* Check that this operation is supported */
199 || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx)))
202 /* Use no cipher. This should give us an unencrypted PEM */
203 TEST_note("Testing with no encryption");
204 if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
205 || !TEST_true(compare_with_file(alg, type, membio)))
208 if (type == PRIV_PEM) {
209 /* Set a passphrase to be used later */
210 if (!TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
211 (unsigned char *)"pass",
215 /* Use a valid cipher name */
216 TEST_note("Displaying PEM encrypted with AES-256-CBC");
217 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
218 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
221 /* Use an invalid cipher name, which should generate no output */
222 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
223 if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
224 || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
227 /* Clear the cipher. This should give us an unencrypted PEM again */
228 TEST_note("Testing with encryption cleared (no encryption)");
229 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
230 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
231 || !TEST_true(compare_with_file(alg, type, membio)))
237 OSSL_SERIALIZER_CTX_free(ctx);
241 static int test_print_key_using_serializer(const char *alg, const EVP_PKEY *pk)
246 for (i = 0; i < 6; i++)
247 ret = ret && test_print_key_type_using_serializer(alg, i, pk);
252 /* Array indexes used in test_fromdata_rsa */
262 static int test_fromdata_rsa(void)
265 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
266 EVP_PKEY *pk = NULL, *copy_pk = NULL;
268 * 32-bit RSA key, extracted from this command,
269 * executed with OpenSSL 1.0.2:
271 * openssl genrsa 32 | openssl rsa -text
273 static unsigned long key_numbers[] = {
283 OSSL_PARAM fromdata_params[] = {
284 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
285 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
286 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
287 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
288 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
289 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
290 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
291 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
294 BIGNUM *bn = BN_new();
295 BIGNUM *bn_from = BN_new();
297 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
300 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
301 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
302 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
303 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
304 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
307 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
310 if (!TEST_true(EVP_PKEY_check(key_ctx))
311 || !TEST_true(EVP_PKEY_public_check(key_ctx))
312 || !TEST_true(EVP_PKEY_private_check(key_ctx))
313 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
316 /* EVP_PKEY_copy_parameters() should fail for RSA */
317 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
318 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
321 for (i = 0; fromdata_params[i].key != NULL; ++i) {
322 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
323 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
324 || !TEST_BN_eq(bn, bn_from))
327 ret = test_print_key_using_pem("RSA", pk)
328 && test_print_key_using_serializer("RSA", pk);
333 EVP_PKEY_free(copy_pk);
334 EVP_PKEY_CTX_free(key_ctx);
335 EVP_PKEY_CTX_free(ctx);
340 static int test_evp_pkey_get_bn_param_large(void)
343 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
345 OSSL_PARAM_BLD *bld = NULL;
346 OSSL_PARAM *fromdata_params = NULL;
347 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
349 * The buffer size chosen here for n_data larger than the buffer used
350 * internally in EVP_PKEY_get_bn_param.
352 static unsigned char n_data[2050];
353 static const unsigned char e_data[] = {
356 static const unsigned char d_data[]= {
357 0x99, 0x33, 0x13, 0x7b
360 /* N is a large buffer */
361 memset(n_data, 0xCE, sizeof(n_data));
363 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
364 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
365 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
366 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
367 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
368 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
369 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
370 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
371 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
372 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
373 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
374 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
375 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
376 || !TEST_BN_eq(n, n_out))
385 EVP_PKEY_CTX_free(key_ctx);
386 EVP_PKEY_CTX_free(ctx);
387 OSSL_PARAM_BLD_free_params(fromdata_params);
388 OSSL_PARAM_BLD_free(bld);
393 #ifndef OPENSSL_NO_DH
394 static int test_fromdata_dh_named_group(void)
397 int gindex = 0, pcounter = 0, hindex = 0;
398 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
399 EVP_PKEY *pk = NULL, *copy_pk = NULL;
401 BIGNUM *pub = NULL, *priv = NULL;
402 BIGNUM *pub_out = NULL, *priv_out = NULL;
403 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
404 OSSL_PARAM *fromdata_params = NULL;
405 OSSL_PARAM_BLD *bld = NULL;
407 unsigned char seed_out[32];
410 * DH key data was generated using the following:
411 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048 -text
413 static const unsigned char priv_data[] = {
414 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
415 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
416 0x87, 0xe8, 0xa9, 0x7b,
418 static const unsigned char pub_data[] = {
419 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
420 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
421 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
422 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
423 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
424 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
425 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
426 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
427 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
428 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
429 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
430 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
431 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
432 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
433 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
434 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
435 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
436 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
437 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
438 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
439 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
440 0xcf, 0x33, 0x42, 0x83, 0x42
442 static const char group_name[] = "ffdhe2048";
444 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
445 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
446 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
447 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
448 OSSL_PKEY_PARAM_FFC_GROUP,
450 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
451 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
452 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
455 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
458 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
459 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
460 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
461 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
462 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
465 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
466 name_out, sizeof(name_out),
468 || !TEST_str_eq(name_out, group_name)
469 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
472 || !TEST_BN_eq(pub, pub_out)
473 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
475 || !TEST_BN_eq(priv, priv_out)
476 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
477 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
478 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
480 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
481 || !TEST_BN_eq(&_bignum_const_2, g)
482 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
485 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
486 OSSL_PKEY_PARAM_FFC_SEED,
488 sizeof(seed_out), &len))
489 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
491 || !TEST_int_eq(gindex, -1)
492 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
493 || !TEST_int_eq(hindex, 0)
494 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
496 || !TEST_int_eq(pcounter, -1))
499 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
502 if (!TEST_true(EVP_PKEY_check(key_ctx))
503 || !TEST_true(EVP_PKEY_public_check(key_ctx))
504 || !TEST_true(EVP_PKEY_private_check(key_ctx))
505 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
508 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
509 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
512 ret = test_print_key_using_pem("DH", pk)
513 && test_print_key_using_serializer("DH", pk);
523 EVP_PKEY_free(copy_pk);
525 EVP_PKEY_CTX_free(ctx);
526 EVP_PKEY_CTX_free(key_ctx);
527 OSSL_PARAM_BLD_free_params(fromdata_params);
528 OSSL_PARAM_BLD_free(bld);
533 static int test_fromdata_dh_fips186_4(void)
536 int gindex = 0, pcounter = 0, hindex = 0;
537 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
540 BIGNUM *pub = NULL, *priv = NULL;
541 BIGNUM *pub_out = NULL, *priv_out = NULL;
542 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
543 OSSL_PARAM_BLD *bld = NULL;
544 OSSL_PARAM *fromdata_params = NULL;
546 unsigned char seed_out[32];
549 * DH key data was generated using the following:
550 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048 -text
552 static const unsigned char priv_data[] = {
553 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
554 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
555 0x87, 0xe8, 0xa9, 0x7b,
557 static const unsigned char pub_data[] = {
558 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
559 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
560 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
561 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
562 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
563 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
564 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
565 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
566 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
567 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
568 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
569 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
570 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
571 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
572 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
573 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
574 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
575 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
576 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
577 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
578 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
579 0x33, 0x42, 0x83, 0x42
581 static const char group_name[] = "ffdhe2048";
584 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
585 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
586 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
587 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
588 OSSL_PKEY_PARAM_FFC_GROUP,
590 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
591 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
592 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
595 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
598 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
599 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
600 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
601 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
602 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
605 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
606 name_out, sizeof(name_out),
608 || !TEST_str_eq(name_out, group_name)
609 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
611 || !TEST_BN_eq(pub, pub_out)
612 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
614 || !TEST_BN_eq(priv, priv_out)
615 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
616 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
617 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
619 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
620 || !TEST_BN_eq(&_bignum_const_2, g)
621 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
624 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
625 OSSL_PKEY_PARAM_FFC_SEED,
627 sizeof(seed_out), &len))
628 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
630 || !TEST_int_eq(gindex, -1)
631 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
632 || !TEST_int_eq(hindex, 0)
633 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
635 || !TEST_int_eq(pcounter, -1))
638 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
641 if (!TEST_true(EVP_PKEY_check(key_ctx))
642 || !TEST_true(EVP_PKEY_public_check(key_ctx))
643 || !TEST_true(EVP_PKEY_private_check(key_ctx))
644 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
647 ret = test_print_key_using_pem("DH", pk)
648 && test_print_key_using_serializer("DH", pk);
659 EVP_PKEY_CTX_free(ctx);
660 EVP_PKEY_CTX_free(key_ctx);
661 OSSL_PARAM_BLD_free_params(fromdata_params);
662 OSSL_PARAM_BLD_free(bld);
671 #ifndef OPENSSL_NO_EC
672 /* Array indexes used in test_fromdata_ecx */
676 # define X25519_IDX 0
678 # define ED25519_IDX 2
681 static int test_fromdata_ecx(int tst)
684 EVP_PKEY_CTX *ctx = NULL;
685 EVP_PKEY *pk = NULL, *copy_pk = NULL;
686 const char *alg = NULL;
688 unsigned char out_pub[ED448_KEYLEN];
689 unsigned char out_priv[ED448_KEYLEN];
691 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
692 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
693 /* X25519: Keys from RFC 7748 6.1 */
697 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
698 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
699 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
704 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
705 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
706 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
710 /* X448: Keys from RFC 7748 6.2 */
714 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
715 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
716 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
717 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
718 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
719 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
723 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
724 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
725 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
726 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
727 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
728 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
731 /* ED25519: Keys from RFC 8032 */
735 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
736 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
737 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
742 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
743 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
744 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
748 /* ED448: Keys from RFC 8032 */
752 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
753 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
754 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
755 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
756 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
757 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
761 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
762 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
763 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
764 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
765 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
766 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
770 OSSL_PARAM x25519_fromdata_params[] = {
771 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
772 key_numbers[X25519_IDX][PRIV_KEY],
774 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
775 key_numbers[X25519_IDX][PUB_KEY],
779 OSSL_PARAM x448_fromdata_params[] = {
780 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
781 key_numbers[X448_IDX][PRIV_KEY],
783 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
784 key_numbers[X448_IDX][PUB_KEY],
788 OSSL_PARAM ed25519_fromdata_params[] = {
789 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
790 key_numbers[ED25519_IDX][PRIV_KEY],
792 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
793 key_numbers[ED25519_IDX][PUB_KEY],
797 OSSL_PARAM ed448_fromdata_params[] = {
798 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
799 key_numbers[ED448_IDX][PRIV_KEY],
801 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
802 key_numbers[ED448_IDX][PUB_KEY],
806 OSSL_PARAM *fromdata_params = NULL;
807 int bits = 0, security_bits = 0, size = 0;
811 fromdata_params = x25519_fromdata_params;
813 security_bits = X25519_SECURITY_BITS;
814 size = X25519_KEYLEN;
819 fromdata_params = x448_fromdata_params;
821 security_bits = X448_SECURITY_BITS;
827 fromdata_params = ed25519_fromdata_params;
829 security_bits = ED25519_SECURITY_BITS;
830 size = ED25519_KEYLEN;
835 fromdata_params = ed448_fromdata_params;
837 security_bits = ED448_SECURITY_BITS;
843 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
847 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
848 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
849 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
850 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
851 || !TEST_int_eq(EVP_PKEY_size(pk), size))
854 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
855 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
858 if (!TEST_true(EVP_PKEY_get_octet_string_param(
859 pk, fromdata_params[PRIV_KEY].key,
860 out_priv, sizeof(out_priv), &len))
861 || !TEST_mem_eq(out_priv, len,
862 fromdata_params[PRIV_KEY].data,
863 fromdata_params[PRIV_KEY].data_size)
864 || !TEST_true(EVP_PKEY_get_octet_string_param(
865 pk, fromdata_params[PUB_KEY].key,
866 out_pub, sizeof(out_pub), &len))
867 || !TEST_mem_eq(out_pub, len,
868 fromdata_params[PUB_KEY].data,
869 fromdata_params[PUB_KEY].data_size))
872 ret = test_print_key_using_pem(alg, pk)
873 && test_print_key_using_serializer(alg, pk);
877 EVP_PKEY_free(copy_pk);
878 EVP_PKEY_CTX_free(ctx);
885 static int test_fromdata_ec(void)
888 EVP_PKEY_CTX *ctx = NULL;
889 EVP_PKEY *pk = NULL, *copy_pk = NULL;
890 OSSL_PARAM_BLD *bld = NULL;
891 BIGNUM *ec_priv_bn = NULL;
892 BIGNUM *bn_priv = NULL;
893 OSSL_PARAM *fromdata_params = NULL;
894 const char *alg = "EC";
895 const char *curve = "prime256v1";
896 /* UNCOMPRESSED FORMAT */
897 static const unsigned char ec_pub_keydata[] = {
898 POINT_CONVERSION_UNCOMPRESSED,
899 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
900 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
901 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
902 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
903 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
904 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
905 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
906 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
908 static const unsigned char ec_priv_keydata[] = {
909 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
910 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
911 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
912 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
914 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
915 unsigned char out_pub[sizeof(ec_pub_keydata)];
916 char out_curve_name[80];
917 const OSSL_PARAM *gettable = NULL;
921 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
923 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
924 sizeof(ec_priv_keydata), NULL)))
927 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME,
930 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
932 sizeof(ec_pub_keydata)) <= 0)
934 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
936 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
938 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
942 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
943 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
944 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
945 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
946 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
949 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
950 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
953 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
954 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_NAME))
955 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
956 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
959 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_EC_NAME,
960 out_curve_name, sizeof(out_curve_name),
962 || !TEST_str_eq(out_curve_name, curve)
963 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
964 out_pub, sizeof(out_pub), &len)
965 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
966 || !TEST_mem_eq(out_pub + 1, len - 1,
967 ec_pub_keydata + 1, compressed_sz - 1)
968 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
970 || !TEST_BN_eq(ec_priv_bn, bn_priv))
973 ret = test_print_key_using_pem(alg, pk)
974 && test_print_key_using_serializer(alg, pk);
978 OSSL_PARAM_BLD_free_params(fromdata_params);
979 OSSL_PARAM_BLD_free(bld);
981 EVP_PKEY_free(copy_pk);
982 EVP_PKEY_CTX_free(ctx);
986 #endif /* OPENSSL_NO_EC */
988 #ifndef OPENSSL_NO_DSA
989 static int test_fromdata_dsa_fips186_4(void)
992 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
993 EVP_PKEY *pk = NULL, *copy_pk = NULL;
994 BIGNUM *pub = NULL, *priv = NULL;
995 BIGNUM *p = NULL, *q = NULL, *g = NULL;
996 BIGNUM *pub_out = NULL, *priv_out = NULL;
997 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
998 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1000 unsigned char seed_out[32];
1002 OSSL_PARAM_BLD *bld = NULL;
1003 OSSL_PARAM *fromdata_params = NULL;
1006 * DSA parameter data was generated using the following:
1007 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1008 * -pkeyopt qbits:256 -pkeyopt type:0 \
1009 * -pkeyopt gindex:1 -out dsa_params.pem -text
1011 static const unsigned char p_data[] = {
1012 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1013 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1014 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1015 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1016 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1017 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1018 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1019 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1020 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1021 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1022 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1023 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1024 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1025 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1026 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1027 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1028 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1029 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1030 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1031 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1032 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1033 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1035 static const unsigned char q_data[] = {
1036 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1037 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1038 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1040 static const unsigned char g_data[] = {
1041 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1042 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1043 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1044 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1045 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1046 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1047 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1048 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1049 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1050 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1051 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1052 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1053 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1054 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1055 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1056 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1057 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1058 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1059 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1060 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1061 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1062 0x02, 0x6f, 0x96, 0x36
1064 static const unsigned char seed_data[] = {
1065 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1066 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1067 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1069 const int gindex = 1;
1070 const int pcounter = 53;
1072 * The keypair was generated using
1073 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1074 * -pkeyopt gindex:1 \
1075 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1077 static const unsigned char priv_data[] = {
1078 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1079 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1080 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1082 static const unsigned char pub_data[] = {
1083 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1084 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1085 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1086 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1087 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1088 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1089 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1090 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1091 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1092 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1093 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1094 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1095 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1096 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1097 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1098 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1099 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1100 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1101 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1102 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1103 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1104 0x48, 0xd1, 0x8a, 0xbd
1107 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1108 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1109 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1110 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1111 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1112 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1114 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1115 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1116 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1117 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1118 OSSL_PKEY_PARAM_FFC_SEED,
1121 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1123 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1124 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1126 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1128 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1130 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1133 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1136 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1137 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1138 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1139 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1140 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1143 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
1144 name_out, sizeof(name_out),
1146 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1148 || !TEST_BN_eq(pub, pub_out)
1149 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1151 || !TEST_BN_eq(priv, priv_out)
1152 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1153 || !TEST_BN_eq(p, p_out)
1154 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1155 || !TEST_BN_eq(q, q_out)
1156 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1157 || !TEST_BN_eq(g, g_out)
1158 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1160 || !TEST_ptr_null(j_out)
1161 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1162 OSSL_PKEY_PARAM_FFC_SEED,
1163 seed_out, sizeof(seed_out),
1165 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1167 || !TEST_int_eq(gindex, gindex_out)
1168 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1170 || !TEST_int_eq(hindex_out, 0)
1171 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1173 || !TEST_int_eq(pcounter, pcounter_out))
1176 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1179 if (!TEST_true(EVP_PKEY_check(key_ctx))
1180 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1181 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1182 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1185 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1186 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1189 ret = test_print_key_using_pem("DSA", pk)
1190 && test_print_key_using_serializer("DSA", pk);
1192 OSSL_PARAM_BLD_free_params(fromdata_params);
1193 OSSL_PARAM_BLD_free(bld);
1206 EVP_PKEY_free(copy_pk);
1207 EVP_PKEY_CTX_free(ctx);
1208 EVP_PKEY_CTX_free(key_ctx);
1212 #endif /* OPENSSL_NO_DSA */
1215 int setup_tests(void)
1217 if (!test_skip_common_options()) {
1218 TEST_error("Error parsing test options\n");
1222 if (!TEST_ptr(datadir = test_get_argument(0)))
1225 ADD_TEST(test_evp_pkey_get_bn_param_large);
1226 ADD_TEST(test_fromdata_rsa);
1227 #ifndef OPENSSL_NO_DH
1228 ADD_TEST(test_fromdata_dh_fips186_4);
1229 ADD_TEST(test_fromdata_dh_named_group);
1231 #ifndef OPENSSL_NO_DSA
1232 ADD_TEST(test_fromdata_dsa_fips186_4);
1234 #ifndef OPENSSL_NO_EC
1235 ADD_ALL_TESTS(test_fromdata_ecx, 4);
1236 ADD_TEST(test_fromdata_ec);