TEST: Adapt test/evp_pkey_provided_test.c to check the key size
[openssl.git] / test / evp_pkey_provided_test.c
1 /*
2  * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9
10 #include <openssl/evp.h>
11 #include <openssl/pem.h>
12 #include <openssl/serializer.h>
13 #include <openssl/provider.h>
14 #include <openssl/params.h>
15 #include <openssl/core_names.h>
16 #include "internal/nelem.h"
17 #include "crypto/evp.h"          /* For the internal API */
18 #include "testutil.h"
19
20 static int test_print_key_using_pem(const EVP_PKEY *pk)
21 {
22     if (!TEST_true(EVP_PKEY_print_private(bio_out, pk, 0, NULL))
23         /* Public key in PEM form */
24         || !TEST_true(PEM_write_bio_PUBKEY(bio_out, pk))
25         /* Unencrypted private key in PEM form */
26         || !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk,
27                                                NULL, NULL, 0, NULL, NULL))
28         /* Encrypted private key in PEM form */
29         || !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
30                                                (unsigned char *)"pass", 4,
31                                                NULL, NULL)))
32         return 0;
33
34     return 1;
35 }
36
37 static int test_print_key_using_serializer(const EVP_PKEY *pk)
38 {
39     const char *pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
40     OSSL_SERIALIZER_CTX *ctx = NULL;
41     int ret = 1;
42
43     /* Make a context, it's valid for several prints */
44     TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
45     if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
46         /* Check that this operation is supported */
47         || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx))
48         /* Set a passphrase to be used later */
49         || !TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
50                                                          (unsigned char *)"pass",
51                                                          4)))
52         goto err;
53
54     /* Use no cipher.  This should give us an unencrypted PEM */
55     TEST_note("Displaying PEM with no encryption");
56     if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
57         ret = 0;
58
59     /* Use a valid cipher name */
60     TEST_note("Displaying PEM encrypted with AES-256-CBC");
61     if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
62         || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
63         ret = 0;
64
65     /* Use an invalid cipher name, which should generate no output */
66     TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
67     if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
68         || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
69         ret = 0;
70
71     /* Clear the cipher.  This should give us an unencrypted PEM again */
72     TEST_note("Displaying PEM with encryption cleared (no encryption)");
73     if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
74         || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
75         ret = 0;
76
77 err:
78     OSSL_SERIALIZER_CTX_free(ctx);
79     return ret;
80 }
81
82 /* Array indexes used in test_fromdata_rsa */
83 #define N       0
84 #define E       1
85 #define D       2
86 #define P       3
87 #define Q       4
88 #define DP      5
89 #define DQ      6
90 #define QINV    7
91
92 static int test_fromdata_rsa(void)
93 {
94     int ret = 0;
95     EVP_PKEY_CTX *ctx = NULL;
96     EVP_PKEY *pk = NULL;
97     /*
98      * 32-bit RSA key, extracted from this command,
99      * executed with OpenSSL 1.0.2:
100      *
101      * openssl genrsa 32 | openssl rsa -text
102      */
103     static unsigned long key_numbers[] = {
104         0xbc747fc5,              /* N */
105         0x10001,                 /* E */
106         0x7b133399,              /* D */
107         0xe963,                  /* P */
108         0xceb7,                  /* Q */
109         0x8599,                  /* DP */
110         0xbd87,                  /* DQ */
111         0xcc3b,                  /* QINV */
112     };
113     OSSL_PARAM fromdata_params[] = {
114         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
115         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
116         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
117         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR, &key_numbers[P]),
118         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR, &key_numbers[Q]),
119         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT, &key_numbers[DP]),
120         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT, &key_numbers[DQ]),
121         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT, &key_numbers[QINV]),
122         OSSL_PARAM_END
123     };
124
125     if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
126         goto err;
127
128     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
129         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
130         || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
131         || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
132         || !TEST_int_eq(EVP_PKEY_size(pk), 4))
133         goto err;
134
135     ret = test_print_key_using_pem(pk)
136         | test_print_key_using_serializer(pk);
137
138  err:
139     EVP_PKEY_free(pk);
140     EVP_PKEY_CTX_free(ctx);
141
142     return ret;
143 }
144
145 #ifndef OPENSSL_NO_DH
146 /* Array indexes used in test_fromdata_dh */
147 #define PRIV_KEY        0
148 #define PUB_KEY         1
149 #define FFC_P           2
150 #define FFC_G           3
151
152 static int test_fromdata_dh(void)
153 {
154     int ret = 0;
155     EVP_PKEY_CTX *ctx = NULL;
156     EVP_PKEY *pk = NULL;
157     /*
158      * 32-bit DH key, extracted from this command,
159      * executed with OpenSSL 1.0.2:
160      *
161      * openssl dhparam -out dhp.pem 32
162      * openssl genpkey -paramfile dhp.pem | openssl pkey -text
163      */
164     static unsigned long key_numbers[] = {
165         0x666c2b06,              /* priv-key */
166         0x6fa6de50,              /* pub-key */
167         0x8bb45f53,              /* P */
168         0x2,                     /* G */
169     };
170     OSSL_PARAM fromdata_params[] = {
171         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_DH_PRIV_KEY, &key_numbers[PRIV_KEY]),
172         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_DH_PUB_KEY, &key_numbers[PUB_KEY]),
173         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_FFC_P, &key_numbers[FFC_P]),
174         OSSL_PARAM_ulong(OSSL_PKEY_PARAM_FFC_G, &key_numbers[FFC_G]),
175         OSSL_PARAM_END
176     };
177
178     if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
179         goto err;
180
181     if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
182         || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
183         || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
184         || !TEST_int_eq(EVP_PKEY_security_bits(pk), 0) /* Missing Q */
185         || !TEST_int_eq(EVP_PKEY_size(pk), 4))
186         goto err;
187
188     ret = test_print_key_using_pem(pk)
189         | test_print_key_using_serializer(pk);
190
191  err:
192     EVP_PKEY_free(pk);
193     EVP_PKEY_CTX_free(ctx);
194
195     return ret;
196 }
197 #endif
198
199 int setup_tests(void)
200 {
201     ADD_TEST(test_fromdata_rsa);
202 #ifndef OPENSSL_NO_DH
203     ADD_TEST(test_fromdata_dh);
204 #endif
205     return 1;
206 }