2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include <openssl/sha.h>
18 #include "crypto/ecx.h"
19 #include "crypto/evp.h" /* For the internal API */
20 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21 #include "internal/nelem.h"
24 static char *datadir = NULL;
27 * Do not change the order of the following defines unless you also
28 * update the for loop bounds used inside test_print_key_using_encoder() and
29 * test_print_key_using_encoder_public().
38 static void stripcr(char *buf, size_t *len)
43 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
54 static int compare_with_file(const char *alg, int type, BIO *membio)
59 char *memdata, *fullfile = NULL;
92 TEST_error("Invalid file type");
96 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97 fullfile = test_mk_file_path(datadir, filename);
98 if (!TEST_ptr(fullfile))
101 file = BIO_new_file(fullfile, "rb");
105 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106 || !TEST_true(BIO_eof(file))
107 || !TEST_size_t_lt(readbytes, sizeof(buf)))
110 len = BIO_get_mem_data(membio, &memdata);
111 if (!TEST_int_gt(len, 0))
115 if (type != PRIV_DER && type != PUB_DER) {
116 stripcr(memdata, &slen);
117 stripcr(buf, &readbytes);
120 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
125 OPENSSL_free(fullfile);
126 (void)BIO_reset(membio);
131 static int pass_cb(char *buf, int size, int rwflag, void *u)
136 static int pass_cb_error(char *buf, int size, int rwflag, void *u)
141 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
143 BIO *membio = BIO_new(BIO_s_mem());
146 if (!TEST_ptr(membio))
149 if (/* Output Encrypted private key in PEM form */
150 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151 (unsigned char *)"pass", 4,
153 /* Output zero-length passphrase encrypted private key in PEM form */
154 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
158 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
161 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
163 NULL, 0, pass_cb, NULL))
164 || !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
166 NULL, 0, pass_cb_error,
168 /* Private key in text form */
169 || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
170 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
171 /* Public key in PEM form */
172 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
173 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
174 /* Unencrypted private key in PEM form */
175 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
176 NULL, NULL, 0, NULL, NULL))
177 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
186 static int test_print_key_type_using_encoder(const char *alg, int type,
189 const char *output_type, *output_structure;
191 OSSL_ENCODER_CTX *ctx = NULL;
192 BIO *membio = BIO_new(BIO_s_mem());
197 output_type = "TEXT";
198 output_structure = NULL;
199 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
200 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
205 output_structure = "PrivateKeyInfo";
206 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
207 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
212 output_structure = "PrivateKeyInfo";
213 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
214 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
218 output_type = "TEXT";
219 output_structure = NULL;
220 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
221 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
226 output_structure = "SubjectPublicKeyInfo";
227 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
228 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
233 output_structure = "SubjectPublicKeyInfo";
234 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
235 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
239 TEST_error("Invalid encoding type");
243 if (!TEST_ptr(membio))
246 /* Make a context, it's valid for several prints */
247 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
248 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
252 /* Check that this operation is supported */
253 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
256 /* Use no cipher. This should give us an unencrypted PEM */
257 TEST_note("Testing with no encryption");
258 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
259 || !TEST_true(compare_with_file(alg, type, membio)))
262 if (type == PRIV_PEM) {
263 /* Set a passphrase to be used later */
264 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
265 (unsigned char *)"pass",
269 /* Use a valid cipher name */
270 TEST_note("Displaying PEM encrypted with AES-256-CBC");
271 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
272 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
275 /* Use an invalid cipher name, which should generate no output */
276 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
277 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
278 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
281 /* Clear the cipher. This should give us an unencrypted PEM again */
282 TEST_note("Testing with encryption cleared (no encryption)");
283 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
284 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
285 || !TEST_true(compare_with_file(alg, type, membio)))
291 OSSL_ENCODER_CTX_free(ctx);
295 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
300 for (i = PRIV_TEXT; i <= PUB_DER; i++)
301 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
306 #ifndef OPENSSL_NO_EC
307 static int test_print_key_using_encoder_public(const char *alg,
313 for (i = PUB_TEXT; i <= PUB_DER; i++)
314 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
320 /* Array indexes used in test_fromdata_rsa */
330 static int test_fromdata_rsa(void)
333 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
334 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
336 * 32-bit RSA key, extracted from this command,
337 * executed with OpenSSL 1.0.2:
339 * openssl genrsa 32 | openssl rsa -text
341 static unsigned long key_numbers[] = {
351 OSSL_PARAM fromdata_params[] = {
352 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
353 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
354 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
355 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
356 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
357 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
358 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
359 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
362 BIGNUM *bn = BN_new();
363 BIGNUM *bn_from = BN_new();
365 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
368 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
369 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
370 fromdata_params), 1))
373 while (dup_pk == NULL) {
375 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
376 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
377 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
378 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
381 EVP_PKEY_CTX_free(key_ctx);
382 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
385 if (!TEST_true(EVP_PKEY_check(key_ctx))
386 || !TEST_true(EVP_PKEY_public_check(key_ctx))
387 || !TEST_true(EVP_PKEY_private_check(key_ctx))
388 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
391 /* EVP_PKEY_copy_parameters() should fail for RSA */
392 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
393 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
395 EVP_PKEY_free(copy_pk);
398 ret = test_print_key_using_pem("RSA", pk)
399 && test_print_key_using_encoder("RSA", pk);
401 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
403 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
410 /* for better diagnostics always compare key params */
411 for (i = 0; fromdata_params[i].key != NULL; ++i) {
412 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
413 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
414 || !TEST_BN_eq(bn, bn_from))
420 EVP_PKEY_free(copy_pk);
421 EVP_PKEY_CTX_free(key_ctx);
422 EVP_PKEY_CTX_free(ctx);
427 static int test_evp_pkey_get_bn_param_large(void)
430 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
432 OSSL_PARAM_BLD *bld = NULL;
433 OSSL_PARAM *fromdata_params = NULL;
434 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
436 * The buffer size chosen here for n_data larger than the buffer used
437 * internally in EVP_PKEY_get_bn_param.
439 static unsigned char n_data[2050];
440 static const unsigned char e_data[] = {
443 static const unsigned char d_data[]= {
444 0x99, 0x33, 0x13, 0x7b
447 /* N is a large buffer */
448 memset(n_data, 0xCE, sizeof(n_data));
450 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
451 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
452 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
453 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
454 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
455 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
456 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
457 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
458 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
459 || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
460 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
462 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
463 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
464 || !TEST_BN_eq(n, n_out))
473 EVP_PKEY_CTX_free(key_ctx);
474 EVP_PKEY_CTX_free(ctx);
475 OSSL_PARAM_free(fromdata_params);
476 OSSL_PARAM_BLD_free(bld);
481 #ifndef OPENSSL_NO_DH
482 static int test_fromdata_dh_named_group(void)
485 int gindex = 0, pcounter = 0, hindex = 0;
486 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
487 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
489 BIGNUM *pub = NULL, *priv = NULL;
490 BIGNUM *pub_out = NULL, *priv_out = NULL;
491 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
492 OSSL_PARAM *fromdata_params = NULL;
493 OSSL_PARAM_BLD *bld = NULL;
495 unsigned char seed_out[32];
498 * DH key data was generated using the following:
499 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
500 * -pkeyopt priv_len:224 -text
502 static const unsigned char priv_data[] = {
503 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
504 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
505 0x87, 0xe8, 0xa9, 0x7b,
507 static const unsigned char pub_data[] = {
508 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
509 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
510 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
511 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
512 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
513 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
514 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
515 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
516 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
517 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
518 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
519 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
520 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
521 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
522 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
523 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
524 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
525 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
526 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
527 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
528 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
529 0xcf, 0x33, 0x42, 0x83, 0x42
531 static const char group_name[] = "ffdhe2048";
532 static const long priv_len = 224;
534 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
535 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
536 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
537 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
538 OSSL_PKEY_PARAM_GROUP_NAME,
540 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
542 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
543 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
544 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
547 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
550 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
551 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
552 fromdata_params), 1))
556 * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
557 * it behaves as expected with regards to string length and terminating
560 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
561 OSSL_PKEY_PARAM_GROUP_NAME,
562 NULL, sizeof(name_out),
564 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
565 /* Just enough space to hold the group name and a terminating NUL */
566 || !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
567 OSSL_PKEY_PARAM_GROUP_NAME,
571 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
572 /* Too small buffer to hold the terminating NUL byte */
573 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
574 OSSL_PKEY_PARAM_GROUP_NAME,
576 sizeof(group_name) - 1,
578 /* Too small buffer to hold the whole group name, even! */
579 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
580 OSSL_PKEY_PARAM_GROUP_NAME,
582 sizeof(group_name) - 2,
586 while (dup_pk == NULL) {
588 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
589 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
590 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
591 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
594 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
595 OSSL_PKEY_PARAM_GROUP_NAME,
599 || !TEST_str_eq(name_out, group_name)
600 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
603 || !TEST_BN_eq(pub, pub_out)
604 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
606 || !TEST_BN_eq(priv, priv_out)
607 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
608 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
609 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
611 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
612 || !TEST_BN_eq(&ossl_bignum_const_2, g)
613 || !TEST_false(EVP_PKEY_get_bn_param(pk,
614 OSSL_PKEY_PARAM_FFC_COFACTOR,
617 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
618 OSSL_PKEY_PARAM_FFC_SEED,
622 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
624 || !TEST_int_eq(gindex, -1)
625 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
627 || !TEST_int_eq(hindex, 0)
628 || !TEST_true(EVP_PKEY_get_int_param(pk,
629 OSSL_PKEY_PARAM_FFC_PCOUNTER,
631 || !TEST_int_eq(pcounter, -1))
646 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
649 if (!TEST_true(EVP_PKEY_check(key_ctx))
650 || !TEST_true(EVP_PKEY_public_check(key_ctx))
651 || !TEST_true(EVP_PKEY_private_check(key_ctx))
652 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
654 EVP_PKEY_CTX_free(key_ctx);
657 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
658 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
660 EVP_PKEY_free(copy_pk);
663 ret = test_print_key_using_pem("DH", pk)
664 && test_print_key_using_encoder("DH", pk);
666 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
668 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
683 EVP_PKEY_free(copy_pk);
685 EVP_PKEY_CTX_free(ctx);
686 EVP_PKEY_CTX_free(key_ctx);
687 OSSL_PARAM_free(fromdata_params);
688 OSSL_PARAM_BLD_free(bld);
693 static int test_fromdata_dh_fips186_4(void)
696 int gindex = 0, pcounter = 0, hindex = 0;
697 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
698 EVP_PKEY *pk = NULL, *dup_pk = NULL;
700 BIGNUM *pub = NULL, *priv = NULL;
701 BIGNUM *pub_out = NULL, *priv_out = NULL;
702 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
703 OSSL_PARAM_BLD *bld = NULL;
704 OSSL_PARAM *fromdata_params = NULL;
706 unsigned char seed_out[32];
709 * DH key data was generated using the following:
710 * openssl genpkey -algorithm DH
711 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
713 static const unsigned char priv_data[] = {
714 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
715 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
716 0x87, 0xe8, 0xa9, 0x7b,
718 static const unsigned char pub_data[] = {
719 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
720 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
721 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
722 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
723 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
724 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
725 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
726 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
727 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
728 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
729 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
730 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
731 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
732 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
733 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
734 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
735 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
736 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
737 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
738 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
739 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
740 0x33, 0x42, 0x83, 0x42
742 static const char group_name[] = "ffdhe2048";
743 static const long priv_len = 224;
746 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
747 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
748 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
749 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
750 OSSL_PKEY_PARAM_GROUP_NAME,
752 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
754 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
755 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
756 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
759 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
762 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
763 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
764 fromdata_params), 1))
767 while (dup_pk == NULL) {
769 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
770 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
771 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
772 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
775 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
776 OSSL_PKEY_PARAM_GROUP_NAME,
780 || !TEST_str_eq(name_out, group_name)
781 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
783 || !TEST_BN_eq(pub, pub_out)
784 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
786 || !TEST_BN_eq(priv, priv_out)
787 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
788 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
789 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
791 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
792 || !TEST_BN_eq(&ossl_bignum_const_2, g)
793 || !TEST_false(EVP_PKEY_get_bn_param(pk,
794 OSSL_PKEY_PARAM_FFC_COFACTOR,
797 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
798 OSSL_PKEY_PARAM_FFC_SEED,
802 || !TEST_true(EVP_PKEY_get_int_param(pk,
803 OSSL_PKEY_PARAM_FFC_GINDEX,
805 || !TEST_int_eq(gindex, -1)
806 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
808 || !TEST_int_eq(hindex, 0)
809 || !TEST_true(EVP_PKEY_get_int_param(pk,
810 OSSL_PKEY_PARAM_FFC_PCOUNTER,
812 || !TEST_int_eq(pcounter, -1))
827 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
830 if (!TEST_true(EVP_PKEY_check(key_ctx))
831 || !TEST_true(EVP_PKEY_public_check(key_ctx))
832 || !TEST_true(EVP_PKEY_private_check(key_ctx))
833 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
835 EVP_PKEY_CTX_free(key_ctx);
838 ret = test_print_key_using_pem("DH", pk)
839 && test_print_key_using_encoder("DH", pk);
841 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
843 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
859 EVP_PKEY_CTX_free(ctx);
860 EVP_PKEY_CTX_free(key_ctx);
861 OSSL_PARAM_free(fromdata_params);
862 OSSL_PARAM_BLD_free(bld);
871 #ifndef OPENSSL_NO_EC
872 /* Array indexes used in test_fromdata_ecx */
876 # define X25519_IDX 0
878 # define ED25519_IDX 2
882 * tst uses indexes 0 ... (3 * 4 - 1)
883 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
884 * 0..3 = public + private key.
885 * 4..7 = private key (This will generate the public key from the private key)
888 static int test_fromdata_ecx(int tst)
891 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
892 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
893 const char *alg = NULL;
895 unsigned char out_pub[ED448_KEYLEN];
896 unsigned char out_priv[ED448_KEYLEN];
897 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
899 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
900 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
901 /* X25519: Keys from RFC 7748 6.1 */
905 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
906 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
907 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
912 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
913 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
914 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
918 /* X448: Keys from RFC 7748 6.2 */
922 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
923 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
924 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
925 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
926 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
927 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
931 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
932 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
933 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
934 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
935 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
936 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
939 /* ED25519: Keys from RFC 8032 */
943 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
944 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
945 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
950 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
951 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
952 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
956 /* ED448: Keys from RFC 8032 */
960 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
961 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
962 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
963 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
964 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
965 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
969 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
970 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
971 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
972 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
973 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
974 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
978 OSSL_PARAM x25519_fromdata_params[] = {
979 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
980 key_numbers[X25519_IDX][PRIV_KEY],
982 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
983 key_numbers[X25519_IDX][PUB_KEY],
987 OSSL_PARAM x448_fromdata_params[] = {
988 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
989 key_numbers[X448_IDX][PRIV_KEY],
991 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
992 key_numbers[X448_IDX][PUB_KEY],
996 OSSL_PARAM ed25519_fromdata_params[] = {
997 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
998 key_numbers[ED25519_IDX][PRIV_KEY],
1000 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1001 key_numbers[ED25519_IDX][PUB_KEY],
1005 OSSL_PARAM ed448_fromdata_params[] = {
1006 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1007 key_numbers[ED448_IDX][PRIV_KEY],
1009 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1010 key_numbers[ED448_IDX][PUB_KEY],
1014 OSSL_PARAM *fromdata_params = NULL;
1015 int bits = 0, security_bits = 0, size = 0;
1016 OSSL_PARAM *orig_fromdata_params = NULL;
1020 fromdata_params = x25519_fromdata_params;
1022 security_bits = X25519_SECURITY_BITS;
1023 size = X25519_KEYLEN;
1028 fromdata_params = x448_fromdata_params;
1030 security_bits = X448_SECURITY_BITS;
1036 fromdata_params = ed25519_fromdata_params;
1037 bits = ED25519_BITS;
1038 security_bits = ED25519_SECURITY_BITS;
1039 size = ED25519_SIGSIZE;
1044 fromdata_params = ed448_fromdata_params;
1046 security_bits = ED448_SECURITY_BITS;
1047 size = ED448_SIGSIZE;
1054 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1058 orig_fromdata_params = fromdata_params;
1060 /* public key only */
1062 } else if (tst > 3) {
1063 /* private key only */
1064 params[0] = fromdata_params[0];
1065 params[1] = fromdata_params[2];
1066 fromdata_params = params;
1069 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1070 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1071 fromdata_params), 1))
1074 while (dup_pk == NULL) {
1076 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1077 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1078 || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1079 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1082 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1085 if (!TEST_true(EVP_PKEY_check(ctx2)))
1087 if (!TEST_true(EVP_PKEY_get_octet_string_param(
1088 pk, orig_fromdata_params[PRIV_KEY].key,
1089 out_priv, sizeof(out_priv), &len))
1090 || !TEST_mem_eq(out_priv, len,
1091 orig_fromdata_params[PRIV_KEY].data,
1092 orig_fromdata_params[PRIV_KEY].data_size)
1093 || !TEST_true(EVP_PKEY_get_octet_string_param(
1094 pk, orig_fromdata_params[PUB_KEY].key,
1095 out_pub, sizeof(out_pub), &len))
1096 || !TEST_mem_eq(out_pub, len,
1097 orig_fromdata_params[PUB_KEY].data,
1098 orig_fromdata_params[PUB_KEY].data_size))
1101 /* The private key check should fail if there is only a public key */
1102 if (!TEST_true(EVP_PKEY_public_check(ctx2))
1103 || !TEST_false(EVP_PKEY_private_check(ctx2))
1104 || !TEST_false(EVP_PKEY_check(ctx2)))
1107 EVP_PKEY_CTX_free(ctx2);
1110 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1111 /* This should succeed because there are no parameters to copy */
1112 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1114 EVP_PKEY_free(copy_pk);
1118 ret = test_print_key_using_encoder_public(alg, pk);
1120 ret = test_print_key_using_pem(alg, pk)
1121 && test_print_key_using_encoder(alg, pk);
1123 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1125 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1134 EVP_PKEY_free(copy_pk);
1135 EVP_PKEY_CTX_free(ctx);
1136 EVP_PKEY_CTX_free(ctx2);
1141 static int test_fromdata_ec(void)
1144 EVP_PKEY_CTX *ctx = NULL;
1145 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1146 OSSL_PARAM_BLD *bld = NULL;
1147 BIGNUM *ec_priv_bn = NULL;
1148 BIGNUM *bn_priv = NULL;
1149 OSSL_PARAM *fromdata_params = NULL;
1150 const char *alg = "EC";
1151 const char *curve = "prime256v1";
1152 const char bad_curve[] = "nonexistent-curve";
1153 OSSL_PARAM nokey_params[2] = {
1157 /* UNCOMPRESSED FORMAT */
1158 static const unsigned char ec_pub_keydata[] = {
1159 POINT_CONVERSION_UNCOMPRESSED,
1160 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1161 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1162 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1163 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1164 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1165 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1166 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1167 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1169 static const unsigned char ec_priv_keydata[] = {
1170 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1171 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1172 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1173 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1175 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1176 unsigned char out_pub[sizeof(ec_pub_keydata)];
1177 char out_curve_name[80];
1178 const OSSL_PARAM *gettable = NULL;
1180 EC_GROUP *group = NULL;
1181 BIGNUM *group_a = NULL;
1182 BIGNUM *group_b = NULL;
1183 BIGNUM *group_p = NULL;
1189 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1191 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1192 sizeof(ec_priv_keydata), NULL)))
1195 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1198 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1200 sizeof(ec_pub_keydata)) <= 0)
1202 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1204 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1206 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1210 /* try importing parameters with bad curve first */
1212 OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1213 (char *)bad_curve, sizeof(bad_curve));
1214 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1215 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1217 || !TEST_ptr_null(pk))
1220 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1221 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1222 fromdata_params), 1))
1225 while (dup_pk == NULL) {
1227 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1228 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1229 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1230 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1233 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1234 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1236 EVP_PKEY_free(copy_pk);
1239 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1240 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1241 OSSL_PKEY_PARAM_GROUP_NAME))
1242 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1243 OSSL_PKEY_PARAM_PUB_KEY))
1244 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1245 OSSL_PKEY_PARAM_PRIV_KEY)))
1248 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1249 || !TEST_ptr(group_p = BN_new())
1250 || !TEST_ptr(group_a = BN_new())
1251 || !TEST_ptr(group_b = BN_new())
1252 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1255 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1256 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1257 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1260 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
1261 || !TEST_BN_eq(group_b, b))
1264 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1266 sizeof(out_curve_name),
1268 || !TEST_str_eq(out_curve_name, curve)
1269 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1270 out_pub, sizeof(out_pub), &len)
1271 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1272 || !TEST_mem_eq(out_pub + 1, len - 1,
1273 ec_pub_keydata + 1, compressed_sz - 1)
1274 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1276 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1281 ret = test_print_key_using_pem(alg, pk)
1282 && test_print_key_using_encoder(alg, pk);
1284 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1286 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1294 EC_GROUP_free(group);
1302 BN_free(ec_priv_bn);
1303 OSSL_PARAM_free(fromdata_params);
1304 OSSL_PARAM_BLD_free(bld);
1306 EVP_PKEY_free(copy_pk);
1307 EVP_PKEY_CTX_free(ctx);
1311 static int test_ec_dup_no_operation(void)
1314 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1315 EVP_PKEY *param = NULL, *pkey = NULL;
1317 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1318 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1319 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1320 NID_X9_62_prime256v1), 0)
1321 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1322 || !TEST_ptr(param))
1325 EVP_PKEY_CTX_free(pctx);
1328 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1329 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1330 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1331 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1335 EVP_PKEY_free(pkey);
1336 EVP_PKEY_free(param);
1337 EVP_PKEY_CTX_free(ctx);
1338 EVP_PKEY_CTX_free(kctx);
1339 EVP_PKEY_CTX_free(pctx);
1343 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1344 static int test_ec_dup_keygen_operation(void)
1347 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1348 EVP_PKEY *param = NULL, *pkey = NULL;
1350 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1351 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1352 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1353 NID_X9_62_prime256v1), 0)
1354 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1355 || !TEST_ptr(param))
1358 EVP_PKEY_CTX_free(pctx);
1361 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1362 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1363 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1367 EVP_PKEY_free(pkey);
1368 EVP_PKEY_free(param);
1369 EVP_PKEY_CTX_free(ctx);
1370 EVP_PKEY_CTX_free(kctx);
1371 EVP_PKEY_CTX_free(pctx);
1375 #endif /* OPENSSL_NO_EC */
1377 #ifndef OPENSSL_NO_DSA
1378 static int test_fromdata_dsa_fips186_4(void)
1381 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1382 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1383 BIGNUM *pub = NULL, *priv = NULL;
1384 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1385 BIGNUM *pub_out = NULL, *priv_out = NULL;
1386 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1387 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1389 unsigned char seed_out[32];
1391 OSSL_PARAM_BLD *bld = NULL;
1392 OSSL_PARAM *fromdata_params = NULL;
1395 * DSA parameter data was generated using the following:
1396 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1397 * -pkeyopt qbits:256 -pkeyopt type:0 \
1398 * -pkeyopt gindex:1 -out dsa_params.pem -text
1400 static const unsigned char p_data[] = {
1401 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1402 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1403 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1404 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1405 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1406 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1407 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1408 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1409 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1410 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1411 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1412 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1413 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1414 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1415 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1416 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1417 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1418 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1419 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1420 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1421 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1422 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1424 static const unsigned char q_data[] = {
1425 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1426 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1427 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1429 static const unsigned char g_data[] = {
1430 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1431 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1432 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1433 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1434 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1435 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1436 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1437 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1438 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1439 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1440 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1441 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1442 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1443 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1444 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1445 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1446 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1447 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1448 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1449 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1450 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1451 0x02, 0x6f, 0x96, 0x36
1453 static const unsigned char seed_data[] = {
1454 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1455 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1456 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1458 const int gindex = 1;
1459 const int pcounter = 53;
1461 * The keypair was generated using
1462 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1463 * -pkeyopt gindex:1 \
1464 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1466 static const unsigned char priv_data[] = {
1467 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1468 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1469 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1471 static const unsigned char pub_data[] = {
1472 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1473 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1474 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1475 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1476 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1477 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1478 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1479 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1480 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1481 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1482 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1483 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1484 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1485 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1486 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1487 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1488 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1489 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1490 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1491 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1492 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1493 0x48, 0xd1, 0x8a, 0xbd
1496 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1497 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1498 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1499 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1500 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1501 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1503 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1504 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1505 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1506 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1507 OSSL_PKEY_PARAM_FFC_SEED,
1510 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1512 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1513 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1515 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1517 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1519 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1522 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1525 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1526 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1527 fromdata_params), 1))
1530 while (dup_pk == NULL) {
1532 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1533 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1534 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1535 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1538 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1539 OSSL_PKEY_PARAM_GROUP_NAME,
1543 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1545 || !TEST_BN_eq(pub, pub_out)
1546 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1548 || !TEST_BN_eq(priv, priv_out)
1549 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1551 || !TEST_BN_eq(p, p_out)
1552 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1554 || !TEST_BN_eq(q, q_out)
1555 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1557 || !TEST_BN_eq(g, g_out)
1558 || !TEST_false(EVP_PKEY_get_bn_param(pk,
1559 OSSL_PKEY_PARAM_FFC_COFACTOR,
1561 || !TEST_ptr_null(j_out)
1562 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1563 OSSL_PKEY_PARAM_FFC_SEED,
1567 || !TEST_true(EVP_PKEY_get_int_param(pk,
1568 OSSL_PKEY_PARAM_FFC_GINDEX,
1570 || !TEST_int_eq(gindex, gindex_out)
1571 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1573 || !TEST_int_eq(hindex_out, 0)
1574 || !TEST_true(EVP_PKEY_get_int_param(pk,
1575 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1577 || !TEST_int_eq(pcounter, pcounter_out))
1592 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1595 if (!TEST_true(EVP_PKEY_check(key_ctx))
1596 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1597 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1598 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1600 EVP_PKEY_CTX_free(key_ctx);
1603 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1604 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1606 EVP_PKEY_free(copy_pk);
1609 ret = test_print_key_using_pem("DSA", pk)
1610 && test_print_key_using_encoder("DSA", pk);
1612 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1614 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1622 OSSL_PARAM_free(fromdata_params);
1623 OSSL_PARAM_BLD_free(bld);
1636 EVP_PKEY_free(copy_pk);
1637 EVP_PKEY_CTX_free(ctx);
1638 EVP_PKEY_CTX_free(key_ctx);
1643 static int test_check_dsa(void)
1646 EVP_PKEY_CTX *ctx = NULL;
1648 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1649 || !TEST_false(EVP_PKEY_check(ctx))
1650 || !TEST_false(EVP_PKEY_public_check(ctx))
1651 || !TEST_false(EVP_PKEY_private_check(ctx))
1652 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1657 EVP_PKEY_CTX_free(ctx);
1661 #endif /* OPENSSL_NO_DSA */
1664 static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key,
1665 size_t keylen, char *salt)
1667 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
1668 OSSL_PARAM *p = params;
1670 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1671 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1672 salt, strlen(salt));
1673 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1674 (unsigned char *)key, keylen);
1675 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1677 *p = OSSL_PARAM_construct_end();
1682 /* Test that EVP_PKEY_CTX_dup() fails gracefully for a KDF */
1683 static int test_evp_pkey_ctx_dup_kdf_fail(void)
1687 EVP_PKEY_CTX *pctx = NULL, *dctx = NULL;
1688 OSSL_PARAM *params = NULL;
1690 if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1693 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1695 if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1697 if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1698 || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH))
1700 if (!TEST_ptr_null(dctx = EVP_PKEY_CTX_dup(pctx)))
1704 OPENSSL_free(params);
1705 EVP_PKEY_CTX_free(dctx);
1706 EVP_PKEY_CTX_free(pctx);
1710 int setup_tests(void)
1712 if (!test_skip_common_options()) {
1713 TEST_error("Error parsing test options\n");
1717 if (!TEST_ptr(datadir = test_get_argument(0)))
1720 ADD_TEST(test_evp_pkey_ctx_dup_kdf_fail);
1721 ADD_TEST(test_evp_pkey_get_bn_param_large);
1722 ADD_TEST(test_fromdata_rsa);
1723 #ifndef OPENSSL_NO_DH
1724 ADD_TEST(test_fromdata_dh_fips186_4);
1725 ADD_TEST(test_fromdata_dh_named_group);
1727 #ifndef OPENSSL_NO_DSA
1728 ADD_TEST(test_check_dsa);
1729 ADD_TEST(test_fromdata_dsa_fips186_4);
1731 #ifndef OPENSSL_NO_EC
1732 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1733 ADD_TEST(test_fromdata_ec);
1734 ADD_TEST(test_ec_dup_no_operation);
1735 ADD_TEST(test_ec_dup_keygen_operation);