2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
26 * Do not change the order of the following defines unless you also
27 * update the for loop bounds used inside test_print_key_using_encoder() and
28 * test_print_key_using_encoder_public().
37 static void stripcr(char *buf, size_t *len)
42 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
53 static int compare_with_file(const char *alg, int type, BIO *membio)
58 char *memdata, *fullfile = NULL;
91 TEST_error("Invalid file type");
95 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
96 fullfile = test_mk_file_path(datadir, filename);
97 if (!TEST_ptr(fullfile))
100 file = BIO_new_file(fullfile, "rb");
104 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
105 || !TEST_true(BIO_eof(file))
106 || !TEST_size_t_lt(readbytes, sizeof(buf)))
109 len = BIO_get_mem_data(membio, &memdata);
110 if (!TEST_int_gt(len, 0))
114 if (type != PRIV_DER && type != PUB_DER) {
115 stripcr(memdata, &slen);
116 stripcr(buf, &readbytes);
119 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
124 OPENSSL_free(fullfile);
125 (void)BIO_reset(membio);
130 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
132 BIO *membio = BIO_new(BIO_s_mem());
135 if (!TEST_ptr(membio))
138 if (/* Output Encrypted private key in PEM form */
139 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
140 (unsigned char *)"pass", 4,
142 /* Private key in text form */
143 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
144 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
145 /* Public key in PEM form */
146 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
147 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
148 /* Unencrypted private key in PEM form */
149 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
150 NULL, NULL, 0, NULL, NULL))
151 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
160 static int test_print_key_type_using_encoder(const char *alg, int type,
163 const char *output_type, *output_structure;
165 OSSL_ENCODER_CTX *ctx = NULL;
166 BIO *membio = BIO_new(BIO_s_mem());
171 output_type = "TEXT";
172 output_structure = NULL;
173 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
174 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
179 output_structure = "pkcs8";
180 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
181 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
186 output_structure = "pkcs8";
187 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
188 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
192 output_type = "TEXT";
193 output_structure = NULL;
194 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
195 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
200 output_structure = "SubjectPublicKeyInfo";
201 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
202 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
207 output_structure = "SubjectPublicKeyInfo";
208 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
209 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
213 TEST_error("Invalid encoding type");
217 if (!TEST_ptr(membio))
220 /* Make a context, it's valid for several prints */
221 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
222 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
226 /* Check that this operation is supported */
227 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
230 /* Use no cipher. This should give us an unencrypted PEM */
231 TEST_note("Testing with no encryption");
232 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
233 || !TEST_true(compare_with_file(alg, type, membio)))
236 if (type == PRIV_PEM) {
237 /* Set a passphrase to be used later */
238 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
239 (unsigned char *)"pass",
243 /* Use a valid cipher name */
244 TEST_note("Displaying PEM encrypted with AES-256-CBC");
245 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
246 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
249 /* Use an invalid cipher name, which should generate no output */
250 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
251 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
252 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
255 /* Clear the cipher. This should give us an unencrypted PEM again */
256 TEST_note("Testing with encryption cleared (no encryption)");
257 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
258 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
259 || !TEST_true(compare_with_file(alg, type, membio)))
265 OSSL_ENCODER_CTX_free(ctx);
269 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
274 for (i = PRIV_TEXT; i <= PUB_DER; i++)
275 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
280 #ifndef OPENSSL_NO_EC
281 static int test_print_key_using_encoder_public(const char *alg,
287 for (i = PUB_TEXT; i <= PUB_DER; i++)
288 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
294 /* Array indexes used in test_fromdata_rsa */
304 static int test_fromdata_rsa(void)
307 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
308 EVP_PKEY *pk = NULL, *copy_pk = NULL;
310 * 32-bit RSA key, extracted from this command,
311 * executed with OpenSSL 1.0.2:
313 * openssl genrsa 32 | openssl rsa -text
315 static unsigned long key_numbers[] = {
325 OSSL_PARAM fromdata_params[] = {
326 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
327 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
328 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
329 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
330 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
331 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
332 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
333 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
336 BIGNUM *bn = BN_new();
337 BIGNUM *bn_from = BN_new();
339 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
342 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
343 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
345 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
346 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
347 || !TEST_int_eq(EVP_PKEY_size(pk), 4)
348 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
351 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
354 if (!TEST_true(EVP_PKEY_check(key_ctx))
355 || !TEST_true(EVP_PKEY_public_check(key_ctx))
356 || !TEST_true(EVP_PKEY_private_check(key_ctx))
357 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
360 /* EVP_PKEY_copy_parameters() should fail for RSA */
361 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
362 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
365 ret = test_print_key_using_pem("RSA", pk)
366 && test_print_key_using_encoder("RSA", pk);
368 /* for better diagnostics always compare key params */
369 for (i = 0; fromdata_params[i].key != NULL; ++i) {
370 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
371 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
372 || !TEST_BN_eq(bn, bn_from))
378 EVP_PKEY_free(copy_pk);
379 EVP_PKEY_CTX_free(key_ctx);
380 EVP_PKEY_CTX_free(ctx);
385 static int test_evp_pkey_get_bn_param_large(void)
388 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
390 OSSL_PARAM_BLD *bld = NULL;
391 OSSL_PARAM *fromdata_params = NULL;
392 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
394 * The buffer size chosen here for n_data larger than the buffer used
395 * internally in EVP_PKEY_get_bn_param.
397 static unsigned char n_data[2050];
398 static const unsigned char e_data[] = {
401 static const unsigned char d_data[]= {
402 0x99, 0x33, 0x13, 0x7b
405 /* N is a large buffer */
406 memset(n_data, 0xCE, sizeof(n_data));
408 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
409 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
410 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
411 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
412 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
413 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
414 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
415 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
416 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
417 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
418 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
420 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
421 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
422 || !TEST_BN_eq(n, n_out))
431 EVP_PKEY_CTX_free(key_ctx);
432 EVP_PKEY_CTX_free(ctx);
433 OSSL_PARAM_BLD_free_params(fromdata_params);
434 OSSL_PARAM_BLD_free(bld);
439 #ifndef OPENSSL_NO_DH
440 static int test_fromdata_dh_named_group(void)
443 int gindex = 0, pcounter = 0, hindex = 0;
444 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
445 EVP_PKEY *pk = NULL, *copy_pk = NULL;
447 BIGNUM *pub = NULL, *priv = NULL;
448 BIGNUM *pub_out = NULL, *priv_out = NULL;
449 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
450 OSSL_PARAM *fromdata_params = NULL;
451 OSSL_PARAM_BLD *bld = NULL;
453 unsigned char seed_out[32];
456 * DH key data was generated using the following:
457 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
458 * -pkeyopt priv_len:224 -text
460 static const unsigned char priv_data[] = {
461 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
462 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
463 0x87, 0xe8, 0xa9, 0x7b,
465 static const unsigned char pub_data[] = {
466 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
467 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
468 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
469 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
470 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
471 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
472 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
473 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
474 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
475 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
476 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
477 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
478 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
479 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
480 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
481 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
482 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
483 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
484 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
485 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
486 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
487 0xcf, 0x33, 0x42, 0x83, 0x42
489 static const char group_name[] = "ffdhe2048";
490 static const long priv_len = 224;
492 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
493 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
494 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
495 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
496 OSSL_PKEY_PARAM_GROUP_NAME,
498 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
500 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
501 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
502 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
505 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
508 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
509 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
511 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
512 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
513 || !TEST_int_eq(EVP_PKEY_size(pk), 256)
514 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
517 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
518 name_out, sizeof(name_out),
520 || !TEST_str_eq(name_out, group_name)
521 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
524 || !TEST_BN_eq(pub, pub_out)
525 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
527 || !TEST_BN_eq(priv, priv_out)
528 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
529 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
530 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
532 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
533 || !TEST_BN_eq(&ossl_bignum_const_2, g)
534 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
537 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
538 OSSL_PKEY_PARAM_FFC_SEED,
540 sizeof(seed_out), &len))
541 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
543 || !TEST_int_eq(gindex, -1)
544 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
545 || !TEST_int_eq(hindex, 0)
546 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
548 || !TEST_int_eq(pcounter, -1))
551 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
554 if (!TEST_true(EVP_PKEY_check(key_ctx))
555 || !TEST_true(EVP_PKEY_public_check(key_ctx))
556 || !TEST_true(EVP_PKEY_private_check(key_ctx))
557 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
560 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
561 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
564 ret = test_print_key_using_pem("DH", pk)
565 && test_print_key_using_encoder("DH", pk);
575 EVP_PKEY_free(copy_pk);
577 EVP_PKEY_CTX_free(ctx);
578 EVP_PKEY_CTX_free(key_ctx);
579 OSSL_PARAM_BLD_free_params(fromdata_params);
580 OSSL_PARAM_BLD_free(bld);
585 static int test_fromdata_dh_fips186_4(void)
588 int gindex = 0, pcounter = 0, hindex = 0;
589 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
592 BIGNUM *pub = NULL, *priv = NULL;
593 BIGNUM *pub_out = NULL, *priv_out = NULL;
594 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
595 OSSL_PARAM_BLD *bld = NULL;
596 OSSL_PARAM *fromdata_params = NULL;
598 unsigned char seed_out[32];
601 * DH key data was generated using the following:
602 * openssl genpkey -algorithm DH
603 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
605 static const unsigned char priv_data[] = {
606 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
607 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
608 0x87, 0xe8, 0xa9, 0x7b,
610 static const unsigned char pub_data[] = {
611 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
612 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
613 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
614 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
615 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
616 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
617 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
618 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
619 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
620 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
621 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
622 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
623 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
624 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
625 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
626 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
627 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
628 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
629 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
630 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
631 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
632 0x33, 0x42, 0x83, 0x42
634 static const char group_name[] = "ffdhe2048";
635 static const long priv_len = 224;
638 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
639 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
640 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
641 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
642 OSSL_PKEY_PARAM_GROUP_NAME,
644 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
646 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
647 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
648 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
651 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
654 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
655 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
657 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
658 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
659 || !TEST_int_eq(EVP_PKEY_size(pk), 256)
660 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
663 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
664 name_out, sizeof(name_out),
666 || !TEST_str_eq(name_out, group_name)
667 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
669 || !TEST_BN_eq(pub, pub_out)
670 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
672 || !TEST_BN_eq(priv, priv_out)
673 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
674 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
675 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
677 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
678 || !TEST_BN_eq(&ossl_bignum_const_2, g)
679 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
682 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
683 OSSL_PKEY_PARAM_FFC_SEED,
685 sizeof(seed_out), &len))
686 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
688 || !TEST_int_eq(gindex, -1)
689 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
690 || !TEST_int_eq(hindex, 0)
691 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
693 || !TEST_int_eq(pcounter, -1))
696 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
699 if (!TEST_true(EVP_PKEY_check(key_ctx))
700 || !TEST_true(EVP_PKEY_public_check(key_ctx))
701 || !TEST_true(EVP_PKEY_private_check(key_ctx))
702 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
705 ret = test_print_key_using_pem("DH", pk)
706 && test_print_key_using_encoder("DH", pk);
717 EVP_PKEY_CTX_free(ctx);
718 EVP_PKEY_CTX_free(key_ctx);
719 OSSL_PARAM_BLD_free_params(fromdata_params);
720 OSSL_PARAM_BLD_free(bld);
729 #ifndef OPENSSL_NO_EC
730 /* Array indexes used in test_fromdata_ecx */
734 # define X25519_IDX 0
736 # define ED25519_IDX 2
740 * tst uses indexes 0 ... (3 * 4 - 1)
741 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
742 * 0..3 = public + private key.
743 * 4..7 = private key (This will generate the public key from the private key)
746 static int test_fromdata_ecx(int tst)
749 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
750 EVP_PKEY *pk = NULL, *copy_pk = NULL;
751 const char *alg = NULL;
753 unsigned char out_pub[ED448_KEYLEN];
754 unsigned char out_priv[ED448_KEYLEN];
755 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
757 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
758 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
759 /* X25519: Keys from RFC 7748 6.1 */
763 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
764 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
765 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
770 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
771 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
772 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
776 /* X448: Keys from RFC 7748 6.2 */
780 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
781 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
782 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
783 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
784 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
785 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
789 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
790 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
791 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
792 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
793 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
794 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
797 /* ED25519: Keys from RFC 8032 */
801 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
802 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
803 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
808 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
809 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
810 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
814 /* ED448: Keys from RFC 8032 */
818 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
819 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
820 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
821 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
822 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
823 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
827 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
828 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
829 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
830 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
831 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
832 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
836 OSSL_PARAM x25519_fromdata_params[] = {
837 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
838 key_numbers[X25519_IDX][PRIV_KEY],
840 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
841 key_numbers[X25519_IDX][PUB_KEY],
845 OSSL_PARAM x448_fromdata_params[] = {
846 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
847 key_numbers[X448_IDX][PRIV_KEY],
849 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
850 key_numbers[X448_IDX][PUB_KEY],
854 OSSL_PARAM ed25519_fromdata_params[] = {
855 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
856 key_numbers[ED25519_IDX][PRIV_KEY],
858 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
859 key_numbers[ED25519_IDX][PUB_KEY],
863 OSSL_PARAM ed448_fromdata_params[] = {
864 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
865 key_numbers[ED448_IDX][PRIV_KEY],
867 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
868 key_numbers[ED448_IDX][PUB_KEY],
872 OSSL_PARAM *fromdata_params = NULL;
873 int bits = 0, security_bits = 0, size = 0;
874 OSSL_PARAM *orig_fromdata_params = NULL;
878 fromdata_params = x25519_fromdata_params;
880 security_bits = X25519_SECURITY_BITS;
881 size = X25519_KEYLEN;
886 fromdata_params = x448_fromdata_params;
888 security_bits = X448_SECURITY_BITS;
894 fromdata_params = ed25519_fromdata_params;
896 security_bits = ED25519_SECURITY_BITS;
897 size = ED25519_KEYLEN;
902 fromdata_params = ed448_fromdata_params;
904 security_bits = ED448_SECURITY_BITS;
912 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
916 orig_fromdata_params = fromdata_params;
918 /* public key only */
920 } else if (tst > 3) {
921 /* private key only */
922 params[0] = fromdata_params[0];
923 params[1] = fromdata_params[2];
924 fromdata_params = params;
927 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
928 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
930 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
931 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
932 || !TEST_int_eq(EVP_PKEY_size(pk), size)
933 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
936 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
939 if (!TEST_true(EVP_PKEY_check(ctx2)))
941 if (!TEST_true(EVP_PKEY_get_octet_string_param(
942 pk, orig_fromdata_params[PRIV_KEY].key,
943 out_priv, sizeof(out_priv), &len))
944 || !TEST_mem_eq(out_priv, len,
945 orig_fromdata_params[PRIV_KEY].data,
946 orig_fromdata_params[PRIV_KEY].data_size)
947 || !TEST_true(EVP_PKEY_get_octet_string_param(
948 pk, orig_fromdata_params[PUB_KEY].key,
949 out_pub, sizeof(out_pub), &len))
950 || !TEST_mem_eq(out_pub, len,
951 orig_fromdata_params[PUB_KEY].data,
952 orig_fromdata_params[PUB_KEY].data_size))
955 /* The private key check should fail if there is only a public key */
956 if (!TEST_true(EVP_PKEY_public_check(ctx2))
957 || !TEST_false(EVP_PKEY_private_check(ctx2))
958 || !TEST_false(EVP_PKEY_check(ctx2)))
962 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
963 /* This should succeed because there are no parameters to copy */
964 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
968 ret = test_print_key_using_encoder_public(alg, pk);
970 ret = test_print_key_using_pem(alg, pk)
971 && test_print_key_using_encoder(alg, pk);
975 EVP_PKEY_free(copy_pk);
976 EVP_PKEY_CTX_free(ctx);
977 EVP_PKEY_CTX_free(ctx2);
984 static int test_fromdata_ec(void)
987 EVP_PKEY_CTX *ctx = NULL;
988 EVP_PKEY *pk = NULL, *copy_pk = NULL;
989 OSSL_PARAM_BLD *bld = NULL;
990 BIGNUM *ec_priv_bn = NULL;
991 BIGNUM *bn_priv = NULL;
992 OSSL_PARAM *fromdata_params = NULL;
993 const char *alg = "EC";
994 const char *curve = "prime256v1";
995 /* UNCOMPRESSED FORMAT */
996 static const unsigned char ec_pub_keydata[] = {
997 POINT_CONVERSION_UNCOMPRESSED,
998 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
999 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1000 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1001 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1002 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1003 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1004 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1005 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1007 static const unsigned char ec_priv_keydata[] = {
1008 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1009 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1010 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1011 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1013 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1014 unsigned char out_pub[sizeof(ec_pub_keydata)];
1015 char out_curve_name[80];
1016 const OSSL_PARAM *gettable = NULL;
1020 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1022 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1023 sizeof(ec_priv_keydata), NULL)))
1026 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1029 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1031 sizeof(ec_pub_keydata)) <= 0)
1033 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1035 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1037 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1041 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1042 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1044 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
1045 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
1046 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2)
1047 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1050 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1051 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1054 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1055 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
1056 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
1057 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
1060 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1061 out_curve_name, sizeof(out_curve_name),
1063 || !TEST_str_eq(out_curve_name, curve)
1064 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1065 out_pub, sizeof(out_pub), &len)
1066 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1067 || !TEST_mem_eq(out_pub + 1, len - 1,
1068 ec_pub_keydata + 1, compressed_sz - 1)
1069 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1071 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1074 ret = test_print_key_using_pem(alg, pk)
1075 && test_print_key_using_encoder(alg, pk);
1078 BN_free(ec_priv_bn);
1079 OSSL_PARAM_BLD_free_params(fromdata_params);
1080 OSSL_PARAM_BLD_free(bld);
1082 EVP_PKEY_free(copy_pk);
1083 EVP_PKEY_CTX_free(ctx);
1087 static int test_ec_dup_no_operation(void)
1090 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1091 EVP_PKEY *param = NULL, *pkey = NULL;
1093 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1094 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1095 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1096 NID_X9_62_prime256v1), 0)
1097 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1098 || !TEST_ptr(param))
1101 EVP_PKEY_CTX_free(pctx);
1104 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1105 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1106 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1107 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1111 EVP_PKEY_free(pkey);
1112 EVP_PKEY_free(param);
1113 EVP_PKEY_CTX_free(ctx);
1114 EVP_PKEY_CTX_free(kctx);
1115 EVP_PKEY_CTX_free(pctx);
1119 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1120 static int test_ec_dup_keygen_operation(void)
1123 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1124 EVP_PKEY *param = NULL, *pkey = NULL;
1126 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1127 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1128 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1129 NID_X9_62_prime256v1), 0)
1130 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1131 || !TEST_ptr(param))
1134 EVP_PKEY_CTX_free(pctx);
1137 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1138 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1139 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1143 EVP_PKEY_free(pkey);
1144 EVP_PKEY_free(param);
1145 EVP_PKEY_CTX_free(ctx);
1146 EVP_PKEY_CTX_free(kctx);
1147 EVP_PKEY_CTX_free(pctx);
1151 #endif /* OPENSSL_NO_EC */
1153 #ifndef OPENSSL_NO_DSA
1154 static int test_fromdata_dsa_fips186_4(void)
1157 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1158 EVP_PKEY *pk = NULL, *copy_pk = NULL;
1159 BIGNUM *pub = NULL, *priv = NULL;
1160 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1161 BIGNUM *pub_out = NULL, *priv_out = NULL;
1162 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1163 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1165 unsigned char seed_out[32];
1167 OSSL_PARAM_BLD *bld = NULL;
1168 OSSL_PARAM *fromdata_params = NULL;
1171 * DSA parameter data was generated using the following:
1172 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1173 * -pkeyopt qbits:256 -pkeyopt type:0 \
1174 * -pkeyopt gindex:1 -out dsa_params.pem -text
1176 static const unsigned char p_data[] = {
1177 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1178 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1179 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1180 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1181 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1182 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1183 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1184 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1185 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1186 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1187 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1188 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1189 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1190 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1191 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1192 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1193 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1194 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1195 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1196 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1197 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1198 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1200 static const unsigned char q_data[] = {
1201 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1202 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1203 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1205 static const unsigned char g_data[] = {
1206 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1207 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1208 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1209 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1210 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1211 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1212 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1213 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1214 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1215 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1216 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1217 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1218 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1219 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1220 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1221 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1222 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1223 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1224 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1225 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1226 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1227 0x02, 0x6f, 0x96, 0x36
1229 static const unsigned char seed_data[] = {
1230 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1231 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1232 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1234 const int gindex = 1;
1235 const int pcounter = 53;
1237 * The keypair was generated using
1238 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1239 * -pkeyopt gindex:1 \
1240 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1242 static const unsigned char priv_data[] = {
1243 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1244 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1245 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1247 static const unsigned char pub_data[] = {
1248 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1249 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1250 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1251 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1252 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1253 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1254 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1255 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1256 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1257 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1258 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1259 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1260 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1261 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1262 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1263 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1264 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1265 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1266 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1267 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1268 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1269 0x48, 0xd1, 0x8a, 0xbd
1272 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1273 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1274 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1275 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1276 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1277 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1279 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1280 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1281 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1282 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1283 OSSL_PKEY_PARAM_FFC_SEED,
1286 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1288 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1289 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1291 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1293 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1295 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1298 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1301 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1302 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1304 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1305 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1306 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1307 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1310 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1311 name_out, sizeof(name_out),
1313 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1315 || !TEST_BN_eq(pub, pub_out)
1316 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1318 || !TEST_BN_eq(priv, priv_out)
1319 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1320 || !TEST_BN_eq(p, p_out)
1321 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1322 || !TEST_BN_eq(q, q_out)
1323 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1324 || !TEST_BN_eq(g, g_out)
1325 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1327 || !TEST_ptr_null(j_out)
1328 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1329 OSSL_PKEY_PARAM_FFC_SEED,
1330 seed_out, sizeof(seed_out),
1332 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1334 || !TEST_int_eq(gindex, gindex_out)
1335 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1337 || !TEST_int_eq(hindex_out, 0)
1338 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1340 || !TEST_int_eq(pcounter, pcounter_out))
1343 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1346 if (!TEST_true(EVP_PKEY_check(key_ctx))
1347 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1348 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1349 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1352 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1353 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1356 ret = test_print_key_using_pem("DSA", pk)
1357 && test_print_key_using_encoder("DSA", pk);
1359 OSSL_PARAM_BLD_free_params(fromdata_params);
1360 OSSL_PARAM_BLD_free(bld);
1373 EVP_PKEY_free(copy_pk);
1374 EVP_PKEY_CTX_free(ctx);
1375 EVP_PKEY_CTX_free(key_ctx);
1380 static int test_check_dsa(void)
1383 EVP_PKEY_CTX *ctx = NULL;
1385 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1386 || !TEST_false(EVP_PKEY_check(ctx))
1387 || !TEST_false(EVP_PKEY_public_check(ctx))
1388 || !TEST_false(EVP_PKEY_private_check(ctx))
1389 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1394 EVP_PKEY_CTX_free(ctx);
1398 #endif /* OPENSSL_NO_DSA */
1401 int setup_tests(void)
1403 if (!test_skip_common_options()) {
1404 TEST_error("Error parsing test options\n");
1408 if (!TEST_ptr(datadir = test_get_argument(0)))
1411 ADD_TEST(test_evp_pkey_get_bn_param_large);
1412 ADD_TEST(test_fromdata_rsa);
1413 #ifndef OPENSSL_NO_DH
1414 ADD_TEST(test_fromdata_dh_fips186_4);
1415 ADD_TEST(test_fromdata_dh_named_group);
1417 #ifndef OPENSSL_NO_DSA
1418 ADD_TEST(test_check_dsa);
1419 ADD_TEST(test_fromdata_dsa_fips186_4);
1421 #ifndef OPENSSL_NO_EC
1422 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1423 ADD_TEST(test_fromdata_ec);
1424 ADD_TEST(test_ec_dup_no_operation);
1425 ADD_TEST(test_ec_dup_keygen_operation);