2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include <openssl/sha.h>
18 #include "crypto/ecx.h"
19 #include "crypto/evp.h" /* For the internal API */
20 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21 #include "internal/nelem.h"
24 static char *datadir = NULL;
27 * Do not change the order of the following defines unless you also
28 * update the for loop bounds used inside test_print_key_using_encoder() and
29 * test_print_key_using_encoder_public().
38 static void stripcr(char *buf, size_t *len)
43 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
54 static int compare_with_file(const char *alg, int type, BIO *membio)
59 char *memdata, *fullfile = NULL;
92 TEST_error("Invalid file type");
96 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97 fullfile = test_mk_file_path(datadir, filename);
98 if (!TEST_ptr(fullfile))
101 file = BIO_new_file(fullfile, "rb");
105 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106 || !TEST_true(BIO_eof(file))
107 || !TEST_size_t_lt(readbytes, sizeof(buf)))
110 len = BIO_get_mem_data(membio, &memdata);
111 if (!TEST_int_gt(len, 0))
115 if (type != PRIV_DER && type != PUB_DER) {
116 stripcr(memdata, &slen);
117 stripcr(buf, &readbytes);
120 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
125 OPENSSL_free(fullfile);
126 (void)BIO_reset(membio);
131 static int pass_cb(char *buf, int size, int rwflag, void *u)
136 static int pass_cb_error(char *buf, int size, int rwflag, void *u)
141 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
143 BIO *membio = BIO_new(BIO_s_mem());
146 if (!TEST_ptr(membio))
149 if (/* Output Encrypted private key in PEM form */
150 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151 (unsigned char *)"pass", 4,
153 /* Output zero-length passphrase encrypted private key in PEM form */
154 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
158 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
161 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
163 NULL, 0, pass_cb, NULL))
164 || !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
166 NULL, 0, pass_cb_error,
168 #ifndef OPENSSL_NO_DES
169 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
170 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
171 (const char *)~0, 0, NULL, NULL))
172 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
173 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
175 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
176 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
178 || !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
179 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
180 pass_cb_error, NULL))
182 /* Private key in text form */
183 || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
184 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
185 /* Public key in PEM form */
186 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
187 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
188 /* Unencrypted private key in PEM form */
189 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
190 NULL, NULL, 0, NULL, NULL))
191 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
193 || !TEST_false(PEM_write_bio_PrivateKey(membio, NULL,
194 NULL, NULL, 0, NULL, NULL))
195 || !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL,
196 NULL, NULL, 0, NULL, NULL)))
205 static int test_print_key_type_using_encoder(const char *alg, int type,
208 const char *output_type, *output_structure;
210 OSSL_ENCODER_CTX *ctx = NULL;
211 BIO *membio = BIO_new(BIO_s_mem());
216 output_type = "TEXT";
217 output_structure = NULL;
218 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
219 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
224 output_structure = "PrivateKeyInfo";
225 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
226 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
231 output_structure = "PrivateKeyInfo";
232 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
233 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
237 output_type = "TEXT";
238 output_structure = NULL;
239 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
240 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
245 output_structure = "SubjectPublicKeyInfo";
246 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
247 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
252 output_structure = "SubjectPublicKeyInfo";
253 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
254 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
258 TEST_error("Invalid encoding type");
262 if (!TEST_ptr(membio))
265 /* Make a context, it's valid for several prints */
266 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
267 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
271 /* Check that this operation is supported */
272 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
275 /* Use no cipher. This should give us an unencrypted PEM */
276 TEST_note("Testing with no encryption");
277 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
278 || !TEST_true(compare_with_file(alg, type, membio)))
281 if (type == PRIV_PEM) {
282 /* Set a passphrase to be used later */
283 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
284 (unsigned char *)"pass",
288 /* Use a valid cipher name */
289 TEST_note("Displaying PEM encrypted with AES-256-CBC");
290 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
291 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
294 /* Use an invalid cipher name, which should generate no output */
295 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
296 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
297 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
300 /* Clear the cipher. This should give us an unencrypted PEM again */
301 TEST_note("Testing with encryption cleared (no encryption)");
302 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
303 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
304 || !TEST_true(compare_with_file(alg, type, membio)))
310 OSSL_ENCODER_CTX_free(ctx);
314 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
319 for (i = PRIV_TEXT; i <= PUB_DER; i++)
320 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
325 #ifndef OPENSSL_NO_EC
326 static int test_print_key_using_encoder_public(const char *alg,
332 for (i = PUB_TEXT; i <= PUB_DER; i++)
333 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
339 /* Array indexes used in test_fromdata_rsa */
349 static int test_fromdata_rsa(void)
352 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
353 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
355 * 32-bit RSA key, extracted from this command,
356 * executed with OpenSSL 1.0.2:
358 * openssl genrsa 32 | openssl rsa -text
360 static unsigned long key_numbers[] = {
370 OSSL_PARAM fromdata_params[] = {
371 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
372 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
373 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
374 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
375 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
376 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
377 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
378 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
381 BIGNUM *bn = BN_new();
382 BIGNUM *bn_from = BN_new();
384 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
387 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
388 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
389 fromdata_params), 1))
392 while (dup_pk == NULL) {
394 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
395 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
396 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
397 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
400 EVP_PKEY_CTX_free(key_ctx);
401 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
404 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
405 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
406 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
407 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
410 /* EVP_PKEY_copy_parameters() should fail for RSA */
411 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
412 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
414 EVP_PKEY_free(copy_pk);
417 ret = test_print_key_using_pem("RSA", pk)
418 && test_print_key_using_encoder("RSA", pk);
420 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
422 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
429 /* for better diagnostics always compare key params */
430 for (i = 0; fromdata_params[i].key != NULL; ++i) {
431 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
432 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
433 || !TEST_BN_eq(bn, bn_from))
439 EVP_PKEY_free(copy_pk);
440 EVP_PKEY_CTX_free(key_ctx);
441 EVP_PKEY_CTX_free(ctx);
446 static int test_evp_pkey_get_bn_param_large(void)
449 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
451 OSSL_PARAM_BLD *bld = NULL;
452 OSSL_PARAM *fromdata_params = NULL;
453 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
455 * The buffer size chosen here for n_data larger than the buffer used
456 * internally in EVP_PKEY_get_bn_param.
458 static unsigned char n_data[2050];
459 static const unsigned char e_data[] = {
462 static const unsigned char d_data[]= {
463 0x99, 0x33, 0x13, 0x7b
466 /* N is a large buffer */
467 memset(n_data, 0xCE, sizeof(n_data));
469 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
470 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
471 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
472 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
473 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
474 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
475 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
476 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
477 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
478 || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
479 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
481 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
482 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
483 || !TEST_BN_eq(n, n_out))
492 EVP_PKEY_CTX_free(key_ctx);
493 EVP_PKEY_CTX_free(ctx);
494 OSSL_PARAM_free(fromdata_params);
495 OSSL_PARAM_BLD_free(bld);
500 #ifndef OPENSSL_NO_DH
501 static int test_fromdata_dh_named_group(void)
504 int gindex = 0, pcounter = 0, hindex = 0;
505 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
506 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
508 BIGNUM *pub = NULL, *priv = NULL;
509 BIGNUM *pub_out = NULL, *priv_out = NULL;
510 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
511 OSSL_PARAM *fromdata_params = NULL;
512 OSSL_PARAM_BLD *bld = NULL;
514 unsigned char seed_out[32];
517 * DH key data was generated using the following:
518 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
519 * -pkeyopt priv_len:224 -text
521 static const unsigned char priv_data[] = {
522 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
523 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
524 0x87, 0xe8, 0xa9, 0x7b,
526 static const unsigned char pub_data[] = {
527 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
528 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
529 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
530 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
531 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
532 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
533 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
534 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
535 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
536 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
537 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
538 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
539 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
540 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
541 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
542 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
543 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
544 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
545 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
546 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
547 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
548 0xcf, 0x33, 0x42, 0x83, 0x42
550 static const char group_name[] = "ffdhe2048";
551 static const long priv_len = 224;
553 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
554 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
555 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
556 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
557 OSSL_PKEY_PARAM_GROUP_NAME,
559 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
561 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
562 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
563 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
566 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
569 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
570 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
571 fromdata_params), 1))
575 * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
576 * it behaves as expected with regards to string length and terminating
579 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
580 OSSL_PKEY_PARAM_GROUP_NAME,
581 NULL, sizeof(name_out),
583 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
584 /* Just enough space to hold the group name and a terminating NUL */
585 || !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
586 OSSL_PKEY_PARAM_GROUP_NAME,
590 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
591 /* Too small buffer to hold the terminating NUL byte */
592 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
593 OSSL_PKEY_PARAM_GROUP_NAME,
595 sizeof(group_name) - 1,
597 /* Too small buffer to hold the whole group name, even! */
598 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
599 OSSL_PKEY_PARAM_GROUP_NAME,
601 sizeof(group_name) - 2,
605 while (dup_pk == NULL) {
607 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
608 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
609 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
610 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
613 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
614 OSSL_PKEY_PARAM_GROUP_NAME,
618 || !TEST_str_eq(name_out, group_name)
619 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
622 || !TEST_BN_eq(pub, pub_out)
623 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
625 || !TEST_BN_eq(priv, priv_out)
626 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
627 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
628 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
630 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
631 || !TEST_BN_eq(&ossl_bignum_const_2, g)
632 || !TEST_false(EVP_PKEY_get_bn_param(pk,
633 OSSL_PKEY_PARAM_FFC_COFACTOR,
636 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
637 OSSL_PKEY_PARAM_FFC_SEED,
641 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
643 || !TEST_int_eq(gindex, -1)
644 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
646 || !TEST_int_eq(hindex, 0)
647 || !TEST_true(EVP_PKEY_get_int_param(pk,
648 OSSL_PKEY_PARAM_FFC_PCOUNTER,
650 || !TEST_int_eq(pcounter, -1))
665 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
668 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
669 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
670 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
671 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
673 EVP_PKEY_CTX_free(key_ctx);
676 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
677 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
679 EVP_PKEY_free(copy_pk);
682 ret = test_print_key_using_pem("DH", pk)
683 && test_print_key_using_encoder("DH", pk);
685 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
687 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
702 EVP_PKEY_free(copy_pk);
704 EVP_PKEY_CTX_free(ctx);
705 EVP_PKEY_CTX_free(key_ctx);
706 OSSL_PARAM_free(fromdata_params);
707 OSSL_PARAM_BLD_free(bld);
712 static int test_fromdata_dh_fips186_4(void)
715 int gindex = 0, pcounter = 0, hindex = 0;
716 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
717 EVP_PKEY *pk = NULL, *dup_pk = NULL;
719 BIGNUM *pub = NULL, *priv = NULL;
720 BIGNUM *pub_out = NULL, *priv_out = NULL;
721 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
722 OSSL_PARAM_BLD *bld = NULL;
723 OSSL_PARAM *fromdata_params = NULL;
725 unsigned char seed_out[32];
728 * DH key data was generated using the following:
729 * openssl genpkey -algorithm DH
730 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
732 static const unsigned char priv_data[] = {
733 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
734 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
735 0x87, 0xe8, 0xa9, 0x7b,
737 static const unsigned char pub_data[] = {
738 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
739 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
740 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
741 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
742 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
743 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
744 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
745 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
746 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
747 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
748 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
749 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
750 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
751 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
752 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
753 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
754 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
755 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
756 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
757 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
758 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
759 0x33, 0x42, 0x83, 0x42
761 static const char group_name[] = "ffdhe2048";
762 static const long priv_len = 224;
765 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
766 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
767 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
768 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
769 OSSL_PKEY_PARAM_GROUP_NAME,
771 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
773 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
774 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
775 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
778 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
781 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
782 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
783 fromdata_params), 1))
786 while (dup_pk == NULL) {
788 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
789 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
790 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
791 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
794 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
795 OSSL_PKEY_PARAM_GROUP_NAME,
799 || !TEST_str_eq(name_out, group_name)
800 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
802 || !TEST_BN_eq(pub, pub_out)
803 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
805 || !TEST_BN_eq(priv, priv_out)
806 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
807 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
808 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
810 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
811 || !TEST_BN_eq(&ossl_bignum_const_2, g)
812 || !TEST_false(EVP_PKEY_get_bn_param(pk,
813 OSSL_PKEY_PARAM_FFC_COFACTOR,
816 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
817 OSSL_PKEY_PARAM_FFC_SEED,
821 || !TEST_true(EVP_PKEY_get_int_param(pk,
822 OSSL_PKEY_PARAM_FFC_GINDEX,
824 || !TEST_int_eq(gindex, -1)
825 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
827 || !TEST_int_eq(hindex, 0)
828 || !TEST_true(EVP_PKEY_get_int_param(pk,
829 OSSL_PKEY_PARAM_FFC_PCOUNTER,
831 || !TEST_int_eq(pcounter, -1))
846 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
849 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
850 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
851 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
852 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
854 EVP_PKEY_CTX_free(key_ctx);
857 ret = test_print_key_using_pem("DH", pk)
858 && test_print_key_using_encoder("DH", pk);
860 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
862 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
878 EVP_PKEY_CTX_free(ctx);
879 EVP_PKEY_CTX_free(key_ctx);
880 OSSL_PARAM_free(fromdata_params);
881 OSSL_PARAM_BLD_free(bld);
890 #ifndef OPENSSL_NO_EC
891 /* Array indexes used in test_fromdata_ecx */
895 # define X25519_IDX 0
897 # define ED25519_IDX 2
901 * tst uses indexes 0 ... (3 * 4 - 1)
902 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
903 * 0..3 = public + private key.
904 * 4..7 = private key (This will generate the public key from the private key)
907 static int test_fromdata_ecx(int tst)
910 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
911 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
912 const char *alg = NULL;
914 unsigned char out_pub[ED448_KEYLEN];
915 unsigned char out_priv[ED448_KEYLEN];
916 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
918 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
919 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
920 /* X25519: Keys from RFC 7748 6.1 */
924 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
925 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
926 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
931 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
932 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
933 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
937 /* X448: Keys from RFC 7748 6.2 */
941 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
942 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
943 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
944 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
945 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
946 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
950 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
951 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
952 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
953 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
954 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
955 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
958 /* ED25519: Keys from RFC 8032 */
962 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
963 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
964 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
969 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
970 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
971 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
975 /* ED448: Keys from RFC 8032 */
979 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
980 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
981 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
982 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
983 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
984 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
988 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
989 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
990 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
991 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
992 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
993 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
997 OSSL_PARAM x25519_fromdata_params[] = {
998 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
999 key_numbers[X25519_IDX][PRIV_KEY],
1001 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1002 key_numbers[X25519_IDX][PUB_KEY],
1006 OSSL_PARAM x448_fromdata_params[] = {
1007 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1008 key_numbers[X448_IDX][PRIV_KEY],
1010 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1011 key_numbers[X448_IDX][PUB_KEY],
1015 OSSL_PARAM ed25519_fromdata_params[] = {
1016 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1017 key_numbers[ED25519_IDX][PRIV_KEY],
1019 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1020 key_numbers[ED25519_IDX][PUB_KEY],
1024 OSSL_PARAM ed448_fromdata_params[] = {
1025 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1026 key_numbers[ED448_IDX][PRIV_KEY],
1028 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1029 key_numbers[ED448_IDX][PUB_KEY],
1033 OSSL_PARAM *fromdata_params = NULL;
1034 int bits = 0, security_bits = 0, size = 0;
1035 OSSL_PARAM *orig_fromdata_params = NULL;
1039 fromdata_params = x25519_fromdata_params;
1041 security_bits = X25519_SECURITY_BITS;
1042 size = X25519_KEYLEN;
1047 fromdata_params = x448_fromdata_params;
1049 security_bits = X448_SECURITY_BITS;
1055 fromdata_params = ed25519_fromdata_params;
1056 bits = ED25519_BITS;
1057 security_bits = ED25519_SECURITY_BITS;
1058 size = ED25519_SIGSIZE;
1063 fromdata_params = ed448_fromdata_params;
1065 security_bits = ED448_SECURITY_BITS;
1066 size = ED448_SIGSIZE;
1073 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1077 orig_fromdata_params = fromdata_params;
1079 /* public key only */
1081 } else if (tst > 3) {
1082 /* private key only */
1083 params[0] = fromdata_params[0];
1084 params[1] = fromdata_params[2];
1085 fromdata_params = params;
1088 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1089 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1090 fromdata_params), 1))
1093 while (dup_pk == NULL) {
1095 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1096 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1097 || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1098 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1101 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1104 if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
1106 if (!TEST_true(EVP_PKEY_get_octet_string_param(
1107 pk, orig_fromdata_params[PRIV_KEY].key,
1108 out_priv, sizeof(out_priv), &len))
1109 || !TEST_mem_eq(out_priv, len,
1110 orig_fromdata_params[PRIV_KEY].data,
1111 orig_fromdata_params[PRIV_KEY].data_size)
1112 || !TEST_true(EVP_PKEY_get_octet_string_param(
1113 pk, orig_fromdata_params[PUB_KEY].key,
1114 out_pub, sizeof(out_pub), &len))
1115 || !TEST_mem_eq(out_pub, len,
1116 orig_fromdata_params[PUB_KEY].data,
1117 orig_fromdata_params[PUB_KEY].data_size))
1120 /* The private key check should fail if there is only a public key */
1121 if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0)
1122 || !TEST_int_le(EVP_PKEY_private_check(ctx2), 0)
1123 || !TEST_int_le(EVP_PKEY_check(ctx2), 0))
1126 EVP_PKEY_CTX_free(ctx2);
1129 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1130 /* This should succeed because there are no parameters to copy */
1131 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1133 EVP_PKEY_free(copy_pk);
1137 ret = test_print_key_using_encoder_public(alg, pk);
1139 ret = test_print_key_using_pem(alg, pk)
1140 && test_print_key_using_encoder(alg, pk);
1142 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1144 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1153 EVP_PKEY_free(copy_pk);
1154 EVP_PKEY_CTX_free(ctx);
1155 EVP_PKEY_CTX_free(ctx2);
1160 static int test_fromdata_ec(void)
1163 EVP_PKEY_CTX *ctx = NULL;
1164 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1165 OSSL_PARAM_BLD *bld = NULL;
1166 BIGNUM *ec_priv_bn = NULL;
1167 BIGNUM *bn_priv = NULL;
1168 OSSL_PARAM *fromdata_params = NULL;
1169 const char *alg = "EC";
1170 const char *curve = "prime256v1";
1171 const char bad_curve[] = "nonexistent-curve";
1172 OSSL_PARAM nokey_params[2] = {
1176 /* UNCOMPRESSED FORMAT */
1177 static const unsigned char ec_pub_keydata[] = {
1178 POINT_CONVERSION_UNCOMPRESSED,
1179 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1180 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1181 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1182 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1183 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1184 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1185 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1186 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1188 /* SAME BUT COMPRESSED FORMAT */
1189 static const unsigned char ec_pub_keydata_compressed[] = {
1190 POINT_CONVERSION_COMPRESSED+1,
1191 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1192 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1193 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1194 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2
1196 static const unsigned char ec_priv_keydata[] = {
1197 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1198 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1199 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1200 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1202 unsigned char out_pub[sizeof(ec_pub_keydata)];
1203 char out_curve_name[80];
1204 const OSSL_PARAM *gettable = NULL;
1206 EC_GROUP *group = NULL;
1207 BIGNUM *group_a = NULL;
1208 BIGNUM *group_b = NULL;
1209 BIGNUM *group_p = NULL;
1215 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1217 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1218 sizeof(ec_priv_keydata), NULL)))
1221 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1225 * We intentionally provide the input point in compressed format,
1226 * and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`.
1228 * Later on we check what format is used when exporting the
1229 * `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed
1232 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1233 ec_pub_keydata_compressed,
1234 sizeof(ec_pub_keydata_compressed)) <= 0)
1236 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1238 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1240 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1244 /* try importing parameters with bad curve first */
1246 OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1247 (char *)bad_curve, sizeof(bad_curve));
1248 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1249 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1251 || !TEST_ptr_null(pk))
1254 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1255 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1256 fromdata_params), 1))
1259 while (dup_pk == NULL) {
1261 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1262 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1263 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1264 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1267 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1268 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1270 EVP_PKEY_free(copy_pk);
1273 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1274 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1275 OSSL_PKEY_PARAM_GROUP_NAME))
1276 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1277 OSSL_PKEY_PARAM_PUB_KEY))
1278 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1279 OSSL_PKEY_PARAM_PRIV_KEY)))
1282 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1283 || !TEST_ptr(group_p = BN_new())
1284 || !TEST_ptr(group_a = BN_new())
1285 || !TEST_ptr(group_b = BN_new())
1286 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1289 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1290 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1291 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1294 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
1295 || !TEST_BN_eq(group_b, b))
1298 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1300 sizeof(out_curve_name),
1302 || !TEST_str_eq(out_curve_name, curve)
1303 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1304 out_pub, sizeof(out_pub), &len)
1307 * Our providers use uncompressed format by default if
1308 * `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not
1309 * explicitly set, irrespective of the format used for the
1310 * input point given as a param to create this key.
1312 || !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED)
1313 || !TEST_mem_eq(out_pub + 1, len - 1,
1314 ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1)
1316 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1318 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1323 ret = test_print_key_using_pem(alg, pk)
1324 && test_print_key_using_encoder(alg, pk);
1326 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1328 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1336 EC_GROUP_free(group);
1344 BN_free(ec_priv_bn);
1345 OSSL_PARAM_free(fromdata_params);
1346 OSSL_PARAM_BLD_free(bld);
1348 EVP_PKEY_free(copy_pk);
1349 EVP_PKEY_CTX_free(ctx);
1353 static int test_ec_dup_no_operation(void)
1356 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1357 EVP_PKEY *param = NULL, *pkey = NULL;
1359 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1360 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1361 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1362 NID_X9_62_prime256v1), 0)
1363 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1364 || !TEST_ptr(param))
1367 EVP_PKEY_CTX_free(pctx);
1370 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1371 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1372 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1373 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1377 EVP_PKEY_free(pkey);
1378 EVP_PKEY_free(param);
1379 EVP_PKEY_CTX_free(ctx);
1380 EVP_PKEY_CTX_free(kctx);
1381 EVP_PKEY_CTX_free(pctx);
1385 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1386 static int test_ec_dup_keygen_operation(void)
1389 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1390 EVP_PKEY *param = NULL, *pkey = NULL;
1392 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1393 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1394 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1395 NID_X9_62_prime256v1), 0)
1396 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1397 || !TEST_ptr(param))
1400 EVP_PKEY_CTX_free(pctx);
1403 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1404 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1405 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1409 EVP_PKEY_free(pkey);
1410 EVP_PKEY_free(param);
1411 EVP_PKEY_CTX_free(ctx);
1412 EVP_PKEY_CTX_free(kctx);
1413 EVP_PKEY_CTX_free(pctx);
1417 #endif /* OPENSSL_NO_EC */
1419 #ifndef OPENSSL_NO_DSA
1420 static int test_fromdata_dsa_fips186_4(void)
1423 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1424 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1425 BIGNUM *pub = NULL, *priv = NULL;
1426 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1427 BIGNUM *pub_out = NULL, *priv_out = NULL;
1428 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1429 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1431 unsigned char seed_out[32];
1433 OSSL_PARAM_BLD *bld = NULL;
1434 OSSL_PARAM *fromdata_params = NULL;
1437 * DSA parameter data was generated using the following:
1438 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1439 * -pkeyopt qbits:256 -pkeyopt type:0 \
1440 * -pkeyopt gindex:1 -out dsa_params.pem -text
1442 static const unsigned char p_data[] = {
1443 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1444 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1445 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1446 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1447 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1448 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1449 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1450 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1451 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1452 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1453 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1454 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1455 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1456 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1457 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1458 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1459 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1460 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1461 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1462 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1463 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1464 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1466 static const unsigned char q_data[] = {
1467 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1468 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1469 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1471 static const unsigned char g_data[] = {
1472 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1473 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1474 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1475 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1476 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1477 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1478 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1479 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1480 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1481 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1482 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1483 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1484 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1485 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1486 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1487 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1488 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1489 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1490 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1491 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1492 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1493 0x02, 0x6f, 0x96, 0x36
1495 static const unsigned char seed_data[] = {
1496 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1497 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1498 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1500 const int gindex = 1;
1501 const int pcounter = 53;
1503 * The keypair was generated using
1504 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1505 * -pkeyopt gindex:1 \
1506 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1508 static const unsigned char priv_data[] = {
1509 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1510 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1511 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1513 static const unsigned char pub_data[] = {
1514 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1515 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1516 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1517 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1518 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1519 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1520 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1521 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1522 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1523 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1524 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1525 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1526 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1527 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1528 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1529 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1530 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1531 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1532 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1533 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1534 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1535 0x48, 0xd1, 0x8a, 0xbd
1538 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1539 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1540 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1541 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1542 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1543 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1545 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1546 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1547 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1548 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1549 OSSL_PKEY_PARAM_FFC_SEED,
1552 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1554 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1555 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1557 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1559 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1561 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1564 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1567 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1568 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1569 fromdata_params), 1))
1572 while (dup_pk == NULL) {
1574 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1575 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1576 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1577 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1580 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1581 OSSL_PKEY_PARAM_GROUP_NAME,
1585 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1587 || !TEST_BN_eq(pub, pub_out)
1588 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1590 || !TEST_BN_eq(priv, priv_out)
1591 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1593 || !TEST_BN_eq(p, p_out)
1594 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1596 || !TEST_BN_eq(q, q_out)
1597 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1599 || !TEST_BN_eq(g, g_out)
1600 || !TEST_false(EVP_PKEY_get_bn_param(pk,
1601 OSSL_PKEY_PARAM_FFC_COFACTOR,
1603 || !TEST_ptr_null(j_out)
1604 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1605 OSSL_PKEY_PARAM_FFC_SEED,
1609 || !TEST_true(EVP_PKEY_get_int_param(pk,
1610 OSSL_PKEY_PARAM_FFC_GINDEX,
1612 || !TEST_int_eq(gindex, gindex_out)
1613 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1615 || !TEST_int_eq(hindex_out, 0)
1616 || !TEST_true(EVP_PKEY_get_int_param(pk,
1617 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1619 || !TEST_int_eq(pcounter, pcounter_out))
1634 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1637 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
1638 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
1639 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
1640 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
1642 EVP_PKEY_CTX_free(key_ctx);
1645 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1646 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1648 EVP_PKEY_free(copy_pk);
1651 ret = test_print_key_using_pem("DSA", pk)
1652 && test_print_key_using_encoder("DSA", pk);
1654 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1656 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1664 OSSL_PARAM_free(fromdata_params);
1665 OSSL_PARAM_BLD_free(bld);
1678 EVP_PKEY_free(copy_pk);
1679 EVP_PKEY_CTX_free(ctx);
1680 EVP_PKEY_CTX_free(key_ctx);
1685 static int test_check_dsa(void)
1688 EVP_PKEY_CTX *ctx = NULL;
1690 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1691 || !TEST_int_le(EVP_PKEY_check(ctx), 0)
1692 || !TEST_int_le(EVP_PKEY_public_check(ctx), 0)
1693 || !TEST_int_le(EVP_PKEY_private_check(ctx), 0)
1694 || !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0))
1699 EVP_PKEY_CTX_free(ctx);
1703 #endif /* OPENSSL_NO_DSA */
1706 static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key,
1707 size_t keylen, char *salt)
1709 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
1710 OSSL_PARAM *p = params;
1712 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1713 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1714 salt, strlen(salt));
1715 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1716 (unsigned char *)key, keylen);
1717 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1719 *p = OSSL_PARAM_construct_end();
1724 static int test_evp_pkey_ctx_dup_kdf(void)
1727 size_t len = 0, dlen = 0;
1728 EVP_PKEY_CTX *pctx = NULL, *dctx = NULL;
1729 OSSL_PARAM *params = NULL;
1731 if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1734 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1736 if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1738 if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
1740 if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1741 || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
1742 || !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
1743 || !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
1747 OPENSSL_free(params);
1748 EVP_PKEY_CTX_free(dctx);
1749 EVP_PKEY_CTX_free(pctx);
1753 int setup_tests(void)
1755 if (!test_skip_common_options()) {
1756 TEST_error("Error parsing test options\n");
1760 if (!TEST_ptr(datadir = test_get_argument(0)))
1763 ADD_TEST(test_evp_pkey_ctx_dup_kdf);
1764 ADD_TEST(test_evp_pkey_get_bn_param_large);
1765 ADD_TEST(test_fromdata_rsa);
1766 #ifndef OPENSSL_NO_DH
1767 ADD_TEST(test_fromdata_dh_fips186_4);
1768 ADD_TEST(test_fromdata_dh_named_group);
1770 #ifndef OPENSSL_NO_DSA
1771 ADD_TEST(test_check_dsa);
1772 ADD_TEST(test_fromdata_dsa_fips186_4);
1774 #ifndef OPENSSL_NO_EC
1775 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1776 ADD_TEST(test_fromdata_ec);
1777 ADD_TEST(test_ec_dup_no_operation);
1778 ADD_TEST(test_ec_dup_keygen_operation);