2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
32 static void stripcr(char *buf, size_t *len)
37 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
48 static int compare_with_file(const char *alg, int type, BIO *membio)
53 char *memdata, *fullfile = NULL;
86 TEST_error("Invalid file type");
90 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91 fullfile = test_mk_file_path(datadir, filename);
92 if (!TEST_ptr(fullfile))
95 file = BIO_new_file(fullfile, "rb");
99 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100 || !TEST_true(BIO_eof(file))
101 || !TEST_size_t_lt(readbytes, sizeof(buf)))
104 len = BIO_get_mem_data(membio, &memdata);
105 if (!TEST_int_gt(len, 0))
109 if (type != PRIV_DER && type != PUB_DER) {
110 stripcr(memdata, &slen);
111 stripcr(buf, &readbytes);
114 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
119 OPENSSL_free(fullfile);
120 (void)BIO_reset(membio);
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
127 BIO *membio = BIO_new(BIO_s_mem());
130 if (!TEST_ptr(membio))
133 if (/* Output Encrypted private key in PEM form */
134 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
135 (unsigned char *)"pass", 4,
137 /* Private key in text form */
138 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
139 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
140 /* Public key in PEM form */
141 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
142 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
143 /* Unencrypted private key in PEM form */
144 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
145 NULL, NULL, 0, NULL, NULL))
146 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
155 static int test_print_key_type_using_encoder(const char *alg, int type,
158 const char *output_type, *output_structure;
160 OSSL_ENCODER_CTX *ctx = NULL;
161 BIO *membio = BIO_new(BIO_s_mem());
166 output_type = "TEXT";
167 output_structure = NULL;
168 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
169 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
174 output_structure = "pkcs8";
175 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
176 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
181 output_structure = "pkcs8";
182 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
183 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
187 output_type = "TEXT";
188 output_structure = NULL;
189 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
190 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
195 output_structure = "SubjectPublicKeyInfo";
196 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
197 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
202 output_structure = "SubjectPublicKeyInfo";
203 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
204 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
208 TEST_error("Invalid encoding type");
212 if (!TEST_ptr(membio))
215 /* Make a context, it's valid for several prints */
216 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
217 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pk, selection,
221 /* Check that this operation is supported */
222 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
225 /* Use no cipher. This should give us an unencrypted PEM */
226 TEST_note("Testing with no encryption");
227 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
228 || !TEST_true(compare_with_file(alg, type, membio)))
231 if (type == PRIV_PEM) {
232 /* Set a passphrase to be used later */
233 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
234 (unsigned char *)"pass",
238 /* Use a valid cipher name */
239 TEST_note("Displaying PEM encrypted with AES-256-CBC");
240 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
241 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
244 /* Use an invalid cipher name, which should generate no output */
245 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
246 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
247 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
250 /* Clear the cipher. This should give us an unencrypted PEM again */
251 TEST_note("Testing with encryption cleared (no encryption)");
252 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
253 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
254 || !TEST_true(compare_with_file(alg, type, membio)))
260 OSSL_ENCODER_CTX_free(ctx);
264 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
269 for (i = 0; i < 6; i++)
270 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
275 /* Array indexes used in test_fromdata_rsa */
285 static int test_fromdata_rsa(void)
288 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
289 EVP_PKEY *pk = NULL, *copy_pk = NULL;
291 * 32-bit RSA key, extracted from this command,
292 * executed with OpenSSL 1.0.2:
294 * openssl genrsa 32 | openssl rsa -text
296 static unsigned long key_numbers[] = {
306 OSSL_PARAM fromdata_params[] = {
307 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
308 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
309 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
310 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
311 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
312 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
313 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
314 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
317 BIGNUM *bn = BN_new();
318 BIGNUM *bn_from = BN_new();
320 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
323 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
324 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
325 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
326 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
327 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
330 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
333 if (!TEST_true(EVP_PKEY_check(key_ctx))
334 || !TEST_true(EVP_PKEY_public_check(key_ctx))
335 || !TEST_true(EVP_PKEY_private_check(key_ctx))
336 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
339 /* EVP_PKEY_copy_parameters() should fail for RSA */
340 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
341 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
344 for (i = 0; fromdata_params[i].key != NULL; ++i) {
345 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
346 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
347 || !TEST_BN_eq(bn, bn_from))
350 ret = test_print_key_using_pem("RSA", pk)
351 && test_print_key_using_encoder("RSA", pk);
356 EVP_PKEY_free(copy_pk);
357 EVP_PKEY_CTX_free(key_ctx);
358 EVP_PKEY_CTX_free(ctx);
363 static int test_evp_pkey_get_bn_param_large(void)
366 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
368 OSSL_PARAM_BLD *bld = NULL;
369 OSSL_PARAM *fromdata_params = NULL;
370 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
372 * The buffer size chosen here for n_data larger than the buffer used
373 * internally in EVP_PKEY_get_bn_param.
375 static unsigned char n_data[2050];
376 static const unsigned char e_data[] = {
379 static const unsigned char d_data[]= {
380 0x99, 0x33, 0x13, 0x7b
383 /* N is a large buffer */
384 memset(n_data, 0xCE, sizeof(n_data));
386 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
387 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
388 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
389 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
390 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
391 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
392 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
393 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
394 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
395 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
396 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
397 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
398 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
399 || !TEST_BN_eq(n, n_out))
408 EVP_PKEY_CTX_free(key_ctx);
409 EVP_PKEY_CTX_free(ctx);
410 OSSL_PARAM_BLD_free_params(fromdata_params);
411 OSSL_PARAM_BLD_free(bld);
416 #ifndef OPENSSL_NO_DH
417 static int test_fromdata_dh_named_group(void)
420 int gindex = 0, pcounter = 0, hindex = 0;
421 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
422 EVP_PKEY *pk = NULL, *copy_pk = NULL;
424 BIGNUM *pub = NULL, *priv = NULL;
425 BIGNUM *pub_out = NULL, *priv_out = NULL;
426 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
427 OSSL_PARAM *fromdata_params = NULL;
428 OSSL_PARAM_BLD *bld = NULL;
430 unsigned char seed_out[32];
433 * DH key data was generated using the following:
434 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
435 * -pkeyopt priv_len:224 -text
437 static const unsigned char priv_data[] = {
438 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
439 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
440 0x87, 0xe8, 0xa9, 0x7b,
442 static const unsigned char pub_data[] = {
443 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
444 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
445 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
446 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
447 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
448 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
449 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
450 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
451 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
452 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
453 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
454 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
455 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
456 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
457 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
458 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
459 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
460 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
461 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
462 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
463 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
464 0xcf, 0x33, 0x42, 0x83, 0x42
466 static const char group_name[] = "ffdhe2048";
467 static const long priv_len = 224;
469 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
470 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
471 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
472 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
473 OSSL_PKEY_PARAM_GROUP_NAME,
475 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
477 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
478 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
479 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
482 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
485 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
486 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
487 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
488 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
489 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
492 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
493 name_out, sizeof(name_out),
495 || !TEST_str_eq(name_out, group_name)
496 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
499 || !TEST_BN_eq(pub, pub_out)
500 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
502 || !TEST_BN_eq(priv, priv_out)
503 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
504 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
505 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
507 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
508 || !TEST_BN_eq(&_bignum_const_2, g)
509 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
512 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
513 OSSL_PKEY_PARAM_FFC_SEED,
515 sizeof(seed_out), &len))
516 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
518 || !TEST_int_eq(gindex, -1)
519 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
520 || !TEST_int_eq(hindex, 0)
521 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
523 || !TEST_int_eq(pcounter, -1))
526 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
529 if (!TEST_true(EVP_PKEY_check(key_ctx))
530 || !TEST_true(EVP_PKEY_public_check(key_ctx))
531 || !TEST_true(EVP_PKEY_private_check(key_ctx))
532 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
535 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
536 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
539 ret = test_print_key_using_pem("DH", pk)
540 && test_print_key_using_encoder("DH", pk);
550 EVP_PKEY_free(copy_pk);
552 EVP_PKEY_CTX_free(ctx);
553 EVP_PKEY_CTX_free(key_ctx);
554 OSSL_PARAM_BLD_free_params(fromdata_params);
555 OSSL_PARAM_BLD_free(bld);
560 static int test_fromdata_dh_fips186_4(void)
563 int gindex = 0, pcounter = 0, hindex = 0;
564 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
567 BIGNUM *pub = NULL, *priv = NULL;
568 BIGNUM *pub_out = NULL, *priv_out = NULL;
569 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
570 OSSL_PARAM_BLD *bld = NULL;
571 OSSL_PARAM *fromdata_params = NULL;
573 unsigned char seed_out[32];
576 * DH key data was generated using the following:
577 * openssl genpkey -algorithm DH
578 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
580 static const unsigned char priv_data[] = {
581 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
582 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
583 0x87, 0xe8, 0xa9, 0x7b,
585 static const unsigned char pub_data[] = {
586 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
587 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
588 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
589 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
590 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
591 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
592 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
593 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
594 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
595 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
596 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
597 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
598 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
599 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
600 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
601 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
602 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
603 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
604 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
605 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
606 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
607 0x33, 0x42, 0x83, 0x42
609 static const char group_name[] = "ffdhe2048";
610 static const long priv_len = 224;
613 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
614 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
615 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
616 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
617 OSSL_PKEY_PARAM_GROUP_NAME,
619 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
621 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
622 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
623 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
626 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
629 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
630 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
631 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
632 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
633 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
636 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
637 name_out, sizeof(name_out),
639 || !TEST_str_eq(name_out, group_name)
640 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
642 || !TEST_BN_eq(pub, pub_out)
643 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
645 || !TEST_BN_eq(priv, priv_out)
646 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
647 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
648 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
650 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
651 || !TEST_BN_eq(&_bignum_const_2, g)
652 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
655 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
656 OSSL_PKEY_PARAM_FFC_SEED,
658 sizeof(seed_out), &len))
659 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
661 || !TEST_int_eq(gindex, -1)
662 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
663 || !TEST_int_eq(hindex, 0)
664 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
666 || !TEST_int_eq(pcounter, -1))
669 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
672 if (!TEST_true(EVP_PKEY_check(key_ctx))
673 || !TEST_true(EVP_PKEY_public_check(key_ctx))
674 || !TEST_true(EVP_PKEY_private_check(key_ctx))
675 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
678 ret = test_print_key_using_pem("DH", pk)
679 && test_print_key_using_encoder("DH", pk);
690 EVP_PKEY_CTX_free(ctx);
691 EVP_PKEY_CTX_free(key_ctx);
692 OSSL_PARAM_BLD_free_params(fromdata_params);
693 OSSL_PARAM_BLD_free(bld);
702 #ifndef OPENSSL_NO_EC
703 /* Array indexes used in test_fromdata_ecx */
707 # define X25519_IDX 0
709 # define ED25519_IDX 2
712 static int test_fromdata_ecx(int tst)
715 EVP_PKEY_CTX *ctx = NULL;
716 EVP_PKEY *pk = NULL, *copy_pk = NULL;
717 const char *alg = NULL;
719 unsigned char out_pub[ED448_KEYLEN];
720 unsigned char out_priv[ED448_KEYLEN];
722 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
723 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
724 /* X25519: Keys from RFC 7748 6.1 */
728 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
729 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
730 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
735 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
736 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
737 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
741 /* X448: Keys from RFC 7748 6.2 */
745 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
746 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
747 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
748 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
749 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
750 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
754 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
755 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
756 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
757 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
758 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
759 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
762 /* ED25519: Keys from RFC 8032 */
766 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
767 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
768 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
773 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
774 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
775 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
779 /* ED448: Keys from RFC 8032 */
783 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
784 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
785 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
786 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
787 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
788 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
792 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
793 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
794 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
795 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
796 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
797 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
801 OSSL_PARAM x25519_fromdata_params[] = {
802 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
803 key_numbers[X25519_IDX][PRIV_KEY],
805 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
806 key_numbers[X25519_IDX][PUB_KEY],
810 OSSL_PARAM x448_fromdata_params[] = {
811 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
812 key_numbers[X448_IDX][PRIV_KEY],
814 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
815 key_numbers[X448_IDX][PUB_KEY],
819 OSSL_PARAM ed25519_fromdata_params[] = {
820 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
821 key_numbers[ED25519_IDX][PRIV_KEY],
823 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
824 key_numbers[ED25519_IDX][PUB_KEY],
828 OSSL_PARAM ed448_fromdata_params[] = {
829 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
830 key_numbers[ED448_IDX][PRIV_KEY],
832 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
833 key_numbers[ED448_IDX][PUB_KEY],
837 OSSL_PARAM *fromdata_params = NULL;
838 int bits = 0, security_bits = 0, size = 0;
842 fromdata_params = x25519_fromdata_params;
844 security_bits = X25519_SECURITY_BITS;
845 size = X25519_KEYLEN;
850 fromdata_params = x448_fromdata_params;
852 security_bits = X448_SECURITY_BITS;
858 fromdata_params = ed25519_fromdata_params;
860 security_bits = ED25519_SECURITY_BITS;
861 size = ED25519_KEYLEN;
866 fromdata_params = ed448_fromdata_params;
868 security_bits = ED448_SECURITY_BITS;
876 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
880 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
881 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
882 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
883 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
884 || !TEST_int_eq(EVP_PKEY_size(pk), size))
887 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
888 /* This should succeed because there are no parameters to copy */
889 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
892 if (!TEST_true(EVP_PKEY_get_octet_string_param(
893 pk, fromdata_params[PRIV_KEY].key,
894 out_priv, sizeof(out_priv), &len))
895 || !TEST_mem_eq(out_priv, len,
896 fromdata_params[PRIV_KEY].data,
897 fromdata_params[PRIV_KEY].data_size)
898 || !TEST_true(EVP_PKEY_get_octet_string_param(
899 pk, fromdata_params[PUB_KEY].key,
900 out_pub, sizeof(out_pub), &len))
901 || !TEST_mem_eq(out_pub, len,
902 fromdata_params[PUB_KEY].data,
903 fromdata_params[PUB_KEY].data_size))
906 ret = test_print_key_using_pem(alg, pk)
907 && test_print_key_using_encoder(alg, pk);
911 EVP_PKEY_free(copy_pk);
912 EVP_PKEY_CTX_free(ctx);
919 static int test_fromdata_ec(void)
922 EVP_PKEY_CTX *ctx = NULL;
923 EVP_PKEY *pk = NULL, *copy_pk = NULL;
924 OSSL_PARAM_BLD *bld = NULL;
925 BIGNUM *ec_priv_bn = NULL;
926 BIGNUM *bn_priv = NULL;
927 OSSL_PARAM *fromdata_params = NULL;
928 const char *alg = "EC";
929 const char *curve = "prime256v1";
930 /* UNCOMPRESSED FORMAT */
931 static const unsigned char ec_pub_keydata[] = {
932 POINT_CONVERSION_UNCOMPRESSED,
933 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
934 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
935 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
936 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
937 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
938 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
939 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
940 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
942 static const unsigned char ec_priv_keydata[] = {
943 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
944 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
945 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
946 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
948 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
949 unsigned char out_pub[sizeof(ec_pub_keydata)];
950 char out_curve_name[80];
951 const OSSL_PARAM *gettable = NULL;
955 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
957 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
958 sizeof(ec_priv_keydata), NULL)))
961 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
964 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
966 sizeof(ec_pub_keydata)) <= 0)
968 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
970 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
972 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
976 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
977 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
978 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
979 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
980 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
983 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
984 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
987 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
988 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
989 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
990 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
993 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
994 out_curve_name, sizeof(out_curve_name),
996 || !TEST_str_eq(out_curve_name, curve)
997 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
998 out_pub, sizeof(out_pub), &len)
999 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1000 || !TEST_mem_eq(out_pub + 1, len - 1,
1001 ec_pub_keydata + 1, compressed_sz - 1)
1002 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1004 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1007 ret = test_print_key_using_pem(alg, pk)
1008 && test_print_key_using_encoder(alg, pk);
1011 BN_free(ec_priv_bn);
1012 OSSL_PARAM_BLD_free_params(fromdata_params);
1013 OSSL_PARAM_BLD_free(bld);
1015 EVP_PKEY_free(copy_pk);
1016 EVP_PKEY_CTX_free(ctx);
1020 #endif /* OPENSSL_NO_EC */
1022 #ifndef OPENSSL_NO_DSA
1023 static int test_fromdata_dsa_fips186_4(void)
1026 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1027 EVP_PKEY *pk = NULL, *copy_pk = NULL;
1028 BIGNUM *pub = NULL, *priv = NULL;
1029 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1030 BIGNUM *pub_out = NULL, *priv_out = NULL;
1031 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1032 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1034 unsigned char seed_out[32];
1036 OSSL_PARAM_BLD *bld = NULL;
1037 OSSL_PARAM *fromdata_params = NULL;
1040 * DSA parameter data was generated using the following:
1041 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1042 * -pkeyopt qbits:256 -pkeyopt type:0 \
1043 * -pkeyopt gindex:1 -out dsa_params.pem -text
1045 static const unsigned char p_data[] = {
1046 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1047 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1048 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1049 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1050 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1051 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1052 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1053 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1054 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1055 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1056 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1057 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1058 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1059 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1060 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1061 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1062 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1063 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1064 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1065 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1066 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1067 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1069 static const unsigned char q_data[] = {
1070 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1071 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1072 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1074 static const unsigned char g_data[] = {
1075 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1076 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1077 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1078 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1079 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1080 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1081 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1082 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1083 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1084 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1085 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1086 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1087 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1088 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1089 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1090 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1091 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1092 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1093 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1094 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1095 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1096 0x02, 0x6f, 0x96, 0x36
1098 static const unsigned char seed_data[] = {
1099 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1100 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1101 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1103 const int gindex = 1;
1104 const int pcounter = 53;
1106 * The keypair was generated using
1107 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1108 * -pkeyopt gindex:1 \
1109 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1111 static const unsigned char priv_data[] = {
1112 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1113 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1114 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1116 static const unsigned char pub_data[] = {
1117 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1118 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1119 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1120 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1121 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1122 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1123 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1124 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1125 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1126 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1127 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1128 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1129 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1130 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1131 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1132 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1133 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1134 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1135 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1136 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1137 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1138 0x48, 0xd1, 0x8a, 0xbd
1141 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1142 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1143 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1144 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1145 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1146 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1148 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1149 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1150 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1151 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1152 OSSL_PKEY_PARAM_FFC_SEED,
1155 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1157 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1158 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1160 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1162 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1164 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1167 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1170 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1171 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1172 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1173 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1174 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1177 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1178 name_out, sizeof(name_out),
1180 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1182 || !TEST_BN_eq(pub, pub_out)
1183 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1185 || !TEST_BN_eq(priv, priv_out)
1186 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1187 || !TEST_BN_eq(p, p_out)
1188 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1189 || !TEST_BN_eq(q, q_out)
1190 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1191 || !TEST_BN_eq(g, g_out)
1192 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1194 || !TEST_ptr_null(j_out)
1195 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1196 OSSL_PKEY_PARAM_FFC_SEED,
1197 seed_out, sizeof(seed_out),
1199 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1201 || !TEST_int_eq(gindex, gindex_out)
1202 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1204 || !TEST_int_eq(hindex_out, 0)
1205 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1207 || !TEST_int_eq(pcounter, pcounter_out))
1210 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1213 if (!TEST_true(EVP_PKEY_check(key_ctx))
1214 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1215 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1216 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1219 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1220 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1223 ret = test_print_key_using_pem("DSA", pk)
1224 && test_print_key_using_encoder("DSA", pk);
1226 OSSL_PARAM_BLD_free_params(fromdata_params);
1227 OSSL_PARAM_BLD_free(bld);
1240 EVP_PKEY_free(copy_pk);
1241 EVP_PKEY_CTX_free(ctx);
1242 EVP_PKEY_CTX_free(key_ctx);
1247 static int test_check_dsa(void)
1250 EVP_PKEY_CTX *ctx = NULL;
1252 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1253 || !TEST_false(EVP_PKEY_check(ctx))
1254 || !TEST_false(EVP_PKEY_public_check(ctx))
1255 || !TEST_false(EVP_PKEY_private_check(ctx))
1256 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1261 EVP_PKEY_CTX_free(ctx);
1265 #endif /* OPENSSL_NO_DSA */
1268 int setup_tests(void)
1270 if (!test_skip_common_options()) {
1271 TEST_error("Error parsing test options\n");
1275 if (!TEST_ptr(datadir = test_get_argument(0)))
1278 ADD_TEST(test_evp_pkey_get_bn_param_large);
1279 ADD_TEST(test_fromdata_rsa);
1280 #ifndef OPENSSL_NO_DH
1281 ADD_TEST(test_fromdata_dh_fips186_4);
1282 ADD_TEST(test_fromdata_dh_named_group);
1284 #ifndef OPENSSL_NO_DSA
1285 ADD_TEST(test_check_dsa);
1286 ADD_TEST(test_fromdata_dsa_fips186_4);
1288 #ifndef OPENSSL_NO_EC
1289 ADD_ALL_TESTS(test_fromdata_ecx, 4);
1290 ADD_TEST(test_fromdata_ec);