2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
26 * Do not change the order of the following defines unless you also
27 * update the for loop bounds used inside test_print_key_using_encoder() and
28 * test_print_key_using_encoder_public().
37 static void stripcr(char *buf, size_t *len)
42 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
53 static int compare_with_file(const char *alg, int type, BIO *membio)
58 char *memdata, *fullfile = NULL;
91 TEST_error("Invalid file type");
95 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
96 fullfile = test_mk_file_path(datadir, filename);
97 if (!TEST_ptr(fullfile))
100 file = BIO_new_file(fullfile, "rb");
104 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
105 || !TEST_true(BIO_eof(file))
106 || !TEST_size_t_lt(readbytes, sizeof(buf)))
109 len = BIO_get_mem_data(membio, &memdata);
110 if (!TEST_int_gt(len, 0))
114 if (type != PRIV_DER && type != PUB_DER) {
115 stripcr(memdata, &slen);
116 stripcr(buf, &readbytes);
119 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
124 OPENSSL_free(fullfile);
125 (void)BIO_reset(membio);
130 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
132 BIO *membio = BIO_new(BIO_s_mem());
135 if (!TEST_ptr(membio))
138 if (/* Output Encrypted private key in PEM form */
139 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
140 (unsigned char *)"pass", 4,
142 /* Private key in text form */
143 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
144 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
145 /* Public key in PEM form */
146 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
147 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
148 /* Unencrypted private key in PEM form */
149 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
150 NULL, NULL, 0, NULL, NULL))
151 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
160 static int test_print_key_type_using_encoder(const char *alg, int type,
163 const char *output_type, *output_structure;
165 OSSL_ENCODER_CTX *ctx = NULL;
166 BIO *membio = BIO_new(BIO_s_mem());
171 output_type = "TEXT";
172 output_structure = NULL;
173 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
174 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
179 output_structure = "pkcs8";
180 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
181 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
186 output_structure = "pkcs8";
187 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
188 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
192 output_type = "TEXT";
193 output_structure = NULL;
194 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
195 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
200 output_structure = "SubjectPublicKeyInfo";
201 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
202 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
207 output_structure = "SubjectPublicKeyInfo";
208 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
209 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
213 TEST_error("Invalid encoding type");
217 if (!TEST_ptr(membio))
220 /* Make a context, it's valid for several prints */
221 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
222 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
226 /* Check that this operation is supported */
227 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
230 /* Use no cipher. This should give us an unencrypted PEM */
231 TEST_note("Testing with no encryption");
232 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
233 || !TEST_true(compare_with_file(alg, type, membio)))
236 if (type == PRIV_PEM) {
237 /* Set a passphrase to be used later */
238 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
239 (unsigned char *)"pass",
243 /* Use a valid cipher name */
244 TEST_note("Displaying PEM encrypted with AES-256-CBC");
245 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
246 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
249 /* Use an invalid cipher name, which should generate no output */
250 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
251 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
252 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
255 /* Clear the cipher. This should give us an unencrypted PEM again */
256 TEST_note("Testing with encryption cleared (no encryption)");
257 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
258 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
259 || !TEST_true(compare_with_file(alg, type, membio)))
265 OSSL_ENCODER_CTX_free(ctx);
269 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
274 for (i = PRIV_TEXT; i <= PUB_DER; i++)
275 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
280 #ifndef OPENSSL_NO_EC
281 static int test_print_key_using_encoder_public(const char *alg,
287 for (i = PUB_TEXT; i <= PUB_DER; i++)
288 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
294 /* Array indexes used in test_fromdata_rsa */
304 static int test_fromdata_rsa(void)
307 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
308 EVP_PKEY *pk = NULL, *copy_pk = NULL;
310 * 32-bit RSA key, extracted from this command,
311 * executed with OpenSSL 1.0.2:
313 * openssl genrsa 32 | openssl rsa -text
315 static unsigned long key_numbers[] = {
325 OSSL_PARAM fromdata_params[] = {
326 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
327 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
328 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
329 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
330 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
331 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
332 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
333 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
336 BIGNUM *bn = BN_new();
337 BIGNUM *bn_from = BN_new();
339 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
342 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
343 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
345 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
346 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
347 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
350 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
353 if (!TEST_true(EVP_PKEY_check(key_ctx))
354 || !TEST_true(EVP_PKEY_public_check(key_ctx))
355 || !TEST_true(EVP_PKEY_private_check(key_ctx))
356 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
359 /* EVP_PKEY_copy_parameters() should fail for RSA */
360 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
361 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
364 ret = test_print_key_using_pem("RSA", pk)
365 && test_print_key_using_encoder("RSA", pk);
367 /* for better diagnostics always compare key params */
368 for (i = 0; fromdata_params[i].key != NULL; ++i) {
369 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
370 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
371 || !TEST_BN_eq(bn, bn_from))
377 EVP_PKEY_free(copy_pk);
378 EVP_PKEY_CTX_free(key_ctx);
379 EVP_PKEY_CTX_free(ctx);
384 static int test_evp_pkey_get_bn_param_large(void)
387 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
389 OSSL_PARAM_BLD *bld = NULL;
390 OSSL_PARAM *fromdata_params = NULL;
391 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
393 * The buffer size chosen here for n_data larger than the buffer used
394 * internally in EVP_PKEY_get_bn_param.
396 static unsigned char n_data[2050];
397 static const unsigned char e_data[] = {
400 static const unsigned char d_data[]= {
401 0x99, 0x33, 0x13, 0x7b
404 /* N is a large buffer */
405 memset(n_data, 0xCE, sizeof(n_data));
407 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
408 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
409 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
410 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
411 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
412 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
413 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
414 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
415 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
416 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
417 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
419 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
420 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
421 || !TEST_BN_eq(n, n_out))
430 EVP_PKEY_CTX_free(key_ctx);
431 EVP_PKEY_CTX_free(ctx);
432 OSSL_PARAM_BLD_free_params(fromdata_params);
433 OSSL_PARAM_BLD_free(bld);
438 #ifndef OPENSSL_NO_DH
439 static int test_fromdata_dh_named_group(void)
442 int gindex = 0, pcounter = 0, hindex = 0;
443 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
444 EVP_PKEY *pk = NULL, *copy_pk = NULL;
446 BIGNUM *pub = NULL, *priv = NULL;
447 BIGNUM *pub_out = NULL, *priv_out = NULL;
448 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
449 OSSL_PARAM *fromdata_params = NULL;
450 OSSL_PARAM_BLD *bld = NULL;
452 unsigned char seed_out[32];
455 * DH key data was generated using the following:
456 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
457 * -pkeyopt priv_len:224 -text
459 static const unsigned char priv_data[] = {
460 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
461 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
462 0x87, 0xe8, 0xa9, 0x7b,
464 static const unsigned char pub_data[] = {
465 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
466 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
467 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
468 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
469 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
470 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
471 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
472 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
473 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
474 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
475 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
476 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
477 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
478 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
479 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
480 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
481 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
482 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
483 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
484 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
485 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
486 0xcf, 0x33, 0x42, 0x83, 0x42
488 static const char group_name[] = "ffdhe2048";
489 static const long priv_len = 224;
491 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
492 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
493 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
494 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
495 OSSL_PKEY_PARAM_GROUP_NAME,
497 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
499 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
500 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
501 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
504 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
507 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
508 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
510 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
511 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
512 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
515 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
516 name_out, sizeof(name_out),
518 || !TEST_str_eq(name_out, group_name)
519 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
522 || !TEST_BN_eq(pub, pub_out)
523 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
525 || !TEST_BN_eq(priv, priv_out)
526 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
527 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
528 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
530 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
531 || !TEST_BN_eq(&ossl_bignum_const_2, g)
532 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
535 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
536 OSSL_PKEY_PARAM_FFC_SEED,
538 sizeof(seed_out), &len))
539 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
541 || !TEST_int_eq(gindex, -1)
542 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
543 || !TEST_int_eq(hindex, 0)
544 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
546 || !TEST_int_eq(pcounter, -1))
549 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
552 if (!TEST_true(EVP_PKEY_check(key_ctx))
553 || !TEST_true(EVP_PKEY_public_check(key_ctx))
554 || !TEST_true(EVP_PKEY_private_check(key_ctx))
555 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
558 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
559 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
562 ret = test_print_key_using_pem("DH", pk)
563 && test_print_key_using_encoder("DH", pk);
573 EVP_PKEY_free(copy_pk);
575 EVP_PKEY_CTX_free(ctx);
576 EVP_PKEY_CTX_free(key_ctx);
577 OSSL_PARAM_BLD_free_params(fromdata_params);
578 OSSL_PARAM_BLD_free(bld);
583 static int test_fromdata_dh_fips186_4(void)
586 int gindex = 0, pcounter = 0, hindex = 0;
587 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
590 BIGNUM *pub = NULL, *priv = NULL;
591 BIGNUM *pub_out = NULL, *priv_out = NULL;
592 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
593 OSSL_PARAM_BLD *bld = NULL;
594 OSSL_PARAM *fromdata_params = NULL;
596 unsigned char seed_out[32];
599 * DH key data was generated using the following:
600 * openssl genpkey -algorithm DH
601 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
603 static const unsigned char priv_data[] = {
604 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
605 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
606 0x87, 0xe8, 0xa9, 0x7b,
608 static const unsigned char pub_data[] = {
609 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
610 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
611 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
612 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
613 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
614 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
615 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
616 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
617 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
618 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
619 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
620 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
621 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
622 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
623 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
624 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
625 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
626 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
627 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
628 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
629 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
630 0x33, 0x42, 0x83, 0x42
632 static const char group_name[] = "ffdhe2048";
633 static const long priv_len = 224;
636 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
637 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
638 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
639 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
640 OSSL_PKEY_PARAM_GROUP_NAME,
642 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
644 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
645 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
646 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
649 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
652 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
653 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
655 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
656 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
657 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
660 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
661 name_out, sizeof(name_out),
663 || !TEST_str_eq(name_out, group_name)
664 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
666 || !TEST_BN_eq(pub, pub_out)
667 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
669 || !TEST_BN_eq(priv, priv_out)
670 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
671 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
672 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
674 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
675 || !TEST_BN_eq(&ossl_bignum_const_2, g)
676 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
679 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
680 OSSL_PKEY_PARAM_FFC_SEED,
682 sizeof(seed_out), &len))
683 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
685 || !TEST_int_eq(gindex, -1)
686 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
687 || !TEST_int_eq(hindex, 0)
688 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
690 || !TEST_int_eq(pcounter, -1))
693 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
696 if (!TEST_true(EVP_PKEY_check(key_ctx))
697 || !TEST_true(EVP_PKEY_public_check(key_ctx))
698 || !TEST_true(EVP_PKEY_private_check(key_ctx))
699 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
702 ret = test_print_key_using_pem("DH", pk)
703 && test_print_key_using_encoder("DH", pk);
714 EVP_PKEY_CTX_free(ctx);
715 EVP_PKEY_CTX_free(key_ctx);
716 OSSL_PARAM_BLD_free_params(fromdata_params);
717 OSSL_PARAM_BLD_free(bld);
726 #ifndef OPENSSL_NO_EC
727 /* Array indexes used in test_fromdata_ecx */
731 # define X25519_IDX 0
733 # define ED25519_IDX 2
737 * tst uses indexes 0 ... (3 * 4 - 1)
738 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
739 * 0..3 = public + private key.
740 * 4..7 = private key (This will generate the public key from the private key)
743 static int test_fromdata_ecx(int tst)
746 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
747 EVP_PKEY *pk = NULL, *copy_pk = NULL;
748 const char *alg = NULL;
750 unsigned char out_pub[ED448_KEYLEN];
751 unsigned char out_priv[ED448_KEYLEN];
752 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
754 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
755 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
756 /* X25519: Keys from RFC 7748 6.1 */
760 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
761 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
762 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
767 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
768 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
769 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
773 /* X448: Keys from RFC 7748 6.2 */
777 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
778 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
779 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
780 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
781 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
782 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
786 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
787 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
788 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
789 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
790 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
791 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
794 /* ED25519: Keys from RFC 8032 */
798 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
799 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
800 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
805 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
806 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
807 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
811 /* ED448: Keys from RFC 8032 */
815 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
816 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
817 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
818 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
819 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
820 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
824 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
825 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
826 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
827 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
828 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
829 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
833 OSSL_PARAM x25519_fromdata_params[] = {
834 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
835 key_numbers[X25519_IDX][PRIV_KEY],
837 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
838 key_numbers[X25519_IDX][PUB_KEY],
842 OSSL_PARAM x448_fromdata_params[] = {
843 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
844 key_numbers[X448_IDX][PRIV_KEY],
846 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
847 key_numbers[X448_IDX][PUB_KEY],
851 OSSL_PARAM ed25519_fromdata_params[] = {
852 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
853 key_numbers[ED25519_IDX][PRIV_KEY],
855 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
856 key_numbers[ED25519_IDX][PUB_KEY],
860 OSSL_PARAM ed448_fromdata_params[] = {
861 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
862 key_numbers[ED448_IDX][PRIV_KEY],
864 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
865 key_numbers[ED448_IDX][PUB_KEY],
869 OSSL_PARAM *fromdata_params = NULL;
870 int bits = 0, security_bits = 0, size = 0;
871 OSSL_PARAM *orig_fromdata_params = NULL;
875 fromdata_params = x25519_fromdata_params;
877 security_bits = X25519_SECURITY_BITS;
878 size = X25519_KEYLEN;
883 fromdata_params = x448_fromdata_params;
885 security_bits = X448_SECURITY_BITS;
891 fromdata_params = ed25519_fromdata_params;
893 security_bits = ED25519_SECURITY_BITS;
894 size = ED25519_KEYLEN;
899 fromdata_params = ed448_fromdata_params;
901 security_bits = ED448_SECURITY_BITS;
909 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
913 orig_fromdata_params = fromdata_params;
915 /* public key only */
917 } else if (tst > 3) {
918 /* private key only */
919 params[0] = fromdata_params[0];
920 params[1] = fromdata_params[2];
921 fromdata_params = params;
924 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
925 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
927 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
928 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
929 || !TEST_int_eq(EVP_PKEY_size(pk), size))
932 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
935 if (!TEST_true(EVP_PKEY_check(ctx2)))
937 if (!TEST_true(EVP_PKEY_get_octet_string_param(
938 pk, orig_fromdata_params[PRIV_KEY].key,
939 out_priv, sizeof(out_priv), &len))
940 || !TEST_mem_eq(out_priv, len,
941 orig_fromdata_params[PRIV_KEY].data,
942 orig_fromdata_params[PRIV_KEY].data_size)
943 || !TEST_true(EVP_PKEY_get_octet_string_param(
944 pk, orig_fromdata_params[PUB_KEY].key,
945 out_pub, sizeof(out_pub), &len))
946 || !TEST_mem_eq(out_pub, len,
947 orig_fromdata_params[PUB_KEY].data,
948 orig_fromdata_params[PUB_KEY].data_size))
951 /* The private key check should fail if there is only a public key */
952 if (!TEST_true(EVP_PKEY_public_check(ctx2))
953 || !TEST_false(EVP_PKEY_private_check(ctx2))
954 || !TEST_false(EVP_PKEY_check(ctx2)))
958 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
959 /* This should succeed because there are no parameters to copy */
960 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
964 ret = test_print_key_using_encoder_public(alg, pk);
966 ret = test_print_key_using_pem(alg, pk)
967 && test_print_key_using_encoder(alg, pk);
971 EVP_PKEY_free(copy_pk);
972 EVP_PKEY_CTX_free(ctx);
973 EVP_PKEY_CTX_free(ctx2);
980 static int test_fromdata_ec(void)
983 EVP_PKEY_CTX *ctx = NULL;
984 EVP_PKEY *pk = NULL, *copy_pk = NULL;
985 OSSL_PARAM_BLD *bld = NULL;
986 BIGNUM *ec_priv_bn = NULL;
987 BIGNUM *bn_priv = NULL;
988 OSSL_PARAM *fromdata_params = NULL;
989 const char *alg = "EC";
990 const char *curve = "prime256v1";
991 /* UNCOMPRESSED FORMAT */
992 static const unsigned char ec_pub_keydata[] = {
993 POINT_CONVERSION_UNCOMPRESSED,
994 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
995 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
996 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
997 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
998 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
999 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1000 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1001 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1003 static const unsigned char ec_priv_keydata[] = {
1004 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1005 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1006 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1007 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1009 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1010 unsigned char out_pub[sizeof(ec_pub_keydata)];
1011 char out_curve_name[80];
1012 const OSSL_PARAM *gettable = NULL;
1016 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1018 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1019 sizeof(ec_priv_keydata), NULL)))
1022 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1025 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1027 sizeof(ec_pub_keydata)) <= 0)
1029 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1031 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1033 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1037 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1038 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1040 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
1041 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
1042 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
1045 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1046 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1049 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1050 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
1051 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
1052 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
1055 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1056 out_curve_name, sizeof(out_curve_name),
1058 || !TEST_str_eq(out_curve_name, curve)
1059 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1060 out_pub, sizeof(out_pub), &len)
1061 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1062 || !TEST_mem_eq(out_pub + 1, len - 1,
1063 ec_pub_keydata + 1, compressed_sz - 1)
1064 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1066 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1069 ret = test_print_key_using_pem(alg, pk)
1070 && test_print_key_using_encoder(alg, pk);
1073 BN_free(ec_priv_bn);
1074 OSSL_PARAM_BLD_free_params(fromdata_params);
1075 OSSL_PARAM_BLD_free(bld);
1077 EVP_PKEY_free(copy_pk);
1078 EVP_PKEY_CTX_free(ctx);
1082 static int test_ec_dup_no_operation(void)
1085 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1086 EVP_PKEY *param = NULL, *pkey = NULL;
1088 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1089 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1090 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1091 NID_X9_62_prime256v1), 0)
1092 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1093 || !TEST_ptr(param))
1096 EVP_PKEY_CTX_free(pctx);
1099 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1100 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1101 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1102 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1106 EVP_PKEY_free(pkey);
1107 EVP_PKEY_free(param);
1108 EVP_PKEY_CTX_free(ctx);
1109 EVP_PKEY_CTX_free(kctx);
1110 EVP_PKEY_CTX_free(pctx);
1114 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1115 static int test_ec_dup_keygen_operation(void)
1118 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1119 EVP_PKEY *param = NULL, *pkey = NULL;
1121 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1122 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1123 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1124 NID_X9_62_prime256v1), 0)
1125 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1126 || !TEST_ptr(param))
1129 EVP_PKEY_CTX_free(pctx);
1132 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1133 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1134 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1138 EVP_PKEY_free(pkey);
1139 EVP_PKEY_free(param);
1140 EVP_PKEY_CTX_free(ctx);
1141 EVP_PKEY_CTX_free(kctx);
1142 EVP_PKEY_CTX_free(pctx);
1146 #endif /* OPENSSL_NO_EC */
1148 #ifndef OPENSSL_NO_DSA
1149 static int test_fromdata_dsa_fips186_4(void)
1152 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1153 EVP_PKEY *pk = NULL, *copy_pk = NULL;
1154 BIGNUM *pub = NULL, *priv = NULL;
1155 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1156 BIGNUM *pub_out = NULL, *priv_out = NULL;
1157 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1158 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1160 unsigned char seed_out[32];
1162 OSSL_PARAM_BLD *bld = NULL;
1163 OSSL_PARAM *fromdata_params = NULL;
1166 * DSA parameter data was generated using the following:
1167 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1168 * -pkeyopt qbits:256 -pkeyopt type:0 \
1169 * -pkeyopt gindex:1 -out dsa_params.pem -text
1171 static const unsigned char p_data[] = {
1172 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1173 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1174 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1175 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1176 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1177 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1178 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1179 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1180 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1181 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1182 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1183 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1184 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1185 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1186 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1187 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1188 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1189 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1190 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1191 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1192 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1193 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1195 static const unsigned char q_data[] = {
1196 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1197 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1198 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1200 static const unsigned char g_data[] = {
1201 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1202 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1203 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1204 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1205 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1206 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1207 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1208 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1209 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1210 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1211 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1212 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1213 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1214 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1215 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1216 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1217 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1218 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1219 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1220 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1221 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1222 0x02, 0x6f, 0x96, 0x36
1224 static const unsigned char seed_data[] = {
1225 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1226 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1227 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1229 const int gindex = 1;
1230 const int pcounter = 53;
1232 * The keypair was generated using
1233 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1234 * -pkeyopt gindex:1 \
1235 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1237 static const unsigned char priv_data[] = {
1238 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1239 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1240 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1242 static const unsigned char pub_data[] = {
1243 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1244 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1245 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1246 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1247 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1248 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1249 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1250 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1251 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1252 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1253 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1254 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1255 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1256 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1257 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1258 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1259 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1260 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1261 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1262 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1263 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1264 0x48, 0xd1, 0x8a, 0xbd
1267 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1268 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1269 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1270 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1271 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1272 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1274 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1275 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1276 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1277 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1278 OSSL_PKEY_PARAM_FFC_SEED,
1281 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1283 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1284 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1286 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1288 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1290 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1293 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1296 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1297 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1299 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1300 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1301 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1304 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1305 name_out, sizeof(name_out),
1307 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1309 || !TEST_BN_eq(pub, pub_out)
1310 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1312 || !TEST_BN_eq(priv, priv_out)
1313 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1314 || !TEST_BN_eq(p, p_out)
1315 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1316 || !TEST_BN_eq(q, q_out)
1317 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1318 || !TEST_BN_eq(g, g_out)
1319 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1321 || !TEST_ptr_null(j_out)
1322 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1323 OSSL_PKEY_PARAM_FFC_SEED,
1324 seed_out, sizeof(seed_out),
1326 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1328 || !TEST_int_eq(gindex, gindex_out)
1329 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1331 || !TEST_int_eq(hindex_out, 0)
1332 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1334 || !TEST_int_eq(pcounter, pcounter_out))
1337 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1340 if (!TEST_true(EVP_PKEY_check(key_ctx))
1341 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1342 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1343 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1346 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1347 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1350 ret = test_print_key_using_pem("DSA", pk)
1351 && test_print_key_using_encoder("DSA", pk);
1353 OSSL_PARAM_BLD_free_params(fromdata_params);
1354 OSSL_PARAM_BLD_free(bld);
1367 EVP_PKEY_free(copy_pk);
1368 EVP_PKEY_CTX_free(ctx);
1369 EVP_PKEY_CTX_free(key_ctx);
1374 static int test_check_dsa(void)
1377 EVP_PKEY_CTX *ctx = NULL;
1379 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1380 || !TEST_false(EVP_PKEY_check(ctx))
1381 || !TEST_false(EVP_PKEY_public_check(ctx))
1382 || !TEST_false(EVP_PKEY_private_check(ctx))
1383 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1388 EVP_PKEY_CTX_free(ctx);
1392 #endif /* OPENSSL_NO_DSA */
1395 int setup_tests(void)
1397 if (!test_skip_common_options()) {
1398 TEST_error("Error parsing test options\n");
1402 if (!TEST_ptr(datadir = test_get_argument(0)))
1405 ADD_TEST(test_evp_pkey_get_bn_param_large);
1406 ADD_TEST(test_fromdata_rsa);
1407 #ifndef OPENSSL_NO_DH
1408 ADD_TEST(test_fromdata_dh_fips186_4);
1409 ADD_TEST(test_fromdata_dh_named_group);
1411 #ifndef OPENSSL_NO_DSA
1412 ADD_TEST(test_check_dsa);
1413 ADD_TEST(test_fromdata_dsa_fips186_4);
1415 #ifndef OPENSSL_NO_EC
1416 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1417 ADD_TEST(test_fromdata_ec);
1418 ADD_TEST(test_ec_dup_no_operation);
1419 ADD_TEST(test_ec_dup_keygen_operation);