2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include <openssl/sha.h>
18 #include "crypto/ecx.h"
19 #include "crypto/evp.h" /* For the internal API */
20 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21 #include "internal/nelem.h"
24 static char *datadir = NULL;
27 * Do not change the order of the following defines unless you also
28 * update the for loop bounds used inside test_print_key_using_encoder() and
29 * test_print_key_using_encoder_public().
38 static void stripcr(char *buf, size_t *len)
43 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
54 static int compare_with_file(const char *alg, int type, BIO *membio)
59 char *memdata, *fullfile = NULL;
92 TEST_error("Invalid file type");
96 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97 fullfile = test_mk_file_path(datadir, filename);
98 if (!TEST_ptr(fullfile))
101 file = BIO_new_file(fullfile, "rb");
105 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106 || !TEST_true(BIO_eof(file))
107 || !TEST_size_t_lt(readbytes, sizeof(buf)))
110 len = BIO_get_mem_data(membio, &memdata);
111 if (!TEST_int_gt(len, 0))
115 if (type != PRIV_DER && type != PUB_DER) {
116 stripcr(memdata, &slen);
117 stripcr(buf, &readbytes);
120 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
125 OPENSSL_free(fullfile);
126 (void)BIO_reset(membio);
131 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
133 BIO *membio = BIO_new(BIO_s_mem());
136 if (!TEST_ptr(membio))
139 if (/* Output Encrypted private key in PEM form */
140 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
141 (unsigned char *)"pass", 4,
143 /* Private key in text form */
144 || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
145 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
146 /* Public key in PEM form */
147 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
148 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
149 /* Unencrypted private key in PEM form */
150 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
151 NULL, NULL, 0, NULL, NULL))
152 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
161 static int test_print_key_type_using_encoder(const char *alg, int type,
164 const char *output_type, *output_structure;
166 OSSL_ENCODER_CTX *ctx = NULL;
167 BIO *membio = BIO_new(BIO_s_mem());
172 output_type = "TEXT";
173 output_structure = NULL;
174 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
175 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
180 output_structure = "PrivateKeyInfo";
181 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
182 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
187 output_structure = "PrivateKeyInfo";
188 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
189 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
193 output_type = "TEXT";
194 output_structure = NULL;
195 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
196 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
201 output_structure = "SubjectPublicKeyInfo";
202 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
203 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
208 output_structure = "SubjectPublicKeyInfo";
209 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
210 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
214 TEST_error("Invalid encoding type");
218 if (!TEST_ptr(membio))
221 /* Make a context, it's valid for several prints */
222 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
223 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
227 /* Check that this operation is supported */
228 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
231 /* Use no cipher. This should give us an unencrypted PEM */
232 TEST_note("Testing with no encryption");
233 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
234 || !TEST_true(compare_with_file(alg, type, membio)))
237 if (type == PRIV_PEM) {
238 /* Set a passphrase to be used later */
239 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
240 (unsigned char *)"pass",
244 /* Use a valid cipher name */
245 TEST_note("Displaying PEM encrypted with AES-256-CBC");
246 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
247 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
250 /* Use an invalid cipher name, which should generate no output */
251 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
252 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
253 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
256 /* Clear the cipher. This should give us an unencrypted PEM again */
257 TEST_note("Testing with encryption cleared (no encryption)");
258 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
259 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
260 || !TEST_true(compare_with_file(alg, type, membio)))
266 OSSL_ENCODER_CTX_free(ctx);
270 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
275 for (i = PRIV_TEXT; i <= PUB_DER; i++)
276 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
281 #ifndef OPENSSL_NO_EC
282 static int test_print_key_using_encoder_public(const char *alg,
288 for (i = PUB_TEXT; i <= PUB_DER; i++)
289 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
295 /* Array indexes used in test_fromdata_rsa */
305 static int test_fromdata_rsa(void)
308 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
309 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
311 * 32-bit RSA key, extracted from this command,
312 * executed with OpenSSL 1.0.2:
314 * openssl genrsa 32 | openssl rsa -text
316 static unsigned long key_numbers[] = {
326 OSSL_PARAM fromdata_params[] = {
327 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
328 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
329 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
330 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
331 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
332 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
333 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
334 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
337 BIGNUM *bn = BN_new();
338 BIGNUM *bn_from = BN_new();
340 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
343 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
344 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
345 fromdata_params), 1))
348 while (dup_pk == NULL) {
350 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
351 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
352 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
353 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
356 EVP_PKEY_CTX_free(key_ctx);
357 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
360 if (!TEST_true(EVP_PKEY_check(key_ctx))
361 || !TEST_true(EVP_PKEY_public_check(key_ctx))
362 || !TEST_true(EVP_PKEY_private_check(key_ctx))
363 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
366 /* EVP_PKEY_copy_parameters() should fail for RSA */
367 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
368 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
370 EVP_PKEY_free(copy_pk);
373 ret = test_print_key_using_pem("RSA", pk)
374 && test_print_key_using_encoder("RSA", pk);
376 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
378 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
385 /* for better diagnostics always compare key params */
386 for (i = 0; fromdata_params[i].key != NULL; ++i) {
387 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
388 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
389 || !TEST_BN_eq(bn, bn_from))
395 EVP_PKEY_free(copy_pk);
396 EVP_PKEY_CTX_free(key_ctx);
397 EVP_PKEY_CTX_free(ctx);
402 static int test_evp_pkey_get_bn_param_large(void)
405 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
407 OSSL_PARAM_BLD *bld = NULL;
408 OSSL_PARAM *fromdata_params = NULL;
409 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
411 * The buffer size chosen here for n_data larger than the buffer used
412 * internally in EVP_PKEY_get_bn_param.
414 static unsigned char n_data[2050];
415 static const unsigned char e_data[] = {
418 static const unsigned char d_data[]= {
419 0x99, 0x33, 0x13, 0x7b
422 /* N is a large buffer */
423 memset(n_data, 0xCE, sizeof(n_data));
425 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
426 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
427 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
428 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
429 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
430 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
431 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
432 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
433 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
434 || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
435 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
437 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
438 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
439 || !TEST_BN_eq(n, n_out))
448 EVP_PKEY_CTX_free(key_ctx);
449 EVP_PKEY_CTX_free(ctx);
450 OSSL_PARAM_free(fromdata_params);
451 OSSL_PARAM_BLD_free(bld);
456 #ifndef OPENSSL_NO_DH
457 static int test_fromdata_dh_named_group(void)
460 int gindex = 0, pcounter = 0, hindex = 0;
461 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
462 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
464 BIGNUM *pub = NULL, *priv = NULL;
465 BIGNUM *pub_out = NULL, *priv_out = NULL;
466 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
467 OSSL_PARAM *fromdata_params = NULL;
468 OSSL_PARAM_BLD *bld = NULL;
470 unsigned char seed_out[32];
473 * DH key data was generated using the following:
474 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
475 * -pkeyopt priv_len:224 -text
477 static const unsigned char priv_data[] = {
478 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
479 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
480 0x87, 0xe8, 0xa9, 0x7b,
482 static const unsigned char pub_data[] = {
483 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
484 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
485 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
486 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
487 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
488 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
489 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
490 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
491 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
492 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
493 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
494 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
495 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
496 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
497 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
498 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
499 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
500 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
501 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
502 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
503 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
504 0xcf, 0x33, 0x42, 0x83, 0x42
506 static const char group_name[] = "ffdhe2048";
507 static const long priv_len = 224;
509 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
510 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
511 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
512 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
513 OSSL_PKEY_PARAM_GROUP_NAME,
515 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
517 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
518 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
519 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
522 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
525 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
526 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
527 fromdata_params), 1))
531 * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
532 * it behaves as expected with regards to string length and terminating
535 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
536 OSSL_PKEY_PARAM_GROUP_NAME,
537 NULL, sizeof(name_out),
539 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
540 /* Just enough space to hold the group name and a terminating NUL */
541 || !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
542 OSSL_PKEY_PARAM_GROUP_NAME,
546 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
547 /* Too small buffer to hold the terminating NUL byte */
548 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
549 OSSL_PKEY_PARAM_GROUP_NAME,
551 sizeof(group_name) - 1,
553 /* Too small buffer to hold the whole group name, even! */
554 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
555 OSSL_PKEY_PARAM_GROUP_NAME,
557 sizeof(group_name) - 2,
561 while (dup_pk == NULL) {
563 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
564 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
565 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
566 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
569 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
570 OSSL_PKEY_PARAM_GROUP_NAME,
574 || !TEST_str_eq(name_out, group_name)
575 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
578 || !TEST_BN_eq(pub, pub_out)
579 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
581 || !TEST_BN_eq(priv, priv_out)
582 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
583 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
584 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
586 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
587 || !TEST_BN_eq(&ossl_bignum_const_2, g)
588 || !TEST_false(EVP_PKEY_get_bn_param(pk,
589 OSSL_PKEY_PARAM_FFC_COFACTOR,
592 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
593 OSSL_PKEY_PARAM_FFC_SEED,
597 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
599 || !TEST_int_eq(gindex, -1)
600 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
602 || !TEST_int_eq(hindex, 0)
603 || !TEST_true(EVP_PKEY_get_int_param(pk,
604 OSSL_PKEY_PARAM_FFC_PCOUNTER,
606 || !TEST_int_eq(pcounter, -1))
621 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
624 if (!TEST_true(EVP_PKEY_check(key_ctx))
625 || !TEST_true(EVP_PKEY_public_check(key_ctx))
626 || !TEST_true(EVP_PKEY_private_check(key_ctx))
627 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
629 EVP_PKEY_CTX_free(key_ctx);
632 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
633 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
635 EVP_PKEY_free(copy_pk);
638 ret = test_print_key_using_pem("DH", pk)
639 && test_print_key_using_encoder("DH", pk);
641 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
643 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
658 EVP_PKEY_free(copy_pk);
660 EVP_PKEY_CTX_free(ctx);
661 EVP_PKEY_CTX_free(key_ctx);
662 OSSL_PARAM_free(fromdata_params);
663 OSSL_PARAM_BLD_free(bld);
668 static int test_fromdata_dh_fips186_4(void)
671 int gindex = 0, pcounter = 0, hindex = 0;
672 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
673 EVP_PKEY *pk = NULL, *dup_pk = NULL;
675 BIGNUM *pub = NULL, *priv = NULL;
676 BIGNUM *pub_out = NULL, *priv_out = NULL;
677 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
678 OSSL_PARAM_BLD *bld = NULL;
679 OSSL_PARAM *fromdata_params = NULL;
681 unsigned char seed_out[32];
684 * DH key data was generated using the following:
685 * openssl genpkey -algorithm DH
686 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
688 static const unsigned char priv_data[] = {
689 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
690 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
691 0x87, 0xe8, 0xa9, 0x7b,
693 static const unsigned char pub_data[] = {
694 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
695 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
696 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
697 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
698 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
699 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
700 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
701 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
702 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
703 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
704 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
705 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
706 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
707 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
708 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
709 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
710 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
711 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
712 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
713 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
714 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
715 0x33, 0x42, 0x83, 0x42
717 static const char group_name[] = "ffdhe2048";
718 static const long priv_len = 224;
721 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
722 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
723 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
724 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
725 OSSL_PKEY_PARAM_GROUP_NAME,
727 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
729 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
730 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
731 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
734 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
737 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
738 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
739 fromdata_params), 1))
742 while (dup_pk == NULL) {
744 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
745 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
746 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
747 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
750 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
751 OSSL_PKEY_PARAM_GROUP_NAME,
755 || !TEST_str_eq(name_out, group_name)
756 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
758 || !TEST_BN_eq(pub, pub_out)
759 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
761 || !TEST_BN_eq(priv, priv_out)
762 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
763 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
764 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
766 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
767 || !TEST_BN_eq(&ossl_bignum_const_2, g)
768 || !TEST_false(EVP_PKEY_get_bn_param(pk,
769 OSSL_PKEY_PARAM_FFC_COFACTOR,
772 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
773 OSSL_PKEY_PARAM_FFC_SEED,
777 || !TEST_true(EVP_PKEY_get_int_param(pk,
778 OSSL_PKEY_PARAM_FFC_GINDEX,
780 || !TEST_int_eq(gindex, -1)
781 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
783 || !TEST_int_eq(hindex, 0)
784 || !TEST_true(EVP_PKEY_get_int_param(pk,
785 OSSL_PKEY_PARAM_FFC_PCOUNTER,
787 || !TEST_int_eq(pcounter, -1))
802 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
805 if (!TEST_true(EVP_PKEY_check(key_ctx))
806 || !TEST_true(EVP_PKEY_public_check(key_ctx))
807 || !TEST_true(EVP_PKEY_private_check(key_ctx))
808 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
810 EVP_PKEY_CTX_free(key_ctx);
813 ret = test_print_key_using_pem("DH", pk)
814 && test_print_key_using_encoder("DH", pk);
816 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
818 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
834 EVP_PKEY_CTX_free(ctx);
835 EVP_PKEY_CTX_free(key_ctx);
836 OSSL_PARAM_free(fromdata_params);
837 OSSL_PARAM_BLD_free(bld);
846 #ifndef OPENSSL_NO_EC
847 /* Array indexes used in test_fromdata_ecx */
851 # define X25519_IDX 0
853 # define ED25519_IDX 2
857 * tst uses indexes 0 ... (3 * 4 - 1)
858 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
859 * 0..3 = public + private key.
860 * 4..7 = private key (This will generate the public key from the private key)
863 static int test_fromdata_ecx(int tst)
866 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
867 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
868 const char *alg = NULL;
870 unsigned char out_pub[ED448_KEYLEN];
871 unsigned char out_priv[ED448_KEYLEN];
872 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
874 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
875 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
876 /* X25519: Keys from RFC 7748 6.1 */
880 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
881 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
882 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
887 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
888 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
889 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
893 /* X448: Keys from RFC 7748 6.2 */
897 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
898 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
899 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
900 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
901 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
902 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
906 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
907 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
908 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
909 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
910 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
911 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
914 /* ED25519: Keys from RFC 8032 */
918 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
919 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
920 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
925 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
926 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
927 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
931 /* ED448: Keys from RFC 8032 */
935 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
936 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
937 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
938 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
939 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
940 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
944 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
945 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
946 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
947 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
948 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
949 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
953 OSSL_PARAM x25519_fromdata_params[] = {
954 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
955 key_numbers[X25519_IDX][PRIV_KEY],
957 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
958 key_numbers[X25519_IDX][PUB_KEY],
962 OSSL_PARAM x448_fromdata_params[] = {
963 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
964 key_numbers[X448_IDX][PRIV_KEY],
966 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
967 key_numbers[X448_IDX][PUB_KEY],
971 OSSL_PARAM ed25519_fromdata_params[] = {
972 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
973 key_numbers[ED25519_IDX][PRIV_KEY],
975 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
976 key_numbers[ED25519_IDX][PUB_KEY],
980 OSSL_PARAM ed448_fromdata_params[] = {
981 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
982 key_numbers[ED448_IDX][PRIV_KEY],
984 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
985 key_numbers[ED448_IDX][PUB_KEY],
989 OSSL_PARAM *fromdata_params = NULL;
990 int bits = 0, security_bits = 0, size = 0;
991 OSSL_PARAM *orig_fromdata_params = NULL;
995 fromdata_params = x25519_fromdata_params;
997 security_bits = X25519_SECURITY_BITS;
998 size = X25519_KEYLEN;
1003 fromdata_params = x448_fromdata_params;
1005 security_bits = X448_SECURITY_BITS;
1011 fromdata_params = ed25519_fromdata_params;
1012 bits = ED25519_BITS;
1013 security_bits = ED25519_SECURITY_BITS;
1014 size = ED25519_SIGSIZE;
1019 fromdata_params = ed448_fromdata_params;
1021 security_bits = ED448_SECURITY_BITS;
1022 size = ED448_SIGSIZE;
1029 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1033 orig_fromdata_params = fromdata_params;
1035 /* public key only */
1037 } else if (tst > 3) {
1038 /* private key only */
1039 params[0] = fromdata_params[0];
1040 params[1] = fromdata_params[2];
1041 fromdata_params = params;
1044 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1045 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1046 fromdata_params), 1))
1049 while (dup_pk == NULL) {
1051 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1052 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1053 || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1054 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1057 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1060 if (!TEST_true(EVP_PKEY_check(ctx2)))
1062 if (!TEST_true(EVP_PKEY_get_octet_string_param(
1063 pk, orig_fromdata_params[PRIV_KEY].key,
1064 out_priv, sizeof(out_priv), &len))
1065 || !TEST_mem_eq(out_priv, len,
1066 orig_fromdata_params[PRIV_KEY].data,
1067 orig_fromdata_params[PRIV_KEY].data_size)
1068 || !TEST_true(EVP_PKEY_get_octet_string_param(
1069 pk, orig_fromdata_params[PUB_KEY].key,
1070 out_pub, sizeof(out_pub), &len))
1071 || !TEST_mem_eq(out_pub, len,
1072 orig_fromdata_params[PUB_KEY].data,
1073 orig_fromdata_params[PUB_KEY].data_size))
1076 /* The private key check should fail if there is only a public key */
1077 if (!TEST_true(EVP_PKEY_public_check(ctx2))
1078 || !TEST_false(EVP_PKEY_private_check(ctx2))
1079 || !TEST_false(EVP_PKEY_check(ctx2)))
1082 EVP_PKEY_CTX_free(ctx2);
1085 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1086 /* This should succeed because there are no parameters to copy */
1087 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1089 EVP_PKEY_free(copy_pk);
1093 ret = test_print_key_using_encoder_public(alg, pk);
1095 ret = test_print_key_using_pem(alg, pk)
1096 && test_print_key_using_encoder(alg, pk);
1098 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1100 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1109 EVP_PKEY_free(copy_pk);
1110 EVP_PKEY_CTX_free(ctx);
1111 EVP_PKEY_CTX_free(ctx2);
1116 static int test_fromdata_ec(void)
1119 EVP_PKEY_CTX *ctx = NULL;
1120 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1121 OSSL_PARAM_BLD *bld = NULL;
1122 BIGNUM *ec_priv_bn = NULL;
1123 BIGNUM *bn_priv = NULL;
1124 OSSL_PARAM *fromdata_params = NULL;
1125 const char *alg = "EC";
1126 const char *curve = "prime256v1";
1127 const char bad_curve[] = "nonexistent-curve";
1128 OSSL_PARAM nokey_params[2] = {
1132 /* UNCOMPRESSED FORMAT */
1133 static const unsigned char ec_pub_keydata[] = {
1134 POINT_CONVERSION_UNCOMPRESSED,
1135 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1136 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1137 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1138 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1139 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1140 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1141 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1142 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1144 static const unsigned char ec_priv_keydata[] = {
1145 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1146 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1147 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1148 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1150 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1151 unsigned char out_pub[sizeof(ec_pub_keydata)];
1152 char out_curve_name[80];
1153 const OSSL_PARAM *gettable = NULL;
1155 EC_GROUP *group = NULL;
1156 BIGNUM *group_a = NULL;
1157 BIGNUM *group_b = NULL;
1158 BIGNUM *group_p = NULL;
1164 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1166 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1167 sizeof(ec_priv_keydata), NULL)))
1170 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1173 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1175 sizeof(ec_pub_keydata)) <= 0)
1177 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1179 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1181 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1185 /* try importing parameters with bad curve first */
1187 OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1188 (char *)bad_curve, sizeof(bad_curve));
1189 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1190 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1192 || !TEST_ptr_null(pk))
1195 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1196 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1197 fromdata_params), 1))
1200 while (dup_pk == NULL) {
1202 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1203 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1204 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1205 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1208 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1209 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1211 EVP_PKEY_free(copy_pk);
1214 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1215 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1216 OSSL_PKEY_PARAM_GROUP_NAME))
1217 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1218 OSSL_PKEY_PARAM_PUB_KEY))
1219 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1220 OSSL_PKEY_PARAM_PRIV_KEY)))
1223 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1224 || !TEST_ptr(group_p = BN_new())
1225 || !TEST_ptr(group_a = BN_new())
1226 || !TEST_ptr(group_b = BN_new())
1227 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1230 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1231 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1232 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1235 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
1236 || !TEST_BN_eq(group_b, b))
1239 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1241 sizeof(out_curve_name),
1243 || !TEST_str_eq(out_curve_name, curve)
1244 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1245 out_pub, sizeof(out_pub), &len)
1246 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1247 || !TEST_mem_eq(out_pub + 1, len - 1,
1248 ec_pub_keydata + 1, compressed_sz - 1)
1249 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1251 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1256 ret = test_print_key_using_pem(alg, pk)
1257 && test_print_key_using_encoder(alg, pk);
1259 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1261 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1269 EC_GROUP_free(group);
1277 BN_free(ec_priv_bn);
1278 OSSL_PARAM_free(fromdata_params);
1279 OSSL_PARAM_BLD_free(bld);
1281 EVP_PKEY_free(copy_pk);
1282 EVP_PKEY_CTX_free(ctx);
1286 static int test_ec_dup_no_operation(void)
1289 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1290 EVP_PKEY *param = NULL, *pkey = NULL;
1292 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1293 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1294 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1295 NID_X9_62_prime256v1), 0)
1296 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1297 || !TEST_ptr(param))
1300 EVP_PKEY_CTX_free(pctx);
1303 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1304 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1305 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1306 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1310 EVP_PKEY_free(pkey);
1311 EVP_PKEY_free(param);
1312 EVP_PKEY_CTX_free(ctx);
1313 EVP_PKEY_CTX_free(kctx);
1314 EVP_PKEY_CTX_free(pctx);
1318 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1319 static int test_ec_dup_keygen_operation(void)
1322 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1323 EVP_PKEY *param = NULL, *pkey = NULL;
1325 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1326 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1327 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1328 NID_X9_62_prime256v1), 0)
1329 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1330 || !TEST_ptr(param))
1333 EVP_PKEY_CTX_free(pctx);
1336 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1337 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1338 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1342 EVP_PKEY_free(pkey);
1343 EVP_PKEY_free(param);
1344 EVP_PKEY_CTX_free(ctx);
1345 EVP_PKEY_CTX_free(kctx);
1346 EVP_PKEY_CTX_free(pctx);
1350 #endif /* OPENSSL_NO_EC */
1352 #ifndef OPENSSL_NO_DSA
1353 static int test_fromdata_dsa_fips186_4(void)
1356 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1357 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1358 BIGNUM *pub = NULL, *priv = NULL;
1359 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1360 BIGNUM *pub_out = NULL, *priv_out = NULL;
1361 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1362 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1364 unsigned char seed_out[32];
1366 OSSL_PARAM_BLD *bld = NULL;
1367 OSSL_PARAM *fromdata_params = NULL;
1370 * DSA parameter data was generated using the following:
1371 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1372 * -pkeyopt qbits:256 -pkeyopt type:0 \
1373 * -pkeyopt gindex:1 -out dsa_params.pem -text
1375 static const unsigned char p_data[] = {
1376 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1377 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1378 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1379 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1380 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1381 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1382 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1383 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1384 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1385 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1386 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1387 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1388 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1389 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1390 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1391 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1392 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1393 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1394 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1395 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1396 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1397 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1399 static const unsigned char q_data[] = {
1400 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1401 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1402 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1404 static const unsigned char g_data[] = {
1405 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1406 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1407 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1408 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1409 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1410 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1411 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1412 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1413 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1414 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1415 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1416 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1417 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1418 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1419 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1420 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1421 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1422 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1423 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1424 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1425 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1426 0x02, 0x6f, 0x96, 0x36
1428 static const unsigned char seed_data[] = {
1429 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1430 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1431 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1433 const int gindex = 1;
1434 const int pcounter = 53;
1436 * The keypair was generated using
1437 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1438 * -pkeyopt gindex:1 \
1439 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1441 static const unsigned char priv_data[] = {
1442 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1443 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1444 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1446 static const unsigned char pub_data[] = {
1447 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1448 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1449 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1450 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1451 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1452 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1453 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1454 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1455 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1456 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1457 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1458 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1459 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1460 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1461 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1462 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1463 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1464 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1465 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1466 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1467 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1468 0x48, 0xd1, 0x8a, 0xbd
1471 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1472 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1473 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1474 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1475 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1476 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1478 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1479 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1480 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1481 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1482 OSSL_PKEY_PARAM_FFC_SEED,
1485 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1487 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1488 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1490 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1492 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1494 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1497 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1500 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1501 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1502 fromdata_params), 1))
1505 while (dup_pk == NULL) {
1507 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1508 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1509 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1510 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1513 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1514 OSSL_PKEY_PARAM_GROUP_NAME,
1518 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1520 || !TEST_BN_eq(pub, pub_out)
1521 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1523 || !TEST_BN_eq(priv, priv_out)
1524 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1526 || !TEST_BN_eq(p, p_out)
1527 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1529 || !TEST_BN_eq(q, q_out)
1530 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1532 || !TEST_BN_eq(g, g_out)
1533 || !TEST_false(EVP_PKEY_get_bn_param(pk,
1534 OSSL_PKEY_PARAM_FFC_COFACTOR,
1536 || !TEST_ptr_null(j_out)
1537 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1538 OSSL_PKEY_PARAM_FFC_SEED,
1542 || !TEST_true(EVP_PKEY_get_int_param(pk,
1543 OSSL_PKEY_PARAM_FFC_GINDEX,
1545 || !TEST_int_eq(gindex, gindex_out)
1546 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1548 || !TEST_int_eq(hindex_out, 0)
1549 || !TEST_true(EVP_PKEY_get_int_param(pk,
1550 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1552 || !TEST_int_eq(pcounter, pcounter_out))
1567 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1570 if (!TEST_true(EVP_PKEY_check(key_ctx))
1571 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1572 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1573 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1575 EVP_PKEY_CTX_free(key_ctx);
1578 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1579 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1581 EVP_PKEY_free(copy_pk);
1584 ret = test_print_key_using_pem("DSA", pk)
1585 && test_print_key_using_encoder("DSA", pk);
1587 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1589 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1597 OSSL_PARAM_free(fromdata_params);
1598 OSSL_PARAM_BLD_free(bld);
1611 EVP_PKEY_free(copy_pk);
1612 EVP_PKEY_CTX_free(ctx);
1613 EVP_PKEY_CTX_free(key_ctx);
1618 static int test_check_dsa(void)
1621 EVP_PKEY_CTX *ctx = NULL;
1623 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1624 || !TEST_false(EVP_PKEY_check(ctx))
1625 || !TEST_false(EVP_PKEY_public_check(ctx))
1626 || !TEST_false(EVP_PKEY_private_check(ctx))
1627 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1632 EVP_PKEY_CTX_free(ctx);
1636 #endif /* OPENSSL_NO_DSA */
1639 static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key,
1640 size_t keylen, char *salt)
1642 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
1643 OSSL_PARAM *p = params;
1645 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1646 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1647 salt, strlen(salt));
1648 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1649 (unsigned char *)key, keylen);
1650 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1652 *p = OSSL_PARAM_construct_end();
1657 /* Test that EVP_PKEY_CTX_dup() fails gracefully for a KDF */
1658 static int test_evp_pkey_ctx_dup_kdf_fail(void)
1662 EVP_PKEY_CTX *pctx = NULL, *dctx = NULL;
1663 OSSL_PARAM *params = NULL;
1665 if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1668 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1670 if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1672 if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1673 || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH))
1675 if (!TEST_ptr_null(dctx = EVP_PKEY_CTX_dup(pctx)))
1679 OPENSSL_free(params);
1680 EVP_PKEY_CTX_free(dctx);
1681 EVP_PKEY_CTX_free(pctx);
1685 int setup_tests(void)
1687 if (!test_skip_common_options()) {
1688 TEST_error("Error parsing test options\n");
1692 if (!TEST_ptr(datadir = test_get_argument(0)))
1695 ADD_TEST(test_evp_pkey_ctx_dup_kdf_fail);
1696 ADD_TEST(test_evp_pkey_get_bn_param_large);
1697 ADD_TEST(test_fromdata_rsa);
1698 #ifndef OPENSSL_NO_DH
1699 ADD_TEST(test_fromdata_dh_fips186_4);
1700 ADD_TEST(test_fromdata_dh_named_group);
1702 #ifndef OPENSSL_NO_DSA
1703 ADD_TEST(test_check_dsa);
1704 ADD_TEST(test_fromdata_dsa_fips186_4);
1706 #ifndef OPENSSL_NO_EC
1707 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1708 ADD_TEST(test_fromdata_ec);
1709 ADD_TEST(test_ec_dup_no_operation);
1710 ADD_TEST(test_ec_dup_keygen_operation);