2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include <openssl/sha.h>
18 #include "crypto/ecx.h"
19 #include "crypto/evp.h" /* For the internal API */
20 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21 #include "internal/nelem.h"
24 static char *datadir = NULL;
27 * Do not change the order of the following defines unless you also
28 * update the for loop bounds used inside test_print_key_using_encoder() and
29 * test_print_key_using_encoder_public().
38 static void stripcr(char *buf, size_t *len)
43 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
54 static int compare_with_file(const char *alg, int type, BIO *membio)
59 char *memdata, *fullfile = NULL;
92 TEST_error("Invalid file type");
96 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97 fullfile = test_mk_file_path(datadir, filename);
98 if (!TEST_ptr(fullfile))
101 file = BIO_new_file(fullfile, "rb");
105 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106 || !TEST_true(BIO_eof(file))
107 || !TEST_size_t_lt(readbytes, sizeof(buf)))
110 len = BIO_get_mem_data(membio, &memdata);
111 if (!TEST_int_gt(len, 0))
115 if (type != PRIV_DER && type != PUB_DER) {
116 stripcr(memdata, &slen);
117 stripcr(buf, &readbytes);
120 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
125 OPENSSL_free(fullfile);
126 (void)BIO_reset(membio);
131 static int pass_cb(char *buf, int size, int rwflag, void *u)
136 static int pass_cb_error(char *buf, int size, int rwflag, void *u)
141 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
143 BIO *membio = BIO_new(BIO_s_mem());
146 if (!TEST_ptr(membio))
149 if (/* Output Encrypted private key in PEM form */
150 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151 (unsigned char *)"pass", 4,
153 /* Output zero-length passphrase encrypted private key in PEM form */
154 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
158 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
161 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
163 NULL, 0, pass_cb, NULL))
164 || !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
166 NULL, 0, pass_cb_error,
168 #ifndef OPENSSL_NO_DES
169 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
170 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
171 (const char *)~0, 0, NULL, NULL))
172 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
173 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
175 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
176 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
178 || !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
179 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
180 pass_cb_error, NULL))
182 /* Private key in text form */
183 || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
184 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
185 /* Public key in PEM form */
186 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
187 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
188 /* Unencrypted private key in PEM form */
189 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
190 NULL, NULL, 0, NULL, NULL))
191 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
193 || !TEST_false(PEM_write_bio_PrivateKey(membio, NULL,
194 NULL, NULL, 0, NULL, NULL))
195 || !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL,
196 NULL, NULL, 0, NULL, NULL)))
205 static int test_print_key_type_using_encoder(const char *alg, int type,
208 const char *output_type, *output_structure;
210 OSSL_ENCODER_CTX *ctx = NULL;
211 BIO *membio = BIO_new(BIO_s_mem());
216 output_type = "TEXT";
217 output_structure = NULL;
218 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
219 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
224 output_structure = "PrivateKeyInfo";
225 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
226 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
231 output_structure = "PrivateKeyInfo";
232 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
233 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
237 output_type = "TEXT";
238 output_structure = NULL;
239 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
240 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
245 output_structure = "SubjectPublicKeyInfo";
246 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
247 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
252 output_structure = "SubjectPublicKeyInfo";
253 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
254 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
258 TEST_error("Invalid encoding type");
262 if (!TEST_ptr(membio))
265 /* Make a context, it's valid for several prints */
266 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
267 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
271 /* Check that this operation is supported */
272 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
275 /* Use no cipher. This should give us an unencrypted PEM */
276 TEST_note("Testing with no encryption");
277 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
278 || !TEST_true(compare_with_file(alg, type, membio)))
281 if (type == PRIV_PEM) {
282 /* Set a passphrase to be used later */
283 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
284 (unsigned char *)"pass",
288 /* Use a valid cipher name */
289 TEST_note("Displaying PEM encrypted with AES-256-CBC");
290 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
291 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
294 /* Use an invalid cipher name, which should generate no output */
295 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
296 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
297 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
300 /* Clear the cipher. This should give us an unencrypted PEM again */
301 TEST_note("Testing with encryption cleared (no encryption)");
302 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
303 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
304 || !TEST_true(compare_with_file(alg, type, membio)))
310 OSSL_ENCODER_CTX_free(ctx);
314 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
319 for (i = PRIV_TEXT; i <= PUB_DER; i++)
320 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
325 #ifndef OPENSSL_NO_ECX
326 static int test_print_key_using_encoder_public(const char *alg,
332 for (i = PUB_TEXT; i <= PUB_DER; i++)
333 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
339 /* Array indexes used in test_fromdata_rsa */
349 static int test_fromdata_rsa(void)
352 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
353 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
355 * 32-bit RSA key, extracted from this command,
356 * executed with OpenSSL 1.0.2:
358 * openssl genrsa 32 | openssl rsa -text
360 static unsigned long key_numbers[] = {
370 OSSL_PARAM fromdata_params[] = {
371 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
372 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
373 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
374 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
375 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
376 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
377 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
378 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
381 BIGNUM *bn = BN_new();
382 BIGNUM *bn_from = BN_new();
384 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
387 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
388 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
389 fromdata_params), 1))
392 while (dup_pk == NULL) {
394 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
395 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
396 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
397 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
400 EVP_PKEY_CTX_free(key_ctx);
401 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
404 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
405 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
406 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
407 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
410 /* EVP_PKEY_copy_parameters() should fail for RSA */
411 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
412 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
414 EVP_PKEY_free(copy_pk);
417 ret = test_print_key_using_pem("RSA", pk)
418 && test_print_key_using_encoder("RSA", pk);
420 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
422 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
429 /* for better diagnostics always compare key params */
430 for (i = 0; fromdata_params[i].key != NULL; ++i) {
431 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
432 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
433 || !TEST_BN_eq(bn, bn_from))
439 EVP_PKEY_free(copy_pk);
440 EVP_PKEY_CTX_free(key_ctx);
441 EVP_PKEY_CTX_free(ctx);
446 static int test_evp_pkey_get_bn_param_large(void)
449 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
451 OSSL_PARAM_BLD *bld = NULL;
452 OSSL_PARAM *fromdata_params = NULL;
453 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
455 * The buffer size chosen here for n_data larger than the buffer used
456 * internally in EVP_PKEY_get_bn_param.
458 static unsigned char n_data[2050];
459 static const unsigned char e_data[] = {
462 static const unsigned char d_data[]= {
463 0x99, 0x33, 0x13, 0x7b
466 /* N is a large buffer */
467 memset(n_data, 0xCE, sizeof(n_data));
469 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
470 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
471 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
472 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
473 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
474 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
475 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
476 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
477 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
478 || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
479 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
481 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
482 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
483 || !TEST_BN_eq(n, n_out))
492 EVP_PKEY_CTX_free(key_ctx);
493 EVP_PKEY_CTX_free(ctx);
494 OSSL_PARAM_free(fromdata_params);
495 OSSL_PARAM_BLD_free(bld);
500 #ifndef OPENSSL_NO_DH
501 static int test_fromdata_dh_named_group(void)
504 int gindex = 0, pcounter = 0, hindex = 0;
505 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
506 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
508 BIGNUM *pub = NULL, *priv = NULL;
509 BIGNUM *pub_out = NULL, *priv_out = NULL;
510 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
511 OSSL_PARAM *fromdata_params = NULL;
512 OSSL_PARAM_BLD *bld = NULL;
514 unsigned char seed_out[32];
517 * DH key data was generated using the following:
518 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
519 * -pkeyopt priv_len:224 -text
521 static const unsigned char priv_data[] = {
522 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
523 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
524 0x87, 0xe8, 0xa9, 0x7b,
526 static const unsigned char pub_data[] = {
527 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
528 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
529 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
530 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
531 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
532 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
533 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
534 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
535 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
536 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
537 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
538 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
539 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
540 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
541 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
542 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
543 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
544 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
545 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
546 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
547 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
548 0xcf, 0x33, 0x42, 0x83, 0x42
550 static const char group_name[] = "ffdhe2048";
551 static const long priv_len = 224;
553 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
554 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
555 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
556 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
557 OSSL_PKEY_PARAM_GROUP_NAME,
559 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
561 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
562 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
563 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
566 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
569 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
570 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
571 fromdata_params), 1))
575 * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
576 * it behaves as expected with regards to string length and terminating
579 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
580 OSSL_PKEY_PARAM_GROUP_NAME,
581 NULL, sizeof(name_out),
583 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
584 /* Just enough space to hold the group name and a terminating NUL */
585 || !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
586 OSSL_PKEY_PARAM_GROUP_NAME,
590 || !TEST_size_t_eq(len, sizeof(group_name) - 1)
591 /* Too small buffer to hold the terminating NUL byte */
592 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
593 OSSL_PKEY_PARAM_GROUP_NAME,
595 sizeof(group_name) - 1,
597 /* Too small buffer to hold the whole group name, even! */
598 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
599 OSSL_PKEY_PARAM_GROUP_NAME,
601 sizeof(group_name) - 2,
605 while (dup_pk == NULL) {
607 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
608 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
609 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
610 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
613 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
614 OSSL_PKEY_PARAM_GROUP_NAME,
618 || !TEST_str_eq(name_out, group_name)
619 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
622 || !TEST_BN_eq(pub, pub_out)
623 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
625 || !TEST_BN_eq(priv, priv_out)
626 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
627 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
628 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
630 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
631 || !TEST_BN_eq(&ossl_bignum_const_2, g)
632 || !TEST_false(EVP_PKEY_get_bn_param(pk,
633 OSSL_PKEY_PARAM_FFC_COFACTOR,
636 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
637 OSSL_PKEY_PARAM_FFC_SEED,
641 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
643 || !TEST_int_eq(gindex, -1)
644 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
646 || !TEST_int_eq(hindex, 0)
647 || !TEST_true(EVP_PKEY_get_int_param(pk,
648 OSSL_PKEY_PARAM_FFC_PCOUNTER,
650 || !TEST_int_eq(pcounter, -1))
665 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
668 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
669 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
670 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
671 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
673 EVP_PKEY_CTX_free(key_ctx);
676 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
677 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
679 EVP_PKEY_free(copy_pk);
682 ret = test_print_key_using_pem("DH", pk)
683 && test_print_key_using_encoder("DH", pk);
685 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
687 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
702 EVP_PKEY_free(copy_pk);
704 EVP_PKEY_CTX_free(ctx);
705 EVP_PKEY_CTX_free(key_ctx);
706 OSSL_PARAM_free(fromdata_params);
707 OSSL_PARAM_BLD_free(bld);
712 static int test_fromdata_dh_fips186_4(void)
715 int gindex = 0, pcounter = 0, hindex = 0;
716 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
717 EVP_PKEY *pk = NULL, *dup_pk = NULL;
719 BIGNUM *pub = NULL, *priv = NULL;
720 BIGNUM *pub_out = NULL, *priv_out = NULL;
721 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
722 OSSL_PARAM_BLD *bld = NULL;
723 OSSL_PARAM *fromdata_params = NULL;
725 unsigned char seed_out[32];
728 * DH key data was generated using the following:
729 * openssl genpkey -algorithm DH
730 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
732 static const unsigned char priv_data[] = {
733 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
734 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
735 0x87, 0xe8, 0xa9, 0x7b,
737 static const unsigned char pub_data[] = {
738 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
739 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
740 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
741 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
742 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
743 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
744 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
745 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
746 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
747 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
748 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
749 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
750 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
751 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
752 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
753 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
754 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
755 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
756 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
757 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
758 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
759 0x33, 0x42, 0x83, 0x42
761 static const char group_name[] = "ffdhe2048";
762 static const long priv_len = 224;
765 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
766 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
767 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
768 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
769 OSSL_PKEY_PARAM_GROUP_NAME,
771 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
773 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
774 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
775 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
778 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
781 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
782 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
783 fromdata_params), 1))
786 while (dup_pk == NULL) {
788 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
789 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
790 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
791 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
794 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
795 OSSL_PKEY_PARAM_GROUP_NAME,
799 || !TEST_str_eq(name_out, group_name)
800 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
802 || !TEST_BN_eq(pub, pub_out)
803 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
805 || !TEST_BN_eq(priv, priv_out)
806 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
807 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
808 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
810 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
811 || !TEST_BN_eq(&ossl_bignum_const_2, g)
812 || !TEST_false(EVP_PKEY_get_bn_param(pk,
813 OSSL_PKEY_PARAM_FFC_COFACTOR,
816 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
817 OSSL_PKEY_PARAM_FFC_SEED,
821 || !TEST_true(EVP_PKEY_get_int_param(pk,
822 OSSL_PKEY_PARAM_FFC_GINDEX,
824 || !TEST_int_eq(gindex, -1)
825 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
827 || !TEST_int_eq(hindex, 0)
828 || !TEST_true(EVP_PKEY_get_int_param(pk,
829 OSSL_PKEY_PARAM_FFC_PCOUNTER,
831 || !TEST_int_eq(pcounter, -1))
846 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
849 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
850 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
851 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
852 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
854 EVP_PKEY_CTX_free(key_ctx);
857 ret = test_print_key_using_pem("DH", pk)
858 && test_print_key_using_encoder("DH", pk);
860 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
862 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
878 EVP_PKEY_CTX_free(ctx);
879 EVP_PKEY_CTX_free(key_ctx);
880 OSSL_PARAM_free(fromdata_params);
881 OSSL_PARAM_BLD_free(bld);
890 #ifndef OPENSSL_NO_EC
891 # ifndef OPENSSL_NO_ECX
892 /* Array indexes used in test_fromdata_ecx */
896 # define X25519_IDX 0
898 # define ED25519_IDX 2
902 * tst uses indexes 0 ... (3 * 4 - 1)
903 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
904 * 0..3 = public + private key.
905 * 4..7 = private key (This will generate the public key from the private key)
908 static int test_fromdata_ecx(int tst)
911 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
912 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
913 const char *alg = NULL;
915 unsigned char out_pub[ED448_KEYLEN];
916 unsigned char out_priv[ED448_KEYLEN];
917 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
919 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
920 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
921 /* X25519: Keys from RFC 7748 6.1 */
925 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
926 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
927 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
932 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
933 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
934 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
938 /* X448: Keys from RFC 7748 6.2 */
942 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
943 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
944 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
945 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
946 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
947 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
951 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
952 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
953 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
954 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
955 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
956 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
959 /* ED25519: Keys from RFC 8032 */
963 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
964 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
965 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
970 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
971 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
972 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
976 /* ED448: Keys from RFC 8032 */
980 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
981 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
982 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
983 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
984 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
985 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
989 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
990 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
991 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
992 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
993 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
994 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
998 OSSL_PARAM x25519_fromdata_params[] = {
999 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1000 key_numbers[X25519_IDX][PRIV_KEY],
1002 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1003 key_numbers[X25519_IDX][PUB_KEY],
1007 OSSL_PARAM x448_fromdata_params[] = {
1008 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1009 key_numbers[X448_IDX][PRIV_KEY],
1011 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1012 key_numbers[X448_IDX][PUB_KEY],
1016 OSSL_PARAM ed25519_fromdata_params[] = {
1017 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1018 key_numbers[ED25519_IDX][PRIV_KEY],
1020 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1021 key_numbers[ED25519_IDX][PUB_KEY],
1025 OSSL_PARAM ed448_fromdata_params[] = {
1026 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1027 key_numbers[ED448_IDX][PRIV_KEY],
1029 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1030 key_numbers[ED448_IDX][PUB_KEY],
1034 OSSL_PARAM *fromdata_params = NULL;
1035 int bits = 0, security_bits = 0, size = 0;
1036 OSSL_PARAM *orig_fromdata_params = NULL;
1040 fromdata_params = x25519_fromdata_params;
1042 security_bits = X25519_SECURITY_BITS;
1043 size = X25519_KEYLEN;
1048 fromdata_params = x448_fromdata_params;
1050 security_bits = X448_SECURITY_BITS;
1056 fromdata_params = ed25519_fromdata_params;
1057 bits = ED25519_BITS;
1058 security_bits = ED25519_SECURITY_BITS;
1059 size = ED25519_SIGSIZE;
1064 fromdata_params = ed448_fromdata_params;
1066 security_bits = ED448_SECURITY_BITS;
1067 size = ED448_SIGSIZE;
1074 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1078 orig_fromdata_params = fromdata_params;
1080 /* public key only */
1082 } else if (tst > 3) {
1083 /* private key only */
1084 params[0] = fromdata_params[0];
1085 params[1] = fromdata_params[2];
1086 fromdata_params = params;
1089 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1090 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1091 fromdata_params), 1))
1094 while (dup_pk == NULL) {
1096 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1097 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1098 || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1099 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1102 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1105 if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
1107 if (!TEST_true(EVP_PKEY_get_octet_string_param(
1108 pk, orig_fromdata_params[PRIV_KEY].key,
1109 out_priv, sizeof(out_priv), &len))
1110 || !TEST_mem_eq(out_priv, len,
1111 orig_fromdata_params[PRIV_KEY].data,
1112 orig_fromdata_params[PRIV_KEY].data_size)
1113 || !TEST_true(EVP_PKEY_get_octet_string_param(
1114 pk, orig_fromdata_params[PUB_KEY].key,
1115 out_pub, sizeof(out_pub), &len))
1116 || !TEST_mem_eq(out_pub, len,
1117 orig_fromdata_params[PUB_KEY].data,
1118 orig_fromdata_params[PUB_KEY].data_size))
1121 /* The private key check should fail if there is only a public key */
1122 if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0)
1123 || !TEST_int_le(EVP_PKEY_private_check(ctx2), 0)
1124 || !TEST_int_le(EVP_PKEY_check(ctx2), 0))
1127 EVP_PKEY_CTX_free(ctx2);
1130 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1131 /* This should succeed because there are no parameters to copy */
1132 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1134 EVP_PKEY_free(copy_pk);
1138 ret = test_print_key_using_encoder_public(alg, pk);
1140 ret = test_print_key_using_pem(alg, pk)
1141 && test_print_key_using_encoder(alg, pk);
1143 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1145 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1154 EVP_PKEY_free(copy_pk);
1155 EVP_PKEY_CTX_free(ctx);
1156 EVP_PKEY_CTX_free(ctx2);
1160 # endif /* OPENSSL_NO_ECX */
1162 static int test_fromdata_ec(void)
1165 EVP_PKEY_CTX *ctx = NULL;
1166 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1167 OSSL_PARAM_BLD *bld = NULL;
1168 BIGNUM *ec_priv_bn = NULL;
1169 BIGNUM *bn_priv = NULL;
1170 OSSL_PARAM *fromdata_params = NULL;
1171 const char *alg = "EC";
1172 const char *curve = "prime256v1";
1173 const char bad_curve[] = "nonexistent-curve";
1174 OSSL_PARAM nokey_params[2] = {
1178 /* UNCOMPRESSED FORMAT */
1179 static const unsigned char ec_pub_keydata[] = {
1180 POINT_CONVERSION_UNCOMPRESSED,
1181 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1182 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1183 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1184 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1185 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1186 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1187 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1188 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1190 /* SAME BUT COMPRESSED FORMAT */
1191 static const unsigned char ec_pub_keydata_compressed[] = {
1192 POINT_CONVERSION_COMPRESSED+1,
1193 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1194 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1195 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1196 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2
1198 static const unsigned char ec_priv_keydata[] = {
1199 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1200 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1201 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1202 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1204 unsigned char out_pub[sizeof(ec_pub_keydata)];
1205 char out_curve_name[80];
1206 const OSSL_PARAM *gettable = NULL;
1208 EC_GROUP *group = NULL;
1209 BIGNUM *group_a = NULL;
1210 BIGNUM *group_b = NULL;
1211 BIGNUM *group_p = NULL;
1217 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1219 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1220 sizeof(ec_priv_keydata), NULL)))
1223 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1227 * We intentionally provide the input point in compressed format,
1228 * and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`.
1230 * Later on we check what format is used when exporting the
1231 * `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed
1234 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1235 ec_pub_keydata_compressed,
1236 sizeof(ec_pub_keydata_compressed)) <= 0)
1238 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1240 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1242 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1246 /* try importing parameters with bad curve first */
1248 OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1249 (char *)bad_curve, sizeof(bad_curve));
1250 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1251 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1253 || !TEST_ptr_null(pk))
1256 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1257 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1258 fromdata_params), 1))
1261 while (dup_pk == NULL) {
1263 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1264 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1265 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1266 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1269 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1270 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1272 EVP_PKEY_free(copy_pk);
1275 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1276 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1277 OSSL_PKEY_PARAM_GROUP_NAME))
1278 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1279 OSSL_PKEY_PARAM_PUB_KEY))
1280 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1281 OSSL_PKEY_PARAM_PRIV_KEY)))
1284 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1285 || !TEST_ptr(group_p = BN_new())
1286 || !TEST_ptr(group_a = BN_new())
1287 || !TEST_ptr(group_b = BN_new())
1288 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1291 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1292 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1293 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1296 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
1297 || !TEST_BN_eq(group_b, b))
1300 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1302 sizeof(out_curve_name),
1304 || !TEST_str_eq(out_curve_name, curve)
1305 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1306 out_pub, sizeof(out_pub), &len)
1309 * Our providers use uncompressed format by default if
1310 * `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not
1311 * explicitly set, irrespective of the format used for the
1312 * input point given as a param to create this key.
1314 || !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED)
1315 || !TEST_mem_eq(out_pub + 1, len - 1,
1316 ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1)
1318 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1320 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1325 ret = test_print_key_using_pem(alg, pk)
1326 && test_print_key_using_encoder(alg, pk);
1328 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1330 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1338 EC_GROUP_free(group);
1346 BN_free(ec_priv_bn);
1347 OSSL_PARAM_free(fromdata_params);
1348 OSSL_PARAM_BLD_free(bld);
1350 EVP_PKEY_free(copy_pk);
1351 EVP_PKEY_CTX_free(ctx);
1355 static int test_ec_dup_no_operation(void)
1358 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1359 EVP_PKEY *param = NULL, *pkey = NULL;
1361 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1362 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1363 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1364 NID_X9_62_prime256v1), 0)
1365 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1366 || !TEST_ptr(param))
1369 EVP_PKEY_CTX_free(pctx);
1372 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1373 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1374 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1375 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1379 EVP_PKEY_free(pkey);
1380 EVP_PKEY_free(param);
1381 EVP_PKEY_CTX_free(ctx);
1382 EVP_PKEY_CTX_free(kctx);
1383 EVP_PKEY_CTX_free(pctx);
1387 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1388 static int test_ec_dup_keygen_operation(void)
1391 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1392 EVP_PKEY *param = NULL, *pkey = NULL;
1394 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1395 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1396 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1397 NID_X9_62_prime256v1), 0)
1398 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1399 || !TEST_ptr(param))
1402 EVP_PKEY_CTX_free(pctx);
1405 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1406 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1407 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1411 EVP_PKEY_free(pkey);
1412 EVP_PKEY_free(param);
1413 EVP_PKEY_CTX_free(ctx);
1414 EVP_PKEY_CTX_free(kctx);
1415 EVP_PKEY_CTX_free(pctx);
1419 #endif /* OPENSSL_NO_EC */
1421 #ifndef OPENSSL_NO_DSA
1422 static int test_fromdata_dsa_fips186_4(void)
1425 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1426 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1427 BIGNUM *pub = NULL, *priv = NULL;
1428 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1429 BIGNUM *pub_out = NULL, *priv_out = NULL;
1430 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1431 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1433 unsigned char seed_out[32];
1435 OSSL_PARAM_BLD *bld = NULL;
1436 OSSL_PARAM *fromdata_params = NULL;
1439 * DSA parameter data was generated using the following:
1440 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1441 * -pkeyopt qbits:256 -pkeyopt type:0 \
1442 * -pkeyopt gindex:1 -out dsa_params.pem -text
1444 static const unsigned char p_data[] = {
1445 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1446 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1447 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1448 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1449 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1450 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1451 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1452 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1453 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1454 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1455 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1456 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1457 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1458 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1459 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1460 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1461 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1462 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1463 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1464 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1465 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1466 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1468 static const unsigned char q_data[] = {
1469 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1470 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1471 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1473 static const unsigned char g_data[] = {
1474 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1475 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1476 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1477 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1478 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1479 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1480 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1481 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1482 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1483 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1484 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1485 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1486 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1487 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1488 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1489 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1490 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1491 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1492 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1493 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1494 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1495 0x02, 0x6f, 0x96, 0x36
1497 static const unsigned char seed_data[] = {
1498 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1499 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1500 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1502 const int gindex = 1;
1503 const int pcounter = 53;
1505 * The keypair was generated using
1506 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1507 * -pkeyopt gindex:1 \
1508 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1510 static const unsigned char priv_data[] = {
1511 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1512 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1513 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1515 static const unsigned char pub_data[] = {
1516 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1517 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1518 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1519 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1520 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1521 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1522 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1523 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1524 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1525 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1526 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1527 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1528 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1529 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1530 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1531 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1532 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1533 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1534 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1535 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1536 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1537 0x48, 0xd1, 0x8a, 0xbd
1540 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1541 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1542 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1543 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1544 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1545 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1547 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1548 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1549 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1550 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1551 OSSL_PKEY_PARAM_FFC_SEED,
1554 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1556 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1557 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1559 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1561 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1563 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1566 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1569 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1570 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1571 fromdata_params), 1))
1574 while (dup_pk == NULL) {
1576 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1577 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1578 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1579 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1582 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1583 OSSL_PKEY_PARAM_GROUP_NAME,
1587 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1589 || !TEST_BN_eq(pub, pub_out)
1590 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1592 || !TEST_BN_eq(priv, priv_out)
1593 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1595 || !TEST_BN_eq(p, p_out)
1596 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1598 || !TEST_BN_eq(q, q_out)
1599 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1601 || !TEST_BN_eq(g, g_out)
1602 || !TEST_false(EVP_PKEY_get_bn_param(pk,
1603 OSSL_PKEY_PARAM_FFC_COFACTOR,
1605 || !TEST_ptr_null(j_out)
1606 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1607 OSSL_PKEY_PARAM_FFC_SEED,
1611 || !TEST_true(EVP_PKEY_get_int_param(pk,
1612 OSSL_PKEY_PARAM_FFC_GINDEX,
1614 || !TEST_int_eq(gindex, gindex_out)
1615 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1617 || !TEST_int_eq(hindex_out, 0)
1618 || !TEST_true(EVP_PKEY_get_int_param(pk,
1619 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1621 || !TEST_int_eq(pcounter, pcounter_out))
1636 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1639 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
1640 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
1641 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
1642 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
1644 EVP_PKEY_CTX_free(key_ctx);
1647 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1648 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1650 EVP_PKEY_free(copy_pk);
1653 ret = test_print_key_using_pem("DSA", pk)
1654 && test_print_key_using_encoder("DSA", pk);
1656 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1658 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1666 OSSL_PARAM_free(fromdata_params);
1667 OSSL_PARAM_BLD_free(bld);
1680 EVP_PKEY_free(copy_pk);
1681 EVP_PKEY_CTX_free(ctx);
1682 EVP_PKEY_CTX_free(key_ctx);
1687 static int test_check_dsa(void)
1690 EVP_PKEY_CTX *ctx = NULL;
1692 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1693 || !TEST_int_le(EVP_PKEY_check(ctx), 0)
1694 || !TEST_int_le(EVP_PKEY_public_check(ctx), 0)
1695 || !TEST_int_le(EVP_PKEY_private_check(ctx), 0)
1696 || !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0))
1701 EVP_PKEY_CTX_free(ctx);
1705 #endif /* OPENSSL_NO_DSA */
1708 static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key,
1709 size_t keylen, char *salt)
1711 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
1712 OSSL_PARAM *p = params;
1714 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1715 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1716 salt, strlen(salt));
1717 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1718 (unsigned char *)key, keylen);
1719 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1721 *p = OSSL_PARAM_construct_end();
1726 static int test_evp_pkey_ctx_dup_kdf(void)
1729 size_t len = 0, dlen = 0;
1730 EVP_PKEY_CTX *pctx = NULL, *dctx = NULL;
1731 OSSL_PARAM *params = NULL;
1733 if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1736 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1738 if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1740 if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
1742 if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1743 || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
1744 || !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
1745 || !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
1749 OPENSSL_free(params);
1750 EVP_PKEY_CTX_free(dctx);
1751 EVP_PKEY_CTX_free(pctx);
1755 int setup_tests(void)
1757 if (!test_skip_common_options()) {
1758 TEST_error("Error parsing test options\n");
1762 if (!TEST_ptr(datadir = test_get_argument(0)))
1765 ADD_TEST(test_evp_pkey_ctx_dup_kdf);
1766 ADD_TEST(test_evp_pkey_get_bn_param_large);
1767 ADD_TEST(test_fromdata_rsa);
1768 #ifndef OPENSSL_NO_DH
1769 ADD_TEST(test_fromdata_dh_fips186_4);
1770 ADD_TEST(test_fromdata_dh_named_group);
1772 #ifndef OPENSSL_NO_DSA
1773 ADD_TEST(test_check_dsa);
1774 ADD_TEST(test_fromdata_dsa_fips186_4);
1776 #ifndef OPENSSL_NO_EC
1777 # ifndef OPENSSL_NO_ECX
1778 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1780 ADD_TEST(test_fromdata_ec);
1781 ADD_TEST(test_ec_dup_no_operation);
1782 ADD_TEST(test_ec_dup_keygen_operation);