2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
32 static void stripcr(char *buf, size_t *len)
37 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
48 static int compare_with_file(const char *alg, int type, BIO *membio)
53 char *memdata, *fullfile = NULL;
86 TEST_error("Invalid file type");
90 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91 fullfile = test_mk_file_path(datadir, filename);
92 if (!TEST_ptr(fullfile))
95 file = BIO_new_file(fullfile, "rb");
99 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100 || !TEST_true(BIO_eof(file))
101 || !TEST_size_t_lt(readbytes, sizeof(buf)))
104 len = BIO_get_mem_data(membio, &memdata);
105 if (!TEST_int_gt(len, 0))
109 if (type != PRIV_DER && type != PUB_DER) {
110 stripcr(memdata, &slen);
111 stripcr(buf, &readbytes);
114 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
119 OPENSSL_free(fullfile);
120 (void)BIO_reset(membio);
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
127 BIO *membio = BIO_new(BIO_s_mem());
130 if (!TEST_ptr(membio))
133 if (/* Output Encrypted private key in PEM form */
134 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
135 (unsigned char *)"pass", 4,
137 /* Private key in text form */
138 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
139 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
140 /* Public key in PEM form */
141 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
142 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
143 /* Unencrypted private key in PEM form */
144 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
145 NULL, NULL, 0, NULL, NULL))
146 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
155 static int test_print_key_type_using_encoder(const char *alg, int type,
158 const char *output_type;
160 OSSL_ENCODER_CTX *ctx = NULL;
161 BIO *membio = BIO_new(BIO_s_mem());
166 output_type = "TEXT";
167 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
168 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
173 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
174 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
179 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
180 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
184 output_type = "TEXT";
185 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
186 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
191 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
192 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
197 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
198 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
202 TEST_error("Invalid encoding type");
206 if (!TEST_ptr(membio))
209 /* Make a context, it's valid for several prints */
210 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
211 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pk, output_type,
214 /* Check that this operation is supported */
215 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
218 /* Use no cipher. This should give us an unencrypted PEM */
219 TEST_note("Testing with no encryption");
220 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
221 || !TEST_true(compare_with_file(alg, type, membio)))
224 if (type == PRIV_PEM) {
225 /* Set a passphrase to be used later */
226 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
227 (unsigned char *)"pass",
231 /* Use a valid cipher name */
232 TEST_note("Displaying PEM encrypted with AES-256-CBC");
233 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
234 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
237 /* Use an invalid cipher name, which should generate no output */
238 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
239 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
240 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
243 /* Clear the cipher. This should give us an unencrypted PEM again */
244 TEST_note("Testing with encryption cleared (no encryption)");
245 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
246 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
247 || !TEST_true(compare_with_file(alg, type, membio)))
253 OSSL_ENCODER_CTX_free(ctx);
257 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
262 for (i = 0; i < 6; i++)
263 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
268 /* Array indexes used in test_fromdata_rsa */
278 static int test_fromdata_rsa(void)
281 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
282 EVP_PKEY *pk = NULL, *copy_pk = NULL;
284 * 32-bit RSA key, extracted from this command,
285 * executed with OpenSSL 1.0.2:
287 * openssl genrsa 32 | openssl rsa -text
289 static unsigned long key_numbers[] = {
299 OSSL_PARAM fromdata_params[] = {
300 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
301 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
302 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
303 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
304 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
305 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
306 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
307 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
310 BIGNUM *bn = BN_new();
311 BIGNUM *bn_from = BN_new();
313 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
316 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
317 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
318 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
319 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
320 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
323 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
326 if (!TEST_true(EVP_PKEY_check(key_ctx))
327 || !TEST_true(EVP_PKEY_public_check(key_ctx))
328 || !TEST_true(EVP_PKEY_private_check(key_ctx))
329 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
332 /* EVP_PKEY_copy_parameters() should fail for RSA */
333 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
334 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
337 for (i = 0; fromdata_params[i].key != NULL; ++i) {
338 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
339 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
340 || !TEST_BN_eq(bn, bn_from))
343 ret = test_print_key_using_pem("RSA", pk)
344 && test_print_key_using_encoder("RSA", pk);
349 EVP_PKEY_free(copy_pk);
350 EVP_PKEY_CTX_free(key_ctx);
351 EVP_PKEY_CTX_free(ctx);
356 static int test_evp_pkey_get_bn_param_large(void)
359 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
361 OSSL_PARAM_BLD *bld = NULL;
362 OSSL_PARAM *fromdata_params = NULL;
363 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
365 * The buffer size chosen here for n_data larger than the buffer used
366 * internally in EVP_PKEY_get_bn_param.
368 static unsigned char n_data[2050];
369 static const unsigned char e_data[] = {
372 static const unsigned char d_data[]= {
373 0x99, 0x33, 0x13, 0x7b
376 /* N is a large buffer */
377 memset(n_data, 0xCE, sizeof(n_data));
379 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
380 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
381 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
382 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
383 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
384 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
385 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
386 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
387 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
388 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
389 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
390 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
391 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
392 || !TEST_BN_eq(n, n_out))
401 EVP_PKEY_CTX_free(key_ctx);
402 EVP_PKEY_CTX_free(ctx);
403 OSSL_PARAM_BLD_free_params(fromdata_params);
404 OSSL_PARAM_BLD_free(bld);
409 #ifndef OPENSSL_NO_DH
410 static int test_fromdata_dh_named_group(void)
413 int gindex = 0, pcounter = 0, hindex = 0;
414 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
415 EVP_PKEY *pk = NULL, *copy_pk = NULL;
417 BIGNUM *pub = NULL, *priv = NULL;
418 BIGNUM *pub_out = NULL, *priv_out = NULL;
419 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
420 OSSL_PARAM *fromdata_params = NULL;
421 OSSL_PARAM_BLD *bld = NULL;
423 unsigned char seed_out[32];
426 * DH key data was generated using the following:
427 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
428 * -pkeyopt priv_len:224 -text
430 static const unsigned char priv_data[] = {
431 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
432 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
433 0x87, 0xe8, 0xa9, 0x7b,
435 static const unsigned char pub_data[] = {
436 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
437 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
438 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
439 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
440 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
441 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
442 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
443 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
444 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
445 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
446 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
447 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
448 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
449 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
450 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
451 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
452 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
453 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
454 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
455 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
456 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
457 0xcf, 0x33, 0x42, 0x83, 0x42
459 static const char group_name[] = "ffdhe2048";
460 static const long priv_len = 224;
462 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
463 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
464 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
465 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
466 OSSL_PKEY_PARAM_GROUP_NAME,
468 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
470 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
471 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
472 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
475 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
478 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
479 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
480 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
481 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
482 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
485 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
486 name_out, sizeof(name_out),
488 || !TEST_str_eq(name_out, group_name)
489 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
492 || !TEST_BN_eq(pub, pub_out)
493 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
495 || !TEST_BN_eq(priv, priv_out)
496 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
497 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
498 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
500 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
501 || !TEST_BN_eq(&_bignum_const_2, g)
502 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
505 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
506 OSSL_PKEY_PARAM_FFC_SEED,
508 sizeof(seed_out), &len))
509 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
511 || !TEST_int_eq(gindex, -1)
512 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
513 || !TEST_int_eq(hindex, 0)
514 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
516 || !TEST_int_eq(pcounter, -1))
519 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
522 if (!TEST_true(EVP_PKEY_check(key_ctx))
523 || !TEST_true(EVP_PKEY_public_check(key_ctx))
524 || !TEST_true(EVP_PKEY_private_check(key_ctx))
525 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
528 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
529 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
532 ret = test_print_key_using_pem("DH", pk)
533 && test_print_key_using_encoder("DH", pk);
543 EVP_PKEY_free(copy_pk);
545 EVP_PKEY_CTX_free(ctx);
546 EVP_PKEY_CTX_free(key_ctx);
547 OSSL_PARAM_BLD_free_params(fromdata_params);
548 OSSL_PARAM_BLD_free(bld);
553 static int test_fromdata_dh_fips186_4(void)
556 int gindex = 0, pcounter = 0, hindex = 0;
557 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
560 BIGNUM *pub = NULL, *priv = NULL;
561 BIGNUM *pub_out = NULL, *priv_out = NULL;
562 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
563 OSSL_PARAM_BLD *bld = NULL;
564 OSSL_PARAM *fromdata_params = NULL;
566 unsigned char seed_out[32];
569 * DH key data was generated using the following:
570 * openssl genpkey -algorithm DH
571 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
573 static const unsigned char priv_data[] = {
574 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
575 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
576 0x87, 0xe8, 0xa9, 0x7b,
578 static const unsigned char pub_data[] = {
579 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
580 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
581 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
582 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
583 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
584 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
585 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
586 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
587 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
588 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
589 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
590 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
591 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
592 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
593 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
594 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
595 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
596 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
597 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
598 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
599 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
600 0x33, 0x42, 0x83, 0x42
602 static const char group_name[] = "ffdhe2048";
603 static const long priv_len = 224;
606 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
607 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
608 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
609 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
610 OSSL_PKEY_PARAM_GROUP_NAME,
612 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
614 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
615 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
616 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
619 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
622 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
623 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
624 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
625 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
626 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
629 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
630 name_out, sizeof(name_out),
632 || !TEST_str_eq(name_out, group_name)
633 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
635 || !TEST_BN_eq(pub, pub_out)
636 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
638 || !TEST_BN_eq(priv, priv_out)
639 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
640 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
641 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
643 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
644 || !TEST_BN_eq(&_bignum_const_2, g)
645 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
648 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
649 OSSL_PKEY_PARAM_FFC_SEED,
651 sizeof(seed_out), &len))
652 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
654 || !TEST_int_eq(gindex, -1)
655 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
656 || !TEST_int_eq(hindex, 0)
657 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
659 || !TEST_int_eq(pcounter, -1))
662 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
665 if (!TEST_true(EVP_PKEY_check(key_ctx))
666 || !TEST_true(EVP_PKEY_public_check(key_ctx))
667 || !TEST_true(EVP_PKEY_private_check(key_ctx))
668 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
671 ret = test_print_key_using_pem("DH", pk)
672 && test_print_key_using_encoder("DH", pk);
683 EVP_PKEY_CTX_free(ctx);
684 EVP_PKEY_CTX_free(key_ctx);
685 OSSL_PARAM_BLD_free_params(fromdata_params);
686 OSSL_PARAM_BLD_free(bld);
695 #ifndef OPENSSL_NO_EC
696 /* Array indexes used in test_fromdata_ecx */
700 # define X25519_IDX 0
702 # define ED25519_IDX 2
705 static int test_fromdata_ecx(int tst)
708 EVP_PKEY_CTX *ctx = NULL;
709 EVP_PKEY *pk = NULL, *copy_pk = NULL;
710 const char *alg = NULL;
712 unsigned char out_pub[ED448_KEYLEN];
713 unsigned char out_priv[ED448_KEYLEN];
715 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
716 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
717 /* X25519: Keys from RFC 7748 6.1 */
721 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
722 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
723 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
728 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
729 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
730 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
734 /* X448: Keys from RFC 7748 6.2 */
738 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
739 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
740 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
741 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
742 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
743 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
747 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
748 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
749 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
750 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
751 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
752 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
755 /* ED25519: Keys from RFC 8032 */
759 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
760 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
761 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
766 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
767 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
768 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
772 /* ED448: Keys from RFC 8032 */
776 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
777 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
778 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
779 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
780 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
781 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
785 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
786 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
787 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
788 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
789 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
790 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
794 OSSL_PARAM x25519_fromdata_params[] = {
795 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
796 key_numbers[X25519_IDX][PRIV_KEY],
798 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
799 key_numbers[X25519_IDX][PUB_KEY],
803 OSSL_PARAM x448_fromdata_params[] = {
804 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
805 key_numbers[X448_IDX][PRIV_KEY],
807 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
808 key_numbers[X448_IDX][PUB_KEY],
812 OSSL_PARAM ed25519_fromdata_params[] = {
813 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
814 key_numbers[ED25519_IDX][PRIV_KEY],
816 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
817 key_numbers[ED25519_IDX][PUB_KEY],
821 OSSL_PARAM ed448_fromdata_params[] = {
822 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
823 key_numbers[ED448_IDX][PRIV_KEY],
825 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
826 key_numbers[ED448_IDX][PUB_KEY],
830 OSSL_PARAM *fromdata_params = NULL;
831 int bits = 0, security_bits = 0, size = 0;
835 fromdata_params = x25519_fromdata_params;
837 security_bits = X25519_SECURITY_BITS;
838 size = X25519_KEYLEN;
843 fromdata_params = x448_fromdata_params;
845 security_bits = X448_SECURITY_BITS;
851 fromdata_params = ed25519_fromdata_params;
853 security_bits = ED25519_SECURITY_BITS;
854 size = ED25519_KEYLEN;
859 fromdata_params = ed448_fromdata_params;
861 security_bits = ED448_SECURITY_BITS;
869 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
873 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
874 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
875 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
876 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
877 || !TEST_int_eq(EVP_PKEY_size(pk), size))
880 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
881 /* This should succeed because there are no parameters to copy */
882 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
885 if (!TEST_true(EVP_PKEY_get_octet_string_param(
886 pk, fromdata_params[PRIV_KEY].key,
887 out_priv, sizeof(out_priv), &len))
888 || !TEST_mem_eq(out_priv, len,
889 fromdata_params[PRIV_KEY].data,
890 fromdata_params[PRIV_KEY].data_size)
891 || !TEST_true(EVP_PKEY_get_octet_string_param(
892 pk, fromdata_params[PUB_KEY].key,
893 out_pub, sizeof(out_pub), &len))
894 || !TEST_mem_eq(out_pub, len,
895 fromdata_params[PUB_KEY].data,
896 fromdata_params[PUB_KEY].data_size))
899 ret = test_print_key_using_pem(alg, pk)
900 && test_print_key_using_encoder(alg, pk);
904 EVP_PKEY_free(copy_pk);
905 EVP_PKEY_CTX_free(ctx);
912 static int test_fromdata_ec(void)
915 EVP_PKEY_CTX *ctx = NULL;
916 EVP_PKEY *pk = NULL, *copy_pk = NULL;
917 OSSL_PARAM_BLD *bld = NULL;
918 BIGNUM *ec_priv_bn = NULL;
919 BIGNUM *bn_priv = NULL;
920 OSSL_PARAM *fromdata_params = NULL;
921 const char *alg = "EC";
922 const char *curve = "prime256v1";
923 /* UNCOMPRESSED FORMAT */
924 static const unsigned char ec_pub_keydata[] = {
925 POINT_CONVERSION_UNCOMPRESSED,
926 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
927 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
928 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
929 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
930 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
931 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
932 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
933 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
935 static const unsigned char ec_priv_keydata[] = {
936 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
937 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
938 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
939 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
941 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
942 unsigned char out_pub[sizeof(ec_pub_keydata)];
943 char out_curve_name[80];
944 const OSSL_PARAM *gettable = NULL;
948 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
950 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
951 sizeof(ec_priv_keydata), NULL)))
954 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
957 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
959 sizeof(ec_pub_keydata)) <= 0)
961 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
963 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
965 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
969 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
970 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
971 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
972 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
973 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
976 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
977 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
980 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
981 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
982 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
983 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
986 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
987 out_curve_name, sizeof(out_curve_name),
989 || !TEST_str_eq(out_curve_name, curve)
990 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
991 out_pub, sizeof(out_pub), &len)
992 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
993 || !TEST_mem_eq(out_pub + 1, len - 1,
994 ec_pub_keydata + 1, compressed_sz - 1)
995 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
997 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1000 ret = test_print_key_using_pem(alg, pk)
1001 && test_print_key_using_encoder(alg, pk);
1004 BN_free(ec_priv_bn);
1005 OSSL_PARAM_BLD_free_params(fromdata_params);
1006 OSSL_PARAM_BLD_free(bld);
1008 EVP_PKEY_free(copy_pk);
1009 EVP_PKEY_CTX_free(ctx);
1013 #endif /* OPENSSL_NO_EC */
1015 #ifndef OPENSSL_NO_DSA
1016 static int test_fromdata_dsa_fips186_4(void)
1019 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1020 EVP_PKEY *pk = NULL, *copy_pk = NULL;
1021 BIGNUM *pub = NULL, *priv = NULL;
1022 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1023 BIGNUM *pub_out = NULL, *priv_out = NULL;
1024 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1025 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1027 unsigned char seed_out[32];
1029 OSSL_PARAM_BLD *bld = NULL;
1030 OSSL_PARAM *fromdata_params = NULL;
1033 * DSA parameter data was generated using the following:
1034 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1035 * -pkeyopt qbits:256 -pkeyopt type:0 \
1036 * -pkeyopt gindex:1 -out dsa_params.pem -text
1038 static const unsigned char p_data[] = {
1039 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1040 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1041 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1042 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1043 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1044 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1045 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1046 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1047 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1048 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1049 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1050 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1051 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1052 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1053 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1054 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1055 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1056 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1057 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1058 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1059 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1060 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1062 static const unsigned char q_data[] = {
1063 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1064 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1065 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1067 static const unsigned char g_data[] = {
1068 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1069 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1070 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1071 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1072 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1073 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1074 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1075 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1076 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1077 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1078 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1079 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1080 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1081 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1082 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1083 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1084 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1085 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1086 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1087 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1088 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1089 0x02, 0x6f, 0x96, 0x36
1091 static const unsigned char seed_data[] = {
1092 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1093 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1094 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1096 const int gindex = 1;
1097 const int pcounter = 53;
1099 * The keypair was generated using
1100 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1101 * -pkeyopt gindex:1 \
1102 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1104 static const unsigned char priv_data[] = {
1105 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1106 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1107 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1109 static const unsigned char pub_data[] = {
1110 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1111 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1112 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1113 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1114 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1115 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1116 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1117 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1118 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1119 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1120 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1121 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1122 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1123 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1124 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1125 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1126 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1127 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1128 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1129 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1130 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1131 0x48, 0xd1, 0x8a, 0xbd
1134 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1135 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1136 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1137 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1138 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1139 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1141 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1142 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1143 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1144 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1145 OSSL_PKEY_PARAM_FFC_SEED,
1148 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1150 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1151 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1153 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1155 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1157 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1160 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1163 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1164 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1165 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1166 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1167 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1170 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1171 name_out, sizeof(name_out),
1173 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1175 || !TEST_BN_eq(pub, pub_out)
1176 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1178 || !TEST_BN_eq(priv, priv_out)
1179 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1180 || !TEST_BN_eq(p, p_out)
1181 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1182 || !TEST_BN_eq(q, q_out)
1183 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1184 || !TEST_BN_eq(g, g_out)
1185 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1187 || !TEST_ptr_null(j_out)
1188 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1189 OSSL_PKEY_PARAM_FFC_SEED,
1190 seed_out, sizeof(seed_out),
1192 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1194 || !TEST_int_eq(gindex, gindex_out)
1195 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1197 || !TEST_int_eq(hindex_out, 0)
1198 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1200 || !TEST_int_eq(pcounter, pcounter_out))
1203 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1206 if (!TEST_true(EVP_PKEY_check(key_ctx))
1207 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1208 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1209 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1212 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1213 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1216 ret = test_print_key_using_pem("DSA", pk)
1217 && test_print_key_using_encoder("DSA", pk);
1219 OSSL_PARAM_BLD_free_params(fromdata_params);
1220 OSSL_PARAM_BLD_free(bld);
1233 EVP_PKEY_free(copy_pk);
1234 EVP_PKEY_CTX_free(ctx);
1235 EVP_PKEY_CTX_free(key_ctx);
1240 static int test_check_dsa(void)
1243 EVP_PKEY_CTX *ctx = NULL;
1245 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1246 || !TEST_false(EVP_PKEY_check(ctx))
1247 || !TEST_false(EVP_PKEY_public_check(ctx))
1248 || !TEST_false(EVP_PKEY_private_check(ctx))
1249 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1254 EVP_PKEY_CTX_free(ctx);
1258 #endif /* OPENSSL_NO_DSA */
1261 int setup_tests(void)
1263 if (!test_skip_common_options()) {
1264 TEST_error("Error parsing test options\n");
1268 if (!TEST_ptr(datadir = test_get_argument(0)))
1271 ADD_TEST(test_evp_pkey_get_bn_param_large);
1272 ADD_TEST(test_fromdata_rsa);
1273 #ifndef OPENSSL_NO_DH
1274 ADD_TEST(test_fromdata_dh_fips186_4);
1275 ADD_TEST(test_fromdata_dh_named_group);
1277 #ifndef OPENSSL_NO_DSA
1278 ADD_TEST(test_check_dsa);
1279 ADD_TEST(test_fromdata_dsa_fips186_4);
1281 #ifndef OPENSSL_NO_EC
1282 ADD_ALL_TESTS(test_fromdata_ecx, 4);
1283 ADD_TEST(test_fromdata_ec);