2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
26 * Do not change the order of the following defines unless you also
27 * update the for loop bounds used inside test_print_key_using_encoder() and
28 * test_print_key_using_encoder_public().
37 static void stripcr(char *buf, size_t *len)
42 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
53 static int compare_with_file(const char *alg, int type, BIO *membio)
58 char *memdata, *fullfile = NULL;
91 TEST_error("Invalid file type");
95 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
96 fullfile = test_mk_file_path(datadir, filename);
97 if (!TEST_ptr(fullfile))
100 file = BIO_new_file(fullfile, "rb");
104 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
105 || !TEST_true(BIO_eof(file))
106 || !TEST_size_t_lt(readbytes, sizeof(buf)))
109 len = BIO_get_mem_data(membio, &memdata);
110 if (!TEST_int_gt(len, 0))
114 if (type != PRIV_DER && type != PUB_DER) {
115 stripcr(memdata, &slen);
116 stripcr(buf, &readbytes);
119 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
124 OPENSSL_free(fullfile);
125 (void)BIO_reset(membio);
130 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
132 BIO *membio = BIO_new(BIO_s_mem());
135 if (!TEST_ptr(membio))
138 if (/* Output Encrypted private key in PEM form */
139 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
140 (unsigned char *)"pass", 4,
142 /* Private key in text form */
143 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
144 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
145 /* Public key in PEM form */
146 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
147 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
148 /* Unencrypted private key in PEM form */
149 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
150 NULL, NULL, 0, NULL, NULL))
151 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
160 static int test_print_key_type_using_encoder(const char *alg, int type,
163 const char *output_type, *output_structure;
165 OSSL_ENCODER_CTX *ctx = NULL;
166 BIO *membio = BIO_new(BIO_s_mem());
171 output_type = "TEXT";
172 output_structure = NULL;
173 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
174 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
179 output_structure = "pkcs8";
180 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
181 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
186 output_structure = "pkcs8";
187 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
188 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
192 output_type = "TEXT";
193 output_structure = NULL;
194 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
195 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
200 output_structure = "SubjectPublicKeyInfo";
201 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
202 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
207 output_structure = "SubjectPublicKeyInfo";
208 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
209 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
213 TEST_error("Invalid encoding type");
217 if (!TEST_ptr(membio))
220 /* Make a context, it's valid for several prints */
221 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
222 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
226 /* Check that this operation is supported */
227 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
230 /* Use no cipher. This should give us an unencrypted PEM */
231 TEST_note("Testing with no encryption");
232 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
233 || !TEST_true(compare_with_file(alg, type, membio)))
236 if (type == PRIV_PEM) {
237 /* Set a passphrase to be used later */
238 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
239 (unsigned char *)"pass",
243 /* Use a valid cipher name */
244 TEST_note("Displaying PEM encrypted with AES-256-CBC");
245 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
246 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
249 /* Use an invalid cipher name, which should generate no output */
250 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
251 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
252 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
255 /* Clear the cipher. This should give us an unencrypted PEM again */
256 TEST_note("Testing with encryption cleared (no encryption)");
257 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
258 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
259 || !TEST_true(compare_with_file(alg, type, membio)))
265 OSSL_ENCODER_CTX_free(ctx);
269 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
274 for (i = PRIV_TEXT; i <= PUB_DER; i++)
275 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
280 #ifndef OPENSSL_NO_EC
281 static int test_print_key_using_encoder_public(const char *alg,
287 for (i = PUB_TEXT; i <= PUB_DER; i++)
288 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
294 /* Array indexes used in test_fromdata_rsa */
304 static int test_fromdata_rsa(void)
307 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
308 EVP_PKEY *pk = NULL, *copy_pk = NULL;
310 * 32-bit RSA key, extracted from this command,
311 * executed with OpenSSL 1.0.2:
313 * openssl genrsa 32 | openssl rsa -text
315 static unsigned long key_numbers[] = {
325 OSSL_PARAM fromdata_params[] = {
326 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
327 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
328 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
329 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
330 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
331 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
332 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
333 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
336 BIGNUM *bn = BN_new();
337 BIGNUM *bn_from = BN_new();
339 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
342 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
343 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
345 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
346 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
347 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
350 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
353 if (!TEST_true(EVP_PKEY_check(key_ctx))
354 || !TEST_true(EVP_PKEY_public_check(key_ctx))
355 || !TEST_true(EVP_PKEY_private_check(key_ctx))
356 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
359 /* EVP_PKEY_copy_parameters() should fail for RSA */
360 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
361 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
364 for (i = 0; fromdata_params[i].key != NULL; ++i) {
365 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
366 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
367 || !TEST_BN_eq(bn, bn_from))
370 ret = test_print_key_using_pem("RSA", pk)
371 && test_print_key_using_encoder("RSA", pk);
376 EVP_PKEY_free(copy_pk);
377 EVP_PKEY_CTX_free(key_ctx);
378 EVP_PKEY_CTX_free(ctx);
383 static int test_evp_pkey_get_bn_param_large(void)
386 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
388 OSSL_PARAM_BLD *bld = NULL;
389 OSSL_PARAM *fromdata_params = NULL;
390 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
392 * The buffer size chosen here for n_data larger than the buffer used
393 * internally in EVP_PKEY_get_bn_param.
395 static unsigned char n_data[2050];
396 static const unsigned char e_data[] = {
399 static const unsigned char d_data[]= {
400 0x99, 0x33, 0x13, 0x7b
403 /* N is a large buffer */
404 memset(n_data, 0xCE, sizeof(n_data));
406 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
407 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
408 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
409 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
410 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
411 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
412 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
413 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
414 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
415 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
416 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
418 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
419 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
420 || !TEST_BN_eq(n, n_out))
429 EVP_PKEY_CTX_free(key_ctx);
430 EVP_PKEY_CTX_free(ctx);
431 OSSL_PARAM_BLD_free_params(fromdata_params);
432 OSSL_PARAM_BLD_free(bld);
437 #ifndef OPENSSL_NO_DH
438 static int test_fromdata_dh_named_group(void)
441 int gindex = 0, pcounter = 0, hindex = 0;
442 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
443 EVP_PKEY *pk = NULL, *copy_pk = NULL;
445 BIGNUM *pub = NULL, *priv = NULL;
446 BIGNUM *pub_out = NULL, *priv_out = NULL;
447 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
448 OSSL_PARAM *fromdata_params = NULL;
449 OSSL_PARAM_BLD *bld = NULL;
451 unsigned char seed_out[32];
454 * DH key data was generated using the following:
455 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
456 * -pkeyopt priv_len:224 -text
458 static const unsigned char priv_data[] = {
459 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
460 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
461 0x87, 0xe8, 0xa9, 0x7b,
463 static const unsigned char pub_data[] = {
464 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
465 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
466 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
467 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
468 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
469 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
470 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
471 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
472 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
473 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
474 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
475 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
476 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
477 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
478 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
479 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
480 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
481 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
482 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
483 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
484 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
485 0xcf, 0x33, 0x42, 0x83, 0x42
487 static const char group_name[] = "ffdhe2048";
488 static const long priv_len = 224;
490 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
491 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
492 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
493 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
494 OSSL_PKEY_PARAM_GROUP_NAME,
496 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
498 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
499 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
500 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
503 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
506 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
507 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
509 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
510 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
511 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
514 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
515 name_out, sizeof(name_out),
517 || !TEST_str_eq(name_out, group_name)
518 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
521 || !TEST_BN_eq(pub, pub_out)
522 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
524 || !TEST_BN_eq(priv, priv_out)
525 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
526 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
527 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
529 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
530 || !TEST_BN_eq(&_bignum_const_2, g)
531 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
534 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
535 OSSL_PKEY_PARAM_FFC_SEED,
537 sizeof(seed_out), &len))
538 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
540 || !TEST_int_eq(gindex, -1)
541 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
542 || !TEST_int_eq(hindex, 0)
543 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
545 || !TEST_int_eq(pcounter, -1))
548 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
551 if (!TEST_true(EVP_PKEY_check(key_ctx))
552 || !TEST_true(EVP_PKEY_public_check(key_ctx))
553 || !TEST_true(EVP_PKEY_private_check(key_ctx))
554 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
557 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
558 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
561 ret = test_print_key_using_pem("DH", pk)
562 && test_print_key_using_encoder("DH", pk);
572 EVP_PKEY_free(copy_pk);
574 EVP_PKEY_CTX_free(ctx);
575 EVP_PKEY_CTX_free(key_ctx);
576 OSSL_PARAM_BLD_free_params(fromdata_params);
577 OSSL_PARAM_BLD_free(bld);
582 static int test_fromdata_dh_fips186_4(void)
585 int gindex = 0, pcounter = 0, hindex = 0;
586 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
589 BIGNUM *pub = NULL, *priv = NULL;
590 BIGNUM *pub_out = NULL, *priv_out = NULL;
591 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
592 OSSL_PARAM_BLD *bld = NULL;
593 OSSL_PARAM *fromdata_params = NULL;
595 unsigned char seed_out[32];
598 * DH key data was generated using the following:
599 * openssl genpkey -algorithm DH
600 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
602 static const unsigned char priv_data[] = {
603 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
604 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
605 0x87, 0xe8, 0xa9, 0x7b,
607 static const unsigned char pub_data[] = {
608 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
609 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
610 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
611 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
612 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
613 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
614 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
615 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
616 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
617 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
618 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
619 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
620 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
621 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
622 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
623 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
624 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
625 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
626 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
627 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
628 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
629 0x33, 0x42, 0x83, 0x42
631 static const char group_name[] = "ffdhe2048";
632 static const long priv_len = 224;
635 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
636 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
637 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
638 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
639 OSSL_PKEY_PARAM_GROUP_NAME,
641 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
643 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
644 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
645 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
648 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
651 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
652 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
654 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
655 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
656 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
659 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
660 name_out, sizeof(name_out),
662 || !TEST_str_eq(name_out, group_name)
663 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
665 || !TEST_BN_eq(pub, pub_out)
666 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
668 || !TEST_BN_eq(priv, priv_out)
669 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
670 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
671 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
673 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
674 || !TEST_BN_eq(&_bignum_const_2, g)
675 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
678 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
679 OSSL_PKEY_PARAM_FFC_SEED,
681 sizeof(seed_out), &len))
682 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
684 || !TEST_int_eq(gindex, -1)
685 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
686 || !TEST_int_eq(hindex, 0)
687 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
689 || !TEST_int_eq(pcounter, -1))
692 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
695 if (!TEST_true(EVP_PKEY_check(key_ctx))
696 || !TEST_true(EVP_PKEY_public_check(key_ctx))
697 || !TEST_true(EVP_PKEY_private_check(key_ctx))
698 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
701 ret = test_print_key_using_pem("DH", pk)
702 && test_print_key_using_encoder("DH", pk);
713 EVP_PKEY_CTX_free(ctx);
714 EVP_PKEY_CTX_free(key_ctx);
715 OSSL_PARAM_BLD_free_params(fromdata_params);
716 OSSL_PARAM_BLD_free(bld);
725 #ifndef OPENSSL_NO_EC
726 /* Array indexes used in test_fromdata_ecx */
730 # define X25519_IDX 0
732 # define ED25519_IDX 2
736 * tst uses indexes 0 ... (3 * 4 - 1)
737 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
738 * 0..3 = public + private key.
739 * 4..7 = private key (This will generate the public key from the private key)
742 static int test_fromdata_ecx(int tst)
745 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
746 EVP_PKEY *pk = NULL, *copy_pk = NULL;
747 const char *alg = NULL;
749 unsigned char out_pub[ED448_KEYLEN];
750 unsigned char out_priv[ED448_KEYLEN];
751 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
753 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
754 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
755 /* X25519: Keys from RFC 7748 6.1 */
759 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
760 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
761 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
766 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
767 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
768 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
772 /* X448: Keys from RFC 7748 6.2 */
776 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
777 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
778 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
779 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
780 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
781 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
785 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
786 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
787 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
788 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
789 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
790 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
793 /* ED25519: Keys from RFC 8032 */
797 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
798 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
799 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
804 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
805 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
806 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
810 /* ED448: Keys from RFC 8032 */
814 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
815 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
816 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
817 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
818 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
819 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
823 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
824 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
825 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
826 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
827 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
828 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
832 OSSL_PARAM x25519_fromdata_params[] = {
833 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
834 key_numbers[X25519_IDX][PRIV_KEY],
836 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
837 key_numbers[X25519_IDX][PUB_KEY],
841 OSSL_PARAM x448_fromdata_params[] = {
842 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
843 key_numbers[X448_IDX][PRIV_KEY],
845 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
846 key_numbers[X448_IDX][PUB_KEY],
850 OSSL_PARAM ed25519_fromdata_params[] = {
851 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
852 key_numbers[ED25519_IDX][PRIV_KEY],
854 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
855 key_numbers[ED25519_IDX][PUB_KEY],
859 OSSL_PARAM ed448_fromdata_params[] = {
860 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
861 key_numbers[ED448_IDX][PRIV_KEY],
863 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
864 key_numbers[ED448_IDX][PUB_KEY],
868 OSSL_PARAM *fromdata_params = NULL;
869 int bits = 0, security_bits = 0, size = 0;
870 OSSL_PARAM *orig_fromdata_params = NULL;
874 fromdata_params = x25519_fromdata_params;
876 security_bits = X25519_SECURITY_BITS;
877 size = X25519_KEYLEN;
882 fromdata_params = x448_fromdata_params;
884 security_bits = X448_SECURITY_BITS;
890 fromdata_params = ed25519_fromdata_params;
892 security_bits = ED25519_SECURITY_BITS;
893 size = ED25519_KEYLEN;
898 fromdata_params = ed448_fromdata_params;
900 security_bits = ED448_SECURITY_BITS;
908 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
912 orig_fromdata_params = fromdata_params;
914 /* public key only */
916 } else if (tst > 3) {
917 /* private key only */
918 params[0] = fromdata_params[0];
919 params[1] = fromdata_params[2];
920 fromdata_params = params;
923 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
924 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
926 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
927 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
928 || !TEST_int_eq(EVP_PKEY_size(pk), size))
931 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
934 if (!TEST_true(EVP_PKEY_check(ctx2)))
936 if (!TEST_true(EVP_PKEY_get_octet_string_param(
937 pk, orig_fromdata_params[PRIV_KEY].key,
938 out_priv, sizeof(out_priv), &len))
939 || !TEST_mem_eq(out_priv, len,
940 orig_fromdata_params[PRIV_KEY].data,
941 orig_fromdata_params[PRIV_KEY].data_size)
942 || !TEST_true(EVP_PKEY_get_octet_string_param(
943 pk, orig_fromdata_params[PUB_KEY].key,
944 out_pub, sizeof(out_pub), &len))
945 || !TEST_mem_eq(out_pub, len,
946 orig_fromdata_params[PUB_KEY].data,
947 orig_fromdata_params[PUB_KEY].data_size))
950 /* The private key check should fail if there is only a public key */
951 if (!TEST_true(EVP_PKEY_public_check(ctx2))
952 || !TEST_false(EVP_PKEY_private_check(ctx2))
953 || !TEST_false(EVP_PKEY_check(ctx2)))
957 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
958 /* This should succeed because there are no parameters to copy */
959 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
963 ret = test_print_key_using_encoder_public(alg, pk);
965 ret = test_print_key_using_pem(alg, pk)
966 && test_print_key_using_encoder(alg, pk);
970 EVP_PKEY_free(copy_pk);
971 EVP_PKEY_CTX_free(ctx);
972 EVP_PKEY_CTX_free(ctx2);
979 static int test_fromdata_ec(void)
982 EVP_PKEY_CTX *ctx = NULL;
983 EVP_PKEY *pk = NULL, *copy_pk = NULL;
984 OSSL_PARAM_BLD *bld = NULL;
985 BIGNUM *ec_priv_bn = NULL;
986 BIGNUM *bn_priv = NULL;
987 OSSL_PARAM *fromdata_params = NULL;
988 const char *alg = "EC";
989 const char *curve = "prime256v1";
990 /* UNCOMPRESSED FORMAT */
991 static const unsigned char ec_pub_keydata[] = {
992 POINT_CONVERSION_UNCOMPRESSED,
993 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
994 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
995 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
996 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
997 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
998 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
999 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1000 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1002 static const unsigned char ec_priv_keydata[] = {
1003 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1004 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1005 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1006 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1008 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1009 unsigned char out_pub[sizeof(ec_pub_keydata)];
1010 char out_curve_name[80];
1011 const OSSL_PARAM *gettable = NULL;
1015 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1017 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1018 sizeof(ec_priv_keydata), NULL)))
1021 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1024 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1026 sizeof(ec_pub_keydata)) <= 0)
1028 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1030 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1032 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1036 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1037 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1039 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
1040 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
1041 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
1044 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1045 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1048 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1049 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
1050 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
1051 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
1054 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1055 out_curve_name, sizeof(out_curve_name),
1057 || !TEST_str_eq(out_curve_name, curve)
1058 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1059 out_pub, sizeof(out_pub), &len)
1060 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1061 || !TEST_mem_eq(out_pub + 1, len - 1,
1062 ec_pub_keydata + 1, compressed_sz - 1)
1063 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1065 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1068 ret = test_print_key_using_pem(alg, pk)
1069 && test_print_key_using_encoder(alg, pk);
1072 BN_free(ec_priv_bn);
1073 OSSL_PARAM_BLD_free_params(fromdata_params);
1074 OSSL_PARAM_BLD_free(bld);
1076 EVP_PKEY_free(copy_pk);
1077 EVP_PKEY_CTX_free(ctx);
1081 static int test_ec_dup_no_operation(void)
1084 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1085 EVP_PKEY *param = NULL, *pkey = NULL;
1087 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1088 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1089 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1090 NID_X9_62_prime256v1), 0)
1091 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1092 || !TEST_ptr(param))
1095 EVP_PKEY_CTX_free(pctx);
1098 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1099 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1100 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1101 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1105 EVP_PKEY_free(pkey);
1106 EVP_PKEY_free(param);
1107 EVP_PKEY_CTX_free(ctx);
1108 EVP_PKEY_CTX_free(kctx);
1109 EVP_PKEY_CTX_free(pctx);
1113 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1114 static int test_ec_dup_keygen_operation(void)
1117 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1118 EVP_PKEY *param = NULL, *pkey = NULL;
1120 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1121 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1122 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1123 NID_X9_62_prime256v1), 0)
1124 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1125 || !TEST_ptr(param))
1128 EVP_PKEY_CTX_free(pctx);
1131 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1132 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1133 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1137 EVP_PKEY_free(pkey);
1138 EVP_PKEY_free(param);
1139 EVP_PKEY_CTX_free(ctx);
1140 EVP_PKEY_CTX_free(kctx);
1141 EVP_PKEY_CTX_free(pctx);
1145 #endif /* OPENSSL_NO_EC */
1147 #ifndef OPENSSL_NO_DSA
1148 static int test_fromdata_dsa_fips186_4(void)
1151 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1152 EVP_PKEY *pk = NULL, *copy_pk = NULL;
1153 BIGNUM *pub = NULL, *priv = NULL;
1154 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1155 BIGNUM *pub_out = NULL, *priv_out = NULL;
1156 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1157 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1159 unsigned char seed_out[32];
1161 OSSL_PARAM_BLD *bld = NULL;
1162 OSSL_PARAM *fromdata_params = NULL;
1165 * DSA parameter data was generated using the following:
1166 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1167 * -pkeyopt qbits:256 -pkeyopt type:0 \
1168 * -pkeyopt gindex:1 -out dsa_params.pem -text
1170 static const unsigned char p_data[] = {
1171 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1172 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1173 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1174 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1175 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1176 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1177 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1178 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1179 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1180 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1181 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1182 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1183 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1184 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1185 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1186 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1187 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1188 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1189 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1190 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1191 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1192 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1194 static const unsigned char q_data[] = {
1195 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1196 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1197 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1199 static const unsigned char g_data[] = {
1200 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1201 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1202 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1203 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1204 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1205 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1206 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1207 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1208 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1209 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1210 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1211 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1212 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1213 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1214 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1215 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1216 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1217 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1218 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1219 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1220 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1221 0x02, 0x6f, 0x96, 0x36
1223 static const unsigned char seed_data[] = {
1224 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1225 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1226 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1228 const int gindex = 1;
1229 const int pcounter = 53;
1231 * The keypair was generated using
1232 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1233 * -pkeyopt gindex:1 \
1234 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1236 static const unsigned char priv_data[] = {
1237 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1238 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1239 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1241 static const unsigned char pub_data[] = {
1242 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1243 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1244 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1245 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1246 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1247 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1248 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1249 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1250 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1251 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1252 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1253 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1254 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1255 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1256 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1257 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1258 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1259 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1260 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1261 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1262 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1263 0x48, 0xd1, 0x8a, 0xbd
1266 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1267 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1268 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1269 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1270 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1271 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1273 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1274 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1275 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1276 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1277 OSSL_PKEY_PARAM_FFC_SEED,
1280 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1282 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1283 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1285 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1287 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1289 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1292 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1295 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1296 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1298 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1299 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1300 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1303 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1304 name_out, sizeof(name_out),
1306 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1308 || !TEST_BN_eq(pub, pub_out)
1309 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1311 || !TEST_BN_eq(priv, priv_out)
1312 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1313 || !TEST_BN_eq(p, p_out)
1314 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1315 || !TEST_BN_eq(q, q_out)
1316 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1317 || !TEST_BN_eq(g, g_out)
1318 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1320 || !TEST_ptr_null(j_out)
1321 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1322 OSSL_PKEY_PARAM_FFC_SEED,
1323 seed_out, sizeof(seed_out),
1325 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1327 || !TEST_int_eq(gindex, gindex_out)
1328 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1330 || !TEST_int_eq(hindex_out, 0)
1331 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1333 || !TEST_int_eq(pcounter, pcounter_out))
1336 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1339 if (!TEST_true(EVP_PKEY_check(key_ctx))
1340 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1341 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1342 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1345 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1346 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1349 ret = test_print_key_using_pem("DSA", pk)
1350 && test_print_key_using_encoder("DSA", pk);
1352 OSSL_PARAM_BLD_free_params(fromdata_params);
1353 OSSL_PARAM_BLD_free(bld);
1366 EVP_PKEY_free(copy_pk);
1367 EVP_PKEY_CTX_free(ctx);
1368 EVP_PKEY_CTX_free(key_ctx);
1373 static int test_check_dsa(void)
1376 EVP_PKEY_CTX *ctx = NULL;
1378 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1379 || !TEST_false(EVP_PKEY_check(ctx))
1380 || !TEST_false(EVP_PKEY_public_check(ctx))
1381 || !TEST_false(EVP_PKEY_private_check(ctx))
1382 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1387 EVP_PKEY_CTX_free(ctx);
1391 #endif /* OPENSSL_NO_DSA */
1394 int setup_tests(void)
1396 if (!test_skip_common_options()) {
1397 TEST_error("Error parsing test options\n");
1401 if (!TEST_ptr(datadir = test_get_argument(0)))
1404 ADD_TEST(test_evp_pkey_get_bn_param_large);
1405 ADD_TEST(test_fromdata_rsa);
1406 #ifndef OPENSSL_NO_DH
1407 ADD_TEST(test_fromdata_dh_fips186_4);
1408 ADD_TEST(test_fromdata_dh_named_group);
1410 #ifndef OPENSSL_NO_DSA
1411 ADD_TEST(test_check_dsa);
1412 ADD_TEST(test_fromdata_dsa_fips186_4);
1414 #ifndef OPENSSL_NO_EC
1415 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1416 ADD_TEST(test_fromdata_ec);
1417 ADD_TEST(test_ec_dup_no_operation);
1418 ADD_TEST(test_ec_dup_keygen_operation);