X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=test%2Fevp_extra_test.c;h=7f07ab738e1b3a9729715eedfd7022d3619ea43a;hp=387e29496f7f090749de3b529238652f2c588a06;hb=29c49b2534fbd60338f61e94c2893d774f9361a9;hpb=501fcfb8cfc1aa114ffde437039c2dc2827554ae diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 387e29496f..7f07ab738e 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -21,12 +21,16 @@ #include #include #include +#include #include #include #include "testutil.h" #include "internal/nelem.h" +#include "internal/sizes.h" #include "crypto/evp.h" +static OPENSSL_CTX *testctx = NULL; + /* * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you * should never use this key anywhere but in an example. @@ -451,6 +455,22 @@ end: } #endif +static EVP_PKEY *load_example_hmac_key(void) +{ + EVP_PKEY *pkey = NULL; + unsigned char key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f + }; + + pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key)); + if (!TEST_ptr(pkey)) + return NULL; + + return pkey; +} + static int test_EVP_Enveloped(void) { int ret = 0; @@ -495,10 +515,15 @@ err: } /* - * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA) - * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA) - * Test 2: Use an MD BIO to do the Update calls instead (RSA) - * Test 3: Use an MD BIO to do the Update calls instead (DSA) + * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA) + * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA) + * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC) + * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA) + * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA) + * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC) + * Test 6: Use an MD BIO to do the Update calls instead (RSA) + * Test 7: Use an MD BIO to do the Update calls instead (DSA) + * Test 8: Use an MD BIO to do the Update calls instead (HMAC) */ static int test_EVP_DigestSignInit(int tst) { @@ -510,8 +535,10 @@ static int test_EVP_DigestSignInit(int tst) EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL; BIO *mdbio = NULL, *membio = NULL; size_t written; + const EVP_MD *md; + EVP_MD *mdexp = NULL; - if (tst >= 2) { + if (tst >= 6) { membio = BIO_new(BIO_s_mem()); mdbio = BIO_new(BIO_f_md()); if (!TEST_ptr(membio) || !TEST_ptr(mdbio)) @@ -525,10 +552,10 @@ static int test_EVP_DigestSignInit(int tst) goto out; } - if (tst == 0 || tst == 2) { + if (tst == 0 || tst == 3 || tst == 6) { if (!TEST_ptr(pkey = load_example_rsa_key())) goto out; - } else { + } else if (tst == 1 || tst == 4 || tst == 7) { #ifndef OPENSSL_NO_DSA if (!TEST_ptr(pkey = load_example_dsa_key())) goto out; @@ -536,12 +563,20 @@ static int test_EVP_DigestSignInit(int tst) ret = 1; goto out; #endif + } else { + if (!TEST_ptr(pkey = load_example_hmac_key())) + goto out; } - if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))) + if (tst >= 3 && tst <= 5) + md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL); + else + md = EVP_sha256(); + + if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey))) goto out; - if (tst >= 2) { + if (tst >= 6) { if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)) goto out; } else { @@ -551,34 +586,36 @@ static int test_EVP_DigestSignInit(int tst) /* Determine the size of the signature. */ if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) - || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey))) - goto out; - - if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)) + || !TEST_ptr(sig = OPENSSL_malloc(sig_len)) || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len))) goto out; - if (tst >= 2) { + if (tst >= 6) { if (!TEST_int_gt(BIO_reset(mdbio), 0) || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0)) goto out; } - /* Ensure that the signature round-trips. */ - if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(), - NULL, pkey))) - goto out; - - if (tst >= 2) { - if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)) + /* + * Ensure that the signature round-trips (Verification isn't supported for + * HMAC via EVP_DigestVerify*) + */ + if (tst != 2 && tst != 5 && tst != 8) { + if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md, + NULL, pkey))) goto out; - } else { - if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, - sizeof(kMsg)))) + + if (tst >= 6) { + if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))) + goto out; + } else { + if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, + sizeof(kMsg)))) + goto out; + } + if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) goto out; } - if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) - goto out; ret = 1; @@ -589,6 +626,7 @@ static int test_EVP_DigestSignInit(int tst) EVP_MD_CTX_free(a_md_ctx_verify); EVP_PKEY_free(pkey); OPENSSL_free(sig); + EVP_MD_free(mdexp); return ret; } @@ -729,7 +767,41 @@ static int test_EVP_PKCS82PKEY(void) } #endif -#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE) +/* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */ +static int test_privatekey_to_pkcs8(void) +{ + EVP_PKEY *pkey = NULL; + BIO *membio = NULL; + char *membuf = NULL; + size_t membuf_len = 0; + int ok = 0; + + if (!TEST_ptr(membio = BIO_new(BIO_s_mem())) + || !TEST_ptr(pkey = load_example_rsa_key()) + || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL, + NULL, 0, NULL, NULL), + 0) + || !TEST_ptr((membuf_len = (size_t)BIO_get_mem_data(membio, &membuf), + membuf)) + || !TEST_mem_eq(membuf, membuf_len, + kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8)) + /* + * We try to write PEM as well, just to see that it doesn't err, but + * assume that the result is correct. + */ + || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL, + NULL, 0, NULL, NULL), + 0)) + goto done; + + ok = 1; + done: + EVP_PKEY_free(pkey); + BIO_free_all(membio); + return ok; +} + +#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE) static int test_EVP_SM2_verify(void) { @@ -882,9 +954,6 @@ static int test_EVP_SM2(void) if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))) goto done; - if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey))) - goto done; - if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))) goto done; @@ -972,7 +1041,7 @@ static struct keys_st { #endif }; -static int test_set_get_raw_keys_int(int tst, int pub) +static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx) { int ret = 0; unsigned char buf[80]; @@ -989,17 +1058,34 @@ static int test_set_get_raw_keys_int(int tst, int pub) if (pub) { inlen = strlen(keys[tst].pub); in = (unsigned char *)keys[tst].pub; - pkey = EVP_PKEY_new_raw_public_key(keys[tst].type, - NULL, - in, - inlen); + if (uselibctx) { + pkey = EVP_PKEY_new_raw_public_key_with_libctx( + testctx, + OBJ_nid2sn(keys[tst].type), + NULL, + in, + inlen); + } else { + pkey = EVP_PKEY_new_raw_public_key(keys[tst].type, + NULL, + in, + inlen); + } } else { inlen = strlen(keys[tst].priv); in = (unsigned char *)keys[tst].priv; - pkey = EVP_PKEY_new_raw_private_key(keys[tst].type, - NULL, - in, - inlen); + if (uselibctx) { + pkey = EVP_PKEY_new_raw_private_key_with_libctx( + testctx, OBJ_nid2sn(keys[tst].type), + NULL, + in, + inlen); + } else { + pkey = EVP_PKEY_new_raw_private_key(keys[tst].type, + NULL, + in, + inlen); + } } if (!TEST_ptr(pkey) @@ -1019,8 +1105,10 @@ static int test_set_get_raw_keys_int(int tst, int pub) static int test_set_get_raw_keys(int tst) { - return test_set_get_raw_keys_int(tst, 0) - && test_set_get_raw_keys_int(tst, 1); + return test_set_get_raw_keys_int(tst, 0, 0) + && test_set_get_raw_keys_int(tst, 0, 1) + && test_set_get_raw_keys_int(tst, 1, 0) + && test_set_get_raw_keys_int(tst, 1, 1); } static int pkey_custom_check(EVP_PKEY *pkey) @@ -1125,6 +1213,29 @@ static int test_EVP_PKEY_check(int i) return ret; } +#ifndef OPENSSL_NO_CMAC +static int test_CMAC_keygen(void) +{ + /* + * This is a legacy method for CMACs, but should still work. + * This verifies that it works without an ENGINE. + */ + EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL); + int ret = 0; + + if (!TEST_true(EVP_PKEY_keygen_init(kctx) > 0) + && !TEST_true(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_CIPHER, + 0, (void *)EVP_aes_256_ecb()) > 0)) + goto done; + ret = 1; + + done: + EVP_PKEY_CTX_free(kctx); + return ret; +} +#endif + static int test_HKDF(void) { EVP_PKEY_CTX *pctx; @@ -1169,6 +1280,47 @@ static int test_HKDF(void) return ret; } +static int test_emptyikm_HKDF(void) +{ + EVP_PKEY_CTX *pctx; + unsigned char out[20]; + size_t outlen; + int ret = 0; + unsigned char salt[] = "9876543210"; + unsigned char key[] = ""; + unsigned char info[] = "stringinfo"; + const unsigned char expected[] = { + 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47, + 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30 + }; + size_t expectedlen = sizeof(expected); + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL))) + goto done; + + outlen = sizeof(out); + memset(out, 0, outlen); + + if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, + sizeof(salt) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key, + sizeof(key) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info, + sizeof(info) - 1), 0) + || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0) + || !TEST_mem_eq(out, outlen, expected, expectedlen)) + goto done; + + ret = 1; + + done: + EVP_PKEY_CTX_free(pctx); + + return ret; +} + #ifndef OPENSSL_NO_EC static int test_X509_PUBKEY_inplace(void) { @@ -1200,50 +1352,18 @@ done: } #endif /* OPENSSL_NO_EC */ -#ifndef OPENSSL_NO_DSA /* Test getting and setting parameters on an EVP_PKEY_CTX */ -static int test_EVP_PKEY_CTX_get_set_params(void) +static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey) { EVP_MD_CTX *mdctx = NULL; EVP_PKEY_CTX *ctx = NULL; - EVP_SIGNATURE *dsaimpl = NULL; const OSSL_PARAM *params; - OSSL_PARAM ourparams[2], *param = ourparams; - DSA *dsa = NULL; - BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; - EVP_PKEY *pkey = NULL; + OSSL_PARAM ourparams[2], *param = ourparams, *param_md; int ret = 0; const EVP_MD *md; - size_t mdsize = SHA512_DIGEST_LENGTH; + char mdname[OSSL_MAX_NAME_SIZE]; char ssl3ms[48]; - /* - * Setup the parameters for our DSA object. For our purposes they don't - * have to actually be *valid* parameters. We just need to set something. - */ - dsa = DSA_new(); - p = BN_new(); - q = BN_new(); - g = BN_new(); - pub = BN_new(); - priv = BN_new(); - if (!TEST_ptr(dsa) - || !TEST_ptr(p) - || !TEST_ptr(q) - || !TEST_ptr(g) - || !TEST_ptr(pub) - || !DSA_set0_pqg(dsa, p, q, g) - || !DSA_set0_key(dsa, pub, priv)) - goto err; - p = q = g = pub = priv = NULL; - - pkey = EVP_PKEY_new(); - if (!TEST_ptr(pkey) - || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa))) - goto err; - - dsa = NULL; - /* Initialise a sign operation */ ctx = EVP_PKEY_CTX_new(pkey, NULL); if (!TEST_ptr(ctx) @@ -1251,45 +1371,40 @@ static int test_EVP_PKEY_CTX_get_set_params(void) goto err; /* - * We should be able to query the parameters now. The default DSA - * implementation supports exactly one parameter - so we expect to see that - * returned and no more. + * We should be able to query the parameters now. */ params = EVP_PKEY_CTX_settable_params(ctx); if (!TEST_ptr(params) - || !TEST_int_eq(strcmp(params[0].key, - OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0) - || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST), - 0) - /* The final key should be NULL */ - || !TEST_ptr_null(params[2].key)) + || !TEST_ptr(OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_DIGEST))) goto err; - /* Gettable params are the same as the settable ones */ params = EVP_PKEY_CTX_gettable_params(ctx); if (!TEST_ptr(params) - || !TEST_int_eq(strcmp(params[0].key, - OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0) - || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST), - 0) - /* The final key should be NULL */ - || !TEST_ptr_null(params[2].key)) + || !TEST_ptr(OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_ALGORITHM_ID)) + || !TEST_ptr(OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_DIGEST))) goto err; /* * Test getting and setting params via EVP_PKEY_CTX_set_params() and * EVP_PKEY_CTX_get_params() */ - *param++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, - &mdsize); + strcpy(mdname, "SHA512"); + param_md = param; + *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, + mdname, 0); *param++ = OSSL_PARAM_construct_end(); if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams))) goto err; - mdsize = 0; + mdname[0] = '\0'; + *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, + mdname, sizeof(mdname)); if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams)) - || !TEST_size_t_eq(mdsize, SHA512_DIGEST_LENGTH)) + || !TEST_str_eq(mdname, "SHA512")) goto err; /* @@ -1306,7 +1421,8 @@ static int test_EVP_PKEY_CTX_get_set_params(void) */ mdctx = EVP_MD_CTX_new(); if (!TEST_ptr(mdctx) - || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey))) + || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey, + NULL))) goto err; /* @@ -1334,7 +1450,48 @@ static int test_EVP_PKEY_CTX_get_set_params(void) err: EVP_MD_CTX_free(mdctx); EVP_PKEY_CTX_free(ctx); - EVP_SIGNATURE_free(dsaimpl); + + return ret; +} + +#ifndef OPENSSL_NO_DSA +static int test_DSA_get_set_params(void) +{ + DSA *dsa = NULL; + BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; + EVP_PKEY *pkey = NULL; + int ret = 0; + + /* + * Setup the parameters for our DSA object. For our purposes they don't + * have to actually be *valid* parameters. We just need to set something. + */ + dsa = DSA_new(); + p = BN_new(); + q = BN_new(); + g = BN_new(); + pub = BN_new(); + priv = BN_new(); + if (!TEST_ptr(dsa) + || !TEST_ptr(p) + || !TEST_ptr(q) + || !TEST_ptr(g) + || !TEST_ptr(pub) + || !DSA_set0_pqg(dsa, p, q, g) + || !DSA_set0_key(dsa, pub, priv)) + goto err; + p = q = g = pub = priv = NULL; + + pkey = EVP_PKEY_new(); + if (!TEST_ptr(pkey) + || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa))) + goto err; + + dsa = NULL; + + ret = test_EVP_PKEY_CTX_get_set_params(pkey); + + err: EVP_PKEY_free(pkey); DSA_free(dsa); BN_free(p); @@ -1347,6 +1504,48 @@ static int test_EVP_PKEY_CTX_get_set_params(void) } #endif +static int test_RSA_get_set_params(void) +{ + RSA *rsa = NULL; + BIGNUM *n = NULL, *e = NULL, *d = NULL; + EVP_PKEY *pkey = NULL; + int ret = 0; + + /* + * Setup the parameters for our RSA object. For our purposes they don't + * have to actually be *valid* parameters. We just need to set something. + */ + rsa = RSA_new(); + n = BN_new(); + e = BN_new(); + d = BN_new(); + if (!TEST_ptr(rsa) + || !TEST_ptr(n) + || !TEST_ptr(e) + || !TEST_ptr(d) + || !RSA_set0_key(rsa, n, e, d)) + goto err; + n = e = d = NULL; + + pkey = EVP_PKEY_new(); + if (!TEST_ptr(pkey) + || !TEST_true(EVP_PKEY_assign_RSA(pkey, rsa))) + goto err; + + rsa = NULL; + + ret = test_EVP_PKEY_CTX_get_set_params(pkey); + + err: + EVP_PKEY_free(pkey); + RSA_free(rsa); + BN_free(n); + BN_free(e); + BN_free(d); + + return ret; +} + #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) static int test_decrypt_null_chunks(void) { @@ -1416,16 +1615,25 @@ static int test_decrypt_null_chunks(void) #ifndef OPENSSL_NO_DH static int test_EVP_PKEY_set1_DH(void) { - DH *x942dh, *pkcs3dh; - EVP_PKEY *pkey1, *pkey2; + DH *x942dh = NULL, *noqdh = NULL; + EVP_PKEY *pkey1 = NULL, *pkey2 = NULL; int ret = 0; + BIGNUM *p, *g = NULL; + + if (!TEST_ptr(p = BN_new()) + || !TEST_ptr(g = BN_new()) + || !BN_set_word(p, 9999) + || !BN_set_word(g, 2) + || !TEST_ptr(noqdh = DH_new()) + || !DH_set0_pqg(noqdh, p, NULL, g)) + goto err; + p = g = NULL; x942dh = DH_get_2048_256(); - pkcs3dh = DH_new_by_nid(NID_ffdhe2048); pkey1 = EVP_PKEY_new(); pkey2 = EVP_PKEY_new(); if (!TEST_ptr(x942dh) - || !TEST_ptr(pkcs3dh) + || !TEST_ptr(noqdh) || !TEST_ptr(pkey1) || !TEST_ptr(pkey2)) goto err; @@ -1434,32 +1642,121 @@ static int test_EVP_PKEY_set1_DH(void) || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX)) goto err; - - if(!TEST_true(EVP_PKEY_set1_DH(pkey2, pkcs3dh)) + if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh)) || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH)) goto err; ret = 1; err: + BN_free(p); + BN_free(g); EVP_PKEY_free(pkey1); EVP_PKEY_free(pkey2); DH_free(x942dh); - DH_free(pkcs3dh); + DH_free(noqdh); return ret; } #endif +/* + * We test what happens with an empty template. For the sake of this test, + * the template must be ignored, and we know that's the case for RSA keys + * (this might arguably be a misfeature, but that's what we currently do, + * even in provider code, since that's how the legacy RSA implementation + * does things) + */ +static int test_keygen_with_empty_template(int n) +{ + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY *pkey = NULL; + EVP_PKEY *tkey = NULL; + int ret = 0; + + switch (n) { + case 0: + /* We do test with no template at all as well */ + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL))) + goto err; + break; + case 1: + /* Here we create an empty RSA key that serves as our template */ + if (!TEST_ptr(tkey = EVP_PKEY_new()) + || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA)) + || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL))) + goto err; + break; + } + + if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)) + goto err; + + ret = 1; + err: + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey); + EVP_PKEY_free(tkey); + return ret; +} + +/* + * Test that we fail if we attempt to use an algorithm that is not available + * in the current library context (unless we are using an algorithm that should + * be made available via legacy codepaths). + */ +static int test_pkey_ctx_fail_without_provider(int tst) +{ + OPENSSL_CTX *tmpctx = OPENSSL_CTX_new(); + OSSL_PROVIDER *nullprov = NULL; + EVP_PKEY_CTX *pctx = NULL; + int ret = 0; + + if (!TEST_ptr(tmpctx)) + goto err; + + nullprov = OSSL_PROVIDER_load(tmpctx, "null"); + if (!TEST_ptr(nullprov)) + goto err; + + pctx = EVP_PKEY_CTX_new_from_name(tmpctx, tst == 0 ? "RSA" : "HMAC", ""); + + /* RSA is not available via any provider so we expect this to fail */ + if (tst == 0 && !TEST_ptr_null(pctx)) + goto err; + + /* + * HMAC is always available because it is implemented via legacy codepaths + * and not in a provider at all. We expect this to pass. + */ + if (tst == 1 && !TEST_ptr(pctx)) + goto err; + + ret = 1; + + err: + EVP_PKEY_CTX_free(pctx); + OSSL_PROVIDER_unload(nullprov); + OPENSSL_CTX_free(tmpctx); + return ret; +} + int setup_tests(void) { - ADD_ALL_TESTS(test_EVP_DigestSignInit, 4); + testctx = OPENSSL_CTX_new(); + + if (!TEST_ptr(testctx)) + return 0; + + ADD_ALL_TESTS(test_EVP_DigestSignInit, 9); ADD_TEST(test_EVP_DigestVerifyInit); ADD_TEST(test_EVP_Enveloped); ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata)); + ADD_TEST(test_privatekey_to_pkcs8); #ifndef OPENSSL_NO_EC ADD_TEST(test_EVP_PKCS82PKEY); #endif -#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE) +#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE) ADD_TEST(test_EVP_SM2); ADD_TEST(test_EVP_SM2_verify); #endif @@ -1473,21 +1770,33 @@ int setup_tests(void) if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1)) return 0; ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata)); +#ifndef OPENSSL_NO_CMAC + ADD_TEST(test_CMAC_keygen); +#endif ADD_TEST(test_HKDF); + ADD_TEST(test_emptyikm_HKDF); #ifndef OPENSSL_NO_EC ADD_TEST(test_X509_PUBKEY_inplace); ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode, OSSL_NELEM(ec_der_pub_keys)); #endif #ifndef OPENSSL_NO_DSA - ADD_TEST(test_EVP_PKEY_CTX_get_set_params); + ADD_TEST(test_DSA_get_set_params); #endif + ADD_TEST(test_RSA_get_set_params); #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) ADD_TEST(test_decrypt_null_chunks); #endif #ifndef OPENSSL_NO_DH ADD_TEST(test_EVP_PKEY_set1_DH); #endif + ADD_ALL_TESTS(test_keygen_with_empty_template, 2); + ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2); return 1; } + +void cleanup_tests(void) +{ + OPENSSL_CTX_free(testctx); +}