2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
24 #include "crypto/evp.h" /* For evp_pkey_is_provided() */
26 #include "helpers/predefined_dhparams.h"
30 OSSL_provider_init_fn ossl_legacy_provider_init;
33 /* Extended test macros to allow passing file & line number */
34 #define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
35 #define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
36 #define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
37 #define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
38 #define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
39 #define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
40 #define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
41 #define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
42 #define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
44 #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
45 # define OPENSSL_NO_KEYPARAMS
48 static int default_libctx = 1;
49 static int is_fips = 0;
50 static int is_fips_3_0_0 = 0;
52 static OSSL_LIB_CTX *testctx = NULL;
53 static OSSL_LIB_CTX *keyctx = NULL;
54 static char *testpropq = NULL;
56 static OSSL_PROVIDER *nullprov = NULL;
57 static OSSL_PROVIDER *deflprov = NULL;
58 static OSSL_PROVIDER *keyprov = NULL;
61 static BN_CTX *bnctx = NULL;
62 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
63 static OSSL_PARAM_BLD *bld_prime = NULL;
64 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
65 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
67 # ifndef OPENSSL_NO_EC2M
68 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
69 static OSSL_PARAM_BLD *bld_tri = NULL;
70 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
71 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
75 #ifndef OPENSSL_NO_KEYPARAMS
76 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
78 EVP_PKEY *pkey = NULL;
79 EVP_PKEY_CTX *ctx = NULL;
81 # ifndef OPENSSL_NO_DH
83 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
84 * for testing only. Use a minimum key size of 2048 for security purposes.
86 if (strcmp(type, "DH") == 0)
87 return get_dh512(keyctx);
89 if (strcmp(type, "X9.42 DH") == 0)
90 return get_dhx512(keyctx);
94 * No real need to check the errors other than for the cascade
95 * effect. |pkey| will simply remain NULL if something goes wrong.
97 (void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL
98 && EVP_PKEY_paramgen_init(ctx) > 0
100 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
101 && EVP_PKEY_generate(ctx, &pkey) > 0);
102 EVP_PKEY_CTX_free(ctx);
108 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
109 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
110 OSSL_PARAM *genparams)
112 EVP_PKEY *pkey = NULL;
115 ? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq)
116 : EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq);
119 * No real need to check the errors other than for the cascade
120 * effect. |pkey| will simply remain NULL if something goes wrong.
123 && EVP_PKEY_keygen_init(ctx) > 0
124 && (genparams == NULL
125 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
126 && EVP_PKEY_keygen(ctx, &pkey) > 0);
127 EVP_PKEY_CTX_free(ctx);
132 /* Main test driver */
134 typedef int (encoder)(const char *file, const int line,
135 void **encoded, long *encoded_len,
136 void *object, int selection,
137 const char *output_type, const char *output_structure,
138 const char *pass, const char *pcipher);
139 typedef int (decoder)(const char *file, const int line,
140 void **object, void *encoded, long encoded_len,
141 const char *input_type, const char *structure_type,
142 const char *keytype, int selection, const char *pass);
143 typedef int (tester)(const char *file, const int line,
144 const void *data1, size_t data1_len,
145 const void *data2, size_t data2_len);
146 typedef int (checker)(const char *file, const int line,
147 const char *type, const void *data, size_t data_len);
148 typedef void (dumper)(const char *label, const void *data, size_t data_len);
150 #define FLAG_DECODE_WITH_TYPE 0x0001
151 #define FLAG_FAIL_IF_FIPS 0x0002
153 static int test_encode_decode(const char *file, const int line,
154 const char *type, EVP_PKEY *pkey,
155 int selection, const char *output_type,
156 const char *output_structure,
157 const char *pass, const char *pcipher,
158 encoder *encode_cb, decoder *decode_cb,
159 tester *test_cb, checker *check_cb,
160 dumper *dump_cb, int flags)
162 void *encoded = NULL;
163 long encoded_len = 0;
164 EVP_PKEY *pkey2 = NULL;
165 void *encoded2 = NULL;
166 long encoded2_len = 0;
170 * Encode |pkey|, decode the result into |pkey2|, and finish off by
171 * encoding |pkey2| as well. That last encoding is for checking and
174 if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
175 output_type, output_structure, pass, pcipher)))
178 if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips && !is_fips_3_0_0) {
179 if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
180 encoded_len, output_type, output_structure,
181 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
187 if (!TEST_true(check_cb(file, line, type, encoded, encoded_len))
188 || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
189 output_type, output_structure,
190 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
192 || !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
193 output_type, output_structure, pass, pcipher)))
196 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
197 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
200 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
205 * Double check the encoding, but only for unprotected keys,
206 * as protected keys have a random component, which makes the output
209 if ((pass == NULL && pcipher == NULL)
210 && !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
216 if (encoded != NULL && encoded_len != 0)
217 dump_cb("|pkey| encoded", encoded, encoded_len);
218 if (encoded2 != NULL && encoded2_len != 0)
219 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
222 OPENSSL_free(encoded);
223 OPENSSL_free(encoded2);
224 EVP_PKEY_free(pkey2);
228 /* Encoding and decoding methods */
230 static int encode_EVP_PKEY_prov(const char *file, const int line,
231 void **encoded, long *encoded_len,
232 void *object, int selection,
233 const char *output_type,
234 const char *output_structure,
235 const char *pass, const char *pcipher)
237 EVP_PKEY *pkey = object;
238 OSSL_ENCODER_CTX *ectx = NULL;
240 BUF_MEM *mem_buf = NULL;
241 const unsigned char *upass = (const unsigned char *)pass;
244 if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
248 || !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
250 && !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
253 && !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
254 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
255 || !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
256 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
257 || !TEST_FL_ptr(*encoded = mem_buf->data)
258 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
261 /* Detach the encoded output */
262 mem_buf->data = NULL;
267 OSSL_ENCODER_CTX_free(ectx);
271 static int decode_EVP_PKEY_prov(const char *file, const int line,
272 void **object, void *encoded, long encoded_len,
273 const char *input_type,
274 const char *structure_type,
275 const char *keytype, int selection,
278 EVP_PKEY *pkey = NULL, *testpkey = NULL;
279 OSSL_DECODER_CTX *dctx = NULL;
280 BIO *encoded_bio = NULL;
281 const unsigned char *upass = (const unsigned char *)pass;
286 if (strcmp(input_type, "DER") == 0)
291 if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
295 * We attempt the decode 3 times. The first time we provide the expected
296 * starting input type. The second time we provide NULL for the starting
297 * type. The third time we provide a bad starting input type.
298 * The bad starting input type should fail. The other two should succeed
299 * and produce the same result.
301 for (i = 0; i < 3; i++) {
302 const char *testtype = (i == 0) ? input_type
303 : ((i == 1) ? NULL : badtype);
305 if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
312 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
313 || !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
314 /* We expect to fail when using a bad input type */
315 || !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
318 OSSL_DECODER_CTX_free(dctx);
325 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
326 if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
329 if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
340 EVP_PKEY_free(testpkey);
341 BIO_free(encoded_bio);
342 OSSL_DECODER_CTX_free(dctx);
346 static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
347 void **encoded, long *encoded_len,
348 void *object, ossl_unused int selection,
349 ossl_unused const char *output_type,
350 ossl_unused const char *output_structure,
351 const char *pass, const char *pcipher)
353 EVP_PKEY *pkey = object;
354 EVP_CIPHER *cipher = NULL;
356 BUF_MEM *mem_buf = NULL;
357 const unsigned char *upass = (const unsigned char *)pass;
361 if (pcipher != NULL && pass != NULL) {
362 passlen = strlen(pass);
363 if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq)))
366 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
367 || !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
371 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
372 || !TEST_FL_ptr(*encoded = mem_buf->data)
373 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
376 /* Detach the encoded output */
377 mem_buf->data = NULL;
382 EVP_CIPHER_free(cipher);
386 static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
387 void **encoded, long *encoded_len,
388 void *object, int selection,
389 ossl_unused const char *output_type,
390 ossl_unused const char *output_structure,
391 ossl_unused const char *pass,
392 ossl_unused const char *pcipher)
394 EVP_PKEY *pkey = object;
396 BUF_MEM *mem_buf = NULL;
399 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
402 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
403 if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
406 if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
410 if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
411 || !TEST_FL_ptr(*encoded = mem_buf->data)
412 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
415 /* Detach the encoded output */
416 mem_buf->data = NULL;
424 static pem_password_cb pass_pw;
425 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
427 OPENSSL_strlcpy(buf, userdata, size);
428 return strlen(userdata);
431 static int encode_EVP_PKEY_PVK(const char *file, const int line,
432 void **encoded, long *encoded_len,
433 void *object, int selection,
434 ossl_unused const char *output_type,
435 ossl_unused const char *output_structure,
437 ossl_unused const char *pcipher)
439 EVP_PKEY *pkey = object;
441 BUF_MEM *mem_buf = NULL;
442 int enc = (pass != NULL);
445 if (!TEST_FL_true(ossl_assert((selection
446 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
447 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
448 || !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc,
449 pass_pw, (void *)pass, testctx, testpropq), 0)
450 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
451 || !TEST_FL_ptr(*encoded = mem_buf->data)
452 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
455 /* Detach the encoded output */
456 mem_buf->data = NULL;
464 static int test_text(const char *file, const int line,
465 const void *data1, size_t data1_len,
466 const void *data2, size_t data2_len)
468 return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
471 static int test_mem(const char *file, const int line,
472 const void *data1, size_t data1_len,
473 const void *data2, size_t data2_len)
475 return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
478 /* Test cases and their dumpers / checkers */
480 static void collect_name(const char *name, void *arg)
482 char **namelist = arg;
486 space = strlen(name);
487 if (*namelist != NULL)
488 space += strlen(*namelist) + 2 /* for comma and space */;
489 space++; /* for terminating null byte */
491 new_namelist = OPENSSL_realloc(*namelist, space);
492 if (new_namelist == NULL)
494 if (*namelist != NULL) {
495 strcat(new_namelist, ", ");
496 strcat(new_namelist, name);
498 strcpy(new_namelist, name);
500 *namelist = new_namelist;
503 static void dump_der(const char *label, const void *data, size_t data_len)
505 test_output_memory(label, data, data_len);
508 static void dump_pem(const char *label, const void *data, size_t data_len)
510 test_output_string(label, data, data_len - 1);
513 static int check_unprotected_PKCS8_DER(const char *file, const int line,
515 const void *data, size_t data_len)
517 const unsigned char *datap = data;
518 PKCS8_PRIV_KEY_INFO *p8inf =
519 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
522 if (TEST_FL_ptr(p8inf)) {
523 EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq);
524 char *namelist = NULL;
526 if (TEST_FL_ptr(pkey)) {
527 if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
528 EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist);
529 if (namelist != NULL)
530 TEST_note("%s isn't any of %s", type, namelist);
531 OPENSSL_free(namelist);
533 ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey));
537 PKCS8_PRIV_KEY_INFO_free(p8inf);
541 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key, int fips)
543 return test_encode_decode(__FILE__, __LINE__, type, key,
544 OSSL_KEYMGMT_SELECT_KEYPAIR
545 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
546 "DER", "PrivateKeyInfo", NULL, NULL,
547 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
548 test_mem, check_unprotected_PKCS8_DER,
549 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
552 static int check_unprotected_PKCS8_PEM(const char *file, const int line,
554 const void *data, size_t data_len)
556 static const char expected_pem_header[] =
557 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
559 return TEST_FL_strn_eq(data, expected_pem_header,
560 sizeof(expected_pem_header) - 1);
563 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key, int fips)
565 return test_encode_decode(__FILE__, __LINE__, type, key,
566 OSSL_KEYMGMT_SELECT_KEYPAIR
567 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
568 "PEM", "PrivateKeyInfo", NULL, NULL,
569 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
570 test_text, check_unprotected_PKCS8_PEM,
571 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
574 #ifndef OPENSSL_NO_KEYPARAMS
575 static int check_params_DER(const char *file, const int line,
576 const char *type, const void *data, size_t data_len)
578 const unsigned char *datap = data;
580 int itype = NID_undef;
581 EVP_PKEY *pkey = NULL;
583 if (strcmp(type, "DH") == 0)
585 else if (strcmp(type, "X9.42 DH") == 0)
586 itype = EVP_PKEY_DHX;
587 else if (strcmp(type, "DSA") == 0)
588 itype = EVP_PKEY_DSA;
589 else if (strcmp(type, "EC") == 0)
592 if (itype != NID_undef) {
593 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
601 static int check_params_PEM(const char *file, const int line,
603 const void *data, size_t data_len)
605 static char expected_pem_header[80];
608 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
609 sizeof(expected_pem_header),
610 "-----BEGIN %s PARAMETERS-----", type), 0)
611 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
614 static int test_params_via_DER(const char *type, EVP_PKEY *key)
616 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
617 "DER", "type-specific", NULL, NULL,
618 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
619 test_mem, check_params_DER,
620 dump_der, FLAG_DECODE_WITH_TYPE);
623 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
625 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
626 "PEM", "type-specific", NULL, NULL,
627 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
628 test_text, check_params_PEM,
631 #endif /* !OPENSSL_NO_KEYPARAMS */
633 static int check_unprotected_legacy_PEM(const char *file, const int line,
635 const void *data, size_t data_len)
637 static char expected_pem_header[80];
640 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
641 sizeof(expected_pem_header),
642 "-----BEGIN %s PRIVATE KEY-----", type), 0)
643 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
646 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
648 if (!default_libctx || is_fips)
649 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
651 return test_encode_decode(__FILE__, __LINE__, type, key,
652 OSSL_KEYMGMT_SELECT_KEYPAIR
653 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
654 "PEM", "type-specific", NULL, NULL,
655 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
656 test_text, check_unprotected_legacy_PEM,
660 static int check_MSBLOB(const char *file, const int line,
661 const char *type, const void *data, size_t data_len)
663 const unsigned char *datap = data;
664 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
665 int ok = TEST_FL_ptr(pkey);
671 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
673 return test_encode_decode(__FILE__, __LINE__, type, key,
674 OSSL_KEYMGMT_SELECT_KEYPAIR
675 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
676 "MSBLOB", NULL, NULL, NULL,
677 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
678 test_mem, check_MSBLOB,
682 static int check_PVK(const char *file, const int line,
683 const char *type, const void *data, size_t data_len)
685 const unsigned char *in = data;
686 unsigned int saltlen = 0, keylen = 0;
687 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
692 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
694 return test_encode_decode(__FILE__, __LINE__, type, key,
695 OSSL_KEYMGMT_SELECT_KEYPAIR
696 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
697 "PVK", NULL, NULL, NULL,
698 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
703 static const char *pass_cipher = "AES-256-CBC";
704 static const char *pass = "the holy handgrenade of antioch";
706 static int check_protected_PKCS8_DER(const char *file, const int line,
708 const void *data, size_t data_len)
710 const unsigned char *datap = data;
711 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
712 int ok = TEST_FL_ptr(p8);
718 static int test_protected_via_DER(const char *type, EVP_PKEY *key, int fips)
720 return test_encode_decode(__FILE__, __LINE__, type, key,
721 OSSL_KEYMGMT_SELECT_KEYPAIR
722 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
723 "DER", "EncryptedPrivateKeyInfo",
725 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
726 test_mem, check_protected_PKCS8_DER,
727 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
730 static int check_protected_PKCS8_PEM(const char *file, const int line,
732 const void *data, size_t data_len)
734 static const char expected_pem_header[] =
735 "-----BEGIN " PEM_STRING_PKCS8 "-----";
737 return TEST_FL_strn_eq(data, expected_pem_header,
738 sizeof(expected_pem_header) - 1);
741 static int test_protected_via_PEM(const char *type, EVP_PKEY *key, int fips)
743 return test_encode_decode(__FILE__, __LINE__, type, key,
744 OSSL_KEYMGMT_SELECT_KEYPAIR
745 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
746 "PEM", "EncryptedPrivateKeyInfo",
748 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
749 test_text, check_protected_PKCS8_PEM,
750 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
753 static int check_protected_legacy_PEM(const char *file, const int line,
755 const void *data, size_t data_len)
757 static char expected_pem_header[80];
760 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
761 sizeof(expected_pem_header),
762 "-----BEGIN %s PRIVATE KEY-----", type), 0)
763 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
764 && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
767 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
769 if (!default_libctx || is_fips)
770 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
772 return test_encode_decode(__FILE__, __LINE__, type, key,
773 OSSL_KEYMGMT_SELECT_KEYPAIR
774 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
775 "PEM", "type-specific", pass, pass_cipher,
776 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
777 test_text, check_protected_legacy_PEM,
781 #ifndef OPENSSL_NO_RC4
782 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
785 OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
786 if (lgcyprov == NULL)
787 return TEST_skip("Legacy provider not available");
789 ret = test_encode_decode(__FILE__, __LINE__, type, key,
790 OSSL_KEYMGMT_SELECT_KEYPAIR
791 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
792 "PVK", NULL, pass, NULL,
793 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
794 test_mem, check_PVK, dump_der, 0);
795 OSSL_PROVIDER_unload(lgcyprov);
800 static int check_public_DER(const char *file, const int line,
801 const char *type, const void *data, size_t data_len)
803 const unsigned char *datap = data;
804 EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq);
805 int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
811 static int test_public_via_DER(const char *type, EVP_PKEY *key, int fips)
813 return test_encode_decode(__FILE__, __LINE__, type, key,
814 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
815 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
816 "DER", "SubjectPublicKeyInfo", NULL, NULL,
817 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
818 test_mem, check_public_DER, dump_der,
819 fips ? 0 : FLAG_FAIL_IF_FIPS);
822 static int check_public_PEM(const char *file, const int line,
823 const char *type, const void *data, size_t data_len)
825 static const char expected_pem_header[] =
826 "-----BEGIN " PEM_STRING_PUBLIC "-----";
829 TEST_FL_strn_eq(data, expected_pem_header,
830 sizeof(expected_pem_header) - 1);
833 static int test_public_via_PEM(const char *type, EVP_PKEY *key, int fips)
835 return test_encode_decode(__FILE__, __LINE__, type, key,
836 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
837 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
838 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
839 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
840 test_text, check_public_PEM, dump_pem,
841 fips ? 0 : FLAG_FAIL_IF_FIPS);
844 static int check_public_MSBLOB(const char *file, const int line,
846 const void *data, size_t data_len)
848 const unsigned char *datap = data;
849 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
850 int ok = TEST_FL_ptr(pkey);
856 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
858 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
859 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
860 "MSBLOB", NULL, NULL, NULL,
861 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
862 test_mem, check_public_MSBLOB, dump_der, 0);
865 #define KEYS(KEYTYPE) \
866 static EVP_PKEY *key_##KEYTYPE = NULL
867 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
869 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
870 #define FREE_KEYS(KEYTYPE) \
871 EVP_PKEY_free(key_##KEYTYPE); \
873 #define DOMAIN_KEYS(KEYTYPE) \
874 static EVP_PKEY *template_##KEYTYPE = NULL; \
875 static EVP_PKEY *key_##KEYTYPE = NULL
876 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
878 && TEST_ptr(template_##KEYTYPE = \
879 make_template(KEYTYPEstr, params)) \
880 && TEST_ptr(key_##KEYTYPE = \
881 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
882 #define FREE_DOMAIN_KEYS(KEYTYPE) \
883 EVP_PKEY_free(template_##KEYTYPE); \
884 EVP_PKEY_free(key_##KEYTYPE)
886 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \
887 static int test_unprotected_##KEYTYPE##_via_DER(void) \
889 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
891 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
893 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
895 static int test_protected_##KEYTYPE##_via_DER(void) \
897 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
899 static int test_protected_##KEYTYPE##_via_PEM(void) \
901 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
903 static int test_public_##KEYTYPE##_via_DER(void) \
905 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
907 static int test_public_##KEYTYPE##_via_PEM(void) \
909 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
912 #define ADD_TEST_SUITE(KEYTYPE) \
913 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
914 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
915 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
916 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
917 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
918 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
920 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
921 static int test_params_##KEYTYPE##_via_DER(void) \
923 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
925 static int test_params_##KEYTYPE##_via_PEM(void) \
927 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
930 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
931 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
932 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
934 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
935 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
938 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
940 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
943 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
946 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
947 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
948 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
950 #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
951 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
953 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
955 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
957 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
960 #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
961 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
962 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
964 #define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
965 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
967 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
969 # define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
970 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
971 #ifndef OPENSSL_NO_RC4
972 # define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
973 static int test_protected_##KEYTYPE##_via_PVK(void) \
975 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
977 # define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
978 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
981 #ifndef OPENSSL_NO_DH
983 IMPLEMENT_TEST_SUITE(DH, "DH", 1)
984 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
986 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1)
987 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
989 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
990 * so no legacy tests.
993 #ifndef OPENSSL_NO_DSA
995 IMPLEMENT_TEST_SUITE(DSA, "DSA", 1)
996 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
997 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
998 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
999 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
1000 # ifndef OPENSSL_NO_RC4
1001 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
1004 #ifndef OPENSSL_NO_EC
1006 IMPLEMENT_TEST_SUITE(EC, "EC", 1)
1007 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
1008 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
1009 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1010 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
1011 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
1012 DOMAIN_KEYS(ECExplicitPrime2G);
1013 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)
1014 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
1015 # ifndef OPENSSL_NO_EC2M
1016 DOMAIN_KEYS(ECExplicitTriNamedCurve);
1017 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
1018 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
1019 DOMAIN_KEYS(ECExplicitTri2G);
1020 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0)
1021 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
1024 IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1)
1026 IMPLEMENT_TEST_SUITE(ED448, "ED448", 1)
1028 IMPLEMENT_TEST_SUITE(X25519, "X25519", 1)
1030 IMPLEMENT_TEST_SUITE(X448, "X448", 1)
1032 * ED25519, ED448, X25519 and X448 have no support for
1033 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1037 IMPLEMENT_TEST_SUITE(RSA, "RSA", 1)
1038 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
1040 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1)
1042 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1043 * so no legacy tests.
1045 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
1046 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
1047 #ifndef OPENSSL_NO_RC4
1048 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1051 #ifndef OPENSSL_NO_EC
1052 /* Explicit parameters that match a named curve */
1053 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1054 const unsigned char *gen,
1057 BIGNUM *a, *b, *prime, *order;
1059 /* Curve prime256v1 */
1060 static const unsigned char prime_data[] = {
1061 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1062 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1063 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1064 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1067 static const unsigned char a_data[] = {
1068 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1069 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1070 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1071 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1074 static const unsigned char b_data[] = {
1075 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1076 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1077 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1078 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1080 static const unsigned char seed[] = {
1081 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1082 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1083 0x81, 0x9f, 0x7e, 0x90
1085 static const unsigned char order_data[] = {
1086 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1087 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1088 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1089 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1091 return TEST_ptr(a = BN_CTX_get(bnctx))
1092 && TEST_ptr(b = BN_CTX_get(bnctx))
1093 && TEST_ptr(prime = BN_CTX_get(bnctx))
1094 && TEST_ptr(order = BN_CTX_get(bnctx))
1095 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1096 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1097 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1098 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1099 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1100 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1102 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1103 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1104 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1105 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1106 OSSL_PKEY_PARAM_EC_ORDER, order))
1107 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1108 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1109 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1110 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1111 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1115 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1117 static const unsigned char prime256v1_gen[] = {
1119 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1120 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1121 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1122 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1123 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1124 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1125 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1126 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1128 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1129 sizeof(prime256v1_gen));
1132 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1135 static const unsigned char prime256v1_gen2[] = {
1137 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1138 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1139 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1140 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1141 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1142 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1143 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1144 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1146 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1147 sizeof(prime256v1_gen2));
1150 # ifndef OPENSSL_NO_EC2M
1151 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1152 const unsigned char *gen,
1155 BIGNUM *a, *b, *poly, *order, *cofactor;
1156 /* sect233k1 characteristic-two-field tpBasis */
1157 static const unsigned char poly_data[] = {
1158 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1159 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1160 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1162 static const unsigned char a_data[] = {
1163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1164 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1165 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1167 static const unsigned char b_data[] = {
1168 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1169 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1170 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1172 static const unsigned char order_data[] = {
1173 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1174 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1175 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1177 static const unsigned char cofactor_data[]= {
1180 return TEST_ptr(a = BN_CTX_get(bnctx))
1181 && TEST_ptr(b = BN_CTX_get(bnctx))
1182 && TEST_ptr(poly = BN_CTX_get(bnctx))
1183 && TEST_ptr(order = BN_CTX_get(bnctx))
1184 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1185 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1186 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1187 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1188 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1189 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1190 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1191 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1192 SN_X9_62_characteristic_two_field, 0))
1193 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1194 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1195 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1196 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1197 OSSL_PKEY_PARAM_EC_ORDER, order))
1198 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1199 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1200 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1204 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1206 static const unsigned char gen[] = {
1208 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1209 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1210 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1211 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1212 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1213 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1215 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1218 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1220 static const unsigned char gen2[] = {
1222 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1223 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1224 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1225 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1226 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1227 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1229 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1231 # endif /* OPENSSL_NO_EC2M */
1232 #endif /* OPENSSL_NO_EC */
1234 typedef enum OPTION_choice {
1245 const OPTIONS *test_get_options(void)
1247 static const OPTIONS options[] = {
1248 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1249 { "context", OPT_CONTEXT, '-',
1250 "Explicitly use a non-default library context" },
1251 { "rsa", OPT_RSA_FILE, '<',
1252 "PEM format RSA key file to encode/decode" },
1253 { "pss", OPT_RSA_PSS_FILE, '<',
1254 "PEM format RSA-PSS key file to encode/decode" },
1255 { "config", OPT_CONFIG_FILE, '<',
1256 "The configuration file to use for the library context" },
1257 { "provider", OPT_PROVIDER_NAME, 's',
1258 "The provider to load (The default value is 'default')" },
1264 int setup_tests(void)
1266 const char *rsa_file = NULL;
1267 const char *rsa_pss_file = NULL;
1268 const char *prov_name = "default";
1269 char *config_file = NULL;
1272 #ifndef OPENSSL_NO_DSA
1273 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1274 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1275 OSSL_PARAM DSA_params[] = {
1276 OSSL_PARAM_size_t("pbits", &pbits),
1277 OSSL_PARAM_size_t("qbits", &qbits),
1282 #ifndef OPENSSL_NO_EC
1283 static char groupname[] = "prime256v1";
1284 OSSL_PARAM EC_params[] = {
1285 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1292 while ((o = opt_next()) != OPT_EOF) {
1297 case OPT_PROVIDER_NAME:
1298 prov_name = opt_arg();
1300 case OPT_CONFIG_FILE:
1301 config_file = opt_arg();
1304 rsa_file = opt_arg();
1306 case OPT_RSA_PSS_FILE:
1307 rsa_pss_file = opt_arg();
1309 case OPT_TEST_CASES:
1316 if (strcmp(prov_name, "fips") == 0)
1319 if (default_libctx) {
1320 if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name))
1323 if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name))
1327 /* FIPS(3.0.0): provider imports explicit params but they won't work #17998 */
1328 is_fips_3_0_0 = fips_provider_version_eq(testctx, 3, 0, 0);
1329 if (is_fips_3_0_0 < 0)
1332 #ifdef STATIC_LEGACY
1334 * This test is always statically linked against libcrypto. We must not
1335 * attempt to load legacy.so that might be dynamically linked against
1336 * libcrypto. Instead we use a built-in version of the legacy provider.
1338 if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
1342 /* Separate provider/ctx for generating the test data */
1343 if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1345 if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default")))
1348 #ifndef OPENSSL_NO_EC
1349 if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx))
1350 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1351 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1352 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1353 || !create_ec_explicit_prime_params(bld_prime)
1354 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1355 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1356 # ifndef OPENSSL_NO_EC2M
1357 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1358 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1359 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1360 || !create_ec_explicit_trinomial_params(bld_tri)
1361 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1362 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1368 TEST_info("Generating keys...");
1370 #ifndef OPENSSL_NO_DH
1371 TEST_info("Generating DH keys...");
1372 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1373 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1375 #ifndef OPENSSL_NO_DSA
1376 TEST_info("Generating DSA keys...");
1377 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1379 #ifndef OPENSSL_NO_EC
1380 TEST_info("Generating EC keys...");
1381 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1382 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1383 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1384 # ifndef OPENSSL_NO_EC2M
1385 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1386 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1388 MAKE_KEYS(ED25519, "ED25519", NULL);
1389 MAKE_KEYS(ED448, "ED448", NULL);
1390 MAKE_KEYS(X25519, "X25519", NULL);
1391 MAKE_KEYS(X448, "X448", NULL);
1393 TEST_info("Loading RSA key...");
1394 ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx));
1395 TEST_info("Loading RSA_PSS key...");
1396 ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx));
1397 TEST_info("Generating keys done");
1400 #ifndef OPENSSL_NO_DH
1402 ADD_TEST_SUITE_PARAMS(DH);
1403 ADD_TEST_SUITE(DHX);
1404 ADD_TEST_SUITE_PARAMS(DHX);
1406 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1407 * so no legacy tests.
1410 #ifndef OPENSSL_NO_DSA
1411 ADD_TEST_SUITE(DSA);
1412 ADD_TEST_SUITE_PARAMS(DSA);
1413 ADD_TEST_SUITE_LEGACY(DSA);
1414 ADD_TEST_SUITE_MSBLOB(DSA);
1415 ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1416 # ifndef OPENSSL_NO_RC4
1417 ADD_TEST_SUITE_PROTECTED_PVK(DSA);
1420 #ifndef OPENSSL_NO_EC
1422 ADD_TEST_SUITE_PARAMS(EC);
1423 ADD_TEST_SUITE_LEGACY(EC);
1424 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1425 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1426 ADD_TEST_SUITE(ECExplicitPrime2G);
1427 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1428 # ifndef OPENSSL_NO_EC2M
1429 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1430 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1431 ADD_TEST_SUITE(ECExplicitTri2G);
1432 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1434 ADD_TEST_SUITE(ED25519);
1435 ADD_TEST_SUITE(ED448);
1436 ADD_TEST_SUITE(X25519);
1437 ADD_TEST_SUITE(X448);
1439 * ED25519, ED448, X25519 and X448 have no support for
1440 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1443 ADD_TEST_SUITE(RSA);
1444 ADD_TEST_SUITE_LEGACY(RSA);
1445 ADD_TEST_SUITE(RSA_PSS);
1447 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1448 * so no legacy tests.
1450 ADD_TEST_SUITE_MSBLOB(RSA);
1451 ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1452 # ifndef OPENSSL_NO_RC4
1453 ADD_TEST_SUITE_PROTECTED_PVK(RSA);
1460 void cleanup_tests(void)
1462 #ifndef OPENSSL_NO_EC
1463 OSSL_PARAM_free(ec_explicit_prime_params_nc);
1464 OSSL_PARAM_free(ec_explicit_prime_params_explicit);
1465 OSSL_PARAM_BLD_free(bld_prime_nc);
1466 OSSL_PARAM_BLD_free(bld_prime);
1467 # ifndef OPENSSL_NO_EC2M
1468 OSSL_PARAM_free(ec_explicit_tri_params_nc);
1469 OSSL_PARAM_free(ec_explicit_tri_params_explicit);
1470 OSSL_PARAM_BLD_free(bld_tri_nc);
1471 OSSL_PARAM_BLD_free(bld_tri);
1474 #endif /* OPENSSL_NO_EC */
1476 #ifndef OPENSSL_NO_DH
1477 FREE_DOMAIN_KEYS(DH);
1478 FREE_DOMAIN_KEYS(DHX);
1480 #ifndef OPENSSL_NO_DSA
1481 FREE_DOMAIN_KEYS(DSA);
1483 #ifndef OPENSSL_NO_EC
1484 FREE_DOMAIN_KEYS(EC);
1485 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1486 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1487 # ifndef OPENSSL_NO_EC2M
1488 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1489 FREE_DOMAIN_KEYS(ECExplicitTri2G);
1499 OSSL_PROVIDER_unload(nullprov);
1500 OSSL_PROVIDER_unload(deflprov);
1501 OSSL_PROVIDER_unload(keyprov);
1502 OSSL_LIB_CTX_free(testctx);
1503 OSSL_LIB_CTX_free(keyctx);