2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
25 #include "helpers/predefined_dhparams.h"
28 /* Extended test macros to allow passing file & line number */
29 #define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
30 #define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
31 #define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
32 #define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
33 #define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
34 #define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
35 #define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
36 #define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
37 #define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
39 #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
40 # define OPENSSL_NO_KEYPARAMS
44 static BN_CTX *bnctx = NULL;
45 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
46 static OSSL_PARAM_BLD *bld_prime = NULL;
47 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
48 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
50 # ifndef OPENSSL_NO_EC2M
51 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
52 static OSSL_PARAM_BLD *bld_tri = NULL;
53 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
54 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
58 #ifndef OPENSSL_NO_KEYPARAMS
59 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
61 EVP_PKEY *pkey = NULL;
62 EVP_PKEY_CTX *ctx = NULL;
64 # ifndef OPENSSL_NO_DH
66 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
67 * for testing only. Use a minimum key size of 2048 for security purposes.
69 if (strcmp(type, "DH") == 0)
70 return get_dh512(NULL);
71 if (strcmp(type, "X9.42 DH") == 0)
72 return get_dhx512(NULL);
76 * No real need to check the errors other than for the cascade
77 * effect. |pkey| will simply remain NULL if something goes wrong.
79 (void)((ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL)) != NULL
80 && EVP_PKEY_paramgen_init(ctx) > 0
82 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
83 && EVP_PKEY_gen(ctx, &pkey) > 0);
84 EVP_PKEY_CTX_free(ctx);
90 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
91 OSSL_PARAM *genparams)
93 EVP_PKEY *pkey = NULL;
96 ? EVP_PKEY_CTX_new(template, NULL)
97 : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
100 * No real need to check the errors other than for the cascade
101 * effect. |pkey| will simply remain NULL if something goes wrong.
104 && EVP_PKEY_keygen_init(ctx) > 0
105 && (genparams == NULL
106 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
107 && EVP_PKEY_keygen(ctx, &pkey) > 0);
108 EVP_PKEY_CTX_free(ctx);
112 /* Main test driver */
114 typedef int (encoder)(const char *file, const int line,
115 void **encoded, long *encoded_len,
116 void *object, int selection,
117 const char *output_type, const char *output_structure,
118 const char *pass, const char *pcipher);
119 typedef int (decoder)(const char *file, const int line,
120 void **object, void *encoded, long encoded_len,
121 const char *input_type, const char *structure_type,
122 const char *keytype, int selection, const char *pass);
123 typedef int (tester)(const char *file, const int line,
124 const void *data1, size_t data1_len,
125 const void *data2, size_t data2_len);
126 typedef int (checker)(const char *file, const int line,
127 const char *type, const void *data, size_t data_len);
128 typedef void (dumper)(const char *label, const void *data, size_t data_len);
130 #define FLAG_DECODE_WITH_TYPE 0x0001
132 static int test_encode_decode(const char *file, const int line,
133 const char *type, EVP_PKEY *pkey,
134 int selection, const char *output_type,
135 const char *output_structure,
136 const char *pass, const char *pcipher,
137 encoder *encode_cb, decoder *decode_cb,
138 tester *test_cb, checker *check_cb,
139 dumper *dump_cb, int flags)
141 void *encoded = NULL;
142 long encoded_len = 0;
143 EVP_PKEY *pkey2 = NULL;
144 void *encoded2 = NULL;
145 long encoded2_len = 0;
149 * Encode |pkey|, decode the result into |pkey2|, and finish off by
150 * encoding |pkey2| as well. That last encoding is for checking and
153 if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
154 output_type, output_structure, pass, pcipher))
155 || !TEST_true(check_cb(file, line, type, encoded, encoded_len))
156 || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
157 output_type, output_structure,
158 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
160 || !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
161 output_type, output_structure, pass, pcipher)))
164 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
165 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
168 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
173 * Double check the encoding, but only for unprotected keys,
174 * as protected keys have a random component, which makes the output
177 if ((pass == NULL && pcipher == NULL)
178 && !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
184 if (encoded != NULL && encoded_len != 0)
185 dump_cb("|pkey| encoded", encoded, encoded_len);
186 if (encoded2 != NULL && encoded2_len != 0)
187 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
190 OPENSSL_free(encoded);
191 OPENSSL_free(encoded2);
192 EVP_PKEY_free(pkey2);
196 /* Encoding and decoding methods */
198 static int encode_EVP_PKEY_prov(const char *file, const int line,
199 void **encoded, long *encoded_len,
200 void *object, int selection,
201 const char *output_type,
202 const char *output_structure,
203 const char *pass, const char *pcipher)
205 EVP_PKEY *pkey = object;
206 OSSL_ENCODER_CTX *ectx = NULL;
208 BUF_MEM *mem_buf = NULL;
209 const unsigned char *upass = (const unsigned char *)pass;
212 if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
216 || !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
218 && !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
221 && !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
222 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
223 || !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
224 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
225 || !TEST_FL_ptr(*encoded = mem_buf->data)
226 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
229 /* Detach the encoded output */
230 mem_buf->data = NULL;
235 OSSL_ENCODER_CTX_free(ectx);
239 static int decode_EVP_PKEY_prov(const char *file, const int line,
240 void **object, void *encoded, long encoded_len,
241 const char *input_type,
242 const char *structure_type,
243 const char *keytype, int selection,
246 EVP_PKEY *pkey = NULL, *testpkey = NULL;
247 OSSL_DECODER_CTX *dctx = NULL;
248 BIO *encoded_bio = NULL;
249 const unsigned char *upass = (const unsigned char *)pass;
254 if (strcmp(input_type, "DER") == 0)
259 if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
263 * We attempt the decode 3 times. The first time we provide the expected
264 * starting input type. The second time we provide NULL for the starting
265 * type. The third time we provide a bad starting input type.
266 * The bad starting input type should fail. The other two should succeed
267 * and produce the same result.
269 for (i = 0; i < 3; i++) {
270 const char *testtype = (i == 0) ? input_type
271 : ((i == 1) ? NULL : badtype);
273 if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
280 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
281 || !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
282 /* We expect to fail when using a bad input type */
283 || !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
286 OSSL_DECODER_CTX_free(dctx);
293 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
294 if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
297 if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
308 EVP_PKEY_free(testpkey);
309 BIO_free(encoded_bio);
310 OSSL_DECODER_CTX_free(dctx);
314 static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
315 void **encoded, long *encoded_len,
316 void *object, ossl_unused int selection,
317 ossl_unused const char *output_type,
318 ossl_unused const char *output_structure,
319 const char *pass, const char *pcipher)
321 EVP_PKEY *pkey = object;
322 EVP_CIPHER *cipher = NULL;
324 BUF_MEM *mem_buf = NULL;
325 const unsigned char *upass = (const unsigned char *)pass;
329 if (pcipher != NULL && pass != NULL) {
330 passlen = strlen(pass);
331 if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
334 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
335 || !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
339 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
340 || !TEST_FL_ptr(*encoded = mem_buf->data)
341 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
344 /* Detach the encoded output */
345 mem_buf->data = NULL;
350 EVP_CIPHER_free(cipher);
354 static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
355 void **encoded, long *encoded_len,
356 void *object, int selection,
357 ossl_unused const char *output_type,
358 ossl_unused const char *output_structure,
359 ossl_unused const char *pass,
360 ossl_unused const char *pcipher)
362 EVP_PKEY *pkey = object;
364 BUF_MEM *mem_buf = NULL;
367 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
370 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
371 if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
374 if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
378 if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
379 || !TEST_FL_ptr(*encoded = mem_buf->data)
380 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
383 /* Detach the encoded output */
384 mem_buf->data = NULL;
392 static pem_password_cb pass_pw;
393 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
395 OPENSSL_strlcpy(buf, userdata, size);
396 return strlen(userdata);
399 static int encode_EVP_PKEY_PVK(const char *file, const int line,
400 void **encoded, long *encoded_len,
401 void *object, int selection,
402 ossl_unused const char *output_type,
403 ossl_unused const char *output_structure,
405 ossl_unused const char *pcipher)
407 EVP_PKEY *pkey = object;
409 BUF_MEM *mem_buf = NULL;
410 int enc = (pass != NULL);
413 if (!TEST_FL_true(ossl_assert((selection
414 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
415 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
416 || !TEST_FL_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
417 pass_pw, (void *)pass), 0)
418 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
419 || !TEST_FL_ptr(*encoded = mem_buf->data)
420 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
423 /* Detach the encoded output */
424 mem_buf->data = NULL;
432 static int test_text(const char *file, const int line,
433 const void *data1, size_t data1_len,
434 const void *data2, size_t data2_len)
436 return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
439 static int test_mem(const char *file, const int line,
440 const void *data1, size_t data1_len,
441 const void *data2, size_t data2_len)
443 return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
446 /* Test cases and their dumpers / checkers */
448 static void collect_name(const char *name, void *arg)
450 char **namelist = arg;
454 space = strlen(name);
455 if (*namelist != NULL)
456 space += strlen(*namelist) + 2 /* for comma and space */;
457 space++; /* for terminating null byte */
459 new_namelist = OPENSSL_realloc(*namelist, space);
460 if (new_namelist == NULL)
462 if (*namelist != NULL) {
463 strcat(new_namelist, ", ");
464 strcat(new_namelist, name);
466 strcpy(new_namelist, name);
468 *namelist = new_namelist;
471 static void dump_der(const char *label, const void *data, size_t data_len)
473 test_output_memory(label, data, data_len);
476 static void dump_pem(const char *label, const void *data, size_t data_len)
478 test_output_string(label, data, data_len - 1);
481 static int check_unprotected_PKCS8_DER(const char *file, const int line,
483 const void *data, size_t data_len)
485 const unsigned char *datap = data;
486 PKCS8_PRIV_KEY_INFO *p8inf =
487 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
490 if (TEST_FL_ptr(p8inf)) {
491 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
492 char *namelist = NULL;
494 if (TEST_FL_ptr(pkey)) {
495 if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
496 EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist);
497 if (namelist != NULL)
498 TEST_note("%s isn't any of %s", type, namelist);
499 OPENSSL_free(namelist);
504 PKCS8_PRIV_KEY_INFO_free(p8inf);
508 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
510 return test_encode_decode(__FILE__, __LINE__, type, key,
511 OSSL_KEYMGMT_SELECT_KEYPAIR
512 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
513 "DER", "pkcs8", NULL, NULL,
514 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
515 test_mem, check_unprotected_PKCS8_DER,
519 static int check_unprotected_PKCS8_PEM(const char *file, const int line,
521 const void *data, size_t data_len)
523 static const char expected_pem_header[] =
524 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
526 return TEST_FL_strn_eq(data, expected_pem_header,
527 sizeof(expected_pem_header) - 1);
530 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
532 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_KEYPAIR
533 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
534 "PEM", "pkcs8", NULL, NULL,
535 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
536 test_text, check_unprotected_PKCS8_PEM,
540 #ifndef OPENSSL_NO_KEYPARAMS
541 static int check_params_DER(const char *file, const int line,
542 const char *type, const void *data, size_t data_len)
544 const unsigned char *datap = data;
546 int itype = NID_undef;
547 EVP_PKEY *pkey = NULL;
549 if (strcmp(type, "DH") == 0)
551 else if (strcmp(type, "X9.42 DH") == 0)
552 itype = EVP_PKEY_DHX;
553 else if (strcmp(type, "DSA") == 0)
554 itype = EVP_PKEY_DSA;
555 else if (strcmp(type, "EC") == 0)
558 if (itype != NID_undef) {
559 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
567 static int check_params_PEM(const char *file, const int line,
569 const void *data, size_t data_len)
571 static char expected_pem_header[80];
574 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
575 sizeof(expected_pem_header),
576 "-----BEGIN %s PARAMETERS-----", type), 0)
577 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
580 static int test_params_via_DER(const char *type, EVP_PKEY *key)
582 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
583 "DER", "type-specific", NULL, NULL,
584 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
585 test_mem, check_params_DER,
586 dump_der, FLAG_DECODE_WITH_TYPE);
589 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
591 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
592 "PEM", "type-specific", NULL, NULL,
593 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
594 test_text, check_params_PEM,
597 #endif /* !OPENSSL_NO_KEYPARAMS */
599 static int check_unprotected_legacy_PEM(const char *file, const int line,
601 const void *data, size_t data_len)
603 static char expected_pem_header[80];
606 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
607 sizeof(expected_pem_header),
608 "-----BEGIN %s PRIVATE KEY-----", type), 0)
609 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
612 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
614 return test_encode_decode(__FILE__, __LINE__, type, key,
615 OSSL_KEYMGMT_SELECT_KEYPAIR
616 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
617 "PEM", "type-specific", NULL, NULL,
618 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
619 test_text, check_unprotected_legacy_PEM,
623 static int check_MSBLOB(const char *file, const int line,
624 const char *type, const void *data, size_t data_len)
626 const unsigned char *datap = data;
627 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
628 int ok = TEST_FL_ptr(pkey);
634 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
636 return test_encode_decode(__FILE__, __LINE__, type, key,
637 OSSL_KEYMGMT_SELECT_KEYPAIR
638 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
639 "MSBLOB", NULL, NULL, NULL,
640 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
641 test_mem, check_MSBLOB,
645 static int check_PVK(const char *file, const int line,
646 const char *type, const void *data, size_t data_len)
648 const unsigned char *in = data;
649 unsigned int saltlen = 0, keylen = 0;
650 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
655 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
657 return test_encode_decode(__FILE__, __LINE__, type, key,
658 OSSL_KEYMGMT_SELECT_KEYPAIR
659 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
660 "PVK", NULL, NULL, NULL,
661 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
666 static const char *pass_cipher = "AES-256-CBC";
667 static const char *pass = "the holy handgrenade of antioch";
669 static int check_protected_PKCS8_DER(const char *file, const int line,
671 const void *data, size_t data_len)
673 const unsigned char *datap = data;
674 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
675 int ok = TEST_FL_ptr(p8);
681 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
683 return test_encode_decode(__FILE__, __LINE__, type, key,
684 OSSL_KEYMGMT_SELECT_KEYPAIR
685 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
686 "DER", "pkcs8", pass, pass_cipher,
687 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
688 test_mem, check_protected_PKCS8_DER,
692 static int check_protected_PKCS8_PEM(const char *file, const int line,
694 const void *data, size_t data_len)
696 static const char expected_pem_header[] =
697 "-----BEGIN " PEM_STRING_PKCS8 "-----";
699 return TEST_FL_strn_eq(data, expected_pem_header,
700 sizeof(expected_pem_header) - 1);
703 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
705 return test_encode_decode(__FILE__, __LINE__, type, key,
706 OSSL_KEYMGMT_SELECT_KEYPAIR
707 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
708 "PEM", "pkcs8", pass, pass_cipher,
709 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
710 test_text, check_protected_PKCS8_PEM,
714 static int check_protected_legacy_PEM(const char *file, const int line,
716 const void *data, size_t data_len)
718 static char expected_pem_header[80];
721 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
722 sizeof(expected_pem_header),
723 "-----BEGIN %s PRIVATE KEY-----", type), 0)
724 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
725 && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
728 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
730 return test_encode_decode(__FILE__, __LINE__, type, key,
731 OSSL_KEYMGMT_SELECT_KEYPAIR
732 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
733 "PEM", "type-specific", pass, pass_cipher,
734 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
735 test_text, check_protected_legacy_PEM,
739 #ifndef OPENSSL_NO_RC4
740 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
742 return test_encode_decode(__FILE__, __LINE__, type, key,
743 OSSL_KEYMGMT_SELECT_KEYPAIR
744 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
745 "PVK", NULL, pass, NULL,
746 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
747 test_mem, check_PVK, dump_der, 0);
751 static int check_public_DER(const char *file, const int line,
752 const char *type, const void *data, size_t data_len)
754 const unsigned char *datap = data;
755 EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
756 int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
762 static int test_public_via_DER(const char *type, EVP_PKEY *key)
764 return test_encode_decode(__FILE__, __LINE__, type, key,
765 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
766 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
767 "DER", "SubjectPublicKeyInfo", NULL, NULL,
768 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
769 test_mem, check_public_DER, dump_der, 0);
772 static int check_public_PEM(const char *file, const int line,
773 const char *type, const void *data, size_t data_len)
775 static const char expected_pem_header[] =
776 "-----BEGIN " PEM_STRING_PUBLIC "-----";
779 TEST_FL_strn_eq(data, expected_pem_header,
780 sizeof(expected_pem_header) - 1);
783 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
785 return test_encode_decode(__FILE__, __LINE__, type, key,
786 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
787 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
788 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
789 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
790 test_text, check_public_PEM, dump_pem, 0);
793 static int check_public_MSBLOB(const char *file, const int line,
795 const void *data, size_t data_len)
797 const unsigned char *datap = data;
798 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
799 int ok = TEST_FL_ptr(pkey);
805 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
807 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
808 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
809 "MSBLOB", NULL, NULL, NULL,
810 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
811 test_mem, check_public_MSBLOB, dump_der, 0);
814 #define KEYS(KEYTYPE) \
815 static EVP_PKEY *key_##KEYTYPE = NULL
816 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
818 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
819 #define FREE_KEYS(KEYTYPE) \
820 EVP_PKEY_free(key_##KEYTYPE); \
822 #define DOMAIN_KEYS(KEYTYPE) \
823 static EVP_PKEY *template_##KEYTYPE = NULL; \
824 static EVP_PKEY *key_##KEYTYPE = NULL
825 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
827 && TEST_ptr(template_##KEYTYPE = \
828 make_template(KEYTYPEstr, params)) \
829 && TEST_ptr(key_##KEYTYPE = \
830 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
831 #define FREE_DOMAIN_KEYS(KEYTYPE) \
832 EVP_PKEY_free(template_##KEYTYPE); \
833 EVP_PKEY_free(key_##KEYTYPE)
835 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
836 static int test_unprotected_##KEYTYPE##_via_DER(void) \
838 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
840 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
842 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
844 static int test_protected_##KEYTYPE##_via_DER(void) \
846 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
848 static int test_protected_##KEYTYPE##_via_PEM(void) \
850 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
852 static int test_public_##KEYTYPE##_via_DER(void) \
854 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
856 static int test_public_##KEYTYPE##_via_PEM(void) \
858 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
861 #define ADD_TEST_SUITE(KEYTYPE) \
862 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
863 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
864 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
865 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
866 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
867 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
869 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
870 static int test_params_##KEYTYPE##_via_DER(void) \
872 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
874 static int test_params_##KEYTYPE##_via_PEM(void) \
876 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
879 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
880 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
881 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
883 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
884 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
887 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
889 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
892 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
895 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
896 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
897 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
899 #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
900 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
902 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
904 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
906 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
909 #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
910 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
911 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
913 #define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
914 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
916 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
918 # define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
919 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
920 #ifndef OPENSSL_NO_RC4
921 # define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
922 static int test_protected_##KEYTYPE##_via_PVK(void) \
924 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
926 # define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
927 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
930 #ifndef OPENSSL_NO_DH
932 IMPLEMENT_TEST_SUITE(DH, "DH")
933 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
935 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
936 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
938 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
939 * so no legacy tests.
942 #ifndef OPENSSL_NO_DSA
944 IMPLEMENT_TEST_SUITE(DSA, "DSA")
945 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
946 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
947 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
948 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
949 # ifndef OPENSSL_NO_RC4
950 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
953 #ifndef OPENSSL_NO_EC
955 IMPLEMENT_TEST_SUITE(EC, "EC")
956 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
957 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
958 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
959 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
960 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
961 DOMAIN_KEYS(ECExplicitPrime2G);
962 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
963 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
964 # ifndef OPENSSL_NO_EC2M
965 DOMAIN_KEYS(ECExplicitTriNamedCurve);
966 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
967 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
968 DOMAIN_KEYS(ECExplicitTri2G);
969 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
970 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
973 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
975 IMPLEMENT_TEST_SUITE(ED448, "ED448")
977 IMPLEMENT_TEST_SUITE(X25519, "X25519")
979 IMPLEMENT_TEST_SUITE(X448, "X448")
981 * ED25519, ED448, X25519 and X448 have no support for
982 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
986 IMPLEMENT_TEST_SUITE(RSA, "RSA")
987 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
989 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
991 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
992 * so no legacy tests.
994 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
995 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
996 #ifndef OPENSSL_NO_RC4
997 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1000 #ifndef OPENSSL_NO_EC
1001 /* Explicit parameters that match a named curve */
1002 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1003 const unsigned char *gen,
1006 BIGNUM *a, *b, *prime, *order;
1008 /* Curve prime256v1 */
1009 static const unsigned char prime_data[] = {
1010 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1011 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1012 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1013 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1016 static const unsigned char a_data[] = {
1017 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1018 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1019 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1020 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1023 static const unsigned char b_data[] = {
1024 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1025 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1026 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1027 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1029 static const unsigned char seed[] = {
1030 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1031 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1032 0x81, 0x9f, 0x7e, 0x90
1034 static const unsigned char order_data[] = {
1035 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1036 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1037 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1038 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1040 return TEST_ptr(a = BN_CTX_get(bnctx))
1041 && TEST_ptr(b = BN_CTX_get(bnctx))
1042 && TEST_ptr(prime = BN_CTX_get(bnctx))
1043 && TEST_ptr(order = BN_CTX_get(bnctx))
1044 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1045 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1046 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1047 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1048 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1049 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1051 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1052 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1053 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1054 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1055 OSSL_PKEY_PARAM_EC_ORDER, order))
1056 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1057 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1058 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1059 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1060 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1064 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1066 static const unsigned char prime256v1_gen[] = {
1068 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1069 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1070 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1071 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1072 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1073 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1074 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1075 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1077 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1078 sizeof(prime256v1_gen));
1081 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1084 static const unsigned char prime256v1_gen2[] = {
1086 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1087 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1088 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1089 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1090 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1091 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1092 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1093 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1095 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1096 sizeof(prime256v1_gen2));
1099 # ifndef OPENSSL_NO_EC2M
1100 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1101 const unsigned char *gen,
1104 BIGNUM *a, *b, *poly, *order, *cofactor;
1105 /* sect233k1 characteristic-two-field tpBasis */
1106 static const unsigned char poly_data[] = {
1107 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1109 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1111 static const unsigned char a_data[] = {
1112 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1113 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1114 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1116 static const unsigned char b_data[] = {
1117 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1118 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1119 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1121 static const unsigned char order_data[] = {
1122 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1123 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1124 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1126 static const unsigned char cofactor_data[]= {
1129 return TEST_ptr(a = BN_CTX_get(bnctx))
1130 && TEST_ptr(b = BN_CTX_get(bnctx))
1131 && TEST_ptr(poly = BN_CTX_get(bnctx))
1132 && TEST_ptr(order = BN_CTX_get(bnctx))
1133 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1134 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1135 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1136 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1137 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1138 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1139 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1140 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1141 SN_X9_62_characteristic_two_field, 0))
1142 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1143 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1144 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1145 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1146 OSSL_PKEY_PARAM_EC_ORDER, order))
1147 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1148 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1149 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1153 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1155 static const unsigned char gen[] = {
1157 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1158 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1159 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1160 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1161 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1162 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1164 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1167 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1169 static const unsigned char gen2[] = {
1171 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1172 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1173 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1174 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1175 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1176 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1178 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1180 # endif /* OPENSSL_NO_EC2M */
1181 #endif /* OPENSSL_NO_EC */
1183 int setup_tests(void)
1185 # ifndef OPENSSL_NO_RC4
1186 int use_legacy = OSSL_PROVIDER_available(NULL, "legacy");
1190 #ifndef OPENSSL_NO_DSA
1191 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1192 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1193 OSSL_PARAM DSA_params[] = {
1194 OSSL_PARAM_size_t("pbits", &pbits),
1195 OSSL_PARAM_size_t("qbits", &qbits),
1200 #ifndef OPENSSL_NO_EC
1201 static char groupname[] = "prime256v1";
1202 OSSL_PARAM EC_params[] = {
1203 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1208 /* 7 is the default magic number */
1209 static unsigned int rsapss_min_saltlen = 7;
1210 OSSL_PARAM RSA_PSS_params[] = {
1211 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
1215 #ifndef OPENSSL_NO_EC
1216 if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
1217 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1218 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1219 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1220 || !create_ec_explicit_prime_params(bld_prime)
1221 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1222 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1223 # ifndef OPENSSL_NO_EC2M
1224 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1225 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1226 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1227 || !create_ec_explicit_trinomial_params(bld_tri)
1228 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1229 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1235 TEST_info("Generating keys...");
1237 #ifndef OPENSSL_NO_DH
1238 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1239 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1240 TEST_info("Generating keys...DH done");
1242 #ifndef OPENSSL_NO_DSA
1243 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1244 TEST_info("Generating keys...DSA done");
1246 #ifndef OPENSSL_NO_EC
1247 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1248 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1249 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1250 # ifndef OPENSSL_NO_EC2M
1251 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1252 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1254 MAKE_KEYS(ED25519, "ED25519", NULL);
1255 MAKE_KEYS(ED448, "ED448", NULL);
1256 MAKE_KEYS(X25519, "X25519", NULL);
1257 MAKE_KEYS(X448, "X448", NULL);
1258 TEST_info("Generating keys...EC done");
1260 MAKE_KEYS(RSA, "RSA", NULL);
1261 TEST_info("Generating keys...RSA done");
1262 MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1263 TEST_info("Generating keys...RSA_PSS done");
1266 #ifndef OPENSSL_NO_DH
1268 ADD_TEST_SUITE_PARAMS(DH);
1269 ADD_TEST_SUITE(DHX);
1270 ADD_TEST_SUITE_PARAMS(DHX);
1272 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1273 * so no legacy tests.
1276 #ifndef OPENSSL_NO_DSA
1277 ADD_TEST_SUITE(DSA);
1278 ADD_TEST_SUITE_PARAMS(DSA);
1279 ADD_TEST_SUITE_LEGACY(DSA);
1280 ADD_TEST_SUITE_MSBLOB(DSA);
1281 ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1282 # ifndef OPENSSL_NO_RC4
1284 ADD_TEST_SUITE_PROTECTED_PVK(DSA);
1288 #ifndef OPENSSL_NO_EC
1290 ADD_TEST_SUITE_PARAMS(EC);
1291 ADD_TEST_SUITE_LEGACY(EC);
1292 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1293 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1294 ADD_TEST_SUITE(ECExplicitPrime2G);
1295 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1296 # ifndef OPENSSL_NO_EC2M
1297 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1298 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1299 ADD_TEST_SUITE(ECExplicitTri2G);
1300 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1302 ADD_TEST_SUITE(ED25519);
1303 ADD_TEST_SUITE(ED448);
1304 ADD_TEST_SUITE(X25519);
1305 ADD_TEST_SUITE(X448);
1307 * ED25519, ED448, X25519 and X448 have no support for
1308 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1311 ADD_TEST_SUITE(RSA);
1312 ADD_TEST_SUITE_LEGACY(RSA);
1313 ADD_TEST_SUITE(RSA_PSS);
1315 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1316 * so no legacy tests.
1318 ADD_TEST_SUITE_MSBLOB(RSA);
1319 ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1320 # ifndef OPENSSL_NO_RC4
1322 ADD_TEST_SUITE_PROTECTED_PVK(RSA);
1330 void cleanup_tests(void)
1332 #ifndef OPENSSL_NO_EC
1333 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1334 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1335 OSSL_PARAM_BLD_free(bld_prime_nc);
1336 OSSL_PARAM_BLD_free(bld_prime);
1337 # ifndef OPENSSL_NO_EC2M
1338 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1339 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1340 OSSL_PARAM_BLD_free(bld_tri_nc);
1341 OSSL_PARAM_BLD_free(bld_tri);
1344 #endif /* OPENSSL_NO_EC */
1346 #ifndef OPENSSL_NO_DH
1347 FREE_DOMAIN_KEYS(DH);
1348 FREE_DOMAIN_KEYS(DHX);
1350 #ifndef OPENSSL_NO_DSA
1351 FREE_DOMAIN_KEYS(DSA);
1353 #ifndef OPENSSL_NO_EC
1354 FREE_DOMAIN_KEYS(EC);
1355 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1356 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1357 # ifndef OPENSSL_NO_EC2M
1358 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1359 FREE_DOMAIN_KEYS(ECExplicitTri2G);