2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
26 * Do not change the order of the following defines unless you also
27 * update the for loop bounds used inside test_print_key_using_encoder() and
28 * test_print_key_using_encoder_public().
37 static void stripcr(char *buf, size_t *len)
42 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
53 static int compare_with_file(const char *alg, int type, BIO *membio)
58 char *memdata, *fullfile = NULL;
91 TEST_error("Invalid file type");
95 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
96 fullfile = test_mk_file_path(datadir, filename);
97 if (!TEST_ptr(fullfile))
100 file = BIO_new_file(fullfile, "rb");
104 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
105 || !TEST_true(BIO_eof(file))
106 || !TEST_size_t_lt(readbytes, sizeof(buf)))
109 len = BIO_get_mem_data(membio, &memdata);
110 if (!TEST_int_gt(len, 0))
114 if (type != PRIV_DER && type != PUB_DER) {
115 stripcr(memdata, &slen);
116 stripcr(buf, &readbytes);
119 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
124 OPENSSL_free(fullfile);
125 (void)BIO_reset(membio);
130 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
132 BIO *membio = BIO_new(BIO_s_mem());
135 if (!TEST_ptr(membio))
138 if (/* Output Encrypted private key in PEM form */
139 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
140 (unsigned char *)"pass", 4,
142 /* Private key in text form */
143 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
144 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
145 /* Public key in PEM form */
146 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
147 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
148 /* Unencrypted private key in PEM form */
149 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
150 NULL, NULL, 0, NULL, NULL))
151 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
160 static int test_print_key_type_using_encoder(const char *alg, int type,
163 const char *output_type, *output_structure;
165 OSSL_ENCODER_CTX *ctx = NULL;
166 BIO *membio = BIO_new(BIO_s_mem());
171 output_type = "TEXT";
172 output_structure = NULL;
173 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
174 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
179 output_structure = "pkcs8";
180 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
181 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
186 output_structure = "pkcs8";
187 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
188 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
192 output_type = "TEXT";
193 output_structure = NULL;
194 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
195 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
200 output_structure = "SubjectPublicKeyInfo";
201 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
202 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
207 output_structure = "SubjectPublicKeyInfo";
208 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
209 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
213 TEST_error("Invalid encoding type");
217 if (!TEST_ptr(membio))
220 /* Make a context, it's valid for several prints */
221 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
222 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pk, selection,
226 /* Check that this operation is supported */
227 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
230 /* Use no cipher. This should give us an unencrypted PEM */
231 TEST_note("Testing with no encryption");
232 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
233 || !TEST_true(compare_with_file(alg, type, membio)))
236 if (type == PRIV_PEM) {
237 /* Set a passphrase to be used later */
238 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
239 (unsigned char *)"pass",
243 /* Use a valid cipher name */
244 TEST_note("Displaying PEM encrypted with AES-256-CBC");
245 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
246 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
249 /* Use an invalid cipher name, which should generate no output */
250 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
251 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
252 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
255 /* Clear the cipher. This should give us an unencrypted PEM again */
256 TEST_note("Testing with encryption cleared (no encryption)");
257 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
258 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
259 || !TEST_true(compare_with_file(alg, type, membio)))
265 OSSL_ENCODER_CTX_free(ctx);
269 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
274 for (i = PRIV_TEXT; i <= PUB_DER; i++)
275 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
280 #ifndef OPENSSL_NO_EC
281 static int test_print_key_using_encoder_public(const char *alg,
287 for (i = PUB_TEXT; i <= PUB_DER; i++)
288 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
294 /* Array indexes used in test_fromdata_rsa */
304 static int test_fromdata_rsa(void)
307 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
308 EVP_PKEY *pk = NULL, *copy_pk = NULL;
310 * 32-bit RSA key, extracted from this command,
311 * executed with OpenSSL 1.0.2:
313 * openssl genrsa 32 | openssl rsa -text
315 static unsigned long key_numbers[] = {
325 OSSL_PARAM fromdata_params[] = {
326 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
327 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
328 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
329 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
330 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
331 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
332 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
333 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
336 BIGNUM *bn = BN_new();
337 BIGNUM *bn_from = BN_new();
339 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
342 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
343 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
344 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
345 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
346 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
349 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
352 if (!TEST_true(EVP_PKEY_check(key_ctx))
353 || !TEST_true(EVP_PKEY_public_check(key_ctx))
354 || !TEST_true(EVP_PKEY_private_check(key_ctx))
355 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
358 /* EVP_PKEY_copy_parameters() should fail for RSA */
359 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
360 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
363 for (i = 0; fromdata_params[i].key != NULL; ++i) {
364 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
365 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
366 || !TEST_BN_eq(bn, bn_from))
369 ret = test_print_key_using_pem("RSA", pk)
370 && test_print_key_using_encoder("RSA", pk);
375 EVP_PKEY_free(copy_pk);
376 EVP_PKEY_CTX_free(key_ctx);
377 EVP_PKEY_CTX_free(ctx);
382 static int test_evp_pkey_get_bn_param_large(void)
385 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
387 OSSL_PARAM_BLD *bld = NULL;
388 OSSL_PARAM *fromdata_params = NULL;
389 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
391 * The buffer size chosen here for n_data larger than the buffer used
392 * internally in EVP_PKEY_get_bn_param.
394 static unsigned char n_data[2050];
395 static const unsigned char e_data[] = {
398 static const unsigned char d_data[]= {
399 0x99, 0x33, 0x13, 0x7b
402 /* N is a large buffer */
403 memset(n_data, 0xCE, sizeof(n_data));
405 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
406 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
407 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
408 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
409 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
410 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
411 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
412 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
413 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
414 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
415 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
416 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
417 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
418 || !TEST_BN_eq(n, n_out))
427 EVP_PKEY_CTX_free(key_ctx);
428 EVP_PKEY_CTX_free(ctx);
429 OSSL_PARAM_BLD_free_params(fromdata_params);
430 OSSL_PARAM_BLD_free(bld);
435 #ifndef OPENSSL_NO_DH
436 static int test_fromdata_dh_named_group(void)
439 int gindex = 0, pcounter = 0, hindex = 0;
440 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
441 EVP_PKEY *pk = NULL, *copy_pk = NULL;
443 BIGNUM *pub = NULL, *priv = NULL;
444 BIGNUM *pub_out = NULL, *priv_out = NULL;
445 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
446 OSSL_PARAM *fromdata_params = NULL;
447 OSSL_PARAM_BLD *bld = NULL;
449 unsigned char seed_out[32];
452 * DH key data was generated using the following:
453 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
454 * -pkeyopt priv_len:224 -text
456 static const unsigned char priv_data[] = {
457 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
458 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
459 0x87, 0xe8, 0xa9, 0x7b,
461 static const unsigned char pub_data[] = {
462 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
463 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
464 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
465 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
466 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
467 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
468 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
469 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
470 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
471 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
472 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
473 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
474 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
475 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
476 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
477 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
478 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
479 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
480 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
481 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
482 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
483 0xcf, 0x33, 0x42, 0x83, 0x42
485 static const char group_name[] = "ffdhe2048";
486 static const long priv_len = 224;
488 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
489 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
490 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
491 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
492 OSSL_PKEY_PARAM_GROUP_NAME,
494 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
496 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
497 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
498 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
501 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
504 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
505 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
506 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
507 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
508 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
511 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
512 name_out, sizeof(name_out),
514 || !TEST_str_eq(name_out, group_name)
515 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
518 || !TEST_BN_eq(pub, pub_out)
519 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
521 || !TEST_BN_eq(priv, priv_out)
522 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
523 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
524 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
526 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
527 || !TEST_BN_eq(&_bignum_const_2, g)
528 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
531 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
532 OSSL_PKEY_PARAM_FFC_SEED,
534 sizeof(seed_out), &len))
535 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
537 || !TEST_int_eq(gindex, -1)
538 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
539 || !TEST_int_eq(hindex, 0)
540 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
542 || !TEST_int_eq(pcounter, -1))
545 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
548 if (!TEST_true(EVP_PKEY_check(key_ctx))
549 || !TEST_true(EVP_PKEY_public_check(key_ctx))
550 || !TEST_true(EVP_PKEY_private_check(key_ctx))
551 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
554 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
555 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
558 ret = test_print_key_using_pem("DH", pk)
559 && test_print_key_using_encoder("DH", pk);
569 EVP_PKEY_free(copy_pk);
571 EVP_PKEY_CTX_free(ctx);
572 EVP_PKEY_CTX_free(key_ctx);
573 OSSL_PARAM_BLD_free_params(fromdata_params);
574 OSSL_PARAM_BLD_free(bld);
579 static int test_fromdata_dh_fips186_4(void)
582 int gindex = 0, pcounter = 0, hindex = 0;
583 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
586 BIGNUM *pub = NULL, *priv = NULL;
587 BIGNUM *pub_out = NULL, *priv_out = NULL;
588 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
589 OSSL_PARAM_BLD *bld = NULL;
590 OSSL_PARAM *fromdata_params = NULL;
592 unsigned char seed_out[32];
595 * DH key data was generated using the following:
596 * openssl genpkey -algorithm DH
597 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
599 static const unsigned char priv_data[] = {
600 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
601 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
602 0x87, 0xe8, 0xa9, 0x7b,
604 static const unsigned char pub_data[] = {
605 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
606 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
607 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
608 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
609 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
610 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
611 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
612 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
613 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
614 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
615 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
616 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
617 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
618 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
619 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
620 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
621 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
622 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
623 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
624 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
625 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
626 0x33, 0x42, 0x83, 0x42
628 static const char group_name[] = "ffdhe2048";
629 static const long priv_len = 224;
632 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
633 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
634 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
635 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
636 OSSL_PKEY_PARAM_GROUP_NAME,
638 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
640 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
641 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
642 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
645 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
648 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
649 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
650 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
651 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
652 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
655 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
656 name_out, sizeof(name_out),
658 || !TEST_str_eq(name_out, group_name)
659 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
661 || !TEST_BN_eq(pub, pub_out)
662 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
664 || !TEST_BN_eq(priv, priv_out)
665 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
666 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
667 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
669 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
670 || !TEST_BN_eq(&_bignum_const_2, g)
671 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
674 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
675 OSSL_PKEY_PARAM_FFC_SEED,
677 sizeof(seed_out), &len))
678 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
680 || !TEST_int_eq(gindex, -1)
681 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
682 || !TEST_int_eq(hindex, 0)
683 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
685 || !TEST_int_eq(pcounter, -1))
688 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
691 if (!TEST_true(EVP_PKEY_check(key_ctx))
692 || !TEST_true(EVP_PKEY_public_check(key_ctx))
693 || !TEST_true(EVP_PKEY_private_check(key_ctx))
694 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
697 ret = test_print_key_using_pem("DH", pk)
698 && test_print_key_using_encoder("DH", pk);
709 EVP_PKEY_CTX_free(ctx);
710 EVP_PKEY_CTX_free(key_ctx);
711 OSSL_PARAM_BLD_free_params(fromdata_params);
712 OSSL_PARAM_BLD_free(bld);
721 #ifndef OPENSSL_NO_EC
722 /* Array indexes used in test_fromdata_ecx */
726 # define X25519_IDX 0
728 # define ED25519_IDX 2
732 * tst uses indexes 0 ... (3 * 4 - 1)
733 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
734 * 0..3 = public + private key.
735 * 4..7 = private key (This will generate the public key from the private key)
738 static int test_fromdata_ecx(int tst)
741 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
742 EVP_PKEY *pk = NULL, *copy_pk = NULL;
743 const char *alg = NULL;
745 unsigned char out_pub[ED448_KEYLEN];
746 unsigned char out_priv[ED448_KEYLEN];
747 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
749 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
750 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
751 /* X25519: Keys from RFC 7748 6.1 */
755 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
756 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
757 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
762 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
763 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
764 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
768 /* X448: Keys from RFC 7748 6.2 */
772 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
773 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
774 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
775 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
776 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
777 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
781 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
782 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
783 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
784 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
785 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
786 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
789 /* ED25519: Keys from RFC 8032 */
793 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
794 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
795 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
800 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
801 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
802 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
806 /* ED448: Keys from RFC 8032 */
810 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
811 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
812 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
813 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
814 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
815 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
819 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
820 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
821 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
822 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
823 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
824 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
828 OSSL_PARAM x25519_fromdata_params[] = {
829 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
830 key_numbers[X25519_IDX][PRIV_KEY],
832 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
833 key_numbers[X25519_IDX][PUB_KEY],
837 OSSL_PARAM x448_fromdata_params[] = {
838 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
839 key_numbers[X448_IDX][PRIV_KEY],
841 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
842 key_numbers[X448_IDX][PUB_KEY],
846 OSSL_PARAM ed25519_fromdata_params[] = {
847 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
848 key_numbers[ED25519_IDX][PRIV_KEY],
850 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
851 key_numbers[ED25519_IDX][PUB_KEY],
855 OSSL_PARAM ed448_fromdata_params[] = {
856 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
857 key_numbers[ED448_IDX][PRIV_KEY],
859 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
860 key_numbers[ED448_IDX][PUB_KEY],
864 OSSL_PARAM *fromdata_params = NULL;
865 int bits = 0, security_bits = 0, size = 0;
866 OSSL_PARAM *orig_fromdata_params = NULL;
870 fromdata_params = x25519_fromdata_params;
872 security_bits = X25519_SECURITY_BITS;
873 size = X25519_KEYLEN;
878 fromdata_params = x448_fromdata_params;
880 security_bits = X448_SECURITY_BITS;
886 fromdata_params = ed25519_fromdata_params;
888 security_bits = ED25519_SECURITY_BITS;
889 size = ED25519_KEYLEN;
894 fromdata_params = ed448_fromdata_params;
896 security_bits = ED448_SECURITY_BITS;
904 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
908 orig_fromdata_params = fromdata_params;
910 /* public key only */
912 } else if (tst > 3) {
913 /* private key only */
914 params[0] = fromdata_params[0];
915 params[1] = fromdata_params[2];
916 fromdata_params = params;
919 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
920 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
921 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
922 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
923 || !TEST_int_eq(EVP_PKEY_size(pk), size))
926 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
929 if (!TEST_true(EVP_PKEY_check(ctx2)))
931 if (!TEST_true(EVP_PKEY_get_octet_string_param(
932 pk, orig_fromdata_params[PRIV_KEY].key,
933 out_priv, sizeof(out_priv), &len))
934 || !TEST_mem_eq(out_priv, len,
935 orig_fromdata_params[PRIV_KEY].data,
936 orig_fromdata_params[PRIV_KEY].data_size)
937 || !TEST_true(EVP_PKEY_get_octet_string_param(
938 pk, orig_fromdata_params[PUB_KEY].key,
939 out_pub, sizeof(out_pub), &len))
940 || !TEST_mem_eq(out_pub, len,
941 orig_fromdata_params[PUB_KEY].data,
942 orig_fromdata_params[PUB_KEY].data_size))
945 /* The private key check should fail if there is only a public key */
946 if (!TEST_true(EVP_PKEY_public_check(ctx2))
947 || !TEST_false(EVP_PKEY_private_check(ctx2))
948 || !TEST_false(EVP_PKEY_check(ctx2)))
952 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
953 /* This should succeed because there are no parameters to copy */
954 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
958 ret = test_print_key_using_encoder_public(alg, pk);
960 ret = test_print_key_using_pem(alg, pk)
961 && test_print_key_using_encoder(alg, pk);
965 EVP_PKEY_free(copy_pk);
966 EVP_PKEY_CTX_free(ctx);
967 EVP_PKEY_CTX_free(ctx2);
974 static int test_fromdata_ec(void)
977 EVP_PKEY_CTX *ctx = NULL;
978 EVP_PKEY *pk = NULL, *copy_pk = NULL;
979 OSSL_PARAM_BLD *bld = NULL;
980 BIGNUM *ec_priv_bn = NULL;
981 BIGNUM *bn_priv = NULL;
982 OSSL_PARAM *fromdata_params = NULL;
983 const char *alg = "EC";
984 const char *curve = "prime256v1";
985 /* UNCOMPRESSED FORMAT */
986 static const unsigned char ec_pub_keydata[] = {
987 POINT_CONVERSION_UNCOMPRESSED,
988 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
989 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
990 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
991 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
992 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
993 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
994 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
995 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
997 static const unsigned char ec_priv_keydata[] = {
998 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
999 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1000 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1001 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1003 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1004 unsigned char out_pub[sizeof(ec_pub_keydata)];
1005 char out_curve_name[80];
1006 const OSSL_PARAM *gettable = NULL;
1010 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1012 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1013 sizeof(ec_priv_keydata), NULL)))
1016 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1019 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1021 sizeof(ec_pub_keydata)) <= 0)
1023 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1025 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1027 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1031 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1032 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1033 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
1034 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
1035 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
1038 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1039 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1042 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1043 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME))
1044 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
1045 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
1048 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1049 out_curve_name, sizeof(out_curve_name),
1051 || !TEST_str_eq(out_curve_name, curve)
1052 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1053 out_pub, sizeof(out_pub), &len)
1054 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1055 || !TEST_mem_eq(out_pub + 1, len - 1,
1056 ec_pub_keydata + 1, compressed_sz - 1)
1057 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1059 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1062 ret = test_print_key_using_pem(alg, pk)
1063 && test_print_key_using_encoder(alg, pk);
1066 BN_free(ec_priv_bn);
1067 OSSL_PARAM_BLD_free_params(fromdata_params);
1068 OSSL_PARAM_BLD_free(bld);
1070 EVP_PKEY_free(copy_pk);
1071 EVP_PKEY_CTX_free(ctx);
1075 static int test_ec_dup_no_operation(void)
1078 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1079 EVP_PKEY *param = NULL, *pkey = NULL;
1081 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1082 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1083 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1084 NID_X9_62_prime256v1), 0)
1085 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1086 || !TEST_ptr(param))
1089 EVP_PKEY_CTX_free(pctx);
1092 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1093 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1094 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1095 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1099 EVP_PKEY_free(pkey);
1100 EVP_PKEY_free(param);
1101 EVP_PKEY_CTX_free(ctx);
1102 EVP_PKEY_CTX_free(kctx);
1103 EVP_PKEY_CTX_free(pctx);
1107 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1108 static int test_ec_dup_keygen_operation(void)
1111 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1112 EVP_PKEY *param = NULL, *pkey = NULL;
1114 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1115 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1116 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1117 NID_X9_62_prime256v1), 0)
1118 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0)
1119 || !TEST_ptr(param))
1122 EVP_PKEY_CTX_free(pctx);
1125 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1126 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1127 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1131 EVP_PKEY_free(pkey);
1132 EVP_PKEY_free(param);
1133 EVP_PKEY_CTX_free(ctx);
1134 EVP_PKEY_CTX_free(kctx);
1135 EVP_PKEY_CTX_free(pctx);
1139 #endif /* OPENSSL_NO_EC */
1141 #ifndef OPENSSL_NO_DSA
1142 static int test_fromdata_dsa_fips186_4(void)
1145 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1146 EVP_PKEY *pk = NULL, *copy_pk = NULL;
1147 BIGNUM *pub = NULL, *priv = NULL;
1148 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1149 BIGNUM *pub_out = NULL, *priv_out = NULL;
1150 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1151 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1153 unsigned char seed_out[32];
1155 OSSL_PARAM_BLD *bld = NULL;
1156 OSSL_PARAM *fromdata_params = NULL;
1159 * DSA parameter data was generated using the following:
1160 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1161 * -pkeyopt qbits:256 -pkeyopt type:0 \
1162 * -pkeyopt gindex:1 -out dsa_params.pem -text
1164 static const unsigned char p_data[] = {
1165 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1166 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1167 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1168 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1169 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1170 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1171 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1172 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1173 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1174 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1175 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1176 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1177 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1178 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1179 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1180 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1181 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1182 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1183 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1184 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1185 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1186 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1188 static const unsigned char q_data[] = {
1189 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1190 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1191 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1193 static const unsigned char g_data[] = {
1194 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1195 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1196 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1197 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1198 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1199 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1200 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1201 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1202 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1203 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1204 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1205 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1206 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1207 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1208 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1209 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1210 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1211 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1212 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1213 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1214 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1215 0x02, 0x6f, 0x96, 0x36
1217 static const unsigned char seed_data[] = {
1218 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1219 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1220 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1222 const int gindex = 1;
1223 const int pcounter = 53;
1225 * The keypair was generated using
1226 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1227 * -pkeyopt gindex:1 \
1228 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1230 static const unsigned char priv_data[] = {
1231 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1232 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1233 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1235 static const unsigned char pub_data[] = {
1236 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1237 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1238 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1239 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1240 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1241 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1242 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1243 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1244 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1245 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1246 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1247 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1248 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1249 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1250 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1251 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1252 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1253 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1254 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1255 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1256 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1257 0x48, 0xd1, 0x8a, 0xbd
1260 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1261 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1262 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1263 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1264 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1265 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1267 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1268 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1269 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1270 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1271 OSSL_PKEY_PARAM_FFC_SEED,
1274 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1276 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1277 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1279 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1281 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1283 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1286 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1289 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1290 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1291 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1292 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1293 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1296 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1297 name_out, sizeof(name_out),
1299 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1301 || !TEST_BN_eq(pub, pub_out)
1302 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1304 || !TEST_BN_eq(priv, priv_out)
1305 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1306 || !TEST_BN_eq(p, p_out)
1307 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1308 || !TEST_BN_eq(q, q_out)
1309 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1310 || !TEST_BN_eq(g, g_out)
1311 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1313 || !TEST_ptr_null(j_out)
1314 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1315 OSSL_PKEY_PARAM_FFC_SEED,
1316 seed_out, sizeof(seed_out),
1318 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1320 || !TEST_int_eq(gindex, gindex_out)
1321 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1323 || !TEST_int_eq(hindex_out, 0)
1324 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1326 || !TEST_int_eq(pcounter, pcounter_out))
1329 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1332 if (!TEST_true(EVP_PKEY_check(key_ctx))
1333 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1334 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1335 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1338 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1339 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1342 ret = test_print_key_using_pem("DSA", pk)
1343 && test_print_key_using_encoder("DSA", pk);
1345 OSSL_PARAM_BLD_free_params(fromdata_params);
1346 OSSL_PARAM_BLD_free(bld);
1359 EVP_PKEY_free(copy_pk);
1360 EVP_PKEY_CTX_free(ctx);
1361 EVP_PKEY_CTX_free(key_ctx);
1366 static int test_check_dsa(void)
1369 EVP_PKEY_CTX *ctx = NULL;
1371 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1372 || !TEST_false(EVP_PKEY_check(ctx))
1373 || !TEST_false(EVP_PKEY_public_check(ctx))
1374 || !TEST_false(EVP_PKEY_private_check(ctx))
1375 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1380 EVP_PKEY_CTX_free(ctx);
1384 #endif /* OPENSSL_NO_DSA */
1387 int setup_tests(void)
1389 if (!test_skip_common_options()) {
1390 TEST_error("Error parsing test options\n");
1394 if (!TEST_ptr(datadir = test_get_argument(0)))
1397 ADD_TEST(test_evp_pkey_get_bn_param_large);
1398 ADD_TEST(test_fromdata_rsa);
1399 #ifndef OPENSSL_NO_DH
1400 ADD_TEST(test_fromdata_dh_fips186_4);
1401 ADD_TEST(test_fromdata_dh_named_group);
1403 #ifndef OPENSSL_NO_DSA
1404 ADD_TEST(test_check_dsa);
1405 ADD_TEST(test_fromdata_dsa_fips186_4);
1407 #ifndef OPENSSL_NO_EC
1408 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1409 ADD_TEST(test_fromdata_ec);
1410 ADD_TEST(test_ec_dup_no_operation);
1411 ADD_TEST(test_ec_dup_keygen_operation);