2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/rsa.h>
14 #include <openssl/x509.h>
15 #include <openssl/serializer.h>
16 #include <openssl/deserializer.h>
18 #include "internal/cryptlib.h" /* ossl_assert */
23 * TODO(3.0) Modify PEM_write_bio_PrivateKey_traditional() to handle
24 * provider side EVP_PKEYs (which don't necessarily have an ameth)
26 * In the mean time, we use separate "downgraded" EVP_PKEYs to test
27 * serializing/deserializing with "traditional" keys.
30 static EVP_PKEY *key_RSA = NULL;
31 static EVP_PKEY *legacy_key_RSA = NULL;
32 static EVP_PKEY *key_RSA_PSS = NULL;
33 static EVP_PKEY *legacy_key_RSA_PSS = NULL;
35 static EVP_PKEY *make_RSA(const char *rsa_type, int make_legacy)
37 EVP_PKEY *pkey = NULL;
38 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, rsa_type, NULL);
41 * No real need to check the errors other than for the cascade
42 * effect. |pkey| will imply remain NULL if something goes wrong.
45 && EVP_PKEY_keygen_init(ctx) > 0
46 && EVP_PKEY_keygen(ctx, &pkey) > 0);
47 EVP_PKEY_CTX_free(ctx);
48 if (make_legacy && EVP_PKEY_get0(pkey) == NULL) {
56 /* Main test driver */
58 typedef int (serializer)(void **serialized, long *serialized_len,
60 const char *pass, const char *pcipher,
61 const char *ser_propq);
62 typedef int (deserializer)(void **object,
63 void *serialized, long serialized_len,
64 const char *pass, const char *pcipher);
65 typedef int (checker)(const char *type, const void *data, size_t data_len);
66 typedef void (dumper)(const char *label, const void *data, size_t data_len);
68 static int test_serialize_deserialize(const char *type, EVP_PKEY *pkey,
69 const char *pass, const char *pcipher,
70 serializer *serialize_cb,
71 deserializer *deserialize_cb,
72 checker *check_cb, dumper *dump_cb,
73 const char *ser_propq, int make_legacy)
75 void *serialized = NULL;
76 long serialized_len = 0;
77 EVP_PKEY *pkey2 = NULL;
78 void *serialized2 = NULL;
79 long serialized2_len = 0;
82 if (!serialize_cb(&serialized, &serialized_len, pkey,
83 pass, pcipher, ser_propq)
84 || !check_cb(type, serialized, serialized_len)
85 || !deserialize_cb((void **)&pkey2, serialized, serialized_len,
87 || !TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
91 * TODO(3.0) Remove this when PEM_write_bio_PrivateKey_traditional()
92 * handles provider side keys.
95 && !TEST_ptr(EVP_PKEY_get0(pkey2)))
99 * Double check the serialization, but only for unprotected keys,
100 * as protected keys have a random component, which makes the output
103 if ((pass == NULL && pcipher == NULL)
104 && (!serialize_cb(&serialized2, &serialized2_len, pkey2,
105 pass, pcipher, ser_propq)
106 || !TEST_mem_eq(serialized, serialized_len,
107 serialized2, serialized2_len)))
113 dump_cb("serialized result", serialized, serialized_len);
115 OPENSSL_free(serialized);
116 OPENSSL_free(serialized2);
117 EVP_PKEY_free(pkey2);
121 /* Serializing and desserializing methods */
123 static int serialize_EVP_PKEY_prov(void **serialized, long *serialized_len,
125 const char *pass, const char *pcipher,
126 const char *ser_propq)
128 EVP_PKEY *pkey = object;
129 OSSL_SERIALIZER_CTX *sctx = NULL;
131 BUF_MEM *mem_buf = NULL;
132 const unsigned char *upass = (const unsigned char *)pass;
135 if (!TEST_ptr(sctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pkey, ser_propq))
137 && !TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(sctx, upass,
140 && !TEST_true(OSSL_SERIALIZER_CTX_set_cipher(sctx, pcipher, NULL)))
141 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
142 || !TEST_true(OSSL_SERIALIZER_to_bio(sctx, mem_ser))
143 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
144 || !TEST_ptr(*serialized = mem_buf->data)
145 || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
148 /* Detach the serialized output */
149 mem_buf->data = NULL;
154 OSSL_SERIALIZER_CTX_free(sctx);
158 static int deserialize_EVP_PKEY_prov(void **object,
159 void *serialized, long serialized_len,
160 const char *pass, const char *pcipher)
162 EVP_PKEY *pkey = NULL;
163 OSSL_DESERIALIZER_CTX *dctx = NULL;
164 BIO *mem_deser = NULL;
165 const unsigned char *upass = (const unsigned char *)pass;
168 if (!TEST_ptr(dctx = OSSL_DESERIALIZER_CTX_new_by_EVP_PKEY(&pkey, NULL,
171 && !OSSL_DESERIALIZER_CTX_set_passphrase(dctx, upass,
174 && !OSSL_DESERIALIZER_CTX_set_cipher(dctx, pcipher, NULL))
175 || !TEST_ptr(mem_deser = BIO_new_mem_buf(serialized, serialized_len))
176 || !TEST_true(OSSL_DESERIALIZER_from_bio(dctx, mem_deser)))
182 OSSL_DESERIALIZER_CTX_free(dctx);
186 static int serialize_EVP_PKEY_legacy_PEM(void **serialized,
187 long *serialized_len,
189 const char *pass, const char *pcipher,
190 ossl_unused const char *ser_propq)
192 EVP_PKEY *pkey = object;
193 EVP_CIPHER *cipher = NULL;
195 BUF_MEM *mem_buf = NULL;
196 const unsigned char *upass = (const unsigned char *)pass;
200 if (pcipher != NULL && pass != NULL) {
201 passlen = strlen(pass);
202 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
205 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
206 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
210 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
211 || !TEST_ptr(*serialized = mem_buf->data)
212 || !TEST_long_gt(*serialized_len = mem_buf->length, 0))
215 /* Detach the serialized output */
216 mem_buf->data = NULL;
221 EVP_CIPHER_free(cipher);
225 /* Test cases and their dumpers / checkers */
227 static void dump_der(const char *label, const void *data, size_t data_len)
229 test_output_memory(label, data, data_len);
232 static void dump_pem(const char *label, const void *data, size_t data_len)
234 test_output_string(label, data, data_len - 1);
237 static int check_unprotected_PKCS8_DER(const char *type,
238 const void *data, size_t data_len)
240 const unsigned char *datap = data;
241 PKCS8_PRIV_KEY_INFO *p8inf =
242 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
245 if (TEST_ptr(p8inf)) {
246 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
248 ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
251 PKCS8_PRIV_KEY_INFO_free(p8inf);
255 static int test_unprotected_RSA_via_DER(void)
257 return test_serialize_deserialize("RSA", key_RSA, NULL, NULL,
258 serialize_EVP_PKEY_prov,
259 deserialize_EVP_PKEY_prov,
260 check_unprotected_PKCS8_DER, dump_der,
261 OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
265 static int test_unprotected_RSA_PSS_via_DER(void)
267 return test_serialize_deserialize("RSA-PSS", key_RSA_PSS, NULL, NULL,
268 serialize_EVP_PKEY_prov,
269 deserialize_EVP_PKEY_prov,
270 check_unprotected_PKCS8_DER, dump_der,
271 OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
275 static int check_unprotected_PKCS8_PEM(const char *type,
276 const void *data, size_t data_len)
278 static const char pem_header[] = "-----BEGIN " PEM_STRING_PKCS8INF "-----";
280 return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
283 static int test_unprotected_RSA_via_PEM(void)
285 return test_serialize_deserialize("RSA", key_RSA, NULL, NULL,
286 serialize_EVP_PKEY_prov,
287 deserialize_EVP_PKEY_prov,
288 check_unprotected_PKCS8_PEM, dump_pem,
289 OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
293 static int test_unprotected_RSA_PSS_via_PEM(void)
295 return test_serialize_deserialize("RSA-PSS", key_RSA_PSS, NULL, NULL,
296 serialize_EVP_PKEY_prov,
297 deserialize_EVP_PKEY_prov,
298 check_unprotected_PKCS8_PEM, dump_pem,
299 OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
303 static int check_unprotected_legacy_PEM(const char *type,
304 const void *data, size_t data_len)
306 static char pem_header[80];
309 TEST_int_gt(BIO_snprintf(pem_header, sizeof(pem_header),
310 "-----BEGIN %s PRIVATE KEY-----", type), 0)
311 && TEST_strn_eq(data, pem_header, strlen(pem_header));
314 static int test_unprotected_RSA_via_legacy_PEM(void)
316 return test_serialize_deserialize("RSA", legacy_key_RSA, NULL, NULL,
317 serialize_EVP_PKEY_legacy_PEM,
318 deserialize_EVP_PKEY_prov,
319 check_unprotected_legacy_PEM, dump_pem,
323 static int test_unprotected_RSA_PSS_via_legacy_PEM(void)
325 return test_serialize_deserialize("RSA-PSS", legacy_key_RSA_PSS, NULL, NULL,
326 serialize_EVP_PKEY_legacy_PEM,
327 deserialize_EVP_PKEY_prov,
328 check_unprotected_legacy_PEM, dump_pem,
332 static const char *pass_cipher = "AES-256-CBC";
333 static const char *pass = "the holy handgrenade of antioch";
335 static int check_protected_PKCS8_DER(const char *type,
336 const void *data, size_t data_len)
338 const unsigned char *datap = data;
339 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
340 int ok = TEST_ptr(p8);
346 static int test_protected_RSA_via_DER(void)
348 return test_serialize_deserialize("RSA", key_RSA, pass, pass_cipher,
349 serialize_EVP_PKEY_prov,
350 deserialize_EVP_PKEY_prov,
351 check_protected_PKCS8_DER, dump_der,
352 OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
356 static int test_protected_RSA_PSS_via_DER(void)
358 return test_serialize_deserialize("RSA", key_RSA, pass, pass_cipher,
359 serialize_EVP_PKEY_prov,
360 deserialize_EVP_PKEY_prov,
361 check_protected_PKCS8_DER, dump_der,
362 OSSL_SERIALIZER_PrivateKey_TO_DER_PQ,
366 static int check_protected_PKCS8_PEM(const char *type,
367 const void *data, size_t data_len)
369 static const char pem_header[] = "-----BEGIN " PEM_STRING_PKCS8 "-----";
371 return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
374 static int test_protected_RSA_via_PEM(void)
376 return test_serialize_deserialize("RSA", key_RSA, pass, pass_cipher,
377 serialize_EVP_PKEY_prov,
378 deserialize_EVP_PKEY_prov,
379 check_protected_PKCS8_PEM, dump_pem,
380 OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
384 static int test_protected_RSA_PSS_via_PEM(void)
386 return test_serialize_deserialize("RSA-PSS", key_RSA_PSS, pass, pass_cipher,
387 serialize_EVP_PKEY_prov,
388 deserialize_EVP_PKEY_prov,
389 check_protected_PKCS8_PEM, dump_pem,
390 OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ,
394 static int check_protected_legacy_PEM(const char *type,
395 const void *data, size_t data_len)
397 static char pem_header[80];
400 TEST_int_gt(BIO_snprintf(pem_header, sizeof(pem_header),
401 "-----BEGIN %s PRIVATE KEY-----", type), 0)
402 && TEST_strn_eq(data, pem_header, strlen(pem_header))
403 && TEST_ptr(strstr(data, "\nDEK-Info: "));
406 static int test_protected_RSA_via_legacy_PEM(void)
408 return test_serialize_deserialize("RSA", legacy_key_RSA, pass, pass_cipher,
409 serialize_EVP_PKEY_legacy_PEM,
410 deserialize_EVP_PKEY_prov,
411 check_protected_legacy_PEM, dump_pem,
415 static int test_protected_RSA_PSS_via_legacy_PEM(void)
417 return test_serialize_deserialize("RSA-PSS", legacy_key_RSA_PSS,
419 serialize_EVP_PKEY_legacy_PEM,
420 deserialize_EVP_PKEY_prov,
421 check_protected_legacy_PEM, dump_pem,
425 int setup_tests(void)
427 TEST_info("Generating keys...");
428 if (!TEST_ptr(key_RSA = make_RSA("RSA", 0))
429 || !TEST_ptr(legacy_key_RSA = make_RSA("RSA", 1))
430 || !TEST_ptr(key_RSA_PSS = make_RSA("RSA-PSS", 0))
431 || !TEST_ptr(legacy_key_RSA_PSS = make_RSA("RSA-PSS", 1))) {
432 EVP_PKEY_free(key_RSA);
433 EVP_PKEY_free(legacy_key_RSA);
434 EVP_PKEY_free(key_RSA_PSS);
435 EVP_PKEY_free(legacy_key_RSA_PSS);
438 TEST_info("Generating key... done");
440 ADD_TEST(test_unprotected_RSA_via_DER);
441 ADD_TEST(test_unprotected_RSA_via_PEM);
442 ADD_TEST(test_unprotected_RSA_via_legacy_PEM);
443 ADD_TEST(test_protected_RSA_via_DER);
444 ADD_TEST(test_protected_RSA_via_PEM);
445 ADD_TEST(test_protected_RSA_via_legacy_PEM);
446 ADD_TEST(test_unprotected_RSA_PSS_via_DER);
447 ADD_TEST(test_unprotected_RSA_PSS_via_PEM);
448 ADD_TEST(test_unprotected_RSA_PSS_via_legacy_PEM);
449 ADD_TEST(test_protected_RSA_PSS_via_DER);
450 ADD_TEST(test_protected_RSA_PSS_via_PEM);
451 ADD_TEST(test_protected_RSA_PSS_via_legacy_PEM);