2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) x, sizeof(x)
12 #define ITM_STR(x) x, (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
22 /* used to store raw parameters for keys and algorithms */
23 typedef struct st_kat_param_st {
24 const char *name; /* an OSSL_PARAM name */
25 size_t type; /* the type associated with the data */
26 const void *data; /* unsigned char [], or char [] depending on the type */
27 size_t data_len; /* the length of the data */
30 typedef struct st_kat_st {
32 const char *algorithm;
33 const unsigned char *pt;
35 const unsigned char *expected;
39 typedef ST_KAT ST_KAT_DIGEST;
40 typedef struct st_kat_cipher_st {
42 const unsigned char *key;
44 const unsigned char *iv;
46 const unsigned char *aad;
48 const unsigned char *tag;
52 typedef struct st_kat_kdf_st {
54 const char *algorithm;
55 const ST_KAT_PARAM *params;
56 const unsigned char *expected;
60 typedef struct st_kat_drbg_st {
62 const char *algorithm;
64 const unsigned char *entropyin;
66 const unsigned char *nonce;
68 const unsigned char *persstr;
70 const unsigned char *entropyinpr1;
71 size_t entropyinpr1len;
72 const unsigned char *entropyinpr2;
73 size_t entropyinpr2len;
74 const unsigned char *entropyaddin1;
75 size_t entropyaddin1len;
76 const unsigned char *entropyaddin2;
77 size_t entropyaddin2len;
78 const unsigned char *expected;
82 typedef struct st_kat_kas_st {
84 const char *algorithm;
86 const ST_KAT_PARAM *key_group;
87 const ST_KAT_PARAM *key_host_data;
88 const ST_KAT_PARAM *key_peer_data;
90 const unsigned char *expected;
94 typedef struct st_kat_sign_st {
96 const char *algorithm;
97 const char *mdalgorithm;
98 const ST_KAT_PARAM *key;
99 const unsigned char *sig_expected; /* Set to NULL if this value changes */
100 size_t sig_expected_len;
103 /*- DIGEST TEST DATA */
104 static const unsigned char sha1_pt[] = "abc";
105 static const unsigned char sha1_digest[] = {
106 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
107 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
110 static const unsigned char sha512_pt[] = "abc";
111 static const unsigned char sha512_digest[] = {
112 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
113 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
114 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
115 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
116 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
117 0xA5, 0x4C, 0xA4, 0x9F
119 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
120 static const unsigned char sha3_256_digest[] = {
121 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
122 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
123 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
126 static const ST_KAT_DIGEST st_kat_digest_tests[] =
129 OSSL_SELF_TEST_DESC_MD_SHA1,
135 OSSL_SELF_TEST_DESC_MD_SHA2,
141 OSSL_SELF_TEST_DESC_MD_SHA3,
144 ITM(sha3_256_digest),
149 /*- CIPHER TEST DATA */
152 static const unsigned char des_ede3_cbc_pt[] = {
153 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
154 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
155 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
156 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
158 static const unsigned char des_ede3_cbc_key[] = {
159 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
160 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
161 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
163 static const unsigned char des_ede3_cbc_iv[] = {
164 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
166 static const unsigned char des_ede3_cbc_ct[] = {
167 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
168 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
169 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
170 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
173 /* AES-256 GCM test data */
174 static const unsigned char aes_256_gcm_key[] = {
175 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
176 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
177 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
178 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
180 static const unsigned char aes_256_gcm_iv[] = {
181 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
182 0xe9, 0x02, 0xf2, 0x1a
184 static const unsigned char aes_256_gcm_pt[] = {
185 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
186 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
188 static const unsigned char aes_256_gcm_aad[] = {
189 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
190 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
192 static const unsigned char aes_256_gcm_ct[] = {
193 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
194 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
196 static const unsigned char aes_256_gcm_tag[] = {
197 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
198 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
201 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
202 #ifndef OPENSSL_NO_DES
205 OSSL_SELF_TEST_DESC_CIPHER_TDES,
207 ITM(des_ede3_cbc_pt),
210 ITM(des_ede3_cbc_key),
211 ITM(des_ede3_cbc_iv),
216 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
221 ITM(aes_256_gcm_key),
223 ITM(aes_256_gcm_aad),
228 static const char hkdf_digest[] = "SHA256";
229 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
230 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
231 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
233 static const ST_KAT_PARAM hkdf_params[] = {
234 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
235 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
236 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
237 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
240 static const unsigned char hkdf_expected[] = {
241 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
245 static const char sskdf_digest[] = "SHA224";
246 static const unsigned char sskdf_secret[] = {
247 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
248 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
249 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
250 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
251 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
252 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
253 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
255 static const unsigned char sskdf_otherinfo[] = {
256 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
257 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
258 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
259 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
260 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
261 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
263 static const unsigned char sskdf_expected[] = {
264 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
265 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
267 static const ST_KAT_PARAM sskdf_params[] = {
268 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
269 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
270 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
274 static const ST_KAT_KDF st_kat_kdf_tests[] =
277 OSSL_SELF_TEST_DESC_KDF_HKDF,
283 OSSL_SELF_TEST_DESC_KDF_SSKDF,
291 * DRBG test vectors are a small subset of
292 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
293 * Using the folder drbgvectors_pr_true
294 * Generated for CAVS 14.3.
301 * [PredictionResistance = True]
302 * [EntropyInputLen = 256]
304 * [PersonalizationStringLen = 256]
305 * [AdditionalInputLen = 256]
306 * [ReturnedBitsLen = 1024]
310 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
311 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
312 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
313 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
315 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
316 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
317 0xf0, 0xe5, 0x07, 0x1f
319 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
320 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
321 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
322 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
324 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
325 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
326 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
327 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
329 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
330 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
331 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
332 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
334 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
335 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
336 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
337 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
339 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
340 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
341 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
342 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
344 static const unsigned char drbg_hash_sha256_pr_expected[] = {
345 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
346 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
347 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
348 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
349 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
350 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
351 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
352 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
353 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
354 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
355 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
362 * [PredictionResistance = True]
363 * [EntropyInputLen = 128]
365 * [PersonalizationStringLen = 128]
366 * [AdditionalInputLen = 128]
367 * [ReturnedBitsLen = 512]
371 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
372 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
373 0x43, 0xdf, 0xf8, 0x18
375 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
376 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
378 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
379 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
380 0x37, 0x3c, 0x5c, 0x0b
382 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
383 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
384 0xc4, 0x2c, 0xe8, 0x10
386 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
387 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
388 0x08, 0xf7, 0xa5, 0x01
390 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
391 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
392 0x23, 0x6d, 0xad, 0x1d
394 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
395 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
396 0xbc, 0x59, 0x31, 0x8c
398 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
399 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
400 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
401 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
402 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
403 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
404 0x23, 0xc5, 0x1f, 0x68
411 * [PredictionResistance = True]
412 * [EntropyInputLen = 128]
414 * [PersonalizationStringLen = 128]
415 * [AdditionalInputLen = 128]
416 * [ReturnedBitsLen = 640]
420 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
421 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
422 0x79, 0x9e, 0xe5, 0xd8
424 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
425 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
427 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
428 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
429 0xa9, 0x31, 0x3d, 0xd7
431 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
432 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
433 0x5f, 0x22, 0xc6, 0xa4
435 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
436 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
437 0x2d, 0x1a, 0xf7, 0xa6
439 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
440 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
441 0xc1, 0x8c, 0xd9, 0xd7
443 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
444 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
445 0xa1, 0x37, 0x12, 0x0c
447 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
448 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
449 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
450 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
451 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
452 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
453 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
454 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
457 static const ST_KAT_DRBG st_kat_drbg_tests[] =
460 OSSL_SELF_TEST_DESC_DRBG_HASH,
463 ITM(drbg_hash_sha256_pr_entropyin),
464 ITM(drbg_hash_sha256_pr_nonce),
465 ITM(drbg_hash_sha256_pr_persstr),
466 ITM(drbg_hash_sha256_pr_entropyinpr0),
467 ITM(drbg_hash_sha256_pr_entropyinpr1),
468 ITM(drbg_hash_sha256_pr_addin0),
469 ITM(drbg_hash_sha256_pr_addin1),
470 ITM(drbg_hash_sha256_pr_expected)
473 OSSL_SELF_TEST_DESC_DRBG_CTR,
476 ITM(drbg_ctr_aes128_pr_df_entropyin),
477 ITM(drbg_ctr_aes128_pr_df_nonce),
478 ITM(drbg_ctr_aes128_pr_df_persstr),
479 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
480 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
481 ITM(drbg_ctr_aes128_pr_df_addin0),
482 ITM(drbg_ctr_aes128_pr_df_addin1),
483 ITM(drbg_ctr_aes128_pr_df_expected)
486 OSSL_SELF_TEST_DESC_DRBG_HMAC,
489 ITM(drbg_hmac_sha1_pr_entropyin),
490 ITM(drbg_hmac_sha1_pr_nonce),
491 ITM(drbg_hmac_sha1_pr_persstr),
492 ITM(drbg_hmac_sha1_pr_entropyinpr0),
493 ITM(drbg_hmac_sha1_pr_entropyinpr1),
494 ITM(drbg_hmac_sha1_pr_addin0),
495 ITM(drbg_hmac_sha1_pr_addin1),
496 ITM(drbg_hmac_sha1_pr_expected)
500 /* KEY EXCHANGE TEST DATA */
502 #ifndef OPENSSL_NO_DH
504 static const unsigned char dh_p[] = {
505 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
506 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
507 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
508 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
509 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
510 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
511 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
512 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
513 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
514 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
515 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
516 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
517 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
518 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
519 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
520 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
521 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
522 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
523 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
524 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
525 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
526 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
527 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
528 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
529 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
530 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
531 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
532 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
533 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
534 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
535 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
536 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
538 static const unsigned char dh_q[] = {
539 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
540 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
541 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
542 0x11, 0xac, 0xb5, 0x7d
544 static const unsigned char dh_g[] = {
545 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
546 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
547 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
548 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
549 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
550 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
551 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
552 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
553 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
554 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
555 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
556 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
557 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
558 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
559 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
560 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
561 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
562 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
563 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
564 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
565 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
566 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
567 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
568 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
569 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
570 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
571 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
572 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
573 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
574 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
575 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
576 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
578 static const unsigned char dh_priv[] = {
579 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
580 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
581 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
582 0x40, 0xb8, 0xfc, 0xe6
584 static const unsigned char dh_pub[] = {
585 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
586 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
587 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
588 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
589 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
590 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
591 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
592 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
593 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
594 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
595 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
596 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
597 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
598 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
599 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
600 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
601 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
602 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
603 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
604 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
605 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
606 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
607 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
608 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
609 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
610 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
611 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
612 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
613 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
614 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
615 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
616 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
618 static const unsigned char dh_peer_pub[] = {
619 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
620 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
621 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
622 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
623 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
624 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
625 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
626 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
627 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
628 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
629 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
630 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
631 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
632 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
633 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
634 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
635 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
636 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
637 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
638 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
639 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
640 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
641 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
642 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
643 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
644 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
645 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
646 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
647 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
648 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
649 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
650 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
653 static const unsigned char dh_secret_expected[] = {
654 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
655 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
656 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
657 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
658 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
659 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
660 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
661 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
662 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
663 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
664 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
665 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
666 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
667 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
668 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
669 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
670 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
671 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
672 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
673 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
674 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
675 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
676 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
677 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
678 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
679 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
680 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
681 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
682 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
683 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
684 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
685 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
688 static const ST_KAT_PARAM dh_group[] = {
689 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
690 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
691 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
695 /* The host's private key */
696 static const ST_KAT_PARAM dh_host_key[] = {
697 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
698 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
702 /* The peer's public key */
703 static const ST_KAT_PARAM dh_peer_key[] = {
704 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
707 #endif /* OPENSSL_NO_DH */
710 #ifndef OPENSSL_NO_EC
711 static const char ecdh_curve_name[] = "prime256v1";
712 static const unsigned char ecdh_privd[] = {
713 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
714 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
715 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
716 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
718 static const unsigned char ecdh_pub[] = {
720 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
721 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
722 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
723 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
724 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
725 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
726 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
727 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
729 static const unsigned char ecdh_peer_pub[] = {
731 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
732 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
733 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
734 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
735 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
736 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
737 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
738 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
741 static const ST_KAT_PARAM ecdh_group[] = {
742 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_EC_NAME, ecdh_curve_name),
745 static const ST_KAT_PARAM ecdh_host_key[] = {
746 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
747 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
750 static const ST_KAT_PARAM ecdh_peer_key[] = {
751 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
754 static const unsigned char ecdh_secret_expected[] = {
755 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
756 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
757 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
758 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
760 #endif /* OPENSSL_NO_EC */
762 static const ST_KAT_KAS st_kat_kas_tests[] =
764 #ifndef OPENSSL_NO_DH
766 OSSL_SELF_TEST_DESC_KA_DH,
771 ITM(dh_secret_expected)
773 #endif /* OPENSSL_NO_DH */
774 #ifndef OPENSSL_NO_EC
776 OSSL_SELF_TEST_DESC_KA_ECDH,
781 ITM(ecdh_secret_expected)
783 #endif /* OPENSSL_NO_EC */
786 #if !defined(OPENSSL_NO_RSA)
788 static const unsigned char rsa_n[] = {
789 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
790 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
791 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
792 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
793 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
794 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
795 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
796 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
797 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
798 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
799 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
800 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
801 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
802 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
803 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
804 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
805 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
806 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
807 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
808 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
809 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
810 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
811 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
812 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
813 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
814 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
815 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
816 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
817 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
818 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
819 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
820 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
822 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
823 static const unsigned char rsa_d[] = {
824 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
825 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
826 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
827 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
828 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
829 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
830 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
831 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
832 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
833 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
834 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
835 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
836 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
837 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
838 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
839 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
840 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
841 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
842 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
843 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
844 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
845 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
846 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
847 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
848 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
849 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
850 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
851 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
852 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
853 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
854 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
855 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
857 static const unsigned char rsa_p[] = {
858 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
859 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
860 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
861 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
862 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
863 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
864 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
865 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
866 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
867 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
868 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
869 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
870 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
871 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
872 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
873 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
875 static const unsigned char rsa_q[] = {
876 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
877 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
878 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
879 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
880 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
881 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
882 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
883 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
884 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
885 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
886 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
887 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
888 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
889 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
890 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
891 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
893 static const unsigned char rsa_dp[] = {
894 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
895 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
896 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
897 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
898 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
899 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
900 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
901 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
902 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
903 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
904 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
905 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
906 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
907 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
908 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
909 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
911 static const unsigned char rsa_dq[] = {
912 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
913 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
914 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
915 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
916 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
917 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
918 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
919 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
920 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
921 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
922 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
923 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
924 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
925 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
926 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
927 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
929 static const unsigned char rsa_qInv[] = {
930 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
931 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
932 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
933 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
934 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
935 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
936 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
937 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
938 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
939 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
940 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
941 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
942 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
943 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
944 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
945 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
948 static const ST_KAT_PARAM rsa_key[] = {
949 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
950 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
951 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
952 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
953 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
954 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
955 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
956 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
960 static const unsigned char rsa_expected_sig[256] = {
961 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
962 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
963 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
964 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
965 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
966 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
967 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
968 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
969 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
970 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
971 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
972 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
973 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
974 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
975 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
976 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
977 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
978 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
979 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
980 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
981 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
982 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
983 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
984 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
985 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
986 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
987 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
988 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
989 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
990 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
991 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
992 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
995 #endif /* OPENSSL_NO_RSA */
997 #ifndef OPENSSL_NO_EC
999 static const char ecd_curve_name[] = "secp224r1";
1000 static const unsigned char ecd_priv[] = {
1001 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1002 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1003 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1004 0x80, 0x93, 0x50, 0x30
1006 static const unsigned char ecd_pub[] = {
1007 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1008 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1009 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1010 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1011 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1012 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1013 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1017 static const ST_KAT_PARAM ecdsa_key[] = {
1018 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_EC_NAME, ecd_curve_name),
1019 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1020 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1023 #endif /* OPENSSL_NO_EC */
1025 #ifndef OPENSSL_NO_DSA
1027 static const unsigned char dsa_p[] = {
1028 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1029 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1030 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1031 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1032 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1033 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1034 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1035 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1036 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1037 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1038 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1039 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1040 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1041 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1042 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1043 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1044 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1045 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1046 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1047 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1048 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1049 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1050 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1051 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1052 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1053 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1054 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1055 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1056 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1057 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1058 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1059 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1061 static const unsigned char dsa_q[] = {
1062 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1063 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1064 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1065 0x18, 0x90, 0x28, 0x67
1067 static const unsigned char dsa_g[] = {
1068 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1069 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1070 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1071 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1072 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1073 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1074 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1075 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1076 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1077 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1078 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1079 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1080 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1081 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1082 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1083 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1084 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1085 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1086 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1087 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1088 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1089 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1090 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1091 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1092 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1093 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1094 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1095 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1096 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1097 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1098 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1099 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1101 static const unsigned char dsa_pub[] = {
1102 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1103 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1104 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1105 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1106 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1107 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1108 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1109 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1110 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1111 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1112 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1113 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1114 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1115 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1116 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1117 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1118 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1119 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1120 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1121 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1122 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1123 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1124 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1125 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1126 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1127 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1128 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1129 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1130 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1131 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1132 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1133 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1135 static const unsigned char dsa_priv[] = {
1136 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1137 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1138 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1139 0x40, 0x7e, 0x5c, 0xb7
1142 static const ST_KAT_PARAM dsa_key[] = {
1143 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1144 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1145 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1146 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1147 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1150 #endif /* OPENSSL_NO_DSA */
1152 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1153 #ifndef OPENSSL_NO_RSA
1155 OSSL_SELF_TEST_DESC_SIGN_RSA,
1159 ITM(rsa_expected_sig)
1161 #endif /* OPENSSL_NO_RSA */
1162 #ifndef OPENSSL_NO_EC
1164 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1169 * The ECDSA signature changes each time due to it using a random k.
1170 * So there is no expected KAT for this case.
1173 #endif /* OPENSSL_NO_EC */
1174 #ifndef OPENSSL_NO_DSA
1176 OSSL_SELF_TEST_DESC_SIGN_DSA,
1181 * The DSA signature changes each time due to it using a random k.
1182 * So there is no expected KAT for this case.
1185 #endif /* OPENSSL_NO_DSA */
projects / openssl.git / blob