2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) x, sizeof(x)
12 #define ITM_STR(x) x, (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
22 /* used to store raw parameters for keys and algorithms */
23 typedef struct st_kat_param_st {
24 const char *name; /* an OSSL_PARAM name */
25 size_t type; /* the type associated with the data */
26 const void *data; /* unsigned char [], or char [] depending on the type */
27 size_t data_len; /* the length of the data */
30 typedef struct st_kat_st {
32 const char *algorithm;
33 const unsigned char *pt;
35 const unsigned char *expected;
39 typedef ST_KAT ST_KAT_DIGEST;
40 typedef struct st_kat_cipher_st {
42 const unsigned char *key;
44 const unsigned char *iv;
46 const unsigned char *aad;
48 const unsigned char *tag;
52 typedef struct st_kat_kdf_st {
54 const char *algorithm;
55 const ST_KAT_PARAM *params;
56 const unsigned char *expected;
60 typedef struct st_kat_drbg_st {
62 const char *algorithm;
63 const char *param_name;
65 const unsigned char *entropyin;
67 const unsigned char *nonce;
69 const unsigned char *persstr;
71 const unsigned char *entropyinpr1;
72 size_t entropyinpr1len;
73 const unsigned char *entropyinpr2;
74 size_t entropyinpr2len;
75 const unsigned char *entropyaddin1;
76 size_t entropyaddin1len;
77 const unsigned char *entropyaddin2;
78 size_t entropyaddin2len;
79 const unsigned char *expected;
83 typedef struct st_kat_kas_st {
85 const char *algorithm;
87 const ST_KAT_PARAM *key_group;
88 const ST_KAT_PARAM *key_host_data;
89 const ST_KAT_PARAM *key_peer_data;
91 const unsigned char *expected;
95 typedef struct st_kat_sign_st {
97 const char *algorithm;
98 const char *mdalgorithm;
99 const ST_KAT_PARAM *key;
100 const unsigned char *sig_expected; /* Set to NULL if this value changes */
101 size_t sig_expected_len;
104 typedef struct st_kat_asym_cipher_st {
106 const char *algorithm;
108 const ST_KAT_PARAM *key;
109 const ST_KAT_PARAM *postinit;
110 const unsigned char *in;
112 const unsigned char *expected;
114 } ST_KAT_ASYM_CIPHER;
116 /*- DIGEST TEST DATA */
117 static const unsigned char sha1_pt[] = "abc";
118 static const unsigned char sha1_digest[] = {
119 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
120 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
123 static const unsigned char sha512_pt[] = "abc";
124 static const unsigned char sha512_digest[] = {
125 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
126 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
127 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
128 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
129 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
130 0xA5, 0x4C, 0xA4, 0x9F
132 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
133 static const unsigned char sha3_256_digest[] = {
134 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
135 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
136 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
139 static const ST_KAT_DIGEST st_kat_digest_tests[] =
142 OSSL_SELF_TEST_DESC_MD_SHA1,
148 OSSL_SELF_TEST_DESC_MD_SHA2,
154 OSSL_SELF_TEST_DESC_MD_SHA3,
157 ITM(sha3_256_digest),
162 /*- CIPHER TEST DATA */
165 static const unsigned char des_ede3_cbc_pt[] = {
166 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
167 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
168 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
169 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
171 static const unsigned char des_ede3_cbc_key[] = {
172 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
173 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
174 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
176 static const unsigned char des_ede3_cbc_iv[] = {
177 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
179 static const unsigned char des_ede3_cbc_ct[] = {
180 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
181 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
182 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
183 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
186 /* AES-256 GCM test data */
187 static const unsigned char aes_256_gcm_key[] = {
188 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
189 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
190 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
191 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
193 static const unsigned char aes_256_gcm_iv[] = {
194 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
195 0xe9, 0x02, 0xf2, 0x1a
197 static const unsigned char aes_256_gcm_pt[] = {
198 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
199 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
201 static const unsigned char aes_256_gcm_aad[] = {
202 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
203 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
205 static const unsigned char aes_256_gcm_ct[] = {
206 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
207 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
209 static const unsigned char aes_256_gcm_tag[] = {
210 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
211 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
214 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
215 #ifndef OPENSSL_NO_DES
218 OSSL_SELF_TEST_DESC_CIPHER_TDES,
220 ITM(des_ede3_cbc_pt),
223 ITM(des_ede3_cbc_key),
224 ITM(des_ede3_cbc_iv),
229 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
234 ITM(aes_256_gcm_key),
236 ITM(aes_256_gcm_aad),
241 static const char hkdf_digest[] = "SHA256";
242 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
243 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
244 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
246 static const ST_KAT_PARAM hkdf_params[] = {
247 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
248 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
249 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
250 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
253 static const unsigned char hkdf_expected[] = {
254 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
258 static const char sskdf_digest[] = "SHA224";
259 static const unsigned char sskdf_secret[] = {
260 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
261 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
262 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
263 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
264 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
265 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
266 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
268 static const unsigned char sskdf_otherinfo[] = {
269 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
270 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
271 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
272 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
273 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
274 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
276 static const unsigned char sskdf_expected[] = {
277 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
278 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
280 static const ST_KAT_PARAM sskdf_params[] = {
281 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
282 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
283 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
287 static const ST_KAT_KDF st_kat_kdf_tests[] =
290 OSSL_SELF_TEST_DESC_KDF_HKDF,
296 OSSL_SELF_TEST_DESC_KDF_SSKDF,
304 * DRBG test vectors are a small subset of
305 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
306 * Using the folder drbgvectors_pr_true
307 * Generated for CAVS 14.3.
314 * [PredictionResistance = True]
315 * [EntropyInputLen = 256]
317 * [PersonalizationStringLen = 256]
318 * [AdditionalInputLen = 256]
319 * [ReturnedBitsLen = 1024]
323 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
324 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
325 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
326 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
328 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
329 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
330 0xf0, 0xe5, 0x07, 0x1f
332 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
333 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
334 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
335 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
337 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
338 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
339 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
340 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
342 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
343 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
344 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
345 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
347 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
348 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
349 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
350 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
352 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
353 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
354 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
355 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
357 static const unsigned char drbg_hash_sha256_pr_expected[] = {
358 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
359 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
360 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
361 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
362 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
363 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
364 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
365 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
366 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
367 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
368 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
375 * [PredictionResistance = True]
376 * [EntropyInputLen = 128]
378 * [PersonalizationStringLen = 128]
379 * [AdditionalInputLen = 128]
380 * [ReturnedBitsLen = 512]
384 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
385 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
386 0x43, 0xdf, 0xf8, 0x18
388 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
389 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
391 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
392 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
393 0x37, 0x3c, 0x5c, 0x0b
395 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
396 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
397 0xc4, 0x2c, 0xe8, 0x10
399 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
400 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
401 0x08, 0xf7, 0xa5, 0x01
403 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
404 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
405 0x23, 0x6d, 0xad, 0x1d
407 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
408 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
409 0xbc, 0x59, 0x31, 0x8c
411 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
412 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
413 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
414 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
415 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
416 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
417 0x23, 0xc5, 0x1f, 0x68
424 * [PredictionResistance = True]
425 * [EntropyInputLen = 128]
427 * [PersonalizationStringLen = 128]
428 * [AdditionalInputLen = 128]
429 * [ReturnedBitsLen = 640]
433 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
434 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
435 0x79, 0x9e, 0xe5, 0xd8
437 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
438 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
440 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
441 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
442 0xa9, 0x31, 0x3d, 0xd7
444 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
445 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
446 0x5f, 0x22, 0xc6, 0xa4
448 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
449 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
450 0x2d, 0x1a, 0xf7, 0xa6
452 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
453 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
454 0xc1, 0x8c, 0xd9, 0xd7
456 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
457 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
458 0xa1, 0x37, 0x12, 0x0c
460 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
461 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
462 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
463 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
464 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
465 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
466 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
467 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
470 static const ST_KAT_DRBG st_kat_drbg_tests[] =
473 OSSL_SELF_TEST_DESC_DRBG_HASH,
474 "HASH-DRBG", "digest", "SHA256",
475 ITM(drbg_hash_sha256_pr_entropyin),
476 ITM(drbg_hash_sha256_pr_nonce),
477 ITM(drbg_hash_sha256_pr_persstr),
478 ITM(drbg_hash_sha256_pr_entropyinpr0),
479 ITM(drbg_hash_sha256_pr_entropyinpr1),
480 ITM(drbg_hash_sha256_pr_addin0),
481 ITM(drbg_hash_sha256_pr_addin1),
482 ITM(drbg_hash_sha256_pr_expected)
485 OSSL_SELF_TEST_DESC_DRBG_CTR,
486 "CTR-DRBG", "cipher", "AES-128-CTR",
487 ITM(drbg_ctr_aes128_pr_df_entropyin),
488 ITM(drbg_ctr_aes128_pr_df_nonce),
489 ITM(drbg_ctr_aes128_pr_df_persstr),
490 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
491 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
492 ITM(drbg_ctr_aes128_pr_df_addin0),
493 ITM(drbg_ctr_aes128_pr_df_addin1),
494 ITM(drbg_ctr_aes128_pr_df_expected)
497 OSSL_SELF_TEST_DESC_DRBG_HMAC,
498 "HMAC-DRBG", "digest", "SHA1",
499 ITM(drbg_hmac_sha1_pr_entropyin),
500 ITM(drbg_hmac_sha1_pr_nonce),
501 ITM(drbg_hmac_sha1_pr_persstr),
502 ITM(drbg_hmac_sha1_pr_entropyinpr0),
503 ITM(drbg_hmac_sha1_pr_entropyinpr1),
504 ITM(drbg_hmac_sha1_pr_addin0),
505 ITM(drbg_hmac_sha1_pr_addin1),
506 ITM(drbg_hmac_sha1_pr_expected)
510 /* KEY EXCHANGE TEST DATA */
512 #ifndef OPENSSL_NO_DH
514 static const unsigned char dh_p[] = {
515 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
516 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
517 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
518 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
519 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
520 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
521 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
522 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
523 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
524 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
525 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
526 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
527 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
528 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
529 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
530 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
531 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
532 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
533 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
534 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
535 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
536 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
537 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
538 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
539 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
540 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
541 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
542 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
543 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
544 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
545 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
546 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
548 static const unsigned char dh_q[] = {
549 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
550 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
551 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
552 0x11, 0xac, 0xb5, 0x7d
554 static const unsigned char dh_g[] = {
555 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
556 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
557 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
558 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
559 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
560 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
561 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
562 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
563 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
564 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
565 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
566 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
567 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
568 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
569 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
570 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
571 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
572 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
573 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
574 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
575 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
576 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
577 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
578 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
579 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
580 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
581 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
582 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
583 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
584 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
585 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
586 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
588 static const unsigned char dh_priv[] = {
589 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
590 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
591 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
592 0x40, 0xb8, 0xfc, 0xe6
594 static const unsigned char dh_pub[] = {
595 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
596 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
597 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
598 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
599 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
600 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
601 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
602 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
603 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
604 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
605 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
606 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
607 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
608 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
609 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
610 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
611 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
612 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
613 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
614 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
615 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
616 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
617 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
618 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
619 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
620 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
621 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
622 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
623 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
624 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
625 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
626 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
628 static const unsigned char dh_peer_pub[] = {
629 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
630 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
631 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
632 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
633 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
634 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
635 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
636 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
637 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
638 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
639 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
640 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
641 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
642 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
643 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
644 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
645 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
646 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
647 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
648 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
649 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
650 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
651 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
652 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
653 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
654 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
655 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
656 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
657 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
658 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
659 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
660 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
663 static const unsigned char dh_secret_expected[] = {
664 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
665 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
666 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
667 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
668 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
669 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
670 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
671 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
672 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
673 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
674 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
675 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
676 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
677 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
678 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
679 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
680 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
681 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
682 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
683 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
684 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
685 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
686 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
687 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
688 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
689 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
690 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
691 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
692 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
693 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
694 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
695 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
698 static const ST_KAT_PARAM dh_group[] = {
699 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
700 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
701 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
705 /* The host's private key */
706 static const ST_KAT_PARAM dh_host_key[] = {
707 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
708 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
712 /* The peer's public key */
713 static const ST_KAT_PARAM dh_peer_key[] = {
714 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
717 #endif /* OPENSSL_NO_DH */
720 #ifndef OPENSSL_NO_EC
721 static const char ecdh_curve_name[] = "prime256v1";
722 static const unsigned char ecdh_privd[] = {
723 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
724 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
725 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
726 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
728 static const unsigned char ecdh_pub[] = {
730 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
731 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
732 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
733 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
734 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
735 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
736 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
737 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
739 static const unsigned char ecdh_peer_pub[] = {
741 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
742 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
743 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
744 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
745 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
746 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
747 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
748 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
751 static const ST_KAT_PARAM ecdh_group[] = {
752 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
755 static const ST_KAT_PARAM ecdh_host_key[] = {
756 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
757 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
760 static const ST_KAT_PARAM ecdh_peer_key[] = {
761 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
764 static const unsigned char ecdh_secret_expected[] = {
765 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
766 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
767 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
768 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
770 #endif /* OPENSSL_NO_EC */
772 static const ST_KAT_KAS st_kat_kas_tests[] =
774 #ifndef OPENSSL_NO_DH
776 OSSL_SELF_TEST_DESC_KA_DH,
781 ITM(dh_secret_expected)
783 #endif /* OPENSSL_NO_DH */
784 #ifndef OPENSSL_NO_EC
786 OSSL_SELF_TEST_DESC_KA_ECDH,
791 ITM(ecdh_secret_expected)
793 #endif /* OPENSSL_NO_EC */
796 #if !defined(OPENSSL_NO_RSA)
798 static const unsigned char rsa_n[] = {
799 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
800 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
801 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
802 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
803 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
804 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
805 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
806 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
807 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
808 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
809 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
810 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
811 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
812 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
813 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
814 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
815 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
816 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
817 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
818 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
819 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
820 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
821 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
822 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
823 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
824 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
825 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
826 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
827 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
828 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
829 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
830 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
832 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
833 static const unsigned char rsa_d[] = {
834 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
835 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
836 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
837 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
838 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
839 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
840 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
841 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
842 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
843 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
844 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
845 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
846 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
847 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
848 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
849 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
850 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
851 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
852 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
853 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
854 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
855 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
856 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
857 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
858 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
859 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
860 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
861 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
862 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
863 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
864 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
865 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
867 static const unsigned char rsa_p[] = {
868 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
869 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
870 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
871 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
872 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
873 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
874 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
875 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
876 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
877 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
878 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
879 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
880 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
881 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
882 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
883 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
885 static const unsigned char rsa_q[] = {
886 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
887 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
888 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
889 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
890 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
891 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
892 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
893 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
894 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
895 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
896 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
897 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
898 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
899 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
900 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
901 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
903 static const unsigned char rsa_dp[] = {
904 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
905 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
906 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
907 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
908 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
909 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
910 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
911 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
912 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
913 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
914 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
915 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
916 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
917 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
918 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
919 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
921 static const unsigned char rsa_dq[] = {
922 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
923 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
924 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
925 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
926 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
927 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
928 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
929 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
930 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
931 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
932 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
933 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
934 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
935 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
936 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
937 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
939 static const unsigned char rsa_qInv[] = {
940 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
941 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
942 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
943 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
944 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
945 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
946 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
947 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
948 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
949 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
950 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
951 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
952 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
953 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
954 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
955 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
958 static const ST_KAT_PARAM rsa_crt_key[] = {
959 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
960 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
961 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
962 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
963 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
964 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
965 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
966 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
970 static const ST_KAT_PARAM rsa_pub_key[] = {
971 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
972 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
976 static const ST_KAT_PARAM rsa_priv_key[] = {
977 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
978 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
979 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
983 static const ST_KAT_PARAM rsa_enc_params[] = {
984 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
985 OSSL_PKEY_RSA_PAD_MODE_NONE),
989 static const unsigned char rsa_expected_sig[256] = {
990 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
991 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
992 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
993 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
994 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
995 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
996 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
997 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
998 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
999 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1000 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1001 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1002 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1003 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1004 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1005 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1006 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1007 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1008 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1009 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1010 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1011 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1012 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1013 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1014 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1015 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1016 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1017 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1018 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1019 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1020 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1021 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1024 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1025 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1026 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1028 static const unsigned char rsa_asym_expected_encrypt[256] = {
1029 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1030 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1031 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1032 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1033 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1034 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1035 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1036 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1037 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1038 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1039 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1040 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1041 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1042 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1043 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1044 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1045 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1046 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1047 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1048 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1049 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1050 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1051 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1052 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1053 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1054 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1055 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1056 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1057 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1058 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1059 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1060 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1063 #endif /* OPENSSL_NO_RSA */
1065 #ifndef OPENSSL_NO_EC
1066 /* ECDSA key data */
1067 static const char ecd_curve_name[] = "secp224r1";
1068 static const unsigned char ecd_priv[] = {
1069 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1070 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1071 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1072 0x80, 0x93, 0x50, 0x30
1074 static const unsigned char ecd_pub[] = {
1075 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1076 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1077 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1078 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1079 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1080 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1081 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1085 static const ST_KAT_PARAM ecdsa_key[] = {
1086 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_curve_name),
1087 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1088 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1091 #endif /* OPENSSL_NO_EC */
1093 #ifndef OPENSSL_NO_DSA
1095 static const unsigned char dsa_p[] = {
1096 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1097 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1098 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1099 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1100 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1101 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1102 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1103 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1104 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1105 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1106 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1107 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1108 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1109 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1110 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1111 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1112 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1113 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1114 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1115 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1116 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1117 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1118 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1119 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1120 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1121 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1122 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1123 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1124 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1125 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1126 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1127 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1129 static const unsigned char dsa_q[] = {
1130 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1131 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1132 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1133 0x18, 0x90, 0x28, 0x67
1135 static const unsigned char dsa_g[] = {
1136 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1137 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1138 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1139 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1140 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1141 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1142 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1143 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1144 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1145 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1146 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1147 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1148 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1149 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1150 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1151 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1152 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1153 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1154 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1155 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1156 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1157 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1158 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1159 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1160 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1161 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1162 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1163 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1164 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1165 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1166 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1167 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1169 static const unsigned char dsa_pub[] = {
1170 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1171 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1172 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1173 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1174 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1175 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1176 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1177 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1178 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1179 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1180 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1181 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1182 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1183 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1184 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1185 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1186 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1187 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1188 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1189 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1190 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1191 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1192 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1193 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1194 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1195 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1196 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1197 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1198 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1199 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1200 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1201 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1203 static const unsigned char dsa_priv[] = {
1204 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1205 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1206 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1207 0x40, 0x7e, 0x5c, 0xb7
1210 static const ST_KAT_PARAM dsa_key[] = {
1211 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1212 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1213 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1214 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1215 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1218 #endif /* OPENSSL_NO_DSA */
1220 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1221 #ifndef OPENSSL_NO_RSA
1223 OSSL_SELF_TEST_DESC_SIGN_RSA,
1227 ITM(rsa_expected_sig)
1229 #endif /* OPENSSL_NO_RSA */
1230 #ifndef OPENSSL_NO_EC
1232 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1237 * The ECDSA signature changes each time due to it using a random k.
1238 * So there is no expected KAT for this case.
1241 #endif /* OPENSSL_NO_EC */
1242 #ifndef OPENSSL_NO_DSA
1244 OSSL_SELF_TEST_DESC_SIGN_DSA,
1249 * The DSA signature changes each time due to it using a random k.
1250 * So there is no expected KAT for this case.
1253 #endif /* OPENSSL_NO_DSA */
1256 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1257 #ifndef OPENSSL_NO_RSA
1259 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1264 ITM(rsa_asym_plaintext_encrypt),
1265 ITM(rsa_asym_expected_encrypt),
1268 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1273 ITM(rsa_asym_expected_encrypt),
1274 ITM(rsa_asym_plaintext_encrypt),
1277 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1282 ITM(rsa_asym_expected_encrypt),
1283 ITM(rsa_asym_plaintext_encrypt),
1285 #endif /* OPENSSL_NO_RSA */
projects / openssl.git / blob