test/endecode_test.c

   1 /*
   2  * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <string.h>
  11 #include <openssl/evp.h>
  12 #include <openssl/pem.h>
  13 #include <openssl/rsa.h>
  14 #include <openssl/x509.h>
  15 #include <openssl/core_names.h>
  16 #include <openssl/params.h>
  17 #include <openssl/param_build.h>
  18 #include <openssl/encoder.h>
  19 #include <openssl/decoder.h>
  20
  21 #include "internal/pem.h"        /* For PVK and "blob" PEM headers */
  22 #include "internal/cryptlib.h"   /* ossl_assert */
  23
  24 #include "testutil.h"
  25
  26 #ifndef OPENSSL_NO_EC
  27 static BN_CTX *bnctx = NULL;
  28 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
  29 static OSSL_PARAM_BLD *bld_prime = NULL;
  30 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
  31 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
  32
  33 # ifndef OPENSSL_NO_EC2M
  34 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
  35 static OSSL_PARAM_BLD *bld_tri = NULL;
  36 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
  37 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
  38 # endif
  39 #endif
  40
  41 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
  42 {
  43     EVP_PKEY *pkey = NULL;
  44     EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
  45
  46     /*
  47      * No real need to check the errors other than for the cascade
  48      * effect.  |pkey| will simply remain NULL if something goes wrong.
  49      */
  50     (void)(ctx != NULL
  51            && EVP_PKEY_paramgen_init(ctx) > 0
  52            && (genparams == NULL
  53                || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
  54            && EVP_PKEY_gen(ctx, &pkey) > 0);
  55     EVP_PKEY_CTX_free(ctx);
  56
  57     return pkey;
  58 }
  59
  60 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
  61                           OSSL_PARAM *genparams)
  62 {
  63     EVP_PKEY *pkey = NULL;
  64     EVP_PKEY_CTX *ctx =
  65         template != NULL
  66         ? EVP_PKEY_CTX_new(template, NULL)
  67         : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
  68
  69     /*
  70      * No real need to check the errors other than for the cascade
  71      * effect.  |pkey| will simply remain NULL if something goes wrong.
  72      */
  73     (void)(ctx != NULL
  74            && EVP_PKEY_keygen_init(ctx) > 0
  75            && (genparams == NULL
  76                || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
  77            && EVP_PKEY_keygen(ctx, &pkey) > 0);
  78     EVP_PKEY_CTX_free(ctx);
  79     return pkey;
  80 }
  81
  82 /* Main test driver */
  83
  84 /*
  85  * TODO(3.0) For better error output, changed the callbacks to take __FILE__
  86  * and __LINE__ as first two arguments, and have them use the lower case
  87  * functions, such as test_strn_eq(), rather than the uppercase macros
  88  * (TEST_strn2_eq(), for example).
  89  */
  90
  91 typedef int (encoder)(void **encoded, long *encoded_len,
  92                       void *object, const char *pass, const char *pcipher,
  93                       const char *encoder_propq);
  94 typedef int (decoder)(void **object,
  95                       void *encoded, long encoded_len,
  96                       const char *pass);
  97 typedef int (tester)(const void *data1, size_t data1_len,
  98                      const void *data2, size_t data2_len);
  99 typedef int (checker)(const char *type, const void *data, size_t data_len);
 100 typedef void (dumper)(const char *label, const void *data, size_t data_len);
 101
 102 static int test_encode_decode(const char *type, EVP_PKEY *pkey,
 103                               const char *pass, const char *pcipher,
 104                               encoder *encode_cb, decoder *decode_cb,
 105                               tester *test_cb, checker *check_cb,
 106                               dumper *dump_cb, const char *encoder_propq)
 107 {
 108     void *encoded = NULL;
 109     long encoded_len = 0;
 110     EVP_PKEY *pkey2 = NULL;
 111     void *encoded2 = NULL;
 112     long encoded2_len = 0;
 113     int ok = 0;
 114
 115     if (!encode_cb(&encoded, &encoded_len, pkey,
 116                       pass, pcipher, encoder_propq)
 117         || !check_cb(type, encoded, encoded_len)
 118         || !decode_cb((void **)&pkey2, encoded, encoded_len,
 119                            pass)
 120         || !TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
 121         goto end;
 122
 123     /*
 124      * Double check the encoding, but only for unprotected keys,
 125      * as protected keys have a random component, which makes the output
 126      * differ.
 127      */
 128     if ((pass == NULL && pcipher == NULL)
 129         && (!encode_cb(&encoded2, &encoded2_len, pkey2,
 130                           pass, pcipher, encoder_propq)
 131             || !test_cb(encoded, encoded_len,
 132                         encoded2, encoded2_len)))
 133         goto end;
 134
 135     ok = 1;
 136  end:
 137     if (!ok) {
 138         if (encoded != NULL && encoded_len != 0)
 139             dump_cb("encoded result", encoded, encoded_len);
 140         if (encoded2 != NULL && encoded2_len != 0)
 141             dump_cb("re-encoded result", encoded2, encoded2_len);
 142     }
 143
 144     OPENSSL_free(encoded);
 145     OPENSSL_free(encoded2);
 146     EVP_PKEY_free(pkey2);
 147     return ok;
 148 }
 149
 150 /* Encoding and desencoding methods */
 151
 152 static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
 153                                 void *object,
 154                                 const char *pass, const char *pcipher,
 155                                 const char *encoder_propq)
 156 {
 157     EVP_PKEY *pkey = object;
 158     OSSL_ENCODER_CTX *ectx = NULL;
 159     BIO *mem_ser = NULL;
 160     BUF_MEM *mem_buf = NULL;
 161     const unsigned char *upass = (const unsigned char *)pass;
 162     int ok = 0;
 163
 164     if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, encoder_propq))
 165         || (pass != NULL
 166             && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
 167                                                              strlen(pass))))
 168         || (pcipher != NULL
 169             && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
 170         || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
 171         || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
 172         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
 173         || !TEST_ptr(*encoded = mem_buf->data)
 174         || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
 175         goto end;
 176
 177     /* Detach the encoded output */
 178     mem_buf->data = NULL;
 179     mem_buf->length = 0;
 180     ok = 1;
 181  end:
 182     BIO_free(mem_ser);
 183     OSSL_ENCODER_CTX_free(ectx);
 184     return ok;
 185 }
 186
 187 static int decode_EVP_PKEY_prov(void **object,
 188                                 void *encoded, long encoded_len,
 189                                 const char *pass)
 190 {
 191     EVP_PKEY *pkey = NULL;
 192     OSSL_DECODER_CTX *dctx = NULL;
 193     BIO *mem_deser = NULL;
 194     const unsigned char *upass = (const unsigned char *)pass;
 195     int ok = 0;
 196
 197     if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL,
 198                                                                NULL, NULL))
 199         || (pass != NULL
 200             && !OSSL_DECODER_CTX_set_passphrase(dctx, upass,
 201                                                      strlen(pass)))
 202         || !TEST_ptr(mem_deser = BIO_new_mem_buf(encoded, encoded_len))
 203         || !TEST_true(OSSL_DECODER_from_bio(dctx, mem_deser)))
 204         goto end;
 205     ok = 1;
 206     *object = pkey;
 207  end:
 208     BIO_free(mem_deser);
 209     OSSL_DECODER_CTX_free(dctx);
 210     return ok;
 211 }
 212
 213 static int encode_EVP_PKEY_legacy_PEM(void **encoded,
 214                                       long *encoded_len,
 215                                       void *object,
 216                                       const char *pass, const char *pcipher,
 217                                       ossl_unused const char *encoder_propq)
 218 {
 219     EVP_PKEY *pkey = object;
 220     EVP_CIPHER *cipher = NULL;
 221     BIO *mem_ser = NULL;
 222     BUF_MEM *mem_buf = NULL;
 223     const unsigned char *upass = (const unsigned char *)pass;
 224     size_t passlen = 0;
 225     int ok = 0;
 226
 227     if (pcipher != NULL && pass != NULL) {
 228         passlen = strlen(pass);
 229         if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
 230             goto end;
 231     }
 232     if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
 233         || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
 234                                                            cipher,
 235                                                            upass, passlen,
 236                                                            NULL, NULL))
 237         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
 238         || !TEST_ptr(*encoded = mem_buf->data)
 239         || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
 240         goto end;
 241
 242     /* Detach the encoded output */
 243     mem_buf->data = NULL;
 244     mem_buf->length = 0;
 245     ok = 1;
 246  end:
 247     BIO_free(mem_ser);
 248     EVP_CIPHER_free(cipher);
 249     return ok;
 250 }
 251
 252 #ifndef OPENSSL_NO_DSA
 253 static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
 254                                   void *object,
 255                                   ossl_unused const char *pass,
 256                                   ossl_unused const char *pcipher,
 257                                   ossl_unused const char *encoder_propq)
 258 {
 259     EVP_PKEY *pkey = object;
 260     BIO *mem_ser = NULL;
 261     BUF_MEM *mem_buf = NULL;
 262     int ok = 0;
 263
 264     if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
 265         || !TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0)
 266         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
 267         || !TEST_ptr(*encoded = mem_buf->data)
 268         || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
 269         goto end;
 270
 271     /* Detach the encoded output */
 272     mem_buf->data = NULL;
 273     mem_buf->length = 0;
 274     ok = 1;
 275  end:
 276     BIO_free(mem_ser);
 277     return ok;
 278 }
 279
 280 static int encode_public_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
 281                                          void *object,
 282                                          ossl_unused const char *pass,
 283                                          ossl_unused const char *pcipher,
 284                                          ossl_unused const char *encoder_propq)
 285 {
 286     EVP_PKEY *pkey = object;
 287     BIO *mem_ser = NULL;
 288     BUF_MEM *mem_buf = NULL;
 289     int ok = 0;
 290
 291     if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
 292         || !TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0)
 293         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
 294         || !TEST_ptr(*encoded = mem_buf->data)
 295         || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
 296         goto end;
 297
 298     /* Detach the encoded output */
 299     mem_buf->data = NULL;
 300     mem_buf->length = 0;
 301     ok = 1;
 302  end:
 303     BIO_free(mem_ser);
 304     return ok;
 305 }
 306
 307 # ifndef OPENSSL_NO_RC4
 308 static pem_password_cb pass_pw;
 309 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
 310 {
 311     OPENSSL_strlcpy(buf, userdata, size);
 312     return strlen(userdata);
 313 }
 314
 315 static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
 316                                void *object,
 317                                const char *pass,
 318                                ossl_unused const char *pcipher,
 319                                ossl_unused const char *encoder_propq)
 320 {
 321     EVP_PKEY *pkey = object;
 322     BIO *mem_ser = NULL;
 323     BUF_MEM *mem_buf = NULL;
 324     int enc = (pass != NULL);
 325     int ok = 0;
 326
 327     if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
 328         || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
 329                                     pass_pw, (void *)pass), 0)
 330         || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
 331         || !TEST_ptr(*encoded = mem_buf->data)
 332         || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
 333         goto end;
 334
 335     /* Detach the encoded output */
 336     mem_buf->data = NULL;
 337     mem_buf->length = 0;
 338     ok = 1;
 339  end:
 340     BIO_free(mem_ser);
 341     return ok;
 342 }
 343 # endif
 344 #endif
 345
 346 static int test_text(const void *data1, size_t data1_len,
 347                      const void *data2, size_t data2_len)
 348 {
 349     return TEST_strn2_eq(data1, data1_len, data2, data2_len);
 350 }
 351
 352 static int test_mem(const void *data1, size_t data1_len,
 353                     const void *data2, size_t data2_len)
 354 {
 355     return TEST_mem_eq(data1, data1_len, data2, data2_len);
 356 }
 357
 358 /* Test cases and their dumpers / checkers */
 359
 360 static void dump_der(const char *label, const void *data, size_t data_len)
 361 {
 362     test_output_memory(label, data, data_len);
 363 }
 364
 365 static void dump_pem(const char *label, const void *data, size_t data_len)
 366 {
 367     test_output_string(label, data, data_len - 1);
 368 }
 369
 370 static int check_unprotected_PKCS8_DER(const char *type,
 371                                        const void *data, size_t data_len)
 372 {
 373     const unsigned char *datap = data;
 374     PKCS8_PRIV_KEY_INFO *p8inf =
 375         d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
 376     int ok = 0;
 377
 378     if (TEST_ptr(p8inf)) {
 379         EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
 380
 381         ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
 382         EVP_PKEY_free(pkey);
 383     }
 384     PKCS8_PRIV_KEY_INFO_free(p8inf);
 385     return ok;
 386 }
 387
 388 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
 389 {
 390     return test_encode_decode(type, key, NULL, NULL,
 391                               encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
 392                               test_mem, check_unprotected_PKCS8_DER, dump_der,
 393                               OSSL_ENCODER_PrivateKey_TO_DER_PQ);
 394 }
 395
 396 static int check_unprotected_PKCS8_PEM(const char *type,
 397                                        const void *data, size_t data_len)
 398 {
 399     static const char pem_header[] = "-----BEGIN " PEM_STRING_PKCS8INF "-----";
 400
 401     return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
 402 }
 403
 404 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
 405 {
 406     return test_encode_decode(type, key, NULL, NULL,
 407                               encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
 408                               test_text, check_unprotected_PKCS8_PEM, dump_pem,
 409                               OSSL_ENCODER_PrivateKey_TO_PEM_PQ);
 410 }
 411
 412 static int check_unprotected_legacy_PEM(const char *type,
 413                                         const void *data, size_t data_len)
 414 {
 415     static char pem_header[80];
 416
 417     return
 418         TEST_int_gt(BIO_snprintf(pem_header, sizeof(pem_header),
 419                                  "-----BEGIN %s PRIVATE KEY-----", type), 0)
 420         && TEST_strn_eq(data, pem_header, strlen(pem_header));
 421 }
 422
 423 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 424 {
 425     return test_encode_decode(type, key, NULL, NULL,
 426                               encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
 427                               test_text, check_unprotected_legacy_PEM, dump_pem,
 428                               NULL);
 429 }
 430
 431 #ifndef OPENSSL_NO_DSA
 432 static int check_MSBLOB(const char *type, const void *data, size_t data_len)
 433 {
 434     const unsigned char *datap = data;
 435     EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
 436     int ok = TEST_ptr(pkey);
 437
 438     EVP_PKEY_free(pkey);
 439     return ok;
 440 }
 441
 442 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
 443 {
 444     return test_encode_decode(type, key, NULL, NULL,
 445                               encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
 446                               test_mem, check_MSBLOB, dump_der,
 447                               NULL);
 448 }
 449
 450 # ifndef OPENSSL_NO_RC4
 451 static int check_PVK(const char *type, const void *data, size_t data_len)
 452 {
 453     const unsigned char *in = data;
 454     unsigned int saltlen = 0, keylen = 0;
 455     int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
 456
 457     return ok;
 458 }
 459
 460 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
 461 {
 462     return test_encode_decode(type, key, NULL, NULL,
 463                               encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
 464                               test_mem, check_PVK, dump_der,
 465                               NULL);
 466 }
 467 # endif
 468 #endif
 469
 470 static const char *pass_cipher = "AES-256-CBC";
 471 static const char *pass = "the holy handgrenade of antioch";
 472
 473 static int check_protected_PKCS8_DER(const char *type,
 474                                      const void *data, size_t data_len)
 475 {
 476     const unsigned char *datap = data;
 477     X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
 478     int ok = TEST_ptr(p8);
 479
 480     X509_SIG_free(p8);
 481     return ok;
 482 }
 483
 484 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
 485 {
 486     return test_encode_decode(type, key, pass, pass_cipher,
 487                               encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
 488                               test_mem, check_protected_PKCS8_DER, dump_der,
 489                               OSSL_ENCODER_PrivateKey_TO_DER_PQ);
 490 }
 491
 492 static int check_protected_PKCS8_PEM(const char *type,
 493                                      const void *data, size_t data_len)
 494 {
 495     static const char pem_header[] = "-----BEGIN " PEM_STRING_PKCS8 "-----";
 496
 497     return TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
 498 }
 499
 500 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
 501 {
 502     return test_encode_decode(type, key, pass, pass_cipher,
 503                               encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
 504                               test_text, check_protected_PKCS8_PEM, dump_pem,
 505                               OSSL_ENCODER_PrivateKey_TO_PEM_PQ);
 506 }
 507
 508 static int check_protected_legacy_PEM(const char *type,
 509                                       const void *data, size_t data_len)
 510 {
 511     static char pem_header[80];
 512
 513     return
 514         TEST_int_gt(BIO_snprintf(pem_header, sizeof(pem_header),
 515                                  "-----BEGIN %s PRIVATE KEY-----", type), 0)
 516         && TEST_strn_eq(data, pem_header, strlen(pem_header))
 517         && TEST_ptr(strstr(data, "\nDEK-Info: "));
 518 }
 519
 520 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
 521 {
 522     return test_encode_decode(type, key, pass, pass_cipher,
 523                               encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
 524                               test_text, check_protected_legacy_PEM, dump_pem,
 525                               NULL);
 526 }
 527
 528 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
 529 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
 530 {
 531     return test_encode_decode(type, key, pass, NULL,
 532                               encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
 533                               test_mem, check_PVK, dump_der,
 534                               NULL);
 535 }
 536 #endif
 537
 538 static int check_public_DER(const char *type, const void *data, size_t data_len)
 539 {
 540     const unsigned char *datap = data;
 541     EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
 542     int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
 543
 544     EVP_PKEY_free(pkey);
 545     return ok;
 546 }
 547
 548 static int test_public_via_DER(const char *type, EVP_PKEY *key)
 549 {
 550     return test_encode_decode(type, key, NULL, NULL,
 551                               encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
 552                               test_mem, check_public_DER, dump_der,
 553                               OSSL_ENCODER_PUBKEY_TO_DER_PQ);
 554 }
 555
 556 static int check_public_PEM(const char *type, const void *data, size_t data_len)
 557 {
 558     static const char pem_header[] = "-----BEGIN " PEM_STRING_PUBLIC "-----";
 559
 560     return
 561         TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1);
 562 }
 563
 564 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
 565 {
 566     return test_encode_decode(type, key, NULL, NULL,
 567                               encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
 568                               test_text, check_public_PEM, dump_pem,
 569                               OSSL_ENCODER_PUBKEY_TO_PEM_PQ);
 570 }
 571
 572 #ifndef OPENSSL_NO_DSA
 573 static int check_public_MSBLOB(const char *type,
 574                                const void *data, size_t data_len)
 575 {
 576     const unsigned char *datap = data;
 577     EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
 578     int ok = TEST_ptr(pkey);
 579
 580     EVP_PKEY_free(pkey);
 581     return ok;
 582 }
 583
 584 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
 585 {
 586     return test_encode_decode(type, key, NULL, NULL,
 587                               encode_public_EVP_PKEY_MSBLOB,
 588                               decode_EVP_PKEY_prov,
 589                               test_mem, check_public_MSBLOB, dump_der,
 590                               NULL);
 591 }
 592 #endif
 593
 594 #define KEYS(KEYTYPE)                           \
 595     static EVP_PKEY *key_##KEYTYPE = NULL
 596 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params)                          \
 597     ok = ok                                                             \
 598         && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
 599 #define FREE_KEYS(KEYTYPE)                                              \
 600     EVP_PKEY_free(key_##KEYTYPE);                                       \
 601
 602 #define DOMAIN_KEYS(KEYTYPE)                    \
 603     static EVP_PKEY *template_##KEYTYPE = NULL; \
 604     static EVP_PKEY *key_##KEYTYPE = NULL
 605 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params)                   \
 606     ok = ok                                                             \
 607         && TEST_ptr(template_##KEYTYPE =                                \
 608                     make_template(KEYTYPEstr, params))                  \
 609         && TEST_ptr(key_##KEYTYPE =                                     \
 610                     make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
 611 #define FREE_DOMAIN_KEYS(KEYTYPE)                                       \
 612     EVP_PKEY_free(template_##KEYTYPE);                                  \
 613     EVP_PKEY_free(key_##KEYTYPE)
 614
 615 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr)                       \
 616     static int test_unprotected_##KEYTYPE##_via_DER(void)               \
 617     {                                                                   \
 618         return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE);     \
 619     }                                                                   \
 620     static int test_unprotected_##KEYTYPE##_via_PEM(void)               \
 621     {                                                                   \
 622         return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE);     \
 623     }                                                                   \
 624     static int test_protected_##KEYTYPE##_via_DER(void)                 \
 625     {                                                                   \
 626         return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE);       \
 627     }                                                                   \
 628     static int test_protected_##KEYTYPE##_via_PEM(void)                 \
 629     {                                                                   \
 630         return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE);       \
 631     }                                                                   \
 632     static int test_public_##KEYTYPE##_via_DER(void)                    \
 633     {                                                                   \
 634         return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE);          \
 635     }                                                                   \
 636     static int test_public_##KEYTYPE##_via_PEM(void)                    \
 637     {                                                                   \
 638         return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE);          \
 639     }
 640
 641 #define ADD_TEST_SUITE(KEYTYPE)                                 \
 642     ADD_TEST(test_unprotected_##KEYTYPE##_via_DER);             \
 643     ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM);             \
 644     ADD_TEST(test_protected_##KEYTYPE##_via_DER);               \
 645     ADD_TEST(test_protected_##KEYTYPE##_via_PEM);               \
 646     ADD_TEST(test_public_##KEYTYPE##_via_DER);                  \
 647     ADD_TEST(test_public_##KEYTYPE##_via_PEM)
 648
 649 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr)                \
 650     static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void)        \
 651     {                                                                   \
 652         return                                                          \
 653             test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
 654     }                                                                   \
 655     static int test_protected_##KEYTYPE##_via_legacy_PEM(void)          \
 656     {                                                                   \
 657         return                                                          \
 658             test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE);   \
 659     }
 660
 661 #define ADD_TEST_SUITE_LEGACY(KEYTYPE)                                 \
 662     ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM);             \
 663     ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
 664
 665 #ifndef OPENSSL_NO_DSA
 666 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr)               \
 667     static int test_unprotected_##KEYTYPE##_via_MSBLOB(void)            \
 668     {                                                                   \
 669         return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE);  \
 670     }                                                                   \
 671     static int test_public_##KEYTYPE##_via_MSBLOB(void)                 \
 672     {                                                                   \
 673         return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE);       \
 674     }
 675
 676 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE)                         \
 677     ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB);          \
 678     ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
 679
 680 # ifndef OPENSSL_NO_RC4
 681 #  define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr)                 \
 682     static int test_unprotected_##KEYTYPE##_via_PVK(void)               \
 683     {                                                                   \
 684         return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE);     \
 685     }                                                                   \
 686     static int test_protected_##KEYTYPE##_via_PVK(void)                 \
 687     {                                                                   \
 688         return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE);       \
 689     }
 690
 691 #  define ADD_TEST_SUITE_PVK(KEYTYPE)                           \
 692     ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK);             \
 693     ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
 694 # endif
 695 #endif
 696
 697 #ifndef OPENSSL_NO_DH
 698 DOMAIN_KEYS(DH);
 699 IMPLEMENT_TEST_SUITE(DH, "DH")
 700 DOMAIN_KEYS(DHX);
 701 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
 702 /*
 703  * DH has no support for PEM_write_bio_PrivateKey_traditional(),
 704  * so no legacy tests.
 705  */
 706 #endif
 707 #ifndef OPENSSL_NO_DSA
 708 DOMAIN_KEYS(DSA);
 709 IMPLEMENT_TEST_SUITE(DSA, "DSA")
 710 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
 711 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
 712 # ifndef OPENSSL_NO_RC4
 713 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
 714 # endif
 715 #endif
 716 #ifndef OPENSSL_NO_EC
 717 DOMAIN_KEYS(EC);
 718 IMPLEMENT_TEST_SUITE(EC, "EC")
 719 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
 720 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
 721 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
 722 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
 723 DOMAIN_KEYS(ECExplicitPrime2G);
 724 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
 725 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
 726 # ifndef OPENSSL_NO_EC2M
 727 DOMAIN_KEYS(ECExplicitTriNamedCurve);
 728 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
 729 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
 730 DOMAIN_KEYS(ECExplicitTri2G);
 731 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
 732 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
 733 # endif
 734 KEYS(ED25519);
 735 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
 736 KEYS(ED448);
 737 IMPLEMENT_TEST_SUITE(ED448, "ED448")
 738 KEYS(X25519);
 739 IMPLEMENT_TEST_SUITE(X25519, "X25519")
 740 KEYS(X448);
 741 IMPLEMENT_TEST_SUITE(X448, "X448")
 742 /*
 743  * ED25519, ED448, X25519 and X448 have no support for
 744  * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
 745  */
 746 #endif
 747 KEYS(RSA);
 748 IMPLEMENT_TEST_SUITE(RSA, "RSA")
 749 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
 750 KEYS(RSA_PSS);
 751 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
 752 /*
 753  * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
 754  * so no legacy tests.
 755  */
 756 #ifndef OPENSSL_NO_DSA
 757 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
 758 # ifndef OPENSSL_NO_RC4
 759 IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
 760 # endif
 761 #endif
 762
 763 #ifndef OPENSSL_NO_EC
 764 /* Explicit parameters that match a named curve */
 765 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
 766                                               const unsigned char *gen,
 767                                               size_t gen_len)
 768 {
 769     BIGNUM *a, *b, *prime, *order;
 770
 771     /* Curve prime256v1 */
 772     static const unsigned char prime_data[] = {
 773         0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
 774         0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 775         0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
 776         0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
 777         0xff
 778     };
 779     static const unsigned char a_data[] = {
 780         0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
 781         0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 782         0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
 783         0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
 784         0xfc
 785     };
 786     static const unsigned char b_data[] = {
 787         0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
 788         0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
 789         0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
 790         0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
 791     };
 792     static const unsigned char seed[] = {
 793         0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
 794         0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
 795         0x81, 0x9f, 0x7e, 0x90
 796     };
 797     static const unsigned char order_data[] = {
 798         0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
 799         0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
 800         0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
 801         0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
 802     };
 803     return TEST_ptr(a = BN_CTX_get(bnctx))
 804            && TEST_ptr(b = BN_CTX_get(bnctx))
 805            && TEST_ptr(prime = BN_CTX_get(bnctx))
 806            && TEST_ptr(order = BN_CTX_get(bnctx))
 807            && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
 808            && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
 809            && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
 810            && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
 811            && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
 812                             OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
 813                             0))
 814            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
 815            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
 816            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
 817            && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
 818                             OSSL_PKEY_PARAM_EC_ORDER, order))
 819            && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
 820                             OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
 821            && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
 822                             OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
 823            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
 824                                                BN_value_one()));
 825 }
 826
 827 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
 828 {
 829     static const unsigned char prime256v1_gen[] = {
 830         0x04,
 831         0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
 832         0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
 833         0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
 834         0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
 835         0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
 836         0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
 837         0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
 838         0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
 839     };
 840     return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
 841                                               sizeof(prime256v1_gen));
 842 }
 843
 844 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
 845 {
 846     /* 2G */
 847     static const unsigned char prime256v1_gen2[] = {
 848         0x04,
 849         0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
 850         0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
 851         0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
 852         0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
 853         0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
 854         0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
 855         0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
 856         0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
 857     };
 858     return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
 859                                               sizeof(prime256v1_gen2));
 860 }
 861
 862 # ifndef OPENSSL_NO_EC2M
 863 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
 864                                                   const unsigned char *gen,
 865                                                   size_t gen_len)
 866 {
 867     BIGNUM *a, *b, *poly, *order, *cofactor;
 868     /* sect233k1 characteristic-two-field tpBasis */
 869     static const unsigned char poly_data[] = {
 870         0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 871         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
 872         0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
 873     };
 874     static const unsigned char a_data[] = {
 875         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 876         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 877         0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 878     };
 879     static const unsigned char b_data[] = {
 880         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 881         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 882         0x00, 0x00, 0x00, 0x00, 0x00, 0x01
 883     };
 884     static const unsigned char order_data[] = {
 885         0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 886         0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
 887         0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
 888     };
 889     static const unsigned char cofactor_data[]= {
 890         0x4
 891     };
 892     return TEST_ptr(a = BN_CTX_get(bnctx))
 893            && TEST_ptr(b = BN_CTX_get(bnctx))
 894            && TEST_ptr(poly = BN_CTX_get(bnctx))
 895            && TEST_ptr(order = BN_CTX_get(bnctx))
 896            && TEST_ptr(cofactor = BN_CTX_get(bnctx))
 897            && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
 898            && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
 899            && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
 900            && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
 901            && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
 902            && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
 903                             OSSL_PKEY_PARAM_EC_FIELD_TYPE,
 904                             SN_X9_62_characteristic_two_field, 0))
 905            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
 906            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
 907            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
 908            && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
 909                             OSSL_PKEY_PARAM_EC_ORDER, order))
 910            && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
 911                             OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
 912            && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
 913                                                cofactor));
 914 }
 915
 916 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
 917 {
 918     static const unsigned char gen[] = {
 919         0x04,
 920         0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
 921         0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
 922         0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
 923         0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
 924         0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
 925         0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
 926     };
 927     return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
 928 }
 929
 930 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
 931 {
 932     static const unsigned char gen2[] = {
 933         0x04,
 934         0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
 935         0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
 936         0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
 937         0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
 938         0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
 939         0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
 940     };
 941     return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
 942 }
 943 # endif /* OPENSSL_NO_EC2M */
 944 #endif /* OPENSSL_NO_EC */
 945
 946 int setup_tests(void)
 947 {
 948     int ok = 1;
 949
 950 #ifndef OPENSSL_NO_DSA
 951     static size_t qbits = 160;  /* PVK only tolerates 160 Q bits */
 952     static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
 953     OSSL_PARAM DSA_params[] = {
 954         OSSL_PARAM_size_t("pbits", &pbits),
 955         OSSL_PARAM_size_t("qbits", &qbits),
 956         OSSL_PARAM_END
 957     };
 958 #endif
 959
 960 #ifndef OPENSSL_NO_EC
 961     static char groupname[] = "prime256v1";
 962     OSSL_PARAM EC_params[] = {
 963         OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
 964         OSSL_PARAM_END
 965     };
 966 #endif
 967
 968     /* 7 is the default magic number */
 969     static unsigned int rsapss_min_saltlen = 7;
 970     OSSL_PARAM RSA_PSS_params[] = {
 971         OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
 972         OSSL_PARAM_END
 973     };
 974
 975 #ifndef OPENSSL_NO_EC
 976     if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
 977         || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
 978         || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
 979         || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
 980         || !create_ec_explicit_prime_params(bld_prime)
 981         || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
 982         || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
 983 # ifndef OPENSSL_NO_EC2M
 984         || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
 985         || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
 986         || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
 987         || !create_ec_explicit_trinomial_params(bld_tri)
 988         || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
 989         || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
 990 # endif
 991         )
 992         return 0;
 993 #endif
 994
 995     TEST_info("Generating keys...");
 996
 997 #ifndef OPENSSL_NO_DH
 998     MAKE_DOMAIN_KEYS(DH, "DH", NULL);
 999     MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1000 #endif
1001 #ifndef OPENSSL_NO_DSA
1002     MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1003 #endif
1004 #ifndef OPENSSL_NO_EC
1005     MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1006     MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1007     MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1008 # ifndef OPENSSL_NO_EC2M
1009     MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1010     MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1011 # endif
1012     MAKE_KEYS(ED25519, "ED25519", NULL);
1013     MAKE_KEYS(ED448, "ED448", NULL);
1014     MAKE_KEYS(X25519, "X25519", NULL);
1015     MAKE_KEYS(X448, "X448", NULL);
1016 #endif
1017     MAKE_KEYS(RSA, "RSA", NULL);
1018     MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1019     TEST_info("Generating key... done");
1020
1021     if (ok) {
1022 #ifndef OPENSSL_NO_DH
1023         ADD_TEST_SUITE(DH);
1024         ADD_TEST_SUITE(DHX);
1025         /*
1026          * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1027          * so no legacy tests.
1028          */
1029 #endif
1030 #ifndef OPENSSL_NO_DSA
1031         ADD_TEST_SUITE(DSA);
1032         ADD_TEST_SUITE_LEGACY(DSA);
1033         ADD_TEST_SUITE_MSBLOB(DSA);
1034 # ifndef OPENSSL_NO_RC4
1035         ADD_TEST_SUITE_PVK(DSA);
1036 # endif
1037 #endif
1038 #ifndef OPENSSL_NO_EC
1039         ADD_TEST_SUITE(EC);
1040         ADD_TEST_SUITE_LEGACY(EC);
1041         ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1042         ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1043         ADD_TEST_SUITE(ECExplicitPrime2G);
1044         ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1045 # ifndef OPENSSL_NO_EC2M
1046         ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1047         ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1048         ADD_TEST_SUITE(ECExplicitTri2G);
1049         ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1050 # endif
1051         ADD_TEST_SUITE(ED25519);
1052         ADD_TEST_SUITE(ED448);
1053         ADD_TEST_SUITE(X25519);
1054         ADD_TEST_SUITE(X448);
1055         /*
1056          * ED25519, ED448, X25519 and X448 have no support for
1057          * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1058          */
1059 #endif
1060         ADD_TEST_SUITE(RSA);
1061         ADD_TEST_SUITE_LEGACY(RSA);
1062         ADD_TEST_SUITE(RSA_PSS);
1063         /*
1064          * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1065          * so no legacy tests.
1066          */
1067 #ifndef OPENSSL_NO_DSA
1068         ADD_TEST_SUITE_MSBLOB(RSA);
1069 # ifndef OPENSSL_NO_RC4
1070         ADD_TEST_SUITE_PVK(RSA);
1071 # endif
1072 #endif
1073     }
1074
1075     return 1;
1076 }
1077
1078 void cleanup_tests(void)
1079 {
1080 #ifndef OPENSSL_NO_EC
1081     OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1082     OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1083     OSSL_PARAM_BLD_free(bld_prime_nc);
1084     OSSL_PARAM_BLD_free(bld_prime);
1085 # ifndef OPENSSL_NO_EC2M
1086     OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1087     OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1088     OSSL_PARAM_BLD_free(bld_tri_nc);
1089     OSSL_PARAM_BLD_free(bld_tri);
1090 # endif
1091     BN_CTX_free(bnctx);
1092 #endif /* OPENSSL_NO_EC */
1093
1094 #ifndef OPENSSL_NO_DH
1095     FREE_DOMAIN_KEYS(DH);
1096     FREE_DOMAIN_KEYS(DHX);
1097 #endif
1098 #ifndef OPENSSL_NO_DSA
1099     FREE_DOMAIN_KEYS(DSA);
1100 #endif
1101 #ifndef OPENSSL_NO_EC
1102     FREE_DOMAIN_KEYS(EC);
1103     FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1104     FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1105 # ifndef OPENSSL_NO_EC2M
1106     FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1107     FREE_DOMAIN_KEYS(ECExplicitTri2G);
1108 # endif
1109     FREE_KEYS(ED25519);
1110     FREE_KEYS(ED448);
1111     FREE_KEYS(X25519);
1112     FREE_KEYS(X448);
1113 #endif
1114     FREE_KEYS(RSA);
1115     FREE_KEYS(RSA_PSS);
1116 }