2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
24 #include "crypto/evp.h" /* For evp_pkey_is_provided() */
26 #include "helpers/predefined_dhparams.h"
30 OSSL_provider_init_fn ossl_legacy_provider_init;
33 /* Extended test macros to allow passing file & line number */
34 #define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
35 #define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
36 #define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
37 #define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
38 #define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
39 #define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
40 #define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
41 #define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
42 #define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
44 #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
45 # define OPENSSL_NO_KEYPARAMS
48 static int default_libctx = 1;
49 static int is_fips = 0;
51 static OSSL_LIB_CTX *testctx = NULL;
52 static OSSL_LIB_CTX *keyctx = NULL;
53 static char *testpropq = NULL;
55 static OSSL_PROVIDER *nullprov = NULL;
56 static OSSL_PROVIDER *deflprov = NULL;
57 static OSSL_PROVIDER *keyprov = NULL;
60 static BN_CTX *bnctx = NULL;
61 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
62 static OSSL_PARAM_BLD *bld_prime = NULL;
63 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
64 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
66 # ifndef OPENSSL_NO_EC2M
67 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
68 static OSSL_PARAM_BLD *bld_tri = NULL;
69 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
70 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
74 #ifndef OPENSSL_NO_KEYPARAMS
75 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
77 EVP_PKEY *pkey = NULL;
78 EVP_PKEY_CTX *ctx = NULL;
80 # ifndef OPENSSL_NO_DH
82 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
83 * for testing only. Use a minimum key size of 2048 for security purposes.
85 if (strcmp(type, "DH") == 0)
86 return get_dh512(keyctx);
88 if (strcmp(type, "X9.42 DH") == 0)
89 return get_dhx512(keyctx);
93 * No real need to check the errors other than for the cascade
94 * effect. |pkey| will simply remain NULL if something goes wrong.
96 (void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL
97 && EVP_PKEY_paramgen_init(ctx) > 0
99 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
100 && EVP_PKEY_generate(ctx, &pkey) > 0);
101 EVP_PKEY_CTX_free(ctx);
107 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
108 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
109 OSSL_PARAM *genparams)
111 EVP_PKEY *pkey = NULL;
114 ? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq)
115 : EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq);
118 * No real need to check the errors other than for the cascade
119 * effect. |pkey| will simply remain NULL if something goes wrong.
122 && EVP_PKEY_keygen_init(ctx) > 0
123 && (genparams == NULL
124 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
125 && EVP_PKEY_keygen(ctx, &pkey) > 0);
126 EVP_PKEY_CTX_free(ctx);
131 /* Main test driver */
133 typedef int (encoder)(const char *file, const int line,
134 void **encoded, long *encoded_len,
135 void *object, int selection,
136 const char *output_type, const char *output_structure,
137 const char *pass, const char *pcipher);
138 typedef int (decoder)(const char *file, const int line,
139 void **object, void *encoded, long encoded_len,
140 const char *input_type, const char *structure_type,
141 const char *keytype, int selection, const char *pass);
142 typedef int (tester)(const char *file, const int line,
143 const void *data1, size_t data1_len,
144 const void *data2, size_t data2_len);
145 typedef int (checker)(const char *file, const int line,
146 const char *type, const void *data, size_t data_len);
147 typedef void (dumper)(const char *label, const void *data, size_t data_len);
149 #define FLAG_DECODE_WITH_TYPE 0x0001
150 #define FLAG_FAIL_IF_FIPS 0x0002
152 static int test_encode_decode(const char *file, const int line,
153 const char *type, EVP_PKEY *pkey,
154 int selection, const char *output_type,
155 const char *output_structure,
156 const char *pass, const char *pcipher,
157 encoder *encode_cb, decoder *decode_cb,
158 tester *test_cb, checker *check_cb,
159 dumper *dump_cb, int flags)
161 void *encoded = NULL;
162 long encoded_len = 0;
163 EVP_PKEY *pkey2 = NULL;
164 void *encoded2 = NULL;
165 long encoded2_len = 0;
169 * Encode |pkey|, decode the result into |pkey2|, and finish off by
170 * encoding |pkey2| as well. That last encoding is for checking and
173 if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
174 output_type, output_structure, pass, pcipher)))
177 if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips) {
178 if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
179 encoded_len, output_type, output_structure,
180 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
186 if (!TEST_true(check_cb(file, line, type, encoded, encoded_len))
187 || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
188 output_type, output_structure,
189 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
191 || !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
192 output_type, output_structure, pass, pcipher)))
195 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
196 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
199 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
204 * Double check the encoding, but only for unprotected keys,
205 * as protected keys have a random component, which makes the output
208 if ((pass == NULL && pcipher == NULL)
209 && !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
215 if (encoded != NULL && encoded_len != 0)
216 dump_cb("|pkey| encoded", encoded, encoded_len);
217 if (encoded2 != NULL && encoded2_len != 0)
218 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
221 OPENSSL_free(encoded);
222 OPENSSL_free(encoded2);
223 EVP_PKEY_free(pkey2);
227 /* Encoding and decoding methods */
229 static int encode_EVP_PKEY_prov(const char *file, const int line,
230 void **encoded, long *encoded_len,
231 void *object, int selection,
232 const char *output_type,
233 const char *output_structure,
234 const char *pass, const char *pcipher)
236 EVP_PKEY *pkey = object;
237 OSSL_ENCODER_CTX *ectx = NULL;
239 BUF_MEM *mem_buf = NULL;
240 const unsigned char *upass = (const unsigned char *)pass;
243 if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
247 || !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
249 && !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
252 && !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
253 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
254 || !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
255 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
256 || !TEST_FL_ptr(*encoded = mem_buf->data)
257 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
260 /* Detach the encoded output */
261 mem_buf->data = NULL;
266 OSSL_ENCODER_CTX_free(ectx);
270 static int decode_EVP_PKEY_prov(const char *file, const int line,
271 void **object, void *encoded, long encoded_len,
272 const char *input_type,
273 const char *structure_type,
274 const char *keytype, int selection,
277 EVP_PKEY *pkey = NULL, *testpkey = NULL;
278 OSSL_DECODER_CTX *dctx = NULL;
279 BIO *encoded_bio = NULL;
280 const unsigned char *upass = (const unsigned char *)pass;
285 if (strcmp(input_type, "DER") == 0)
290 if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
294 * We attempt the decode 3 times. The first time we provide the expected
295 * starting input type. The second time we provide NULL for the starting
296 * type. The third time we provide a bad starting input type.
297 * The bad starting input type should fail. The other two should succeed
298 * and produce the same result.
300 for (i = 0; i < 3; i++) {
301 const char *testtype = (i == 0) ? input_type
302 : ((i == 1) ? NULL : badtype);
304 if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
311 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
312 || !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
313 /* We expect to fail when using a bad input type */
314 || !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
317 OSSL_DECODER_CTX_free(dctx);
324 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
325 if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
328 if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
339 EVP_PKEY_free(testpkey);
340 BIO_free(encoded_bio);
341 OSSL_DECODER_CTX_free(dctx);
345 static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
346 void **encoded, long *encoded_len,
347 void *object, ossl_unused int selection,
348 ossl_unused const char *output_type,
349 ossl_unused const char *output_structure,
350 const char *pass, const char *pcipher)
352 EVP_PKEY *pkey = object;
353 EVP_CIPHER *cipher = NULL;
355 BUF_MEM *mem_buf = NULL;
356 const unsigned char *upass = (const unsigned char *)pass;
360 if (pcipher != NULL && pass != NULL) {
361 passlen = strlen(pass);
362 if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq)))
365 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
366 || !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
370 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
371 || !TEST_FL_ptr(*encoded = mem_buf->data)
372 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
375 /* Detach the encoded output */
376 mem_buf->data = NULL;
381 EVP_CIPHER_free(cipher);
385 static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
386 void **encoded, long *encoded_len,
387 void *object, int selection,
388 ossl_unused const char *output_type,
389 ossl_unused const char *output_structure,
390 ossl_unused const char *pass,
391 ossl_unused const char *pcipher)
393 EVP_PKEY *pkey = object;
395 BUF_MEM *mem_buf = NULL;
398 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
401 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
402 if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
405 if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
409 if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
410 || !TEST_FL_ptr(*encoded = mem_buf->data)
411 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
414 /* Detach the encoded output */
415 mem_buf->data = NULL;
423 static pem_password_cb pass_pw;
424 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
426 OPENSSL_strlcpy(buf, userdata, size);
427 return strlen(userdata);
430 static int encode_EVP_PKEY_PVK(const char *file, const int line,
431 void **encoded, long *encoded_len,
432 void *object, int selection,
433 ossl_unused const char *output_type,
434 ossl_unused const char *output_structure,
436 ossl_unused const char *pcipher)
438 EVP_PKEY *pkey = object;
440 BUF_MEM *mem_buf = NULL;
441 int enc = (pass != NULL);
444 if (!TEST_FL_true(ossl_assert((selection
445 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
446 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
447 || !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc,
448 pass_pw, (void *)pass, testctx, testpropq), 0)
449 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
450 || !TEST_FL_ptr(*encoded = mem_buf->data)
451 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
454 /* Detach the encoded output */
455 mem_buf->data = NULL;
463 static int test_text(const char *file, const int line,
464 const void *data1, size_t data1_len,
465 const void *data2, size_t data2_len)
467 return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
470 static int test_mem(const char *file, const int line,
471 const void *data1, size_t data1_len,
472 const void *data2, size_t data2_len)
474 return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
477 /* Test cases and their dumpers / checkers */
479 static void collect_name(const char *name, void *arg)
481 char **namelist = arg;
485 space = strlen(name);
486 if (*namelist != NULL)
487 space += strlen(*namelist) + 2 /* for comma and space */;
488 space++; /* for terminating null byte */
490 new_namelist = OPENSSL_realloc(*namelist, space);
491 if (new_namelist == NULL)
493 if (*namelist != NULL) {
494 strcat(new_namelist, ", ");
495 strcat(new_namelist, name);
497 strcpy(new_namelist, name);
499 *namelist = new_namelist;
502 static void dump_der(const char *label, const void *data, size_t data_len)
504 test_output_memory(label, data, data_len);
507 static void dump_pem(const char *label, const void *data, size_t data_len)
509 test_output_string(label, data, data_len - 1);
512 static int check_unprotected_PKCS8_DER(const char *file, const int line,
514 const void *data, size_t data_len)
516 const unsigned char *datap = data;
517 PKCS8_PRIV_KEY_INFO *p8inf =
518 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
521 if (TEST_FL_ptr(p8inf)) {
522 EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq);
523 char *namelist = NULL;
525 if (TEST_FL_ptr(pkey)) {
526 if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
527 EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist);
528 if (namelist != NULL)
529 TEST_note("%s isn't any of %s", type, namelist);
530 OPENSSL_free(namelist);
532 ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey));
536 PKCS8_PRIV_KEY_INFO_free(p8inf);
540 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key, int fips)
542 return test_encode_decode(__FILE__, __LINE__, type, key,
543 OSSL_KEYMGMT_SELECT_KEYPAIR
544 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
545 "DER", "PrivateKeyInfo", NULL, NULL,
546 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
547 test_mem, check_unprotected_PKCS8_DER,
548 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
551 static int check_unprotected_PKCS8_PEM(const char *file, const int line,
553 const void *data, size_t data_len)
555 static const char expected_pem_header[] =
556 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
558 return TEST_FL_strn_eq(data, expected_pem_header,
559 sizeof(expected_pem_header) - 1);
562 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key, int fips)
564 return test_encode_decode(__FILE__, __LINE__, type, key,
565 OSSL_KEYMGMT_SELECT_KEYPAIR
566 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
567 "PEM", "PrivateKeyInfo", NULL, NULL,
568 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
569 test_text, check_unprotected_PKCS8_PEM,
570 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
573 #ifndef OPENSSL_NO_KEYPARAMS
574 static int check_params_DER(const char *file, const int line,
575 const char *type, const void *data, size_t data_len)
577 const unsigned char *datap = data;
579 int itype = NID_undef;
580 EVP_PKEY *pkey = NULL;
582 if (strcmp(type, "DH") == 0)
584 else if (strcmp(type, "X9.42 DH") == 0)
585 itype = EVP_PKEY_DHX;
586 else if (strcmp(type, "DSA") == 0)
587 itype = EVP_PKEY_DSA;
588 else if (strcmp(type, "EC") == 0)
591 if (itype != NID_undef) {
592 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
600 static int check_params_PEM(const char *file, const int line,
602 const void *data, size_t data_len)
604 static char expected_pem_header[80];
607 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
608 sizeof(expected_pem_header),
609 "-----BEGIN %s PARAMETERS-----", type), 0)
610 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
613 static int test_params_via_DER(const char *type, EVP_PKEY *key)
615 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
616 "DER", "type-specific", NULL, NULL,
617 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
618 test_mem, check_params_DER,
619 dump_der, FLAG_DECODE_WITH_TYPE);
622 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
624 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
625 "PEM", "type-specific", NULL, NULL,
626 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
627 test_text, check_params_PEM,
630 #endif /* !OPENSSL_NO_KEYPARAMS */
632 static int check_unprotected_legacy_PEM(const char *file, const int line,
634 const void *data, size_t data_len)
636 static char expected_pem_header[80];
639 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
640 sizeof(expected_pem_header),
641 "-----BEGIN %s PRIVATE KEY-----", type), 0)
642 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
645 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
647 if (!default_libctx || is_fips)
648 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
650 return test_encode_decode(__FILE__, __LINE__, type, key,
651 OSSL_KEYMGMT_SELECT_KEYPAIR
652 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
653 "PEM", "type-specific", NULL, NULL,
654 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
655 test_text, check_unprotected_legacy_PEM,
659 static int check_MSBLOB(const char *file, const int line,
660 const char *type, const void *data, size_t data_len)
662 const unsigned char *datap = data;
663 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
664 int ok = TEST_FL_ptr(pkey);
670 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
672 return test_encode_decode(__FILE__, __LINE__, type, key,
673 OSSL_KEYMGMT_SELECT_KEYPAIR
674 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
675 "MSBLOB", NULL, NULL, NULL,
676 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
677 test_mem, check_MSBLOB,
681 static int check_PVK(const char *file, const int line,
682 const char *type, const void *data, size_t data_len)
684 const unsigned char *in = data;
685 unsigned int saltlen = 0, keylen = 0;
686 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
691 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
693 return test_encode_decode(__FILE__, __LINE__, type, key,
694 OSSL_KEYMGMT_SELECT_KEYPAIR
695 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
696 "PVK", NULL, NULL, NULL,
697 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
702 static const char *pass_cipher = "AES-256-CBC";
703 static const char *pass = "the holy handgrenade of antioch";
705 static int check_protected_PKCS8_DER(const char *file, const int line,
707 const void *data, size_t data_len)
709 const unsigned char *datap = data;
710 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
711 int ok = TEST_FL_ptr(p8);
717 static int test_protected_via_DER(const char *type, EVP_PKEY *key, int fips)
719 return test_encode_decode(__FILE__, __LINE__, type, key,
720 OSSL_KEYMGMT_SELECT_KEYPAIR
721 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
722 "DER", "EncryptedPrivateKeyInfo",
724 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
725 test_mem, check_protected_PKCS8_DER,
726 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
729 static int check_protected_PKCS8_PEM(const char *file, const int line,
731 const void *data, size_t data_len)
733 static const char expected_pem_header[] =
734 "-----BEGIN " PEM_STRING_PKCS8 "-----";
736 return TEST_FL_strn_eq(data, expected_pem_header,
737 sizeof(expected_pem_header) - 1);
740 static int test_protected_via_PEM(const char *type, EVP_PKEY *key, int fips)
742 return test_encode_decode(__FILE__, __LINE__, type, key,
743 OSSL_KEYMGMT_SELECT_KEYPAIR
744 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
745 "PEM", "EncryptedPrivateKeyInfo",
747 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
748 test_text, check_protected_PKCS8_PEM,
749 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
752 static int check_protected_legacy_PEM(const char *file, const int line,
754 const void *data, size_t data_len)
756 static char expected_pem_header[80];
759 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
760 sizeof(expected_pem_header),
761 "-----BEGIN %s PRIVATE KEY-----", type), 0)
762 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
763 && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
766 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
768 if (!default_libctx || is_fips)
769 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
771 return test_encode_decode(__FILE__, __LINE__, type, key,
772 OSSL_KEYMGMT_SELECT_KEYPAIR
773 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
774 "PEM", "type-specific", pass, pass_cipher,
775 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
776 test_text, check_protected_legacy_PEM,
780 #ifndef OPENSSL_NO_RC4
781 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
784 OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
785 if (lgcyprov == NULL)
786 return TEST_skip("Legacy provider not available");
788 ret = test_encode_decode(__FILE__, __LINE__, type, key,
789 OSSL_KEYMGMT_SELECT_KEYPAIR
790 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
791 "PVK", NULL, pass, NULL,
792 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
793 test_mem, check_PVK, dump_der, 0);
794 OSSL_PROVIDER_unload(lgcyprov);
799 static int check_public_DER(const char *file, const int line,
800 const char *type, const void *data, size_t data_len)
802 const unsigned char *datap = data;
803 EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq);
804 int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
810 static int test_public_via_DER(const char *type, EVP_PKEY *key, int fips)
812 return test_encode_decode(__FILE__, __LINE__, type, key,
813 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
814 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
815 "DER", "SubjectPublicKeyInfo", NULL, NULL,
816 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
817 test_mem, check_public_DER, dump_der,
818 fips ? 0 : FLAG_FAIL_IF_FIPS);
821 static int check_public_PEM(const char *file, const int line,
822 const char *type, const void *data, size_t data_len)
824 static const char expected_pem_header[] =
825 "-----BEGIN " PEM_STRING_PUBLIC "-----";
828 TEST_FL_strn_eq(data, expected_pem_header,
829 sizeof(expected_pem_header) - 1);
832 static int test_public_via_PEM(const char *type, EVP_PKEY *key, int fips)
834 return test_encode_decode(__FILE__, __LINE__, type, key,
835 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
836 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
837 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
838 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
839 test_text, check_public_PEM, dump_pem,
840 fips ? 0 : FLAG_FAIL_IF_FIPS);
843 static int check_public_MSBLOB(const char *file, const int line,
845 const void *data, size_t data_len)
847 const unsigned char *datap = data;
848 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
849 int ok = TEST_FL_ptr(pkey);
855 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
857 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
858 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
859 "MSBLOB", NULL, NULL, NULL,
860 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
861 test_mem, check_public_MSBLOB, dump_der, 0);
864 #define KEYS(KEYTYPE) \
865 static EVP_PKEY *key_##KEYTYPE = NULL
866 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
868 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
869 #define FREE_KEYS(KEYTYPE) \
870 EVP_PKEY_free(key_##KEYTYPE); \
872 #define DOMAIN_KEYS(KEYTYPE) \
873 static EVP_PKEY *template_##KEYTYPE = NULL; \
874 static EVP_PKEY *key_##KEYTYPE = NULL
875 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
877 && TEST_ptr(template_##KEYTYPE = \
878 make_template(KEYTYPEstr, params)) \
879 && TEST_ptr(key_##KEYTYPE = \
880 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
881 #define FREE_DOMAIN_KEYS(KEYTYPE) \
882 EVP_PKEY_free(template_##KEYTYPE); \
883 EVP_PKEY_free(key_##KEYTYPE)
885 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \
886 static int test_unprotected_##KEYTYPE##_via_DER(void) \
888 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
890 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
892 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
894 static int test_protected_##KEYTYPE##_via_DER(void) \
896 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
898 static int test_protected_##KEYTYPE##_via_PEM(void) \
900 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
902 static int test_public_##KEYTYPE##_via_DER(void) \
904 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
906 static int test_public_##KEYTYPE##_via_PEM(void) \
908 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
911 #define ADD_TEST_SUITE(KEYTYPE) \
912 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
913 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
914 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
915 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
916 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
917 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
919 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
920 static int test_params_##KEYTYPE##_via_DER(void) \
922 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
924 static int test_params_##KEYTYPE##_via_PEM(void) \
926 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
929 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
930 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
931 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
933 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
934 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
937 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
939 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
942 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
945 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
946 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
947 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
949 #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
950 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
952 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
954 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
956 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
959 #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
960 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
961 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
963 #define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
964 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
966 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
968 # define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
969 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
970 #ifndef OPENSSL_NO_RC4
971 # define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
972 static int test_protected_##KEYTYPE##_via_PVK(void) \
974 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
976 # define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
977 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
980 #ifndef OPENSSL_NO_DH
982 IMPLEMENT_TEST_SUITE(DH, "DH", 1)
983 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
985 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1)
986 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
988 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
989 * so no legacy tests.
992 #ifndef OPENSSL_NO_DSA
994 IMPLEMENT_TEST_SUITE(DSA, "DSA", 1)
995 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
996 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
997 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
998 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
999 # ifndef OPENSSL_NO_RC4
1000 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
1003 #ifndef OPENSSL_NO_EC
1005 IMPLEMENT_TEST_SUITE(EC, "EC", 1)
1006 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
1007 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
1008 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1009 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
1010 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
1011 DOMAIN_KEYS(ECExplicitPrime2G);
1012 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)
1013 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
1014 # ifndef OPENSSL_NO_EC2M
1015 DOMAIN_KEYS(ECExplicitTriNamedCurve);
1016 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
1017 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
1018 DOMAIN_KEYS(ECExplicitTri2G);
1019 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0)
1020 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
1023 IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1)
1025 IMPLEMENT_TEST_SUITE(ED448, "ED448", 1)
1027 IMPLEMENT_TEST_SUITE(X25519, "X25519", 1)
1029 IMPLEMENT_TEST_SUITE(X448, "X448", 1)
1031 * ED25519, ED448, X25519 and X448 have no support for
1032 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1036 IMPLEMENT_TEST_SUITE(RSA, "RSA", 1)
1037 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
1039 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1)
1041 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1042 * so no legacy tests.
1044 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
1045 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
1046 #ifndef OPENSSL_NO_RC4
1047 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1050 #ifndef OPENSSL_NO_EC
1051 /* Explicit parameters that match a named curve */
1052 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1053 const unsigned char *gen,
1056 BIGNUM *a, *b, *prime, *order;
1058 /* Curve prime256v1 */
1059 static const unsigned char prime_data[] = {
1060 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1061 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1062 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1063 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1066 static const unsigned char a_data[] = {
1067 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1068 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1069 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1070 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1073 static const unsigned char b_data[] = {
1074 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1075 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1076 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1077 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1079 static const unsigned char seed[] = {
1080 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1081 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1082 0x81, 0x9f, 0x7e, 0x90
1084 static const unsigned char order_data[] = {
1085 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1086 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1087 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1088 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1090 return TEST_ptr(a = BN_CTX_get(bnctx))
1091 && TEST_ptr(b = BN_CTX_get(bnctx))
1092 && TEST_ptr(prime = BN_CTX_get(bnctx))
1093 && TEST_ptr(order = BN_CTX_get(bnctx))
1094 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1095 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1096 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1097 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1098 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1099 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1101 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1102 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1103 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1104 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1105 OSSL_PKEY_PARAM_EC_ORDER, order))
1106 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1107 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1108 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1109 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1110 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1114 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1116 static const unsigned char prime256v1_gen[] = {
1118 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1119 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1120 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1121 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1122 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1123 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1124 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1125 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1127 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1128 sizeof(prime256v1_gen));
1131 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1134 static const unsigned char prime256v1_gen2[] = {
1136 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1137 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1138 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1139 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1140 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1141 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1142 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1143 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1145 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1146 sizeof(prime256v1_gen2));
1149 # ifndef OPENSSL_NO_EC2M
1150 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1151 const unsigned char *gen,
1154 BIGNUM *a, *b, *poly, *order, *cofactor;
1155 /* sect233k1 characteristic-two-field tpBasis */
1156 static const unsigned char poly_data[] = {
1157 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1158 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1159 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1161 static const unsigned char a_data[] = {
1162 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1164 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1166 static const unsigned char b_data[] = {
1167 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1168 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1169 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1171 static const unsigned char order_data[] = {
1172 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1173 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1174 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1176 static const unsigned char cofactor_data[]= {
1179 return TEST_ptr(a = BN_CTX_get(bnctx))
1180 && TEST_ptr(b = BN_CTX_get(bnctx))
1181 && TEST_ptr(poly = BN_CTX_get(bnctx))
1182 && TEST_ptr(order = BN_CTX_get(bnctx))
1183 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1184 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1185 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1186 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1187 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1188 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1189 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1190 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1191 SN_X9_62_characteristic_two_field, 0))
1192 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1193 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1194 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1195 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1196 OSSL_PKEY_PARAM_EC_ORDER, order))
1197 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1198 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1199 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1203 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1205 static const unsigned char gen[] = {
1207 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1208 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1209 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1210 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1211 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1212 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1214 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1217 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1219 static const unsigned char gen2[] = {
1221 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1222 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1223 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1224 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1225 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1226 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1228 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1230 # endif /* OPENSSL_NO_EC2M */
1231 #endif /* OPENSSL_NO_EC */
1233 typedef enum OPTION_choice {
1244 const OPTIONS *test_get_options(void)
1246 static const OPTIONS options[] = {
1247 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1248 { "context", OPT_CONTEXT, '-',
1249 "Explicitly use a non-default library context" },
1250 { "rsa", OPT_RSA_FILE, '<',
1251 "PEM format RSA key file to encode/decode" },
1252 { "pss", OPT_RSA_PSS_FILE, '<',
1253 "PEM format RSA-PSS key file to encode/decode" },
1254 { "config", OPT_CONFIG_FILE, '<',
1255 "The configuration file to use for the library context" },
1256 { "provider", OPT_PROVIDER_NAME, 's',
1257 "The provider to load (The default value is 'default')" },
1263 int setup_tests(void)
1265 const char *rsa_file = NULL;
1266 const char *rsa_pss_file = NULL;
1267 const char *prov_name = "default";
1268 char *config_file = NULL;
1271 #ifndef OPENSSL_NO_DSA
1272 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1273 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1274 OSSL_PARAM DSA_params[] = {
1275 OSSL_PARAM_size_t("pbits", &pbits),
1276 OSSL_PARAM_size_t("qbits", &qbits),
1281 #ifndef OPENSSL_NO_EC
1282 static char groupname[] = "prime256v1";
1283 OSSL_PARAM EC_params[] = {
1284 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1291 while ((o = opt_next()) != OPT_EOF) {
1296 case OPT_PROVIDER_NAME:
1297 prov_name = opt_arg();
1299 case OPT_CONFIG_FILE:
1300 config_file = opt_arg();
1303 rsa_file = opt_arg();
1305 case OPT_RSA_PSS_FILE:
1306 rsa_pss_file = opt_arg();
1308 case OPT_TEST_CASES:
1315 if (strcmp(prov_name, "fips") == 0)
1318 if (default_libctx) {
1319 if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name))
1322 if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name))
1326 #ifdef STATIC_LEGACY
1328 * This test is always statically linked against libcrypto. We must not
1329 * attempt to load legacy.so that might be dynamically linked against
1330 * libcrypto. Instead we use a built-in version of the legacy provider.
1332 if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
1336 /* Separate provider/ctx for generating the test data */
1337 if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1339 if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default")))
1342 #ifndef OPENSSL_NO_EC
1343 if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx))
1344 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1345 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1346 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1347 || !create_ec_explicit_prime_params(bld_prime)
1348 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1349 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1350 # ifndef OPENSSL_NO_EC2M
1351 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1352 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1353 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1354 || !create_ec_explicit_trinomial_params(bld_tri)
1355 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1356 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1362 TEST_info("Generating keys...");
1364 #ifndef OPENSSL_NO_DH
1365 TEST_info("Generating DH keys...");
1366 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1367 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1369 #ifndef OPENSSL_NO_DSA
1370 TEST_info("Generating DSA keys...");
1371 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1373 #ifndef OPENSSL_NO_EC
1374 TEST_info("Generating EC keys...");
1375 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1376 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1377 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1378 # ifndef OPENSSL_NO_EC2M
1379 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1380 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1382 MAKE_KEYS(ED25519, "ED25519", NULL);
1383 MAKE_KEYS(ED448, "ED448", NULL);
1384 MAKE_KEYS(X25519, "X25519", NULL);
1385 MAKE_KEYS(X448, "X448", NULL);
1387 TEST_info("Loading RSA key...");
1388 ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx));
1389 TEST_info("Loading RSA_PSS key...");
1390 ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx));
1391 TEST_info("Generating keys done");
1394 #ifndef OPENSSL_NO_DH
1396 ADD_TEST_SUITE_PARAMS(DH);
1397 ADD_TEST_SUITE(DHX);
1398 ADD_TEST_SUITE_PARAMS(DHX);
1400 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1401 * so no legacy tests.
1404 #ifndef OPENSSL_NO_DSA
1405 ADD_TEST_SUITE(DSA);
1406 ADD_TEST_SUITE_PARAMS(DSA);
1407 ADD_TEST_SUITE_LEGACY(DSA);
1408 ADD_TEST_SUITE_MSBLOB(DSA);
1409 ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1410 # ifndef OPENSSL_NO_RC4
1411 ADD_TEST_SUITE_PROTECTED_PVK(DSA);
1414 #ifndef OPENSSL_NO_EC
1416 ADD_TEST_SUITE_PARAMS(EC);
1417 ADD_TEST_SUITE_LEGACY(EC);
1418 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1419 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1420 ADD_TEST_SUITE(ECExplicitPrime2G);
1421 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1422 # ifndef OPENSSL_NO_EC2M
1423 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1424 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1425 ADD_TEST_SUITE(ECExplicitTri2G);
1426 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1428 ADD_TEST_SUITE(ED25519);
1429 ADD_TEST_SUITE(ED448);
1430 ADD_TEST_SUITE(X25519);
1431 ADD_TEST_SUITE(X448);
1433 * ED25519, ED448, X25519 and X448 have no support for
1434 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1437 ADD_TEST_SUITE(RSA);
1438 ADD_TEST_SUITE_LEGACY(RSA);
1439 ADD_TEST_SUITE(RSA_PSS);
1441 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1442 * so no legacy tests.
1444 ADD_TEST_SUITE_MSBLOB(RSA);
1445 ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1446 # ifndef OPENSSL_NO_RC4
1447 ADD_TEST_SUITE_PROTECTED_PVK(RSA);
1454 void cleanup_tests(void)
1456 #ifndef OPENSSL_NO_EC
1457 OSSL_PARAM_free(ec_explicit_prime_params_nc);
1458 OSSL_PARAM_free(ec_explicit_prime_params_explicit);
1459 OSSL_PARAM_BLD_free(bld_prime_nc);
1460 OSSL_PARAM_BLD_free(bld_prime);
1461 # ifndef OPENSSL_NO_EC2M
1462 OSSL_PARAM_free(ec_explicit_tri_params_nc);
1463 OSSL_PARAM_free(ec_explicit_tri_params_explicit);
1464 OSSL_PARAM_BLD_free(bld_tri_nc);
1465 OSSL_PARAM_BLD_free(bld_tri);
1468 #endif /* OPENSSL_NO_EC */
1470 #ifndef OPENSSL_NO_DH
1471 FREE_DOMAIN_KEYS(DH);
1472 FREE_DOMAIN_KEYS(DHX);
1474 #ifndef OPENSSL_NO_DSA
1475 FREE_DOMAIN_KEYS(DSA);
1477 #ifndef OPENSSL_NO_EC
1478 FREE_DOMAIN_KEYS(EC);
1479 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1480 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1481 # ifndef OPENSSL_NO_EC2M
1482 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1483 FREE_DOMAIN_KEYS(ECExplicitTri2G);
1493 OSSL_PROVIDER_unload(nullprov);
1494 OSSL_PROVIDER_unload(deflprov);
1495 OSSL_PROVIDER_unload(keyprov);
1496 OSSL_LIB_CTX_free(testctx);
1497 OSSL_LIB_CTX_free(keyctx);