2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
25 #include "helpers/predefined_dhparams.h"
29 static BN_CTX *bnctx = NULL;
30 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
31 static OSSL_PARAM_BLD *bld_prime = NULL;
32 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
33 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
35 # ifndef OPENSSL_NO_EC2M
36 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
37 static OSSL_PARAM_BLD *bld_tri = NULL;
38 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
39 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
43 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
45 EVP_PKEY *pkey = NULL;
46 EVP_PKEY_CTX *ctx = NULL;
50 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
51 * for testing only. Use a minimum key size of 2048 for security purposes.
53 if (strcmp(type, "DH") == 0)
54 return get_dh512(NULL);
55 if (strcmp(type, "X9.42 DH") == 0)
56 return get_dhx512(NULL);
60 * No real need to check the errors other than for the cascade
61 * effect. |pkey| will simply remain NULL if something goes wrong.
63 (void)((ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL)) != NULL
64 && EVP_PKEY_paramgen_init(ctx) > 0
66 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
67 && EVP_PKEY_gen(ctx, &pkey) > 0);
68 EVP_PKEY_CTX_free(ctx);
73 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
74 OSSL_PARAM *genparams)
76 EVP_PKEY *pkey = NULL;
79 ? EVP_PKEY_CTX_new(template, NULL)
80 : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
83 * No real need to check the errors other than for the cascade
84 * effect. |pkey| will simply remain NULL if something goes wrong.
87 && EVP_PKEY_keygen_init(ctx) > 0
89 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
90 && EVP_PKEY_keygen(ctx, &pkey) > 0);
91 EVP_PKEY_CTX_free(ctx);
95 /* Main test driver */
98 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
99 * and __LINE__ as first two arguments, and have them use the lower case
100 * functions, such as test_strn_eq(), rather than the uppercase macros
101 * (TEST_strn2_eq(), for example).
104 typedef int (encoder)(void **encoded, long *encoded_len,
105 void *object, int selection,
106 const char *output_type, const char *output_structure,
107 const char *pass, const char *pcipher);
108 typedef int (decoder)(void **object, void *encoded, long encoded_len,
109 const char *keytype, const char *input_type,
110 int selection, const char *pass);
111 typedef int (tester)(const void *data1, size_t data1_len,
112 const void *data2, size_t data2_len);
113 typedef int (checker)(const char *type, const void *data, size_t data_len);
114 typedef void (dumper)(const char *label, const void *data, size_t data_len);
116 #define FLAG_DECODE_WITH_TYPE 0x0001
118 static int test_encode_decode(const char *type, EVP_PKEY *pkey,
119 int selection, const char *output_type,
120 const char *output_structure,
121 const char *pass, const char *pcipher,
122 encoder *encode_cb, decoder *decode_cb,
123 tester *test_cb, checker *check_cb,
124 dumper *dump_cb, int flags)
126 void *encoded = NULL;
127 long encoded_len = 0;
128 EVP_PKEY *pkey2 = NULL;
129 void *encoded2 = NULL;
130 long encoded2_len = 0;
134 * Encode |pkey|, decode the result into |pkey2|, and finish off by
135 * encoding |pkey2| as well. That last encoding is for checking and
138 if (!TEST_true(encode_cb(&encoded, &encoded_len, pkey, selection,
139 output_type, output_structure, pass, pcipher))
140 || !TEST_true(check_cb(type, encoded, encoded_len))
141 || !TEST_true(decode_cb((void **)&pkey2, encoded, encoded_len,
142 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
143 output_type, selection, pass))
144 || !TEST_true(encode_cb(&encoded2, &encoded2_len, pkey2, selection,
145 output_type, output_structure, pass, pcipher)))
148 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
149 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
152 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
157 * Double check the encoding, but only for unprotected keys,
158 * as protected keys have a random component, which makes the output
161 if ((pass == NULL && pcipher == NULL)
162 && !test_cb(encoded, encoded_len, encoded2, encoded2_len))
168 if (encoded != NULL && encoded_len != 0)
169 dump_cb("|pkey| encoded", encoded, encoded_len);
170 if (encoded2 != NULL && encoded2_len != 0)
171 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
174 OPENSSL_free(encoded);
175 OPENSSL_free(encoded2);
176 EVP_PKEY_free(pkey2);
180 /* Encoding and decoding methods */
182 static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
183 void *object, int selection,
184 const char *output_type,
185 const char *output_structure,
186 const char *pass, const char *pcipher)
188 EVP_PKEY *pkey = object;
189 OSSL_ENCODER_CTX *ectx = NULL;
191 BUF_MEM *mem_buf = NULL;
192 const unsigned char *upass = (const unsigned char *)pass;
195 if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection,
199 || !TEST_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
201 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
204 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
205 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
206 || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
207 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
208 || !TEST_ptr(*encoded = mem_buf->data)
209 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
212 /* Detach the encoded output */
213 mem_buf->data = NULL;
218 OSSL_ENCODER_CTX_free(ectx);
222 static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len,
223 const char *keytype, const char *input_type,
224 int selection, const char *pass)
226 EVP_PKEY *pkey = NULL, *testpkey = NULL;
227 OSSL_DECODER_CTX *dctx = NULL;
228 BIO *encoded_bio = NULL;
229 const unsigned char *upass = (const unsigned char *)pass;
234 if (strcmp(input_type, "DER") == 0)
239 if (!TEST_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
243 * We attempt the decode 3 times. The first time we provide the expected
244 * starting input type. The second time we provide NULL for the starting
245 * type. The third time we provide a bad starting input type.
246 * The bad starting input type should fail. The other two should succeed
247 * and produce the same result.
249 for (i = 0; i < 3; i++) {
250 const char *testtype = (i == 0) ? input_type
251 : ((i == 1) ? NULL : badtype);
253 if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey,
260 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
261 || !TEST_int_gt(BIO_reset(encoded_bio), 0)
262 /* We expect to fail when using a bad input type */
263 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
266 OSSL_DECODER_CTX_free(dctx);
273 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
274 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
277 if (!TEST_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
288 EVP_PKEY_free(testpkey);
289 BIO_free(encoded_bio);
290 OSSL_DECODER_CTX_free(dctx);
294 static int encode_EVP_PKEY_legacy_PEM(void **encoded, long *encoded_len,
295 void *object, ossl_unused int selection,
296 ossl_unused const char *output_type,
297 ossl_unused const char *output_structure,
298 const char *pass, const char *pcipher)
300 EVP_PKEY *pkey = object;
301 EVP_CIPHER *cipher = NULL;
303 BUF_MEM *mem_buf = NULL;
304 const unsigned char *upass = (const unsigned char *)pass;
308 if (pcipher != NULL && pass != NULL) {
309 passlen = strlen(pass);
310 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
313 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
314 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
318 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
319 || !TEST_ptr(*encoded = mem_buf->data)
320 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
323 /* Detach the encoded output */
324 mem_buf->data = NULL;
329 EVP_CIPHER_free(cipher);
333 #ifndef OPENSSL_NO_DSA
334 static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
335 void *object, int selection,
336 ossl_unused const char *output_type,
337 ossl_unused const char *output_structure,
338 ossl_unused const char *pass,
339 ossl_unused const char *pcipher)
341 EVP_PKEY *pkey = object;
343 BUF_MEM *mem_buf = NULL;
346 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem())))
349 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
350 if (!TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
353 if (!TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
357 if (!TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
358 || !TEST_ptr(*encoded = mem_buf->data)
359 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
362 /* Detach the encoded output */
363 mem_buf->data = NULL;
371 # ifndef OPENSSL_NO_RC4
372 static pem_password_cb pass_pw;
373 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
375 OPENSSL_strlcpy(buf, userdata, size);
376 return strlen(userdata);
379 static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
380 void *object, int selection,
381 ossl_unused const char *output_type,
382 ossl_unused const char *output_structure,
384 ossl_unused const char *pcipher)
386 EVP_PKEY *pkey = object;
388 BUF_MEM *mem_buf = NULL;
389 int enc = (pass != NULL);
392 if (!TEST_true(ossl_assert((selection
393 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
394 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
395 || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
396 pass_pw, (void *)pass), 0)
397 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
398 || !TEST_ptr(*encoded = mem_buf->data)
399 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
402 /* Detach the encoded output */
403 mem_buf->data = NULL;
413 static int test_text(const void *data1, size_t data1_len,
414 const void *data2, size_t data2_len)
416 return TEST_strn2_eq(data1, data1_len, data2, data2_len);
419 static int test_mem(const void *data1, size_t data1_len,
420 const void *data2, size_t data2_len)
422 return TEST_mem_eq(data1, data1_len, data2, data2_len);
425 /* Test cases and their dumpers / checkers */
427 static void collect_name(const char *name, void *arg)
429 char **namelist = arg;
433 space = strlen(name);
434 if (*namelist != NULL)
435 space += strlen(*namelist) + 2 /* for comma and space */;
436 space++; /* for terminating null byte */
438 new_namelist = OPENSSL_realloc(*namelist, space);
439 if (new_namelist == NULL)
441 if (*namelist != NULL) {
442 strcat(new_namelist, ", ");
443 strcat(new_namelist, name);
445 strcpy(new_namelist, name);
447 *namelist = new_namelist;
450 static void dump_der(const char *label, const void *data, size_t data_len)
452 test_output_memory(label, data, data_len);
455 static void dump_pem(const char *label, const void *data, size_t data_len)
457 test_output_string(label, data, data_len - 1);
460 static int check_unprotected_PKCS8_DER(const char *type,
461 const void *data, size_t data_len)
463 const unsigned char *datap = data;
464 PKCS8_PRIV_KEY_INFO *p8inf =
465 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
468 if (TEST_ptr(p8inf)) {
469 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
470 char *namelist = NULL;
472 if (TEST_ptr(pkey)) {
473 if (!(ok = TEST_true(EVP_PKEY_is_a(pkey, type)))) {
474 EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist);
475 if (namelist != NULL)
476 TEST_note("%s isn't any of %s", type, namelist);
477 OPENSSL_free(namelist);
482 PKCS8_PRIV_KEY_INFO_free(p8inf);
486 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
488 return test_encode_decode(type, key,
489 OSSL_KEYMGMT_SELECT_KEYPAIR
490 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
491 "DER", "pkcs8", NULL, NULL,
492 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
493 test_mem, check_unprotected_PKCS8_DER,
497 static int check_unprotected_PKCS8_PEM(const char *type,
498 const void *data, size_t data_len)
500 static const char expected_pem_header[] =
501 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
503 return TEST_strn_eq(data, expected_pem_header,
504 sizeof(expected_pem_header) - 1);
507 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
509 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_KEYPAIR
510 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
511 "PEM", "pkcs8", NULL, NULL,
512 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
513 test_text, check_unprotected_PKCS8_PEM,
517 static int check_params_DER(const char *type, const void *data, size_t data_len)
519 const unsigned char *datap = data;
521 int itype = NID_undef;
522 EVP_PKEY *pkey = NULL;
524 if (strcmp(type, "DH") == 0)
526 else if (strcmp(type, "X9.42 DH") == 0)
527 itype = EVP_PKEY_DHX;
528 else if (strcmp(type, "DSA") == 0)
529 itype = EVP_PKEY_DSA;
530 else if (strcmp(type, "EC") == 0)
533 if (itype != NID_undef) {
534 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
542 static int check_params_PEM(const char *type,
543 const void *data, size_t data_len)
545 static char expected_pem_header[80];
548 TEST_int_gt(BIO_snprintf(expected_pem_header,
549 sizeof(expected_pem_header),
550 "-----BEGIN %s PARAMETERS-----", type), 0)
551 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
554 static int test_params_via_DER(const char *type, EVP_PKEY *key)
556 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
557 "DER", "type-specific", NULL, NULL,
558 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
559 test_mem, check_params_DER,
560 dump_der, FLAG_DECODE_WITH_TYPE);
563 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
565 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
566 "PEM", "type-specific", NULL, NULL,
567 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
568 test_text, check_params_PEM,
572 static int check_unprotected_legacy_PEM(const char *type,
573 const void *data, size_t data_len)
575 static char expected_pem_header[80];
578 TEST_int_gt(BIO_snprintf(expected_pem_header,
579 sizeof(expected_pem_header),
580 "-----BEGIN %s PRIVATE KEY-----", type), 0)
581 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
584 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
586 return test_encode_decode(type, key,
587 OSSL_KEYMGMT_SELECT_KEYPAIR
588 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
589 "PEM", "type-specific", NULL, NULL,
590 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
591 test_text, check_unprotected_legacy_PEM,
595 #ifndef OPENSSL_NO_DSA
596 static int check_MSBLOB(const char *type, const void *data, size_t data_len)
598 const unsigned char *datap = data;
599 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
600 int ok = TEST_ptr(pkey);
606 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
608 return test_encode_decode(type, key,
609 OSSL_KEYMGMT_SELECT_KEYPAIR
610 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
611 "MSBLOB", NULL, NULL, NULL,
612 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
613 test_mem, check_MSBLOB,
617 # ifndef OPENSSL_NO_RC4
618 static int check_PVK(const char *type, const void *data, size_t data_len)
620 const unsigned char *in = data;
621 unsigned int saltlen = 0, keylen = 0;
622 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
627 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
629 return test_encode_decode(type, key,
630 OSSL_KEYMGMT_SELECT_KEYPAIR
631 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
632 "PVK", NULL, NULL, NULL,
633 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
640 static const char *pass_cipher = "AES-256-CBC";
641 static const char *pass = "the holy handgrenade of antioch";
643 static int check_protected_PKCS8_DER(const char *type,
644 const void *data, size_t data_len)
646 const unsigned char *datap = data;
647 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
648 int ok = TEST_ptr(p8);
654 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
656 return test_encode_decode(type, key,
657 OSSL_KEYMGMT_SELECT_KEYPAIR
658 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
659 "DER", "pkcs8", pass, pass_cipher,
660 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
661 test_mem, check_protected_PKCS8_DER,
665 static int check_protected_PKCS8_PEM(const char *type,
666 const void *data, size_t data_len)
668 static const char expected_pem_header[] =
669 "-----BEGIN " PEM_STRING_PKCS8 "-----";
671 return TEST_strn_eq(data, expected_pem_header,
672 sizeof(expected_pem_header) - 1);
675 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
677 return test_encode_decode(type, key,
678 OSSL_KEYMGMT_SELECT_KEYPAIR
679 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
680 "PEM", "pkcs8", pass, pass_cipher,
681 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
682 test_text, check_protected_PKCS8_PEM,
686 static int check_protected_legacy_PEM(const char *type,
687 const void *data, size_t data_len)
689 static char expected_pem_header[80];
692 TEST_int_gt(BIO_snprintf(expected_pem_header,
693 sizeof(expected_pem_header),
694 "-----BEGIN %s PRIVATE KEY-----", type), 0)
695 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
696 && TEST_ptr(strstr(data, "\nDEK-Info: "));
699 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
701 return test_encode_decode(type, key,
702 OSSL_KEYMGMT_SELECT_KEYPAIR
703 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
704 "PEM", "type-specific", pass, pass_cipher,
705 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
706 test_text, check_protected_legacy_PEM,
710 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
711 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
713 return test_encode_decode(type, key,
714 OSSL_KEYMGMT_SELECT_KEYPAIR
715 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
716 "PVK", NULL, pass, NULL,
717 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
718 test_mem, check_PVK, dump_der, 0);
722 static int check_public_DER(const char *type, const void *data, size_t data_len)
724 const unsigned char *datap = data;
725 EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
726 int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
732 static int test_public_via_DER(const char *type, EVP_PKEY *key)
734 return test_encode_decode(type, key,
735 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
736 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
737 "DER", "SubjectPublicKeyInfo", NULL, NULL,
738 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
739 test_mem, check_public_DER, dump_der, 0);
742 static int check_public_PEM(const char *type, const void *data, size_t data_len)
744 static const char expected_pem_header[] =
745 "-----BEGIN " PEM_STRING_PUBLIC "-----";
748 TEST_strn_eq(data, expected_pem_header,
749 sizeof(expected_pem_header) - 1);
752 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
754 return test_encode_decode(type, key,
755 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
756 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
757 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
758 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
759 test_text, check_public_PEM, dump_pem, 0);
762 #ifndef OPENSSL_NO_DSA
763 static int check_public_MSBLOB(const char *type,
764 const void *data, size_t data_len)
766 const unsigned char *datap = data;
767 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
768 int ok = TEST_ptr(pkey);
774 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
776 return test_encode_decode(type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
777 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
778 "MSBLOB", NULL, NULL, NULL,
779 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
780 test_mem, check_public_MSBLOB, dump_der, 0);
784 #define KEYS(KEYTYPE) \
785 static EVP_PKEY *key_##KEYTYPE = NULL
786 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
788 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
789 #define FREE_KEYS(KEYTYPE) \
790 EVP_PKEY_free(key_##KEYTYPE); \
792 #define DOMAIN_KEYS(KEYTYPE) \
793 static EVP_PKEY *template_##KEYTYPE = NULL; \
794 static EVP_PKEY *key_##KEYTYPE = NULL
795 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
797 && TEST_ptr(template_##KEYTYPE = \
798 make_template(KEYTYPEstr, params)) \
799 && TEST_ptr(key_##KEYTYPE = \
800 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
801 #define FREE_DOMAIN_KEYS(KEYTYPE) \
802 EVP_PKEY_free(template_##KEYTYPE); \
803 EVP_PKEY_free(key_##KEYTYPE)
805 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
806 static int test_unprotected_##KEYTYPE##_via_DER(void) \
808 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
810 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
812 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
814 static int test_protected_##KEYTYPE##_via_DER(void) \
816 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
818 static int test_protected_##KEYTYPE##_via_PEM(void) \
820 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
822 static int test_public_##KEYTYPE##_via_DER(void) \
824 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
826 static int test_public_##KEYTYPE##_via_PEM(void) \
828 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
831 #define ADD_TEST_SUITE(KEYTYPE) \
832 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
833 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
834 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
835 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
836 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
837 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
839 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
840 static int test_params_##KEYTYPE##_via_DER(void) \
842 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
844 static int test_params_##KEYTYPE##_via_PEM(void) \
846 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
849 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
850 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
851 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
853 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
854 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
857 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
859 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
862 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
865 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
866 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
867 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
869 #ifndef OPENSSL_NO_DSA
870 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
871 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
873 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
875 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
877 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
880 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
881 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
882 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
884 # ifndef OPENSSL_NO_RC4
885 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
886 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
888 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
890 static int test_protected_##KEYTYPE##_via_PVK(void) \
892 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
895 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
896 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
897 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
901 #ifndef OPENSSL_NO_DH
903 IMPLEMENT_TEST_SUITE(DH, "DH")
904 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
906 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
907 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
909 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
910 * so no legacy tests.
913 #ifndef OPENSSL_NO_DSA
915 IMPLEMENT_TEST_SUITE(DSA, "DSA")
916 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
917 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
918 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
919 # ifndef OPENSSL_NO_RC4
920 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
923 #ifndef OPENSSL_NO_EC
925 IMPLEMENT_TEST_SUITE(EC, "EC")
926 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
927 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
928 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
929 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
930 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
931 DOMAIN_KEYS(ECExplicitPrime2G);
932 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
933 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
934 # ifndef OPENSSL_NO_EC2M
935 DOMAIN_KEYS(ECExplicitTriNamedCurve);
936 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
937 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
938 DOMAIN_KEYS(ECExplicitTri2G);
939 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
940 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
943 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
945 IMPLEMENT_TEST_SUITE(ED448, "ED448")
947 IMPLEMENT_TEST_SUITE(X25519, "X25519")
949 IMPLEMENT_TEST_SUITE(X448, "X448")
951 * ED25519, ED448, X25519 and X448 have no support for
952 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
956 IMPLEMENT_TEST_SUITE(RSA, "RSA")
957 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
959 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
961 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
962 * so no legacy tests.
964 #ifndef OPENSSL_NO_DSA
965 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
966 # ifndef OPENSSL_NO_RC4
967 IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
971 #ifndef OPENSSL_NO_EC
972 /* Explicit parameters that match a named curve */
973 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
974 const unsigned char *gen,
977 BIGNUM *a, *b, *prime, *order;
979 /* Curve prime256v1 */
980 static const unsigned char prime_data[] = {
981 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
982 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
983 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
984 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
987 static const unsigned char a_data[] = {
988 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
989 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
990 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
991 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
994 static const unsigned char b_data[] = {
995 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
996 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
997 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
998 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1000 static const unsigned char seed[] = {
1001 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1002 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1003 0x81, 0x9f, 0x7e, 0x90
1005 static const unsigned char order_data[] = {
1006 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1007 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1008 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1009 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1011 return TEST_ptr(a = BN_CTX_get(bnctx))
1012 && TEST_ptr(b = BN_CTX_get(bnctx))
1013 && TEST_ptr(prime = BN_CTX_get(bnctx))
1014 && TEST_ptr(order = BN_CTX_get(bnctx))
1015 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1016 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1017 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1018 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1019 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1020 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1022 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1023 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1024 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1025 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1026 OSSL_PKEY_PARAM_EC_ORDER, order))
1027 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1028 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1029 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1030 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1031 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1035 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1037 static const unsigned char prime256v1_gen[] = {
1039 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1040 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1041 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1042 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1043 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1044 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1045 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1046 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1048 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1049 sizeof(prime256v1_gen));
1052 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1055 static const unsigned char prime256v1_gen2[] = {
1057 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1058 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1059 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1060 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1061 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1062 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1063 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1064 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1066 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1067 sizeof(prime256v1_gen2));
1070 # ifndef OPENSSL_NO_EC2M
1071 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1072 const unsigned char *gen,
1075 BIGNUM *a, *b, *poly, *order, *cofactor;
1076 /* sect233k1 characteristic-two-field tpBasis */
1077 static const unsigned char poly_data[] = {
1078 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1079 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1080 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1082 static const unsigned char a_data[] = {
1083 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1084 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1085 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1087 static const unsigned char b_data[] = {
1088 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1089 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1090 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1092 static const unsigned char order_data[] = {
1093 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1094 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1095 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1097 static const unsigned char cofactor_data[]= {
1100 return TEST_ptr(a = BN_CTX_get(bnctx))
1101 && TEST_ptr(b = BN_CTX_get(bnctx))
1102 && TEST_ptr(poly = BN_CTX_get(bnctx))
1103 && TEST_ptr(order = BN_CTX_get(bnctx))
1104 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1105 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1106 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1107 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1108 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1109 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1110 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1111 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1112 SN_X9_62_characteristic_two_field, 0))
1113 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1114 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1115 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1116 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1117 OSSL_PKEY_PARAM_EC_ORDER, order))
1118 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1119 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1120 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1124 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1126 static const unsigned char gen[] = {
1128 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1129 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1130 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1131 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1132 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1133 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1135 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1138 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1140 static const unsigned char gen2[] = {
1142 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1143 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1144 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1145 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1146 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1147 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1149 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1151 # endif /* OPENSSL_NO_EC2M */
1152 #endif /* OPENSSL_NO_EC */
1154 int setup_tests(void)
1158 #ifndef OPENSSL_NO_DSA
1159 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1160 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1161 OSSL_PARAM DSA_params[] = {
1162 OSSL_PARAM_size_t("pbits", &pbits),
1163 OSSL_PARAM_size_t("qbits", &qbits),
1168 #ifndef OPENSSL_NO_EC
1169 static char groupname[] = "prime256v1";
1170 OSSL_PARAM EC_params[] = {
1171 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1176 /* 7 is the default magic number */
1177 static unsigned int rsapss_min_saltlen = 7;
1178 OSSL_PARAM RSA_PSS_params[] = {
1179 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
1183 #ifndef OPENSSL_NO_EC
1184 if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
1185 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1186 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1187 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1188 || !create_ec_explicit_prime_params(bld_prime)
1189 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1190 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1191 # ifndef OPENSSL_NO_EC2M
1192 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1193 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1194 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1195 || !create_ec_explicit_trinomial_params(bld_tri)
1196 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1197 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1203 TEST_info("Generating keys...");
1205 #ifndef OPENSSL_NO_DH
1206 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1207 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1208 TEST_info("Generating keys...DH done");
1210 #ifndef OPENSSL_NO_DSA
1211 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1212 TEST_info("Generating keys...DSA done");
1214 #ifndef OPENSSL_NO_EC
1215 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1216 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1217 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1218 # ifndef OPENSSL_NO_EC2M
1219 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1220 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1222 MAKE_KEYS(ED25519, "ED25519", NULL);
1223 MAKE_KEYS(ED448, "ED448", NULL);
1224 MAKE_KEYS(X25519, "X25519", NULL);
1225 MAKE_KEYS(X448, "X448", NULL);
1226 TEST_info("Generating keys...EC done");
1228 MAKE_KEYS(RSA, "RSA", NULL);
1229 TEST_info("Generating keys...RSA done");
1230 MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1231 TEST_info("Generating keys...RSA_PSS done");
1234 #ifndef OPENSSL_NO_DH
1236 ADD_TEST_SUITE_PARAMS(DH);
1237 ADD_TEST_SUITE(DHX);
1238 ADD_TEST_SUITE_PARAMS(DHX);
1240 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1241 * so no legacy tests.
1244 #ifndef OPENSSL_NO_DSA
1245 ADD_TEST_SUITE(DSA);
1246 ADD_TEST_SUITE_PARAMS(DSA);
1247 ADD_TEST_SUITE_LEGACY(DSA);
1248 ADD_TEST_SUITE_MSBLOB(DSA);
1249 # ifndef OPENSSL_NO_RC4
1250 ADD_TEST_SUITE_PVK(DSA);
1253 #ifndef OPENSSL_NO_EC
1255 ADD_TEST_SUITE_PARAMS(EC);
1256 ADD_TEST_SUITE_LEGACY(EC);
1257 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1258 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1259 ADD_TEST_SUITE(ECExplicitPrime2G);
1260 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1261 # ifndef OPENSSL_NO_EC2M
1262 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1263 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1264 ADD_TEST_SUITE(ECExplicitTri2G);
1265 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1267 ADD_TEST_SUITE(ED25519);
1268 ADD_TEST_SUITE(ED448);
1269 ADD_TEST_SUITE(X25519);
1270 ADD_TEST_SUITE(X448);
1272 * ED25519, ED448, X25519 and X448 have no support for
1273 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1276 ADD_TEST_SUITE(RSA);
1277 ADD_TEST_SUITE_LEGACY(RSA);
1278 ADD_TEST_SUITE(RSA_PSS);
1280 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1281 * so no legacy tests.
1283 #ifndef OPENSSL_NO_DSA
1284 ADD_TEST_SUITE_MSBLOB(RSA);
1285 # ifndef OPENSSL_NO_RC4
1286 ADD_TEST_SUITE_PVK(RSA);
1294 void cleanup_tests(void)
1296 #ifndef OPENSSL_NO_EC
1297 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1298 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1299 OSSL_PARAM_BLD_free(bld_prime_nc);
1300 OSSL_PARAM_BLD_free(bld_prime);
1301 # ifndef OPENSSL_NO_EC2M
1302 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1303 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1304 OSSL_PARAM_BLD_free(bld_tri_nc);
1305 OSSL_PARAM_BLD_free(bld_tri);
1308 #endif /* OPENSSL_NO_EC */
1310 #ifndef OPENSSL_NO_DH
1311 FREE_DOMAIN_KEYS(DH);
1312 FREE_DOMAIN_KEYS(DHX);
1314 #ifndef OPENSSL_NO_DSA
1315 FREE_DOMAIN_KEYS(DSA);
1317 #ifndef OPENSSL_NO_EC
1318 FREE_DOMAIN_KEYS(EC);
1319 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1320 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1321 # ifndef OPENSSL_NO_EC2M
1322 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1323 FREE_DOMAIN_KEYS(ECExplicitTri2G);