2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 * These tests are setup to load null into the default library context.
13 * Any tests are expected to use the created 'libctx' to find algorithms.
14 * The framework runs the tests twice using the 'default' provider or
15 * 'fips' provider as inputs.
19 * DSA/DH low level APIs are deprecated for public use, but still ok for
22 #include "internal/deprecated.h"
23 #include <openssl/evp.h>
24 #include <openssl/provider.h>
25 #include <openssl/dsa.h>
27 #include "internal/nelem.h"
28 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
30 static OPENSSL_CTX *libctx = NULL;
31 static OSSL_PROVIDER *nullprov = NULL;
32 static OSSL_PROVIDER *libprov = NULL;
34 typedef enum OPTION_choice {
42 const OPTIONS *test_get_options(void)
44 static const OPTIONS test_options[] = {
45 OPT_TEST_OPTIONS_DEFAULT_USAGE,
46 { "config", OPT_CONFIG_FILE, '<',
47 "The configuration file to use for the libctx" },
48 { "provider", OPT_PROVIDER_NAME, 's',
49 "The provider to load (The default value is 'default'" },
55 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_DH)
56 static const char *getname(int id)
58 const char *name[] = {"p", "q", "g" };
60 if (id >= 0 && id < 3)
66 #ifndef OPENSSL_NO_DSA
68 static int test_dsa_param_keygen(int tstid)
72 EVP_PKEY_CTX *gen_ctx = NULL;
73 EVP_PKEY *pkey_parm = NULL;
74 EVP_PKEY *pkey = NULL;
77 BIGNUM *p = NULL, *q = NULL, *g = NULL;
80 * Just grab some fixed dh p, q, g values for testing,
81 * these 'safe primes' should not be used normally for dsa *.
83 static const BIGNUM *bn[] = {
84 &_bignum_dh2048_256_p, &_bignum_dh2048_256_q, &_bignum_dh2048_256_g
88 * These tests are using bad values for p, q, g by reusing the values.
89 * A value of 0 uses p, 1 uses q and 2 uses g.
90 * There are 27 different combinations, with only the 1 valid combination.
93 qind = (tstid / 3) % 3;
95 expected = (pind == 0 && qind == 1 && gind == 2);
97 TEST_note("Testing with (p, q, g) = (%s, %s, %s)\n", getname(pind),
98 getname(qind), getname(gind));
100 if (!TEST_ptr(pkey_parm = EVP_PKEY_new())
101 || !TEST_ptr(dsa = DSA_new())
102 || !TEST_ptr(p = BN_dup(bn[pind]))
103 || !TEST_ptr(q = BN_dup(bn[qind]))
104 || !TEST_ptr(g = BN_dup(bn[gind]))
105 || !TEST_true(DSA_set0_pqg(dsa, p, q, g)))
109 if (!TEST_true(EVP_PKEY_assign_DSA(pkey_parm, dsa)))
113 if (!TEST_ptr(gen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey_parm, NULL))
114 || !TEST_int_gt(EVP_PKEY_keygen_init(gen_ctx), 0)
115 || !TEST_int_eq(EVP_PKEY_keygen(gen_ctx, &pkey), expected))
120 EVP_PKEY_CTX_free(gen_ctx);
121 EVP_PKEY_free(pkey_parm);
128 #endif /* OPENSSL_NO_DSA */
130 #ifndef OPENSSL_NO_DH
131 static int do_dh_param_keygen(int tstid, const BIGNUM **bn)
135 EVP_PKEY_CTX *gen_ctx = NULL;
136 EVP_PKEY *pkey_parm = NULL;
137 EVP_PKEY *pkey = NULL;
139 int pind, qind, gind;
140 BIGNUM *p = NULL, *q = NULL, *g = NULL;
143 * These tests are using bad values for p, q, g by reusing the values.
144 * A value of 0 uses p, 1 uses q and 2 uses g.
145 * There are 27 different combinations, with only the 1 valid combination.
148 qind = (tstid / 3) % 3;
150 expected = (pind == 0 && qind == 1 && gind == 2);
152 TEST_note("Testing with (p, q, g) = (%s, %s, %s)", getname(pind),
153 getname(qind), getname(gind));
155 if (!TEST_ptr(pkey_parm = EVP_PKEY_new())
156 || !TEST_ptr(dh = DH_new())
157 || !TEST_ptr(p = BN_dup(bn[pind]))
158 || !TEST_ptr(q = BN_dup(bn[qind]))
159 || !TEST_ptr(g = BN_dup(bn[gind]))
160 || !TEST_true(DH_set0_pqg(dh, p, q, g)))
164 if (!TEST_true(EVP_PKEY_assign_DH(pkey_parm, dh)))
168 if (!TEST_ptr(gen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey_parm, NULL))
169 || !TEST_int_gt(EVP_PKEY_keygen_init(gen_ctx), 0)
170 || !TEST_int_eq(EVP_PKEY_keygen(gen_ctx, &pkey), expected))
175 EVP_PKEY_CTX_free(gen_ctx);
176 EVP_PKEY_free(pkey_parm);
185 * Note that we get the fips186-4 path being run for most of these cases since
186 * the internal code will detect that the p, q, g does not match a safe prime
187 * group (Except for when tstid = 5, which sets the correct p, q, g)
189 static int test_dh_safeprime_param_keygen(int tstid)
191 static const BIGNUM *bn[] = {
192 &_bignum_ffdhe2048_p, &_bignum_ffdhe2048_q, &_bignum_const_2
194 return do_dh_param_keygen(tstid, bn);
197 #endif /* OPENSSL_NO_DH */
199 int setup_tests(void)
201 const char *prov_name = "default";
202 char *config_file = NULL;
205 while ((o = opt_next()) != OPT_EOF) {
207 case OPT_PROVIDER_NAME:
208 prov_name = opt_arg();
210 case OPT_CONFIG_FILE:
211 config_file = opt_arg();
221 nullprov = OSSL_PROVIDER_load(NULL, "null");
222 if (!TEST_ptr(nullprov))
225 libctx = OPENSSL_CTX_new();
227 if (!TEST_ptr(libctx))
230 if (config_file != NULL) {
231 if (!TEST_true(OPENSSL_CTX_load_config(libctx, config_file)))
235 libprov = OSSL_PROVIDER_load(libctx, prov_name);
236 if (!TEST_ptr(libprov))
239 #ifndef OPENSSL_NO_DSA
240 ADD_ALL_TESTS(test_dsa_param_keygen, 3 * 3 * 3);
242 #ifndef OPENSSL_NO_DH
243 ADD_ALL_TESTS(test_dh_safeprime_param_keygen, 3 * 3 * 3);
248 void cleanup_tests(void)
250 OSSL_PROVIDER_unload(libprov);
251 OPENSSL_CTX_free(libctx);
252 OSSL_PROVIDER_unload(nullprov);