test/keymgmt_internal_test.c

   1 /*
   2  * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 /*
  11  * RSA low level APIs are deprecated for public use, but still ok for
  12  * internal use.
  13  */
  14 #include "internal/deprecated.h"
  15
  16 #include <string.h>
  17
  18 #include <openssl/bio.h>
  19 #include <openssl/bn.h>
  20 #include <openssl/rsa.h>
  21 #include <openssl/evp.h>
  22 #include <openssl/pem.h>
  23 #include <openssl/provider.h>
  24 #include <openssl/core_names.h>
  25 #include "internal/core.h"
  26 #include "internal/nelem.h"
  27 #include "crypto/evp.h"          /* For the internal API */
  28 #include "testutil.h"
  29
  30 typedef struct {
  31     OSSL_LIB_CTX *ctx1;
  32     OSSL_PROVIDER *prov1;
  33     OSSL_LIB_CTX *ctx2;
  34     OSSL_PROVIDER *prov2;
  35 } FIXTURE;
  36
  37 /* Collected arguments */
  38 static const char *cert_filename = NULL;
  39
  40 static void tear_down(FIXTURE *fixture)
  41 {
  42     if (fixture != NULL) {
  43         OSSL_PROVIDER_unload(fixture->prov1);
  44         OSSL_PROVIDER_unload(fixture->prov2);
  45         OSSL_LIB_CTX_free(fixture->ctx1);
  46         OSSL_LIB_CTX_free(fixture->ctx2);
  47         OPENSSL_free(fixture);
  48     }
  49 }
  50
  51 static FIXTURE *set_up(const char *testcase_name)
  52 {
  53     FIXTURE *fixture;
  54
  55     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))
  56         || !TEST_ptr(fixture->ctx1 = OSSL_LIB_CTX_new())
  57         || !TEST_ptr(fixture->prov1 = OSSL_PROVIDER_load(fixture->ctx1,
  58                                                          "default"))
  59         || !TEST_ptr(fixture->ctx2 = OSSL_LIB_CTX_new())
  60         || !TEST_ptr(fixture->prov2 = OSSL_PROVIDER_load(fixture->ctx2,
  61                                                          "default"))) {
  62         tear_down(fixture);
  63         return NULL;
  64     }
  65     return fixture;
  66 }
  67
  68 /* Array indexes */
  69 #define N       0
  70 #define E       1
  71 #define D       2
  72 #define P       3
  73 #define Q       4
  74 #define F3      5                /* Extra factor */
  75 #define DP      6
  76 #define DQ      7
  77 #define E3      8                /* Extra exponent */
  78 #define QINV    9
  79 #define C2      10               /* Extra coefficient */
  80
  81 /*
  82  * We have to do this because OSSL_PARAM_get_ulong() can't handle params
  83  * holding data that isn't exactly sizeof(uint32_t) or sizeof(uint64_t),
  84  * and because the other end deals with BIGNUM, the resulting param might
  85  * be any size.  In this particular test, we know that the expected data
  86  * fits within an unsigned long, and we want to get the data in that form
  87  * to make testing of values easier.
  88  */
  89 static int get_ulong_via_BN(const OSSL_PARAM *p, unsigned long *goal)
  90 {
  91     BIGNUM *n = NULL;
  92     int ret = 1;                 /* Ever so hopeful */
  93
  94     if (!TEST_true(OSSL_PARAM_get_BN(p, &n))
  95         || !TEST_int_ge(BN_bn2nativepad(n, (unsigned char *)goal, sizeof(*goal)), 0))
  96         ret = 0;
  97     BN_free(n);
  98     return ret;
  99 }
 100
 101 static int export_cb(const OSSL_PARAM *params, void *arg)
 102 {
 103     unsigned long *keydata = arg;
 104     const OSSL_PARAM *p = NULL;
 105
 106     if (keydata == NULL)
 107         return 0;
 108
 109     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_N))
 110         || !TEST_true(get_ulong_via_BN(p, &keydata[N]))
 111         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_E))
 112         || !TEST_true(get_ulong_via_BN(p, &keydata[E]))
 113         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_D))
 114         || !TEST_true(get_ulong_via_BN(p, &keydata[D])))
 115         return 0;
 116
 117     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR1))
 118         || !TEST_true(get_ulong_via_BN(p, &keydata[P]))
 119         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR2))
 120         || !TEST_true(get_ulong_via_BN(p, &keydata[Q]))
 121         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR3))
 122         || !TEST_true(get_ulong_via_BN(p, &keydata[F3])))
 123         return 0;
 124
 125     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT1))
 126         || !TEST_true(get_ulong_via_BN(p, &keydata[DP]))
 127         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT2))
 128         || !TEST_true(get_ulong_via_BN(p, &keydata[DQ]))
 129         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT3))
 130         || !TEST_true(get_ulong_via_BN(p, &keydata[E3])))
 131         return 0;
 132
 133     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT1))
 134         || !TEST_true(get_ulong_via_BN(p, &keydata[QINV]))
 135         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT2))
 136         || !TEST_true(get_ulong_via_BN(p, &keydata[C2])))
 137         return 0;
 138
 139     return 1;
 140 }
 141
 142 static int test_pass_rsa(FIXTURE *fixture)
 143 {
 144     size_t i;
 145     int ret = 0;
 146     RSA *rsa = NULL;
 147     BIGNUM *bn1 = NULL, *bn2 = NULL, *bn3 = NULL;
 148     EVP_PKEY *pk = NULL, *dup_pk = NULL;
 149     EVP_KEYMGMT *km = NULL, *km1 = NULL, *km2 = NULL, *km3 = NULL;
 150     void *provkey = NULL, *provkey2 = NULL;
 151     BIGNUM *bn_primes[1] = { NULL };
 152     BIGNUM *bn_exps[1] = { NULL };
 153     BIGNUM *bn_coeffs[1] = { NULL };
 154     /*
 155      * 32-bit RSA key, extracted from this command,
 156      * executed with OpenSSL 1.0.2:
 157      * An extra factor was added just for testing purposes.
 158      *
 159      * openssl genrsa 32 | openssl rsa -text
 160      */
 161     static BN_ULONG expected[] = {
 162         0xbc747fc5,              /* N */
 163         0x10001,                 /* E */
 164         0x7b133399,              /* D */
 165         0xe963,                  /* P */
 166         0xceb7,                  /* Q */
 167         1,                       /* F3 */
 168         0x8599,                  /* DP */
 169         0xbd87,                  /* DQ */
 170         2,                       /* E3 */
 171         0xcc3b,                  /* QINV */
 172         3,                       /* C3 */
 173         0                        /* Extra, should remain zero */
 174     };
 175     static unsigned long keydata[OSSL_NELEM(expected)] = { 0, };
 176
 177     if (!TEST_ptr(rsa = RSA_new()))
 178         goto err;
 179
 180     if (!TEST_ptr(bn1 = BN_new())
 181         || !TEST_true(BN_set_word(bn1, expected[N]))
 182         || !TEST_ptr(bn2 = BN_new())
 183         || !TEST_true(BN_set_word(bn2, expected[E]))
 184         || !TEST_ptr(bn3 = BN_new())
 185         || !TEST_true(BN_set_word(bn3, expected[D]))
 186         || !TEST_true(RSA_set0_key(rsa, bn1, bn2, bn3)))
 187         goto err;
 188
 189     if (!TEST_ptr(bn1 = BN_new())
 190         || !TEST_true(BN_set_word(bn1, expected[P]))
 191         || !TEST_ptr(bn2 = BN_new())
 192         || !TEST_true(BN_set_word(bn2, expected[Q]))
 193         || !TEST_true(RSA_set0_factors(rsa, bn1, bn2)))
 194         goto err;
 195
 196     if (!TEST_ptr(bn1 = BN_new())
 197         || !TEST_true(BN_set_word(bn1, expected[DP]))
 198         || !TEST_ptr(bn2 = BN_new())
 199         || !TEST_true(BN_set_word(bn2, expected[DQ]))
 200         || !TEST_ptr(bn3 = BN_new())
 201         || !TEST_true(BN_set_word(bn3, expected[QINV]))
 202         || !TEST_true(RSA_set0_crt_params(rsa, bn1, bn2, bn3)))
 203         goto err;
 204     bn1 = bn2 = bn3 = NULL;
 205
 206     if (!TEST_ptr(bn_primes[0] = BN_new())
 207         || !TEST_true(BN_set_word(bn_primes[0], expected[F3]))
 208         || !TEST_ptr(bn_exps[0] = BN_new())
 209         || !TEST_true(BN_set_word(bn_exps[0], expected[E3]))
 210         || !TEST_ptr(bn_coeffs[0] = BN_new())
 211         || !TEST_true(BN_set_word(bn_coeffs[0], expected[C2]))
 212         || !TEST_true(RSA_set0_multi_prime_params(rsa, bn_primes, bn_exps,
 213                                                   bn_coeffs, 1)))
 214         goto err;
 215
 216     if (!TEST_ptr(pk = EVP_PKEY_new())
 217         || !TEST_true(EVP_PKEY_assign_RSA(pk, rsa)))
 218         goto err;
 219     rsa = NULL;
 220
 221     if (!TEST_ptr(km1 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA", NULL))
 222         || !TEST_ptr(km2 = EVP_KEYMGMT_fetch(fixture->ctx2, "RSA", NULL))
 223         || !TEST_ptr(km3 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA-PSS", NULL))
 224         || !TEST_ptr_ne(km1, km2))
 225         goto err;
 226
 227     for (;;) {
 228         ret = 0;
 229         km = km3;
 230         /* Check that we can't export an RSA key into an RSA-PSS keymanager */
 231         if (!TEST_ptr_null(provkey2 = evp_pkey_export_to_provider(pk, NULL,
 232                                                                   &km,
 233                                                                   NULL)))
 234             goto err;
 235
 236         if (!TEST_ptr(provkey = evp_pkey_export_to_provider(pk, NULL, &km1,
 237                                                             NULL))
 238             || !TEST_true(evp_keymgmt_export(km2, provkey,
 239                                              OSSL_KEYMGMT_SELECT_KEYPAIR,
 240                                              &export_cb, keydata)))
 241             goto err;
 242
 243         /*
 244          * At this point, the hope is that keydata will have all the numbers
 245          * from the key.
 246          */
 247
 248         for (i = 0; i < OSSL_NELEM(expected); i++) {
 249             int rv = TEST_int_eq(expected[i], keydata[i]);
 250
 251             if (!rv)
 252                 TEST_info("i = %zu", i);
 253             else
 254                 ret++;
 255         }
 256
 257         ret = (ret == OSSL_NELEM(expected));
 258
 259         if (!ret || dup_pk != NULL)
 260             break;
 261
 262         if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
 263             goto err;
 264
 265         ret = TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
 266         EVP_PKEY_free(pk);
 267         pk = dup_pk;
 268         if (!ret)
 269             goto err;
 270     }
 271
 272  err:
 273     RSA_free(rsa);
 274     BN_free(bn1);
 275     BN_free(bn2);
 276     BN_free(bn3);
 277     EVP_PKEY_free(pk);
 278     EVP_KEYMGMT_free(km1);
 279     EVP_KEYMGMT_free(km2);
 280     EVP_KEYMGMT_free(km3);
 281
 282     return ret;
 283 }
 284
 285 static int (*tests[])(FIXTURE *) = {
 286     test_pass_rsa
 287 };
 288
 289 static int test_pass_key(int n)
 290 {
 291     SETUP_TEST_FIXTURE(FIXTURE, set_up);
 292     EXECUTE_TEST(tests[n], tear_down);
 293     return result;
 294 }
 295
 296 static int test_evp_pkey_export_to_provider(int n)
 297 {
 298     OSSL_LIB_CTX *libctx = NULL;
 299     OSSL_PROVIDER *prov = NULL;
 300     X509 *cert = NULL;
 301     BIO *bio = NULL;
 302     X509_PUBKEY *pubkey = NULL;
 303     EVP_KEYMGMT *keymgmt = NULL;
 304     EVP_PKEY *pkey = NULL;
 305     void *keydata = NULL;
 306     int ret = 0;
 307
 308     if (!TEST_ptr(libctx = OSSL_LIB_CTX_new())
 309          || !TEST_ptr(prov = OSSL_PROVIDER_load(libctx, "default")))
 310         goto end;
 311
 312     if ((bio = BIO_new_file(cert_filename, "r")) == NULL) {
 313         TEST_error("Couldn't open '%s' for reading\n", cert_filename);
 314         TEST_openssl_errors();
 315         goto end;
 316     }
 317
 318     if ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) {
 319         TEST_error("'%s' doesn't appear to be a X.509 certificate in PEM format\n",
 320                    cert_filename);
 321         TEST_openssl_errors();
 322         goto end;
 323     }
 324
 325     pubkey = X509_get_X509_PUBKEY(cert);
 326     pkey = X509_PUBKEY_get0(pubkey);
 327
 328     if (n == 0) {
 329         if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
 330                                                             NULL, NULL)))
 331             goto end;
 332     } else if (n == 1) {
 333         if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
 334                                                             &keymgmt, NULL)))
 335             goto end;
 336     } else {
 337         keymgmt = EVP_KEYMGMT_fetch(libctx, "RSA", NULL);
 338
 339         if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
 340                                                             &keymgmt, NULL)))
 341             goto end;
 342     }
 343
 344     ret = 1;
 345  end:
 346     BIO_free(bio);
 347     X509_free(cert);
 348     EVP_KEYMGMT_free(keymgmt);
 349     OSSL_PROVIDER_unload(prov);
 350     OSSL_LIB_CTX_free(libctx);
 351     return ret;
 352 }
 353
 354 int setup_tests(void)
 355 {
 356     if (!TEST_ptr(cert_filename = test_get_argument(0)))
 357         return 0;
 358
 359     ADD_ALL_TESTS(test_pass_key, 1);
 360     ADD_ALL_TESTS(test_evp_pkey_export_to_provider, 3);
 361     return 1;
 362 }