/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2019-2020, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
#include "testutil.h"
#include "internal/ffc.h"
+#include "crypto/security_bits.h"
#ifndef OPENSSL_NO_DSA
static const unsigned char dsa_2048_224_sha224_p[] = {
&res, NULL)))
goto err;
- /* Provided seed doesnt produce a valid prime q */
+ /* Provided seed doesn't produce a valid prime q */
ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_bad_seed,
sizeof(dsa_2048_224_sha224_bad_seed),
dsa_2048_224_sha224_counter);
return ret;
}
-extern FFC_PARAMS *dh_get0_params(DH *dh);
+extern FFC_PARAMS *ossl_dh_get0_params(DH *dh);
static int ffc_public_validate_test(void)
{
if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe2048)))
goto err;
- params = dh_get0_params(dh);
+ params = ossl_dh_get0_params(dh);
if (!TEST_true(BN_set_word(pub, 1)))
goto err;
if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
goto err;
+ /* Fail if params is NULL */
+ if (!TEST_false(ossl_ffc_validate_public_key(NULL, pub, &res)))
+ goto err;
+ if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
+ goto err;
+ res = -1;
+ /* Fail if pubkey is NULL */
+ if (!TEST_false(ossl_ffc_validate_public_key(params, NULL, &res)))
+ goto err;
+ if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
+ goto err;
+ res = -1;
+
+ BN_free(params->p);
+ params->p = NULL;
+ /* Fail if params->p is NULL */
+ if (!TEST_false(ossl_ffc_validate_public_key(params, pub, &res)))
+ goto err;
+ if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
+ goto err;
+
ret = 1;
err:
DH_free(dh);
if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe2048)))
goto err;
- params = dh_get0_params(dh);
+ params = ossl_dh_get0_params(dh);
if (!TEST_true(BN_set_word(priv, 1)))
goto err;
if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
goto err;
+ if (!TEST_false(ossl_ffc_validate_private_key(NULL, priv, &res)))
+ goto err;
+ if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
+ goto err;
+ res = -1;
+ if (!TEST_false(ossl_ffc_validate_private_key(params->q, NULL, &res)))
+ goto err;
+ if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
+ goto err;
+
ret = 1;
err:
DH_free(dh);
if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe2048)))
goto err;
- params = dh_get0_params(dh);
+ params = ossl_dh_get0_params(dh);
N = BN_num_bits(params->q);
/* Fail since N < 2*s - where s = 112*/
/* fail since N > len(q) */
if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N + 1, 112, priv)))
goto err;
+ /* s must be always set */
+ if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N, 0, priv)))
+ goto err;
/* pass since 2s <= N <= len(q) */
if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, N, 112, priv)))
goto err;
goto err;
if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
goto err;
-
- /* N and s are ignored in this case */
- if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, 0, 0, priv)))
+ /* N is ignored in this case */
+ if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, 0,
+ ossl_ifc_ffc_compute_security_bits(BN_num_bits(params->p)),
+ priv)))
+ goto err;
+ if (!TEST_int_le(BN_num_bits(priv), 225))
goto err;
if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
goto err;
BN_CTX_free(ctx);
return ret;
}
+
+static int ffc_params_copy_test(void)
+{
+ int ret = 0;
+ DH *dh = NULL;
+ FFC_PARAMS *params, copy;
+
+ ossl_ffc_params_init(©);
+
+ if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe3072)))
+ goto err;
+ params = ossl_dh_get0_params(dh);
+
+ if (!TEST_int_eq(params->keylength, 275))
+ goto err;
+
+ if (!TEST_true(ossl_ffc_params_copy(©, params)))
+ goto err;
+
+ if (!TEST_int_eq(copy.keylength, 275))
+ goto err;
+
+ if (!TEST_true(ossl_ffc_params_cmp(©, params, 0)))
+ goto err;
+
+ ret = 1;
+err:
+ ossl_ffc_params_cleanup(©);
+ DH_free(dh);
+ return ret;
+}
#endif /* OPENSSL_NO_DH */
int setup_tests(void)
ADD_TEST(ffc_public_validate_test);
ADD_TEST(ffc_private_validate_test);
ADD_ALL_TESTS(ffc_private_gen_test, 10);
+ ADD_TEST(ffc_params_copy_test);
#endif /* OPENSSL_NO_DH */
return 1;
}