]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/endecode_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
TEST: Adapt test/endecoder_test.c
[thirdparty/openssl.git] / test / endecode_test.c
1 /*
2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
21
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
24
25 #include "testutil.h"
26
27 #ifndef OPENSSL_NO_EC
28 static BN_CTX *bnctx = NULL;
29 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
30 static OSSL_PARAM_BLD *bld_prime = NULL;
31 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
32 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
33
34 # ifndef OPENSSL_NO_EC2M
35 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
36 static OSSL_PARAM_BLD *bld_tri = NULL;
37 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
38 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
39 # endif
40 #endif
41
42 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
43 {
44 EVP_PKEY *pkey = NULL;
45 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
46
47 /*
48 * No real need to check the errors other than for the cascade
49 * effect. |pkey| will simply remain NULL if something goes wrong.
50 */
51 (void)(ctx != NULL
52 && EVP_PKEY_paramgen_init(ctx) > 0
53 && (genparams == NULL
54 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
55 && EVP_PKEY_gen(ctx, &pkey) > 0);
56 EVP_PKEY_CTX_free(ctx);
57
58 return pkey;
59 }
60
61 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
62 OSSL_PARAM *genparams)
63 {
64 EVP_PKEY *pkey = NULL;
65 EVP_PKEY_CTX *ctx =
66 template != NULL
67 ? EVP_PKEY_CTX_new(template, NULL)
68 : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
69
70 /*
71 * No real need to check the errors other than for the cascade
72 * effect. |pkey| will simply remain NULL if something goes wrong.
73 */
74 (void)(ctx != NULL
75 && EVP_PKEY_keygen_init(ctx) > 0
76 && (genparams == NULL
77 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
78 && EVP_PKEY_keygen(ctx, &pkey) > 0);
79 EVP_PKEY_CTX_free(ctx);
80 return pkey;
81 }
82
83 /* Main test driver */
84
85 /*
86 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
87 * and __LINE__ as first two arguments, and have them use the lower case
88 * functions, such as test_strn_eq(), rather than the uppercase macros
89 * (TEST_strn2_eq(), for example).
90 */
91
92 typedef int (encoder)(void **encoded, long *encoded_len, void *object,
93 const char *output_type, int selection,
94 const char *pass, const char *pcipher);
95 typedef int (decoder)(void **object, void *encoded, long encoded_len,
96 const char *keytype, const char *input_type,
97 int selection, const char *pass);
98 typedef int (tester)(const void *data1, size_t data1_len,
99 const void *data2, size_t data2_len);
100 typedef int (checker)(const char *type, const void *data, size_t data_len);
101 typedef void (dumper)(const char *label, const void *data, size_t data_len);
102
103 #define FLAG_DECODE_WITH_TYPE 0x0001
104
105 static int test_encode_decode(const char *type, EVP_PKEY *pkey,
106 const char *output_type, int selection,
107 const char *pass, const char *pcipher,
108 encoder *encode_cb, decoder *decode_cb,
109 tester *test_cb, checker *check_cb,
110 dumper *dump_cb, int flags)
111 {
112 void *encoded = NULL;
113 long encoded_len = 0;
114 EVP_PKEY *pkey2 = NULL;
115 void *encoded2 = NULL;
116 long encoded2_len = 0;
117 int ok = 0;
118
119 /*
120 * Encode |pkey|, decode the result into |pkey2|, and finish off by
121 * encoding |pkey2| as well. That last encoding is for checking and
122 * dumping purposes.
123 */
124 if (!TEST_true(encode_cb(&encoded, &encoded_len, pkey, output_type,
125 selection, pass, pcipher))
126 || !TEST_true(check_cb(type, encoded, encoded_len))
127 || !TEST_true(decode_cb((void **)&pkey2, encoded, encoded_len,
128 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
129 output_type, selection, pass))
130 || !TEST_true(encode_cb(&encoded2, &encoded2_len, pkey2, output_type,
131 selection, pass, pcipher)))
132 goto end;
133
134 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
135 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
136 goto end;
137 } else {
138 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
139 goto end;
140 }
141
142 /*
143 * Double check the encoding, but only for unprotected keys,
144 * as protected keys have a random component, which makes the output
145 * differ.
146 */
147 if ((pass == NULL && pcipher == NULL)
148 && !test_cb(encoded, encoded_len, encoded2, encoded2_len))
149 goto end;
150
151 ok = 1;
152 end:
153 if (!ok) {
154 if (encoded != NULL && encoded_len != 0)
155 dump_cb("|pkey| encoded", encoded, encoded_len);
156 if (encoded2 != NULL && encoded2_len != 0)
157 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
158 }
159
160 OPENSSL_free(encoded);
161 OPENSSL_free(encoded2);
162 EVP_PKEY_free(pkey2);
163 return ok;
164 }
165
166 /* Encoding and desencoding methods */
167
168 static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
169 void *object,
170 const char *output_type, int selection,
171 const char *pass, const char *pcipher)
172 {
173 EVP_PKEY *pkey = object;
174 OSSL_ENCODER_CTX *ectx = NULL;
175 BIO *mem_ser = NULL;
176 BUF_MEM *mem_buf = NULL;
177 const unsigned char *upass = (const unsigned char *)pass;
178 int ok = 0;
179
180 if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, output_type,
181 selection,
182 NULL, NULL))
183 || (pass != NULL
184 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
185 strlen(pass))))
186 || (pcipher != NULL
187 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
188 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
189 || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
190 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
191 || !TEST_ptr(*encoded = mem_buf->data)
192 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
193 goto end;
194
195 /* Detach the encoded output */
196 mem_buf->data = NULL;
197 mem_buf->length = 0;
198 ok = 1;
199 end:
200 BIO_free(mem_ser);
201 OSSL_ENCODER_CTX_free(ectx);
202 return ok;
203 }
204
205 static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len,
206 const char *keytype, const char *input_type,
207 int selection, const char *pass)
208 {
209 EVP_PKEY *pkey = NULL, *testpkey = NULL;
210 OSSL_DECODER_CTX *dctx = NULL;
211 BIO *encoded_bio = NULL;
212 const unsigned char *upass = (const unsigned char *)pass;
213 int ok = 0;
214 int i;
215 const char *badtype;
216
217 if (strcmp(input_type, "DER") == 0)
218 badtype = "PEM";
219 else
220 badtype = "DER";
221
222 if (!TEST_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
223 goto end;
224
225 /*
226 * We attempt the decode 3 times. The first time we provide the expected
227 * starting input type. The second time we provide NULL for the starting
228 * type. The third time we provide a bad starting input type.
229 * The bad starting input type should fail. The other two should succeed
230 * and produce the same result.
231 */
232 for (i = 0; i < 3; i++) {
233 const char *testtype = (i == 0) ? input_type
234 : ((i == 1) ? NULL : badtype);
235
236 if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey,
237 testtype,
238 NULL,
239 keytype,
240 selection,
241 NULL, NULL))
242 || (pass != NULL
243 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
244 || !TEST_int_gt(BIO_reset(encoded_bio), 0)
245 /* We expect to fail when using a bad input type */
246 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
247 (i == 2) ? 0 : 1))
248 goto end;
249 OSSL_DECODER_CTX_free(dctx);
250 dctx = NULL;
251
252 if (i == 0) {
253 pkey = testpkey;
254 testpkey = NULL;
255 } else if (i == 1) {
256 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
257 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
258 goto end;
259 } else {
260 if (!TEST_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
261 goto end;
262 }
263 }
264 }
265 ok = 1;
266 *object = pkey;
267 pkey = NULL;
268
269 end:
270 EVP_PKEY_free(pkey);
271 EVP_PKEY_free(testpkey);
272 BIO_free(encoded_bio);
273 OSSL_DECODER_CTX_free(dctx);
274 return ok;
275 }
276
277 static int encode_EVP_PKEY_legacy_PEM(void **encoded, long *encoded_len,
278 void *object,
279 const char *output_type, int selection,
280 const char *pass, const char *pcipher)
281 {
282 EVP_PKEY *pkey = object;
283 EVP_CIPHER *cipher = NULL;
284 BIO *mem_ser = NULL;
285 BUF_MEM *mem_buf = NULL;
286 const unsigned char *upass = (const unsigned char *)pass;
287 size_t passlen = 0;
288 int ok = 0;
289
290 if (pcipher != NULL && pass != NULL) {
291 passlen = strlen(pass);
292 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
293 goto end;
294 }
295 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
296 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
297 cipher,
298 upass, passlen,
299 NULL, NULL))
300 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
301 || !TEST_ptr(*encoded = mem_buf->data)
302 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
303 goto end;
304
305 /* Detach the encoded output */
306 mem_buf->data = NULL;
307 mem_buf->length = 0;
308 ok = 1;
309 end:
310 BIO_free(mem_ser);
311 EVP_CIPHER_free(cipher);
312 return ok;
313 }
314
315 #ifndef OPENSSL_NO_DSA
316 static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
317 void *object,
318 ossl_unused const char *output_type,
319 ossl_unused int selection,
320 ossl_unused const char *pass,
321 ossl_unused const char *pcipher)
322 {
323 EVP_PKEY *pkey = object;
324 BIO *mem_ser = NULL;
325 BUF_MEM *mem_buf = NULL;
326 int ok = 0;
327
328 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
329 || !TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0)
330 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
331 || !TEST_ptr(*encoded = mem_buf->data)
332 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
333 goto end;
334
335 /* Detach the encoded output */
336 mem_buf->data = NULL;
337 mem_buf->length = 0;
338 ok = 1;
339 end:
340 BIO_free(mem_ser);
341 return ok;
342 }
343
344 static int encode_public_EVP_PKEY_MSBLOB(void **encoded,
345 long *encoded_len,
346 void *object,
347 ossl_unused const char *output_type,
348 ossl_unused int selection,
349 ossl_unused const char *pass,
350 ossl_unused const char *pcipher)
351 {
352 EVP_PKEY *pkey = object;
353 BIO *mem_ser = NULL;
354 BUF_MEM *mem_buf = NULL;
355 int ok = 0;
356
357 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
358 || !TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0)
359 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
360 || !TEST_ptr(*encoded = mem_buf->data)
361 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
362 goto end;
363
364 /* Detach the encoded output */
365 mem_buf->data = NULL;
366 mem_buf->length = 0;
367 ok = 1;
368 end:
369 BIO_free(mem_ser);
370 return ok;
371 }
372
373 # ifndef OPENSSL_NO_RC4
374 static pem_password_cb pass_pw;
375 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
376 {
377 OPENSSL_strlcpy(buf, userdata, size);
378 return strlen(userdata);
379 }
380
381 static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
382 void *object,
383 ossl_unused const char *output_type,
384 ossl_unused int selection,
385 const char *pass,
386 ossl_unused const char *pcipher)
387 {
388 EVP_PKEY *pkey = object;
389 BIO *mem_ser = NULL;
390 BUF_MEM *mem_buf = NULL;
391 int enc = (pass != NULL);
392 int ok = 0;
393
394 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
395 || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
396 pass_pw, (void *)pass), 0)
397 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
398 || !TEST_ptr(*encoded = mem_buf->data)
399 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
400 goto end;
401
402 /* Detach the encoded output */
403 mem_buf->data = NULL;
404 mem_buf->length = 0;
405 ok = 1;
406 end:
407 BIO_free(mem_ser);
408 return ok;
409 }
410 # endif
411 #endif
412
413 static int test_text(const void *data1, size_t data1_len,
414 const void *data2, size_t data2_len)
415 {
416 return TEST_strn2_eq(data1, data1_len, data2, data2_len);
417 }
418
419 static int test_mem(const void *data1, size_t data1_len,
420 const void *data2, size_t data2_len)
421 {
422 return TEST_mem_eq(data1, data1_len, data2, data2_len);
423 }
424
425 /* Test cases and their dumpers / checkers */
426
427 static void collect_name(const char *name, void *arg)
428 {
429 char **namelist = arg;
430 char *new_namelist;
431 size_t space;
432
433 space = strlen(name);
434 if (*namelist != NULL)
435 space += strlen(*namelist) + 2 /* for comma and space */;
436 space++; /* for terminating null byte */
437
438 new_namelist = OPENSSL_realloc(*namelist, space);
439 if (new_namelist == NULL)
440 return;
441 if (*namelist != NULL) {
442 strcat(new_namelist, ", ");
443 strcat(new_namelist, name);
444 } else {
445 strcpy(new_namelist, name);
446 }
447 *namelist = new_namelist;
448 }
449
450 static void dump_der(const char *label, const void *data, size_t data_len)
451 {
452 test_output_memory(label, data, data_len);
453 }
454
455 static void dump_pem(const char *label, const void *data, size_t data_len)
456 {
457 test_output_string(label, data, data_len - 1);
458 }
459
460 static int check_unprotected_PKCS8_DER(const char *type,
461 const void *data, size_t data_len)
462 {
463 const unsigned char *datap = data;
464 PKCS8_PRIV_KEY_INFO *p8inf =
465 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
466 int ok = 0;
467
468 if (TEST_ptr(p8inf)) {
469 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
470 char *namelist = NULL;
471
472 if (TEST_ptr(pkey)) {
473 if (!(ok = TEST_true(EVP_PKEY_is_a(pkey, type)))) {
474 EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist);
475 if (namelist != NULL)
476 TEST_note("%s isn't any of %s", type, namelist);
477 OPENSSL_free(namelist);
478 }
479 EVP_PKEY_free(pkey);
480 }
481 }
482 PKCS8_PRIV_KEY_INFO_free(p8inf);
483 return ok;
484 }
485
486 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
487 {
488 return test_encode_decode(type, key,
489 "DER", OSSL_KEYMGMT_SELECT_KEYPAIR
490 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
491 NULL, NULL,
492 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
493 test_mem, check_unprotected_PKCS8_DER,
494 dump_der, 0);
495 }
496
497 static int check_unprotected_PKCS8_PEM(const char *type,
498 const void *data, size_t data_len)
499 {
500 static const char expected_pem_header[] =
501 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
502
503 return TEST_strn_eq(data, expected_pem_header,
504 sizeof(expected_pem_header) - 1);
505 }
506
507 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
508 {
509 return test_encode_decode(type, key,
510 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
511 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
512 NULL, NULL,
513 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
514 test_text, check_unprotected_PKCS8_PEM,
515 dump_pem, 0);
516 }
517
518 static int check_params_DER(const char *type, const void *data, size_t data_len)
519 {
520 const unsigned char *datap = data;
521 int ok = 0;
522 int itype = NID_undef;
523 EVP_PKEY *pkey = NULL;
524
525 if (strcmp(type, "DH") == 0)
526 itype = EVP_PKEY_DH;
527 else if (strcmp(type, "X9.42 DH") == 0)
528 itype = EVP_PKEY_DHX;
529 else if (strcmp(type, "DSA") == 0)
530 itype = EVP_PKEY_DSA;
531 else if (strcmp(type, "EC") == 0)
532 itype = EVP_PKEY_EC;
533
534 if (itype != NID_undef) {
535 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
536 ok = (pkey != NULL);
537 EVP_PKEY_free(pkey);
538 }
539
540 return ok;
541 }
542
543 static int check_params_PEM(const char *type,
544 const void *data, size_t data_len)
545 {
546 static char expected_pem_header[80];
547
548 return
549 TEST_int_gt(BIO_snprintf(expected_pem_header,
550 sizeof(expected_pem_header),
551 "-----BEGIN %s PARAMETERS-----", type), 0)
552 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
553 }
554
555 static int test_params_via_DER(const char *type, EVP_PKEY *key)
556 {
557 return test_encode_decode(type, key,
558 "DER", OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
559 NULL, NULL,
560 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
561 test_mem, check_params_DER,
562 dump_der, FLAG_DECODE_WITH_TYPE);
563 }
564
565 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
566 {
567 return test_encode_decode(type, key,
568 "PEM", OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
569 NULL, NULL,
570 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
571 test_text, check_params_PEM,
572 dump_pem, 0);
573 }
574
575 static int check_unprotected_legacy_PEM(const char *type,
576 const void *data, size_t data_len)
577 {
578 static char expected_pem_header[80];
579
580 return
581 TEST_int_gt(BIO_snprintf(expected_pem_header,
582 sizeof(expected_pem_header),
583 "-----BEGIN %s PRIVATE KEY-----", type), 0)
584 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
585 }
586
587 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
588 {
589 return test_encode_decode(type, key,
590 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
591 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
592 NULL, NULL,
593 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
594 test_text, check_unprotected_legacy_PEM,
595 dump_pem, 0);
596 }
597
598 #ifndef OPENSSL_NO_DSA
599 static int check_MSBLOB(const char *type, const void *data, size_t data_len)
600 {
601 const unsigned char *datap = data;
602 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
603 int ok = TEST_ptr(pkey);
604
605 EVP_PKEY_free(pkey);
606 return ok;
607 }
608
609 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
610 {
611 return test_encode_decode(type, key,
612 "MSBLOB", OSSL_KEYMGMT_SELECT_KEYPAIR
613 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
614 NULL, NULL,
615 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
616 test_mem, check_MSBLOB,
617 dump_der, 0);
618 }
619
620 # ifndef OPENSSL_NO_RC4
621 static int check_PVK(const char *type, const void *data, size_t data_len)
622 {
623 const unsigned char *in = data;
624 unsigned int saltlen = 0, keylen = 0;
625 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
626
627 return ok;
628 }
629
630 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
631 {
632 return test_encode_decode(type, key,
633 "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR
634 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
635 NULL, NULL,
636 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
637 test_mem, check_PVK,
638 dump_der, 0);
639 }
640 # endif
641 #endif
642
643 static const char *pass_cipher = "AES-256-CBC";
644 static const char *pass = "the holy handgrenade of antioch";
645
646 static int check_protected_PKCS8_DER(const char *type,
647 const void *data, size_t data_len)
648 {
649 const unsigned char *datap = data;
650 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
651 int ok = TEST_ptr(p8);
652
653 X509_SIG_free(p8);
654 return ok;
655 }
656
657 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
658 {
659 return test_encode_decode(type, key,
660 "DER", OSSL_KEYMGMT_SELECT_KEYPAIR
661 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
662 pass, pass_cipher,
663 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
664 test_mem, check_protected_PKCS8_DER,
665 dump_der, 0);
666 }
667
668 static int check_protected_PKCS8_PEM(const char *type,
669 const void *data, size_t data_len)
670 {
671 static const char expected_pem_header[] =
672 "-----BEGIN " PEM_STRING_PKCS8 "-----";
673
674 return TEST_strn_eq(data, expected_pem_header,
675 sizeof(expected_pem_header) - 1);
676 }
677
678 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
679 {
680 return test_encode_decode(type, key,
681 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
682 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
683 pass, pass_cipher,
684 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
685 test_text, check_protected_PKCS8_PEM,
686 dump_pem, 0);
687 }
688
689 static int check_protected_legacy_PEM(const char *type,
690 const void *data, size_t data_len)
691 {
692 static char expected_pem_header[80];
693
694 return
695 TEST_int_gt(BIO_snprintf(expected_pem_header,
696 sizeof(expected_pem_header),
697 "-----BEGIN %s PRIVATE KEY-----", type), 0)
698 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
699 && TEST_ptr(strstr(data, "\nDEK-Info: "));
700 }
701
702 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
703 {
704 return test_encode_decode(type, key,
705 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
706 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
707 pass, pass_cipher,
708 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
709 test_text, check_protected_legacy_PEM,
710 dump_pem, 0);
711 }
712
713 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
714 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
715 {
716 return test_encode_decode(type, key,
717 "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR
718 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
719 pass, NULL,
720 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
721 test_mem, check_PVK, dump_der, 0);
722 }
723 #endif
724
725 static int check_public_DER(const char *type, const void *data, size_t data_len)
726 {
727 const unsigned char *datap = data;
728 EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
729 int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
730
731 EVP_PKEY_free(pkey);
732 return ok;
733 }
734
735 static int test_public_via_DER(const char *type, EVP_PKEY *key)
736 {
737 return test_encode_decode(type, key,
738 "DER", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
739 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
740 NULL, NULL,
741 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
742 test_mem, check_public_DER, dump_der, 0);
743 }
744
745 static int check_public_PEM(const char *type, const void *data, size_t data_len)
746 {
747 static const char expected_pem_header[] =
748 "-----BEGIN " PEM_STRING_PUBLIC "-----";
749
750 return
751 TEST_strn_eq(data, expected_pem_header,
752 sizeof(expected_pem_header) - 1);
753 }
754
755 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
756 {
757 return test_encode_decode(type, key,
758 "PEM", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
759 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
760 NULL, NULL,
761 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
762 test_text, check_public_PEM, dump_pem, 0);
763 }
764
765 #ifndef OPENSSL_NO_DSA
766 static int check_public_MSBLOB(const char *type,
767 const void *data, size_t data_len)
768 {
769 const unsigned char *datap = data;
770 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
771 int ok = TEST_ptr(pkey);
772
773 EVP_PKEY_free(pkey);
774 return ok;
775 }
776
777 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
778 {
779 return test_encode_decode(type, key,
780 "MSBLOB", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
781 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
782 NULL, NULL,
783 encode_public_EVP_PKEY_MSBLOB,
784 decode_EVP_PKEY_prov,
785 test_mem, check_public_MSBLOB, dump_der, 0);
786 }
787 #endif
788
789 #define KEYS(KEYTYPE) \
790 static EVP_PKEY *key_##KEYTYPE = NULL
791 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
792 ok = ok \
793 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
794 #define FREE_KEYS(KEYTYPE) \
795 EVP_PKEY_free(key_##KEYTYPE); \
796
797 #define DOMAIN_KEYS(KEYTYPE) \
798 static EVP_PKEY *template_##KEYTYPE = NULL; \
799 static EVP_PKEY *key_##KEYTYPE = NULL
800 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
801 ok = ok \
802 && TEST_ptr(template_##KEYTYPE = \
803 make_template(KEYTYPEstr, params)) \
804 && TEST_ptr(key_##KEYTYPE = \
805 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
806 #define FREE_DOMAIN_KEYS(KEYTYPE) \
807 EVP_PKEY_free(template_##KEYTYPE); \
808 EVP_PKEY_free(key_##KEYTYPE)
809
810 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
811 static int test_unprotected_##KEYTYPE##_via_DER(void) \
812 { \
813 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
814 } \
815 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
816 { \
817 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
818 } \
819 static int test_protected_##KEYTYPE##_via_DER(void) \
820 { \
821 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
822 } \
823 static int test_protected_##KEYTYPE##_via_PEM(void) \
824 { \
825 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
826 } \
827 static int test_public_##KEYTYPE##_via_DER(void) \
828 { \
829 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
830 } \
831 static int test_public_##KEYTYPE##_via_PEM(void) \
832 { \
833 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
834 }
835
836 #define ADD_TEST_SUITE(KEYTYPE) \
837 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
838 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
839 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
840 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
841 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
842 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
843
844 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
845 static int test_params_##KEYTYPE##_via_DER(void) \
846 { \
847 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
848 } \
849 static int test_params_##KEYTYPE##_via_PEM(void) \
850 { \
851 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
852 }
853
854 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
855 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
856 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
857
858 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
859 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
860 { \
861 return \
862 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
863 } \
864 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
865 { \
866 return \
867 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
868 }
869
870 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
871 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
872 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
873
874 #ifndef OPENSSL_NO_DSA
875 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
876 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
877 { \
878 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
879 } \
880 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
881 { \
882 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
883 }
884
885 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
886 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
887 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
888
889 # ifndef OPENSSL_NO_RC4
890 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
891 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
892 { \
893 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
894 } \
895 static int test_protected_##KEYTYPE##_via_PVK(void) \
896 { \
897 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
898 }
899
900 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
901 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
902 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
903 # endif
904 #endif
905
906 #ifndef OPENSSL_NO_DH
907 DOMAIN_KEYS(DH);
908 IMPLEMENT_TEST_SUITE(DH, "DH")
909 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
910 DOMAIN_KEYS(DHX);
911 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
912 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
913 /*
914 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
915 * so no legacy tests.
916 */
917 #endif
918 #ifndef OPENSSL_NO_DSA
919 DOMAIN_KEYS(DSA);
920 IMPLEMENT_TEST_SUITE(DSA, "DSA")
921 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
922 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
923 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
924 # ifndef OPENSSL_NO_RC4
925 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
926 # endif
927 #endif
928 #ifndef OPENSSL_NO_EC
929 DOMAIN_KEYS(EC);
930 IMPLEMENT_TEST_SUITE(EC, "EC")
931 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
932 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
933 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
934 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
935 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
936 DOMAIN_KEYS(ECExplicitPrime2G);
937 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
938 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
939 # ifndef OPENSSL_NO_EC2M
940 DOMAIN_KEYS(ECExplicitTriNamedCurve);
941 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
942 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
943 DOMAIN_KEYS(ECExplicitTri2G);
944 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
945 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
946 # endif
947 KEYS(ED25519);
948 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
949 KEYS(ED448);
950 IMPLEMENT_TEST_SUITE(ED448, "ED448")
951 KEYS(X25519);
952 IMPLEMENT_TEST_SUITE(X25519, "X25519")
953 KEYS(X448);
954 IMPLEMENT_TEST_SUITE(X448, "X448")
955 /*
956 * ED25519, ED448, X25519 and X448 have no support for
957 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
958 */
959 #endif
960 KEYS(RSA);
961 IMPLEMENT_TEST_SUITE(RSA, "RSA")
962 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
963 KEYS(RSA_PSS);
964 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
965 /*
966 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
967 * so no legacy tests.
968 */
969 #ifndef OPENSSL_NO_DSA
970 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
971 # ifndef OPENSSL_NO_RC4
972 IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
973 # endif
974 #endif
975
976 #ifndef OPENSSL_NO_EC
977 /* Explicit parameters that match a named curve */
978 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
979 const unsigned char *gen,
980 size_t gen_len)
981 {
982 BIGNUM *a, *b, *prime, *order;
983
984 /* Curve prime256v1 */
985 static const unsigned char prime_data[] = {
986 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
987 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
988 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
989 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
990 0xff
991 };
992 static const unsigned char a_data[] = {
993 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
994 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
995 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
996 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
997 0xfc
998 };
999 static const unsigned char b_data[] = {
1000 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1001 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1002 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1003 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1004 };
1005 static const unsigned char seed[] = {
1006 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1007 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1008 0x81, 0x9f, 0x7e, 0x90
1009 };
1010 static const unsigned char order_data[] = {
1011 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1012 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1013 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1014 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1015 };
1016 return TEST_ptr(a = BN_CTX_get(bnctx))
1017 && TEST_ptr(b = BN_CTX_get(bnctx))
1018 && TEST_ptr(prime = BN_CTX_get(bnctx))
1019 && TEST_ptr(order = BN_CTX_get(bnctx))
1020 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1021 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1022 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1023 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1024 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1025 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1026 0))
1027 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1028 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1029 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1030 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1031 OSSL_PKEY_PARAM_EC_ORDER, order))
1032 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1033 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1034 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1035 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1036 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1037 BN_value_one()));
1038 }
1039
1040 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1041 {
1042 static const unsigned char prime256v1_gen[] = {
1043 0x04,
1044 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1045 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1046 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1047 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1048 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1049 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1050 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1051 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1052 };
1053 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1054 sizeof(prime256v1_gen));
1055 }
1056
1057 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1058 {
1059 /* 2G */
1060 static const unsigned char prime256v1_gen2[] = {
1061 0x04,
1062 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1063 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1064 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1065 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1066 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1067 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1068 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1069 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1070 };
1071 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1072 sizeof(prime256v1_gen2));
1073 }
1074
1075 # ifndef OPENSSL_NO_EC2M
1076 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1077 const unsigned char *gen,
1078 size_t gen_len)
1079 {
1080 BIGNUM *a, *b, *poly, *order, *cofactor;
1081 /* sect233k1 characteristic-two-field tpBasis */
1082 static const unsigned char poly_data[] = {
1083 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1084 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1085 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1086 };
1087 static const unsigned char a_data[] = {
1088 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1089 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1090 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1091 };
1092 static const unsigned char b_data[] = {
1093 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1094 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1095 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1096 };
1097 static const unsigned char order_data[] = {
1098 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1099 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1100 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1101 };
1102 static const unsigned char cofactor_data[]= {
1103 0x4
1104 };
1105 return TEST_ptr(a = BN_CTX_get(bnctx))
1106 && TEST_ptr(b = BN_CTX_get(bnctx))
1107 && TEST_ptr(poly = BN_CTX_get(bnctx))
1108 && TEST_ptr(order = BN_CTX_get(bnctx))
1109 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1110 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1111 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1112 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1113 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1114 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1115 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1116 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1117 SN_X9_62_characteristic_two_field, 0))
1118 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1119 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1120 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1121 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1122 OSSL_PKEY_PARAM_EC_ORDER, order))
1123 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1124 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1125 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1126 cofactor));
1127 }
1128
1129 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1130 {
1131 static const unsigned char gen[] = {
1132 0x04,
1133 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1134 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1135 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1136 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1137 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1138 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1139 };
1140 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1141 }
1142
1143 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1144 {
1145 static const unsigned char gen2[] = {
1146 0x04,
1147 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1148 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1149 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1150 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1151 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1152 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1153 };
1154 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1155 }
1156 # endif /* OPENSSL_NO_EC2M */
1157 #endif /* OPENSSL_NO_EC */
1158
1159 int setup_tests(void)
1160 {
1161 int ok = 1;
1162
1163 #ifndef OPENSSL_NO_DSA
1164 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1165 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1166 OSSL_PARAM DSA_params[] = {
1167 OSSL_PARAM_size_t("pbits", &pbits),
1168 OSSL_PARAM_size_t("qbits", &qbits),
1169 OSSL_PARAM_END
1170 };
1171 #endif
1172
1173 #ifndef OPENSSL_NO_EC
1174 static char groupname[] = "prime256v1";
1175 OSSL_PARAM EC_params[] = {
1176 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1177 OSSL_PARAM_END
1178 };
1179 #endif
1180
1181 /* 7 is the default magic number */
1182 static unsigned int rsapss_min_saltlen = 7;
1183 OSSL_PARAM RSA_PSS_params[] = {
1184 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
1185 OSSL_PARAM_END
1186 };
1187
1188 #ifndef OPENSSL_NO_EC
1189 if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
1190 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1191 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1192 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1193 || !create_ec_explicit_prime_params(bld_prime)
1194 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1195 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1196 # ifndef OPENSSL_NO_EC2M
1197 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1198 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1199 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1200 || !create_ec_explicit_trinomial_params(bld_tri)
1201 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1202 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1203 # endif
1204 )
1205 return 0;
1206 #endif
1207
1208 TEST_info("Generating keys...");
1209
1210 #ifndef OPENSSL_NO_DH
1211 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1212 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1213 #endif
1214 #ifndef OPENSSL_NO_DSA
1215 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1216 #endif
1217 #ifndef OPENSSL_NO_EC
1218 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1219 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1220 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1221 # ifndef OPENSSL_NO_EC2M
1222 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1223 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1224 # endif
1225 MAKE_KEYS(ED25519, "ED25519", NULL);
1226 MAKE_KEYS(ED448, "ED448", NULL);
1227 MAKE_KEYS(X25519, "X25519", NULL);
1228 MAKE_KEYS(X448, "X448", NULL);
1229 #endif
1230 MAKE_KEYS(RSA, "RSA", NULL);
1231 MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1232 TEST_info("Generating key... done");
1233
1234 if (ok) {
1235 #ifndef OPENSSL_NO_DH
1236 ADD_TEST_SUITE(DH);
1237 ADD_TEST_SUITE_PARAMS(DH);
1238 ADD_TEST_SUITE(DHX);
1239 ADD_TEST_SUITE_PARAMS(DHX);
1240 /*
1241 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1242 * so no legacy tests.
1243 */
1244 #endif
1245 #ifndef OPENSSL_NO_DSA
1246 ADD_TEST_SUITE(DSA);
1247 ADD_TEST_SUITE_PARAMS(DSA);
1248 ADD_TEST_SUITE_LEGACY(DSA);
1249 ADD_TEST_SUITE_MSBLOB(DSA);
1250 # ifndef OPENSSL_NO_RC4
1251 ADD_TEST_SUITE_PVK(DSA);
1252 # endif
1253 #endif
1254 #ifndef OPENSSL_NO_EC
1255 ADD_TEST_SUITE(EC);
1256 ADD_TEST_SUITE_PARAMS(EC);
1257 ADD_TEST_SUITE_LEGACY(EC);
1258 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1259 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1260 ADD_TEST_SUITE(ECExplicitPrime2G);
1261 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1262 # ifndef OPENSSL_NO_EC2M
1263 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1264 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1265 ADD_TEST_SUITE(ECExplicitTri2G);
1266 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1267 # endif
1268 ADD_TEST_SUITE(ED25519);
1269 ADD_TEST_SUITE(ED448);
1270 ADD_TEST_SUITE(X25519);
1271 ADD_TEST_SUITE(X448);
1272 /*
1273 * ED25519, ED448, X25519 and X448 have no support for
1274 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1275 */
1276 #endif
1277 ADD_TEST_SUITE(RSA);
1278 ADD_TEST_SUITE_LEGACY(RSA);
1279 ADD_TEST_SUITE(RSA_PSS);
1280 /*
1281 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1282 * so no legacy tests.
1283 */
1284 #ifndef OPENSSL_NO_DSA
1285 ADD_TEST_SUITE_MSBLOB(RSA);
1286 # ifndef OPENSSL_NO_RC4
1287 ADD_TEST_SUITE_PVK(RSA);
1288 # endif
1289 #endif
1290 }
1291
1292 return 1;
1293 }
1294
1295 void cleanup_tests(void)
1296 {
1297 #ifndef OPENSSL_NO_EC
1298 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1299 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1300 OSSL_PARAM_BLD_free(bld_prime_nc);
1301 OSSL_PARAM_BLD_free(bld_prime);
1302 # ifndef OPENSSL_NO_EC2M
1303 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1304 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1305 OSSL_PARAM_BLD_free(bld_tri_nc);
1306 OSSL_PARAM_BLD_free(bld_tri);
1307 # endif
1308 BN_CTX_free(bnctx);
1309 #endif /* OPENSSL_NO_EC */
1310
1311 #ifndef OPENSSL_NO_DH
1312 FREE_DOMAIN_KEYS(DH);
1313 FREE_DOMAIN_KEYS(DHX);
1314 #endif
1315 #ifndef OPENSSL_NO_DSA
1316 FREE_DOMAIN_KEYS(DSA);
1317 #endif
1318 #ifndef OPENSSL_NO_EC
1319 FREE_DOMAIN_KEYS(EC);
1320 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1321 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1322 # ifndef OPENSSL_NO_EC2M
1323 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1324 FREE_DOMAIN_KEYS(ECExplicitTri2G);
1325 # endif
1326 FREE_KEYS(ED25519);
1327 FREE_KEYS(ED448);
1328 FREE_KEYS(X25519);
1329 FREE_KEYS(X448);
1330 #endif
1331 FREE_KEYS(RSA);
1332 FREE_KEYS(RSA_PSS);
1333 }
A mirror of the official openssl repository