2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
28 static BN_CTX
*bnctx
= NULL
;
29 static OSSL_PARAM_BLD
*bld_prime_nc
= NULL
;
30 static OSSL_PARAM_BLD
*bld_prime
= NULL
;
31 static OSSL_PARAM
*ec_explicit_prime_params_nc
= NULL
;
32 static OSSL_PARAM
*ec_explicit_prime_params_explicit
= NULL
;
34 # ifndef OPENSSL_NO_EC2M
35 static OSSL_PARAM_BLD
*bld_tri_nc
= NULL
;
36 static OSSL_PARAM_BLD
*bld_tri
= NULL
;
37 static OSSL_PARAM
*ec_explicit_tri_params_nc
= NULL
;
38 static OSSL_PARAM
*ec_explicit_tri_params_explicit
= NULL
;
42 static EVP_PKEY
*make_template(const char *type
, OSSL_PARAM
*genparams
)
44 EVP_PKEY
*pkey
= NULL
;
45 EVP_PKEY_CTX
*ctx
= EVP_PKEY_CTX_new_from_name(NULL
, type
, NULL
);
48 * No real need to check the errors other than for the cascade
49 * effect. |pkey| will simply remain NULL if something goes wrong.
52 && EVP_PKEY_paramgen_init(ctx
) > 0
54 || EVP_PKEY_CTX_set_params(ctx
, genparams
) > 0)
55 && EVP_PKEY_gen(ctx
, &pkey
) > 0);
56 EVP_PKEY_CTX_free(ctx
);
61 static EVP_PKEY
*make_key(const char *type
, EVP_PKEY
*template,
62 OSSL_PARAM
*genparams
)
64 EVP_PKEY
*pkey
= NULL
;
67 ? EVP_PKEY_CTX_new(template, NULL
)
68 : EVP_PKEY_CTX_new_from_name(NULL
, type
, NULL
);
71 * No real need to check the errors other than for the cascade
72 * effect. |pkey| will simply remain NULL if something goes wrong.
75 && EVP_PKEY_keygen_init(ctx
) > 0
77 || EVP_PKEY_CTX_set_params(ctx
, genparams
) > 0)
78 && EVP_PKEY_keygen(ctx
, &pkey
) > 0);
79 EVP_PKEY_CTX_free(ctx
);
83 /* Main test driver */
86 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
87 * and __LINE__ as first two arguments, and have them use the lower case
88 * functions, such as test_strn_eq(), rather than the uppercase macros
89 * (TEST_strn2_eq(), for example).
92 typedef int (encoder
)(void **encoded
, long *encoded_len
, void *object
,
93 const char *output_type
, int selection
,
94 const char *pass
, const char *pcipher
);
95 typedef int (decoder
)(void **object
, void *encoded
, long encoded_len
,
96 const char *keytype
, const char *input_type
,
97 int selection
, const char *pass
);
98 typedef int (tester
)(const void *data1
, size_t data1_len
,
99 const void *data2
, size_t data2_len
);
100 typedef int (checker
)(const char *type
, const void *data
, size_t data_len
);
101 typedef void (dumper
)(const char *label
, const void *data
, size_t data_len
);
103 #define FLAG_DECODE_WITH_TYPE 0x0001
105 static int test_encode_decode(const char *type
, EVP_PKEY
*pkey
,
106 const char *output_type
, int selection
,
107 const char *pass
, const char *pcipher
,
108 encoder
*encode_cb
, decoder
*decode_cb
,
109 tester
*test_cb
, checker
*check_cb
,
110 dumper
*dump_cb
, int flags
)
112 void *encoded
= NULL
;
113 long encoded_len
= 0;
114 EVP_PKEY
*pkey2
= NULL
;
115 void *encoded2
= NULL
;
116 long encoded2_len
= 0;
120 * Encode |pkey|, decode the result into |pkey2|, and finish off by
121 * encoding |pkey2| as well. That last encoding is for checking and
124 if (!TEST_true(encode_cb(&encoded
, &encoded_len
, pkey
, output_type
,
125 selection
, pass
, pcipher
))
126 || !TEST_true(check_cb(type
, encoded
, encoded_len
))
127 || !TEST_true(decode_cb((void **)&pkey2
, encoded
, encoded_len
,
128 (flags
& FLAG_DECODE_WITH_TYPE
? type
: NULL
),
129 output_type
, selection
, pass
))
130 || !TEST_true(encode_cb(&encoded2
, &encoded2_len
, pkey2
, output_type
,
131 selection
, pass
, pcipher
)))
134 if (selection
== OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) {
135 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey
, pkey2
), 1))
138 if (!TEST_int_eq(EVP_PKEY_eq(pkey
, pkey2
), 1))
143 * Double check the encoding, but only for unprotected keys,
144 * as protected keys have a random component, which makes the output
147 if ((pass
== NULL
&& pcipher
== NULL
)
148 && !test_cb(encoded
, encoded_len
, encoded2
, encoded2_len
))
154 if (encoded
!= NULL
&& encoded_len
!= 0)
155 dump_cb("|pkey| encoded", encoded
, encoded_len
);
156 if (encoded2
!= NULL
&& encoded2_len
!= 0)
157 dump_cb("|pkey2| encoded", encoded2
, encoded2_len
);
160 OPENSSL_free(encoded
);
161 OPENSSL_free(encoded2
);
162 EVP_PKEY_free(pkey2
);
166 /* Encoding and desencoding methods */
168 static int encode_EVP_PKEY_prov(void **encoded
, long *encoded_len
,
170 const char *output_type
, int selection
,
171 const char *pass
, const char *pcipher
)
173 EVP_PKEY
*pkey
= object
;
174 OSSL_ENCODER_CTX
*ectx
= NULL
;
176 BUF_MEM
*mem_buf
= NULL
;
177 const unsigned char *upass
= (const unsigned char *)pass
;
180 if (!TEST_ptr(ectx
= OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey
, output_type
,
184 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx
, upass
,
187 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx
, pcipher
, NULL
)))
188 || !TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
189 || !TEST_true(OSSL_ENCODER_to_bio(ectx
, mem_ser
))
190 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
191 || !TEST_ptr(*encoded
= mem_buf
->data
)
192 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
195 /* Detach the encoded output */
196 mem_buf
->data
= NULL
;
201 OSSL_ENCODER_CTX_free(ectx
);
205 static int decode_EVP_PKEY_prov(void **object
, void *encoded
, long encoded_len
,
206 const char *keytype
, const char *input_type
,
207 int selection
, const char *pass
)
209 EVP_PKEY
*pkey
= NULL
, *testpkey
= NULL
;
210 OSSL_DECODER_CTX
*dctx
= NULL
;
211 BIO
*encoded_bio
= NULL
;
212 const unsigned char *upass
= (const unsigned char *)pass
;
217 if (strcmp(input_type
, "DER") == 0)
222 if (!TEST_ptr(encoded_bio
= BIO_new_mem_buf(encoded
, encoded_len
)))
226 * We attempt the decode 3 times. The first time we provide the expected
227 * starting input type. The second time we provide NULL for the starting
228 * type. The third time we provide a bad starting input type.
229 * The bad starting input type should fail. The other two should succeed
230 * and produce the same result.
232 for (i
= 0; i
< 3; i
++) {
233 const char *testtype
= (i
== 0) ? input_type
234 : ((i
== 1) ? NULL
: badtype
);
236 if (!TEST_ptr(dctx
= OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey
,
243 && !OSSL_DECODER_CTX_set_passphrase(dctx
, upass
, strlen(pass
)))
244 || !TEST_int_gt(BIO_reset(encoded_bio
), 0)
245 /* We expect to fail when using a bad input type */
246 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx
, encoded_bio
),
249 OSSL_DECODER_CTX_free(dctx
);
256 if (selection
== OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) {
257 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey
, testpkey
), 1))
260 if (!TEST_int_eq(EVP_PKEY_eq(pkey
, testpkey
), 1))
271 EVP_PKEY_free(testpkey
);
272 BIO_free(encoded_bio
);
273 OSSL_DECODER_CTX_free(dctx
);
277 static int encode_EVP_PKEY_legacy_PEM(void **encoded
, long *encoded_len
,
279 const char *output_type
, int selection
,
280 const char *pass
, const char *pcipher
)
282 EVP_PKEY
*pkey
= object
;
283 EVP_CIPHER
*cipher
= NULL
;
285 BUF_MEM
*mem_buf
= NULL
;
286 const unsigned char *upass
= (const unsigned char *)pass
;
290 if (pcipher
!= NULL
&& pass
!= NULL
) {
291 passlen
= strlen(pass
);
292 if (!TEST_ptr(cipher
= EVP_CIPHER_fetch(NULL
, pcipher
, NULL
)))
295 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
296 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser
, pkey
,
300 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
301 || !TEST_ptr(*encoded
= mem_buf
->data
)
302 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
305 /* Detach the encoded output */
306 mem_buf
->data
= NULL
;
311 EVP_CIPHER_free(cipher
);
315 #ifndef OPENSSL_NO_DSA
316 static int encode_EVP_PKEY_MSBLOB(void **encoded
, long *encoded_len
,
318 ossl_unused
const char *output_type
,
319 ossl_unused
int selection
,
320 ossl_unused
const char *pass
,
321 ossl_unused
const char *pcipher
)
323 EVP_PKEY
*pkey
= object
;
325 BUF_MEM
*mem_buf
= NULL
;
328 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
329 || !TEST_int_ge(i2b_PrivateKey_bio(mem_ser
, pkey
), 0)
330 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
331 || !TEST_ptr(*encoded
= mem_buf
->data
)
332 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
335 /* Detach the encoded output */
336 mem_buf
->data
= NULL
;
344 static int encode_public_EVP_PKEY_MSBLOB(void **encoded
,
347 ossl_unused
const char *output_type
,
348 ossl_unused
int selection
,
349 ossl_unused
const char *pass
,
350 ossl_unused
const char *pcipher
)
352 EVP_PKEY
*pkey
= object
;
354 BUF_MEM
*mem_buf
= NULL
;
357 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
358 || !TEST_int_ge(i2b_PublicKey_bio(mem_ser
, pkey
), 0)
359 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
360 || !TEST_ptr(*encoded
= mem_buf
->data
)
361 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
364 /* Detach the encoded output */
365 mem_buf
->data
= NULL
;
373 # ifndef OPENSSL_NO_RC4
374 static pem_password_cb pass_pw
;
375 static int pass_pw(char *buf
, int size
, int rwflag
, void *userdata
)
377 OPENSSL_strlcpy(buf
, userdata
, size
);
378 return strlen(userdata
);
381 static int encode_EVP_PKEY_PVK(void **encoded
, long *encoded_len
,
383 ossl_unused
const char *output_type
,
384 ossl_unused
int selection
,
386 ossl_unused
const char *pcipher
)
388 EVP_PKEY
*pkey
= object
;
390 BUF_MEM
*mem_buf
= NULL
;
391 int enc
= (pass
!= NULL
);
394 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
395 || !TEST_int_ge(i2b_PVK_bio(mem_ser
, pkey
, enc
,
396 pass_pw
, (void *)pass
), 0)
397 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
398 || !TEST_ptr(*encoded
= mem_buf
->data
)
399 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
402 /* Detach the encoded output */
403 mem_buf
->data
= NULL
;
413 static int test_text(const void *data1
, size_t data1_len
,
414 const void *data2
, size_t data2_len
)
416 return TEST_strn2_eq(data1
, data1_len
, data2
, data2_len
);
419 static int test_mem(const void *data1
, size_t data1_len
,
420 const void *data2
, size_t data2_len
)
422 return TEST_mem_eq(data1
, data1_len
, data2
, data2_len
);
425 /* Test cases and their dumpers / checkers */
427 static void collect_name(const char *name
, void *arg
)
429 char **namelist
= arg
;
433 space
= strlen(name
);
434 if (*namelist
!= NULL
)
435 space
+= strlen(*namelist
) + 2 /* for comma and space */;
436 space
++; /* for terminating null byte */
438 new_namelist
= OPENSSL_realloc(*namelist
, space
);
439 if (new_namelist
== NULL
)
441 if (*namelist
!= NULL
) {
442 strcat(new_namelist
, ", ");
443 strcat(new_namelist
, name
);
445 strcpy(new_namelist
, name
);
447 *namelist
= new_namelist
;
450 static void dump_der(const char *label
, const void *data
, size_t data_len
)
452 test_output_memory(label
, data
, data_len
);
455 static void dump_pem(const char *label
, const void *data
, size_t data_len
)
457 test_output_string(label
, data
, data_len
- 1);
460 static int check_unprotected_PKCS8_DER(const char *type
,
461 const void *data
, size_t data_len
)
463 const unsigned char *datap
= data
;
464 PKCS8_PRIV_KEY_INFO
*p8inf
=
465 d2i_PKCS8_PRIV_KEY_INFO(NULL
, &datap
, data_len
);
468 if (TEST_ptr(p8inf
)) {
469 EVP_PKEY
*pkey
= EVP_PKCS82PKEY(p8inf
);
470 char *namelist
= NULL
;
472 if (TEST_ptr(pkey
)) {
473 if (!(ok
= TEST_true(EVP_PKEY_is_a(pkey
, type
)))) {
474 EVP_PKEY_typenames_do_all(pkey
, collect_name
, &namelist
);
475 if (namelist
!= NULL
)
476 TEST_note("%s isn't any of %s", type
, namelist
);
477 OPENSSL_free(namelist
);
482 PKCS8_PRIV_KEY_INFO_free(p8inf
);
486 static int test_unprotected_via_DER(const char *type
, EVP_PKEY
*key
)
488 return test_encode_decode(type
, key
,
489 "DER", OSSL_KEYMGMT_SELECT_KEYPAIR
490 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
492 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
493 test_mem
, check_unprotected_PKCS8_DER
,
497 static int check_unprotected_PKCS8_PEM(const char *type
,
498 const void *data
, size_t data_len
)
500 static const char expected_pem_header
[] =
501 "-----BEGIN " PEM_STRING_PKCS8INF
"-----";
503 return TEST_strn_eq(data
, expected_pem_header
,
504 sizeof(expected_pem_header
) - 1);
507 static int test_unprotected_via_PEM(const char *type
, EVP_PKEY
*key
)
509 return test_encode_decode(type
, key
,
510 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
511 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
513 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
514 test_text
, check_unprotected_PKCS8_PEM
,
518 static int check_params_DER(const char *type
, const void *data
, size_t data_len
)
520 const unsigned char *datap
= data
;
522 int itype
= NID_undef
;
523 EVP_PKEY
*pkey
= NULL
;
525 if (strcmp(type
, "DH") == 0)
527 else if (strcmp(type
, "X9.42 DH") == 0)
528 itype
= EVP_PKEY_DHX
;
529 else if (strcmp(type
, "DSA") == 0)
530 itype
= EVP_PKEY_DSA
;
531 else if (strcmp(type
, "EC") == 0)
534 if (itype
!= NID_undef
) {
535 pkey
= d2i_KeyParams(itype
, NULL
, &datap
, data_len
);
543 static int check_params_PEM(const char *type
,
544 const void *data
, size_t data_len
)
546 static char expected_pem_header
[80];
549 TEST_int_gt(BIO_snprintf(expected_pem_header
,
550 sizeof(expected_pem_header
),
551 "-----BEGIN %s PARAMETERS-----", type
), 0)
552 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
));
555 static int test_params_via_DER(const char *type
, EVP_PKEY
*key
)
557 return test_encode_decode(type
, key
,
558 "DER", OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
560 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
561 test_mem
, check_params_DER
,
562 dump_der
, FLAG_DECODE_WITH_TYPE
);
565 static int test_params_via_PEM(const char *type
, EVP_PKEY
*key
)
567 return test_encode_decode(type
, key
,
568 "PEM", OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
570 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
571 test_text
, check_params_PEM
,
575 static int check_unprotected_legacy_PEM(const char *type
,
576 const void *data
, size_t data_len
)
578 static char expected_pem_header
[80];
581 TEST_int_gt(BIO_snprintf(expected_pem_header
,
582 sizeof(expected_pem_header
),
583 "-----BEGIN %s PRIVATE KEY-----", type
), 0)
584 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
));
587 static int test_unprotected_via_legacy_PEM(const char *type
, EVP_PKEY
*key
)
589 return test_encode_decode(type
, key
,
590 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
591 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
593 encode_EVP_PKEY_legacy_PEM
, decode_EVP_PKEY_prov
,
594 test_text
, check_unprotected_legacy_PEM
,
598 #ifndef OPENSSL_NO_DSA
599 static int check_MSBLOB(const char *type
, const void *data
, size_t data_len
)
601 const unsigned char *datap
= data
;
602 EVP_PKEY
*pkey
= b2i_PrivateKey(&datap
, data_len
);
603 int ok
= TEST_ptr(pkey
);
609 static int test_unprotected_via_MSBLOB(const char *type
, EVP_PKEY
*key
)
611 return test_encode_decode(type
, key
,
612 "MSBLOB", OSSL_KEYMGMT_SELECT_KEYPAIR
613 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
615 encode_EVP_PKEY_MSBLOB
, decode_EVP_PKEY_prov
,
616 test_mem
, check_MSBLOB
,
620 # ifndef OPENSSL_NO_RC4
621 static int check_PVK(const char *type
, const void *data
, size_t data_len
)
623 const unsigned char *in
= data
;
624 unsigned int saltlen
= 0, keylen
= 0;
625 int ok
= ossl_do_PVK_header(&in
, data_len
, 0, &saltlen
, &keylen
);
630 static int test_unprotected_via_PVK(const char *type
, EVP_PKEY
*key
)
632 return test_encode_decode(type
, key
,
633 "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR
634 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
636 encode_EVP_PKEY_PVK
, decode_EVP_PKEY_prov
,
643 static const char *pass_cipher
= "AES-256-CBC";
644 static const char *pass
= "the holy handgrenade of antioch";
646 static int check_protected_PKCS8_DER(const char *type
,
647 const void *data
, size_t data_len
)
649 const unsigned char *datap
= data
;
650 X509_SIG
*p8
= d2i_X509_SIG(NULL
, &datap
, data_len
);
651 int ok
= TEST_ptr(p8
);
657 static int test_protected_via_DER(const char *type
, EVP_PKEY
*key
)
659 return test_encode_decode(type
, key
,
660 "DER", OSSL_KEYMGMT_SELECT_KEYPAIR
661 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
663 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
664 test_mem
, check_protected_PKCS8_DER
,
668 static int check_protected_PKCS8_PEM(const char *type
,
669 const void *data
, size_t data_len
)
671 static const char expected_pem_header
[] =
672 "-----BEGIN " PEM_STRING_PKCS8
"-----";
674 return TEST_strn_eq(data
, expected_pem_header
,
675 sizeof(expected_pem_header
) - 1);
678 static int test_protected_via_PEM(const char *type
, EVP_PKEY
*key
)
680 return test_encode_decode(type
, key
,
681 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
682 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
684 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
685 test_text
, check_protected_PKCS8_PEM
,
689 static int check_protected_legacy_PEM(const char *type
,
690 const void *data
, size_t data_len
)
692 static char expected_pem_header
[80];
695 TEST_int_gt(BIO_snprintf(expected_pem_header
,
696 sizeof(expected_pem_header
),
697 "-----BEGIN %s PRIVATE KEY-----", type
), 0)
698 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
))
699 && TEST_ptr(strstr(data
, "\nDEK-Info: "));
702 static int test_protected_via_legacy_PEM(const char *type
, EVP_PKEY
*key
)
704 return test_encode_decode(type
, key
,
705 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
706 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
708 encode_EVP_PKEY_legacy_PEM
, decode_EVP_PKEY_prov
,
709 test_text
, check_protected_legacy_PEM
,
713 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
714 static int test_protected_via_PVK(const char *type
, EVP_PKEY
*key
)
716 return test_encode_decode(type
, key
,
717 "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR
718 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
720 encode_EVP_PKEY_PVK
, decode_EVP_PKEY_prov
,
721 test_mem
, check_PVK
, dump_der
, 0);
725 static int check_public_DER(const char *type
, const void *data
, size_t data_len
)
727 const unsigned char *datap
= data
;
728 EVP_PKEY
*pkey
= d2i_PUBKEY(NULL
, &datap
, data_len
);
729 int ok
= (TEST_ptr(pkey
) && TEST_true(EVP_PKEY_is_a(pkey
, type
)));
735 static int test_public_via_DER(const char *type
, EVP_PKEY
*key
)
737 return test_encode_decode(type
, key
,
738 "DER", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
739 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
741 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
742 test_mem
, check_public_DER
, dump_der
, 0);
745 static int check_public_PEM(const char *type
, const void *data
, size_t data_len
)
747 static const char expected_pem_header
[] =
748 "-----BEGIN " PEM_STRING_PUBLIC
"-----";
751 TEST_strn_eq(data
, expected_pem_header
,
752 sizeof(expected_pem_header
) - 1);
755 static int test_public_via_PEM(const char *type
, EVP_PKEY
*key
)
757 return test_encode_decode(type
, key
,
758 "PEM", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
759 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
761 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
762 test_text
, check_public_PEM
, dump_pem
, 0);
765 #ifndef OPENSSL_NO_DSA
766 static int check_public_MSBLOB(const char *type
,
767 const void *data
, size_t data_len
)
769 const unsigned char *datap
= data
;
770 EVP_PKEY
*pkey
= b2i_PublicKey(&datap
, data_len
);
771 int ok
= TEST_ptr(pkey
);
777 static int test_public_via_MSBLOB(const char *type
, EVP_PKEY
*key
)
779 return test_encode_decode(type
, key
,
780 "MSBLOB", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
781 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
783 encode_public_EVP_PKEY_MSBLOB
,
784 decode_EVP_PKEY_prov
,
785 test_mem
, check_public_MSBLOB
, dump_der
, 0);
789 #define KEYS(KEYTYPE) \
790 static EVP_PKEY *key_##KEYTYPE = NULL
791 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
793 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
794 #define FREE_KEYS(KEYTYPE) \
795 EVP_PKEY_free(key_##KEYTYPE); \
797 #define DOMAIN_KEYS(KEYTYPE) \
798 static EVP_PKEY *template_##KEYTYPE = NULL; \
799 static EVP_PKEY *key_##KEYTYPE = NULL
800 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
802 && TEST_ptr(template_##KEYTYPE = \
803 make_template(KEYTYPEstr, params)) \
804 && TEST_ptr(key_##KEYTYPE = \
805 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
806 #define FREE_DOMAIN_KEYS(KEYTYPE) \
807 EVP_PKEY_free(template_##KEYTYPE); \
808 EVP_PKEY_free(key_##KEYTYPE)
810 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
811 static int test_unprotected_##KEYTYPE##_via_DER(void) \
813 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
815 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
817 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
819 static int test_protected_##KEYTYPE##_via_DER(void) \
821 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
823 static int test_protected_##KEYTYPE##_via_PEM(void) \
825 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
827 static int test_public_##KEYTYPE##_via_DER(void) \
829 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
831 static int test_public_##KEYTYPE##_via_PEM(void) \
833 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
836 #define ADD_TEST_SUITE(KEYTYPE) \
837 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
838 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
839 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
840 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
841 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
842 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
844 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
845 static int test_params_##KEYTYPE##_via_DER(void) \
847 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
849 static int test_params_##KEYTYPE##_via_PEM(void) \
851 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
854 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
855 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
856 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
858 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
859 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
862 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
864 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
867 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
870 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
871 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
872 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
874 #ifndef OPENSSL_NO_DSA
875 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
876 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
878 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
880 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
882 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
885 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
886 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
887 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
889 # ifndef OPENSSL_NO_RC4
890 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
891 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
893 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
895 static int test_protected_##KEYTYPE##_via_PVK(void) \
897 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
900 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
901 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
902 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
906 #ifndef OPENSSL_NO_DH
908 IMPLEMENT_TEST_SUITE(DH
, "DH")
909 IMPLEMENT_TEST_SUITE_PARAMS(DH
, "DH")
911 IMPLEMENT_TEST_SUITE(DHX
, "X9.42 DH")
912 IMPLEMENT_TEST_SUITE_PARAMS(DHX
, "X9.42 DH")
914 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
915 * so no legacy tests.
918 #ifndef OPENSSL_NO_DSA
920 IMPLEMENT_TEST_SUITE(DSA
, "DSA")
921 IMPLEMENT_TEST_SUITE_PARAMS(DSA
, "DSA")
922 IMPLEMENT_TEST_SUITE_LEGACY(DSA
, "DSA")
923 IMPLEMENT_TEST_SUITE_MSBLOB(DSA
, "DSA")
924 # ifndef OPENSSL_NO_RC4
925 IMPLEMENT_TEST_SUITE_PVK(DSA
, "DSA")
928 #ifndef OPENSSL_NO_EC
930 IMPLEMENT_TEST_SUITE(EC
, "EC")
931 IMPLEMENT_TEST_SUITE_PARAMS(EC
, "EC")
932 IMPLEMENT_TEST_SUITE_LEGACY(EC
, "EC")
933 DOMAIN_KEYS(ECExplicitPrimeNamedCurve
);
934 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve
, "EC")
935 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve
, "EC")
936 DOMAIN_KEYS(ECExplicitPrime2G
);
937 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G
, "EC")
938 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G
, "EC")
939 # ifndef OPENSSL_NO_EC2M
940 DOMAIN_KEYS(ECExplicitTriNamedCurve
);
941 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve
, "EC")
942 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve
, "EC")
943 DOMAIN_KEYS(ECExplicitTri2G
);
944 IMPLEMENT_TEST_SUITE(ECExplicitTri2G
, "EC")
945 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G
, "EC")
948 IMPLEMENT_TEST_SUITE(ED25519
, "ED25519")
950 IMPLEMENT_TEST_SUITE(ED448
, "ED448")
952 IMPLEMENT_TEST_SUITE(X25519
, "X25519")
954 IMPLEMENT_TEST_SUITE(X448
, "X448")
956 * ED25519, ED448, X25519 and X448 have no support for
957 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
961 IMPLEMENT_TEST_SUITE(RSA
, "RSA")
962 IMPLEMENT_TEST_SUITE_LEGACY(RSA
, "RSA")
964 IMPLEMENT_TEST_SUITE(RSA_PSS
, "RSA-PSS")
966 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
967 * so no legacy tests.
969 #ifndef OPENSSL_NO_DSA
970 IMPLEMENT_TEST_SUITE_MSBLOB(RSA
, "RSA")
971 # ifndef OPENSSL_NO_RC4
972 IMPLEMENT_TEST_SUITE_PVK(RSA
, "RSA")
976 #ifndef OPENSSL_NO_EC
977 /* Explicit parameters that match a named curve */
978 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD
*bld
,
979 const unsigned char *gen
,
982 BIGNUM
*a
, *b
, *prime
, *order
;
984 /* Curve prime256v1 */
985 static const unsigned char prime_data
[] = {
986 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
987 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
988 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
989 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
992 static const unsigned char a_data
[] = {
993 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
994 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
995 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
996 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
999 static const unsigned char b_data
[] = {
1000 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1001 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1002 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1003 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1005 static const unsigned char seed
[] = {
1006 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1007 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1008 0x81, 0x9f, 0x7e, 0x90
1010 static const unsigned char order_data
[] = {
1011 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1012 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1013 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1014 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1016 return TEST_ptr(a
= BN_CTX_get(bnctx
))
1017 && TEST_ptr(b
= BN_CTX_get(bnctx
))
1018 && TEST_ptr(prime
= BN_CTX_get(bnctx
))
1019 && TEST_ptr(order
= BN_CTX_get(bnctx
))
1020 && TEST_ptr(BN_bin2bn(prime_data
, sizeof(prime_data
), prime
))
1021 && TEST_ptr(BN_bin2bn(a_data
, sizeof(a_data
), a
))
1022 && TEST_ptr(BN_bin2bn(b_data
, sizeof(b_data
), b
))
1023 && TEST_ptr(BN_bin2bn(order_data
, sizeof(order_data
), order
))
1024 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
1025 OSSL_PKEY_PARAM_EC_FIELD_TYPE
, SN_X9_62_prime_field
,
1027 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_P
, prime
))
1028 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_A
, a
))
1029 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_B
, b
))
1030 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
1031 OSSL_PKEY_PARAM_EC_ORDER
, order
))
1032 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1033 OSSL_PKEY_PARAM_EC_GENERATOR
, gen
, gen_len
))
1034 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1035 OSSL_PKEY_PARAM_EC_SEED
, seed
, sizeof(seed
)))
1036 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_COFACTOR
,
1040 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD
*bld
)
1042 static const unsigned char prime256v1_gen
[] = {
1044 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1045 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1046 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1047 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1048 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1049 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1050 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1051 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1053 return do_create_ec_explicit_prime_params(bld
, prime256v1_gen
,
1054 sizeof(prime256v1_gen
));
1057 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD
*bld
)
1060 static const unsigned char prime256v1_gen2
[] = {
1062 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1063 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1064 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1065 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1066 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1067 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1068 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1069 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1071 return do_create_ec_explicit_prime_params(bld
, prime256v1_gen2
,
1072 sizeof(prime256v1_gen2
));
1075 # ifndef OPENSSL_NO_EC2M
1076 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD
*bld
,
1077 const unsigned char *gen
,
1080 BIGNUM
*a
, *b
, *poly
, *order
, *cofactor
;
1081 /* sect233k1 characteristic-two-field tpBasis */
1082 static const unsigned char poly_data
[] = {
1083 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1084 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1085 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1087 static const unsigned char a_data
[] = {
1088 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1089 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1090 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1092 static const unsigned char b_data
[] = {
1093 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1094 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1095 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1097 static const unsigned char order_data
[] = {
1098 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1099 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1100 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1102 static const unsigned char cofactor_data
[]= {
1105 return TEST_ptr(a
= BN_CTX_get(bnctx
))
1106 && TEST_ptr(b
= BN_CTX_get(bnctx
))
1107 && TEST_ptr(poly
= BN_CTX_get(bnctx
))
1108 && TEST_ptr(order
= BN_CTX_get(bnctx
))
1109 && TEST_ptr(cofactor
= BN_CTX_get(bnctx
))
1110 && TEST_ptr(BN_bin2bn(poly_data
, sizeof(poly_data
), poly
))
1111 && TEST_ptr(BN_bin2bn(a_data
, sizeof(a_data
), a
))
1112 && TEST_ptr(BN_bin2bn(b_data
, sizeof(b_data
), b
))
1113 && TEST_ptr(BN_bin2bn(order_data
, sizeof(order_data
), order
))
1114 && TEST_ptr(BN_bin2bn(cofactor_data
, sizeof(cofactor_data
), cofactor
))
1115 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
1116 OSSL_PKEY_PARAM_EC_FIELD_TYPE
,
1117 SN_X9_62_characteristic_two_field
, 0))
1118 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_P
, poly
))
1119 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_A
, a
))
1120 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_B
, b
))
1121 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
1122 OSSL_PKEY_PARAM_EC_ORDER
, order
))
1123 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1124 OSSL_PKEY_PARAM_EC_GENERATOR
, gen
, gen_len
))
1125 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_COFACTOR
,
1129 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD
*bld
)
1131 static const unsigned char gen
[] = {
1133 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1134 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1135 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1136 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1137 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1138 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1140 return do_create_ec_explicit_trinomial_params(bld
, gen
, sizeof(gen
));
1143 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD
*bld
)
1145 static const unsigned char gen2
[] = {
1147 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1148 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1149 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1150 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1151 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1152 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1154 return do_create_ec_explicit_trinomial_params(bld
, gen2
, sizeof(gen2
));
1156 # endif /* OPENSSL_NO_EC2M */
1157 #endif /* OPENSSL_NO_EC */
1159 int setup_tests(void)
1163 #ifndef OPENSSL_NO_DSA
1164 static size_t qbits
= 160; /* PVK only tolerates 160 Q bits */
1165 static size_t pbits
= 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1166 OSSL_PARAM DSA_params
[] = {
1167 OSSL_PARAM_size_t("pbits", &pbits
),
1168 OSSL_PARAM_size_t("qbits", &qbits
),
1173 #ifndef OPENSSL_NO_EC
1174 static char groupname
[] = "prime256v1";
1175 OSSL_PARAM EC_params
[] = {
1176 OSSL_PARAM_utf8_string("group", groupname
, sizeof(groupname
) - 1),
1181 /* 7 is the default magic number */
1182 static unsigned int rsapss_min_saltlen
= 7;
1183 OSSL_PARAM RSA_PSS_params
[] = {
1184 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen
),
1188 #ifndef OPENSSL_NO_EC
1189 if (!TEST_ptr(bnctx
= BN_CTX_new_ex(NULL
))
1190 || !TEST_ptr(bld_prime_nc
= OSSL_PARAM_BLD_new())
1191 || !TEST_ptr(bld_prime
= OSSL_PARAM_BLD_new())
1192 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc
)
1193 || !create_ec_explicit_prime_params(bld_prime
)
1194 || !TEST_ptr(ec_explicit_prime_params_nc
= OSSL_PARAM_BLD_to_param(bld_prime_nc
))
1195 || !TEST_ptr(ec_explicit_prime_params_explicit
= OSSL_PARAM_BLD_to_param(bld_prime
))
1196 # ifndef OPENSSL_NO_EC2M
1197 || !TEST_ptr(bld_tri_nc
= OSSL_PARAM_BLD_new())
1198 || !TEST_ptr(bld_tri
= OSSL_PARAM_BLD_new())
1199 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc
)
1200 || !create_ec_explicit_trinomial_params(bld_tri
)
1201 || !TEST_ptr(ec_explicit_tri_params_nc
= OSSL_PARAM_BLD_to_param(bld_tri_nc
))
1202 || !TEST_ptr(ec_explicit_tri_params_explicit
= OSSL_PARAM_BLD_to_param(bld_tri
))
1208 TEST_info("Generating keys...");
1210 #ifndef OPENSSL_NO_DH
1211 MAKE_DOMAIN_KEYS(DH
, "DH", NULL
);
1212 MAKE_DOMAIN_KEYS(DHX
, "X9.42 DH", NULL
);
1214 #ifndef OPENSSL_NO_DSA
1215 MAKE_DOMAIN_KEYS(DSA
, "DSA", DSA_params
);
1217 #ifndef OPENSSL_NO_EC
1218 MAKE_DOMAIN_KEYS(EC
, "EC", EC_params
);
1219 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve
, "EC", ec_explicit_prime_params_nc
);
1220 MAKE_DOMAIN_KEYS(ECExplicitPrime2G
, "EC", ec_explicit_prime_params_explicit
);
1221 # ifndef OPENSSL_NO_EC2M
1222 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve
, "EC", ec_explicit_tri_params_nc
);
1223 MAKE_DOMAIN_KEYS(ECExplicitTri2G
, "EC", ec_explicit_tri_params_explicit
);
1225 MAKE_KEYS(ED25519
, "ED25519", NULL
);
1226 MAKE_KEYS(ED448
, "ED448", NULL
);
1227 MAKE_KEYS(X25519
, "X25519", NULL
);
1228 MAKE_KEYS(X448
, "X448", NULL
);
1230 MAKE_KEYS(RSA
, "RSA", NULL
);
1231 MAKE_KEYS(RSA_PSS
, "RSA-PSS", RSA_PSS_params
);
1232 TEST_info("Generating key... done");
1235 #ifndef OPENSSL_NO_DH
1237 ADD_TEST_SUITE_PARAMS(DH
);
1238 ADD_TEST_SUITE(DHX
);
1239 ADD_TEST_SUITE_PARAMS(DHX
);
1241 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1242 * so no legacy tests.
1245 #ifndef OPENSSL_NO_DSA
1246 ADD_TEST_SUITE(DSA
);
1247 ADD_TEST_SUITE_PARAMS(DSA
);
1248 ADD_TEST_SUITE_LEGACY(DSA
);
1249 ADD_TEST_SUITE_MSBLOB(DSA
);
1250 # ifndef OPENSSL_NO_RC4
1251 ADD_TEST_SUITE_PVK(DSA
);
1254 #ifndef OPENSSL_NO_EC
1256 ADD_TEST_SUITE_PARAMS(EC
);
1257 ADD_TEST_SUITE_LEGACY(EC
);
1258 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve
);
1259 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve
);
1260 ADD_TEST_SUITE(ECExplicitPrime2G
);
1261 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G
);
1262 # ifndef OPENSSL_NO_EC2M
1263 ADD_TEST_SUITE(ECExplicitTriNamedCurve
);
1264 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve
);
1265 ADD_TEST_SUITE(ECExplicitTri2G
);
1266 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G
);
1268 ADD_TEST_SUITE(ED25519
);
1269 ADD_TEST_SUITE(ED448
);
1270 ADD_TEST_SUITE(X25519
);
1271 ADD_TEST_SUITE(X448
);
1273 * ED25519, ED448, X25519 and X448 have no support for
1274 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1277 ADD_TEST_SUITE(RSA
);
1278 ADD_TEST_SUITE_LEGACY(RSA
);
1279 ADD_TEST_SUITE(RSA_PSS
);
1281 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1282 * so no legacy tests.
1284 #ifndef OPENSSL_NO_DSA
1285 ADD_TEST_SUITE_MSBLOB(RSA
);
1286 # ifndef OPENSSL_NO_RC4
1287 ADD_TEST_SUITE_PVK(RSA
);
1295 void cleanup_tests(void)
1297 #ifndef OPENSSL_NO_EC
1298 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc
);
1299 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit
);
1300 OSSL_PARAM_BLD_free(bld_prime_nc
);
1301 OSSL_PARAM_BLD_free(bld_prime
);
1302 # ifndef OPENSSL_NO_EC2M
1303 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc
);
1304 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit
);
1305 OSSL_PARAM_BLD_free(bld_tri_nc
);
1306 OSSL_PARAM_BLD_free(bld_tri
);
1309 #endif /* OPENSSL_NO_EC */
1311 #ifndef OPENSSL_NO_DH
1312 FREE_DOMAIN_KEYS(DH
);
1313 FREE_DOMAIN_KEYS(DHX
);
1315 #ifndef OPENSSL_NO_DSA
1316 FREE_DOMAIN_KEYS(DSA
);
1318 #ifndef OPENSSL_NO_EC
1319 FREE_DOMAIN_KEYS(EC
);
1320 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve
);
1321 FREE_DOMAIN_KEYS(ECExplicitPrime2G
);
1322 # ifndef OPENSSL_NO_EC2M
1323 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve
);
1324 FREE_DOMAIN_KEYS(ECExplicitTri2G
);