2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include <openssl/bio.h>
14 #include <openssl/conf.h>
15 #include <openssl/crypto.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/rsa.h>
19 #include <openssl/x509.h>
20 #include <openssl/pem.h>
21 #include <openssl/kdf.h>
22 #include <openssl/provider.h>
23 #include <openssl/core_names.h>
24 #include <openssl/dsa.h>
25 #include <openssl/dh.h>
27 #include "internal/nelem.h"
28 #include "crypto/evp.h"
31 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
32 * should never use this key anywhere but in an example.
34 static const unsigned char kExampleRSAKeyDER
[] = {
35 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
36 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
37 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
38 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
39 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
40 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
41 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
42 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
43 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
44 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
45 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
46 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
47 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
48 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
49 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
50 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
51 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
52 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
53 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
54 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
55 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
56 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
57 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
58 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
59 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
60 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
61 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
62 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
63 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
64 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
65 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
66 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
67 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
68 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
69 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
70 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
71 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
72 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
73 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
74 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
75 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
76 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
77 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
78 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
79 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
80 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
81 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
82 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
83 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
84 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
85 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
89 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
90 * should never use this key anywhere but in an example.
92 #ifndef OPENSSL_NO_DSA
93 static const unsigned char kExampleDSAKeyDER
[] = {
94 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
95 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
96 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
97 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
98 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
99 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
100 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
101 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
102 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
103 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
104 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
105 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
106 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
107 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
108 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
109 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
110 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
111 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
112 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
113 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
114 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
115 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
116 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
117 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
118 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
119 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
120 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
121 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
122 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
123 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
124 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
125 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
126 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
127 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
128 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
129 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
130 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
136 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
137 * components are not correct.
139 static const unsigned char kExampleBadRSAKeyDER
[] = {
140 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
141 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
142 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
143 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
144 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
145 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
146 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
147 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
148 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
149 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
150 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
151 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
152 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
153 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
154 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
155 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
156 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
157 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
158 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
159 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
160 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
161 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
162 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
163 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
164 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
165 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
166 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
167 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
168 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
169 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
170 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
171 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
172 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
173 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
174 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
175 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
176 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
177 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
178 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
179 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
180 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
181 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
182 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
183 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
184 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
185 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
186 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
187 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
188 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
189 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
190 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
191 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
192 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
193 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
194 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
195 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
196 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
197 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
198 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
199 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
200 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
201 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
202 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
203 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
204 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
205 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
206 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
207 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
208 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
209 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
210 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
211 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
212 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
213 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
214 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
215 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
216 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
217 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
218 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
219 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
220 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
221 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
222 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
223 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
224 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
225 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
226 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
227 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
228 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
231 static const unsigned char kMsg
[] = { 1, 2, 3, 4 };
233 static const unsigned char kSignature
[] = {
234 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
235 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
236 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
237 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
238 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
239 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
240 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
241 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
242 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
243 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
244 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
248 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
251 static const unsigned char kExampleRSAKeyPKCS8
[] = {
252 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
253 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
254 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
255 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
256 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
257 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
258 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
259 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
260 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
261 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
262 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
263 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
264 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
265 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
266 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
267 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
268 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
269 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
270 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
271 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
272 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
273 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
274 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
275 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
276 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
277 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
278 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
279 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
280 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
281 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
282 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
283 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
284 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
285 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
286 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
287 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
288 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
289 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
290 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
291 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
292 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
293 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
294 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
295 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
296 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
297 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
298 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
299 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
300 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
301 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
302 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
303 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
304 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
307 #ifndef OPENSSL_NO_EC
309 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
312 static const unsigned char kExampleECKeyDER
[] = {
313 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
314 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
315 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
316 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
317 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
318 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
319 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
320 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
321 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
322 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
327 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
328 * structure. The private key is equal to the order and will fail to import
330 static const unsigned char kExampleBadECKeyDER
[] = {
331 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
332 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
333 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
334 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
335 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
336 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
337 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
338 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
339 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
343 static const unsigned char kExampleECPubKeyDER
[] = {
344 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
345 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
346 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
347 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
348 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
349 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
350 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
351 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
355 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
356 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
358 static const unsigned char kExampleBadECPubKeyDER
[] = {
359 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
360 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
361 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
362 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
363 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
364 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
365 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
366 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
369 static const unsigned char pExampleECParamDER
[] = {
370 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
374 typedef struct APK_DATA_st
{
375 const unsigned char *kder
;
381 int type
; /* 0 for private, 1 for public, 2 for params */
384 static APK_DATA keydata
[] = {
385 {kExampleRSAKeyDER
, sizeof(kExampleRSAKeyDER
), EVP_PKEY_RSA
},
386 {kExampleRSAKeyPKCS8
, sizeof(kExampleRSAKeyPKCS8
), EVP_PKEY_RSA
},
387 #ifndef OPENSSL_NO_EC
388 {kExampleECKeyDER
, sizeof(kExampleECKeyDER
), EVP_PKEY_EC
}
392 static APK_DATA keycheckdata
[] = {
393 {kExampleRSAKeyDER
, sizeof(kExampleRSAKeyDER
), EVP_PKEY_RSA
, 1, -2, -2, 0},
394 {kExampleBadRSAKeyDER
, sizeof(kExampleBadRSAKeyDER
), EVP_PKEY_RSA
,
396 #ifndef OPENSSL_NO_EC
397 {kExampleECKeyDER
, sizeof(kExampleECKeyDER
), EVP_PKEY_EC
, 1, 1, 1, 0},
398 /* group is also associated in our pub key */
399 {kExampleECPubKeyDER
, sizeof(kExampleECPubKeyDER
), EVP_PKEY_EC
, 0, 1, 1, 1},
400 {pExampleECParamDER
, sizeof(pExampleECParamDER
), EVP_PKEY_EC
, 0, 0, 1, 2}
404 static EVP_PKEY
*load_example_rsa_key(void)
406 EVP_PKEY
*ret
= NULL
;
407 const unsigned char *derp
= kExampleRSAKeyDER
;
408 EVP_PKEY
*pkey
= NULL
;
411 if (!TEST_true(d2i_RSAPrivateKey(&rsa
, &derp
, sizeof(kExampleRSAKeyDER
))))
414 if (!TEST_ptr(pkey
= EVP_PKEY_new())
415 || !TEST_true(EVP_PKEY_set1_RSA(pkey
, rsa
)))
428 #ifndef OPENSSL_NO_DSA
429 static EVP_PKEY
*load_example_dsa_key(void)
431 EVP_PKEY
*ret
= NULL
;
432 const unsigned char *derp
= kExampleDSAKeyDER
;
433 EVP_PKEY
*pkey
= NULL
;
436 if (!TEST_true(d2i_DSAPrivateKey(&dsa
, &derp
, sizeof(kExampleDSAKeyDER
))))
439 if (!TEST_ptr(pkey
= EVP_PKEY_new())
440 || !TEST_true(EVP_PKEY_set1_DSA(pkey
, dsa
)))
454 static int test_EVP_Enveloped(void)
457 EVP_CIPHER_CTX
*ctx
= NULL
;
458 EVP_PKEY
*keypair
= NULL
;
459 unsigned char *kek
= NULL
;
460 unsigned char iv
[EVP_MAX_IV_LENGTH
];
461 static const unsigned char msg
[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
462 int len
, kek_len
, ciphertext_len
, plaintext_len
;
463 unsigned char ciphertext
[32], plaintext
[16];
464 const EVP_CIPHER
*type
= EVP_aes_256_cbc();
466 if (!TEST_ptr(keypair
= load_example_rsa_key())
467 || !TEST_ptr(kek
= OPENSSL_zalloc(EVP_PKEY_size(keypair
)))
468 || !TEST_ptr(ctx
= EVP_CIPHER_CTX_new())
469 || !TEST_true(EVP_SealInit(ctx
, type
, &kek
, &kek_len
, iv
,
471 || !TEST_true(EVP_SealUpdate(ctx
, ciphertext
, &ciphertext_len
,
473 || !TEST_true(EVP_SealFinal(ctx
, ciphertext
+ ciphertext_len
,
477 ciphertext_len
+= len
;
479 if (!TEST_true(EVP_OpenInit(ctx
, type
, kek
, kek_len
, iv
, keypair
))
480 || !TEST_true(EVP_OpenUpdate(ctx
, plaintext
, &plaintext_len
,
481 ciphertext
, ciphertext_len
))
482 || !TEST_true(EVP_OpenFinal(ctx
, plaintext
+ plaintext_len
, &len
)))
485 plaintext_len
+= len
;
486 if (!TEST_mem_eq(msg
, sizeof(msg
), plaintext
, plaintext_len
))
492 EVP_PKEY_free(keypair
);
493 EVP_CIPHER_CTX_free(ctx
);
498 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA)
499 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA)
500 * Test 2: Use an MD BIO to do the Update calls instead (RSA)
501 * Test 3: Use an MD BIO to do the Update calls instead (DSA)
503 static int test_EVP_DigestSignInit(int tst
)
506 EVP_PKEY
*pkey
= NULL
;
507 unsigned char *sig
= NULL
;
509 EVP_MD_CTX
*md_ctx
= NULL
, *md_ctx_verify
= NULL
;
510 EVP_MD_CTX
*a_md_ctx
= NULL
, *a_md_ctx_verify
= NULL
;
511 BIO
*mdbio
= NULL
, *membio
= NULL
;
515 membio
= BIO_new(BIO_s_mem());
516 mdbio
= BIO_new(BIO_f_md());
517 if (!TEST_ptr(membio
) || !TEST_ptr(mdbio
))
519 BIO_push(mdbio
, membio
);
520 if (!TEST_int_gt(BIO_get_md_ctx(mdbio
, &md_ctx
), 0))
523 if (!TEST_ptr(a_md_ctx
= md_ctx
= EVP_MD_CTX_new())
524 || !TEST_ptr(a_md_ctx_verify
= md_ctx_verify
= EVP_MD_CTX_new()))
528 if (tst
== 0 || tst
== 2) {
529 if (!TEST_ptr(pkey
= load_example_rsa_key()))
532 #ifndef OPENSSL_NO_DSA
533 if (!TEST_ptr(pkey
= load_example_dsa_key()))
541 if (!TEST_true(EVP_DigestSignInit(md_ctx
, NULL
, EVP_sha256(), NULL
, pkey
)))
545 if (!BIO_write_ex(mdbio
, kMsg
, sizeof(kMsg
), &written
))
548 if (!TEST_true(EVP_DigestSignUpdate(md_ctx
, kMsg
, sizeof(kMsg
))))
552 /* Determine the size of the signature. */
553 if (!TEST_true(EVP_DigestSignFinal(md_ctx
, NULL
, &sig_len
))
554 || !TEST_size_t_eq(sig_len
, (size_t)EVP_PKEY_size(pkey
)))
557 if (!TEST_ptr(sig
= OPENSSL_malloc(sig_len
))
558 || !TEST_true(EVP_DigestSignFinal(md_ctx
, sig
, &sig_len
)))
562 if (!TEST_int_gt(BIO_reset(mdbio
), 0)
563 || !TEST_int_gt(BIO_get_md_ctx(mdbio
, &md_ctx_verify
), 0))
567 /* Ensure that the signature round-trips. */
568 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify
, NULL
, EVP_sha256(),
573 if (!BIO_write_ex(mdbio
, kMsg
, sizeof(kMsg
), &written
))
576 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify
, kMsg
,
580 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify
, sig
, sig_len
)))
588 EVP_MD_CTX_free(a_md_ctx
);
589 EVP_MD_CTX_free(a_md_ctx_verify
);
596 static int test_EVP_DigestVerifyInit(void)
599 EVP_PKEY
*pkey
= NULL
;
600 EVP_MD_CTX
*md_ctx
= NULL
;
602 if (!TEST_ptr(md_ctx
= EVP_MD_CTX_new())
603 || !TEST_ptr(pkey
= load_example_rsa_key()))
606 if (!TEST_true(EVP_DigestVerifyInit(md_ctx
, NULL
, EVP_sha256(), NULL
, pkey
))
607 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx
, kMsg
, sizeof(kMsg
)))
608 || !TEST_true(EVP_DigestVerifyFinal(md_ctx
, kSignature
,
609 sizeof(kSignature
))))
614 EVP_MD_CTX_free(md_ctx
);
619 static int test_d2i_AutoPrivateKey(int i
)
622 const unsigned char *p
;
623 EVP_PKEY
*pkey
= NULL
;
624 const APK_DATA
*ak
= &keydata
[i
];
625 const unsigned char *input
= ak
->kder
;
626 size_t input_len
= ak
->size
;
627 int expected_id
= ak
->evptype
;
630 if (!TEST_ptr(pkey
= d2i_AutoPrivateKey(NULL
, &p
, input_len
))
631 || !TEST_ptr_eq(p
, input
+ input_len
)
632 || !TEST_int_eq(EVP_PKEY_id(pkey
), expected_id
))
642 #ifndef OPENSSL_NO_EC
644 static const unsigned char ec_public_sect163k1_validxy
[] = {
645 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
646 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
647 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
648 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
649 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
650 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
653 static const unsigned char ec_public_sect163k1_badx
[] = {
654 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
655 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
656 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
657 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
658 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
659 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
662 static const unsigned char ec_public_sect163k1_bady
[] = {
663 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
664 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
665 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
666 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
667 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
668 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
671 static struct ec_der_pub_keys_st
{
672 const unsigned char *der
;
675 } ec_der_pub_keys
[] = {
676 { ec_public_sect163k1_validxy
, sizeof(ec_public_sect163k1_validxy
), 1 },
677 { ec_public_sect163k1_badx
, sizeof(ec_public_sect163k1_badx
), 0 },
678 { ec_public_sect163k1_bady
, sizeof(ec_public_sect163k1_bady
), 0 },
682 * Tests the range of the decoded EC char2 public point.
683 * See ec_GF2m_simple_oct2point().
685 static int test_invalide_ec_char2_pub_range_decode(int id
)
689 EC_KEY
*eckey
= NULL
;
691 if (!TEST_ptr(bio
= BIO_new_mem_buf(ec_der_pub_keys
[id
].der
,
692 ec_der_pub_keys
[id
].len
)))
694 eckey
= d2i_EC_PUBKEY_bio(bio
, NULL
);
695 ret
= (ec_der_pub_keys
[id
].valid
&& TEST_ptr(eckey
))
696 || TEST_ptr_null(eckey
);
703 /* Tests loading a bad key in PKCS8 format */
704 static int test_EVP_PKCS82PKEY(void)
707 const unsigned char *derp
= kExampleBadECKeyDER
;
708 PKCS8_PRIV_KEY_INFO
*p8inf
= NULL
;
709 EVP_PKEY
*pkey
= NULL
;
711 if (!TEST_ptr(p8inf
= d2i_PKCS8_PRIV_KEY_INFO(NULL
, &derp
,
712 sizeof(kExampleBadECKeyDER
))))
715 if (!TEST_ptr_eq(derp
,
716 kExampleBadECKeyDER
+ sizeof(kExampleBadECKeyDER
)))
719 if (!TEST_ptr_null(pkey
= EVP_PKCS82PKEY(p8inf
)))
725 PKCS8_PRIV_KEY_INFO_free(p8inf
);
732 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
734 static int test_EVP_SM2_verify(void)
736 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
738 "-----BEGIN PUBLIC KEY-----\n"
739 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
740 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
741 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
742 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
743 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
744 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
745 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
746 "-----END PUBLIC KEY-----\n";
748 const char *msg
= "message digest";
749 const char *id
= "ALICE123@YAHOO.COM";
751 const uint8_t signature
[] = {
752 0x30, 0x44, 0x02, 0x20,
754 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
755 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
756 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
760 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
761 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
762 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
767 EVP_PKEY
*pkey
= NULL
;
768 EVP_MD_CTX
*mctx
= NULL
;
769 EVP_PKEY_CTX
*pctx
= NULL
;
771 bio
= BIO_new_mem_buf(pubkey
, strlen(pubkey
));
772 if (!TEST_true(bio
!= NULL
))
775 pkey
= PEM_read_bio_PUBKEY(bio
, NULL
, NULL
, NULL
);
776 if (!TEST_true(pkey
!= NULL
))
779 if (!TEST_true(EVP_PKEY_set_alias_type(pkey
, EVP_PKEY_SM2
)))
782 if (!TEST_ptr(mctx
= EVP_MD_CTX_new()))
785 if (!TEST_ptr(pctx
= EVP_PKEY_CTX_new(pkey
, NULL
)))
788 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx
, (const uint8_t *)id
,
792 EVP_MD_CTX_set_pkey_ctx(mctx
, pctx
);
794 if (!TEST_true(EVP_DigestVerifyInit(mctx
, NULL
, EVP_sm3(), NULL
, pkey
)))
797 if (!TEST_true(EVP_DigestVerifyUpdate(mctx
, msg
, strlen(msg
))))
800 if (!TEST_true(EVP_DigestVerifyFinal(mctx
, signature
, sizeof(signature
))))
807 EVP_PKEY_CTX_free(pctx
);
808 EVP_MD_CTX_free(mctx
);
812 static int test_EVP_SM2(void)
815 EVP_PKEY
*pkey
= NULL
;
816 EVP_PKEY
*params
= NULL
;
817 EVP_PKEY_CTX
*pctx
= NULL
;
818 EVP_PKEY_CTX
*kctx
= NULL
;
819 EVP_PKEY_CTX
*sctx
= NULL
;
821 unsigned char *sig
= NULL
;
822 EVP_MD_CTX
*md_ctx
= NULL
;
823 EVP_MD_CTX
*md_ctx_verify
= NULL
;
824 EVP_PKEY_CTX
*cctx
= NULL
;
826 uint8_t ciphertext
[128];
827 size_t ctext_len
= sizeof(ciphertext
);
829 uint8_t plaintext
[8];
830 size_t ptext_len
= sizeof(plaintext
);
832 uint8_t sm2_id
[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
834 pctx
= EVP_PKEY_CTX_new_id(EVP_PKEY_EC
, NULL
);
838 if (!TEST_true(EVP_PKEY_paramgen_init(pctx
) == 1))
841 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx
, NID_sm2
)))
844 if (!TEST_true(EVP_PKEY_paramgen(pctx
, ¶ms
)))
847 kctx
= EVP_PKEY_CTX_new(params
, NULL
);
851 if (!TEST_true(EVP_PKEY_keygen_init(kctx
)))
854 if (!TEST_true(EVP_PKEY_keygen(kctx
, &pkey
)))
857 if (!TEST_true(EVP_PKEY_set_alias_type(pkey
, EVP_PKEY_SM2
)))
860 if (!TEST_ptr(md_ctx
= EVP_MD_CTX_new()))
863 if (!TEST_ptr(md_ctx_verify
= EVP_MD_CTX_new()))
866 if (!TEST_ptr(sctx
= EVP_PKEY_CTX_new(pkey
, NULL
)))
869 EVP_MD_CTX_set_pkey_ctx(md_ctx
, sctx
);
870 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify
, sctx
);
872 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx
, sm2_id
, sizeof(sm2_id
)), 0))
875 if (!TEST_true(EVP_DigestSignInit(md_ctx
, NULL
, EVP_sm3(), NULL
, pkey
)))
878 if(!TEST_true(EVP_DigestSignUpdate(md_ctx
, kMsg
, sizeof(kMsg
))))
881 /* Determine the size of the signature. */
882 if (!TEST_true(EVP_DigestSignFinal(md_ctx
, NULL
, &sig_len
)))
885 if (!TEST_size_t_eq(sig_len
, (size_t)EVP_PKEY_size(pkey
)))
888 if (!TEST_ptr(sig
= OPENSSL_malloc(sig_len
)))
891 if (!TEST_true(EVP_DigestSignFinal(md_ctx
, sig
, &sig_len
)))
894 /* Ensure that the signature round-trips. */
896 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify
, NULL
, EVP_sm3(), NULL
, pkey
)))
899 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify
, kMsg
, sizeof(kMsg
))))
902 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify
, sig
, sig_len
)))
905 /* now check encryption/decryption */
907 if (!TEST_ptr(cctx
= EVP_PKEY_CTX_new(pkey
, NULL
)))
910 if (!TEST_true(EVP_PKEY_encrypt_init(cctx
)))
913 if (!TEST_true(EVP_PKEY_encrypt(cctx
, ciphertext
, &ctext_len
, kMsg
, sizeof(kMsg
))))
916 if (!TEST_true(EVP_PKEY_decrypt_init(cctx
)))
919 if (!TEST_true(EVP_PKEY_decrypt(cctx
, plaintext
, &ptext_len
, ciphertext
, ctext_len
)))
922 if (!TEST_true(ptext_len
== sizeof(kMsg
)))
925 if (!TEST_true(memcmp(plaintext
, kMsg
, sizeof(kMsg
)) == 0))
930 EVP_PKEY_CTX_free(pctx
);
931 EVP_PKEY_CTX_free(kctx
);
932 EVP_PKEY_CTX_free(sctx
);
933 EVP_PKEY_CTX_free(cctx
);
935 EVP_PKEY_free(params
);
936 EVP_MD_CTX_free(md_ctx
);
937 EVP_MD_CTX_free(md_ctx_verify
);
944 static struct keys_st
{
950 EVP_PKEY_HMAC
, "0123456789", NULL
952 EVP_PKEY_POLY1305
, "01234567890123456789012345678901", NULL
954 EVP_PKEY_SIPHASH
, "0123456789012345", NULL
956 #ifndef OPENSSL_NO_EC
958 EVP_PKEY_X25519
, "01234567890123456789012345678901",
959 "abcdefghijklmnopqrstuvwxyzabcdef"
961 EVP_PKEY_ED25519
, "01234567890123456789012345678901",
962 "abcdefghijklmnopqrstuvwxyzabcdef"
965 "01234567890123456789012345678901234567890123456789012345",
966 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
969 "012345678901234567890123456789012345678901234567890123456",
970 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
975 static int test_set_get_raw_keys_int(int tst
, int pub
)
978 unsigned char buf
[80];
980 size_t inlen
, len
= 0;
983 /* Check if this algorithm supports public keys */
984 if (keys
[tst
].pub
== NULL
)
987 memset(buf
, 0, sizeof(buf
));
990 inlen
= strlen(keys
[tst
].pub
);
991 in
= (unsigned char *)keys
[tst
].pub
;
992 pkey
= EVP_PKEY_new_raw_public_key(keys
[tst
].type
,
997 inlen
= strlen(keys
[tst
].priv
);
998 in
= (unsigned char *)keys
[tst
].priv
;
999 pkey
= EVP_PKEY_new_raw_private_key(keys
[tst
].type
,
1006 || (!pub
&& !TEST_true(EVP_PKEY_get_raw_private_key(pkey
, NULL
, &len
)))
1007 || (pub
&& !TEST_true(EVP_PKEY_get_raw_public_key(pkey
, NULL
, &len
)))
1008 || !TEST_true(len
== inlen
)
1009 || (!pub
&& !TEST_true(EVP_PKEY_get_raw_private_key(pkey
, buf
, &len
)))
1010 || (pub
&& !TEST_true(EVP_PKEY_get_raw_public_key(pkey
, buf
, &len
)))
1011 || !TEST_mem_eq(in
, inlen
, buf
, len
))
1016 EVP_PKEY_free(pkey
);
1020 static int test_set_get_raw_keys(int tst
)
1022 return test_set_get_raw_keys_int(tst
, 0)
1023 && test_set_get_raw_keys_int(tst
, 1);
1026 static int pkey_custom_check(EVP_PKEY
*pkey
)
1031 static int pkey_custom_pub_check(EVP_PKEY
*pkey
)
1036 static int pkey_custom_param_check(EVP_PKEY
*pkey
)
1041 static EVP_PKEY_METHOD
*custom_pmeth
;
1043 static int test_EVP_PKEY_check(int i
)
1046 const unsigned char *p
;
1047 EVP_PKEY
*pkey
= NULL
;
1048 #ifndef OPENSSL_NO_EC
1049 EC_KEY
*eckey
= NULL
;
1051 EVP_PKEY_CTX
*ctx
= NULL
;
1052 EVP_PKEY_CTX
*ctx2
= NULL
;
1053 const APK_DATA
*ak
= &keycheckdata
[i
];
1054 const unsigned char *input
= ak
->kder
;
1055 size_t input_len
= ak
->size
;
1056 int expected_id
= ak
->evptype
;
1057 int expected_check
= ak
->check
;
1058 int expected_pub_check
= ak
->pub_check
;
1059 int expected_param_check
= ak
->param_check
;
1060 int type
= ak
->type
;
1067 if (!TEST_ptr(pkey
= d2i_AutoPrivateKey(NULL
, &p
, input_len
))
1068 || !TEST_ptr_eq(p
, input
+ input_len
)
1069 || !TEST_int_eq(EVP_PKEY_id(pkey
), expected_id
))
1072 #ifndef OPENSSL_NO_EC
1074 if (!TEST_ptr(pubkey
= BIO_new_mem_buf(input
, input_len
))
1075 || !TEST_ptr(eckey
= d2i_EC_PUBKEY_bio(pubkey
, NULL
))
1076 || !TEST_ptr(pkey
= EVP_PKEY_new())
1077 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey
, eckey
)))
1081 if (!TEST_ptr(eckey
= d2i_ECParameters(NULL
, &p
, input_len
))
1082 || !TEST_ptr_eq(p
, input
+ input_len
)
1083 || !TEST_ptr(pkey
= EVP_PKEY_new())
1084 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey
, eckey
)))
1092 if (!TEST_ptr(ctx
= EVP_PKEY_CTX_new(pkey
, NULL
)))
1095 if (!TEST_int_eq(EVP_PKEY_check(ctx
), expected_check
))
1098 if (!TEST_int_eq(EVP_PKEY_public_check(ctx
), expected_pub_check
))
1101 if (!TEST_int_eq(EVP_PKEY_param_check(ctx
), expected_param_check
))
1104 ctx2
= EVP_PKEY_CTX_new_id(0xdefaced, NULL
);
1105 /* assign the pkey directly, as an internal test */
1106 EVP_PKEY_up_ref(pkey
);
1109 if (!TEST_int_eq(EVP_PKEY_check(ctx2
), 0xbeef))
1112 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2
), 0xbeef))
1115 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2
), 0xbeef))
1121 EVP_PKEY_CTX_free(ctx
);
1122 EVP_PKEY_CTX_free(ctx2
);
1123 EVP_PKEY_free(pkey
);
1128 static int test_HKDF(void)
1131 unsigned char out
[20];
1134 unsigned char salt
[] = "0123456789";
1135 unsigned char key
[] = "012345678901234567890123456789";
1136 unsigned char info
[] = "infostring";
1137 const unsigned char expected
[] = {
1138 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1139 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1141 size_t expectedlen
= sizeof(expected
);
1143 if (!TEST_ptr(pctx
= EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF
, NULL
)))
1146 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1147 for (i
= 0; i
< 2; i
++) {
1148 outlen
= sizeof(out
);
1149 memset(out
, 0, outlen
);
1151 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx
), 0)
1152 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx
, EVP_sha256()), 0)
1153 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx
, salt
,
1154 sizeof(salt
) - 1), 0)
1155 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx
, key
,
1156 sizeof(key
) - 1), 0)
1157 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx
, info
,
1158 sizeof(info
) - 1), 0)
1159 || !TEST_int_gt(EVP_PKEY_derive(pctx
, out
, &outlen
), 0)
1160 || !TEST_mem_eq(out
, outlen
, expected
, expectedlen
))
1167 EVP_PKEY_CTX_free(pctx
);
1172 #ifndef OPENSSL_NO_EC
1173 static int test_X509_PUBKEY_inplace(void)
1176 X509_PUBKEY
*xp
= NULL
;
1177 const unsigned char *p
= kExampleECPubKeyDER
;
1178 size_t input_len
= sizeof(kExampleECPubKeyDER
);
1180 if (!TEST_ptr(xp
= d2i_X509_PUBKEY(NULL
, &p
, input_len
)))
1183 if (!TEST_ptr(X509_PUBKEY_get0(xp
)))
1186 p
= kExampleBadECPubKeyDER
;
1187 input_len
= sizeof(kExampleBadECPubKeyDER
);
1189 if (!TEST_ptr(xp
= d2i_X509_PUBKEY(&xp
, &p
, input_len
)))
1192 if (!TEST_true(X509_PUBKEY_get0(xp
) == NULL
))
1198 X509_PUBKEY_free(xp
);
1201 #endif /* OPENSSL_NO_EC */
1203 #ifndef OPENSSL_NO_DSA
1204 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1205 static int test_EVP_PKEY_CTX_get_set_params(void)
1207 EVP_MD_CTX
*mdctx
= NULL
;
1208 EVP_PKEY_CTX
*ctx
= NULL
;
1209 EVP_SIGNATURE
*dsaimpl
= NULL
;
1210 const OSSL_PARAM
*params
;
1211 OSSL_PARAM ourparams
[2], *param
= ourparams
;
1213 BIGNUM
*p
= NULL
, *q
= NULL
, *g
= NULL
, *pub
= NULL
, *priv
= NULL
;
1214 EVP_PKEY
*pkey
= NULL
;
1217 size_t mdsize
= SHA512_DIGEST_LENGTH
;
1221 * Setup the parameters for our DSA object. For our purposes they don't
1222 * have to actually be *valid* parameters. We just need to set something.
1235 || !DSA_set0_pqg(dsa
, p
, q
, g
)
1236 || !DSA_set0_key(dsa
, pub
, priv
))
1238 p
= q
= g
= pub
= priv
= NULL
;
1240 pkey
= EVP_PKEY_new();
1242 || !TEST_true(EVP_PKEY_assign_DSA(pkey
, dsa
)))
1247 /* Initialise a sign operation */
1248 ctx
= EVP_PKEY_CTX_new(pkey
, NULL
);
1250 || !TEST_int_gt(EVP_PKEY_sign_init(ctx
), 0))
1254 * We should be able to query the parameters now. The default DSA
1255 * implementation supports exactly one parameter - so we expect to see that
1256 * returned and no more.
1258 params
= EVP_PKEY_CTX_settable_params(ctx
);
1259 if (!TEST_ptr(params
)
1260 || !TEST_int_eq(strcmp(params
[0].key
,
1261 OSSL_SIGNATURE_PARAM_DIGEST_SIZE
), 0)
1262 || !TEST_int_eq(strcmp(params
[1].key
, OSSL_SIGNATURE_PARAM_DIGEST
),
1264 /* The final key should be NULL */
1265 || !TEST_ptr_null(params
[2].key
))
1268 /* Gettable params are the same as the settable ones */
1269 params
= EVP_PKEY_CTX_gettable_params(ctx
);
1270 if (!TEST_ptr(params
)
1271 || !TEST_int_eq(strcmp(params
[0].key
,
1272 OSSL_SIGNATURE_PARAM_DIGEST_SIZE
), 0)
1273 || !TEST_int_eq(strcmp(params
[1].key
, OSSL_SIGNATURE_PARAM_DIGEST
),
1275 /* The final key should be NULL */
1276 || !TEST_ptr_null(params
[2].key
))
1280 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1281 * EVP_PKEY_CTX_get_params()
1283 *param
++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE
,
1285 *param
++ = OSSL_PARAM_construct_end();
1287 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx
, ourparams
)))
1291 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx
, ourparams
))
1292 || !TEST_size_t_eq(mdsize
, SHA512_DIGEST_LENGTH
))
1296 * Test the TEST_PKEY_CTX_set_signature_md() and
1297 * TEST_PKEY_CTX_get_signature_md() functions
1299 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx
, EVP_sha256()), 0)
1300 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx
, &md
), 0)
1301 || !TEST_ptr_eq(md
, EVP_sha256()))
1305 * Test getting MD parameters via an associated EVP_PKEY_CTX
1307 mdctx
= EVP_MD_CTX_new();
1308 if (!TEST_ptr(mdctx
)
1309 || !TEST_true(EVP_DigestSignInit_ex(mdctx
, NULL
, "SHA1", NULL
, pkey
)))
1313 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1314 * able to obtain the digest's settable parameters from the provider.
1316 params
= EVP_MD_CTX_settable_params(mdctx
);
1317 if (!TEST_ptr(params
)
1318 || !TEST_int_eq(strcmp(params
[0].key
, OSSL_DIGEST_PARAM_SSL3_MS
), 0)
1319 /* The final key should be NULL */
1320 || !TEST_ptr_null(params
[1].key
))
1324 memset(ssl3ms
, 0, sizeof(ssl3ms
));
1325 *param
++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS
,
1326 ssl3ms
, sizeof(ssl3ms
));
1327 *param
++ = OSSL_PARAM_construct_end();
1329 if (!TEST_true(EVP_MD_CTX_set_params(mdctx
, ourparams
)))
1335 EVP_MD_CTX_free(mdctx
);
1336 EVP_PKEY_CTX_free(ctx
);
1337 EVP_SIGNATURE_free(dsaimpl
);
1338 EVP_PKEY_free(pkey
);
1350 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1351 static int test_decrypt_null_chunks(void)
1353 EVP_CIPHER_CTX
* ctx
= NULL
;
1354 const unsigned char key
[32] = {
1355 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1356 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1357 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1359 unsigned char iv
[12] = {
1360 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1362 unsigned char msg
[] = "It was the best of times, it was the worst of times";
1363 unsigned char ciphertext
[80];
1364 unsigned char plaintext
[80];
1365 /* We initialise tmp to a non zero value on purpose */
1366 int ctlen
, ptlen
, tmp
= 99;
1368 const int enc_offset
= 10, dec_offset
= 20;
1370 if (!TEST_ptr(ctx
= EVP_CIPHER_CTX_new())
1371 || !TEST_true(EVP_EncryptInit_ex(ctx
, EVP_chacha20_poly1305(), NULL
,
1373 || !TEST_true(EVP_EncryptUpdate(ctx
, ciphertext
, &ctlen
, msg
,
1375 /* Deliberate add a zero length update */
1376 || !TEST_true(EVP_EncryptUpdate(ctx
, ciphertext
+ ctlen
, &tmp
, NULL
,
1378 || !TEST_int_eq(tmp
, 0)
1379 || !TEST_true(EVP_EncryptUpdate(ctx
, ciphertext
+ ctlen
, &tmp
,
1381 sizeof(msg
) - enc_offset
))
1382 || !TEST_int_eq(ctlen
+= tmp
, sizeof(msg
))
1383 || !TEST_true(EVP_EncryptFinal(ctx
, ciphertext
+ ctlen
, &tmp
))
1384 || !TEST_int_eq(tmp
, 0))
1387 /* Deliberately initialise tmp to a non zero value */
1389 if (!TEST_true(EVP_DecryptInit_ex(ctx
, EVP_chacha20_poly1305(), NULL
, key
,
1391 || !TEST_true(EVP_DecryptUpdate(ctx
, plaintext
, &ptlen
, ciphertext
,
1394 * Deliberately add a zero length update. We also deliberately do
1395 * this at a different offset than for encryption.
1397 || !TEST_true(EVP_DecryptUpdate(ctx
, plaintext
+ ptlen
, &tmp
, NULL
,
1399 || !TEST_int_eq(tmp
, 0)
1400 || !TEST_true(EVP_DecryptUpdate(ctx
, plaintext
+ ptlen
, &tmp
,
1401 ciphertext
+ dec_offset
,
1402 ctlen
- dec_offset
))
1403 || !TEST_int_eq(ptlen
+= tmp
, sizeof(msg
))
1404 || !TEST_true(EVP_DecryptFinal(ctx
, plaintext
+ ptlen
, &tmp
))
1405 || !TEST_int_eq(tmp
, 0)
1406 || !TEST_mem_eq(msg
, sizeof(msg
), plaintext
, ptlen
))
1411 EVP_CIPHER_CTX_free(ctx
);
1414 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1416 static int test_EVP_PKEY_set1_DH(void)
1418 DH
*x942dh
, *pkcs3dh
;
1419 EVP_PKEY
*pkey1
, *pkey2
;
1422 x942dh
= DH_get_2048_256();
1423 pkcs3dh
= DH_new_by_nid(NID_ffdhe2048
);
1424 pkey1
= EVP_PKEY_new();
1425 pkey2
= EVP_PKEY_new();
1426 if (!TEST_ptr(x942dh
)
1427 || !TEST_ptr(pkcs3dh
)
1429 || !TEST_ptr(pkey2
))
1432 if(!TEST_true(EVP_PKEY_set1_DH(pkey1
, x942dh
))
1433 || !TEST_int_eq(EVP_PKEY_id(pkey1
), EVP_PKEY_DHX
))
1437 if(!TEST_true(EVP_PKEY_set1_DH(pkey2
, pkcs3dh
))
1438 || !TEST_int_eq(EVP_PKEY_id(pkey2
), EVP_PKEY_DH
))
1443 EVP_PKEY_free(pkey1
);
1444 EVP_PKEY_free(pkey2
);
1451 int setup_tests(void)
1453 ADD_ALL_TESTS(test_EVP_DigestSignInit
, 4);
1454 ADD_TEST(test_EVP_DigestVerifyInit
);
1455 ADD_TEST(test_EVP_Enveloped
);
1456 ADD_ALL_TESTS(test_d2i_AutoPrivateKey
, OSSL_NELEM(keydata
));
1457 #ifndef OPENSSL_NO_EC
1458 ADD_TEST(test_EVP_PKCS82PKEY
);
1460 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
1461 ADD_TEST(test_EVP_SM2
);
1462 ADD_TEST(test_EVP_SM2_verify
);
1464 ADD_ALL_TESTS(test_set_get_raw_keys
, OSSL_NELEM(keys
));
1465 custom_pmeth
= EVP_PKEY_meth_new(0xdefaced, 0);
1466 if (!TEST_ptr(custom_pmeth
))
1468 EVP_PKEY_meth_set_check(custom_pmeth
, pkey_custom_check
);
1469 EVP_PKEY_meth_set_public_check(custom_pmeth
, pkey_custom_pub_check
);
1470 EVP_PKEY_meth_set_param_check(custom_pmeth
, pkey_custom_param_check
);
1471 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth
), 1))
1473 ADD_ALL_TESTS(test_EVP_PKEY_check
, OSSL_NELEM(keycheckdata
));
1474 ADD_TEST(test_HKDF
);
1475 #ifndef OPENSSL_NO_EC
1476 ADD_TEST(test_X509_PUBKEY_inplace
);
1477 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode
,
1478 OSSL_NELEM(ec_der_pub_keys
));
1480 #ifndef OPENSSL_NO_DSA
1481 ADD_TEST(test_EVP_PKEY_CTX_get_set_params
);
1483 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1484 ADD_TEST(test_decrypt_null_chunks
);
1486 ADD_TEST(test_EVP_PKEY_set1_DH
);