]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Test that EVP_PKEY_set1_DH() correctly identifies the DH type
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <openssl/bio.h>
14 #include <openssl/conf.h>
15 #include <openssl/crypto.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/rsa.h>
19 #include <openssl/x509.h>
20 #include <openssl/pem.h>
21 #include <openssl/kdf.h>
22 #include <openssl/provider.h>
23 #include <openssl/core_names.h>
24 #include <openssl/dsa.h>
25 #include <openssl/dh.h>
26 #include "testutil.h"
27 #include "internal/nelem.h"
28 #include "crypto/evp.h"
29
30 /*
31 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
32 * should never use this key anywhere but in an example.
33 */
34 static const unsigned char kExampleRSAKeyDER[] = {
35 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
36 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
37 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
38 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
39 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
40 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
41 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
42 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
43 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
44 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
45 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
46 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
47 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
48 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
49 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
50 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
51 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
52 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
53 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
54 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
55 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
56 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
57 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
58 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
59 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
60 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
61 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
62 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
63 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
64 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
65 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
66 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
67 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
68 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
69 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
70 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
71 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
72 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
73 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
74 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
75 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
76 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
77 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
78 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
79 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
80 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
81 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
82 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
83 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
84 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
85 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
86 };
87
88 /*
89 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
90 * should never use this key anywhere but in an example.
91 */
92 #ifndef OPENSSL_NO_DSA
93 static const unsigned char kExampleDSAKeyDER[] = {
94 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
95 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
96 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
97 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
98 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
99 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
100 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
101 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
102 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
103 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
104 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
105 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
106 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
107 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
108 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
109 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
110 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
111 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
112 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
113 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
114 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
115 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
116 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
117 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
118 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
119 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
120 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
121 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
122 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
123 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
124 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
125 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
126 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
127 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
128 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
129 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
130 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
131 0x40, 0x48
132 };
133 #endif
134
135 /*
136 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
137 * components are not correct.
138 */
139 static const unsigned char kExampleBadRSAKeyDER[] = {
140 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
141 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
142 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
143 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
144 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
145 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
146 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
147 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
148 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
149 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
150 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
151 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
152 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
153 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
154 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
155 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
156 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
157 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
158 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
159 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
160 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
161 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
162 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
163 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
164 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
165 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
166 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
167 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
168 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
169 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
170 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
171 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
172 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
173 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
174 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
175 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
176 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
177 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
178 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
179 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
180 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
181 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
182 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
183 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
184 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
185 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
186 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
187 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
188 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
189 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
190 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
191 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
192 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
193 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
194 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
195 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
196 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
197 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
198 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
199 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
200 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
201 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
202 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
203 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
204 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
205 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
206 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
207 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
208 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
209 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
210 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
211 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
212 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
213 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
214 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
215 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
216 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
217 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
218 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
219 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
220 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
221 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
222 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
223 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
224 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
225 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
226 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
227 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
228 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
229 };
230
231 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
232
233 static const unsigned char kSignature[] = {
234 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
235 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
236 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
237 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
238 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
239 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
240 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
241 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
242 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
243 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
244 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
245 };
246
247 /*
248 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
249 * PrivateKeyInfo.
250 */
251 static const unsigned char kExampleRSAKeyPKCS8[] = {
252 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
253 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
254 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
255 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
256 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
257 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
258 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
259 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
260 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
261 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
262 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
263 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
264 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
265 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
266 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
267 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
268 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
269 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
270 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
271 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
272 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
273 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
274 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
275 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
276 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
277 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
278 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
279 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
280 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
281 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
282 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
283 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
284 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
285 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
286 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
287 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
288 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
289 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
290 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
291 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
292 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
293 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
294 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
295 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
296 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
297 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
298 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
299 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
300 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
301 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
302 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
303 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
304 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
305 };
306
307 #ifndef OPENSSL_NO_EC
308 /*
309 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
310 * structure.
311 */
312 static const unsigned char kExampleECKeyDER[] = {
313 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
314 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
315 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
316 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
317 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
318 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
319 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
320 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
321 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
322 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
323 0xc1,
324 };
325
326 /*
327 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
328 * structure. The private key is equal to the order and will fail to import
329 */
330 static const unsigned char kExampleBadECKeyDER[] = {
331 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
332 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
333 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
334 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
335 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
336 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
337 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
338 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
339 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
340 };
341
342 /* prime256v1 */
343 static const unsigned char kExampleECPubKeyDER[] = {
344 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
345 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
346 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
347 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
348 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
349 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
350 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
351 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
352 };
353
354 /*
355 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
356 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
357 */
358 static const unsigned char kExampleBadECPubKeyDER[] = {
359 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
360 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
361 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
362 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
363 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
364 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
365 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
366 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
367 };
368
369 static const unsigned char pExampleECParamDER[] = {
370 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
371 };
372 #endif
373
374 typedef struct APK_DATA_st {
375 const unsigned char *kder;
376 size_t size;
377 int evptype;
378 int check;
379 int pub_check;
380 int param_check;
381 int type; /* 0 for private, 1 for public, 2 for params */
382 } APK_DATA;
383
384 static APK_DATA keydata[] = {
385 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
386 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
387 #ifndef OPENSSL_NO_EC
388 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
389 #endif
390 };
391
392 static APK_DATA keycheckdata[] = {
393 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
394 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
395 0, -2, -2, 0},
396 #ifndef OPENSSL_NO_EC
397 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
398 /* group is also associated in our pub key */
399 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
400 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
401 #endif
402 };
403
404 static EVP_PKEY *load_example_rsa_key(void)
405 {
406 EVP_PKEY *ret = NULL;
407 const unsigned char *derp = kExampleRSAKeyDER;
408 EVP_PKEY *pkey = NULL;
409 RSA *rsa = NULL;
410
411 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
412 return NULL;
413
414 if (!TEST_ptr(pkey = EVP_PKEY_new())
415 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
416 goto end;
417
418 ret = pkey;
419 pkey = NULL;
420
421 end:
422 EVP_PKEY_free(pkey);
423 RSA_free(rsa);
424
425 return ret;
426 }
427
428 #ifndef OPENSSL_NO_DSA
429 static EVP_PKEY *load_example_dsa_key(void)
430 {
431 EVP_PKEY *ret = NULL;
432 const unsigned char *derp = kExampleDSAKeyDER;
433 EVP_PKEY *pkey = NULL;
434 DSA *dsa = NULL;
435
436 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
437 return NULL;
438
439 if (!TEST_ptr(pkey = EVP_PKEY_new())
440 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
441 goto end;
442
443 ret = pkey;
444 pkey = NULL;
445
446 end:
447 EVP_PKEY_free(pkey);
448 DSA_free(dsa);
449
450 return ret;
451 }
452 #endif
453
454 static int test_EVP_Enveloped(void)
455 {
456 int ret = 0;
457 EVP_CIPHER_CTX *ctx = NULL;
458 EVP_PKEY *keypair = NULL;
459 unsigned char *kek = NULL;
460 unsigned char iv[EVP_MAX_IV_LENGTH];
461 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
462 int len, kek_len, ciphertext_len, plaintext_len;
463 unsigned char ciphertext[32], plaintext[16];
464 const EVP_CIPHER *type = EVP_aes_256_cbc();
465
466 if (!TEST_ptr(keypair = load_example_rsa_key())
467 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
468 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
469 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
470 &keypair, 1))
471 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
472 msg, sizeof(msg)))
473 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
474 &len)))
475 goto err;
476
477 ciphertext_len += len;
478
479 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
480 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
481 ciphertext, ciphertext_len))
482 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
483 goto err;
484
485 plaintext_len += len;
486 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
487 goto err;
488
489 ret = 1;
490 err:
491 OPENSSL_free(kek);
492 EVP_PKEY_free(keypair);
493 EVP_CIPHER_CTX_free(ctx);
494 return ret;
495 }
496
497 /*
498 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA)
499 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA)
500 * Test 2: Use an MD BIO to do the Update calls instead (RSA)
501 * Test 3: Use an MD BIO to do the Update calls instead (DSA)
502 */
503 static int test_EVP_DigestSignInit(int tst)
504 {
505 int ret = 0;
506 EVP_PKEY *pkey = NULL;
507 unsigned char *sig = NULL;
508 size_t sig_len = 0;
509 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
510 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
511 BIO *mdbio = NULL, *membio = NULL;
512 size_t written;
513
514 if (tst >= 2) {
515 membio = BIO_new(BIO_s_mem());
516 mdbio = BIO_new(BIO_f_md());
517 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
518 goto out;
519 BIO_push(mdbio, membio);
520 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
521 goto out;
522 } else {
523 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
524 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
525 goto out;
526 }
527
528 if (tst == 0 || tst == 2) {
529 if (!TEST_ptr(pkey = load_example_rsa_key()))
530 goto out;
531 } else {
532 #ifndef OPENSSL_NO_DSA
533 if (!TEST_ptr(pkey = load_example_dsa_key()))
534 goto out;
535 #else
536 ret = 1;
537 goto out;
538 #endif
539 }
540
541 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)))
542 goto out;
543
544 if (tst >= 2) {
545 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
546 goto out;
547 } else {
548 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
549 goto out;
550 }
551
552 /* Determine the size of the signature. */
553 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
554 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
555 goto out;
556
557 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
558 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
559 goto out;
560
561 if (tst >= 2) {
562 if (!TEST_int_gt(BIO_reset(mdbio), 0)
563 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
564 goto out;
565 }
566
567 /* Ensure that the signature round-trips. */
568 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
569 NULL, pkey)))
570 goto out;
571
572 if (tst >= 2) {
573 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
574 goto out;
575 } else {
576 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
577 sizeof(kMsg))))
578 goto out;
579 }
580 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
581 goto out;
582
583 ret = 1;
584
585 out:
586 BIO_free(membio);
587 BIO_free(mdbio);
588 EVP_MD_CTX_free(a_md_ctx);
589 EVP_MD_CTX_free(a_md_ctx_verify);
590 EVP_PKEY_free(pkey);
591 OPENSSL_free(sig);
592
593 return ret;
594 }
595
596 static int test_EVP_DigestVerifyInit(void)
597 {
598 int ret = 0;
599 EVP_PKEY *pkey = NULL;
600 EVP_MD_CTX *md_ctx = NULL;
601
602 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
603 || !TEST_ptr(pkey = load_example_rsa_key()))
604 goto out;
605
606 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
607 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
608 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
609 sizeof(kSignature))))
610 goto out;
611 ret = 1;
612
613 out:
614 EVP_MD_CTX_free(md_ctx);
615 EVP_PKEY_free(pkey);
616 return ret;
617 }
618
619 static int test_d2i_AutoPrivateKey(int i)
620 {
621 int ret = 0;
622 const unsigned char *p;
623 EVP_PKEY *pkey = NULL;
624 const APK_DATA *ak = &keydata[i];
625 const unsigned char *input = ak->kder;
626 size_t input_len = ak->size;
627 int expected_id = ak->evptype;
628
629 p = input;
630 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
631 || !TEST_ptr_eq(p, input + input_len)
632 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
633 goto done;
634
635 ret = 1;
636
637 done:
638 EVP_PKEY_free(pkey);
639 return ret;
640 }
641
642 #ifndef OPENSSL_NO_EC
643
644 static const unsigned char ec_public_sect163k1_validxy[] = {
645 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
646 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
647 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
648 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
649 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
650 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
651 };
652
653 static const unsigned char ec_public_sect163k1_badx[] = {
654 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
655 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
656 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
657 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
658 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
659 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
660 };
661
662 static const unsigned char ec_public_sect163k1_bady[] = {
663 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
664 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
665 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
666 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
667 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
668 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
669 };
670
671 static struct ec_der_pub_keys_st {
672 const unsigned char *der;
673 size_t len;
674 int valid;
675 } ec_der_pub_keys[] = {
676 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
677 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
678 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
679 };
680
681 /*
682 * Tests the range of the decoded EC char2 public point.
683 * See ec_GF2m_simple_oct2point().
684 */
685 static int test_invalide_ec_char2_pub_range_decode(int id)
686 {
687 int ret = 0;
688 BIO *bio = NULL;
689 EC_KEY *eckey = NULL;
690
691 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
692 ec_der_pub_keys[id].len)))
693 goto err;
694 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
695 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
696 || TEST_ptr_null(eckey);
697 err:
698 EC_KEY_free(eckey);
699 BIO_free(bio);
700 return ret;
701 }
702
703 /* Tests loading a bad key in PKCS8 format */
704 static int test_EVP_PKCS82PKEY(void)
705 {
706 int ret = 0;
707 const unsigned char *derp = kExampleBadECKeyDER;
708 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
709 EVP_PKEY *pkey = NULL;
710
711 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
712 sizeof(kExampleBadECKeyDER))))
713 goto done;
714
715 if (!TEST_ptr_eq(derp,
716 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
717 goto done;
718
719 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
720 goto done;
721
722 ret = 1;
723
724 done:
725 PKCS8_PRIV_KEY_INFO_free(p8inf);
726 EVP_PKEY_free(pkey);
727
728 return ret;
729 }
730 #endif
731
732 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
733
734 static int test_EVP_SM2_verify(void)
735 {
736 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
737 const char *pubkey =
738 "-----BEGIN PUBLIC KEY-----\n"
739 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
740 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
741 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
742 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
743 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
744 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
745 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
746 "-----END PUBLIC KEY-----\n";
747
748 const char *msg = "message digest";
749 const char *id = "ALICE123@YAHOO.COM";
750
751 const uint8_t signature[] = {
752 0x30, 0x44, 0x02, 0x20,
753
754 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
755 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
756 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
757
758 0x02, 0x20,
759
760 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
761 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
762 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
763 };
764
765 int rc = 0;
766 BIO *bio = NULL;
767 EVP_PKEY *pkey = NULL;
768 EVP_MD_CTX *mctx = NULL;
769 EVP_PKEY_CTX *pctx = NULL;
770
771 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
772 if (!TEST_true(bio != NULL))
773 goto done;
774
775 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
776 if (!TEST_true(pkey != NULL))
777 goto done;
778
779 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
780 goto done;
781
782 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
783 goto done;
784
785 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
786 goto done;
787
788 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
789 strlen(id)), 0))
790 goto done;
791
792 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
793
794 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
795 goto done;
796
797 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
798 goto done;
799
800 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
801 goto done;
802 rc = 1;
803
804 done:
805 BIO_free(bio);
806 EVP_PKEY_free(pkey);
807 EVP_PKEY_CTX_free(pctx);
808 EVP_MD_CTX_free(mctx);
809 return rc;
810 }
811
812 static int test_EVP_SM2(void)
813 {
814 int ret = 0;
815 EVP_PKEY *pkey = NULL;
816 EVP_PKEY *params = NULL;
817 EVP_PKEY_CTX *pctx = NULL;
818 EVP_PKEY_CTX *kctx = NULL;
819 EVP_PKEY_CTX *sctx = NULL;
820 size_t sig_len = 0;
821 unsigned char *sig = NULL;
822 EVP_MD_CTX *md_ctx = NULL;
823 EVP_MD_CTX *md_ctx_verify = NULL;
824 EVP_PKEY_CTX *cctx = NULL;
825
826 uint8_t ciphertext[128];
827 size_t ctext_len = sizeof(ciphertext);
828
829 uint8_t plaintext[8];
830 size_t ptext_len = sizeof(plaintext);
831
832 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
833
834 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
835 if (!TEST_ptr(pctx))
836 goto done;
837
838 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
839 goto done;
840
841 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
842 goto done;
843
844 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
845 goto done;
846
847 kctx = EVP_PKEY_CTX_new(params, NULL);
848 if (!TEST_ptr(kctx))
849 goto done;
850
851 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
852 goto done;
853
854 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
855 goto done;
856
857 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
858 goto done;
859
860 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
861 goto done;
862
863 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
864 goto done;
865
866 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
867 goto done;
868
869 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
870 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
871
872 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
873 goto done;
874
875 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
876 goto done;
877
878 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
879 goto done;
880
881 /* Determine the size of the signature. */
882 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
883 goto done;
884
885 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
886 goto done;
887
888 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
889 goto done;
890
891 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
892 goto done;
893
894 /* Ensure that the signature round-trips. */
895
896 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
897 goto done;
898
899 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
900 goto done;
901
902 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
903 goto done;
904
905 /* now check encryption/decryption */
906
907 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
908 goto done;
909
910 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
911 goto done;
912
913 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
914 goto done;
915
916 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
917 goto done;
918
919 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
920 goto done;
921
922 if (!TEST_true(ptext_len == sizeof(kMsg)))
923 goto done;
924
925 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
926 goto done;
927
928 ret = 1;
929 done:
930 EVP_PKEY_CTX_free(pctx);
931 EVP_PKEY_CTX_free(kctx);
932 EVP_PKEY_CTX_free(sctx);
933 EVP_PKEY_CTX_free(cctx);
934 EVP_PKEY_free(pkey);
935 EVP_PKEY_free(params);
936 EVP_MD_CTX_free(md_ctx);
937 EVP_MD_CTX_free(md_ctx_verify);
938 OPENSSL_free(sig);
939 return ret;
940 }
941
942 #endif
943
944 static struct keys_st {
945 int type;
946 char *priv;
947 char *pub;
948 } keys[] = {
949 {
950 EVP_PKEY_HMAC, "0123456789", NULL
951 }, {
952 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
953 }, {
954 EVP_PKEY_SIPHASH, "0123456789012345", NULL
955 },
956 #ifndef OPENSSL_NO_EC
957 {
958 EVP_PKEY_X25519, "01234567890123456789012345678901",
959 "abcdefghijklmnopqrstuvwxyzabcdef"
960 }, {
961 EVP_PKEY_ED25519, "01234567890123456789012345678901",
962 "abcdefghijklmnopqrstuvwxyzabcdef"
963 }, {
964 EVP_PKEY_X448,
965 "01234567890123456789012345678901234567890123456789012345",
966 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
967 }, {
968 EVP_PKEY_ED448,
969 "012345678901234567890123456789012345678901234567890123456",
970 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
971 }
972 #endif
973 };
974
975 static int test_set_get_raw_keys_int(int tst, int pub)
976 {
977 int ret = 0;
978 unsigned char buf[80];
979 unsigned char *in;
980 size_t inlen, len = 0;
981 EVP_PKEY *pkey;
982
983 /* Check if this algorithm supports public keys */
984 if (keys[tst].pub == NULL)
985 return 1;
986
987 memset(buf, 0, sizeof(buf));
988
989 if (pub) {
990 inlen = strlen(keys[tst].pub);
991 in = (unsigned char *)keys[tst].pub;
992 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
993 NULL,
994 in,
995 inlen);
996 } else {
997 inlen = strlen(keys[tst].priv);
998 in = (unsigned char *)keys[tst].priv;
999 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1000 NULL,
1001 in,
1002 inlen);
1003 }
1004
1005 if (!TEST_ptr(pkey)
1006 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1007 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1008 || !TEST_true(len == inlen)
1009 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1010 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1011 || !TEST_mem_eq(in, inlen, buf, len))
1012 goto done;
1013
1014 ret = 1;
1015 done:
1016 EVP_PKEY_free(pkey);
1017 return ret;
1018 }
1019
1020 static int test_set_get_raw_keys(int tst)
1021 {
1022 return test_set_get_raw_keys_int(tst, 0)
1023 && test_set_get_raw_keys_int(tst, 1);
1024 }
1025
1026 static int pkey_custom_check(EVP_PKEY *pkey)
1027 {
1028 return 0xbeef;
1029 }
1030
1031 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1032 {
1033 return 0xbeef;
1034 }
1035
1036 static int pkey_custom_param_check(EVP_PKEY *pkey)
1037 {
1038 return 0xbeef;
1039 }
1040
1041 static EVP_PKEY_METHOD *custom_pmeth;
1042
1043 static int test_EVP_PKEY_check(int i)
1044 {
1045 int ret = 0;
1046 const unsigned char *p;
1047 EVP_PKEY *pkey = NULL;
1048 #ifndef OPENSSL_NO_EC
1049 EC_KEY *eckey = NULL;
1050 #endif
1051 EVP_PKEY_CTX *ctx = NULL;
1052 EVP_PKEY_CTX *ctx2 = NULL;
1053 const APK_DATA *ak = &keycheckdata[i];
1054 const unsigned char *input = ak->kder;
1055 size_t input_len = ak->size;
1056 int expected_id = ak->evptype;
1057 int expected_check = ak->check;
1058 int expected_pub_check = ak->pub_check;
1059 int expected_param_check = ak->param_check;
1060 int type = ak->type;
1061 BIO *pubkey = NULL;
1062
1063 p = input;
1064
1065 switch (type) {
1066 case 0:
1067 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1068 || !TEST_ptr_eq(p, input + input_len)
1069 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1070 goto done;
1071 break;
1072 #ifndef OPENSSL_NO_EC
1073 case 1:
1074 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1075 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1076 || !TEST_ptr(pkey = EVP_PKEY_new())
1077 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1078 goto done;
1079 break;
1080 case 2:
1081 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1082 || !TEST_ptr_eq(p, input + input_len)
1083 || !TEST_ptr(pkey = EVP_PKEY_new())
1084 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1085 goto done;
1086 break;
1087 #endif
1088 default:
1089 return 0;
1090 }
1091
1092 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1093 goto done;
1094
1095 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1096 goto done;
1097
1098 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1099 goto done;
1100
1101 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1102 goto done;
1103
1104 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1105 /* assign the pkey directly, as an internal test */
1106 EVP_PKEY_up_ref(pkey);
1107 ctx2->pkey = pkey;
1108
1109 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1110 goto done;
1111
1112 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1113 goto done;
1114
1115 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1116 goto done;
1117
1118 ret = 1;
1119
1120 done:
1121 EVP_PKEY_CTX_free(ctx);
1122 EVP_PKEY_CTX_free(ctx2);
1123 EVP_PKEY_free(pkey);
1124 BIO_free(pubkey);
1125 return ret;
1126 }
1127
1128 static int test_HKDF(void)
1129 {
1130 EVP_PKEY_CTX *pctx;
1131 unsigned char out[20];
1132 size_t outlen;
1133 int i, ret = 0;
1134 unsigned char salt[] = "0123456789";
1135 unsigned char key[] = "012345678901234567890123456789";
1136 unsigned char info[] = "infostring";
1137 const unsigned char expected[] = {
1138 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1139 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1140 };
1141 size_t expectedlen = sizeof(expected);
1142
1143 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1144 goto done;
1145
1146 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1147 for (i = 0; i < 2; i++) {
1148 outlen = sizeof(out);
1149 memset(out, 0, outlen);
1150
1151 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1152 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1153 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1154 sizeof(salt) - 1), 0)
1155 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1156 sizeof(key) - 1), 0)
1157 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1158 sizeof(info) - 1), 0)
1159 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1160 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1161 goto done;
1162 }
1163
1164 ret = 1;
1165
1166 done:
1167 EVP_PKEY_CTX_free(pctx);
1168
1169 return ret;
1170 }
1171
1172 #ifndef OPENSSL_NO_EC
1173 static int test_X509_PUBKEY_inplace(void)
1174 {
1175 int ret = 0;
1176 X509_PUBKEY *xp = NULL;
1177 const unsigned char *p = kExampleECPubKeyDER;
1178 size_t input_len = sizeof(kExampleECPubKeyDER);
1179
1180 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1181 goto done;
1182
1183 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1184 goto done;
1185
1186 p = kExampleBadECPubKeyDER;
1187 input_len = sizeof(kExampleBadECPubKeyDER);
1188
1189 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1190 goto done;
1191
1192 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1193 goto done;
1194
1195 ret = 1;
1196
1197 done:
1198 X509_PUBKEY_free(xp);
1199 return ret;
1200 }
1201 #endif /* OPENSSL_NO_EC */
1202
1203 #ifndef OPENSSL_NO_DSA
1204 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1205 static int test_EVP_PKEY_CTX_get_set_params(void)
1206 {
1207 EVP_MD_CTX *mdctx = NULL;
1208 EVP_PKEY_CTX *ctx = NULL;
1209 EVP_SIGNATURE *dsaimpl = NULL;
1210 const OSSL_PARAM *params;
1211 OSSL_PARAM ourparams[2], *param = ourparams;
1212 DSA *dsa = NULL;
1213 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1214 EVP_PKEY *pkey = NULL;
1215 int ret = 0;
1216 const EVP_MD *md;
1217 size_t mdsize = SHA512_DIGEST_LENGTH;
1218 char ssl3ms[48];
1219
1220 /*
1221 * Setup the parameters for our DSA object. For our purposes they don't
1222 * have to actually be *valid* parameters. We just need to set something.
1223 */
1224 dsa = DSA_new();
1225 p = BN_new();
1226 q = BN_new();
1227 g = BN_new();
1228 pub = BN_new();
1229 priv = BN_new();
1230 if (!TEST_ptr(dsa)
1231 || !TEST_ptr(p)
1232 || !TEST_ptr(q)
1233 || !TEST_ptr(g)
1234 || !TEST_ptr(pub)
1235 || !DSA_set0_pqg(dsa, p, q, g)
1236 || !DSA_set0_key(dsa, pub, priv))
1237 goto err;
1238 p = q = g = pub = priv = NULL;
1239
1240 pkey = EVP_PKEY_new();
1241 if (!TEST_ptr(pkey)
1242 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1243 goto err;
1244
1245 dsa = NULL;
1246
1247 /* Initialise a sign operation */
1248 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1249 if (!TEST_ptr(ctx)
1250 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1251 goto err;
1252
1253 /*
1254 * We should be able to query the parameters now. The default DSA
1255 * implementation supports exactly one parameter - so we expect to see that
1256 * returned and no more.
1257 */
1258 params = EVP_PKEY_CTX_settable_params(ctx);
1259 if (!TEST_ptr(params)
1260 || !TEST_int_eq(strcmp(params[0].key,
1261 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1262 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1263 0)
1264 /* The final key should be NULL */
1265 || !TEST_ptr_null(params[2].key))
1266 goto err;
1267
1268 /* Gettable params are the same as the settable ones */
1269 params = EVP_PKEY_CTX_gettable_params(ctx);
1270 if (!TEST_ptr(params)
1271 || !TEST_int_eq(strcmp(params[0].key,
1272 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1273 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1274 0)
1275 /* The final key should be NULL */
1276 || !TEST_ptr_null(params[2].key))
1277 goto err;
1278
1279 /*
1280 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1281 * EVP_PKEY_CTX_get_params()
1282 */
1283 *param++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE,
1284 &mdsize);
1285 *param++ = OSSL_PARAM_construct_end();
1286
1287 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1288 goto err;
1289
1290 mdsize = 0;
1291 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1292 || !TEST_size_t_eq(mdsize, SHA512_DIGEST_LENGTH))
1293 goto err;
1294
1295 /*
1296 * Test the TEST_PKEY_CTX_set_signature_md() and
1297 * TEST_PKEY_CTX_get_signature_md() functions
1298 */
1299 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1300 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1301 || !TEST_ptr_eq(md, EVP_sha256()))
1302 goto err;
1303
1304 /*
1305 * Test getting MD parameters via an associated EVP_PKEY_CTX
1306 */
1307 mdctx = EVP_MD_CTX_new();
1308 if (!TEST_ptr(mdctx)
1309 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey)))
1310 goto err;
1311
1312 /*
1313 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1314 * able to obtain the digest's settable parameters from the provider.
1315 */
1316 params = EVP_MD_CTX_settable_params(mdctx);
1317 if (!TEST_ptr(params)
1318 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1319 /* The final key should be NULL */
1320 || !TEST_ptr_null(params[1].key))
1321 goto err;
1322
1323 param = ourparams;
1324 memset(ssl3ms, 0, sizeof(ssl3ms));
1325 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1326 ssl3ms, sizeof(ssl3ms));
1327 *param++ = OSSL_PARAM_construct_end();
1328
1329 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1330 goto err;
1331
1332 ret = 1;
1333
1334 err:
1335 EVP_MD_CTX_free(mdctx);
1336 EVP_PKEY_CTX_free(ctx);
1337 EVP_SIGNATURE_free(dsaimpl);
1338 EVP_PKEY_free(pkey);
1339 DSA_free(dsa);
1340 BN_free(p);
1341 BN_free(q);
1342 BN_free(g);
1343 BN_free(pub);
1344 BN_free(priv);
1345
1346 return ret;
1347 }
1348 #endif
1349
1350 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1351 static int test_decrypt_null_chunks(void)
1352 {
1353 EVP_CIPHER_CTX* ctx = NULL;
1354 const unsigned char key[32] = {
1355 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1356 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1357 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1358 };
1359 unsigned char iv[12] = {
1360 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1361 };
1362 unsigned char msg[] = "It was the best of times, it was the worst of times";
1363 unsigned char ciphertext[80];
1364 unsigned char plaintext[80];
1365 /* We initialise tmp to a non zero value on purpose */
1366 int ctlen, ptlen, tmp = 99;
1367 int ret = 0;
1368 const int enc_offset = 10, dec_offset = 20;
1369
1370 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
1371 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
1372 key, iv))
1373 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
1374 enc_offset))
1375 /* Deliberate add a zero length update */
1376 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
1377 0))
1378 || !TEST_int_eq(tmp, 0)
1379 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
1380 msg + enc_offset,
1381 sizeof(msg) - enc_offset))
1382 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
1383 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
1384 || !TEST_int_eq(tmp, 0))
1385 goto err;
1386
1387 /* Deliberately initialise tmp to a non zero value */
1388 tmp = 99;
1389 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
1390 iv))
1391 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
1392 dec_offset))
1393 /*
1394 * Deliberately add a zero length update. We also deliberately do
1395 * this at a different offset than for encryption.
1396 */
1397 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
1398 0))
1399 || !TEST_int_eq(tmp, 0)
1400 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
1401 ciphertext + dec_offset,
1402 ctlen - dec_offset))
1403 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
1404 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
1405 || !TEST_int_eq(tmp, 0)
1406 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
1407 goto err;
1408
1409 ret = 1;
1410 err:
1411 EVP_CIPHER_CTX_free(ctx);
1412 return ret;
1413 }
1414 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1415
1416 static int test_EVP_PKEY_set1_DH(void)
1417 {
1418 DH *x942dh, *pkcs3dh;
1419 EVP_PKEY *pkey1, *pkey2;
1420 int ret = 0;
1421
1422 x942dh = DH_get_2048_256();
1423 pkcs3dh = DH_new_by_nid(NID_ffdhe2048);
1424 pkey1 = EVP_PKEY_new();
1425 pkey2 = EVP_PKEY_new();
1426 if (!TEST_ptr(x942dh)
1427 || !TEST_ptr(pkcs3dh)
1428 || !TEST_ptr(pkey1)
1429 || !TEST_ptr(pkey2))
1430 goto err;
1431
1432 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
1433 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
1434 goto err;
1435
1436
1437 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, pkcs3dh))
1438 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
1439 goto err;
1440
1441 ret = 1;
1442 err:
1443 EVP_PKEY_free(pkey1);
1444 EVP_PKEY_free(pkey2);
1445 DH_free(x942dh);
1446 DH_free(pkcs3dh);
1447
1448 return ret;
1449 }
1450
1451 int setup_tests(void)
1452 {
1453 ADD_ALL_TESTS(test_EVP_DigestSignInit, 4);
1454 ADD_TEST(test_EVP_DigestVerifyInit);
1455 ADD_TEST(test_EVP_Enveloped);
1456 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1457 #ifndef OPENSSL_NO_EC
1458 ADD_TEST(test_EVP_PKCS82PKEY);
1459 #endif
1460 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
1461 ADD_TEST(test_EVP_SM2);
1462 ADD_TEST(test_EVP_SM2_verify);
1463 #endif
1464 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1465 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1466 if (!TEST_ptr(custom_pmeth))
1467 return 0;
1468 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1469 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1470 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1471 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1472 return 0;
1473 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1474 ADD_TEST(test_HKDF);
1475 #ifndef OPENSSL_NO_EC
1476 ADD_TEST(test_X509_PUBKEY_inplace);
1477 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1478 OSSL_NELEM(ec_der_pub_keys));
1479 #endif
1480 #ifndef OPENSSL_NO_DSA
1481 ADD_TEST(test_EVP_PKEY_CTX_get_set_params);
1482 #endif
1483 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1484 ADD_TEST(test_decrypt_null_chunks);
1485 #endif
1486 ADD_TEST(test_EVP_PKEY_set1_DH);
1487
1488 return 1;
1489 }
A mirror of the official openssl repository