]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:


ce487049f39457141cd25f5c76c8eb295f2ea180
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <openssl/bio.h>
14 #include <openssl/conf.h>
15 #include <openssl/crypto.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/rsa.h>
19 #include <openssl/x509.h>
20 #include <openssl/pem.h>
21 #include <openssl/kdf.h>
22 #include <openssl/provider.h>
23 #include <openssl/core_names.h>
24 #include <openssl/dsa.h>
25 #include "testutil.h"
26 #include "internal/nelem.h"
27 #include "crypto/evp.h"
28
29 /*
30 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
31 * should never use this key anywhere but in an example.
32 */
33 static const unsigned char kExampleRSAKeyDER[] = {
34 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
35 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
36 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
37 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
38 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
39 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
40 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
41 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
42 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
43 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
44 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
45 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
46 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
47 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
48 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
49 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
50 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
51 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
52 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
53 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
54 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
55 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
56 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
57 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
58 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
59 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
60 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
61 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
62 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
63 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
64 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
65 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
66 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
67 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
68 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
69 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
70 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
71 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
72 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
73 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
74 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
75 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
76 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
77 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
78 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
79 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
80 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
81 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
82 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
83 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
84 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
85 };
86
87 /*
88 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
89 * should never use this key anywhere but in an example.
90 */
91 #ifndef OPENSSL_NO_DSA
92 static const unsigned char kExampleDSAKeyDER[] = {
93 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
94 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
95 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
96 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
97 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
98 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
99 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
100 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
101 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
102 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
103 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
104 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
105 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
106 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
107 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
108 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
109 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
110 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
111 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
112 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
113 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
114 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
115 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
116 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
117 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
118 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
119 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
120 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
121 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
122 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
123 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
124 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
125 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
126 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
127 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
128 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
129 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
130 0x40, 0x48
131 };
132 #endif
133
134 /*
135 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
136 * components are not correct.
137 */
138 static const unsigned char kExampleBadRSAKeyDER[] = {
139 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
140 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
141 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
142 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
143 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
144 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
145 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
146 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
147 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
148 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
149 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
150 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
151 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
152 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
153 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
154 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
155 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
156 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
157 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
158 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
159 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
160 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
161 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
162 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
163 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
164 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
165 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
166 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
167 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
168 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
169 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
170 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
171 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
172 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
173 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
174 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
175 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
176 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
177 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
178 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
179 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
180 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
181 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
182 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
183 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
184 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
185 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
186 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
187 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
188 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
189 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
190 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
191 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
192 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
193 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
194 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
195 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
196 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
197 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
198 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
199 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
200 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
201 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
202 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
203 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
204 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
205 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
206 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
207 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
208 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
209 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
210 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
211 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
212 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
213 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
214 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
215 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
216 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
217 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
218 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
219 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
220 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
221 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
222 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
223 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
224 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
225 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
226 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
227 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
228 };
229
230 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
231
232 static const unsigned char kSignature[] = {
233 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
234 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
235 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
236 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
237 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
238 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
239 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
240 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
241 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
242 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
243 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
244 };
245
246 /*
247 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
248 * PrivateKeyInfo.
249 */
250 static const unsigned char kExampleRSAKeyPKCS8[] = {
251 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
252 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
253 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
254 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
255 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
256 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
257 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
258 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
259 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
260 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
261 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
262 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
263 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
264 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
265 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
266 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
267 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
268 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
269 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
270 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
271 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
272 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
273 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
274 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
275 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
276 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
277 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
278 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
279 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
280 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
281 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
282 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
283 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
284 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
285 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
286 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
287 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
288 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
289 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
290 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
291 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
292 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
293 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
294 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
295 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
296 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
297 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
298 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
299 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
300 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
301 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
302 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
303 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
304 };
305
306 #ifndef OPENSSL_NO_EC
307 /*
308 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
309 * structure.
310 */
311 static const unsigned char kExampleECKeyDER[] = {
312 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
313 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
314 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
315 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
316 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
317 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
318 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
319 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
320 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
321 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
322 0xc1,
323 };
324
325 /*
326 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
327 * structure. The private key is equal to the order and will fail to import
328 */
329 static const unsigned char kExampleBadECKeyDER[] = {
330 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
331 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
332 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
333 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
334 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
335 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
336 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
337 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
338 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
339 };
340
341 /* prime256v1 */
342 static const unsigned char kExampleECPubKeyDER[] = {
343 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
344 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
345 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
346 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
347 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
348 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
349 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
350 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
351 };
352
353 /*
354 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
355 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
356 */
357 static const unsigned char kExampleBadECPubKeyDER[] = {
358 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
359 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
360 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
361 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
362 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
363 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
364 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
365 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
366 };
367
368 static const unsigned char pExampleECParamDER[] = {
369 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
370 };
371 #endif
372
373 typedef struct APK_DATA_st {
374 const unsigned char *kder;
375 size_t size;
376 int evptype;
377 int check;
378 int pub_check;
379 int param_check;
380 int type; /* 0 for private, 1 for public, 2 for params */
381 } APK_DATA;
382
383 static APK_DATA keydata[] = {
384 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
385 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
386 #ifndef OPENSSL_NO_EC
387 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
388 #endif
389 };
390
391 static APK_DATA keycheckdata[] = {
392 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
393 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
394 0, -2, -2, 0},
395 #ifndef OPENSSL_NO_EC
396 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
397 /* group is also associated in our pub key */
398 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
399 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
400 #endif
401 };
402
403 static EVP_PKEY *load_example_rsa_key(void)
404 {
405 EVP_PKEY *ret = NULL;
406 const unsigned char *derp = kExampleRSAKeyDER;
407 EVP_PKEY *pkey = NULL;
408 RSA *rsa = NULL;
409
410 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
411 return NULL;
412
413 if (!TEST_ptr(pkey = EVP_PKEY_new())
414 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
415 goto end;
416
417 ret = pkey;
418 pkey = NULL;
419
420 end:
421 EVP_PKEY_free(pkey);
422 RSA_free(rsa);
423
424 return ret;
425 }
426
427 #ifndef OPENSSL_NO_DSA
428 static EVP_PKEY *load_example_dsa_key(void)
429 {
430 EVP_PKEY *ret = NULL;
431 const unsigned char *derp = kExampleDSAKeyDER;
432 EVP_PKEY *pkey = NULL;
433 DSA *dsa = NULL;
434
435 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
436 return NULL;
437
438 if (!TEST_ptr(pkey = EVP_PKEY_new())
439 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
440 goto end;
441
442 ret = pkey;
443 pkey = NULL;
444
445 end:
446 EVP_PKEY_free(pkey);
447 DSA_free(dsa);
448
449 return ret;
450 }
451 #endif
452
453 static int test_EVP_Enveloped(void)
454 {
455 int ret = 0;
456 EVP_CIPHER_CTX *ctx = NULL;
457 EVP_PKEY *keypair = NULL;
458 unsigned char *kek = NULL;
459 unsigned char iv[EVP_MAX_IV_LENGTH];
460 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
461 int len, kek_len, ciphertext_len, plaintext_len;
462 unsigned char ciphertext[32], plaintext[16];
463 const EVP_CIPHER *type = EVP_aes_256_cbc();
464
465 if (!TEST_ptr(keypair = load_example_rsa_key())
466 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
467 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
468 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
469 &keypair, 1))
470 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
471 msg, sizeof(msg)))
472 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
473 &len)))
474 goto err;
475
476 ciphertext_len += len;
477
478 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
479 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
480 ciphertext, ciphertext_len))
481 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
482 goto err;
483
484 plaintext_len += len;
485 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
486 goto err;
487
488 ret = 1;
489 err:
490 OPENSSL_free(kek);
491 EVP_PKEY_free(keypair);
492 EVP_CIPHER_CTX_free(ctx);
493 return ret;
494 }
495
496 /*
497 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA)
498 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA)
499 * Test 2: Use an MD BIO to do the Update calls instead (RSA)
500 * Test 3: Use an MD BIO to do the Update calls instead (DSA)
501 */
502 static int test_EVP_DigestSignInit(int tst)
503 {
504 int ret = 0;
505 EVP_PKEY *pkey = NULL;
506 unsigned char *sig = NULL;
507 size_t sig_len = 0;
508 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
509 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
510 BIO *mdbio = NULL, *membio = NULL;
511 size_t written;
512
513 if (tst >= 2) {
514 membio = BIO_new(BIO_s_mem());
515 mdbio = BIO_new(BIO_f_md());
516 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
517 goto out;
518 BIO_push(mdbio, membio);
519 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
520 goto out;
521 } else {
522 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
523 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
524 goto out;
525 }
526
527 if (tst == 0 || tst == 2) {
528 if (!TEST_ptr(pkey = load_example_rsa_key()))
529 goto out;
530 } else {
531 #ifndef OPENSSL_NO_DSA
532 if (!TEST_ptr(pkey = load_example_dsa_key()))
533 goto out;
534 #else
535 ret = 1;
536 goto out;
537 #endif
538 }
539
540 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)))
541 goto out;
542
543 if (tst >= 2) {
544 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
545 goto out;
546 } else {
547 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
548 goto out;
549 }
550
551 /* Determine the size of the signature. */
552 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
553 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
554 goto out;
555
556 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
557 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
558 goto out;
559
560 if (tst >= 2) {
561 if (!TEST_int_gt(BIO_reset(mdbio), 0)
562 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
563 goto out;
564 }
565
566 /* Ensure that the signature round-trips. */
567 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
568 NULL, pkey)))
569 goto out;
570
571 if (tst >= 2) {
572 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
573 goto out;
574 } else {
575 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
576 sizeof(kMsg))))
577 goto out;
578 }
579 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
580 goto out;
581
582 ret = 1;
583
584 out:
585 BIO_free(membio);
586 BIO_free(mdbio);
587 EVP_MD_CTX_free(a_md_ctx);
588 EVP_MD_CTX_free(a_md_ctx_verify);
589 EVP_PKEY_free(pkey);
590 OPENSSL_free(sig);
591
592 return ret;
593 }
594
595 static int test_EVP_DigestVerifyInit(void)
596 {
597 int ret = 0;
598 EVP_PKEY *pkey = NULL;
599 EVP_MD_CTX *md_ctx = NULL;
600
601 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
602 || !TEST_ptr(pkey = load_example_rsa_key()))
603 goto out;
604
605 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
606 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
607 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
608 sizeof(kSignature))))
609 goto out;
610 ret = 1;
611
612 out:
613 EVP_MD_CTX_free(md_ctx);
614 EVP_PKEY_free(pkey);
615 return ret;
616 }
617
618 static int test_d2i_AutoPrivateKey(int i)
619 {
620 int ret = 0;
621 const unsigned char *p;
622 EVP_PKEY *pkey = NULL;
623 const APK_DATA *ak = &keydata[i];
624 const unsigned char *input = ak->kder;
625 size_t input_len = ak->size;
626 int expected_id = ak->evptype;
627
628 p = input;
629 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
630 || !TEST_ptr_eq(p, input + input_len)
631 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
632 goto done;
633
634 ret = 1;
635
636 done:
637 EVP_PKEY_free(pkey);
638 return ret;
639 }
640
641 #ifndef OPENSSL_NO_EC
642
643 static const unsigned char ec_public_sect163k1_validxy[] = {
644 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
645 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
646 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
647 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
648 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
649 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
650 };
651
652 static const unsigned char ec_public_sect163k1_badx[] = {
653 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
654 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
655 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
656 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
657 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
658 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
659 };
660
661 static const unsigned char ec_public_sect163k1_bady[] = {
662 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
663 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
664 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
665 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
666 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
667 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
668 };
669
670 static struct ec_der_pub_keys_st {
671 const unsigned char *der;
672 size_t len;
673 int valid;
674 } ec_der_pub_keys[] = {
675 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
676 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
677 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
678 };
679
680 /*
681 * Tests the range of the decoded EC char2 public point.
682 * See ec_GF2m_simple_oct2point().
683 */
684 static int test_invalide_ec_char2_pub_range_decode(int id)
685 {
686 int ret = 0;
687 BIO *bio = NULL;
688 EC_KEY *eckey = NULL;
689
690 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
691 ec_der_pub_keys[id].len)))
692 goto err;
693 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
694 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
695 || TEST_ptr_null(eckey);
696 err:
697 EC_KEY_free(eckey);
698 BIO_free(bio);
699 return ret;
700 }
701
702 /* Tests loading a bad key in PKCS8 format */
703 static int test_EVP_PKCS82PKEY(void)
704 {
705 int ret = 0;
706 const unsigned char *derp = kExampleBadECKeyDER;
707 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
708 EVP_PKEY *pkey = NULL;
709
710 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
711 sizeof(kExampleBadECKeyDER))))
712 goto done;
713
714 if (!TEST_ptr_eq(derp,
715 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
716 goto done;
717
718 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
719 goto done;
720
721 ret = 1;
722
723 done:
724 PKCS8_PRIV_KEY_INFO_free(p8inf);
725 EVP_PKEY_free(pkey);
726
727 return ret;
728 }
729 #endif
730
731 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
732
733 static int test_EVP_SM2_verify(void)
734 {
735 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
736 const char *pubkey =
737 "-----BEGIN PUBLIC KEY-----\n"
738 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
739 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
740 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
741 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
742 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
743 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
744 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
745 "-----END PUBLIC KEY-----\n";
746
747 const char *msg = "message digest";
748 const char *id = "ALICE123@YAHOO.COM";
749
750 const uint8_t signature[] = {
751 0x30, 0x44, 0x02, 0x20,
752
753 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
754 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
755 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
756
757 0x02, 0x20,
758
759 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
760 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
761 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
762 };
763
764 int rc = 0;
765 BIO *bio = NULL;
766 EVP_PKEY *pkey = NULL;
767 EVP_MD_CTX *mctx = NULL;
768 EVP_PKEY_CTX *pctx = NULL;
769
770 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
771 if (!TEST_true(bio != NULL))
772 goto done;
773
774 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
775 if (!TEST_true(pkey != NULL))
776 goto done;
777
778 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
779 goto done;
780
781 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
782 goto done;
783
784 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
785 goto done;
786
787 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
788 strlen(id)), 0))
789 goto done;
790
791 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
792
793 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
794 goto done;
795
796 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
797 goto done;
798
799 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
800 goto done;
801 rc = 1;
802
803 done:
804 BIO_free(bio);
805 EVP_PKEY_free(pkey);
806 EVP_PKEY_CTX_free(pctx);
807 EVP_MD_CTX_free(mctx);
808 return rc;
809 }
810
811 static int test_EVP_SM2(void)
812 {
813 int ret = 0;
814 EVP_PKEY *pkey = NULL;
815 EVP_PKEY *params = NULL;
816 EVP_PKEY_CTX *pctx = NULL;
817 EVP_PKEY_CTX *kctx = NULL;
818 EVP_PKEY_CTX *sctx = NULL;
819 size_t sig_len = 0;
820 unsigned char *sig = NULL;
821 EVP_MD_CTX *md_ctx = NULL;
822 EVP_MD_CTX *md_ctx_verify = NULL;
823 EVP_PKEY_CTX *cctx = NULL;
824
825 uint8_t ciphertext[128];
826 size_t ctext_len = sizeof(ciphertext);
827
828 uint8_t plaintext[8];
829 size_t ptext_len = sizeof(plaintext);
830
831 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
832
833 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
834 if (!TEST_ptr(pctx))
835 goto done;
836
837 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
838 goto done;
839
840 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
841 goto done;
842
843 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
844 goto done;
845
846 kctx = EVP_PKEY_CTX_new(params, NULL);
847 if (!TEST_ptr(kctx))
848 goto done;
849
850 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
851 goto done;
852
853 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
854 goto done;
855
856 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
857 goto done;
858
859 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
860 goto done;
861
862 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
863 goto done;
864
865 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
866 goto done;
867
868 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
869 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
870
871 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
872 goto done;
873
874 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
875 goto done;
876
877 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
878 goto done;
879
880 /* Determine the size of the signature. */
881 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
882 goto done;
883
884 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
885 goto done;
886
887 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
888 goto done;
889
890 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
891 goto done;
892
893 /* Ensure that the signature round-trips. */
894
895 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
896 goto done;
897
898 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
899 goto done;
900
901 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
902 goto done;
903
904 /* now check encryption/decryption */
905
906 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
907 goto done;
908
909 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
910 goto done;
911
912 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
913 goto done;
914
915 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
916 goto done;
917
918 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
919 goto done;
920
921 if (!TEST_true(ptext_len == sizeof(kMsg)))
922 goto done;
923
924 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
925 goto done;
926
927 ret = 1;
928 done:
929 EVP_PKEY_CTX_free(pctx);
930 EVP_PKEY_CTX_free(kctx);
931 EVP_PKEY_CTX_free(sctx);
932 EVP_PKEY_CTX_free(cctx);
933 EVP_PKEY_free(pkey);
934 EVP_PKEY_free(params);
935 EVP_MD_CTX_free(md_ctx);
936 EVP_MD_CTX_free(md_ctx_verify);
937 OPENSSL_free(sig);
938 return ret;
939 }
940
941 #endif
942
943 static struct keys_st {
944 int type;
945 char *priv;
946 char *pub;
947 } keys[] = {
948 {
949 EVP_PKEY_HMAC, "0123456789", NULL
950 }, {
951 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
952 }, {
953 EVP_PKEY_SIPHASH, "0123456789012345", NULL
954 },
955 #ifndef OPENSSL_NO_EC
956 {
957 EVP_PKEY_X25519, "01234567890123456789012345678901",
958 "abcdefghijklmnopqrstuvwxyzabcdef"
959 }, {
960 EVP_PKEY_ED25519, "01234567890123456789012345678901",
961 "abcdefghijklmnopqrstuvwxyzabcdef"
962 }, {
963 EVP_PKEY_X448,
964 "01234567890123456789012345678901234567890123456789012345",
965 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
966 }, {
967 EVP_PKEY_ED448,
968 "012345678901234567890123456789012345678901234567890123456",
969 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
970 }
971 #endif
972 };
973
974 static int test_set_get_raw_keys_int(int tst, int pub)
975 {
976 int ret = 0;
977 unsigned char buf[80];
978 unsigned char *in;
979 size_t inlen, len = 0;
980 EVP_PKEY *pkey;
981
982 /* Check if this algorithm supports public keys */
983 if (keys[tst].pub == NULL)
984 return 1;
985
986 memset(buf, 0, sizeof(buf));
987
988 if (pub) {
989 inlen = strlen(keys[tst].pub);
990 in = (unsigned char *)keys[tst].pub;
991 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
992 NULL,
993 in,
994 inlen);
995 } else {
996 inlen = strlen(keys[tst].priv);
997 in = (unsigned char *)keys[tst].priv;
998 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
999 NULL,
1000 in,
1001 inlen);
1002 }
1003
1004 if (!TEST_ptr(pkey)
1005 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1006 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1007 || !TEST_true(len == inlen)
1008 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1009 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1010 || !TEST_mem_eq(in, inlen, buf, len))
1011 goto done;
1012
1013 ret = 1;
1014 done:
1015 EVP_PKEY_free(pkey);
1016 return ret;
1017 }
1018
1019 static int test_set_get_raw_keys(int tst)
1020 {
1021 return test_set_get_raw_keys_int(tst, 0)
1022 && test_set_get_raw_keys_int(tst, 1);
1023 }
1024
1025 static int pkey_custom_check(EVP_PKEY *pkey)
1026 {
1027 return 0xbeef;
1028 }
1029
1030 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1031 {
1032 return 0xbeef;
1033 }
1034
1035 static int pkey_custom_param_check(EVP_PKEY *pkey)
1036 {
1037 return 0xbeef;
1038 }
1039
1040 static EVP_PKEY_METHOD *custom_pmeth;
1041
1042 static int test_EVP_PKEY_check(int i)
1043 {
1044 int ret = 0;
1045 const unsigned char *p;
1046 EVP_PKEY *pkey = NULL;
1047 #ifndef OPENSSL_NO_EC
1048 EC_KEY *eckey = NULL;
1049 #endif
1050 EVP_PKEY_CTX *ctx = NULL;
1051 EVP_PKEY_CTX *ctx2 = NULL;
1052 const APK_DATA *ak = &keycheckdata[i];
1053 const unsigned char *input = ak->kder;
1054 size_t input_len = ak->size;
1055 int expected_id = ak->evptype;
1056 int expected_check = ak->check;
1057 int expected_pub_check = ak->pub_check;
1058 int expected_param_check = ak->param_check;
1059 int type = ak->type;
1060 BIO *pubkey = NULL;
1061
1062 p = input;
1063
1064 switch (type) {
1065 case 0:
1066 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1067 || !TEST_ptr_eq(p, input + input_len)
1068 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1069 goto done;
1070 break;
1071 #ifndef OPENSSL_NO_EC
1072 case 1:
1073 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1074 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1075 || !TEST_ptr(pkey = EVP_PKEY_new())
1076 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1077 goto done;
1078 break;
1079 case 2:
1080 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1081 || !TEST_ptr_eq(p, input + input_len)
1082 || !TEST_ptr(pkey = EVP_PKEY_new())
1083 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1084 goto done;
1085 break;
1086 #endif
1087 default:
1088 return 0;
1089 }
1090
1091 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1092 goto done;
1093
1094 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1095 goto done;
1096
1097 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1098 goto done;
1099
1100 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1101 goto done;
1102
1103 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1104 /* assign the pkey directly, as an internal test */
1105 EVP_PKEY_up_ref(pkey);
1106 ctx2->pkey = pkey;
1107
1108 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1109 goto done;
1110
1111 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1112 goto done;
1113
1114 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1115 goto done;
1116
1117 ret = 1;
1118
1119 done:
1120 EVP_PKEY_CTX_free(ctx);
1121 EVP_PKEY_CTX_free(ctx2);
1122 EVP_PKEY_free(pkey);
1123 BIO_free(pubkey);
1124 return ret;
1125 }
1126
1127 static int test_HKDF(void)
1128 {
1129 EVP_PKEY_CTX *pctx;
1130 unsigned char out[20];
1131 size_t outlen;
1132 int i, ret = 0;
1133 unsigned char salt[] = "0123456789";
1134 unsigned char key[] = "012345678901234567890123456789";
1135 unsigned char info[] = "infostring";
1136 const unsigned char expected[] = {
1137 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1138 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1139 };
1140 size_t expectedlen = sizeof(expected);
1141
1142 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1143 goto done;
1144
1145 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1146 for (i = 0; i < 2; i++) {
1147 outlen = sizeof(out);
1148 memset(out, 0, outlen);
1149
1150 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1151 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1152 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1153 sizeof(salt) - 1), 0)
1154 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1155 sizeof(key) - 1), 0)
1156 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1157 sizeof(info) - 1), 0)
1158 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1159 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1160 goto done;
1161 }
1162
1163 ret = 1;
1164
1165 done:
1166 EVP_PKEY_CTX_free(pctx);
1167
1168 return ret;
1169 }
1170
1171 #ifndef OPENSSL_NO_EC
1172 static int test_X509_PUBKEY_inplace(void)
1173 {
1174 int ret = 0;
1175 X509_PUBKEY *xp = NULL;
1176 const unsigned char *p = kExampleECPubKeyDER;
1177 size_t input_len = sizeof(kExampleECPubKeyDER);
1178
1179 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1180 goto done;
1181
1182 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1183 goto done;
1184
1185 p = kExampleBadECPubKeyDER;
1186 input_len = sizeof(kExampleBadECPubKeyDER);
1187
1188 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1189 goto done;
1190
1191 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1192 goto done;
1193
1194 ret = 1;
1195
1196 done:
1197 X509_PUBKEY_free(xp);
1198 return ret;
1199 }
1200 #endif /* OPENSSL_NO_EC */
1201
1202 #ifndef OPENSSL_NO_DSA
1203 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1204 static int test_EVP_PKEY_CTX_get_set_params(void)
1205 {
1206 EVP_MD_CTX *mdctx = NULL;
1207 EVP_PKEY_CTX *ctx = NULL;
1208 EVP_SIGNATURE *dsaimpl = NULL;
1209 const OSSL_PARAM *params;
1210 OSSL_PARAM ourparams[2], *param = ourparams;
1211 DSA *dsa = NULL;
1212 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1213 EVP_PKEY *pkey = NULL;
1214 int ret = 0;
1215 const EVP_MD *md;
1216 size_t mdsize = SHA512_DIGEST_LENGTH;
1217 char ssl3ms[48];
1218
1219 /*
1220 * Setup the parameters for our DSA object. For our purposes they don't
1221 * have to actually be *valid* parameters. We just need to set something.
1222 */
1223 dsa = DSA_new();
1224 p = BN_new();
1225 q = BN_new();
1226 g = BN_new();
1227 pub = BN_new();
1228 priv = BN_new();
1229 if (!TEST_ptr(dsa)
1230 || !TEST_ptr(p)
1231 || !TEST_ptr(q)
1232 || !TEST_ptr(g)
1233 || !TEST_ptr(pub)
1234 || !DSA_set0_pqg(dsa, p, q, g)
1235 || !DSA_set0_key(dsa, pub, priv))
1236 goto err;
1237 p = q = g = pub = priv = NULL;
1238
1239 pkey = EVP_PKEY_new();
1240 if (!TEST_ptr(pkey)
1241 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1242 goto err;
1243
1244 dsa = NULL;
1245
1246 /* Initialise a sign operation */
1247 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1248 if (!TEST_ptr(ctx)
1249 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1250 goto err;
1251
1252 /*
1253 * We should be able to query the parameters now. The default DSA
1254 * implementation supports exactly one parameter - so we expect to see that
1255 * returned and no more.
1256 */
1257 params = EVP_PKEY_CTX_settable_params(ctx);
1258 if (!TEST_ptr(params)
1259 || !TEST_int_eq(strcmp(params[0].key,
1260 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1261 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1262 0)
1263 /* The final key should be NULL */
1264 || !TEST_ptr_null(params[2].key))
1265 goto err;
1266
1267 /* Gettable params are the same as the settable ones */
1268 params = EVP_PKEY_CTX_gettable_params(ctx);
1269 if (!TEST_ptr(params)
1270 || !TEST_int_eq(strcmp(params[0].key,
1271 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1272 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1273 0)
1274 /* The final key should be NULL */
1275 || !TEST_ptr_null(params[2].key))
1276 goto err;
1277
1278 /*
1279 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1280 * EVP_PKEY_CTX_get_params()
1281 */
1282 *param++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE,
1283 &mdsize);
1284 *param++ = OSSL_PARAM_construct_end();
1285
1286 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1287 goto err;
1288
1289 mdsize = 0;
1290 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1291 || !TEST_size_t_eq(mdsize, SHA512_DIGEST_LENGTH))
1292 goto err;
1293
1294 /*
1295 * Test the TEST_PKEY_CTX_set_signature_md() and
1296 * TEST_PKEY_CTX_get_signature_md() functions
1297 */
1298 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1299 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1300 || !TEST_ptr_eq(md, EVP_sha256()))
1301 goto err;
1302
1303 /*
1304 * Test getting MD parameters via an associated EVP_PKEY_CTX
1305 */
1306 mdctx = EVP_MD_CTX_new();
1307 if (!TEST_ptr(mdctx)
1308 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey)))
1309 goto err;
1310
1311 /*
1312 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1313 * able to obtain the digest's settable parameters from the provider.
1314 */
1315 params = EVP_MD_CTX_settable_params(mdctx);
1316 if (!TEST_ptr(params)
1317 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1318 /* The final key should be NULL */
1319 || !TEST_ptr_null(params[1].key))
1320 goto err;
1321
1322 param = ourparams;
1323 memset(ssl3ms, 0, sizeof(ssl3ms));
1324 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1325 ssl3ms, sizeof(ssl3ms));
1326 *param++ = OSSL_PARAM_construct_end();
1327
1328 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1329 goto err;
1330
1331 ret = 1;
1332
1333 err:
1334 EVP_MD_CTX_free(mdctx);
1335 EVP_PKEY_CTX_free(ctx);
1336 EVP_SIGNATURE_free(dsaimpl);
1337 EVP_PKEY_free(pkey);
1338 DSA_free(dsa);
1339 BN_free(p);
1340 BN_free(q);
1341 BN_free(g);
1342 BN_free(pub);
1343 BN_free(priv);
1344
1345 return ret;
1346 }
1347 #endif
1348
1349 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1350 static int test_decrypt_null_chunks(void)
1351 {
1352 EVP_CIPHER_CTX* ctx = NULL;
1353 const unsigned char key[32] = {
1354 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1355 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1356 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1357 };
1358 unsigned char iv[12] = {
1359 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1360 };
1361 unsigned char msg[] = "It was the best of times, it was the worst of times";
1362 unsigned char ciphertext[80];
1363 unsigned char plaintext[80];
1364 /* We initialise tmp to a non zero value on purpose */
1365 int ctlen, ptlen, tmp = 99;
1366 int ret = 0;
1367 const int enc_offset = 10, dec_offset = 20;
1368
1369 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
1370 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
1371 key, iv))
1372 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
1373 enc_offset))
1374 /* Deliberate add a zero length update */
1375 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
1376 0))
1377 || !TEST_int_eq(tmp, 0)
1378 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
1379 msg + enc_offset,
1380 sizeof(msg) - enc_offset))
1381 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
1382 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
1383 || !TEST_int_eq(tmp, 0))
1384 goto err;
1385
1386 /* Deliberately initialise tmp to a non zero value */
1387 tmp = 99;
1388 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
1389 iv))
1390 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
1391 dec_offset))
1392 /*
1393 * Deliberately add a zero length update. We also deliberately do
1394 * this at a different offset than for encryption.
1395 */
1396 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
1397 0))
1398 || !TEST_int_eq(tmp, 0)
1399 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
1400 ciphertext + dec_offset,
1401 ctlen - dec_offset))
1402 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
1403 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
1404 || !TEST_int_eq(tmp, 0)
1405 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
1406 goto err;
1407
1408 ret = 1;
1409 err:
1410 EVP_CIPHER_CTX_free(ctx);
1411 return ret;
1412 }
1413 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1414
1415 int setup_tests(void)
1416 {
1417 ADD_ALL_TESTS(test_EVP_DigestSignInit, 4);
1418 ADD_TEST(test_EVP_DigestVerifyInit);
1419 ADD_TEST(test_EVP_Enveloped);
1420 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1421 #ifndef OPENSSL_NO_EC
1422 ADD_TEST(test_EVP_PKCS82PKEY);
1423 #endif
1424 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
1425 ADD_TEST(test_EVP_SM2);
1426 ADD_TEST(test_EVP_SM2_verify);
1427 #endif
1428 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1429 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1430 if (!TEST_ptr(custom_pmeth))
1431 return 0;
1432 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1433 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1434 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1435 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1436 return 0;
1437 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1438 ADD_TEST(test_HKDF);
1439 #ifndef OPENSSL_NO_EC
1440 ADD_TEST(test_X509_PUBKEY_inplace);
1441 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1442 OSSL_NELEM(ec_der_pub_keys));
1443 #endif
1444 #ifndef OPENSSL_NO_DSA
1445 ADD_TEST(test_EVP_PKEY_CTX_get_set_params);
1446 #endif
1447 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1448 ADD_TEST(test_decrypt_null_chunks);
1449 #endif
1450 return 1;
1451 }
A mirror of the official openssl repository