]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
test_ecpub: test that we can decode the DER we encoded
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /* We need to use some deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <openssl/bio.h>
17 #include <openssl/conf.h>
18 #include <openssl/crypto.h>
19 #include <openssl/err.h>
20 #include <openssl/evp.h>
21 #include <openssl/x509.h>
22 #include <openssl/pem.h>
23 #include <openssl/kdf.h>
24 #include <openssl/provider.h>
25 #include <openssl/core_names.h>
26 #include <openssl/params.h>
27 #include <openssl/param_build.h>
28 #include <openssl/dsa.h>
29 #include <openssl/dh.h>
30 #include <openssl/aes.h>
31 #include <openssl/decoder.h>
32 #include <openssl/rsa.h>
33 #include "testutil.h"
34 #include "internal/nelem.h"
35 #include "internal/sizes.h"
36 #include "crypto/evp.h"
37 #include "../e_os.h" /* strcasecmp */
38
39 static OSSL_LIB_CTX *testctx = NULL;
40
41 /*
42 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
43 * should never use this key anywhere but in an example.
44 */
45 static const unsigned char kExampleRSAKeyDER[] = {
46 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
47 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
48 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
49 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
50 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
51 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
52 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
53 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
54 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
55 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
56 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
57 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
58 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
59 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
60 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
61 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
62 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
63 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
64 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
65 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
66 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
67 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
68 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
69 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
70 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
71 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
72 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
73 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
74 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
75 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
76 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
77 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
78 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
79 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
80 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
81 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
82 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
83 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
84 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
85 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
86 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
87 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
88 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
89 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
90 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
91 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
92 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
93 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
94 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
95 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
96 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
97 };
98
99 /*
100 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
101 * should never use this key anywhere but in an example.
102 */
103 #ifndef OPENSSL_NO_DSA
104 static const unsigned char kExampleDSAKeyDER[] = {
105 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
106 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
107 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
108 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
109 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
110 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
111 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
112 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
113 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
114 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
115 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
116 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
117 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
118 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
119 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
120 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
121 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
122 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
123 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
124 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
125 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
126 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
127 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
128 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
129 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
130 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
131 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
132 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
133 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
134 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
135 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
136 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
137 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
138 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
139 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
140 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
141 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
142 0x40, 0x48
143 };
144 #endif
145
146 /*
147 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
148 * components are not correct.
149 */
150 static const unsigned char kExampleBadRSAKeyDER[] = {
151 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
152 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
153 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
154 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
155 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
156 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
157 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
158 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
159 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
160 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
161 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
162 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
163 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
164 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
165 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
166 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
167 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
168 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
169 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
170 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
171 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
172 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
173 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
174 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
175 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
176 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
177 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
178 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
179 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
180 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
181 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
182 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
183 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
184 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
185 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
186 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
187 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
188 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
189 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
190 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
191 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
192 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
193 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
194 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
195 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
196 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
197 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
198 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
199 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
200 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
201 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
202 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
203 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
204 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
205 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
206 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
207 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
208 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
209 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
210 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
211 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
212 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
213 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
214 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
215 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
216 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
217 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
218 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
219 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
220 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
221 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
222 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
223 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
224 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
225 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
226 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
227 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
228 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
229 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
230 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
231 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
232 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
233 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
234 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
235 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
236 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
237 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
238 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
239 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
240 };
241
242 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
243
244 static const unsigned char kSignature[] = {
245 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
246 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
247 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
248 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
249 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
250 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
251 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
252 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
253 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
254 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
255 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
256 };
257
258 /*
259 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
260 * PrivateKeyInfo.
261 */
262 static const unsigned char kExampleRSAKeyPKCS8[] = {
263 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
264 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
265 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
266 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
267 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
268 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
269 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
270 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
271 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
272 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
273 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
274 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
275 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
276 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
277 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
278 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
279 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
280 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
281 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
282 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
283 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
284 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
285 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
286 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
287 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
288 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
289 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
290 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
291 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
292 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
293 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
294 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
295 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
296 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
297 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
298 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
299 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
300 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
301 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
302 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
303 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
304 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
305 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
306 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
307 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
308 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
309 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
310 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
311 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
312 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
313 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
314 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
315 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
316 };
317
318 #ifndef OPENSSL_NO_EC
319 /*
320 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
321 * structure.
322 */
323 static const unsigned char kExampleECKeyDER[] = {
324 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
325 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
326 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
327 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
328 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
329 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
330 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
331 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
332 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
333 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
334 0xc1,
335 };
336
337 /*
338 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
339 * structure. The private key is equal to the order and will fail to import
340 */
341 static const unsigned char kExampleBadECKeyDER[] = {
342 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
343 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
344 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
345 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
346 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
347 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
348 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
349 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
350 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
351 };
352
353 /* prime256v1 */
354 static const unsigned char kExampleECPubKeyDER[] = {
355 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
356 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
357 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
358 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
359 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
360 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
361 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
362 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
363 };
364
365 /*
366 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
367 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
368 */
369 static const unsigned char kExampleBadECPubKeyDER[] = {
370 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
371 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
372 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
373 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
374 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
375 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
376 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
377 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
378 };
379
380 static const unsigned char pExampleECParamDER[] = {
381 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
382 };
383 #endif
384
385 typedef struct APK_DATA_st {
386 const unsigned char *kder;
387 size_t size;
388 const char *keytype;
389 int evptype;
390 int check;
391 int pub_check;
392 int param_check;
393 int type; /* 0 for private, 1 for public, 2 for params */
394 } APK_DATA;
395
396 static APK_DATA keydata[] = {
397 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), "RSA", EVP_PKEY_RSA},
398 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), "RSA", EVP_PKEY_RSA},
399 #ifndef OPENSSL_NO_EC
400 {kExampleECKeyDER, sizeof(kExampleECKeyDER), "EC", EVP_PKEY_EC}
401 #endif
402 };
403
404 static APK_DATA keycheckdata[] = {
405 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), "RSA", EVP_PKEY_RSA, 1, 1, 1, 0},
406 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), "RSA", EVP_PKEY_RSA,
407 0, 1, 1, 0},
408 #ifndef OPENSSL_NO_EC
409 {kExampleECKeyDER, sizeof(kExampleECKeyDER), "EC", EVP_PKEY_EC, 1, 1, 1, 0},
410 /* group is also associated in our pub key */
411 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), "EC", EVP_PKEY_EC, 0, 1, 1, 1},
412 {pExampleECParamDER, sizeof(pExampleECParamDER), "EC", EVP_PKEY_EC, 0, 0, 1, 2}
413 #endif
414 };
415
416 static EVP_PKEY *load_example_key(const char *keytype,
417 const unsigned char *data, size_t data_len)
418 {
419 const unsigned char **pdata = &data;
420 EVP_PKEY *pkey = NULL;
421 OSSL_DECODER_CTX *dctx =
422 OSSL_DECODER_CTX_new_for_pkey(&pkey, "DER", NULL, keytype, 0,
423 testctx, NULL);
424
425 /* |pkey| will be NULL on error */
426 (void)OSSL_DECODER_from_data(dctx, pdata, &data_len);
427 OSSL_DECODER_CTX_free(dctx);
428 return pkey;
429 }
430
431 static EVP_PKEY *load_example_rsa_key(void)
432 {
433 return load_example_key("RSA", kExampleRSAKeyDER,
434 sizeof(kExampleRSAKeyDER));
435 }
436
437 #ifndef OPENSSL_NO_DSA
438 static EVP_PKEY *load_example_dsa_key(void)
439 {
440 return load_example_key("DSA", kExampleDSAKeyDER,
441 sizeof(kExampleDSAKeyDER));
442 }
443 #endif
444
445 static EVP_PKEY *load_example_hmac_key(void)
446 {
447 EVP_PKEY *pkey = NULL;
448 unsigned char key[] = {
449 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
450 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
451 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
452 };
453
454 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
455 if (!TEST_ptr(pkey))
456 return NULL;
457
458 return pkey;
459 }
460
461 static int test_EVP_set_default_properties(void)
462 {
463 OSSL_LIB_CTX *ctx;
464 EVP_MD *md = NULL;
465 int res = 0;
466
467 if (!TEST_ptr(ctx = OSSL_LIB_CTX_new())
468 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
469 goto err;
470 EVP_MD_free(md);
471 md = NULL;
472
473 if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
474 || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
475 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
476 goto err;
477 EVP_MD_free(md);
478 md = NULL;
479
480 if (!TEST_true(EVP_set_default_properties(ctx, NULL))
481 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
482 goto err;
483 res = 1;
484 err:
485 EVP_MD_free(md);
486 OSSL_LIB_CTX_free(ctx);
487 return res;
488 }
489
490 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
491 static int test_fromdata(char *keytype, OSSL_PARAM *params)
492 {
493 EVP_PKEY_CTX *pctx = NULL;
494 EVP_PKEY *pkey = NULL;
495 int testresult = 0;
496
497 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, keytype, NULL)))
498 goto err;
499 if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
500 || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
501 params), 0))
502 goto err;
503
504 if (!TEST_ptr(pkey))
505 goto err;
506
507 testresult = 1;
508 err:
509 EVP_PKEY_free(pkey);
510 EVP_PKEY_CTX_free(pctx);
511
512 return testresult;
513 }
514 #endif /* !OPENSSL_NO_DH || !OPENSSL_NO_DSA || !OPENSSL_NO_EC */
515
516 /*
517 * Test combinations of private, public, missing and private + public key
518 * params to ensure they are all accepted
519 */
520 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA)
521 static int test_EVP_PKEY_ffc_priv_pub(char *keytype)
522 {
523 OSSL_PARAM_BLD *bld = NULL;
524 OSSL_PARAM *params = NULL;
525 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
526 int ret = 0;
527
528 /*
529 * Setup the parameters for our pkey object. For our purposes they don't
530 * have to actually be *valid* parameters. We just need to set something.
531 */
532 if (!TEST_ptr(p = BN_new())
533 || !TEST_ptr(q = BN_new())
534 || !TEST_ptr(g = BN_new())
535 || !TEST_ptr(pub = BN_new())
536 || !TEST_ptr(priv = BN_new()))
537 goto err;
538
539 /* Test !priv and !pub */
540 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
541 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
542 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
543 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)))
544 goto err;
545 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
546 goto err;
547
548 if (!test_fromdata(keytype, params))
549 goto err;
550 OSSL_PARAM_BLD_free_params(params);
551 OSSL_PARAM_BLD_free(bld);
552
553 /* Test priv and !pub */
554 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
555 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
556 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
557 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
558 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
559 priv)))
560 goto err;
561 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
562 goto err;
563
564 if (!test_fromdata(keytype, params))
565 goto err;
566 OSSL_PARAM_BLD_free_params(params);
567 OSSL_PARAM_BLD_free(bld);
568
569 /* Test !priv and pub */
570 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
571 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
572 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
573 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
574 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
575 pub)))
576 goto err;
577 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
578 goto err;
579
580 if (!test_fromdata(keytype, params))
581 goto err;
582 OSSL_PARAM_BLD_free_params(params);
583 OSSL_PARAM_BLD_free(bld);
584
585 /* Test priv and pub */
586 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
587 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
588 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
589 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
590 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
591 pub))
592 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
593 priv)))
594 goto err;
595 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
596 goto err;
597
598 if (!test_fromdata(keytype, params))
599 goto err;
600
601 ret = 1;
602 err:
603 OSSL_PARAM_BLD_free_params(params);
604 OSSL_PARAM_BLD_free(bld);
605 BN_free(p);
606 BN_free(q);
607 BN_free(g);
608 BN_free(pub);
609 BN_free(priv);
610
611 return ret;
612 }
613 #endif /* !OPENSSL_NO_DH || !OPENSSL_NO_DSA */
614
615 /*
616 * Test combinations of private, public, missing and private + public key
617 * params to ensure they are all accepted for EC keys
618 */
619 #ifndef OPENSSL_NO_EC
620 static unsigned char ec_priv[] = {
621 0xe9, 0x25, 0xf7, 0x66, 0x58, 0xa4, 0xdd, 0x99, 0x61, 0xe7, 0xe8, 0x23,
622 0x85, 0xc2, 0xe8, 0x33, 0x27, 0xc5, 0x5c, 0xeb, 0xdb, 0x43, 0x9f, 0xd5,
623 0xf2, 0x5a, 0x75, 0x55, 0xd0, 0x2e, 0x6d, 0x16
624 };
625 static unsigned char ec_pub[] = {
626 0x04, 0xad, 0x11, 0x90, 0x77, 0x4b, 0x46, 0xee, 0x72, 0x51, 0x15, 0x97,
627 0x4a, 0x6a, 0xa7, 0xaf, 0x59, 0xfa, 0x4b, 0xf2, 0x41, 0xc8, 0x3a, 0x81,
628 0x23, 0xb6, 0x90, 0x04, 0x6c, 0x67, 0x66, 0xd0, 0xdc, 0xf2, 0x15, 0x1d,
629 0x41, 0x61, 0xb7, 0x95, 0x85, 0x38, 0x5a, 0x84, 0x56, 0xe8, 0xb3, 0x0e,
630 0xf5, 0xc6, 0x5d, 0xa4, 0x54, 0x26, 0xb0, 0xf7, 0xa5, 0x4a, 0x33, 0xf1,
631 0x08, 0x09, 0xb8, 0xdb, 0x03
632 };
633
634 static int test_EC_priv_pub(void)
635 {
636 OSSL_PARAM_BLD *bld = NULL;
637 OSSL_PARAM *params = NULL;
638 BIGNUM *priv = NULL;
639 int ret = 0;
640
641 /*
642 * Setup the parameters for our pkey object. For our purposes they don't
643 * have to actually be *valid* parameters. We just need to set something.
644 */
645 if (!TEST_ptr(priv = BN_bin2bn(ec_priv, sizeof(ec_priv), NULL)))
646 goto err;
647
648 /* Test !priv and !pub */
649 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
650 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
651 OSSL_PKEY_PARAM_GROUP_NAME,
652 "P-256", 0)))
653 goto err;
654 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
655 goto err;
656
657 if (!test_fromdata("EC", params))
658 goto err;
659 OSSL_PARAM_BLD_free_params(params);
660 OSSL_PARAM_BLD_free(bld);
661
662 /* Test priv and !pub */
663 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
664 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
665 OSSL_PKEY_PARAM_GROUP_NAME,
666 "P-256", 0))
667 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
668 priv)))
669 goto err;
670 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
671 goto err;
672
673 if (!test_fromdata("EC", params))
674 goto err;
675 OSSL_PARAM_BLD_free_params(params);
676 OSSL_PARAM_BLD_free(bld);
677
678 /* Test !priv and pub */
679 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
680 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
681 OSSL_PKEY_PARAM_GROUP_NAME,
682 "P-256", 0))
683 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
684 OSSL_PKEY_PARAM_PUB_KEY,
685 ec_pub, sizeof(ec_pub))))
686 goto err;
687 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
688 goto err;
689
690 if (!test_fromdata("EC", params))
691 goto err;
692 OSSL_PARAM_BLD_free_params(params);
693 OSSL_PARAM_BLD_free(bld);
694
695 /* Test priv and pub */
696 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
697 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
698 OSSL_PKEY_PARAM_GROUP_NAME,
699 "P-256", 0))
700 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
701 OSSL_PKEY_PARAM_PUB_KEY,
702 ec_pub, sizeof(ec_pub)))
703 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
704 OSSL_PKEY_PARAM_PUB_KEY,
705 ec_pub, sizeof(ec_pub))))
706 goto err;
707 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
708 goto err;
709
710 if (!test_fromdata("EC", params))
711 goto err;
712
713 ret = 1;
714 err:
715 OSSL_PARAM_BLD_free_params(params);
716 OSSL_PARAM_BLD_free(bld);
717 BN_free(priv);
718
719 return ret;
720 }
721
722 /* Test that using a legacy EC key with only a private key in it works */
723 # ifndef OPENSSL_NO_DEPRECATED_3_0
724 static int test_EC_priv_only_legacy(void)
725 {
726 BIGNUM *priv = NULL;
727 int ret = 0;
728 EC_KEY *eckey = NULL;
729 EVP_PKEY *pkey = NULL;
730 EVP_MD_CTX *ctx = NULL;
731
732 /* Create the low level EC_KEY */
733 if (!TEST_ptr(priv = BN_bin2bn(ec_priv, sizeof(ec_priv), NULL)))
734 goto err;
735
736 eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
737 if (!TEST_ptr(eckey))
738 goto err;
739
740 if (!TEST_true(EC_KEY_set_private_key(eckey, priv)))
741 goto err;
742
743 pkey = EVP_PKEY_new();
744 if (!TEST_ptr(pkey))
745 goto err;
746
747 if (!TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
748 goto err;
749 eckey = NULL;
750
751 ctx = EVP_MD_CTX_new();
752 if (!TEST_ptr(ctx))
753 goto err;
754
755 /*
756 * The EVP_DigestSignInit function should create the key on the provider
757 * side which is sufficient for this test.
758 */
759 if (!TEST_true(EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey)))
760 goto err;
761
762 ret = 1;
763
764 err:
765 EVP_MD_CTX_free(ctx);
766 EVP_PKEY_free(pkey);
767 EC_KEY_free(eckey);
768 BN_free(priv);
769
770 return ret;
771 }
772 # endif /* OPENSSL_NO_DEPRECATED_3_0 */
773 #endif /* OPENSSL_NO_EC */
774
775 static int test_EVP_Enveloped(void)
776 {
777 int ret = 0;
778 EVP_CIPHER_CTX *ctx = NULL;
779 EVP_PKEY *keypair = NULL;
780 unsigned char *kek = NULL;
781 unsigned char iv[EVP_MAX_IV_LENGTH];
782 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
783 int len, kek_len, ciphertext_len, plaintext_len;
784 unsigned char ciphertext[32], plaintext[16];
785 const EVP_CIPHER *type = EVP_aes_256_cbc();
786
787 if (!TEST_ptr(keypair = load_example_rsa_key())
788 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
789 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
790 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
791 &keypair, 1))
792 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
793 msg, sizeof(msg)))
794 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
795 &len)))
796 goto err;
797
798 ciphertext_len += len;
799
800 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
801 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
802 ciphertext, ciphertext_len))
803 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
804 goto err;
805
806 plaintext_len += len;
807 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
808 goto err;
809
810 ret = 1;
811 err:
812 OPENSSL_free(kek);
813 EVP_PKEY_free(keypair);
814 EVP_CIPHER_CTX_free(ctx);
815 return ret;
816 }
817
818 /*
819 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
820 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
821 * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
822 * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
823 * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
824 * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
825 * Test 6: Use an MD BIO to do the Update calls instead (RSA)
826 * Test 7: Use an MD BIO to do the Update calls instead (DSA)
827 * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
828 */
829 static int test_EVP_DigestSignInit(int tst)
830 {
831 int ret = 0;
832 EVP_PKEY *pkey = NULL;
833 unsigned char *sig = NULL;
834 size_t sig_len = 0;
835 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
836 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
837 BIO *mdbio = NULL, *membio = NULL;
838 size_t written;
839 const EVP_MD *md;
840 EVP_MD *mdexp = NULL;
841
842 if (tst >= 6) {
843 membio = BIO_new(BIO_s_mem());
844 mdbio = BIO_new(BIO_f_md());
845 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
846 goto out;
847 BIO_push(mdbio, membio);
848 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
849 goto out;
850 } else {
851 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
852 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
853 goto out;
854 }
855
856 if (tst == 0 || tst == 3 || tst == 6) {
857 if (!TEST_ptr(pkey = load_example_rsa_key()))
858 goto out;
859 } else if (tst == 1 || tst == 4 || tst == 7) {
860 #ifndef OPENSSL_NO_DSA
861 if (!TEST_ptr(pkey = load_example_dsa_key()))
862 goto out;
863 #else
864 ret = 1;
865 goto out;
866 #endif
867 } else {
868 if (!TEST_ptr(pkey = load_example_hmac_key()))
869 goto out;
870 }
871
872 if (tst >= 3 && tst <= 5)
873 md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
874 else
875 md = EVP_sha256();
876
877 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
878 goto out;
879
880 if (tst >= 6) {
881 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
882 goto out;
883 } else {
884 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
885 goto out;
886 }
887
888 /* Determine the size of the signature. */
889 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
890 || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
891 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
892 goto out;
893
894 if (tst >= 6) {
895 if (!TEST_int_gt(BIO_reset(mdbio), 0)
896 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
897 goto out;
898 }
899
900 /*
901 * Ensure that the signature round-trips (Verification isn't supported for
902 * HMAC via EVP_DigestVerify*)
903 */
904 if (tst != 2 && tst != 5 && tst != 8) {
905 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
906 NULL, pkey)))
907 goto out;
908
909 if (tst >= 6) {
910 if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
911 goto out;
912 } else {
913 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
914 sizeof(kMsg))))
915 goto out;
916 }
917 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
918 goto out;
919 }
920
921 ret = 1;
922
923 out:
924 BIO_free(membio);
925 BIO_free(mdbio);
926 EVP_MD_CTX_free(a_md_ctx);
927 EVP_MD_CTX_free(a_md_ctx_verify);
928 EVP_PKEY_free(pkey);
929 OPENSSL_free(sig);
930 EVP_MD_free(mdexp);
931
932 return ret;
933 }
934
935 static int test_EVP_DigestVerifyInit(void)
936 {
937 int ret = 0;
938 EVP_PKEY *pkey = NULL;
939 EVP_MD_CTX *md_ctx = NULL;
940
941 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
942 || !TEST_ptr(pkey = load_example_rsa_key()))
943 goto out;
944
945 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
946 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
947 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
948 sizeof(kSignature))))
949 goto out;
950 ret = 1;
951
952 out:
953 EVP_MD_CTX_free(md_ctx);
954 EVP_PKEY_free(pkey);
955 return ret;
956 }
957
958 /*
959 * Test corner cases of EVP_DigestInit/Update/Final API call behavior.
960 */
961 static int test_EVP_Digest(void)
962 {
963 int ret = 0;
964 EVP_MD_CTX *md_ctx = NULL;
965 unsigned char md[EVP_MAX_MD_SIZE];
966
967 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
968 goto out;
969
970 if (!TEST_true(EVP_DigestInit_ex(md_ctx, EVP_sha256(), NULL))
971 || !TEST_true(EVP_DigestUpdate(md_ctx, kMsg, sizeof(kMsg)))
972 || !TEST_true(EVP_DigestFinal(md_ctx, md, NULL))
973 /* EVP_DigestFinal resets the EVP_MD_CTX. */
974 || !TEST_ptr_eq(EVP_MD_CTX_md(md_ctx), NULL))
975 goto out;
976
977 if (!TEST_true(EVP_DigestInit_ex(md_ctx, EVP_sha256(), NULL))
978 || !TEST_true(EVP_DigestUpdate(md_ctx, kMsg, sizeof(kMsg)))
979 || !TEST_true(EVP_DigestFinal_ex(md_ctx, md, NULL))
980 /* EVP_DigestFinal_ex does not reset the EVP_MD_CTX. */
981 || !TEST_ptr(EVP_MD_CTX_md(md_ctx))
982 /*
983 * EVP_DigestInit_ex with NULL type should work on
984 * pre-initialized context.
985 */
986 || !TEST_true(EVP_DigestInit_ex(md_ctx, NULL, NULL)))
987 goto out;
988
989 if (!TEST_true(EVP_DigestInit_ex(md_ctx, EVP_shake256(), NULL))
990 || !TEST_true(EVP_DigestUpdate(md_ctx, kMsg, sizeof(kMsg)))
991 || !TEST_true(EVP_DigestFinalXOF(md_ctx, md, sizeof(md)))
992 /* EVP_DigestFinalXOF does not reset the EVP_MD_CTX. */
993 || !TEST_ptr(EVP_MD_CTX_md(md_ctx))
994 || !TEST_true(EVP_DigestInit_ex(md_ctx, NULL, NULL)))
995 goto out;
996 ret = 1;
997
998 out:
999 EVP_MD_CTX_free(md_ctx);
1000 return ret;
1001 }
1002
1003 static int test_d2i_AutoPrivateKey(int i)
1004 {
1005 int ret = 0;
1006 const unsigned char *p;
1007 EVP_PKEY *pkey = NULL;
1008 const APK_DATA *ak = &keydata[i];
1009 const unsigned char *input = ak->kder;
1010 size_t input_len = ak->size;
1011 int expected_id = ak->evptype;
1012
1013 p = input;
1014 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1015 || !TEST_ptr_eq(p, input + input_len)
1016 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1017 goto done;
1018
1019 ret = 1;
1020
1021 done:
1022 EVP_PKEY_free(pkey);
1023 return ret;
1024 }
1025
1026 #ifndef OPENSSL_NO_EC
1027
1028 static const unsigned char ec_public_sect163k1_validxy[] = {
1029 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
1030 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
1031 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
1032 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
1033 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
1034 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
1035 };
1036
1037 static const unsigned char ec_public_sect163k1_badx[] = {
1038 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
1039 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
1040 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
1041 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
1042 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
1043 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
1044 };
1045
1046 static const unsigned char ec_public_sect163k1_bady[] = {
1047 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
1048 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
1049 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
1050 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
1051 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
1052 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
1053 };
1054
1055 static struct ec_der_pub_keys_st {
1056 const unsigned char *der;
1057 size_t len;
1058 int valid;
1059 } ec_der_pub_keys[] = {
1060 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
1061 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
1062 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
1063 };
1064
1065 /*
1066 * Tests the range of the decoded EC char2 public point.
1067 * See ec_GF2m_simple_oct2point().
1068 */
1069 static int test_invalide_ec_char2_pub_range_decode(int id)
1070 {
1071 int ret = 0;
1072 EVP_PKEY *pkey;
1073
1074 pkey = load_example_key("EC", ec_der_pub_keys[id].der,
1075 ec_der_pub_keys[id].len);
1076
1077 ret = (ec_der_pub_keys[id].valid && TEST_ptr(pkey))
1078 || TEST_ptr_null(pkey);
1079 EVP_PKEY_free(pkey);
1080 return ret;
1081 }
1082
1083 /* Tests loading a bad key in PKCS8 format */
1084 static int test_EVP_PKCS82PKEY(void)
1085 {
1086 int ret = 0;
1087 const unsigned char *derp = kExampleBadECKeyDER;
1088 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
1089 EVP_PKEY *pkey = NULL;
1090
1091 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
1092 sizeof(kExampleBadECKeyDER))))
1093 goto done;
1094
1095 if (!TEST_ptr_eq(derp,
1096 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
1097 goto done;
1098
1099 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
1100 goto done;
1101
1102 ret = 1;
1103
1104 done:
1105 PKCS8_PRIV_KEY_INFO_free(p8inf);
1106 EVP_PKEY_free(pkey);
1107
1108 return ret;
1109 }
1110 #endif
1111
1112 /* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */
1113 static int test_privatekey_to_pkcs8(void)
1114 {
1115 EVP_PKEY *pkey = NULL;
1116 BIO *membio = NULL;
1117 char *membuf = NULL;
1118 long membuf_len = 0;
1119 int ok = 0;
1120
1121 if (!TEST_ptr(membio = BIO_new(BIO_s_mem()))
1122 || !TEST_ptr(pkey = load_example_rsa_key())
1123 || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL,
1124 NULL, 0, NULL, NULL),
1125 0)
1126 || !TEST_int_gt(membuf_len = BIO_get_mem_data(membio, &membuf), 0)
1127 || !TEST_ptr(membuf)
1128 || !TEST_mem_eq(membuf, (size_t)membuf_len,
1129 kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8))
1130 /*
1131 * We try to write PEM as well, just to see that it doesn't err, but
1132 * assume that the result is correct.
1133 */
1134 || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL,
1135 NULL, 0, NULL, NULL),
1136 0))
1137 goto done;
1138
1139 ok = 1;
1140 done:
1141 EVP_PKEY_free(pkey);
1142 BIO_free_all(membio);
1143 return ok;
1144 }
1145
1146 #ifndef OPENSSL_NO_EC
1147 static const struct {
1148 int encoding;
1149 const char *encoding_name;
1150 } ec_encodings[] = {
1151 { OPENSSL_EC_EXPLICIT_CURVE, OSSL_PKEY_EC_ENCODING_EXPLICIT },
1152 { OPENSSL_EC_NAMED_CURVE, OSSL_PKEY_EC_ENCODING_GROUP }
1153 };
1154
1155 static int ec_export_get_encoding_cb(const OSSL_PARAM params[], void *arg)
1156 {
1157 const OSSL_PARAM *p;
1158 const char *enc_name = NULL;
1159 int *enc = arg;
1160 size_t i;
1161
1162 *enc = -1;
1163
1164 if (!TEST_ptr(p = OSSL_PARAM_locate_const(params,
1165 OSSL_PKEY_PARAM_EC_ENCODING))
1166 || !TEST_true(OSSL_PARAM_get_utf8_string_ptr(p, &enc_name)))
1167 return 0;
1168
1169 for (i = 0; i < OSSL_NELEM(ec_encodings); i++) {
1170 if (strcasecmp(enc_name, ec_encodings[i].encoding_name) == 0) {
1171 *enc = ec_encodings[i].encoding;
1172 break;
1173 }
1174 }
1175
1176 return (*enc != -1);
1177 }
1178
1179 static int test_EC_keygen_with_enc(int idx)
1180 {
1181 EVP_PKEY *params = NULL, *key = NULL;
1182 EVP_PKEY_CTX *pctx = NULL, *kctx = NULL;
1183 int enc;
1184 int ret = 0;
1185
1186 enc = ec_encodings[idx].encoding;
1187
1188 /* Create key parameters */
1189 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "EC", NULL))
1190 || !TEST_true(EVP_PKEY_paramgen_init(pctx))
1191 || !TEST_true(EVP_PKEY_CTX_set_group_name(pctx, "P-256"))
1192 || !TEST_true(EVP_PKEY_CTX_set_ec_param_enc(pctx, enc))
1193 || !TEST_true(EVP_PKEY_paramgen(pctx, &params))
1194 || !TEST_ptr(params))
1195 goto done;
1196
1197 /* Create key */
1198 if (!TEST_ptr(kctx = EVP_PKEY_CTX_new_from_pkey(testctx, params, NULL))
1199 || !TEST_true(EVP_PKEY_keygen_init(kctx))
1200 || !TEST_true(EVP_PKEY_keygen(kctx, &key))
1201 || !TEST_ptr(key))
1202 goto done;
1203
1204 /* Check that the encoding got all the way into the key */
1205 if (!TEST_true(evp_keymgmt_util_export(key, OSSL_KEYMGMT_SELECT_ALL,
1206 ec_export_get_encoding_cb, &enc))
1207 || !TEST_int_eq(enc, ec_encodings[idx].encoding))
1208 goto done;
1209
1210 ret = 1;
1211 done:
1212 EVP_PKEY_free(key);
1213 EVP_PKEY_free(params);
1214 EVP_PKEY_CTX_free(kctx);
1215 EVP_PKEY_CTX_free(pctx);
1216 return ret;
1217 }
1218 #endif
1219
1220 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
1221
1222 static int test_EVP_SM2_verify(void)
1223 {
1224 const char *pubkey =
1225 "-----BEGIN PUBLIC KEY-----\n"
1226 "MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEp1KLWq1ZE2jmoAnnBJE1LBGxVr18\n"
1227 "YvvqECWCpXfAQ9qUJ+UmthnUPf0iM3SaXKHe6PlLIDyNlWMWb9RUh/yU3g==\n"
1228 "-----END PUBLIC KEY-----\n";
1229
1230 const char *msg = "message digest";
1231 const char *id = "ALICE123@YAHOO.COM";
1232
1233 const uint8_t signature[] = {
1234 0x30, 0x44, 0x02, 0x20, 0x5b, 0xdb, 0xab, 0x81, 0x4f, 0xbb,
1235 0x8b, 0x69, 0xb1, 0x05, 0x9c, 0x99, 0x3b, 0xb2, 0x45, 0x06,
1236 0x4a, 0x30, 0x15, 0x59, 0x84, 0xcd, 0xee, 0x30, 0x60, 0x36,
1237 0x57, 0x87, 0xef, 0x5c, 0xd0, 0xbe, 0x02, 0x20, 0x43, 0x8d,
1238 0x1f, 0xc7, 0x77, 0x72, 0x39, 0xbb, 0x72, 0xe1, 0xfd, 0x07,
1239 0x58, 0xd5, 0x82, 0xc8, 0x2d, 0xba, 0x3b, 0x2c, 0x46, 0x24,
1240 0xe3, 0x50, 0xff, 0x04, 0xc7, 0xa0, 0x71, 0x9f, 0xa4, 0x70
1241 };
1242
1243 int rc = 0;
1244 BIO *bio = NULL;
1245 EVP_PKEY *pkey = NULL;
1246 EVP_MD_CTX *mctx = NULL;
1247 EVP_PKEY_CTX *pctx = NULL;
1248
1249 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
1250 if (!TEST_true(bio != NULL))
1251 goto done;
1252
1253 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
1254 if (!TEST_true(pkey != NULL))
1255 goto done;
1256
1257 if (!TEST_true(EVP_PKEY_is_a(pkey, "SM2")))
1258 goto done;
1259
1260 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
1261 goto done;
1262
1263 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
1264 goto done;
1265
1266 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
1267
1268 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
1269 goto done;
1270
1271 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, id, strlen(id)), 0))
1272 goto done;
1273
1274 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
1275 goto done;
1276
1277 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
1278 goto done;
1279 rc = 1;
1280
1281 done:
1282 BIO_free(bio);
1283 EVP_PKEY_free(pkey);
1284 EVP_PKEY_CTX_free(pctx);
1285 EVP_MD_CTX_free(mctx);
1286 return rc;
1287 }
1288
1289 static int test_EVP_SM2(void)
1290 {
1291 int ret = 0;
1292 EVP_PKEY *pkey = NULL;
1293 EVP_PKEY *pkeyparams = NULL;
1294 EVP_PKEY_CTX *pctx = NULL;
1295 EVP_PKEY_CTX *kctx = NULL;
1296 EVP_PKEY_CTX *sctx = NULL;
1297 size_t sig_len = 0;
1298 unsigned char *sig = NULL;
1299 EVP_MD_CTX *md_ctx = NULL;
1300 EVP_MD_CTX *md_ctx_verify = NULL;
1301 EVP_PKEY_CTX *cctx = NULL;
1302
1303 uint8_t ciphertext[128];
1304 size_t ctext_len = sizeof(ciphertext);
1305
1306 uint8_t plaintext[8];
1307 size_t ptext_len = sizeof(plaintext);
1308
1309 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
1310
1311 OSSL_PARAM sparams[2] = {OSSL_PARAM_END, OSSL_PARAM_END};
1312 OSSL_PARAM gparams[2] = {OSSL_PARAM_END, OSSL_PARAM_END};
1313 int i;
1314 char mdname[20];
1315
1316 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);
1317 if (!TEST_ptr(pctx))
1318 goto done;
1319
1320 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
1321 goto done;
1322
1323 /* TODO is this even needed? */
1324 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
1325 goto done;
1326
1327 if (!TEST_true(EVP_PKEY_paramgen(pctx, &pkeyparams)))
1328 goto done;
1329
1330 kctx = EVP_PKEY_CTX_new(pkeyparams, NULL);
1331 if (!TEST_ptr(kctx))
1332 goto done;
1333
1334 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
1335 goto done;
1336
1337 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
1338 goto done;
1339
1340 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
1341 goto done;
1342
1343 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
1344 goto done;
1345
1346 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
1347 goto done;
1348
1349 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
1350 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
1351
1352 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
1353 goto done;
1354
1355 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1356 goto done;
1357
1358 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
1359 goto done;
1360
1361 /* Determine the size of the signature. */
1362 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
1363 goto done;
1364
1365 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
1366 goto done;
1367
1368 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
1369 goto done;
1370
1371 /* Ensure that the signature round-trips. */
1372
1373 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
1374 goto done;
1375
1376 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1377 goto done;
1378
1379 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
1380 goto done;
1381
1382 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
1383 goto done;
1384
1385 /* now check encryption/decryption */
1386
1387 gparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_DIGEST,
1388 mdname, sizeof(mdname));
1389 for (i = 0; i < 2; i++) {
1390 EVP_PKEY_CTX_free(cctx);
1391
1392 sparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_DIGEST,
1393 i == 0 ? "SM3" : "SHA2-256",
1394 0);
1395
1396 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
1397 goto done;
1398
1399 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
1400 goto done;
1401
1402 if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))
1403 goto done;
1404
1405 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg,
1406 sizeof(kMsg))))
1407 goto done;
1408
1409 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
1410 goto done;
1411
1412 if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))
1413 goto done;
1414
1415 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext,
1416 ctext_len)))
1417 goto done;
1418
1419 if (!TEST_true(EVP_PKEY_CTX_get_params(cctx, gparams)))
1420 goto done;
1421
1422 /* Test we're still using the digest we think we are */
1423 if (i == 0 && !TEST_int_eq(strcmp(mdname, "SM3"), 0))
1424 goto done;
1425 if (i == 1 && !TEST_int_eq(strcmp(mdname, "SHA2-256"), 0))
1426 goto done;
1427
1428 if (!TEST_true(ptext_len == sizeof(kMsg)))
1429 goto done;
1430
1431 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
1432 goto done;
1433 }
1434
1435 ret = 1;
1436 done:
1437 EVP_PKEY_CTX_free(pctx);
1438 EVP_PKEY_CTX_free(kctx);
1439 EVP_PKEY_CTX_free(sctx);
1440 EVP_PKEY_CTX_free(cctx);
1441 EVP_PKEY_free(pkey);
1442 EVP_PKEY_free(pkeyparams);
1443 EVP_MD_CTX_free(md_ctx);
1444 EVP_MD_CTX_free(md_ctx_verify);
1445 OPENSSL_free(sig);
1446 return ret;
1447 }
1448
1449 #endif
1450
1451 static struct keys_st {
1452 int type;
1453 char *priv;
1454 char *pub;
1455 } keys[] = {
1456 {
1457 EVP_PKEY_HMAC, "0123456789", NULL
1458 }, {
1459 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
1460 }, {
1461 EVP_PKEY_SIPHASH, "0123456789012345", NULL
1462 },
1463 #ifndef OPENSSL_NO_EC
1464 {
1465 EVP_PKEY_X25519, "01234567890123456789012345678901",
1466 "abcdefghijklmnopqrstuvwxyzabcdef"
1467 }, {
1468 EVP_PKEY_ED25519, "01234567890123456789012345678901",
1469 "abcdefghijklmnopqrstuvwxyzabcdef"
1470 }, {
1471 EVP_PKEY_X448,
1472 "01234567890123456789012345678901234567890123456789012345",
1473 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
1474 }, {
1475 EVP_PKEY_ED448,
1476 "012345678901234567890123456789012345678901234567890123456",
1477 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
1478 }
1479 #endif
1480 };
1481
1482 static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
1483 {
1484 int ret = 0;
1485 unsigned char buf[80];
1486 unsigned char *in;
1487 size_t inlen, len = 0;
1488 EVP_PKEY *pkey;
1489
1490 /* Check if this algorithm supports public keys */
1491 if (keys[tst].pub == NULL)
1492 return 1;
1493
1494 memset(buf, 0, sizeof(buf));
1495
1496 if (pub) {
1497 inlen = strlen(keys[tst].pub);
1498 in = (unsigned char *)keys[tst].pub;
1499 if (uselibctx) {
1500 pkey = EVP_PKEY_new_raw_public_key_ex(
1501 testctx,
1502 OBJ_nid2sn(keys[tst].type),
1503 NULL,
1504 in,
1505 inlen);
1506 } else {
1507 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
1508 NULL,
1509 in,
1510 inlen);
1511 }
1512 } else {
1513 inlen = strlen(keys[tst].priv);
1514 in = (unsigned char *)keys[tst].priv;
1515 if (uselibctx) {
1516 pkey = EVP_PKEY_new_raw_private_key_ex(
1517 testctx, OBJ_nid2sn(keys[tst].type),
1518 NULL,
1519 in,
1520 inlen);
1521 } else {
1522 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1523 NULL,
1524 in,
1525 inlen);
1526 }
1527 }
1528
1529 if (!TEST_ptr(pkey)
1530 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1531 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1532 || !TEST_true(len == inlen)
1533 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1534 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1535 || !TEST_mem_eq(in, inlen, buf, len))
1536 goto done;
1537
1538 ret = 1;
1539 done:
1540 EVP_PKEY_free(pkey);
1541 return ret;
1542 }
1543
1544 static int test_set_get_raw_keys(int tst)
1545 {
1546 return test_set_get_raw_keys_int(tst, 0, 0)
1547 && test_set_get_raw_keys_int(tst, 0, 1)
1548 && test_set_get_raw_keys_int(tst, 1, 0)
1549 && test_set_get_raw_keys_int(tst, 1, 1);
1550 }
1551
1552 #ifndef OPENSSL_NO_DEPRECATED_3_0
1553 static int pkey_custom_check(EVP_PKEY *pkey)
1554 {
1555 return 0xbeef;
1556 }
1557
1558 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1559 {
1560 return 0xbeef;
1561 }
1562
1563 static int pkey_custom_param_check(EVP_PKEY *pkey)
1564 {
1565 return 0xbeef;
1566 }
1567
1568 static EVP_PKEY_METHOD *custom_pmeth;
1569 #endif
1570
1571 static int test_EVP_PKEY_check(int i)
1572 {
1573 int ret = 0;
1574 EVP_PKEY *pkey = NULL;
1575 EVP_PKEY_CTX *ctx = NULL;
1576 #ifndef OPENSSL_NO_DEPRECATED_3_0
1577 EVP_PKEY_CTX *ctx2 = NULL;
1578 #endif
1579 const APK_DATA *ak = &keycheckdata[i];
1580 const unsigned char *input = ak->kder;
1581 size_t input_len = ak->size;
1582 int expected_id = ak->evptype;
1583 int expected_check = ak->check;
1584 int expected_pub_check = ak->pub_check;
1585 int expected_param_check = ak->param_check;
1586 int type = ak->type;
1587
1588 if (!TEST_ptr(pkey = load_example_key(ak->keytype, input, input_len)))
1589 goto done;
1590 if (type == 0
1591 && !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1592 goto done;
1593
1594 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1595 goto done;
1596
1597 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1598 goto done;
1599
1600 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1601 goto done;
1602
1603 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1604 goto done;
1605
1606 #ifndef OPENSSL_NO_DEPRECATED_3_0
1607 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1608 /* assign the pkey directly, as an internal test */
1609 EVP_PKEY_up_ref(pkey);
1610 ctx2->pkey = pkey;
1611
1612 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1613 goto done;
1614
1615 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1616 goto done;
1617
1618 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1619 goto done;
1620 #endif
1621
1622 ret = 1;
1623
1624 done:
1625 EVP_PKEY_CTX_free(ctx);
1626 #ifndef OPENSSL_NO_DEPRECATED_3_0
1627 EVP_PKEY_CTX_free(ctx2);
1628 #endif
1629 EVP_PKEY_free(pkey);
1630 return ret;
1631 }
1632
1633 #ifndef OPENSSL_NO_CMAC
1634 static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
1635 {
1636 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
1637 const char msg[] = "Hello World";
1638 size_t maclen;
1639 int ret = 1;
1640
1641 if (!TEST_ptr(mdctx)
1642 || !TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey))
1643 || !TEST_true(EVP_DigestSignUpdate(mdctx, msg, sizeof(msg)))
1644 || !TEST_true(EVP_DigestSignFinal(mdctx, mac, &maclen))
1645 || !TEST_size_t_eq(maclen, AES_BLOCK_SIZE))
1646 ret = 0;
1647
1648 EVP_MD_CTX_free(mdctx);
1649
1650 return ret;
1651 }
1652 static int test_CMAC_keygen(void)
1653 {
1654 static unsigned char key[] = {
1655 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1656 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1657 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
1658 };
1659 /*
1660 * This is a legacy method for CMACs, but should still work.
1661 * This verifies that it works without an ENGINE.
1662 */
1663 EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
1664 int ret = 0;
1665 EVP_PKEY *pkey = NULL;
1666 unsigned char mac[AES_BLOCK_SIZE];
1667 # if !defined(OPENSSL_NO_DEPRECATED_3_0)
1668 unsigned char mac2[AES_BLOCK_SIZE];
1669 # endif
1670
1671 /* Test a CMAC key created using the "generated" method */
1672 if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1673 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1674 EVP_PKEY_CTRL_CIPHER,
1675 0, (void *)EVP_aes_256_ecb()), 0)
1676 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1677 EVP_PKEY_CTRL_SET_MAC_KEY,
1678 sizeof(key), (void *)key), 0)
1679 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)
1680 || !TEST_ptr(pkey)
1681 || !TEST_true(get_cmac_val(pkey, mac)))
1682 goto done;
1683
1684 # if !defined(OPENSSL_NO_DEPRECATED_3_0)
1685 EVP_PKEY_free(pkey);
1686
1687 /*
1688 * Test a CMAC key using the direct method, and compare with the mac
1689 * created above.
1690 */
1691 pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), EVP_aes_256_ecb());
1692 if (!TEST_ptr(pkey)
1693 || !TEST_true(get_cmac_val(pkey, mac2))
1694 || !TEST_mem_eq(mac, sizeof(mac), mac2, sizeof(mac2)))
1695 goto done;
1696 # endif
1697
1698 ret = 1;
1699
1700 done:
1701 EVP_PKEY_free(pkey);
1702 EVP_PKEY_CTX_free(kctx);
1703 return ret;
1704 }
1705 #endif
1706
1707 static int test_HKDF(void)
1708 {
1709 EVP_PKEY_CTX *pctx;
1710 unsigned char out[20];
1711 size_t outlen;
1712 int i, ret = 0;
1713 unsigned char salt[] = "0123456789";
1714 unsigned char key[] = "012345678901234567890123456789";
1715 unsigned char info[] = "infostring";
1716 const unsigned char expected[] = {
1717 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1718 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1719 };
1720 size_t expectedlen = sizeof(expected);
1721
1722 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1723 goto done;
1724
1725 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1726 for (i = 0; i < 2; i++) {
1727 outlen = sizeof(out);
1728 memset(out, 0, outlen);
1729
1730 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1731 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1732 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1733 sizeof(salt) - 1), 0)
1734 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1735 sizeof(key) - 1), 0)
1736 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1737 sizeof(info) - 1), 0)
1738 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1739 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1740 goto done;
1741 }
1742
1743 ret = 1;
1744
1745 done:
1746 EVP_PKEY_CTX_free(pctx);
1747
1748 return ret;
1749 }
1750
1751 static int test_emptyikm_HKDF(void)
1752 {
1753 EVP_PKEY_CTX *pctx;
1754 unsigned char out[20];
1755 size_t outlen;
1756 int ret = 0;
1757 unsigned char salt[] = "9876543210";
1758 unsigned char key[] = "";
1759 unsigned char info[] = "stringinfo";
1760 const unsigned char expected[] = {
1761 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47,
1762 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30
1763 };
1764 size_t expectedlen = sizeof(expected);
1765
1766 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1767 goto done;
1768
1769 outlen = sizeof(out);
1770 memset(out, 0, outlen);
1771
1772 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1773 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1774 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1775 sizeof(salt) - 1), 0)
1776 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1777 sizeof(key) - 1), 0)
1778 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1779 sizeof(info) - 1), 0)
1780 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1781 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1782 goto done;
1783
1784 ret = 1;
1785
1786 done:
1787 EVP_PKEY_CTX_free(pctx);
1788
1789 return ret;
1790 }
1791
1792 #ifndef OPENSSL_NO_EC
1793 static int test_X509_PUBKEY_inplace(void)
1794 {
1795 int ret = 0;
1796 X509_PUBKEY *xp = NULL;
1797 const unsigned char *p = kExampleECPubKeyDER;
1798 size_t input_len = sizeof(kExampleECPubKeyDER);
1799
1800 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1801 goto done;
1802
1803 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1804 goto done;
1805
1806 p = kExampleBadECPubKeyDER;
1807 input_len = sizeof(kExampleBadECPubKeyDER);
1808
1809 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1810 goto done;
1811
1812 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1813 goto done;
1814
1815 ret = 1;
1816
1817 done:
1818 X509_PUBKEY_free(xp);
1819 return ret;
1820 }
1821 #endif /* OPENSSL_NO_EC */
1822
1823 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1824 static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
1825 {
1826 EVP_MD_CTX *mdctx = NULL;
1827 EVP_PKEY_CTX *ctx = NULL;
1828 const OSSL_PARAM *params;
1829 OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
1830 int ret = 0;
1831 const EVP_MD *md;
1832 char mdname[OSSL_MAX_NAME_SIZE];
1833 char ssl3ms[48];
1834
1835 /* Initialise a sign operation */
1836 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1837 if (!TEST_ptr(ctx)
1838 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1839 goto err;
1840
1841 /*
1842 * We should be able to query the parameters now.
1843 */
1844 params = EVP_PKEY_CTX_settable_params(ctx);
1845 if (!TEST_ptr(params)
1846 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1847 OSSL_SIGNATURE_PARAM_DIGEST)))
1848 goto err;
1849
1850 params = EVP_PKEY_CTX_gettable_params(ctx);
1851 if (!TEST_ptr(params)
1852 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1853 OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
1854 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1855 OSSL_SIGNATURE_PARAM_DIGEST)))
1856 goto err;
1857
1858 /*
1859 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1860 * EVP_PKEY_CTX_get_params()
1861 */
1862 strcpy(mdname, "SHA512");
1863 param_md = param;
1864 *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1865 mdname, 0);
1866 *param++ = OSSL_PARAM_construct_end();
1867
1868 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1869 goto err;
1870
1871 mdname[0] = '\0';
1872 *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1873 mdname, sizeof(mdname));
1874 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1875 || !TEST_str_eq(mdname, "SHA512"))
1876 goto err;
1877
1878 /*
1879 * Test the TEST_PKEY_CTX_set_signature_md() and
1880 * TEST_PKEY_CTX_get_signature_md() functions
1881 */
1882 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1883 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1884 || !TEST_ptr_eq(md, EVP_sha256()))
1885 goto err;
1886
1887 /*
1888 * Test getting MD parameters via an associated EVP_PKEY_CTX
1889 */
1890 mdctx = EVP_MD_CTX_new();
1891 if (!TEST_ptr(mdctx)
1892 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, NULL,
1893 pkey)))
1894 goto err;
1895
1896 /*
1897 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1898 * able to obtain the digest's settable parameters from the provider.
1899 */
1900 params = EVP_MD_CTX_settable_params(mdctx);
1901 if (!TEST_ptr(params)
1902 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1903 /* The final key should be NULL */
1904 || !TEST_ptr_null(params[1].key))
1905 goto err;
1906
1907 param = ourparams;
1908 memset(ssl3ms, 0, sizeof(ssl3ms));
1909 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1910 ssl3ms, sizeof(ssl3ms));
1911 *param++ = OSSL_PARAM_construct_end();
1912
1913 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1914 goto err;
1915
1916 ret = 1;
1917
1918 err:
1919 EVP_MD_CTX_free(mdctx);
1920 EVP_PKEY_CTX_free(ctx);
1921
1922 return ret;
1923 }
1924
1925 #ifndef OPENSSL_NO_DSA
1926 static int test_DSA_get_set_params(void)
1927 {
1928 OSSL_PARAM_BLD *bld = NULL;
1929 OSSL_PARAM *params = NULL;
1930 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1931 EVP_PKEY_CTX *pctx = NULL;
1932 EVP_PKEY *pkey = NULL;
1933 int ret = 0;
1934
1935 /*
1936 * Setup the parameters for our DSA object. For our purposes they don't
1937 * have to actually be *valid* parameters. We just need to set something.
1938 */
1939 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "DSA", NULL))
1940 || !TEST_ptr(bld = OSSL_PARAM_BLD_new())
1941 || !TEST_ptr(p = BN_new())
1942 || !TEST_ptr(q = BN_new())
1943 || !TEST_ptr(g = BN_new())
1944 || !TEST_ptr(pub = BN_new())
1945 || !TEST_ptr(priv = BN_new()))
1946 goto err;
1947 if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1948 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1949 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1950 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1951 pub))
1952 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1953 priv)))
1954 goto err;
1955 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
1956 goto err;
1957
1958 if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
1959 || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
1960 params), 0))
1961 goto err;
1962
1963 if (!TEST_ptr(pkey))
1964 goto err;
1965
1966 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1967
1968 err:
1969 EVP_PKEY_free(pkey);
1970 EVP_PKEY_CTX_free(pctx);
1971 OSSL_PARAM_BLD_free_params(params);
1972 OSSL_PARAM_BLD_free(bld);
1973 BN_free(p);
1974 BN_free(q);
1975 BN_free(g);
1976 BN_free(pub);
1977 BN_free(priv);
1978
1979 return ret;
1980 }
1981
1982 /*
1983 * Test combinations of private, public, missing and private + public key
1984 * params to ensure they are all accepted
1985 */
1986 static int test_DSA_priv_pub(void)
1987 {
1988 return test_EVP_PKEY_ffc_priv_pub("DSA");
1989 }
1990
1991 #endif /* !OPENSSL_NO_DSA */
1992
1993 static int test_RSA_get_set_params(void)
1994 {
1995 OSSL_PARAM_BLD *bld = NULL;
1996 OSSL_PARAM *params = NULL;
1997 BIGNUM *n = NULL, *e = NULL, *d = NULL;
1998 EVP_PKEY_CTX *pctx = NULL;
1999 EVP_PKEY *pkey = NULL;
2000 int ret = 0;
2001
2002 /*
2003 * Setup the parameters for our RSA object. For our purposes they don't
2004 * have to actually be *valid* parameters. We just need to set something.
2005 */
2006 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "RSA", NULL))
2007 || !TEST_ptr(bld = OSSL_PARAM_BLD_new())
2008 || !TEST_ptr(n = BN_new())
2009 || !TEST_ptr(e = BN_new())
2010 || !TEST_ptr(d = BN_new()))
2011 goto err;
2012 if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
2013 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
2014 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d)))
2015 goto err;
2016 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
2017 goto err;
2018
2019 if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
2020 || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
2021 params), 0))
2022 goto err;
2023
2024 if (!TEST_ptr(pkey))
2025 goto err;
2026
2027 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
2028
2029 err:
2030 EVP_PKEY_free(pkey);
2031 EVP_PKEY_CTX_free(pctx);
2032 OSSL_PARAM_BLD_free_params(params);
2033 OSSL_PARAM_BLD_free(bld);
2034 BN_free(n);
2035 BN_free(e);
2036 BN_free(d);
2037
2038 return ret;
2039 }
2040
2041 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2042 static int test_decrypt_null_chunks(void)
2043 {
2044 EVP_CIPHER_CTX* ctx = NULL;
2045 const unsigned char key[32] = {
2046 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
2047 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
2048 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
2049 };
2050 unsigned char iv[12] = {
2051 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
2052 };
2053 unsigned char msg[] = "It was the best of times, it was the worst of times";
2054 unsigned char ciphertext[80];
2055 unsigned char plaintext[80];
2056 /* We initialise tmp to a non zero value on purpose */
2057 int ctlen, ptlen, tmp = 99;
2058 int ret = 0;
2059 const int enc_offset = 10, dec_offset = 20;
2060
2061 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
2062 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
2063 key, iv))
2064 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
2065 enc_offset))
2066 /* Deliberate add a zero length update */
2067 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
2068 0))
2069 || !TEST_int_eq(tmp, 0)
2070 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
2071 msg + enc_offset,
2072 sizeof(msg) - enc_offset))
2073 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
2074 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
2075 || !TEST_int_eq(tmp, 0))
2076 goto err;
2077
2078 /* Deliberately initialise tmp to a non zero value */
2079 tmp = 99;
2080 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
2081 iv))
2082 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
2083 dec_offset))
2084 /*
2085 * Deliberately add a zero length update. We also deliberately do
2086 * this at a different offset than for encryption.
2087 */
2088 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
2089 0))
2090 || !TEST_int_eq(tmp, 0)
2091 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
2092 ciphertext + dec_offset,
2093 ctlen - dec_offset))
2094 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
2095 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
2096 || !TEST_int_eq(tmp, 0)
2097 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
2098 goto err;
2099
2100 ret = 1;
2101 err:
2102 EVP_CIPHER_CTX_free(ctx);
2103 return ret;
2104 }
2105 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
2106
2107 #ifndef OPENSSL_NO_DH
2108 /*
2109 * Test combinations of private, public, missing and private + public key
2110 * params to ensure they are all accepted
2111 */
2112 static int test_DH_priv_pub(void)
2113 {
2114 return test_EVP_PKEY_ffc_priv_pub("DH");
2115 }
2116
2117 # ifndef OPENSSL_NO_DEPRECATED_3_0
2118 static int test_EVP_PKEY_set1_DH(void)
2119 {
2120 DH *x942dh = NULL, *noqdh = NULL;
2121 EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
2122 int ret = 0;
2123 BIGNUM *p, *g = NULL;
2124
2125 if (!TEST_ptr(p = BN_new())
2126 || !TEST_ptr(g = BN_new())
2127 || !BN_set_word(p, 9999)
2128 || !BN_set_word(g, 2)
2129 || !TEST_ptr(noqdh = DH_new())
2130 || !DH_set0_pqg(noqdh, p, NULL, g))
2131 goto err;
2132 p = g = NULL;
2133
2134 x942dh = DH_get_2048_256();
2135 pkey1 = EVP_PKEY_new();
2136 pkey2 = EVP_PKEY_new();
2137 if (!TEST_ptr(x942dh)
2138 || !TEST_ptr(noqdh)
2139 || !TEST_ptr(pkey1)
2140 || !TEST_ptr(pkey2))
2141 goto err;
2142
2143 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
2144 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
2145 goto err;
2146
2147 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh))
2148 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
2149 goto err;
2150
2151 ret = 1;
2152 err:
2153 BN_free(p);
2154 BN_free(g);
2155 EVP_PKEY_free(pkey1);
2156 EVP_PKEY_free(pkey2);
2157 DH_free(x942dh);
2158 DH_free(noqdh);
2159
2160 return ret;
2161 }
2162 # endif /* !OPENSSL_NO_DEPRECATED_3_0 */
2163 #endif /* !OPENSSL_NO_DH */
2164
2165 /*
2166 * We test what happens with an empty template. For the sake of this test,
2167 * the template must be ignored, and we know that's the case for RSA keys
2168 * (this might arguably be a misfeature, but that's what we currently do,
2169 * even in provider code, since that's how the legacy RSA implementation
2170 * does things)
2171 */
2172 static int test_keygen_with_empty_template(int n)
2173 {
2174 EVP_PKEY_CTX *ctx = NULL;
2175 EVP_PKEY *pkey = NULL;
2176 EVP_PKEY *tkey = NULL;
2177 int ret = 0;
2178
2179 switch (n) {
2180 case 0:
2181 /* We do test with no template at all as well */
2182 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)))
2183 goto err;
2184 break;
2185 case 1:
2186 /* Here we create an empty RSA key that serves as our template */
2187 if (!TEST_ptr(tkey = EVP_PKEY_new())
2188 || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA))
2189 || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL)))
2190 goto err;
2191 break;
2192 }
2193
2194 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
2195 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
2196 goto err;
2197
2198 ret = 1;
2199 err:
2200 EVP_PKEY_CTX_free(ctx);
2201 EVP_PKEY_free(pkey);
2202 EVP_PKEY_free(tkey);
2203 return ret;
2204 }
2205
2206 /*
2207 * Test that we fail if we attempt to use an algorithm that is not available
2208 * in the current library context (unless we are using an algorithm that
2209 * should be made available via legacy codepaths).
2210 *
2211 * 0: RSA
2212 * 1: SM2
2213 */
2214 static int test_pkey_ctx_fail_without_provider(int tst)
2215 {
2216 OSSL_LIB_CTX *tmpctx = OSSL_LIB_CTX_new();
2217 OSSL_PROVIDER *nullprov = NULL;
2218 EVP_PKEY_CTX *pctx = NULL;
2219 const char *keytype = NULL;
2220 int expect_null = 0;
2221 int ret = 0;
2222
2223 if (!TEST_ptr(tmpctx))
2224 goto err;
2225
2226 nullprov = OSSL_PROVIDER_load(tmpctx, "null");
2227 if (!TEST_ptr(nullprov))
2228 goto err;
2229
2230 /*
2231 * We check for certain algos in the null provider.
2232 * If an algo is expected to have a provider keymgmt, contructing an
2233 * EVP_PKEY_CTX is expected to fail (return NULL).
2234 * Otherwise, if it's expected to have legacy support, contructing an
2235 * EVP_PKEY_CTX is expected to succeed (return non-NULL).
2236 */
2237 switch (tst) {
2238 case 0:
2239 keytype = "RSA";
2240 expect_null = 1;
2241 break;
2242 case 1:
2243 keytype = "SM2";
2244 expect_null = 1;
2245 #ifdef OPENSSL_NO_EC
2246 TEST_info("EC disable, skipping SM2 check...");
2247 goto end;
2248 #endif
2249 #ifdef OPENSSL_NO_SM2
2250 TEST_info("SM2 disable, skipping SM2 check...");
2251 goto end;
2252 #endif
2253 break;
2254 default:
2255 TEST_error("No test for case %d", tst);
2256 goto err;
2257 }
2258
2259 pctx = EVP_PKEY_CTX_new_from_name(tmpctx, keytype, "");
2260 if (expect_null ? !TEST_ptr_null(pctx) : !TEST_ptr(pctx))
2261 goto err;
2262
2263 #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_SM2)
2264 end:
2265 #endif
2266 ret = 1;
2267
2268 err:
2269 EVP_PKEY_CTX_free(pctx);
2270 OSSL_PROVIDER_unload(nullprov);
2271 OSSL_LIB_CTX_free(tmpctx);
2272 return ret;
2273 }
2274
2275 static int test_rand_agglomeration(void)
2276 {
2277 EVP_RAND *rand;
2278 EVP_RAND_CTX *ctx;
2279 OSSL_PARAM params[3], *p = params;
2280 int res;
2281 unsigned int step = 7;
2282 static unsigned char seed[] = "It does not matter how slowly you go "
2283 "as long as you do not stop.";
2284 unsigned char out[sizeof(seed)];
2285
2286 if (!TEST_int_ne(sizeof(seed) % step, 0)
2287 || !TEST_ptr(rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL)))
2288 return 0;
2289 ctx = EVP_RAND_CTX_new(rand, NULL);
2290 EVP_RAND_free(rand);
2291 if (!TEST_ptr(ctx))
2292 return 0;
2293
2294 memset(out, 0, sizeof(out));
2295 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
2296 seed, sizeof(seed));
2297 *p++ = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_MAX_REQUEST, &step);
2298 *p = OSSL_PARAM_construct_end();
2299 res = TEST_true(EVP_RAND_set_ctx_params(ctx, params))
2300 && TEST_true(EVP_RAND_generate(ctx, out, sizeof(out), 0, 1, NULL, 0))
2301 && TEST_mem_eq(seed, sizeof(seed), out, sizeof(out));
2302 EVP_RAND_CTX_free(ctx);
2303 return res;
2304 }
2305
2306 /*
2307 * Test that we correctly return the original or "running" IV after
2308 * an encryption operation.
2309 * Run multiple times for some different relevant algorithms/modes.
2310 */
2311 static int test_evp_iv(int idx)
2312 {
2313 int ret = 0;
2314 EVP_CIPHER_CTX *ctx = NULL;
2315 unsigned char key[16] = {0x4c, 0x43, 0xdb, 0xdd, 0x42, 0x73, 0x47, 0xd1,
2316 0xe5, 0x62, 0x7d, 0xcd, 0x4d, 0x76, 0x4d, 0x57};
2317 unsigned char init_iv[EVP_MAX_IV_LENGTH] =
2318 {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82,
2319 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34};
2320 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8,
2321 9, 10, 11, 12, 13, 14, 15, 16 };
2322 unsigned char ciphertext[32], oiv[16], iv[16];
2323 unsigned char *ref_iv;
2324 unsigned char cbc_state[16] = {0x10, 0x2f, 0x05, 0xcc, 0xc2, 0x55, 0x72, 0xb9,
2325 0x88, 0xe6, 0x4a, 0x17, 0x10, 0x74, 0x22, 0x5e};
2326
2327 unsigned char ofb_state[16] = {0x76, 0xe6, 0x66, 0x61, 0xd0, 0x8a, 0xe4, 0x64,
2328 0xdd, 0x66, 0xbf, 0x00, 0xf0, 0xe3, 0x6f, 0xfd};
2329 unsigned char gcm_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2330 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2331 unsigned char ccm_state[7] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98};
2332 #ifndef OPENSSL_NO_OCB
2333 unsigned char ocb_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2334 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2335 #endif
2336 int len = sizeof(ciphertext);
2337 size_t ivlen, ref_len;
2338 const EVP_CIPHER *type = NULL;
2339
2340 switch(idx) {
2341 case 0:
2342 type = EVP_aes_128_cbc();
2343 /* FALLTHROUGH */
2344 case 5:
2345 type = (type != NULL) ? type :
2346 EVP_CIPHER_fetch(testctx, "aes-128-cbc", NULL);
2347 ref_iv = cbc_state;
2348 ref_len = sizeof(cbc_state);
2349 break;
2350 case 1:
2351 type = EVP_aes_128_ofb();
2352 /* FALLTHROUGH */
2353 case 6:
2354 type = (type != NULL) ? type :
2355 EVP_CIPHER_fetch(testctx, "aes-128-ofb", NULL);
2356 ref_iv = ofb_state;
2357 ref_len = sizeof(ofb_state);
2358 break;
2359 case 2:
2360 type = EVP_aes_128_gcm();
2361 /* FALLTHROUGH */
2362 case 7:
2363 type = (type != NULL) ? type :
2364 EVP_CIPHER_fetch(testctx, "aes-128-gcm", NULL);
2365 ref_iv = gcm_state;
2366 ref_len = sizeof(gcm_state);
2367 break;
2368 case 3:
2369 type = EVP_aes_128_ccm();
2370 /* FALLTHROUGH */
2371 case 8:
2372 type = (type != NULL) ? type :
2373 EVP_CIPHER_fetch(testctx, "aes-128-ccm", NULL);
2374 ref_iv = ccm_state;
2375 ref_len = sizeof(ccm_state);
2376 break;
2377 #ifdef OPENSSL_NO_OCB
2378 case 4:
2379 case 9:
2380 return 1;
2381 #else
2382 case 4:
2383 type = EVP_aes_128_ocb();
2384 /* FALLTHROUGH */
2385 case 9:
2386 type = (type != NULL) ? type :
2387 EVP_CIPHER_fetch(testctx, "aes-128-ocb", NULL);
2388 ref_iv = ocb_state;
2389 ref_len = sizeof(ocb_state);
2390 break;
2391 #endif
2392 default:
2393 return 0;
2394 }
2395
2396 if (!TEST_ptr(type)
2397 || !TEST_ptr((ctx = EVP_CIPHER_CTX_new()))
2398 || !TEST_true(EVP_EncryptInit_ex(ctx, type, NULL, key, init_iv))
2399 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &len, msg,
2400 (int)sizeof(msg)))
2401 || !TEST_true(EVP_CIPHER_CTX_get_original_iv(ctx, oiv, sizeof(oiv)))
2402 || !TEST_true(EVP_CIPHER_CTX_get_updated_iv(ctx, iv, sizeof(iv)))
2403 || !TEST_true(EVP_EncryptFinal_ex(ctx, ciphertext, &len)))
2404 goto err;
2405 ivlen = EVP_CIPHER_CTX_iv_length(ctx);
2406 if (!TEST_mem_eq(init_iv, ivlen, oiv, ivlen)
2407 || !TEST_mem_eq(ref_iv, ref_len, iv, ivlen))
2408 goto err;
2409
2410 ret = 1;
2411 err:
2412 EVP_CIPHER_CTX_free(ctx);
2413 if (idx >= 5)
2414 EVP_CIPHER_free((EVP_CIPHER *)type);
2415 return ret;
2416 }
2417
2418 #ifndef OPENSSL_NO_EC
2419 static int ecpub_nids[] = { NID_brainpoolP256r1, NID_X9_62_prime256v1,
2420 NID_secp384r1, NID_secp521r1, NID_sect233k1, NID_sect233r1, NID_sect283r1,
2421 NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1,
2422 NID_brainpoolP384r1, NID_brainpoolP512r1};
2423
2424 static int test_ecpub(int idx)
2425 {
2426 int ret = 0, len, savelen;
2427 int nid;
2428 unsigned char buf[1024];
2429 unsigned char *p;
2430 EVP_PKEY *pkey = NULL;
2431 EVP_PKEY_CTX *ctx = NULL;
2432 # ifndef OPENSSL_NO_DEPRECATED_3_0
2433 const unsigned char *q;
2434 EVP_PKEY *pkey2 = NULL;
2435 EC_KEY *ec = NULL;
2436 # endif
2437
2438 nid = ecpub_nids[idx];
2439
2440 ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
2441 if (!TEST_ptr(ctx)
2442 || !TEST_true(EVP_PKEY_keygen_init(ctx))
2443 || !TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid))
2444 || !TEST_true(EVP_PKEY_keygen(ctx, &pkey)))
2445 goto done;
2446 len = i2d_PublicKey(pkey, NULL);
2447 savelen = len;
2448 if (!TEST_int_ge(len, 1)
2449 || !TEST_int_lt(len, 1024))
2450 goto done;
2451 p = buf;
2452 len = i2d_PublicKey(pkey, &p);
2453 if (!TEST_int_ge(len, 1)
2454 || !TEST_int_eq(len, savelen))
2455 goto done;
2456
2457 # ifndef OPENSSL_NO_DEPRECATED_3_0
2458 /* Now try to decode the just-created DER. */
2459 q = buf;
2460 if (!TEST_ptr((pkey2 = EVP_PKEY_new()))
2461 || !TEST_ptr((ec = EC_KEY_new_by_curve_name(nid)))
2462 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey2, ec)))
2463 goto done;
2464 /* EC_KEY ownership transferred */
2465 ec = NULL;
2466 if (!TEST_ptr(d2i_PublicKey(EVP_PKEY_EC, &pkey2, &q, savelen)))
2467 goto done;
2468 /* The keys should match. */
2469 if (!TEST_int_eq(EVP_PKEY_cmp(pkey, pkey2), 1))
2470 goto done;
2471 # endif
2472
2473 ret = 1;
2474
2475 done:
2476 EVP_PKEY_CTX_free(ctx);
2477 EVP_PKEY_free(pkey);
2478 # ifndef OPENSSL_NO_DEPRECATED_3_0
2479 EVP_PKEY_free(pkey2);
2480 EC_KEY_free(ec);
2481 # endif
2482 return ret;
2483 }
2484 #endif
2485
2486 static int test_EVP_rsa_pss_with_keygen_bits(void)
2487 {
2488 int ret;
2489 EVP_PKEY_CTX *ctx;
2490 EVP_PKEY *pkey;
2491 const EVP_MD *md;
2492 pkey = NULL;
2493 ret = 0;
2494
2495 md = EVP_get_digestbyname("sha256");
2496 ret = TEST_ptr((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA_PSS, NULL)))
2497 && TEST_true(EVP_PKEY_keygen_init(ctx))
2498 && TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 512), 0)
2499 && TEST_true(EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md))
2500 && TEST_true(EVP_PKEY_keygen(ctx, &pkey));
2501
2502 EVP_PKEY_free(pkey);
2503 EVP_PKEY_CTX_free(ctx);
2504 return ret;
2505 }
2506
2507 static int success = 1;
2508 static void md_names(const char *name, void *vctx)
2509 {
2510 OSSL_LIB_CTX *ctx = (OSSL_LIB_CTX *)vctx;
2511 /* Force a namemap update */
2512 EVP_CIPHER *aes128 = EVP_CIPHER_fetch(ctx, "AES-128-CBC", NULL);
2513
2514 if (!TEST_ptr(aes128))
2515 success = 0;
2516
2517 EVP_CIPHER_free(aes128);
2518 }
2519
2520 /*
2521 * Test that changing the namemap in a user callback works in a names_do_all
2522 * function.
2523 */
2524 static int test_names_do_all(void)
2525 {
2526 /* We use a custom libctx so that we know the state of the namemap */
2527 OSSL_LIB_CTX *ctx = OSSL_LIB_CTX_new();
2528 EVP_MD *sha256 = NULL;
2529 int testresult = 0;
2530
2531 if (!TEST_ptr(ctx))
2532 goto err;
2533
2534 sha256 = EVP_MD_fetch(ctx, "SHA2-256", NULL);
2535 if (!TEST_ptr(sha256))
2536 goto err;
2537
2538 /*
2539 * We loop through all the names for a given digest. This should still work
2540 * even if the namemap changes part way through.
2541 */
2542 if (!TEST_true(EVP_MD_names_do_all(sha256, md_names, ctx)))
2543 goto err;
2544
2545 if (!TEST_true(success))
2546 goto err;
2547
2548 testresult = 1;
2549 err:
2550 EVP_MD_free(sha256);
2551 OSSL_LIB_CTX_free(ctx);
2552 return testresult;
2553 }
2554
2555 int setup_tests(void)
2556 {
2557 testctx = OSSL_LIB_CTX_new();
2558
2559 if (!TEST_ptr(testctx))
2560 return 0;
2561
2562 ADD_TEST(test_EVP_set_default_properties);
2563 ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
2564 ADD_TEST(test_EVP_DigestVerifyInit);
2565 ADD_TEST(test_EVP_Digest);
2566 ADD_TEST(test_EVP_Enveloped);
2567 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
2568 ADD_TEST(test_privatekey_to_pkcs8);
2569 #ifndef OPENSSL_NO_EC
2570 ADD_TEST(test_EVP_PKCS82PKEY);
2571 #endif
2572 #ifndef OPENSSL_NO_EC
2573 ADD_ALL_TESTS(test_EC_keygen_with_enc, OSSL_NELEM(ec_encodings));
2574 #endif
2575 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
2576 ADD_TEST(test_EVP_SM2);
2577 ADD_TEST(test_EVP_SM2_verify);
2578 #endif
2579 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
2580 #ifndef OPENSSL_NO_DEPRECATED_3_0
2581 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
2582 if (!TEST_ptr(custom_pmeth))
2583 return 0;
2584 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
2585 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
2586 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
2587 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
2588 return 0;
2589 #endif
2590 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
2591 #ifndef OPENSSL_NO_CMAC
2592 ADD_TEST(test_CMAC_keygen);
2593 #endif
2594 ADD_TEST(test_HKDF);
2595 ADD_TEST(test_emptyikm_HKDF);
2596 #ifndef OPENSSL_NO_EC
2597 ADD_TEST(test_X509_PUBKEY_inplace);
2598 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
2599 OSSL_NELEM(ec_der_pub_keys));
2600 #endif
2601 #ifndef OPENSSL_NO_DSA
2602 ADD_TEST(test_DSA_get_set_params);
2603 ADD_TEST(test_DSA_priv_pub);
2604 #endif
2605 ADD_TEST(test_RSA_get_set_params);
2606 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2607 ADD_TEST(test_decrypt_null_chunks);
2608 #endif
2609 #ifndef OPENSSL_NO_DH
2610 ADD_TEST(test_DH_priv_pub);
2611 # ifndef OPENSSL_NO_DEPRECATED_3_0
2612 ADD_TEST(test_EVP_PKEY_set1_DH);
2613 # endif
2614 #endif
2615 #ifndef OPENSSL_NO_EC
2616 ADD_TEST(test_EC_priv_pub);
2617 # ifndef OPENSSL_NO_DEPRECATED_3_0
2618 ADD_TEST(test_EC_priv_only_legacy);
2619 # endif
2620 #endif
2621 ADD_ALL_TESTS(test_keygen_with_empty_template, 2);
2622 ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
2623
2624 ADD_TEST(test_rand_agglomeration);
2625 ADD_ALL_TESTS(test_evp_iv, 10);
2626 ADD_TEST(test_EVP_rsa_pss_with_keygen_bits);
2627 #ifndef OPENSSL_NO_EC
2628 ADD_ALL_TESTS(test_ecpub, OSSL_NELEM(ecpub_nids));
2629 #endif
2630
2631 ADD_TEST(test_names_do_all);
2632
2633 return 1;
2634 }
2635
2636 void cleanup_tests(void)
2637 {
2638 OSSL_LIB_CTX_free(testctx);
2639 }
A mirror of the official openssl repository