]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix a crash in reuse of i2d_X509_PUBKEY
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <openssl/bio.h>
14 #include <openssl/crypto.h>
15 #include <openssl/err.h>
16 #include <openssl/evp.h>
17 #include <openssl/rsa.h>
18 #include <openssl/x509.h>
19 #include <openssl/pem.h>
20 #include <openssl/kdf.h>
21 #include "testutil.h"
22 #include "internal/nelem.h"
23 #include "internal/evp_int.h"
24
25 /*
26 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
27 * should never use this key anywhere but in an example.
28 */
29 static const unsigned char kExampleRSAKeyDER[] = {
30 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
31 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
32 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
33 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
34 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
35 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
36 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
37 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
38 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
39 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
40 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
41 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
42 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
43 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
44 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
45 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
46 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
47 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
48 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
49 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
50 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
51 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
52 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
53 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
54 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
55 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
56 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
57 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
58 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
59 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
60 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
61 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
62 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
63 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
64 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
65 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
66 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
67 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
68 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
69 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
70 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
71 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
72 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
73 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
74 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
75 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
76 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
77 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
78 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
79 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
80 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
81 };
82
83 /*
84 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
85 * components are not correct.
86 */
87 static const unsigned char kExampleBadRSAKeyDER[] = {
88 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
89 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
90 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
91 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
92 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
93 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
94 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
95 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
96 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
97 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
98 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
99 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
100 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
101 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
102 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
103 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
104 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
105 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
106 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
107 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
108 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
109 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
110 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
111 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
112 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
113 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
114 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
115 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
116 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
117 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
118 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
119 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
120 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
121 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
122 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
123 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
124 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
125 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
126 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
127 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
128 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
129 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
130 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
131 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
132 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
133 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
134 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
135 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
136 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
137 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
138 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
139 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
140 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
141 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
142 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
143 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
144 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
145 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
146 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
147 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
148 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
149 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
150 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
151 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
152 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
153 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
154 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
155 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
156 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
157 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
158 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
159 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
160 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
161 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
162 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
163 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
164 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
165 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
166 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
167 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
168 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
169 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
170 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
171 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
172 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
173 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
174 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
175 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
176 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
177 };
178
179 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
180
181 static const unsigned char kSignature[] = {
182 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
183 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
184 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
185 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
186 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
187 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
188 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
189 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
190 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
191 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
192 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
193 };
194
195 /*
196 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
197 * PrivateKeyInfo.
198 */
199 static const unsigned char kExampleRSAKeyPKCS8[] = {
200 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
201 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
202 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
203 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
204 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
205 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
206 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
207 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
208 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
209 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
210 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
211 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
212 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
213 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
214 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
215 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
216 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
217 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
218 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
219 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
220 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
221 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
222 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
223 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
224 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
225 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
226 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
227 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
228 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
229 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
230 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
231 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
232 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
233 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
234 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
235 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
236 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
237 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
238 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
239 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
240 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
241 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
242 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
243 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
244 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
245 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
246 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
247 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
248 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
249 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
250 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
251 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
252 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
253 };
254
255 #ifndef OPENSSL_NO_EC
256 /*
257 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
258 * structure.
259 */
260 static const unsigned char kExampleECKeyDER[] = {
261 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
262 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
263 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
264 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
265 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
266 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
267 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
268 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
269 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
270 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
271 0xc1,
272 };
273
274 /*
275 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
276 * structure. The private key is equal to the order and will fail to import
277 */
278 static const unsigned char kExampleBadECKeyDER[] = {
279 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
280 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
281 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
282 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
283 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
284 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
285 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
286 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
287 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
288 };
289
290 /* prime256v1 */
291 static const unsigned char kExampleECPubKeyDER[] = {
292 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
293 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
294 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
295 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
296 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
297 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
298 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
299 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
300 };
301
302 /*
303 * kExampleBadECKeyDER is a sample EC public key with a wrong OID
304 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
305 */
306 static const unsigned char kExampleBadECPubKeyDER[] = {
307 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
308 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
309 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
310 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
311 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
312 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
313 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
314 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
315 };
316
317 static const unsigned char pExampleECParamDER[] = {
318 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
319 };
320 #endif
321
322 typedef struct APK_DATA_st {
323 const unsigned char *kder;
324 size_t size;
325 int evptype;
326 int check;
327 int pub_check;
328 int param_check;
329 int type; /* 0 for private, 1 for public, 2 for params */
330 } APK_DATA;
331
332 static APK_DATA keydata[] = {
333 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
334 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
335 #ifndef OPENSSL_NO_EC
336 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
337 #endif
338 };
339
340 static APK_DATA keycheckdata[] = {
341 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
342 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
343 0, -2, -2, 0},
344 #ifndef OPENSSL_NO_EC
345 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
346 /* group is also associated in our pub key */
347 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
348 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
349 #endif
350 };
351
352 static EVP_PKEY *load_example_rsa_key(void)
353 {
354 EVP_PKEY *ret = NULL;
355 const unsigned char *derp = kExampleRSAKeyDER;
356 EVP_PKEY *pkey = NULL;
357 RSA *rsa = NULL;
358
359 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
360 return NULL;
361
362 if (!TEST_ptr(pkey = EVP_PKEY_new())
363 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
364 goto end;
365
366 ret = pkey;
367 pkey = NULL;
368
369 end:
370 EVP_PKEY_free(pkey);
371 RSA_free(rsa);
372
373 return ret;
374 }
375
376 static int test_EVP_Enveloped(void)
377 {
378 int ret = 0;
379 EVP_CIPHER_CTX *ctx = NULL;
380 EVP_PKEY *keypair = NULL;
381 unsigned char *kek = NULL;
382 unsigned char iv[EVP_MAX_IV_LENGTH];
383 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
384 int len, kek_len, ciphertext_len, plaintext_len;
385 unsigned char ciphertext[32], plaintext[16];
386 const EVP_CIPHER *type = EVP_aes_256_cbc();
387
388 if (!TEST_ptr(keypair = load_example_rsa_key())
389 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
390 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
391 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
392 &keypair, 1))
393 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
394 msg, sizeof(msg)))
395 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
396 &len)))
397 goto err;
398
399 ciphertext_len += len;
400
401 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
402 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
403 ciphertext, ciphertext_len))
404 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
405 goto err;
406
407 plaintext_len += len;
408 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
409 goto err;
410
411 ret = 1;
412 err:
413 OPENSSL_free(kek);
414 EVP_PKEY_free(keypair);
415 EVP_CIPHER_CTX_free(ctx);
416 return ret;
417 }
418
419
420 static int test_EVP_DigestSignInit(void)
421 {
422 int ret = 0;
423 EVP_PKEY *pkey = NULL;
424 unsigned char *sig = NULL;
425 size_t sig_len = 0;
426 EVP_MD_CTX *md_ctx, *md_ctx_verify = NULL;
427
428 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
429 || !TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())
430 || !TEST_ptr(pkey = load_example_rsa_key()))
431 goto out;
432
433 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
434 || !TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
435 goto out;
436
437 /* Determine the size of the signature. */
438 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
439 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
440 goto out;
441
442 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
443 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
444 goto out;
445
446 /* Ensure that the signature round-trips. */
447 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
448 NULL, pkey))
449 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify,
450 kMsg, sizeof(kMsg)))
451 || !TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
452 goto out;
453
454 ret = 1;
455
456 out:
457 EVP_MD_CTX_free(md_ctx);
458 EVP_MD_CTX_free(md_ctx_verify);
459 EVP_PKEY_free(pkey);
460 OPENSSL_free(sig);
461
462 return ret;
463 }
464
465 static int test_EVP_DigestVerifyInit(void)
466 {
467 int ret = 0;
468 EVP_PKEY *pkey = NULL;
469 EVP_MD_CTX *md_ctx = NULL;
470
471 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
472 || !TEST_ptr(pkey = load_example_rsa_key()))
473 goto out;
474
475 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
476 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
477 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
478 sizeof(kSignature))))
479 goto out;
480 ret = 1;
481
482 out:
483 EVP_MD_CTX_free(md_ctx);
484 EVP_PKEY_free(pkey);
485 return ret;
486 }
487
488 static int test_d2i_AutoPrivateKey(int i)
489 {
490 int ret = 0;
491 const unsigned char *p;
492 EVP_PKEY *pkey = NULL;
493 const APK_DATA *ak = &keydata[i];
494 const unsigned char *input = ak->kder;
495 size_t input_len = ak->size;
496 int expected_id = ak->evptype;
497
498 p = input;
499 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
500 || !TEST_ptr_eq(p, input + input_len)
501 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
502 goto done;
503
504 ret = 1;
505
506 done:
507 EVP_PKEY_free(pkey);
508 return ret;
509 }
510
511 #ifndef OPENSSL_NO_EC
512 /* Tests loading a bad key in PKCS8 format */
513 static int test_EVP_PKCS82PKEY(void)
514 {
515 int ret = 0;
516 const unsigned char *derp = kExampleBadECKeyDER;
517 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
518 EVP_PKEY *pkey = NULL;
519
520 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
521 sizeof(kExampleBadECKeyDER))))
522 goto done;
523
524 if (!TEST_ptr_eq(derp,
525 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
526 goto done;
527
528 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
529 goto done;
530
531 ret = 1;
532
533 done:
534 PKCS8_PRIV_KEY_INFO_free(p8inf);
535 EVP_PKEY_free(pkey);
536
537 return ret;
538 }
539 #endif
540
541 #ifndef OPENSSL_NO_SM2
542
543 static int test_EVP_SM2_verify(void)
544 {
545 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
546 const char *pubkey =
547 "-----BEGIN PUBLIC KEY-----\n"
548 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
549 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
550 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
551 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
552 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
553 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
554 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
555 "-----END PUBLIC KEY-----\n";
556
557 const char *msg = "message digest";
558 const char *id = "ALICE123@YAHOO.COM";
559
560 const uint8_t signature[] = {
561 0x30, 0x44, 0x02, 0x20,
562
563 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
564 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
565 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
566
567 0x02, 0x20,
568
569 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
570 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
571 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
572 };
573
574 int rc = 0;
575 BIO *bio = NULL;
576 EVP_PKEY *pkey = NULL;
577 EVP_MD_CTX *mctx = NULL;
578 EVP_PKEY_CTX *pctx = NULL;
579
580 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
581 if (!TEST_true(bio != NULL))
582 goto done;
583
584 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
585 if (!TEST_true(pkey != NULL))
586 goto done;
587
588 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
589 goto done;
590
591 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
592 goto done;
593
594 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
595 goto done;
596
597 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
598 strlen(id)), 0))
599 goto done;
600
601 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
602
603 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
604 goto done;
605
606 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
607 goto done;
608
609 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
610 goto done;
611 rc = 1;
612
613 done:
614 BIO_free(bio);
615 EVP_PKEY_free(pkey);
616 EVP_PKEY_CTX_free(pctx);
617 EVP_MD_CTX_free(mctx);
618 return rc;
619 }
620
621 static int test_EVP_SM2(void)
622 {
623 int ret = 0;
624 EVP_PKEY *pkey = NULL;
625 EVP_PKEY *params = NULL;
626 EVP_PKEY_CTX *pctx = NULL;
627 EVP_PKEY_CTX *kctx = NULL;
628 EVP_PKEY_CTX *sctx = NULL;
629 size_t sig_len = 0;
630 unsigned char *sig = NULL;
631 EVP_MD_CTX *md_ctx = NULL;
632 EVP_MD_CTX *md_ctx_verify = NULL;
633 EVP_PKEY_CTX *cctx = NULL;
634
635 uint8_t ciphertext[128];
636 size_t ctext_len = sizeof(ciphertext);
637
638 uint8_t plaintext[8];
639 size_t ptext_len = sizeof(plaintext);
640
641 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
642
643 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
644 if (!TEST_ptr(pctx))
645 goto done;
646
647 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
648 goto done;
649
650 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
651 goto done;
652
653 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
654 goto done;
655
656 kctx = EVP_PKEY_CTX_new(params, NULL);
657 if (!TEST_ptr(kctx))
658 goto done;
659
660 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
661 goto done;
662
663 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
664 goto done;
665
666 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
667 goto done;
668
669 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
670 goto done;
671
672 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
673 goto done;
674
675 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
676 goto done;
677
678 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
679 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
680
681 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
682 goto done;
683
684 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
685 goto done;
686
687 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
688 goto done;
689
690 /* Determine the size of the signature. */
691 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
692 goto done;
693
694 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
695 goto done;
696
697 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
698 goto done;
699
700 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
701 goto done;
702
703 /* Ensure that the signature round-trips. */
704
705 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
706 goto done;
707
708 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
709 goto done;
710
711 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
712 goto done;
713
714 /* now check encryption/decryption */
715
716 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
717 goto done;
718
719 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
720 goto done;
721
722 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
723 goto done;
724
725 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
726 goto done;
727
728 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
729 goto done;
730
731 if (!TEST_true(ptext_len == sizeof(kMsg)))
732 goto done;
733
734 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
735 goto done;
736
737 ret = 1;
738 done:
739 EVP_PKEY_CTX_free(pctx);
740 EVP_PKEY_CTX_free(kctx);
741 EVP_PKEY_CTX_free(sctx);
742 EVP_PKEY_CTX_free(cctx);
743 EVP_PKEY_free(pkey);
744 EVP_PKEY_free(params);
745 EVP_MD_CTX_free(md_ctx);
746 EVP_MD_CTX_free(md_ctx_verify);
747 OPENSSL_free(sig);
748 return ret;
749 }
750
751 #endif
752
753 static struct keys_st {
754 int type;
755 char *priv;
756 char *pub;
757 } keys[] = {
758 {
759 EVP_PKEY_HMAC, "0123456789", NULL
760 }, {
761 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
762 }, {
763 EVP_PKEY_SIPHASH, "0123456789012345", NULL
764 },
765 #ifndef OPENSSL_NO_EC
766 {
767 EVP_PKEY_X25519, "01234567890123456789012345678901",
768 "abcdefghijklmnopqrstuvwxyzabcdef"
769 }, {
770 EVP_PKEY_ED25519, "01234567890123456789012345678901",
771 "abcdefghijklmnopqrstuvwxyzabcdef"
772 }, {
773 EVP_PKEY_X448,
774 "01234567890123456789012345678901234567890123456789012345",
775 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
776 }, {
777 EVP_PKEY_ED448,
778 "012345678901234567890123456789012345678901234567890123456",
779 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
780 }
781 #endif
782 };
783
784 static int test_set_get_raw_keys_int(int tst, int pub)
785 {
786 int ret = 0;
787 unsigned char buf[80];
788 unsigned char *in;
789 size_t inlen, len = 0;
790 EVP_PKEY *pkey;
791
792 /* Check if this algorithm supports public keys */
793 if (keys[tst].pub == NULL)
794 return 1;
795
796 memset(buf, 0, sizeof(buf));
797
798 if (pub) {
799 inlen = strlen(keys[tst].pub);
800 in = (unsigned char *)keys[tst].pub;
801 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
802 NULL,
803 in,
804 inlen);
805 } else {
806 inlen = strlen(keys[tst].priv);
807 in = (unsigned char *)keys[tst].priv;
808 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
809 NULL,
810 in,
811 inlen);
812 }
813
814 if (!TEST_ptr(pkey)
815 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
816 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
817 || !TEST_true(len == inlen)
818 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
819 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
820 || !TEST_mem_eq(in, inlen, buf, len))
821 goto done;
822
823 ret = 1;
824 done:
825 EVP_PKEY_free(pkey);
826 return ret;
827 }
828
829 static int test_set_get_raw_keys(int tst)
830 {
831 return test_set_get_raw_keys_int(tst, 0)
832 && test_set_get_raw_keys_int(tst, 1);
833 }
834
835 static int pkey_custom_check(EVP_PKEY *pkey)
836 {
837 return 0xbeef;
838 }
839
840 static int pkey_custom_pub_check(EVP_PKEY *pkey)
841 {
842 return 0xbeef;
843 }
844
845 static int pkey_custom_param_check(EVP_PKEY *pkey)
846 {
847 return 0xbeef;
848 }
849
850 static EVP_PKEY_METHOD *custom_pmeth;
851
852 static int test_EVP_PKEY_check(int i)
853 {
854 int ret = 0;
855 const unsigned char *p;
856 EVP_PKEY *pkey = NULL;
857 #ifndef OPENSSL_NO_EC
858 EC_KEY *eckey = NULL;
859 #endif
860 EVP_PKEY_CTX *ctx = NULL;
861 EVP_PKEY_CTX *ctx2 = NULL;
862 const APK_DATA *ak = &keycheckdata[i];
863 const unsigned char *input = ak->kder;
864 size_t input_len = ak->size;
865 int expected_id = ak->evptype;
866 int expected_check = ak->check;
867 int expected_pub_check = ak->pub_check;
868 int expected_param_check = ak->param_check;
869 int type = ak->type;
870 BIO *pubkey = NULL;
871
872 p = input;
873
874 switch (type) {
875 case 0:
876 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
877 || !TEST_ptr_eq(p, input + input_len)
878 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
879 goto done;
880 break;
881 #ifndef OPENSSL_NO_EC
882 case 1:
883 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
884 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
885 || !TEST_ptr(pkey = EVP_PKEY_new())
886 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
887 goto done;
888 break;
889 case 2:
890 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
891 || !TEST_ptr_eq(p, input + input_len)
892 || !TEST_ptr(pkey = EVP_PKEY_new())
893 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
894 goto done;
895 break;
896 #endif
897 default:
898 return 0;
899 }
900
901 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
902 goto done;
903
904 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
905 goto done;
906
907 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
908 goto done;
909
910 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
911 goto done;
912
913 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
914 /* assign the pkey directly, as an internal test */
915 EVP_PKEY_up_ref(pkey);
916 ctx2->pkey = pkey;
917
918 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
919 goto done;
920
921 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
922 goto done;
923
924 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
925 goto done;
926
927 ret = 1;
928
929 done:
930 EVP_PKEY_CTX_free(ctx);
931 EVP_PKEY_CTX_free(ctx2);
932 EVP_PKEY_free(pkey);
933 BIO_free(pubkey);
934 return ret;
935 }
936
937 static int test_HKDF(void)
938 {
939 EVP_PKEY_CTX *pctx;
940 unsigned char out[20];
941 size_t outlen;
942 int i, ret = 0;
943 unsigned char salt[] = "0123456789";
944 unsigned char key[] = "012345678901234567890123456789";
945 unsigned char info[] = "infostring";
946 const unsigned char expected[] = {
947 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
948 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
949 };
950 size_t expectedlen = sizeof(expected);
951
952 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
953 goto done;
954
955 /* We do this twice to test reuse of the EVP_PKEY_CTX */
956 for (i = 0; i < 2; i++) {
957 outlen = sizeof(out);
958 memset(out, 0, outlen);
959
960 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
961 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
962 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
963 sizeof(salt) - 1), 0)
964 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
965 sizeof(key) - 1), 0)
966 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
967 sizeof(info) - 1), 0)
968 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
969 || !TEST_mem_eq(out, outlen, expected, expectedlen))
970 goto done;
971 }
972
973 ret = 1;
974
975 done:
976 EVP_PKEY_CTX_free(pctx);
977
978 return ret;
979 }
980
981 #ifndef OPENSSL_NO_EC
982 static int test_X509_PUBKEY_inplace(void)
983 {
984 int ret = 0;
985 X509_PUBKEY *xp = NULL;
986 const unsigned char *p = kExampleECPubKeyDER;
987 size_t input_len = sizeof(kExampleECPubKeyDER);
988
989 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
990 goto done;
991
992 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
993 goto done;
994
995 p = kExampleBadECPubKeyDER;
996 input_len = sizeof(kExampleBadECPubKeyDER);
997
998 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
999 goto done;
1000
1001 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1002 goto done;
1003
1004 ret = 1;
1005
1006 done:
1007 X509_PUBKEY_free(xp);
1008 return ret;
1009 }
1010 #endif
1011
1012 int setup_tests(void)
1013 {
1014 ADD_TEST(test_EVP_DigestSignInit);
1015 ADD_TEST(test_EVP_DigestVerifyInit);
1016 ADD_TEST(test_EVP_Enveloped);
1017 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1018 #ifndef OPENSSL_NO_EC
1019 ADD_TEST(test_EVP_PKCS82PKEY);
1020 #endif
1021 #ifndef OPENSSL_NO_SM2
1022 ADD_TEST(test_EVP_SM2);
1023 ADD_TEST(test_EVP_SM2_verify);
1024 #endif
1025 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1026 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1027 if (!TEST_ptr(custom_pmeth))
1028 return 0;
1029 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1030 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1031 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1032 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1033 return 0;
1034 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1035 ADD_TEST(test_HKDF);
1036 #ifndef OPENSSL_NO_EC
1037 ADD_TEST(test_X509_PUBKEY_inplace);
1038 #endif
1039 return 1;
1040 }
A mirror of the official openssl repository