2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) ((void *)&x), sizeof(x)
12 #define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21 #define ST_KAT_PARAM_UTF8CHAR(name, data) \
22 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
23 #define ST_KAT_PARAM_INT(name, i) \
24 { name, OSSL_PARAM_INTEGER, ITM(i) }
26 /* used to store raw parameters for keys and algorithms */
27 typedef struct st_kat_param_st {
28 const char *name; /* an OSSL_PARAM name */
29 size_t type; /* the type associated with the data */
30 const void *data; /* unsigned char [], or char [] depending on the type */
31 size_t data_len; /* the length of the data */
34 typedef struct st_kat_st {
36 const char *algorithm;
37 const unsigned char *pt;
39 const unsigned char *expected;
43 #define CIPHER_MODE_ENCRYPT 1
44 #define CIPHER_MODE_DECRYPT 2
45 #define CIPHER_MODE_ALL (CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT)
47 typedef ST_KAT ST_KAT_DIGEST;
48 typedef struct st_kat_cipher_st {
51 const unsigned char *key;
53 const unsigned char *iv;
55 const unsigned char *aad;
57 const unsigned char *tag;
61 typedef struct st_kat_kdf_st {
63 const char *algorithm;
64 const ST_KAT_PARAM *params;
65 const unsigned char *expected;
69 typedef struct st_kat_drbg_st {
71 const char *algorithm;
72 const char *param_name;
74 const unsigned char *entropyin;
76 const unsigned char *nonce;
78 const unsigned char *persstr;
80 const unsigned char *entropyinpr1;
81 size_t entropyinpr1len;
82 const unsigned char *entropyinpr2;
83 size_t entropyinpr2len;
84 const unsigned char *entropyaddin1;
85 size_t entropyaddin1len;
86 const unsigned char *entropyaddin2;
87 size_t entropyaddin2len;
88 const unsigned char *expected;
92 typedef struct st_kat_kas_st {
94 const char *algorithm;
96 const ST_KAT_PARAM *key_group;
97 const ST_KAT_PARAM *key_host_data;
98 const ST_KAT_PARAM *key_peer_data;
100 const unsigned char *expected;
104 typedef struct st_kat_sign_st {
106 const char *algorithm;
107 const char *mdalgorithm;
108 const ST_KAT_PARAM *key;
109 const unsigned char *entropy;
111 const unsigned char *nonce;
113 const unsigned char *persstr;
115 const unsigned char *sig_expected; /* Set to NULL if this value changes */
116 size_t sig_expected_len;
119 typedef struct st_kat_asym_cipher_st {
121 const char *algorithm;
123 const ST_KAT_PARAM *key;
124 const ST_KAT_PARAM *postinit;
125 const unsigned char *in;
127 const unsigned char *expected;
129 } ST_KAT_ASYM_CIPHER;
131 /*- DIGEST TEST DATA */
132 static const unsigned char sha1_pt[] = "abc";
133 static const unsigned char sha1_digest[] = {
134 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
135 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
138 static const unsigned char sha512_pt[] = "abc";
139 static const unsigned char sha512_digest[] = {
140 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
141 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
142 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
143 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
144 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
145 0xA5, 0x4C, 0xA4, 0x9F
147 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
148 static const unsigned char sha3_256_digest[] = {
149 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
150 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
151 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
154 static const ST_KAT_DIGEST st_kat_digest_tests[] =
157 OSSL_SELF_TEST_DESC_MD_SHA1,
163 OSSL_SELF_TEST_DESC_MD_SHA2,
169 OSSL_SELF_TEST_DESC_MD_SHA3,
172 ITM(sha3_256_digest),
177 /*- CIPHER TEST DATA */
180 static const unsigned char des_ede3_cbc_pt[] = {
181 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
182 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
183 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
184 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
186 static const unsigned char des_ede3_cbc_key[] = {
187 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
188 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
189 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
191 static const unsigned char des_ede3_cbc_iv[] = {
192 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
194 static const unsigned char des_ede3_cbc_ct[] = {
195 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
196 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
197 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
198 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
201 /* AES-256 GCM test data */
202 static const unsigned char aes_256_gcm_key[] = {
203 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
204 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
205 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
206 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
208 static const unsigned char aes_256_gcm_iv[] = {
209 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
210 0xe9, 0x02, 0xf2, 0x1a
212 static const unsigned char aes_256_gcm_pt[] = {
213 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
214 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
216 static const unsigned char aes_256_gcm_aad[] = {
217 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
218 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
220 static const unsigned char aes_256_gcm_ct[] = {
221 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
222 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
224 static const unsigned char aes_256_gcm_tag[] = {
225 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
226 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
229 /* AES-ECB test data */
230 static const unsigned char aes_128_ecb_key[] = {
231 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3,
232 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
234 static const unsigned char aes_128_ecb_pt[] = {
235 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
236 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
238 static const unsigned char aes_128_ecb_ct[] = {
239 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0,
240 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
243 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
246 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
251 CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
252 ITM(aes_256_gcm_key),
254 ITM(aes_256_gcm_aad),
259 OSSL_SELF_TEST_DESC_CIPHER_AES_ECB,
269 static const char hkdf_digest[] = "SHA256";
271 * Input parameters and expected result are from RFC 5869 test case 1, which is
272 * with a key-derivation key >= 112 bits required by NIST SP 800-131Ar2
275 static const unsigned char hkdf_secret[] = {
276 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
277 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
278 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b
280 static const unsigned char hkdf_salt[] = {
281 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
282 0x08, 0x09, 0x0a, 0x0b, 0x0c
284 static const unsigned char hkdf_info[] = {
285 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
288 static const unsigned char hkdf_expected[] = {
289 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
290 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
291 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
292 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
293 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
296 static const ST_KAT_PARAM hkdf_params[] = {
297 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
298 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
299 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
300 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
304 static const char sskdf_digest[] = "SHA224";
305 static const unsigned char sskdf_secret[] = {
306 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
307 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
308 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
309 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
310 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
311 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
312 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
314 static const unsigned char sskdf_otherinfo[] = {
315 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
316 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
317 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
318 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
319 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
320 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
322 static const unsigned char sskdf_expected[] = {
323 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
324 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
326 static const ST_KAT_PARAM sskdf_params[] = {
327 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
328 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
329 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
333 static const char x942kdf_digest[] = "SHA1";
334 static const char x942kdf_cekalg[] = "AES-128-WRAP";
335 static const unsigned char x942kdf_secret[] = {
336 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
337 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
338 0x10, 0x11, 0x12, 0x13
340 static const unsigned char x942kdf_expected[] = {
341 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
342 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
344 static const ST_KAT_PARAM x942kdf_params[] = {
345 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
346 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
347 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
351 static const char x963kdf_digest[] = "SHA256";
352 static const unsigned char x963kdf_otherinfo[] = {
353 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
354 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
356 static const unsigned char x963kdf_secret[] = {
357 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
358 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
359 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
361 static const unsigned char x963kdf_expected[] = {
362 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
363 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
364 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
365 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
367 static const ST_KAT_PARAM x963kdf_params[] = {
368 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
369 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
370 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
374 static const char pbkdf2_digest[] = "SHA256";
376 * Input parameters from RFC 6070, vector 5 (because it is the only one with
377 * a salt >= 16 bytes, which NIST SP 800-132 section 5.1 requires). The
378 * expected output is taken from
379 * https://github.com/brycx/Test-Vector-Generation/blob/master/PBKDF2/pbkdf2-hmac-sha2-test-vectors.md,
380 * which ran these test vectors with SHA-256.
382 static const unsigned char pbkdf2_password[] = {
383 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x50, 0x41, 0x53, 0x53,
384 0x57, 0x4f, 0x52, 0x44, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64
386 static const unsigned char pbkdf2_salt[] = {
387 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74,
388 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54,
389 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74
391 static const unsigned char pbkdf2_expected[] = {
392 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f, 0x32, 0xd8, 0x14, 0xb8,
393 0x11, 0x6e, 0x84, 0xcf, 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
396 static int pbkdf2_iterations = 4096;
397 static int pbkdf2_pkcs5 = 0;
398 static const ST_KAT_PARAM pbkdf2_params[] = {
399 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
400 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
401 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
402 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
403 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
407 static const char sshkdf_digest[] = "SHA1";
408 static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
409 static const unsigned char sshkdf_key[] = {
410 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
411 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
412 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
413 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
414 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
415 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
416 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
417 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
418 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
419 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
420 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
421 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
422 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
423 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
424 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
425 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
426 0xfb, 0xa9, 0x4a, 0x59,
428 static const unsigned char sshkdf_xcghash[] = {
429 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
430 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
431 0xdc, 0x88, 0x92, 0x45,
433 static const unsigned char sshkdf_session_id[] = {
434 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
435 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
436 0xdc, 0x88, 0x92, 0x45,
438 static const unsigned char sshkdf_expected[] = {
439 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
441 static const ST_KAT_PARAM sshkdf_params[] = {
442 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
443 ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
444 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
445 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
446 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
450 static const char tls12prf_digest[] = "SHA256";
451 static const unsigned char tls12prf_secret[] = {
452 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
453 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
454 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
455 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
456 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
457 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
459 static const unsigned char tls12prf_seed[] = {
460 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
461 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
462 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
463 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
464 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
465 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
466 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
467 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
468 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
470 static const unsigned char tls12prf_expected[] = {
471 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
472 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
473 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
474 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
475 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
476 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
477 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
478 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
479 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
480 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
481 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
482 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
483 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
484 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
485 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
486 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
488 static const ST_KAT_PARAM tls12prf_params[] = {
489 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
490 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
491 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
495 static const char kbkdf_digest[] = "SHA256";
496 static const char kbkdf_mac[] = "HMAC";
497 static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
498 static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
499 static unsigned char kbkdf_key[] = {
500 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
501 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
503 static unsigned char kbkdf_expected[] = {
504 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
505 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
506 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
507 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
509 static const ST_KAT_PARAM kbkdf_params[] = {
510 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
511 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
512 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
513 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
514 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
518 static const char kbkdf_kmac_mac[] = "KMAC128";
519 static unsigned char kbkdf_kmac_label[] = {
520 0xB5, 0xB5, 0xF3, 0x71, 0x9F, 0xBE, 0x5B, 0x3D,
521 0x7B, 0x8D, 0x05, 0xA1, 0xD3, 0x25, 0x19, 0x50,
523 static unsigned char kbkdf_kmac_context[] = {
524 0x36, 0x60, 0x0E, 0xF3, 0xC3, 0x70, 0xB5, 0xEF,
525 0x58, 0xBE, 0xF1, 0xBA, 0x1C, 0xF2, 0x74, 0xCB,
527 static unsigned char kbkdf_kmac_key[] = {
528 0xB2, 0x51, 0x4C, 0xC1, 0xD5, 0xCD, 0x7B, 0x6B,
529 0xA3, 0x3C, 0x90, 0x05, 0xBD, 0xAC, 0x32, 0x2A,
531 static unsigned char kbkdf_kmac_expected[] = {
532 0xB1, 0x58, 0xEE, 0xB1, 0x34, 0xA4, 0xDD, 0x9D,
533 0xAC, 0x52, 0xBD, 0x9E, 0x30, 0xE8, 0x0D, 0x76,
534 0x42, 0x57, 0x01, 0x89, 0x5F, 0x82, 0x74, 0xB9,
535 0xEB, 0x3E, 0x84, 0xD8, 0xA5, 0xDE, 0x6E, 0x54,
537 static const ST_KAT_PARAM kbkdf_kmac_params[] = {
538 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_kmac_mac),
539 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_kmac_key),
540 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_kmac_label),
541 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_kmac_context),
545 static const char tls13_kdf_digest[] = "SHA256";
546 static int tls13_kdf_extract_mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY;
547 static int tls13_kdf_expand_mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY;
548 static const unsigned char tls13_kdf_prefix[] = {
549 0x74, 0x6C, 0x73, 0x31, 0x33, 0x20 /* "tls13 " */
551 static const unsigned char tls13_kdf_client_early_secret_label[] = {
552 0x63, 0x20, 0x65, 0x20, 0x74, 0x72, 0x61, 0x66,
553 0x66, 0x69, 0x63 /* "c e traffic"*/
555 static const unsigned char tls13_kdf_psk[] = {
556 0xF8, 0xAF, 0x6A, 0xEA, 0x2D, 0x39, 0x7B, 0xAF,
557 0x29, 0x48, 0xA2, 0x5B, 0x28, 0x34, 0x20, 0x06,
558 0x92, 0xCF, 0xF1, 0x7E, 0xEE, 0x91, 0x65, 0xE4,
559 0xE2, 0x7B, 0xAB, 0xEE, 0x9E, 0xDE, 0xFD, 0x05
561 static const unsigned char tls13_kdf_client_hello_hash[] = {
562 0x7c, 0x92, 0xf6, 0x8b, 0xd5, 0xbf, 0x36, 0x38,
563 0xea, 0x33, 0x8a, 0x64, 0x94, 0x72, 0x2e, 0x1b,
564 0x44, 0x12, 0x7e, 0x1b, 0x7e, 0x8a, 0xad, 0x53,
565 0x5f, 0x23, 0x22, 0xa6, 0x44, 0xff, 0x22, 0xb3
568 static const unsigned char tls13_kdf_early_secret[] = {
569 0x15, 0x3B, 0x63, 0x94, 0xA9, 0xC0, 0x3C, 0xF3,
570 0xF5, 0xAC, 0xCC, 0x6E, 0x45, 0x5A, 0x76, 0x93,
571 0x28, 0x11, 0x38, 0xA1, 0xBC, 0xFA, 0x38, 0x03,
572 0xC2, 0x67, 0x35, 0xDD, 0x11, 0x94, 0xD2, 0x16
574 static const unsigned char tls13_kdf_client_early_traffic_secret[] = {
575 0xC8, 0x05, 0x83, 0xA9, 0x0E, 0x99, 0x5C, 0x48,
576 0x96, 0x00, 0x49, 0x2A, 0x5D, 0xA6, 0x42, 0xE6,
577 0xB1, 0xF6, 0x79, 0xBA, 0x67, 0x48, 0x28, 0x79,
578 0x2D, 0xF0, 0x87, 0xB9, 0x39, 0x63, 0x61, 0x71
580 static const ST_KAT_PARAM tls13_kdf_early_secret_params[] = {
581 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_extract_mode),
582 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
583 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_psk),
586 static const ST_KAT_PARAM tls13_kdf_client_early_secret_params[] = {
587 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_expand_mode),
588 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
589 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_early_secret),
590 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_DATA, tls13_kdf_client_hello_hash),
591 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PREFIX, tls13_kdf_prefix),
592 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_LABEL,
593 tls13_kdf_client_early_secret_label),
597 static const ST_KAT_KDF st_kat_kdf_tests[] =
600 OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT,
601 OSSL_KDF_NAME_TLS1_3_KDF,
602 tls13_kdf_early_secret_params,
603 ITM(tls13_kdf_early_secret)
606 OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND,
607 OSSL_KDF_NAME_TLS1_3_KDF,
608 tls13_kdf_client_early_secret_params,
609 ITM(tls13_kdf_client_early_traffic_secret)
612 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
613 OSSL_KDF_NAME_TLS1_PRF,
615 ITM(tls12prf_expected)
618 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
619 OSSL_KDF_NAME_PBKDF2,
624 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
625 OSSL_KDF_NAME_SSHKDF,
630 OSSL_SELF_TEST_DESC_KDF_KBKDF,
636 OSSL_SELF_TEST_DESC_KDF_KBKDF_KMAC,
639 ITM(kbkdf_kmac_expected)
642 OSSL_SELF_TEST_DESC_KDF_HKDF,
648 OSSL_SELF_TEST_DESC_KDF_SSKDF,
654 OSSL_SELF_TEST_DESC_KDF_X963KDF,
655 OSSL_KDF_NAME_X963KDF,
657 ITM(x963kdf_expected)
660 OSSL_SELF_TEST_DESC_KDF_X942KDF,
661 OSSL_KDF_NAME_X942KDF_ASN1,
663 ITM(x942kdf_expected)
668 * DRBG test vectors are a small subset of
669 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
670 * Using the folder drbgvectors_pr_true
671 * Generated for CAVS 14.3.
678 * [PredictionResistance = True]
679 * [EntropyInputLen = 256]
681 * [PersonalizationStringLen = 256]
682 * [AdditionalInputLen = 256]
683 * [ReturnedBitsLen = 1024]
687 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
688 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
689 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
690 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
692 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
693 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
694 0xf0, 0xe5, 0x07, 0x1f
696 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
697 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
698 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
699 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
701 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
702 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
703 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
704 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
706 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
707 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
708 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
709 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
711 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
712 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
713 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
714 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
716 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
717 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
718 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
719 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
721 static const unsigned char drbg_hash_sha256_pr_expected[] = {
722 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
723 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
724 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
725 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
726 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
727 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
728 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
729 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
730 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
731 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
732 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
739 * [PredictionResistance = True]
740 * [EntropyInputLen = 128]
742 * [PersonalizationStringLen = 128]
743 * [AdditionalInputLen = 128]
744 * [ReturnedBitsLen = 512]
748 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
749 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
750 0x43, 0xdf, 0xf8, 0x18
752 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
753 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
755 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
756 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
757 0x37, 0x3c, 0x5c, 0x0b
759 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
760 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
761 0xc4, 0x2c, 0xe8, 0x10
763 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
764 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
765 0x08, 0xf7, 0xa5, 0x01
767 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
768 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
769 0x23, 0x6d, 0xad, 0x1d
771 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
772 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
773 0xbc, 0x59, 0x31, 0x8c
775 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
776 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
777 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
778 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
779 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
780 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
781 0x23, 0xc5, 0x1f, 0x68
788 * [PredictionResistance = True]
789 * [EntropyInputLen = 128]
791 * [PersonalizationStringLen = 128]
792 * [AdditionalInputLen = 128]
793 * [ReturnedBitsLen = 640]
797 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
798 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
799 0x79, 0x9e, 0xe5, 0xd8
801 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
802 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
804 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
805 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
806 0xa9, 0x31, 0x3d, 0xd7
808 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
809 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
810 0x5f, 0x22, 0xc6, 0xa4
812 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
813 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
814 0x2d, 0x1a, 0xf7, 0xa6
816 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
817 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
818 0xc1, 0x8c, 0xd9, 0xd7
820 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
821 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
822 0xa1, 0x37, 0x12, 0x0c
824 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
825 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
826 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
827 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
828 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
829 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
830 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
831 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
834 static const ST_KAT_DRBG st_kat_drbg_tests[] =
837 OSSL_SELF_TEST_DESC_DRBG_HASH,
838 "HASH-DRBG", "digest", "SHA256",
839 ITM(drbg_hash_sha256_pr_entropyin),
840 ITM(drbg_hash_sha256_pr_nonce),
841 ITM(drbg_hash_sha256_pr_persstr),
842 ITM(drbg_hash_sha256_pr_entropyinpr0),
843 ITM(drbg_hash_sha256_pr_entropyinpr1),
844 ITM(drbg_hash_sha256_pr_addin0),
845 ITM(drbg_hash_sha256_pr_addin1),
846 ITM(drbg_hash_sha256_pr_expected)
849 OSSL_SELF_TEST_DESC_DRBG_CTR,
850 "CTR-DRBG", "cipher", "AES-128-CTR",
851 ITM(drbg_ctr_aes128_pr_df_entropyin),
852 ITM(drbg_ctr_aes128_pr_df_nonce),
853 ITM(drbg_ctr_aes128_pr_df_persstr),
854 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
855 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
856 ITM(drbg_ctr_aes128_pr_df_addin0),
857 ITM(drbg_ctr_aes128_pr_df_addin1),
858 ITM(drbg_ctr_aes128_pr_df_expected)
861 OSSL_SELF_TEST_DESC_DRBG_HMAC,
862 "HMAC-DRBG", "digest", "SHA1",
863 ITM(drbg_hmac_sha1_pr_entropyin),
864 ITM(drbg_hmac_sha1_pr_nonce),
865 ITM(drbg_hmac_sha1_pr_persstr),
866 ITM(drbg_hmac_sha1_pr_entropyinpr0),
867 ITM(drbg_hmac_sha1_pr_entropyinpr1),
868 ITM(drbg_hmac_sha1_pr_addin0),
869 ITM(drbg_hmac_sha1_pr_addin1),
870 ITM(drbg_hmac_sha1_pr_expected)
874 /* KEY EXCHANGE TEST DATA */
876 #ifndef OPENSSL_NO_DH
878 static const unsigned char dh_p[] = {
879 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
880 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
881 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
882 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
883 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
884 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
885 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
886 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
887 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
888 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
889 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
890 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
891 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
892 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
893 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
894 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
895 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
896 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
897 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
898 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
899 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
900 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
901 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
902 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
903 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
904 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
905 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
906 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
907 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
908 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
909 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
910 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
912 static const unsigned char dh_q[] = {
913 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
914 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
915 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
916 0x11, 0xac, 0xb5, 0x7d
918 static const unsigned char dh_g[] = {
919 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
920 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
921 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
922 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
923 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
924 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
925 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
926 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
927 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
928 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
929 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
930 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
931 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
932 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
933 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
934 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
935 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
936 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
937 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
938 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
939 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
940 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
941 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
942 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
943 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
944 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
945 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
946 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
947 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
948 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
949 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
950 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
952 static const unsigned char dh_priv[] = {
953 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
954 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
955 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
956 0x40, 0xb8, 0xfc, 0xe6
958 static const unsigned char dh_pub[] = {
959 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
960 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
961 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
962 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
963 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
964 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
965 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
966 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
967 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
968 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
969 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
970 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
971 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
972 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
973 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
974 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
975 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
976 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
977 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
978 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
979 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
980 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
981 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
982 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
983 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
984 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
985 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
986 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
987 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
988 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
989 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
990 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
992 static const unsigned char dh_peer_pub[] = {
993 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
994 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
995 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
996 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
997 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
998 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
999 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
1000 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
1001 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
1002 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
1003 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
1004 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
1005 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
1006 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
1007 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
1008 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
1009 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
1010 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
1011 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
1012 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
1013 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
1014 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
1015 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
1016 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
1017 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
1018 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
1019 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
1020 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
1021 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
1022 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
1023 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
1024 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
1027 static const unsigned char dh_secret_expected[] = {
1028 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
1029 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
1030 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
1031 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
1032 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
1033 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
1034 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
1035 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
1036 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
1037 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
1038 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
1039 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
1040 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
1041 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
1042 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
1043 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
1044 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
1045 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
1046 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
1047 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
1048 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
1049 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
1050 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
1051 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
1052 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
1053 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
1054 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
1055 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
1056 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
1057 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
1058 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
1059 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
1062 static const ST_KAT_PARAM dh_group[] = {
1063 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
1064 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
1065 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
1069 /* The host's private key */
1070 static const ST_KAT_PARAM dh_host_key[] = {
1071 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
1072 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
1076 /* The peer's public key */
1077 static const ST_KAT_PARAM dh_peer_key[] = {
1078 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
1081 #endif /* OPENSSL_NO_DH */
1084 #ifndef OPENSSL_NO_EC
1085 static const char ecdh_curve_name[] = "prime256v1";
1086 static const unsigned char ecdh_privd[] = {
1087 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1088 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1089 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1090 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1092 static const unsigned char ecdh_pub[] = {
1094 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1095 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1096 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1097 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1098 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1099 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1100 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1101 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1103 static const unsigned char ecdh_peer_pub[] = {
1105 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
1106 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
1107 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
1108 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
1109 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
1110 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
1111 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
1112 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
1115 static const ST_KAT_PARAM ecdh_group[] = {
1116 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
1119 static const ST_KAT_PARAM ecdh_host_key[] = {
1120 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
1121 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
1124 static const ST_KAT_PARAM ecdh_peer_key[] = {
1125 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
1128 static const unsigned char ecdh_secret_expected[] = {
1129 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
1130 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
1131 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
1132 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
1134 #endif /* OPENSSL_NO_EC */
1136 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
1137 static const ST_KAT_KAS st_kat_kas_tests[] =
1139 # ifndef OPENSSL_NO_DH
1141 OSSL_SELF_TEST_DESC_KA_DH,
1146 ITM(dh_secret_expected)
1148 # endif /* OPENSSL_NO_DH */
1149 # ifndef OPENSSL_NO_EC
1151 OSSL_SELF_TEST_DESC_KA_ECDH,
1156 ITM(ecdh_secret_expected)
1158 # endif /* OPENSSL_NO_EC */
1160 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1163 static const unsigned char rsa_n[] = {
1164 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1165 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1166 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1167 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1168 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1169 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1170 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1171 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1172 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1173 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1174 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1175 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1176 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1177 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1178 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1179 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1180 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1181 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1182 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1183 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1184 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1185 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1186 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1187 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1188 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1189 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1190 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1191 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1192 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1193 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1194 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1195 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1197 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1198 static const unsigned char rsa_d[] = {
1199 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1200 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1201 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1202 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1203 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1204 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1205 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1206 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1207 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1208 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1209 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1210 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1211 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1212 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1213 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1214 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1215 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1216 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1217 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1218 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1219 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1220 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1221 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1222 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1223 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1224 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1225 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1226 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1227 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1228 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1229 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1230 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1232 static const unsigned char rsa_p[] = {
1233 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1234 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1235 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1236 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1237 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1238 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1239 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1240 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1241 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1242 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1243 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1244 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1245 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1246 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1247 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1248 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1250 static const unsigned char rsa_q[] = {
1251 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1252 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1253 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1254 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1255 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1256 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1257 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1258 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1259 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1260 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1261 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1262 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1263 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1264 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1265 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1266 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1268 static const unsigned char rsa_dp[] = {
1269 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1270 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1271 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1272 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1273 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1274 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1275 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1276 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1277 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1278 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1279 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1280 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1281 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1282 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1283 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1284 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1286 static const unsigned char rsa_dq[] = {
1287 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1288 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1289 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1290 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1291 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1292 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1293 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1294 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1295 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1296 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1297 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1298 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1299 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1300 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1301 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1302 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1304 static const unsigned char rsa_qInv[] = {
1305 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1306 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1307 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1308 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1309 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1310 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1311 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1312 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1313 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1314 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1315 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1316 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1317 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1318 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1319 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1320 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1323 static const ST_KAT_PARAM rsa_crt_key[] = {
1324 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1325 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1326 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1327 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p),
1328 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q),
1329 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp),
1330 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq),
1331 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv),
1335 static const ST_KAT_PARAM rsa_pub_key[] = {
1336 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1337 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1341 static const ST_KAT_PARAM rsa_priv_key[] = {
1342 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1343 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1344 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1349 * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
1350 * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
1351 * HP/UX PA-RISC compilers.
1353 static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
1355 static const ST_KAT_PARAM rsa_enc_params[] = {
1356 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
1360 static const unsigned char rsa_expected_sig[256] = {
1361 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1362 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1363 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1364 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1365 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1366 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1367 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1368 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1369 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1370 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1371 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1372 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1373 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1374 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1375 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1376 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1377 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1378 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1379 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1380 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1381 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1382 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1383 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1384 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1385 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1386 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1387 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1388 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1389 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1390 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1391 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1392 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1395 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1396 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1397 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1399 static const unsigned char rsa_asym_expected_encrypt[256] = {
1400 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1401 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1402 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1403 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1404 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1405 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1406 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1407 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1408 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1409 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1410 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1411 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1412 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1413 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1414 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1415 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1416 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1417 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1418 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1419 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1420 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1421 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1422 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1423 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1424 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1425 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1426 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1427 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1428 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1429 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1430 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1431 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1434 #ifndef OPENSSL_NO_EC
1435 /* ECDSA key data */
1436 static const char ecd_prime_curve_name[] = "secp224r1";
1437 static const unsigned char ecd_prime_priv[] = {
1438 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1439 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1440 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1441 0x80, 0x93, 0x50, 0x30
1443 static const unsigned char ecd_prime_pub[] = {
1444 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1445 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1446 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1447 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1448 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1449 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1450 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1453 static const unsigned char ecdsa_prime_expected_sig[] = {
1454 0x30, 0x3d, 0x02, 0x1d, 0x00, 0xd2, 0x4a, 0xc9,
1455 0x4f, 0xaf, 0xdb, 0x62, 0xfc, 0x41, 0x4a, 0x81,
1456 0x2a, 0x9f, 0xcf, 0xa3, 0xda, 0xfe, 0xa3, 0x49,
1457 0xbd, 0xea, 0xbf, 0x2a, 0x51, 0xb4, 0x0b, 0xc3,
1458 0xbc, 0x02, 0x1c, 0x7f, 0x30, 0xb7, 0xad, 0xab,
1459 0x09, 0x6e, 0x3c, 0xad, 0x7f, 0xf9, 0x5e, 0xaa,
1460 0xe2, 0x38, 0xe5, 0x29, 0x16, 0xc4, 0xc8, 0x77,
1461 0xa1, 0xf8, 0x60, 0x77, 0x39, 0x7a, 0xec
1463 static const ST_KAT_PARAM ecdsa_prime_key[] = {
1464 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name),
1465 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub),
1466 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),
1470 # ifndef OPENSSL_NO_EC2M
1471 static const char ecd_bin_curve_name[] = "sect233r1";
1472 static const unsigned char ecd_bin_priv[] = {
1473 0x00, 0x6d, 0xd6, 0x39, 0x9d, 0x2a, 0xa2, 0xc8,
1474 0x8c, 0xfc, 0x7b, 0x80, 0x66, 0xaa, 0xe1, 0xaa,
1475 0xba, 0xee, 0xcb, 0xfd, 0xc9, 0xe5, 0x36, 0x38,
1476 0x2e, 0xf7, 0x37, 0x6d, 0xd3, 0x20
1478 static const unsigned char ecd_bin_pub[] = {
1479 0x04, 0x00, 0x06, 0xe2, 0x56, 0xf7, 0x37, 0xf9,
1480 0xea, 0xb6, 0xd1, 0x0f, 0x59, 0xfa, 0x23, 0xc3,
1481 0x93, 0xa8, 0xb2, 0x26, 0xe2, 0x5c, 0x08, 0xbe,
1482 0x63, 0x49, 0x26, 0xdc, 0xc7, 0x1e, 0x6f, 0x01,
1483 0x32, 0x3b, 0xe6, 0x54, 0x8d, 0xc1, 0x13, 0x3e,
1484 0x54, 0xb2, 0x66, 0x89, 0xb2, 0x82, 0x0a, 0x72,
1485 0x02, 0xa8, 0xe9, 0x6f, 0x54, 0xfd, 0x3a, 0x6b,
1486 0x99, 0xb6, 0x8f, 0x80, 0x46
1488 static const unsigned char ecdsa_bin_expected_sig[] = {
1489 0x30, 0x3f, 0x02, 0x1d, 0x08, 0x11, 0x7c, 0xcd,
1490 0xf4, 0xa1, 0x31, 0x9a, 0xc1, 0xfd, 0x50, 0x0e,
1491 0x5d, 0xa9, 0xb6, 0x0e, 0x95, 0x49, 0xe1, 0xbd,
1492 0x44, 0xe3, 0x5b, 0xa9, 0x35, 0x94, 0xa5, 0x2f,
1493 0xae, 0x02, 0x1e, 0x00, 0xe3, 0xba, 0xb8, 0x8f,
1494 0x4b, 0x05, 0x76, 0x88, 0x1e, 0x49, 0xd6, 0x62,
1495 0x76, 0xd3, 0x22, 0x4d, 0xa3, 0x7b, 0x04, 0xcc,
1496 0xfa, 0x7b, 0x41, 0x9b, 0x8c, 0xaf, 0x1b, 0x6d,
1499 static const ST_KAT_PARAM ecdsa_bin_key[] = {
1500 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_bin_curve_name),
1501 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_bin_pub),
1502 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_bin_priv),
1505 # endif /* OPENSSL_NO_EC2M */
1506 #endif /* OPENSSL_NO_EC */
1508 #ifndef OPENSSL_NO_DSA
1510 static const unsigned char dsa_p[] = {
1511 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1512 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1513 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1514 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1515 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1516 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1517 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1518 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1519 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1520 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1521 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1522 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1523 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1524 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1525 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1526 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1527 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1528 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1529 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1530 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1531 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1532 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1533 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1534 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1535 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1536 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1537 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1538 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1539 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1540 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1541 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1542 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1544 static const unsigned char dsa_q[] = {
1545 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1546 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1547 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1548 0x18, 0x90, 0x28, 0x67
1550 static const unsigned char dsa_g[] = {
1551 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1552 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1553 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1554 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1555 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1556 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1557 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1558 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1559 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1560 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1561 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1562 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1563 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1564 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1565 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1566 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1567 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1568 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1569 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1570 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1571 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1572 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1573 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1574 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1575 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1576 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1577 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1578 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1579 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1580 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1581 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1582 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1584 static const unsigned char dsa_pub[] = {
1585 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1586 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1587 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1588 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1589 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1590 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1591 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1592 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1593 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1594 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1595 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1596 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1597 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1598 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1599 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1600 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1601 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1602 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1603 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1604 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1605 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1606 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1607 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1608 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1609 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1610 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1611 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1612 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1613 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1614 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1615 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1616 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1618 static const unsigned char dsa_priv[] = {
1619 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1620 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1621 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1622 0x40, 0x7e, 0x5c, 0xb7
1624 static const unsigned char dsa_expected_sig[] = {
1625 0x30, 0x3c, 0x02, 0x1c, 0x70, 0xa4, 0x77, 0xb6,
1626 0x02, 0xb5, 0xd3, 0x07, 0x21, 0x22, 0x2d, 0xe3,
1627 0x4f, 0x7d, 0xfd, 0xfd, 0x6b, 0x4f, 0x03, 0x27,
1628 0x4c, 0xd3, 0xb2, 0x8c, 0x7c, 0xc5, 0xc4, 0xdf,
1629 0x02, 0x1c, 0x11, 0x52, 0x65, 0x16, 0x9f, 0xbd,
1630 0x4c, 0xe5, 0xab, 0xb2, 0x01, 0xd0, 0x7a, 0x30,
1631 0x5c, 0xc5, 0xba, 0x22, 0xc6, 0x62, 0x7e, 0xa6,
1632 0x7d, 0x98, 0x96, 0xc9, 0x77, 0x00
1635 static const ST_KAT_PARAM dsa_key[] = {
1636 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1637 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1638 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1639 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1640 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1643 #endif /* OPENSSL_NO_DSA */
1645 /* Hash DRBG inputs for signature KATs */
1646 static const unsigned char sig_kat_entropyin[] = {
1647 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
1648 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
1649 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
1651 static const unsigned char sig_kat_nonce[] = {
1652 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
1653 0xf0, 0xe5, 0x07, 0x1f
1655 static const unsigned char sig_kat_persstr[] = {
1656 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
1657 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
1658 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
1661 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1663 OSSL_SELF_TEST_DESC_SIGN_RSA,
1667 ITM(sig_kat_entropyin),
1669 ITM(sig_kat_persstr),
1670 ITM(rsa_expected_sig)
1672 #ifndef OPENSSL_NO_EC
1674 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1678 ITM(sig_kat_entropyin),
1680 ITM(sig_kat_persstr),
1681 ITM(ecdsa_prime_expected_sig)
1683 # ifndef OPENSSL_NO_EC2M
1685 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1689 ITM(sig_kat_entropyin),
1691 ITM(sig_kat_persstr),
1692 ITM(ecdsa_bin_expected_sig)
1695 #endif /* OPENSSL_NO_EC */
1696 #ifndef OPENSSL_NO_DSA
1698 OSSL_SELF_TEST_DESC_SIGN_DSA,
1702 ITM(sig_kat_entropyin),
1704 ITM(sig_kat_persstr),
1705 ITM(dsa_expected_sig)
1707 #endif /* OPENSSL_NO_DSA */
1710 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1712 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1717 ITM(rsa_asym_plaintext_encrypt),
1718 ITM(rsa_asym_expected_encrypt),
1721 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1726 ITM(rsa_asym_expected_encrypt),
1727 ITM(rsa_asym_plaintext_encrypt),
1730 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1735 ITM(rsa_asym_expected_encrypt),
1736 ITM(rsa_asym_plaintext_encrypt),
projects / thirdparty / openssl.git / blob