]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add SM2 signature algorithm to default provider
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /* We need to use some deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <openssl/bio.h>
17 #include <openssl/conf.h>
18 #include <openssl/crypto.h>
19 #include <openssl/err.h>
20 #include <openssl/evp.h>
21 #include <openssl/rsa.h>
22 #include <openssl/x509.h>
23 #include <openssl/pem.h>
24 #include <openssl/kdf.h>
25 #include <openssl/provider.h>
26 #include <openssl/core_names.h>
27 #include <openssl/params.h>
28 #include <openssl/dsa.h>
29 #include <openssl/dh.h>
30 #include <openssl/aes.h>
31 #include "testutil.h"
32 #include "internal/nelem.h"
33 #include "internal/sizes.h"
34 #include "crypto/evp.h"
35 #include "../e_os.h" /* strcasecmp */
36
37 #ifndef OPENSSL_NO_SM2
38 /*
39 * TODO(3.0) remove when provider SM2 keymgmt is implemented and
40 * EVP_PKEY_set_alias_type() works with provider-native keys.
41 */
42 # define TMP_SM2_HACK
43 #endif
44
45 static OPENSSL_CTX *testctx = NULL;
46
47 /*
48 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
49 * should never use this key anywhere but in an example.
50 */
51 static const unsigned char kExampleRSAKeyDER[] = {
52 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
53 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
54 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
55 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
56 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
57 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
58 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
59 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
60 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
61 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
62 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
63 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
64 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
65 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
66 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
67 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
68 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
69 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
70 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
71 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
72 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
73 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
74 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
75 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
76 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
77 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
78 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
79 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
80 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
81 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
82 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
83 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
84 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
85 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
86 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
87 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
88 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
89 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
90 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
91 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
92 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
93 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
94 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
95 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
96 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
97 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
98 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
99 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
100 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
101 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
102 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
103 };
104
105 /*
106 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
107 * should never use this key anywhere but in an example.
108 */
109 #ifndef OPENSSL_NO_DSA
110 static const unsigned char kExampleDSAKeyDER[] = {
111 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
112 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
113 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
114 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
115 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
116 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
117 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
118 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
119 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
120 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
121 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
122 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
123 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
124 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
125 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
126 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
127 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
128 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
129 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
130 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
131 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
132 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
133 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
134 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
135 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
136 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
137 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
138 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
139 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
140 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
141 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
142 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
143 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
144 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
145 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
146 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
147 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
148 0x40, 0x48
149 };
150 #endif
151
152 /*
153 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
154 * components are not correct.
155 */
156 static const unsigned char kExampleBadRSAKeyDER[] = {
157 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
158 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
159 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
160 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
161 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
162 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
163 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
164 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
165 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
166 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
167 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
168 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
169 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
170 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
171 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
172 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
173 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
174 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
175 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
176 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
177 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
178 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
179 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
180 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
181 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
182 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
183 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
184 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
185 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
186 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
187 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
188 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
189 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
190 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
191 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
192 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
193 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
194 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
195 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
196 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
197 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
198 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
199 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
200 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
201 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
202 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
203 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
204 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
205 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
206 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
207 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
208 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
209 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
210 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
211 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
212 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
213 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
214 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
215 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
216 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
217 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
218 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
219 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
220 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
221 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
222 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
223 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
224 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
225 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
226 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
227 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
228 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
229 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
230 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
231 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
232 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
233 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
234 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
235 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
236 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
237 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
238 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
239 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
240 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
241 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
242 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
243 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
244 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
245 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
246 };
247
248 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
249
250 static const unsigned char kSignature[] = {
251 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
252 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
253 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
254 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
255 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
256 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
257 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
258 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
259 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
260 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
261 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
262 };
263
264 /*
265 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
266 * PrivateKeyInfo.
267 */
268 static const unsigned char kExampleRSAKeyPKCS8[] = {
269 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
270 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
271 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
272 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
273 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
274 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
275 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
276 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
277 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
278 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
279 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
280 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
281 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
282 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
283 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
284 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
285 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
286 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
287 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
288 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
289 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
290 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
291 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
292 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
293 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
294 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
295 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
296 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
297 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
298 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
299 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
300 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
301 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
302 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
303 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
304 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
305 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
306 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
307 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
308 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
309 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
310 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
311 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
312 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
313 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
314 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
315 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
316 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
317 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
318 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
319 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
320 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
321 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
322 };
323
324 #ifndef OPENSSL_NO_EC
325 /*
326 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
327 * structure.
328 */
329 static const unsigned char kExampleECKeyDER[] = {
330 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
331 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
332 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
333 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
334 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
335 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
336 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
337 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
338 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
339 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
340 0xc1,
341 };
342
343 /*
344 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
345 * structure. The private key is equal to the order and will fail to import
346 */
347 static const unsigned char kExampleBadECKeyDER[] = {
348 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
349 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
350 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
351 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
352 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
353 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
354 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
355 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
356 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
357 };
358
359 /* prime256v1 */
360 static const unsigned char kExampleECPubKeyDER[] = {
361 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
362 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
363 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
364 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
365 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
366 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
367 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
368 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
369 };
370
371 /*
372 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
373 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
374 */
375 static const unsigned char kExampleBadECPubKeyDER[] = {
376 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
377 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
378 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
379 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
380 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
381 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
382 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
383 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
384 };
385
386 static const unsigned char pExampleECParamDER[] = {
387 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
388 };
389 #endif
390
391 typedef struct APK_DATA_st {
392 const unsigned char *kder;
393 size_t size;
394 int evptype;
395 int check;
396 int pub_check;
397 int param_check;
398 int type; /* 0 for private, 1 for public, 2 for params */
399 } APK_DATA;
400
401 static APK_DATA keydata[] = {
402 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
403 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
404 #ifndef OPENSSL_NO_EC
405 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
406 #endif
407 };
408
409 static APK_DATA keycheckdata[] = {
410 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
411 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
412 0, -2, -2, 0},
413 #ifndef OPENSSL_NO_EC
414 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
415 /* group is also associated in our pub key */
416 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
417 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
418 #endif
419 };
420
421 static EVP_PKEY *load_example_rsa_key(void)
422 {
423 EVP_PKEY *ret = NULL;
424 const unsigned char *derp = kExampleRSAKeyDER;
425 EVP_PKEY *pkey = NULL;
426 RSA *rsa = NULL;
427
428 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
429 return NULL;
430
431 if (!TEST_ptr(pkey = EVP_PKEY_new())
432 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
433 goto end;
434
435 ret = pkey;
436 pkey = NULL;
437
438 end:
439 EVP_PKEY_free(pkey);
440 RSA_free(rsa);
441
442 return ret;
443 }
444
445 #ifndef OPENSSL_NO_DSA
446 static EVP_PKEY *load_example_dsa_key(void)
447 {
448 EVP_PKEY *ret = NULL;
449 const unsigned char *derp = kExampleDSAKeyDER;
450 EVP_PKEY *pkey = NULL;
451 DSA *dsa = NULL;
452
453 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
454 return NULL;
455
456 if (!TEST_ptr(pkey = EVP_PKEY_new())
457 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
458 goto end;
459
460 ret = pkey;
461 pkey = NULL;
462
463 end:
464 EVP_PKEY_free(pkey);
465 DSA_free(dsa);
466
467 return ret;
468 }
469 #endif
470
471 static EVP_PKEY *load_example_hmac_key(void)
472 {
473 EVP_PKEY *pkey = NULL;
474 unsigned char key[] = {
475 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
476 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
477 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
478 };
479
480 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
481 if (!TEST_ptr(pkey))
482 return NULL;
483
484 return pkey;
485 }
486
487 static int test_EVP_set_default_properties(void)
488 {
489 OPENSSL_CTX *ctx;
490 EVP_MD *md = NULL;
491 int res = 0;
492
493 if (!TEST_ptr(ctx = OPENSSL_CTX_new())
494 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
495 goto err;
496 EVP_MD_free(md);
497 md = NULL;
498
499 if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
500 || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
501 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
502 goto err;
503 EVP_MD_free(md);
504 md = NULL;
505
506 if (!TEST_true(EVP_set_default_properties(ctx, NULL))
507 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
508 goto err;
509 res = 1;
510 err:
511 EVP_MD_free(md);
512 OPENSSL_CTX_free(ctx);
513 return res;
514 }
515
516 static int test_EVP_Enveloped(void)
517 {
518 int ret = 0;
519 EVP_CIPHER_CTX *ctx = NULL;
520 EVP_PKEY *keypair = NULL;
521 unsigned char *kek = NULL;
522 unsigned char iv[EVP_MAX_IV_LENGTH];
523 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
524 int len, kek_len, ciphertext_len, plaintext_len;
525 unsigned char ciphertext[32], plaintext[16];
526 const EVP_CIPHER *type = EVP_aes_256_cbc();
527
528 if (!TEST_ptr(keypair = load_example_rsa_key())
529 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
530 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
531 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
532 &keypair, 1))
533 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
534 msg, sizeof(msg)))
535 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
536 &len)))
537 goto err;
538
539 ciphertext_len += len;
540
541 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
542 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
543 ciphertext, ciphertext_len))
544 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
545 goto err;
546
547 plaintext_len += len;
548 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
549 goto err;
550
551 ret = 1;
552 err:
553 OPENSSL_free(kek);
554 EVP_PKEY_free(keypair);
555 EVP_CIPHER_CTX_free(ctx);
556 return ret;
557 }
558
559 /*
560 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
561 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
562 * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
563 * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
564 * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
565 * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
566 * Test 6: Use an MD BIO to do the Update calls instead (RSA)
567 * Test 7: Use an MD BIO to do the Update calls instead (DSA)
568 * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
569 */
570 static int test_EVP_DigestSignInit(int tst)
571 {
572 int ret = 0;
573 EVP_PKEY *pkey = NULL;
574 unsigned char *sig = NULL;
575 size_t sig_len = 0;
576 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
577 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
578 BIO *mdbio = NULL, *membio = NULL;
579 size_t written;
580 const EVP_MD *md;
581 EVP_MD *mdexp = NULL;
582
583 if (tst >= 6) {
584 membio = BIO_new(BIO_s_mem());
585 mdbio = BIO_new(BIO_f_md());
586 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
587 goto out;
588 BIO_push(mdbio, membio);
589 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
590 goto out;
591 } else {
592 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
593 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
594 goto out;
595 }
596
597 if (tst == 0 || tst == 3 || tst == 6) {
598 if (!TEST_ptr(pkey = load_example_rsa_key()))
599 goto out;
600 } else if (tst == 1 || tst == 4 || tst == 7) {
601 #ifndef OPENSSL_NO_DSA
602 if (!TEST_ptr(pkey = load_example_dsa_key()))
603 goto out;
604 #else
605 ret = 1;
606 goto out;
607 #endif
608 } else {
609 if (!TEST_ptr(pkey = load_example_hmac_key()))
610 goto out;
611 }
612
613 if (tst >= 3 && tst <= 5)
614 md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
615 else
616 md = EVP_sha256();
617
618 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
619 goto out;
620
621 if (tst >= 6) {
622 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
623 goto out;
624 } else {
625 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
626 goto out;
627 }
628
629 /* Determine the size of the signature. */
630 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
631 || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
632 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
633 goto out;
634
635 if (tst >= 6) {
636 if (!TEST_int_gt(BIO_reset(mdbio), 0)
637 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
638 goto out;
639 }
640
641 /*
642 * Ensure that the signature round-trips (Verification isn't supported for
643 * HMAC via EVP_DigestVerify*)
644 */
645 if (tst != 2 && tst != 5 && tst != 8) {
646 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
647 NULL, pkey)))
648 goto out;
649
650 if (tst >= 6) {
651 if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
652 goto out;
653 } else {
654 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
655 sizeof(kMsg))))
656 goto out;
657 }
658 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
659 goto out;
660 }
661
662 ret = 1;
663
664 out:
665 BIO_free(membio);
666 BIO_free(mdbio);
667 EVP_MD_CTX_free(a_md_ctx);
668 EVP_MD_CTX_free(a_md_ctx_verify);
669 EVP_PKEY_free(pkey);
670 OPENSSL_free(sig);
671 EVP_MD_free(mdexp);
672
673 return ret;
674 }
675
676 static int test_EVP_DigestVerifyInit(void)
677 {
678 int ret = 0;
679 EVP_PKEY *pkey = NULL;
680 EVP_MD_CTX *md_ctx = NULL;
681
682 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
683 || !TEST_ptr(pkey = load_example_rsa_key()))
684 goto out;
685
686 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
687 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
688 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
689 sizeof(kSignature))))
690 goto out;
691 ret = 1;
692
693 out:
694 EVP_MD_CTX_free(md_ctx);
695 EVP_PKEY_free(pkey);
696 return ret;
697 }
698
699 static int test_d2i_AutoPrivateKey(int i)
700 {
701 int ret = 0;
702 const unsigned char *p;
703 EVP_PKEY *pkey = NULL;
704 const APK_DATA *ak = &keydata[i];
705 const unsigned char *input = ak->kder;
706 size_t input_len = ak->size;
707 int expected_id = ak->evptype;
708
709 p = input;
710 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
711 || !TEST_ptr_eq(p, input + input_len)
712 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
713 goto done;
714
715 ret = 1;
716
717 done:
718 EVP_PKEY_free(pkey);
719 return ret;
720 }
721
722 #ifndef OPENSSL_NO_EC
723
724 static const unsigned char ec_public_sect163k1_validxy[] = {
725 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
726 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
727 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
728 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
729 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
730 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
731 };
732
733 static const unsigned char ec_public_sect163k1_badx[] = {
734 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
735 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
736 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
737 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
738 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
739 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
740 };
741
742 static const unsigned char ec_public_sect163k1_bady[] = {
743 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
744 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
745 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
746 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
747 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
748 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
749 };
750
751 static struct ec_der_pub_keys_st {
752 const unsigned char *der;
753 size_t len;
754 int valid;
755 } ec_der_pub_keys[] = {
756 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
757 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
758 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
759 };
760
761 /*
762 * Tests the range of the decoded EC char2 public point.
763 * See ec_GF2m_simple_oct2point().
764 */
765 static int test_invalide_ec_char2_pub_range_decode(int id)
766 {
767 int ret = 0;
768 BIO *bio = NULL;
769 EC_KEY *eckey = NULL;
770
771 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
772 ec_der_pub_keys[id].len)))
773 goto err;
774 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
775 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
776 || TEST_ptr_null(eckey);
777 err:
778 EC_KEY_free(eckey);
779 BIO_free(bio);
780 return ret;
781 }
782
783 /* Tests loading a bad key in PKCS8 format */
784 static int test_EVP_PKCS82PKEY(void)
785 {
786 int ret = 0;
787 const unsigned char *derp = kExampleBadECKeyDER;
788 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
789 EVP_PKEY *pkey = NULL;
790
791 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
792 sizeof(kExampleBadECKeyDER))))
793 goto done;
794
795 if (!TEST_ptr_eq(derp,
796 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
797 goto done;
798
799 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
800 goto done;
801
802 ret = 1;
803
804 done:
805 PKCS8_PRIV_KEY_INFO_free(p8inf);
806 EVP_PKEY_free(pkey);
807
808 return ret;
809 }
810 #endif
811
812 /* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */
813 static int test_privatekey_to_pkcs8(void)
814 {
815 EVP_PKEY *pkey = NULL;
816 BIO *membio = NULL;
817 char *membuf = NULL;
818 long membuf_len = 0;
819 int ok = 0;
820
821 if (!TEST_ptr(membio = BIO_new(BIO_s_mem()))
822 || !TEST_ptr(pkey = load_example_rsa_key())
823 || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL,
824 NULL, 0, NULL, NULL),
825 0)
826 || !TEST_int_gt(membuf_len = BIO_get_mem_data(membio, &membuf), 0)
827 || !TEST_ptr(membuf)
828 || !TEST_mem_eq(membuf, (size_t)membuf_len,
829 kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8))
830 /*
831 * We try to write PEM as well, just to see that it doesn't err, but
832 * assume that the result is correct.
833 */
834 || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL,
835 NULL, 0, NULL, NULL),
836 0))
837 goto done;
838
839 ok = 1;
840 done:
841 EVP_PKEY_free(pkey);
842 BIO_free_all(membio);
843 return ok;
844 }
845
846 #ifndef OPENSSL_NO_EC
847 static const struct {
848 int encoding;
849 const char *encoding_name;
850 } ec_encodings[] = {
851 { OPENSSL_EC_EXPLICIT_CURVE, OSSL_PKEY_EC_ENCODING_EXPLICIT },
852 { OPENSSL_EC_NAMED_CURVE, OSSL_PKEY_EC_ENCODING_GROUP }
853 };
854
855 static int ec_export_get_encoding_cb(const OSSL_PARAM params[], void *arg)
856 {
857 const OSSL_PARAM *p;
858 const char *enc_name = NULL;
859 int *enc = arg;
860 size_t i;
861
862 *enc = -1;
863
864 if (!TEST_ptr(p = OSSL_PARAM_locate_const(params,
865 OSSL_PKEY_PARAM_EC_ENCODING))
866 || !TEST_true(OSSL_PARAM_get_utf8_string_ptr(p, &enc_name)))
867 return 0;
868
869 for (i = 0; i < OSSL_NELEM(ec_encodings); i++) {
870 if (strcasecmp(enc_name, ec_encodings[i].encoding_name) == 0) {
871 *enc = ec_encodings[i].encoding;
872 break;
873 }
874 }
875
876 return (*enc != -1);
877 }
878
879 static int test_EC_keygen_with_enc(int idx)
880 {
881 EVP_PKEY *params = NULL, *key = NULL;
882 EVP_PKEY_CTX *pctx = NULL, *kctx = NULL;
883 int enc;
884 int ret = 0;
885
886 enc = ec_encodings[idx].encoding;
887
888 /* Create key parameters */
889 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "EC", NULL))
890 || !TEST_true(EVP_PKEY_paramgen_init(pctx))
891 || !TEST_true(EVP_PKEY_CTX_set_group_name(pctx, "P-256"))
892 || !TEST_true(EVP_PKEY_CTX_set_ec_param_enc(pctx, enc))
893 || !TEST_true(EVP_PKEY_paramgen(pctx, &params))
894 || !TEST_ptr(params))
895 goto done;
896
897 /* Create key */
898 if (!TEST_ptr(kctx = EVP_PKEY_CTX_new_from_pkey(testctx, params, NULL))
899 || !TEST_true(EVP_PKEY_keygen_init(kctx))
900 || !TEST_true(EVP_PKEY_keygen(kctx, &key))
901 || !TEST_ptr(key))
902 goto done;
903
904 /* Check that the encoding got all the way into the key */
905 if (!TEST_true(evp_keymgmt_util_export(key, OSSL_KEYMGMT_SELECT_ALL,
906 ec_export_get_encoding_cb, &enc))
907 || !TEST_int_eq(enc, ec_encodings[idx].encoding))
908 goto done;
909
910 ret = 1;
911 done:
912 EVP_PKEY_free(key);
913 EVP_PKEY_free(params);
914 EVP_PKEY_CTX_free(kctx);
915 EVP_PKEY_CTX_free(pctx);
916 return ret;
917 }
918 #endif
919
920 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
921
922 static int test_EVP_SM2_verify(void)
923 {
924 const char *pubkey =
925 "-----BEGIN PUBLIC KEY-----\n"
926 "MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEp1KLWq1ZE2jmoAnnBJE1LBGxVr18\n"
927 "YvvqECWCpXfAQ9qUJ+UmthnUPf0iM3SaXKHe6PlLIDyNlWMWb9RUh/yU3g==\n"
928 "-----END PUBLIC KEY-----\n";
929
930 const char *msg = "message digest";
931 const char *id = "ALICE123@YAHOO.COM";
932
933 const uint8_t signature[] = {
934 0x30, 0x44, 0x02, 0x20, 0x5b, 0xdb, 0xab, 0x81, 0x4f, 0xbb,
935 0x8b, 0x69, 0xb1, 0x05, 0x9c, 0x99, 0x3b, 0xb2, 0x45, 0x06,
936 0x4a, 0x30, 0x15, 0x59, 0x84, 0xcd, 0xee, 0x30, 0x60, 0x36,
937 0x57, 0x87, 0xef, 0x5c, 0xd0, 0xbe, 0x02, 0x20, 0x43, 0x8d,
938 0x1f, 0xc7, 0x77, 0x72, 0x39, 0xbb, 0x72, 0xe1, 0xfd, 0x07,
939 0x58, 0xd5, 0x82, 0xc8, 0x2d, 0xba, 0x3b, 0x2c, 0x46, 0x24,
940 0xe3, 0x50, 0xff, 0x04, 0xc7, 0xa0, 0x71, 0x9f, 0xa4, 0x70
941 };
942
943 int rc = 0;
944 BIO *bio = NULL;
945 EVP_PKEY *pkey = NULL;
946 EVP_MD_CTX *mctx = NULL;
947 EVP_PKEY_CTX *pctx = NULL;
948
949 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
950 if (!TEST_true(bio != NULL))
951 goto done;
952
953 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
954 if (!TEST_true(pkey != NULL))
955 goto done;
956
957 #ifdef TMP_SM2_HACK
958 if (!TEST_ptr(EVP_PKEY_get0(pkey)))
959 goto done;
960 #endif
961
962 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
963 goto done;
964
965 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
966 goto done;
967
968 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
969 goto done;
970
971 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
972
973 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
974 goto done;
975
976 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, id, strlen(id)), 0))
977 goto done;
978
979 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
980 goto done;
981
982 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
983 goto done;
984 rc = 1;
985
986 done:
987 BIO_free(bio);
988 EVP_PKEY_free(pkey);
989 EVP_PKEY_CTX_free(pctx);
990 EVP_MD_CTX_free(mctx);
991 return rc;
992 }
993
994 static int test_EVP_SM2(void)
995 {
996 int ret = 0;
997 EVP_PKEY *pkey = NULL;
998 EVP_PKEY *params = NULL;
999 EVP_PKEY_CTX *pctx = NULL;
1000 EVP_PKEY_CTX *kctx = NULL;
1001 EVP_PKEY_CTX *sctx = NULL;
1002 size_t sig_len = 0;
1003 unsigned char *sig = NULL;
1004 EVP_MD_CTX *md_ctx = NULL;
1005 EVP_MD_CTX *md_ctx_verify = NULL;
1006 EVP_PKEY_CTX *cctx = NULL;
1007
1008 uint8_t ciphertext[128];
1009 size_t ctext_len = sizeof(ciphertext);
1010
1011 uint8_t plaintext[8];
1012 size_t ptext_len = sizeof(plaintext);
1013
1014 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
1015
1016 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);
1017 if (!TEST_ptr(pctx))
1018 goto done;
1019
1020 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
1021 goto done;
1022
1023 /* TODO is this even needed? */
1024 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
1025 goto done;
1026
1027 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
1028 goto done;
1029
1030 kctx = EVP_PKEY_CTX_new(params, NULL);
1031 if (!TEST_ptr(kctx))
1032 goto done;
1033
1034 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
1035 goto done;
1036
1037 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
1038 goto done;
1039
1040 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
1041 goto done;
1042
1043 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
1044 goto done;
1045
1046 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
1047 goto done;
1048
1049 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
1050 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
1051
1052 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
1053 goto done;
1054
1055 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1056 goto done;
1057
1058 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
1059 goto done;
1060
1061 /* Determine the size of the signature. */
1062 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
1063 goto done;
1064
1065 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
1066 goto done;
1067
1068 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
1069 goto done;
1070
1071 /* Ensure that the signature round-trips. */
1072
1073 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
1074 goto done;
1075
1076 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1077 goto done;
1078
1079 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
1080 goto done;
1081
1082 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
1083 goto done;
1084
1085 /* now check encryption/decryption */
1086 /*
1087 * SM2 public key encrytion is not moved into default provider yet,
1088 * so we make sure the key gets downgraded for the moment being.
1089 * TODO Remove this call when provided SM2 encryption is implemented
1090 */
1091 if (!TEST_ptr(EVP_PKEY_get0(pkey)))
1092 goto done;
1093
1094 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
1095 goto done;
1096
1097 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
1098 goto done;
1099
1100 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
1101 goto done;
1102
1103 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
1104 goto done;
1105
1106 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
1107 goto done;
1108
1109 if (!TEST_true(ptext_len == sizeof(kMsg)))
1110 goto done;
1111
1112 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
1113 goto done;
1114
1115 ret = 1;
1116 done:
1117 EVP_PKEY_CTX_free(pctx);
1118 EVP_PKEY_CTX_free(kctx);
1119 EVP_PKEY_CTX_free(sctx);
1120 EVP_PKEY_CTX_free(cctx);
1121 EVP_PKEY_free(pkey);
1122 EVP_PKEY_free(params);
1123 EVP_MD_CTX_free(md_ctx);
1124 EVP_MD_CTX_free(md_ctx_verify);
1125 OPENSSL_free(sig);
1126 return ret;
1127 }
1128
1129 #endif
1130
1131 static struct keys_st {
1132 int type;
1133 char *priv;
1134 char *pub;
1135 } keys[] = {
1136 {
1137 EVP_PKEY_HMAC, "0123456789", NULL
1138 }, {
1139 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
1140 }, {
1141 EVP_PKEY_SIPHASH, "0123456789012345", NULL
1142 },
1143 #ifndef OPENSSL_NO_EC
1144 {
1145 EVP_PKEY_X25519, "01234567890123456789012345678901",
1146 "abcdefghijklmnopqrstuvwxyzabcdef"
1147 }, {
1148 EVP_PKEY_ED25519, "01234567890123456789012345678901",
1149 "abcdefghijklmnopqrstuvwxyzabcdef"
1150 }, {
1151 EVP_PKEY_X448,
1152 "01234567890123456789012345678901234567890123456789012345",
1153 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
1154 }, {
1155 EVP_PKEY_ED448,
1156 "012345678901234567890123456789012345678901234567890123456",
1157 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
1158 }
1159 #endif
1160 };
1161
1162 static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
1163 {
1164 int ret = 0;
1165 unsigned char buf[80];
1166 unsigned char *in;
1167 size_t inlen, len = 0;
1168 EVP_PKEY *pkey;
1169
1170 /* Check if this algorithm supports public keys */
1171 if (keys[tst].pub == NULL)
1172 return 1;
1173
1174 memset(buf, 0, sizeof(buf));
1175
1176 if (pub) {
1177 inlen = strlen(keys[tst].pub);
1178 in = (unsigned char *)keys[tst].pub;
1179 if (uselibctx) {
1180 pkey = EVP_PKEY_new_raw_public_key_with_libctx(
1181 testctx,
1182 OBJ_nid2sn(keys[tst].type),
1183 NULL,
1184 in,
1185 inlen);
1186 } else {
1187 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
1188 NULL,
1189 in,
1190 inlen);
1191 }
1192 } else {
1193 inlen = strlen(keys[tst].priv);
1194 in = (unsigned char *)keys[tst].priv;
1195 if (uselibctx) {
1196 pkey = EVP_PKEY_new_raw_private_key_with_libctx(
1197 testctx, OBJ_nid2sn(keys[tst].type),
1198 NULL,
1199 in,
1200 inlen);
1201 } else {
1202 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1203 NULL,
1204 in,
1205 inlen);
1206 }
1207 }
1208
1209 if (!TEST_ptr(pkey)
1210 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1211 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1212 || !TEST_true(len == inlen)
1213 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1214 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1215 || !TEST_mem_eq(in, inlen, buf, len))
1216 goto done;
1217
1218 ret = 1;
1219 done:
1220 EVP_PKEY_free(pkey);
1221 return ret;
1222 }
1223
1224 static int test_set_get_raw_keys(int tst)
1225 {
1226 return test_set_get_raw_keys_int(tst, 0, 0)
1227 && test_set_get_raw_keys_int(tst, 0, 1)
1228 && test_set_get_raw_keys_int(tst, 1, 0)
1229 && test_set_get_raw_keys_int(tst, 1, 1);
1230 }
1231
1232 #ifndef OPENSSL_NO_DEPRECATED_3_0
1233 static int pkey_custom_check(EVP_PKEY *pkey)
1234 {
1235 return 0xbeef;
1236 }
1237
1238 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1239 {
1240 return 0xbeef;
1241 }
1242
1243 static int pkey_custom_param_check(EVP_PKEY *pkey)
1244 {
1245 return 0xbeef;
1246 }
1247
1248 static EVP_PKEY_METHOD *custom_pmeth;
1249 #endif
1250
1251 static int test_EVP_PKEY_check(int i)
1252 {
1253 int ret = 0;
1254 const unsigned char *p;
1255 EVP_PKEY *pkey = NULL;
1256 #ifndef OPENSSL_NO_EC
1257 EC_KEY *eckey = NULL;
1258 #endif
1259 EVP_PKEY_CTX *ctx = NULL;
1260 #ifndef OPENSSL_NO_DEPRECATED_3_0
1261 EVP_PKEY_CTX *ctx2 = NULL;
1262 #endif
1263 const APK_DATA *ak = &keycheckdata[i];
1264 const unsigned char *input = ak->kder;
1265 size_t input_len = ak->size;
1266 int expected_id = ak->evptype;
1267 int expected_check = ak->check;
1268 int expected_pub_check = ak->pub_check;
1269 int expected_param_check = ak->param_check;
1270 int type = ak->type;
1271 BIO *pubkey = NULL;
1272
1273 p = input;
1274
1275 switch (type) {
1276 case 0:
1277 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1278 || !TEST_ptr_eq(p, input + input_len)
1279 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1280 goto done;
1281 break;
1282 #ifndef OPENSSL_NO_EC
1283 case 1:
1284 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1285 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1286 || !TEST_ptr(pkey = EVP_PKEY_new())
1287 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1288 goto done;
1289 break;
1290 case 2:
1291 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1292 || !TEST_ptr_eq(p, input + input_len)
1293 || !TEST_ptr(pkey = EVP_PKEY_new())
1294 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1295 goto done;
1296 break;
1297 #endif
1298 default:
1299 return 0;
1300 }
1301
1302 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1303 goto done;
1304
1305 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1306 goto done;
1307
1308 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1309 goto done;
1310
1311 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1312 goto done;
1313
1314 #ifndef OPENSSL_NO_DEPRECATED_3_0
1315 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1316 /* assign the pkey directly, as an internal test */
1317 EVP_PKEY_up_ref(pkey);
1318 ctx2->pkey = pkey;
1319
1320 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1321 goto done;
1322
1323 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1324 goto done;
1325
1326 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1327 goto done;
1328 #endif
1329
1330 ret = 1;
1331
1332 done:
1333 EVP_PKEY_CTX_free(ctx);
1334 #ifndef OPENSSL_NO_DEPRECATED_3_0
1335 EVP_PKEY_CTX_free(ctx2);
1336 #endif
1337 EVP_PKEY_free(pkey);
1338 BIO_free(pubkey);
1339 return ret;
1340 }
1341
1342 #ifndef OPENSSL_NO_CMAC
1343 static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
1344 {
1345 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
1346 const char msg[] = "Hello World";
1347 size_t maclen;
1348 int ret = 1;
1349
1350 if (!TEST_ptr(mdctx)
1351 || !TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey))
1352 || !TEST_true(EVP_DigestSignUpdate(mdctx, msg, sizeof(msg)))
1353 || !TEST_true(EVP_DigestSignFinal(mdctx, mac, &maclen))
1354 || !TEST_size_t_eq(maclen, AES_BLOCK_SIZE))
1355 ret = 0;
1356
1357 EVP_MD_CTX_free(mdctx);
1358
1359 return ret;
1360 }
1361 static int test_CMAC_keygen(void)
1362 {
1363 static unsigned char key[] = {
1364 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1365 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1366 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
1367 };
1368 /*
1369 * This is a legacy method for CMACs, but should still work.
1370 * This verifies that it works without an ENGINE.
1371 */
1372 EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
1373 int ret = 0;
1374 EVP_PKEY *pkey = NULL;
1375 unsigned char mac[AES_BLOCK_SIZE], mac2[AES_BLOCK_SIZE];
1376
1377 /* Test a CMAC key created using the "generated" method */
1378 if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1379 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1380 EVP_PKEY_CTRL_CIPHER,
1381 0, (void *)EVP_aes_256_ecb()), 0)
1382 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1383 EVP_PKEY_CTRL_SET_MAC_KEY,
1384 sizeof(key), (void *)key), 0)
1385 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)
1386 || !TEST_ptr(pkey)
1387 || !TEST_true(get_cmac_val(pkey, mac)))
1388 goto done;
1389
1390 EVP_PKEY_free(pkey);
1391
1392 /*
1393 * Test a CMAC key using the direct method, and compare with the mac
1394 * created above.
1395 */
1396 pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), EVP_aes_256_ecb());
1397 if (!TEST_ptr(pkey)
1398 || !TEST_true(get_cmac_val(pkey, mac2))
1399 || !TEST_mem_eq(mac, sizeof(mac), mac2, sizeof(mac2)))
1400 goto done;
1401
1402 ret = 1;
1403
1404 done:
1405 EVP_PKEY_free(pkey);
1406 EVP_PKEY_CTX_free(kctx);
1407 return ret;
1408 }
1409 #endif
1410
1411 static int test_HKDF(void)
1412 {
1413 EVP_PKEY_CTX *pctx;
1414 unsigned char out[20];
1415 size_t outlen;
1416 int i, ret = 0;
1417 unsigned char salt[] = "0123456789";
1418 unsigned char key[] = "012345678901234567890123456789";
1419 unsigned char info[] = "infostring";
1420 const unsigned char expected[] = {
1421 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1422 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1423 };
1424 size_t expectedlen = sizeof(expected);
1425
1426 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1427 goto done;
1428
1429 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1430 for (i = 0; i < 2; i++) {
1431 outlen = sizeof(out);
1432 memset(out, 0, outlen);
1433
1434 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1435 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1436 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1437 sizeof(salt) - 1), 0)
1438 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1439 sizeof(key) - 1), 0)
1440 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1441 sizeof(info) - 1), 0)
1442 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1443 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1444 goto done;
1445 }
1446
1447 ret = 1;
1448
1449 done:
1450 EVP_PKEY_CTX_free(pctx);
1451
1452 return ret;
1453 }
1454
1455 static int test_emptyikm_HKDF(void)
1456 {
1457 EVP_PKEY_CTX *pctx;
1458 unsigned char out[20];
1459 size_t outlen;
1460 int ret = 0;
1461 unsigned char salt[] = "9876543210";
1462 unsigned char key[] = "";
1463 unsigned char info[] = "stringinfo";
1464 const unsigned char expected[] = {
1465 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47,
1466 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30
1467 };
1468 size_t expectedlen = sizeof(expected);
1469
1470 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1471 goto done;
1472
1473 outlen = sizeof(out);
1474 memset(out, 0, outlen);
1475
1476 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1477 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1478 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1479 sizeof(salt) - 1), 0)
1480 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1481 sizeof(key) - 1), 0)
1482 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1483 sizeof(info) - 1), 0)
1484 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1485 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1486 goto done;
1487
1488 ret = 1;
1489
1490 done:
1491 EVP_PKEY_CTX_free(pctx);
1492
1493 return ret;
1494 }
1495
1496 #ifndef OPENSSL_NO_EC
1497 static int test_X509_PUBKEY_inplace(void)
1498 {
1499 int ret = 0;
1500 X509_PUBKEY *xp = NULL;
1501 const unsigned char *p = kExampleECPubKeyDER;
1502 size_t input_len = sizeof(kExampleECPubKeyDER);
1503
1504 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1505 goto done;
1506
1507 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1508 goto done;
1509
1510 p = kExampleBadECPubKeyDER;
1511 input_len = sizeof(kExampleBadECPubKeyDER);
1512
1513 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1514 goto done;
1515
1516 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1517 goto done;
1518
1519 ret = 1;
1520
1521 done:
1522 X509_PUBKEY_free(xp);
1523 return ret;
1524 }
1525 #endif /* OPENSSL_NO_EC */
1526
1527 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1528 static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
1529 {
1530 EVP_MD_CTX *mdctx = NULL;
1531 EVP_PKEY_CTX *ctx = NULL;
1532 const OSSL_PARAM *params;
1533 OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
1534 int ret = 0;
1535 const EVP_MD *md;
1536 char mdname[OSSL_MAX_NAME_SIZE];
1537 char ssl3ms[48];
1538
1539 /* Initialise a sign operation */
1540 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1541 if (!TEST_ptr(ctx)
1542 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1543 goto err;
1544
1545 /*
1546 * We should be able to query the parameters now.
1547 */
1548 params = EVP_PKEY_CTX_settable_params(ctx);
1549 if (!TEST_ptr(params)
1550 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1551 OSSL_SIGNATURE_PARAM_DIGEST)))
1552 goto err;
1553
1554 params = EVP_PKEY_CTX_gettable_params(ctx);
1555 if (!TEST_ptr(params)
1556 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1557 OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
1558 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1559 OSSL_SIGNATURE_PARAM_DIGEST)))
1560 goto err;
1561
1562 /*
1563 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1564 * EVP_PKEY_CTX_get_params()
1565 */
1566 strcpy(mdname, "SHA512");
1567 param_md = param;
1568 *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1569 mdname, 0);
1570 *param++ = OSSL_PARAM_construct_end();
1571
1572 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1573 goto err;
1574
1575 mdname[0] = '\0';
1576 *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1577 mdname, sizeof(mdname));
1578 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1579 || !TEST_str_eq(mdname, "SHA512"))
1580 goto err;
1581
1582 /*
1583 * Test the TEST_PKEY_CTX_set_signature_md() and
1584 * TEST_PKEY_CTX_get_signature_md() functions
1585 */
1586 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1587 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1588 || !TEST_ptr_eq(md, EVP_sha256()))
1589 goto err;
1590
1591 /*
1592 * Test getting MD parameters via an associated EVP_PKEY_CTX
1593 */
1594 mdctx = EVP_MD_CTX_new();
1595 if (!TEST_ptr(mdctx)
1596 || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL,
1597 "SHA1", NULL, NULL,
1598 pkey)))
1599 goto err;
1600
1601 /*
1602 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1603 * able to obtain the digest's settable parameters from the provider.
1604 */
1605 params = EVP_MD_CTX_settable_params(mdctx);
1606 if (!TEST_ptr(params)
1607 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1608 /* The final key should be NULL */
1609 || !TEST_ptr_null(params[1].key))
1610 goto err;
1611
1612 param = ourparams;
1613 memset(ssl3ms, 0, sizeof(ssl3ms));
1614 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1615 ssl3ms, sizeof(ssl3ms));
1616 *param++ = OSSL_PARAM_construct_end();
1617
1618 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1619 goto err;
1620
1621 ret = 1;
1622
1623 err:
1624 EVP_MD_CTX_free(mdctx);
1625 EVP_PKEY_CTX_free(ctx);
1626
1627 return ret;
1628 }
1629
1630 #ifndef OPENSSL_NO_DSA
1631 static int test_DSA_get_set_params(void)
1632 {
1633 DSA *dsa = NULL;
1634 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1635 EVP_PKEY *pkey = NULL;
1636 int ret = 0;
1637
1638 /*
1639 * Setup the parameters for our DSA object. For our purposes they don't
1640 * have to actually be *valid* parameters. We just need to set something.
1641 */
1642 dsa = DSA_new();
1643 p = BN_new();
1644 q = BN_new();
1645 g = BN_new();
1646 pub = BN_new();
1647 priv = BN_new();
1648 if (!TEST_ptr(dsa)
1649 || !TEST_ptr(p)
1650 || !TEST_ptr(q)
1651 || !TEST_ptr(g)
1652 || !TEST_ptr(pub)
1653 || !DSA_set0_pqg(dsa, p, q, g)
1654 || !DSA_set0_key(dsa, pub, priv))
1655 goto err;
1656 p = q = g = pub = priv = NULL;
1657
1658 pkey = EVP_PKEY_new();
1659 if (!TEST_ptr(pkey)
1660 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1661 goto err;
1662
1663 dsa = NULL;
1664
1665 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1666
1667 err:
1668 EVP_PKEY_free(pkey);
1669 DSA_free(dsa);
1670 BN_free(p);
1671 BN_free(q);
1672 BN_free(g);
1673 BN_free(pub);
1674 BN_free(priv);
1675
1676 return ret;
1677 }
1678 #endif
1679
1680 static int test_RSA_get_set_params(void)
1681 {
1682 RSA *rsa = NULL;
1683 BIGNUM *n = NULL, *e = NULL, *d = NULL;
1684 EVP_PKEY *pkey = NULL;
1685 int ret = 0;
1686
1687 /*
1688 * Setup the parameters for our RSA object. For our purposes they don't
1689 * have to actually be *valid* parameters. We just need to set something.
1690 */
1691 rsa = RSA_new();
1692 n = BN_new();
1693 e = BN_new();
1694 d = BN_new();
1695 if (!TEST_ptr(rsa)
1696 || !TEST_ptr(n)
1697 || !TEST_ptr(e)
1698 || !TEST_ptr(d)
1699 || !RSA_set0_key(rsa, n, e, d))
1700 goto err;
1701 n = e = d = NULL;
1702
1703 pkey = EVP_PKEY_new();
1704 if (!TEST_ptr(pkey)
1705 || !TEST_true(EVP_PKEY_assign_RSA(pkey, rsa)))
1706 goto err;
1707
1708 rsa = NULL;
1709
1710 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1711
1712 err:
1713 EVP_PKEY_free(pkey);
1714 RSA_free(rsa);
1715 BN_free(n);
1716 BN_free(e);
1717 BN_free(d);
1718
1719 return ret;
1720 }
1721
1722 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1723 static int test_decrypt_null_chunks(void)
1724 {
1725 EVP_CIPHER_CTX* ctx = NULL;
1726 const unsigned char key[32] = {
1727 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1728 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1729 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1730 };
1731 unsigned char iv[12] = {
1732 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1733 };
1734 unsigned char msg[] = "It was the best of times, it was the worst of times";
1735 unsigned char ciphertext[80];
1736 unsigned char plaintext[80];
1737 /* We initialise tmp to a non zero value on purpose */
1738 int ctlen, ptlen, tmp = 99;
1739 int ret = 0;
1740 const int enc_offset = 10, dec_offset = 20;
1741
1742 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
1743 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
1744 key, iv))
1745 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
1746 enc_offset))
1747 /* Deliberate add a zero length update */
1748 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
1749 0))
1750 || !TEST_int_eq(tmp, 0)
1751 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
1752 msg + enc_offset,
1753 sizeof(msg) - enc_offset))
1754 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
1755 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
1756 || !TEST_int_eq(tmp, 0))
1757 goto err;
1758
1759 /* Deliberately initialise tmp to a non zero value */
1760 tmp = 99;
1761 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
1762 iv))
1763 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
1764 dec_offset))
1765 /*
1766 * Deliberately add a zero length update. We also deliberately do
1767 * this at a different offset than for encryption.
1768 */
1769 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
1770 0))
1771 || !TEST_int_eq(tmp, 0)
1772 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
1773 ciphertext + dec_offset,
1774 ctlen - dec_offset))
1775 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
1776 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
1777 || !TEST_int_eq(tmp, 0)
1778 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
1779 goto err;
1780
1781 ret = 1;
1782 err:
1783 EVP_CIPHER_CTX_free(ctx);
1784 return ret;
1785 }
1786 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1787
1788 #ifndef OPENSSL_NO_DH
1789 static int test_EVP_PKEY_set1_DH(void)
1790 {
1791 DH *x942dh = NULL, *noqdh = NULL;
1792 EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
1793 int ret = 0;
1794 BIGNUM *p, *g = NULL;
1795
1796 if (!TEST_ptr(p = BN_new())
1797 || !TEST_ptr(g = BN_new())
1798 || !BN_set_word(p, 9999)
1799 || !BN_set_word(g, 2)
1800 || !TEST_ptr(noqdh = DH_new())
1801 || !DH_set0_pqg(noqdh, p, NULL, g))
1802 goto err;
1803 p = g = NULL;
1804
1805 x942dh = DH_get_2048_256();
1806 pkey1 = EVP_PKEY_new();
1807 pkey2 = EVP_PKEY_new();
1808 if (!TEST_ptr(x942dh)
1809 || !TEST_ptr(noqdh)
1810 || !TEST_ptr(pkey1)
1811 || !TEST_ptr(pkey2))
1812 goto err;
1813
1814 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
1815 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
1816 goto err;
1817
1818 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh))
1819 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
1820 goto err;
1821
1822 ret = 1;
1823 err:
1824 BN_free(p);
1825 BN_free(g);
1826 EVP_PKEY_free(pkey1);
1827 EVP_PKEY_free(pkey2);
1828 DH_free(x942dh);
1829 DH_free(noqdh);
1830
1831 return ret;
1832 }
1833 #endif
1834
1835 /*
1836 * We test what happens with an empty template. For the sake of this test,
1837 * the template must be ignored, and we know that's the case for RSA keys
1838 * (this might arguably be a misfeature, but that's what we currently do,
1839 * even in provider code, since that's how the legacy RSA implementation
1840 * does things)
1841 */
1842 static int test_keygen_with_empty_template(int n)
1843 {
1844 EVP_PKEY_CTX *ctx = NULL;
1845 EVP_PKEY *pkey = NULL;
1846 EVP_PKEY *tkey = NULL;
1847 int ret = 0;
1848
1849 switch (n) {
1850 case 0:
1851 /* We do test with no template at all as well */
1852 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)))
1853 goto err;
1854 break;
1855 case 1:
1856 /* Here we create an empty RSA key that serves as our template */
1857 if (!TEST_ptr(tkey = EVP_PKEY_new())
1858 || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA))
1859 || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL)))
1860 goto err;
1861 break;
1862 }
1863
1864 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1865 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
1866 goto err;
1867
1868 ret = 1;
1869 err:
1870 EVP_PKEY_CTX_free(ctx);
1871 EVP_PKEY_free(pkey);
1872 EVP_PKEY_free(tkey);
1873 return ret;
1874 }
1875
1876 /*
1877 * Test that we fail if we attempt to use an algorithm that is not available
1878 * in the current library context (unless we are using an algorithm that
1879 * should be made available via legacy codepaths).
1880 *
1881 * 0: RSA
1882 * 1: SM2
1883 */
1884 static int test_pkey_ctx_fail_without_provider(int tst)
1885 {
1886 OPENSSL_CTX *tmpctx = OPENSSL_CTX_new();
1887 OSSL_PROVIDER *nullprov = NULL;
1888 EVP_PKEY_CTX *pctx = NULL;
1889 const char *keytype = NULL;
1890 int expect_null = 0;
1891 int ret = 0;
1892
1893 if (!TEST_ptr(tmpctx))
1894 goto err;
1895
1896 nullprov = OSSL_PROVIDER_load(tmpctx, "null");
1897 if (!TEST_ptr(nullprov))
1898 goto err;
1899
1900 /*
1901 * We check for certain algos in the null provider.
1902 * If an algo is expected to have a provider keymgmt, contructing an
1903 * EVP_PKEY_CTX is expected to fail (return NULL).
1904 * Otherwise, if it's expected to have legacy support, contructing an
1905 * EVP_PKEY_CTX is expected to succeed (return non-NULL).
1906 */
1907 switch (tst) {
1908 case 0:
1909 keytype = "RSA";
1910 expect_null = 1;
1911 break;
1912 case 1:
1913 keytype = "SM2";
1914 expect_null = 1;
1915 #ifdef OPENSSL_NO_EC
1916 TEST_info("EC disable, skipping SM2 check...");
1917 goto end;
1918 #endif
1919 #ifdef OPENSSL_NO_SM2
1920 TEST_info("SM2 disable, skipping SM2 check...");
1921 goto end;
1922 #endif
1923 break;
1924 default:
1925 TEST_error("No test for case %d", tst);
1926 goto err;
1927 }
1928
1929 pctx = EVP_PKEY_CTX_new_from_name(tmpctx, keytype, "");
1930 if (expect_null ? !TEST_ptr_null(pctx) : !TEST_ptr(pctx))
1931 goto err;
1932
1933 #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_SM2)
1934 end:
1935 #endif
1936 ret = 1;
1937
1938 err:
1939 EVP_PKEY_CTX_free(pctx);
1940 OSSL_PROVIDER_unload(nullprov);
1941 OPENSSL_CTX_free(tmpctx);
1942 return ret;
1943 }
1944
1945 static int test_rand_agglomeration(void)
1946 {
1947 EVP_RAND *rand;
1948 EVP_RAND_CTX *ctx;
1949 OSSL_PARAM params[3], *p = params;
1950 int res;
1951 unsigned int step = 7;
1952 static unsigned char seed[] = "It does not matter how slowly you go "
1953 "as long as you do not stop.";
1954 unsigned char out[sizeof(seed)];
1955
1956 if (!TEST_int_ne(sizeof(seed) % step, 0)
1957 || !TEST_ptr(rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL)))
1958 return 0;
1959 ctx = EVP_RAND_CTX_new(rand, NULL);
1960 EVP_RAND_free(rand);
1961 if (!TEST_ptr(ctx))
1962 return 0;
1963
1964 memset(out, 0, sizeof(out));
1965 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
1966 seed, sizeof(seed));
1967 *p++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_MAX_REQUEST, &step);
1968 *p = OSSL_PARAM_construct_end();
1969 res = TEST_true(EVP_RAND_set_ctx_params(ctx, params))
1970 && TEST_true(EVP_RAND_generate(ctx, out, sizeof(out), 0, 1, NULL, 0))
1971 && TEST_mem_eq(seed, sizeof(seed), out, sizeof(out));
1972 EVP_RAND_CTX_free(ctx);
1973 return res;
1974 }
1975
1976 /*
1977 * Test that we correctly return the original or "running" IV after
1978 * an encryption operation.
1979 * Run multiple times for some different relevant algorithms/modes.
1980 */
1981 static int test_evp_iv(int idx)
1982 {
1983 int ret = 0;
1984 EVP_CIPHER_CTX *ctx = NULL;
1985 unsigned char key[16] = {0x4c, 0x43, 0xdb, 0xdd, 0x42, 0x73, 0x47, 0xd1,
1986 0xe5, 0x62, 0x7d, 0xcd, 0x4d, 0x76, 0x4d, 0x57};
1987 unsigned char init_iv[EVP_MAX_IV_LENGTH] =
1988 {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82,
1989 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34};
1990 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8,
1991 9, 10, 11, 12, 13, 14, 15, 16 };
1992 unsigned char ciphertext[32], oiv[16], iv[16];
1993 unsigned char *ref_iv;
1994 unsigned char cbc_state[16] = {0x10, 0x2f, 0x05, 0xcc, 0xc2, 0x55, 0x72, 0xb9,
1995 0x88, 0xe6, 0x4a, 0x17, 0x10, 0x74, 0x22, 0x5e};
1996
1997 unsigned char ofb_state[16] = {0x76, 0xe6, 0x66, 0x61, 0xd0, 0x8a, 0xe4, 0x64,
1998 0xdd, 0x66, 0xbf, 0x00, 0xf0, 0xe3, 0x6f, 0xfd};
1999 unsigned char gcm_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2000 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2001 unsigned char ccm_state[7] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98};
2002 #ifndef OPENSSL_NO_OCB
2003 unsigned char ocb_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2004 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2005 #endif
2006 int len = sizeof(ciphertext);
2007 size_t ivlen, ref_len;
2008 const EVP_CIPHER *type = NULL;
2009
2010 switch(idx) {
2011 case 0:
2012 type = EVP_aes_128_cbc();
2013 /* FALLTHROUGH */
2014 case 5:
2015 type = (type != NULL) ? type :
2016 EVP_CIPHER_fetch(testctx, "aes-128-cbc", NULL);
2017 ref_iv = cbc_state;
2018 ref_len = sizeof(cbc_state);
2019 break;
2020 case 1:
2021 type = EVP_aes_128_ofb();
2022 /* FALLTHROUGH */
2023 case 6:
2024 type = (type != NULL) ? type :
2025 EVP_CIPHER_fetch(testctx, "aes-128-ofb", NULL);
2026 ref_iv = ofb_state;
2027 ref_len = sizeof(ofb_state);
2028 break;
2029 case 2:
2030 type = EVP_aes_128_gcm();
2031 /* FALLTHROUGH */
2032 case 7:
2033 type = (type != NULL) ? type :
2034 EVP_CIPHER_fetch(testctx, "aes-128-gcm", NULL);
2035 ref_iv = gcm_state;
2036 ref_len = sizeof(gcm_state);
2037 break;
2038 case 3:
2039 type = EVP_aes_128_ccm();
2040 /* FALLTHROUGH */
2041 case 8:
2042 type = (type != NULL) ? type :
2043 EVP_CIPHER_fetch(testctx, "aes-128-ccm", NULL);
2044 ref_iv = ccm_state;
2045 ref_len = sizeof(ccm_state);
2046 break;
2047 #ifdef OPENSSL_NO_OCB
2048 case 4:
2049 case 9:
2050 return 1;
2051 #else
2052 case 4:
2053 type = EVP_aes_128_ocb();
2054 /* FALLTHROUGH */
2055 case 9:
2056 type = (type != NULL) ? type :
2057 EVP_CIPHER_fetch(testctx, "aes-128-ocb", NULL);
2058 ref_iv = ocb_state;
2059 ref_len = sizeof(ocb_state);
2060 break;
2061 #endif
2062 default:
2063 return 0;
2064 }
2065
2066 if (!TEST_ptr(type)
2067 || !TEST_ptr((ctx = EVP_CIPHER_CTX_new()))
2068 || !TEST_true(EVP_EncryptInit_ex(ctx, type, NULL, key, init_iv))
2069 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &len, msg,
2070 (int)sizeof(msg)))
2071 || !TEST_true(EVP_CIPHER_CTX_get_iv(ctx, oiv, sizeof(oiv)))
2072 || !TEST_true(EVP_CIPHER_CTX_get_iv_state(ctx, iv, sizeof(iv)))
2073 || !TEST_true(EVP_EncryptFinal_ex(ctx, ciphertext, &len)))
2074 goto err;
2075 ivlen = EVP_CIPHER_CTX_iv_length(ctx);
2076 if (!TEST_mem_eq(init_iv, ivlen, oiv, ivlen)
2077 || !TEST_mem_eq(ref_iv, ref_len, iv, ivlen))
2078 goto err;
2079
2080 ret = 1;
2081 err:
2082 EVP_CIPHER_CTX_free(ctx);
2083 if (idx >= 5)
2084 EVP_CIPHER_free((EVP_CIPHER *)type);
2085 return ret;
2086 }
2087
2088 int setup_tests(void)
2089 {
2090 testctx = OPENSSL_CTX_new();
2091
2092 if (!TEST_ptr(testctx))
2093 return 0;
2094
2095 ADD_TEST(test_EVP_set_default_properties);
2096 ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
2097 ADD_TEST(test_EVP_DigestVerifyInit);
2098 ADD_TEST(test_EVP_Enveloped);
2099 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
2100 ADD_TEST(test_privatekey_to_pkcs8);
2101 #ifndef OPENSSL_NO_EC
2102 ADD_TEST(test_EVP_PKCS82PKEY);
2103 #endif
2104 #ifndef OPENSSL_NO_EC
2105 ADD_ALL_TESTS(test_EC_keygen_with_enc, OSSL_NELEM(ec_encodings));
2106 #endif
2107 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
2108 ADD_TEST(test_EVP_SM2);
2109 ADD_TEST(test_EVP_SM2_verify);
2110 #endif
2111 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
2112 #ifndef OPENSSL_NO_DEPRECATED_3_0
2113 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
2114 if (!TEST_ptr(custom_pmeth))
2115 return 0;
2116 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
2117 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
2118 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
2119 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
2120 return 0;
2121 #endif
2122 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
2123 #ifndef OPENSSL_NO_CMAC
2124 ADD_TEST(test_CMAC_keygen);
2125 #endif
2126 ADD_TEST(test_HKDF);
2127 ADD_TEST(test_emptyikm_HKDF);
2128 #ifndef OPENSSL_NO_EC
2129 ADD_TEST(test_X509_PUBKEY_inplace);
2130 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
2131 OSSL_NELEM(ec_der_pub_keys));
2132 #endif
2133 #ifndef OPENSSL_NO_DSA
2134 ADD_TEST(test_DSA_get_set_params);
2135 #endif
2136 ADD_TEST(test_RSA_get_set_params);
2137 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2138 ADD_TEST(test_decrypt_null_chunks);
2139 #endif
2140 #ifndef OPENSSL_NO_DH
2141 ADD_TEST(test_EVP_PKEY_set1_DH);
2142 #endif
2143 ADD_ALL_TESTS(test_keygen_with_empty_template, 2);
2144 ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
2145
2146 ADD_TEST(test_rand_agglomeration);
2147 ADD_ALL_TESTS(test_evp_iv, 10);
2148
2149 return 1;
2150 }
2151
2152 void cleanup_tests(void)
2153 {
2154 OPENSSL_CTX_free(testctx);
2155 }
A mirror of the official openssl repository