]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Following the license change, modify the boilerplates in test/
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <openssl/bio.h>
14 #include <openssl/crypto.h>
15 #include <openssl/err.h>
16 #include <openssl/evp.h>
17 #include <openssl/rsa.h>
18 #include <openssl/x509.h>
19 #include <openssl/pem.h>
20 #include <openssl/kdf.h>
21 #include "testutil.h"
22 #include "internal/nelem.h"
23 #include "internal/evp_int.h"
24
25 /*
26 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
27 * should never use this key anywhere but in an example.
28 */
29 static const unsigned char kExampleRSAKeyDER[] = {
30 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
31 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
32 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
33 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
34 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
35 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
36 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
37 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
38 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
39 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
40 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
41 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
42 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
43 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
44 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
45 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
46 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
47 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
48 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
49 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
50 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
51 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
52 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
53 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
54 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
55 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
56 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
57 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
58 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
59 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
60 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
61 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
62 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
63 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
64 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
65 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
66 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
67 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
68 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
69 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
70 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
71 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
72 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
73 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
74 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
75 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
76 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
77 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
78 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
79 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
80 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
81 };
82
83 /*
84 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
85 * components are not correct.
86 */
87 static const unsigned char kExampleBadRSAKeyDER[] = {
88 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
89 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
90 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
91 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
92 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
93 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
94 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
95 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
96 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
97 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
98 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
99 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
100 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
101 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
102 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
103 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
104 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
105 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
106 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
107 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
108 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
109 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
110 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
111 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
112 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
113 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
114 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
115 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
116 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
117 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
118 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
119 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
120 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
121 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
122 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
123 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
124 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
125 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
126 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
127 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
128 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
129 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
130 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
131 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
132 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
133 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
134 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
135 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
136 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
137 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
138 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
139 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
140 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
141 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
142 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
143 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
144 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
145 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
146 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
147 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
148 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
149 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
150 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
151 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
152 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
153 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
154 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
155 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
156 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
157 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
158 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
159 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
160 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
161 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
162 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
163 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
164 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
165 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
166 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
167 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
168 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
169 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
170 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
171 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
172 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
173 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
174 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
175 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
176 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
177 };
178
179 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
180
181 static const unsigned char kSignature[] = {
182 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
183 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
184 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
185 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
186 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
187 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
188 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
189 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
190 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
191 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
192 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
193 };
194
195 /*
196 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
197 * PrivateKeyInfo.
198 */
199 static const unsigned char kExampleRSAKeyPKCS8[] = {
200 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
201 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
202 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
203 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
204 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
205 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
206 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
207 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
208 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
209 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
210 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
211 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
212 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
213 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
214 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
215 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
216 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
217 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
218 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
219 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
220 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
221 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
222 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
223 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
224 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
225 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
226 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
227 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
228 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
229 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
230 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
231 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
232 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
233 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
234 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
235 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
236 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
237 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
238 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
239 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
240 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
241 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
242 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
243 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
244 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
245 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
246 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
247 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
248 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
249 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
250 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
251 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
252 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
253 };
254
255 #ifndef OPENSSL_NO_EC
256 /*
257 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
258 * structure.
259 */
260 static const unsigned char kExampleECKeyDER[] = {
261 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
262 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
263 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
264 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
265 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
266 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
267 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
268 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
269 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
270 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
271 0xc1,
272 };
273
274 /*
275 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
276 * structure. The private key is equal to the order and will fail to import
277 */
278 static const unsigned char kExampleBadECKeyDER[] = {
279 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
280 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
281 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
282 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
283 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
284 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
285 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
286 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
287 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
288 };
289
290 /* prime256v1 */
291 static const unsigned char kExampleECPubKeyDER[] = {
292 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
293 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
294 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
295 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
296 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
297 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
298 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
299 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
300 };
301
302 static const unsigned char pExampleECParamDER[] = {
303 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
304 };
305 #endif
306
307 typedef struct APK_DATA_st {
308 const unsigned char *kder;
309 size_t size;
310 int evptype;
311 int check;
312 int pub_check;
313 int param_check;
314 int type; /* 0 for private, 1 for public, 2 for params */
315 } APK_DATA;
316
317 static APK_DATA keydata[] = {
318 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
319 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
320 #ifndef OPENSSL_NO_EC
321 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
322 #endif
323 };
324
325 static APK_DATA keycheckdata[] = {
326 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
327 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
328 0, -2, -2, 0},
329 #ifndef OPENSSL_NO_EC
330 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
331 /* group is also associated in our pub key */
332 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
333 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
334 #endif
335 };
336
337 static EVP_PKEY *load_example_rsa_key(void)
338 {
339 EVP_PKEY *ret = NULL;
340 const unsigned char *derp = kExampleRSAKeyDER;
341 EVP_PKEY *pkey = NULL;
342 RSA *rsa = NULL;
343
344 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
345 return NULL;
346
347 if (!TEST_ptr(pkey = EVP_PKEY_new())
348 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
349 goto end;
350
351 ret = pkey;
352 pkey = NULL;
353
354 end:
355 EVP_PKEY_free(pkey);
356 RSA_free(rsa);
357
358 return ret;
359 }
360
361 static int test_EVP_Enveloped(void)
362 {
363 int ret = 0;
364 EVP_CIPHER_CTX *ctx = NULL;
365 EVP_PKEY *keypair = NULL;
366 unsigned char *kek = NULL;
367 unsigned char iv[EVP_MAX_IV_LENGTH];
368 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
369 int len, kek_len, ciphertext_len, plaintext_len;
370 unsigned char ciphertext[32], plaintext[16];
371 const EVP_CIPHER *type = EVP_aes_256_cbc();
372
373 if (!TEST_ptr(keypair = load_example_rsa_key())
374 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
375 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
376 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
377 &keypair, 1))
378 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
379 msg, sizeof(msg)))
380 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
381 &len)))
382 goto err;
383
384 ciphertext_len += len;
385
386 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
387 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
388 ciphertext, ciphertext_len))
389 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
390 goto err;
391
392 plaintext_len += len;
393 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
394 goto err;
395
396 ret = 1;
397 err:
398 OPENSSL_free(kek);
399 EVP_PKEY_free(keypair);
400 EVP_CIPHER_CTX_free(ctx);
401 return ret;
402 }
403
404
405 static int test_EVP_DigestSignInit(void)
406 {
407 int ret = 0;
408 EVP_PKEY *pkey = NULL;
409 unsigned char *sig = NULL;
410 size_t sig_len = 0;
411 EVP_MD_CTX *md_ctx, *md_ctx_verify = NULL;
412
413 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
414 || !TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())
415 || !TEST_ptr(pkey = load_example_rsa_key()))
416 goto out;
417
418 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
419 || !TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
420 goto out;
421
422 /* Determine the size of the signature. */
423 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
424 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
425 goto out;
426
427 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
428 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
429 goto out;
430
431 /* Ensure that the signature round-trips. */
432 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
433 NULL, pkey))
434 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify,
435 kMsg, sizeof(kMsg)))
436 || !TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
437 goto out;
438
439 ret = 1;
440
441 out:
442 EVP_MD_CTX_free(md_ctx);
443 EVP_MD_CTX_free(md_ctx_verify);
444 EVP_PKEY_free(pkey);
445 OPENSSL_free(sig);
446
447 return ret;
448 }
449
450 static int test_EVP_DigestVerifyInit(void)
451 {
452 int ret = 0;
453 EVP_PKEY *pkey = NULL;
454 EVP_MD_CTX *md_ctx = NULL;
455
456 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
457 || !TEST_ptr(pkey = load_example_rsa_key()))
458 goto out;
459
460 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
461 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
462 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
463 sizeof(kSignature))))
464 goto out;
465 ret = 1;
466
467 out:
468 EVP_MD_CTX_free(md_ctx);
469 EVP_PKEY_free(pkey);
470 return ret;
471 }
472
473 static int test_d2i_AutoPrivateKey(int i)
474 {
475 int ret = 0;
476 const unsigned char *p;
477 EVP_PKEY *pkey = NULL;
478 const APK_DATA *ak = &keydata[i];
479 const unsigned char *input = ak->kder;
480 size_t input_len = ak->size;
481 int expected_id = ak->evptype;
482
483 p = input;
484 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
485 || !TEST_ptr_eq(p, input + input_len)
486 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
487 goto done;
488
489 ret = 1;
490
491 done:
492 EVP_PKEY_free(pkey);
493 return ret;
494 }
495
496 #ifndef OPENSSL_NO_EC
497 /* Tests loading a bad key in PKCS8 format */
498 static int test_EVP_PKCS82PKEY(void)
499 {
500 int ret = 0;
501 const unsigned char *derp = kExampleBadECKeyDER;
502 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
503 EVP_PKEY *pkey = NULL;
504
505 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
506 sizeof(kExampleBadECKeyDER))))
507 goto done;
508
509 if (!TEST_ptr_eq(derp,
510 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
511 goto done;
512
513 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
514 goto done;
515
516 ret = 1;
517
518 done:
519 PKCS8_PRIV_KEY_INFO_free(p8inf);
520 EVP_PKEY_free(pkey);
521
522 return ret;
523 }
524 #endif
525
526 #ifndef OPENSSL_NO_SM2
527
528 static int test_EVP_SM2_verify(void)
529 {
530 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
531 const char *pubkey =
532 "-----BEGIN PUBLIC KEY-----\n"
533 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
534 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
535 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
536 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
537 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
538 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
539 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
540 "-----END PUBLIC KEY-----\n";
541
542 const char *msg = "message digest";
543 const char *id = "ALICE123@YAHOO.COM";
544
545 const uint8_t signature[] = {
546 0x30, 0x44, 0x02, 0x20,
547
548 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
549 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
550 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
551
552 0x02, 0x20,
553
554 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
555 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
556 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
557 };
558
559 int rc = 0;
560 BIO *bio = NULL;
561 EVP_PKEY *pkey = NULL;
562 EVP_MD_CTX *mctx = NULL;
563 EVP_PKEY_CTX *pctx = NULL;
564
565 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
566 if (!TEST_true(bio != NULL))
567 goto done;
568
569 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
570 if (!TEST_true(pkey != NULL))
571 goto done;
572
573 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
574 goto done;
575
576 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
577 goto done;
578
579 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
580 goto done;
581
582 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
583 strlen(id)), 0))
584 goto done;
585
586 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
587
588 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
589 goto done;
590
591 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
592 goto done;
593
594 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
595 goto done;
596 rc = 1;
597
598 done:
599 BIO_free(bio);
600 EVP_PKEY_free(pkey);
601 EVP_PKEY_CTX_free(pctx);
602 EVP_MD_CTX_free(mctx);
603 return rc;
604 }
605
606 static int test_EVP_SM2(void)
607 {
608 int ret = 0;
609 EVP_PKEY *pkey = NULL;
610 EVP_PKEY *params = NULL;
611 EVP_PKEY_CTX *pctx = NULL;
612 EVP_PKEY_CTX *kctx = NULL;
613 EVP_PKEY_CTX *sctx = NULL;
614 size_t sig_len = 0;
615 unsigned char *sig = NULL;
616 EVP_MD_CTX *md_ctx = NULL;
617 EVP_MD_CTX *md_ctx_verify = NULL;
618 EVP_PKEY_CTX *cctx = NULL;
619
620 uint8_t ciphertext[128];
621 size_t ctext_len = sizeof(ciphertext);
622
623 uint8_t plaintext[8];
624 size_t ptext_len = sizeof(plaintext);
625
626 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
627
628 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
629 if (!TEST_ptr(pctx))
630 goto done;
631
632 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
633 goto done;
634
635 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
636 goto done;
637
638 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
639 goto done;
640
641 kctx = EVP_PKEY_CTX_new(params, NULL);
642 if (!TEST_ptr(kctx))
643 goto done;
644
645 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
646 goto done;
647
648 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
649 goto done;
650
651 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
652 goto done;
653
654 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
655 goto done;
656
657 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
658 goto done;
659
660 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
661 goto done;
662
663 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
664 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
665
666 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
667 goto done;
668
669 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
670 goto done;
671
672 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
673 goto done;
674
675 /* Determine the size of the signature. */
676 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
677 goto done;
678
679 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
680 goto done;
681
682 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
683 goto done;
684
685 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
686 goto done;
687
688 /* Ensure that the signature round-trips. */
689
690 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
691 goto done;
692
693 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
694 goto done;
695
696 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
697 goto done;
698
699 /* now check encryption/decryption */
700
701 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
702 goto done;
703
704 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
705 goto done;
706
707 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
708 goto done;
709
710 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
711 goto done;
712
713 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
714 goto done;
715
716 if (!TEST_true(ptext_len == sizeof(kMsg)))
717 goto done;
718
719 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
720 goto done;
721
722 ret = 1;
723 done:
724 EVP_PKEY_CTX_free(pctx);
725 EVP_PKEY_CTX_free(kctx);
726 EVP_PKEY_CTX_free(sctx);
727 EVP_PKEY_CTX_free(cctx);
728 EVP_PKEY_free(pkey);
729 EVP_PKEY_free(params);
730 EVP_MD_CTX_free(md_ctx);
731 EVP_MD_CTX_free(md_ctx_verify);
732 OPENSSL_free(sig);
733 return ret;
734 }
735
736 #endif
737
738 static struct keys_st {
739 int type;
740 char *priv;
741 char *pub;
742 } keys[] = {
743 {
744 EVP_PKEY_HMAC, "0123456789", NULL
745 }, {
746 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
747 }, {
748 EVP_PKEY_SIPHASH, "0123456789012345", NULL
749 },
750 #ifndef OPENSSL_NO_EC
751 {
752 EVP_PKEY_X25519, "01234567890123456789012345678901",
753 "abcdefghijklmnopqrstuvwxyzabcdef"
754 }, {
755 EVP_PKEY_ED25519, "01234567890123456789012345678901",
756 "abcdefghijklmnopqrstuvwxyzabcdef"
757 }, {
758 EVP_PKEY_X448,
759 "01234567890123456789012345678901234567890123456789012345",
760 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
761 }, {
762 EVP_PKEY_ED448,
763 "012345678901234567890123456789012345678901234567890123456",
764 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
765 }
766 #endif
767 };
768
769 static int test_set_get_raw_keys_int(int tst, int pub)
770 {
771 int ret = 0;
772 unsigned char buf[80];
773 unsigned char *in;
774 size_t inlen, len = 0;
775 EVP_PKEY *pkey;
776
777 /* Check if this algorithm supports public keys */
778 if (keys[tst].pub == NULL)
779 return 1;
780
781 memset(buf, 0, sizeof(buf));
782
783 if (pub) {
784 inlen = strlen(keys[tst].pub);
785 in = (unsigned char *)keys[tst].pub;
786 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
787 NULL,
788 in,
789 inlen);
790 } else {
791 inlen = strlen(keys[tst].priv);
792 in = (unsigned char *)keys[tst].priv;
793 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
794 NULL,
795 in,
796 inlen);
797 }
798
799 if (!TEST_ptr(pkey)
800 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
801 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
802 || !TEST_true(len == inlen)
803 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
804 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
805 || !TEST_mem_eq(in, inlen, buf, len))
806 goto done;
807
808 ret = 1;
809 done:
810 EVP_PKEY_free(pkey);
811 return ret;
812 }
813
814 static int test_set_get_raw_keys(int tst)
815 {
816 return test_set_get_raw_keys_int(tst, 0)
817 && test_set_get_raw_keys_int(tst, 1);
818 }
819
820 static int pkey_custom_check(EVP_PKEY *pkey)
821 {
822 return 0xbeef;
823 }
824
825 static int pkey_custom_pub_check(EVP_PKEY *pkey)
826 {
827 return 0xbeef;
828 }
829
830 static int pkey_custom_param_check(EVP_PKEY *pkey)
831 {
832 return 0xbeef;
833 }
834
835 static EVP_PKEY_METHOD *custom_pmeth;
836
837 static int test_EVP_PKEY_check(int i)
838 {
839 int ret = 0;
840 const unsigned char *p;
841 EVP_PKEY *pkey = NULL;
842 #ifndef OPENSSL_NO_EC
843 EC_KEY *eckey = NULL;
844 #endif
845 EVP_PKEY_CTX *ctx = NULL;
846 EVP_PKEY_CTX *ctx2 = NULL;
847 const APK_DATA *ak = &keycheckdata[i];
848 const unsigned char *input = ak->kder;
849 size_t input_len = ak->size;
850 int expected_id = ak->evptype;
851 int expected_check = ak->check;
852 int expected_pub_check = ak->pub_check;
853 int expected_param_check = ak->param_check;
854 int type = ak->type;
855 BIO *pubkey = NULL;
856
857 p = input;
858
859 switch (type) {
860 case 0:
861 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
862 || !TEST_ptr_eq(p, input + input_len)
863 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
864 goto done;
865 break;
866 #ifndef OPENSSL_NO_EC
867 case 1:
868 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
869 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
870 || !TEST_ptr(pkey = EVP_PKEY_new())
871 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
872 goto done;
873 break;
874 case 2:
875 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
876 || !TEST_ptr_eq(p, input + input_len)
877 || !TEST_ptr(pkey = EVP_PKEY_new())
878 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
879 goto done;
880 break;
881 #endif
882 default:
883 return 0;
884 }
885
886 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
887 goto done;
888
889 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
890 goto done;
891
892 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
893 goto done;
894
895 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
896 goto done;
897
898 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
899 /* assign the pkey directly, as an internal test */
900 EVP_PKEY_up_ref(pkey);
901 ctx2->pkey = pkey;
902
903 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
904 goto done;
905
906 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
907 goto done;
908
909 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
910 goto done;
911
912 ret = 1;
913
914 done:
915 EVP_PKEY_CTX_free(ctx);
916 EVP_PKEY_CTX_free(ctx2);
917 EVP_PKEY_free(pkey);
918 BIO_free(pubkey);
919 return ret;
920 }
921
922 static int test_HKDF(void)
923 {
924 EVP_PKEY_CTX *pctx;
925 unsigned char out[20];
926 size_t outlen;
927 int i, ret = 0;
928 unsigned char salt[] = "0123456789";
929 unsigned char key[] = "012345678901234567890123456789";
930 unsigned char info[] = "infostring";
931 const unsigned char expected[] = {
932 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
933 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
934 };
935 size_t expectedlen = sizeof(expected);
936
937 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
938 goto done;
939
940 /* We do this twice to test reuse of the EVP_PKEY_CTX */
941 for (i = 0; i < 2; i++) {
942 outlen = sizeof(out);
943 memset(out, 0, outlen);
944
945 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
946 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
947 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
948 sizeof(salt) - 1), 0)
949 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
950 sizeof(key) - 1), 0)
951 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
952 sizeof(info) - 1), 0)
953 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
954 || !TEST_mem_eq(out, outlen, expected, expectedlen))
955 goto done;
956 }
957
958 ret = 1;
959
960 done:
961 EVP_PKEY_CTX_free(pctx);
962
963 return ret;
964 }
965
966 int setup_tests(void)
967 {
968 ADD_TEST(test_EVP_DigestSignInit);
969 ADD_TEST(test_EVP_DigestVerifyInit);
970 ADD_TEST(test_EVP_Enveloped);
971 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
972 #ifndef OPENSSL_NO_EC
973 ADD_TEST(test_EVP_PKCS82PKEY);
974 #endif
975 #ifndef OPENSSL_NO_SM2
976 ADD_TEST(test_EVP_SM2);
977 ADD_TEST(test_EVP_SM2_verify);
978 #endif
979 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
980 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
981 if (!TEST_ptr(custom_pmeth))
982 return 0;
983 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
984 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
985 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
986 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
987 return 0;
988 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
989 ADD_TEST(test_HKDF);
990 return 1;
991 }
A mirror of the official openssl repository