]> git.ipfire.org Git - thirdparty/openssl.git/blame - providers/fips/self_test_data.inc
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Update copyright year
[thirdparty/openssl.git] / providers / fips / self_test_data.inc
CommitLineData
36fc5fc6 1/*
a28d06f3 2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
36fc5fc6 3 *
a6ed19dc 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
36fc5fc6
SL		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
ec4d1b8f
SL		 10/* Macros to build Self test data */
11#define ITM(x) x, sizeof(x)
12#define ITM_STR(x) x, (sizeof(x) - 1)
13
14#define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15#define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17#define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19#define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
acd3e548
SL		 21#define ST_KAT_PARAM_INT(name, i) \
22 { name, OSSL_PARAM_INTEGER, &i, sizeof(i) }
ec4d1b8f
SL		 23
24/* used to store raw parameters for keys and algorithms */
25typedef struct st_kat_param_st {
26 const char *name; /* an OSSL_PARAM name */
27 size_t type; /* the type associated with the data */
28 const void *data; /* unsigned char [], or char [] depending on the type */
29 size_t data_len; /* the length of the data */
30} ST_KAT_PARAM;
31
36fc5fc6
SL		 32typedef struct st_kat_st {
33 const char *desc;
34 const char *algorithm;
35 const unsigned char *pt;
36 size_t pt_len;
37 const unsigned char *expected;
38 size_t expected_len;
39} ST_KAT;
40
41typedef ST_KAT ST_KAT_DIGEST;
42typedef struct st_kat_cipher_st {
43 ST_KAT base;
44 const unsigned char *key;
45 size_t key_len;
46 const unsigned char *iv;
47 size_t iv_len;
48 const unsigned char *aad;
49 size_t aad_len;
50 const unsigned char *tag;
51 size_t tag_len;
52} ST_KAT_CIPHER;
53
36fc5fc6
SL		 54typedef struct st_kat_kdf_st {
55 const char *desc;
56 const char *algorithm;
ec4d1b8f 57 const ST_KAT_PARAM *params;
36fc5fc6
SL		 58 const unsigned char *expected;
59 size_t expected_len;
60} ST_KAT_KDF;
61
980a880e
SL		 62typedef struct st_kat_drbg_st {
63 const char *desc;
64 const char *algorithm;
6154f9a7
P		 65 const char *param_name;
66 char *param_value;
980a880e
SL		 67 const unsigned char *entropyin;
68 size_t entropyinlen;
69 const unsigned char *nonce;
70 size_t noncelen;
71 const unsigned char *persstr;
72 size_t persstrlen;
73 const unsigned char *entropyinpr1;
74 size_t entropyinpr1len;
75 const unsigned char *entropyinpr2;
76 size_t entropyinpr2len;
77 const unsigned char *entropyaddin1;
78 size_t entropyaddin1len;
79 const unsigned char *entropyaddin2;
80 size_t entropyaddin2len;
81 const unsigned char *expected;
82 size_t expectedlen;
83} ST_KAT_DRBG;
84
ec4d1b8f
SL		 85typedef struct st_kat_kas_st {
86 const char *desc;
87 const char *algorithm;
88
89 const ST_KAT_PARAM *key_group;
90 const ST_KAT_PARAM *key_host_data;
91 const ST_KAT_PARAM *key_peer_data;
92
93 const unsigned char *expected;
94 size_t expected_len;
95} ST_KAT_KAS;
96
97typedef struct st_kat_sign_st {
98 const char *desc;
99 const char *algorithm;
100 const char *mdalgorithm;
101 const ST_KAT_PARAM *key;
102 const unsigned char *sig_expected; /* Set to NULL if this value changes */
103 size_t sig_expected_len;
104} ST_KAT_SIGN;
36fc5fc6 105
4343a418
SL		 106typedef struct st_kat_asym_cipher_st {
107 const char *desc;
108 const char *algorithm;
109 int encrypt;
110 const ST_KAT_PARAM *key;
111 const ST_KAT_PARAM *postinit;
112 const unsigned char *in;
113 size_t in_len;
114 const unsigned char *expected;
115 size_t expected_len;
116} ST_KAT_ASYM_CIPHER;
117
36fc5fc6
SL		 118/*- DIGEST TEST DATA */
119static const unsigned char sha1_pt[] = "abc";
120static const unsigned char sha1_digest[] = {
121 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
122 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
123};
124
125static const unsigned char sha512_pt[] = "abc";
126static const unsigned char sha512_digest[] = {
127 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
128 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
129 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
130 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
131 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
132 0xA5, 0x4C, 0xA4, 0x9F
133};
134static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
135static const unsigned char sha3_256_digest[] = {
136 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
137 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
138 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
139};
140
141static const ST_KAT_DIGEST st_kat_digest_tests[] =
142{
143 {
144 OSSL_SELF_TEST_DESC_MD_SHA1,
145 "SHA1",
146 ITM_STR(sha1_pt),
147 ITM(sha1_digest),
148 },
149 {
150 OSSL_SELF_TEST_DESC_MD_SHA2,
151 "SHA512",
152 ITM_STR(sha512_pt),
153 ITM(sha512_digest),
154 },
155 {
156 OSSL_SELF_TEST_DESC_MD_SHA3,
157 "SHA3-256",
158 ITM(sha3_256_pt),
159 ITM(sha3_256_digest),
160 },
161};
162
163
164/*- CIPHER TEST DATA */
165
166/* DES3 test data */
167static const unsigned char des_ede3_cbc_pt[] = {
ec4d1b8f
SL		 168 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
169 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
170 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
36fc5fc6
SL		 171 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
172};
36fc5fc6
SL		 173static const unsigned char des_ede3_cbc_key[] = {
174 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
175 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
176 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
177};
178static const unsigned char des_ede3_cbc_iv[] = {
179 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
180};
181static const unsigned char des_ede3_cbc_ct[] = {
ec4d1b8f
SL		 182 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
183 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
184 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
36fc5fc6
SL		 185 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
186};
187
ec4d1b8f 188/* AES-256 GCM test data */
36fc5fc6 189static const unsigned char aes_256_gcm_key[] = {
ec4d1b8f
SL		 190 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
191 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
192 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
193 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
36fc5fc6
SL		 194};
195static const unsigned char aes_256_gcm_iv[] = {
ec4d1b8f
SL		 196 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
197 0xe9, 0x02, 0xf2, 0x1a
36fc5fc6
SL		 198};
199static const unsigned char aes_256_gcm_pt[] = {
ec4d1b8f
SL		 200 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
201 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
36fc5fc6
SL		 202};
203static const unsigned char aes_256_gcm_aad[] = {
ec4d1b8f
SL		 204 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
205 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
36fc5fc6
SL		 206};
207static const unsigned char aes_256_gcm_ct[] = {
ec4d1b8f
SL		 208 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
209 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
36fc5fc6
SL		 210};
211static const unsigned char aes_256_gcm_tag[] = {
ec4d1b8f
SL		 212 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
213 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
36fc5fc6
SL		 214};
215
216static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
e89ffd23 217#ifndef OPENSSL_NO_DES
36fc5fc6
SL		 218 {
219 {
220 OSSL_SELF_TEST_DESC_CIPHER_TDES,
221 "DES-EDE3-CBC",
222 ITM(des_ede3_cbc_pt),
223 ITM(des_ede3_cbc_ct)
224 },
225 ITM(des_ede3_cbc_key),
226 ITM(des_ede3_cbc_iv),
227 },
e89ffd23 228#endif
36fc5fc6
SL		 229 {
230 {
231 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
232 "AES-256-GCM",
233 ITM(aes_256_gcm_pt),
234 ITM(aes_256_gcm_ct),
235 },
236 ITM(aes_256_gcm_key),
237 ITM(aes_256_gcm_iv),
238 ITM(aes_256_gcm_aad),
239 ITM(aes_256_gcm_tag)
240 }
241};
242
ec4d1b8f
SL		 243static const char hkdf_digest[] = "SHA256";
244static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
245static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
246static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
36fc5fc6 247
ec4d1b8f
SL		 248static const ST_KAT_PARAM hkdf_params[] = {
249 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
250 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
251 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
252 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
253 ST_KAT_PARAM_END()
36fc5fc6
SL		 254};
255static const unsigned char hkdf_expected[] = {
ec4d1b8f
SL		 256 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
257 0xde, 0x13
258};
259
260static const char sskdf_digest[] = "SHA224";
261static const unsigned char sskdf_secret[] = {
262 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
263 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
264 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
265 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
266 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
267 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
268 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
269};
270static const unsigned char sskdf_otherinfo[] = {
271 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
272 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
273 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
274 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
275 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
276 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
277};
278static const unsigned char sskdf_expected[] = {
279 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
280 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
281};
282static const ST_KAT_PARAM sskdf_params[] = {
283 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
284 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
285 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
286 ST_KAT_PARAM_END()
36fc5fc6
SL		 287};
288
acd3e548
SL		 289static const char x942kdf_digest[] = "SHA1";
290static const char x942kdf_cekalg[] = "AES-128-WRAP";
291static const unsigned char x942kdf_secret[] = {
292 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
293 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
294 0x10, 0x11, 0x12, 0x13
295};
296static const unsigned char x942kdf_expected[] = {
297 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
298 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
299};
300static const ST_KAT_PARAM x942kdf_params[] = {
301 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
302 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
303 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
304 ST_KAT_PARAM_END()
305};
306
307static const char x963kdf_digest[] = "SHA256";
308static const unsigned char x963kdf_otherinfo[] = {
309 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
310 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
311};
312static const unsigned char x963kdf_secret[] = {
313 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
314 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
315 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
316};
317static const unsigned char x963kdf_expected[] = {
318 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
319 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
320 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
321 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
322};
323static const ST_KAT_PARAM x963kdf_params[] = {
324 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
325 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
326 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
327 ST_KAT_PARAM_END()
328};
329
330static const char pbkdf2_digest[] = "SHA256";
331static const unsigned char pbkdf2_password[] = {
332 0x70, 0x61, 0x73, 0x73, 0x00, 0x77, 0x6f, 0x72,
333 0x64
334};
335static const unsigned char pbkdf2_salt[] = {
336 0x73, 0x61, 0x00, 0x6c, 0x74
337};
338static const unsigned char pbkdf2_expected[] = {
339 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
340 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
341};
342static int pbkdf2_iterations = 4096;
343static int pbkdf2_pkcs5 = 1;
344static const ST_KAT_PARAM pbkdf2_params[] = {
345 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
346 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
347 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
348 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
349 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
350 ST_KAT_PARAM_END()
351};
352
353static const char sshkdf_digest[] = "SHA1";
270a5ce1 354static const char sshkdf_type[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
acd3e548
SL		 355static const unsigned char sshkdf_key[] = {
356 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
357 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
358 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
359 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
360 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
361 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
362 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
363 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
364 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
365 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
366 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
367 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
368 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
369 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
370 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
371 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
372 0xfb, 0xa9, 0x4a, 0x59,
373};
374static const unsigned char sshkdf_xcghash[] = {
375 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
376 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
377 0xdc, 0x88, 0x92, 0x45,
378};
379static const unsigned char sshkdf_session_id[] = {
380 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
381 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
382 0xdc, 0x88, 0x92, 0x45,
383};
384static const unsigned char sshkdf_expected[] = {
385 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
386};
387static const ST_KAT_PARAM sshkdf_params[] = {
388 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
270a5ce1 389 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
acd3e548
SL		 390 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
391 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
392 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
393 ST_KAT_PARAM_END()
394};
395
396static const char tls12prf_digest[] = "SHA256";
397static const unsigned char tls12prf_secret[] = {
398 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
399 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
400 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
401 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
402 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
403 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
404};
405static const unsigned char tls12prf_seed[] = {
406 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
407 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
408 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
409 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
410 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
411 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
412 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
413 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
414 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
415 };
416static const unsigned char tls12prf_expected[] = {
417 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
418 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
419 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
420 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
421 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
422 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
423 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
424 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
425 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
426 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
427 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
428 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
429 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
430 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
431 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
432 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
433};
434static const ST_KAT_PARAM tls12prf_params[] = {
435 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
436 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
437 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
438 ST_KAT_PARAM_END()
439};
440
441static const char kbkdf_digest[] = "SHA256";
442static const char kbkdf_mac[] = "HMAC";
443static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
444static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
445static unsigned char kbkdf_key[] = {
446 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
447 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
448};
449static unsigned char kbkdf_expected[] = {
450 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
451 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
452 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
453 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
454};
455static const ST_KAT_PARAM kbkdf_params[] = {
456 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
457 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
458 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
459 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
460 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
461 ST_KAT_PARAM_END()
462};
463
36fc5fc6
SL		 464static const ST_KAT_KDF st_kat_kdf_tests[] =
465{
acd3e548
SL		 466 {
467 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
468 OSSL_KDF_NAME_TLS1_PRF,
469 tls12prf_params,
470 ITM(tls12prf_expected)
471 },
472 {
473 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
474 OSSL_KDF_NAME_PBKDF2,
475 pbkdf2_params,
476 ITM(pbkdf2_expected)
477 },
478 {
479 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
480 OSSL_KDF_NAME_SSHKDF,
481 sshkdf_params,
482 ITM(sshkdf_expected)
483 },
484 {
485 OSSL_SELF_TEST_DESC_KDF_KBKDF,
486 OSSL_KDF_NAME_KBKDF,
487 kbkdf_params,
488 ITM(kbkdf_expected)
489 },
36fc5fc6
SL		 490 {
491 OSSL_SELF_TEST_DESC_KDF_HKDF,
ec4d1b8f
SL		 492 OSSL_KDF_NAME_HKDF,
493 hkdf_params,
36fc5fc6 494 ITM(hkdf_expected)
ec4d1b8f
SL		 495 },
496 {
497 OSSL_SELF_TEST_DESC_KDF_SSKDF,
498 OSSL_KDF_NAME_SSKDF,
499 sskdf_params,
500 ITM(sskdf_expected)
acd3e548
SL		 501 },
502 {
503 OSSL_SELF_TEST_DESC_KDF_X963KDF,
504 OSSL_KDF_NAME_X963KDF,
505 x963kdf_params,
506 ITM(x963kdf_expected)
507 },
508 {
509 OSSL_SELF_TEST_DESC_KDF_X942KDF,
510 OSSL_KDF_NAME_X942KDF_ASN1,
511 x942kdf_params,
512 ITM(x942kdf_expected)
513 },
36fc5fc6
SL		 514};
515
980a880e
SL		 516/*-
517* DRBG test vectors are a small subset of
518* https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
519* Using the folder drbgvectors_pr_true
520* Generated for CAVS 14.3.
521*/
522
523/*
524 * Hash_DRBG.rsp
525 *
526 * [SHA-256]
527 * [PredictionResistance = True]
528 * [EntropyInputLen = 256]
529 * [NonceLen = 128]
530 * [PersonalizationStringLen = 256]
531 * [AdditionalInputLen = 256]
532 * [ReturnedBitsLen = 1024]
533 *
534 * COUNT = 14
535 */
536static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
537 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
538 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
539 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
540};
541static const unsigned char drbg_hash_sha256_pr_nonce[] = {
542 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
543 0xf0, 0xe5, 0x07, 0x1f
544};
545static const unsigned char drbg_hash_sha256_pr_persstr[] = {
546 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
547 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
548 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
549};
550static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
551 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
552 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
553 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
554};
555static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
556 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
557 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
558 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
559};
560static const unsigned char drbg_hash_sha256_pr_addin0[] = {
561 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
562 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
563 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
564};
565static const unsigned char drbg_hash_sha256_pr_addin1[] = {
566 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
567 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
568 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
569};
570static const unsigned char drbg_hash_sha256_pr_expected[] = {
571 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
572 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
573 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
574 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
575 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
576 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
577 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
578 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
579 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
580 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
581 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
582};
583
584/*
585 * CTR_DRBG.rsp
586 *
587 * [AES-128 use df]
588 * [PredictionResistance = True]
589 * [EntropyInputLen = 128]
590 * [NonceLen = 64]
591 * [PersonalizationStringLen = 128]
592 * [AdditionalInputLen = 128]
593 * [ReturnedBitsLen = 512]
594 *
595 * COUNT = 0
596 */
597static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
598 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
599 0x43, 0xdf, 0xf8, 0x18
600};
601static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
602 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
603};
604static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
605 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
606 0x37, 0x3c, 0x5c, 0x0b
607};
608static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
609 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
610 0xc4, 0x2c, 0xe8, 0x10
611};
612static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
613 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
614 0x08, 0xf7, 0xa5, 0x01
615};
616static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
617 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
618 0x23, 0x6d, 0xad, 0x1d
619};
620static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
621 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
622 0xbc, 0x59, 0x31, 0x8c
623};
624static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
625 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
626 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
627 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
628 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
629 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
630 0x23, 0xc5, 0x1f, 0x68
631};
632
633/*
634 * HMAC_DRBG.rsp
635 *
636 * [SHA-1]
637 * [PredictionResistance = True]
638 * [EntropyInputLen = 128]
639 * [NonceLen = 64]
640 * [PersonalizationStringLen = 128]
641 * [AdditionalInputLen = 128]
642 * [ReturnedBitsLen = 640]
643 *
644 * COUNT = 0
645 */
646static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
647 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
648 0x79, 0x9e, 0xe5, 0xd8
649};
650static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
651 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
652};
653static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
654 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
655 0xa9, 0x31, 0x3d, 0xd7
656};
657static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
658 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
659 0x5f, 0x22, 0xc6, 0xa4
660};
661static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
662 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
663 0x2d, 0x1a, 0xf7, 0xa6
664};
665static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
666 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
667 0xc1, 0x8c, 0xd9, 0xd7
668};
669static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
670 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
671 0xa1, 0x37, 0x12, 0x0c
672};
673static const unsigned char drbg_hmac_sha1_pr_expected[] = {
674 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
675 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
676 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
677 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
678 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
679 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
680 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
681};
682
683static const ST_KAT_DRBG st_kat_drbg_tests[] =
684{
685 {
686 OSSL_SELF_TEST_DESC_DRBG_HASH,
6154f9a7 687 "HASH-DRBG", "digest", "SHA256",
980a880e
SL		 688 ITM(drbg_hash_sha256_pr_entropyin),
689 ITM(drbg_hash_sha256_pr_nonce),
690 ITM(drbg_hash_sha256_pr_persstr),
691 ITM(drbg_hash_sha256_pr_entropyinpr0),
692 ITM(drbg_hash_sha256_pr_entropyinpr1),
693 ITM(drbg_hash_sha256_pr_addin0),
694 ITM(drbg_hash_sha256_pr_addin1),
695 ITM(drbg_hash_sha256_pr_expected)
696 },
697 {
698 OSSL_SELF_TEST_DESC_DRBG_CTR,
6154f9a7 699 "CTR-DRBG", "cipher", "AES-128-CTR",
980a880e
SL		 700 ITM(drbg_ctr_aes128_pr_df_entropyin),
701 ITM(drbg_ctr_aes128_pr_df_nonce),
702 ITM(drbg_ctr_aes128_pr_df_persstr),
703 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
704 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
705 ITM(drbg_ctr_aes128_pr_df_addin0),
706 ITM(drbg_ctr_aes128_pr_df_addin1),
707 ITM(drbg_ctr_aes128_pr_df_expected)
708 },
709 {
710 OSSL_SELF_TEST_DESC_DRBG_HMAC,
6154f9a7 711 "HMAC-DRBG", "digest", "SHA1",
980a880e
SL		 712 ITM(drbg_hmac_sha1_pr_entropyin),
713 ITM(drbg_hmac_sha1_pr_nonce),
714 ITM(drbg_hmac_sha1_pr_persstr),
715 ITM(drbg_hmac_sha1_pr_entropyinpr0),
716 ITM(drbg_hmac_sha1_pr_entropyinpr1),
717 ITM(drbg_hmac_sha1_pr_addin0),
718 ITM(drbg_hmac_sha1_pr_addin1),
719 ITM(drbg_hmac_sha1_pr_expected)
720 }
721};
ec4d1b8f
SL		 722
723/* KEY EXCHANGE TEST DATA */
724
725#ifndef OPENSSL_NO_DH
726/* DH KAT */
727static const unsigned char dh_p[] = {
728 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
729 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
730 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
731 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
732 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
733 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
734 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
735 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
736 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
737 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
738 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
739 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
740 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
741 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
742 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
743 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
744 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
745 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
746 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
747 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
748 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
749 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
750 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
751 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
752 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
753 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
754 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
755 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
756 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
757 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
758 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
759 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
760};
761static const unsigned char dh_q[] = {
762 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
763 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
764 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
765 0x11, 0xac, 0xb5, 0x7d
766};
767static const unsigned char dh_g[] = {
768 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
769 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
770 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
771 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
772 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
773 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
774 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
775 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
776 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
777 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
778 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
779 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
780 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
781 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
782 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
783 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
784 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
785 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
786 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
787 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
788 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
789 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
790 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
791 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
792 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
793 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
794 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
795 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
796 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
797 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
798 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
799 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
800};
801static const unsigned char dh_priv[] = {
802 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
803 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
804 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
805 0x40, 0xb8, 0xfc, 0xe6
806};
807static const unsigned char dh_pub[] = {
808 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
809 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
810 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
811 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
812 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
813 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
814 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
815 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
816 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
817 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
818 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
819 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
820 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
821 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
822 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
823 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
824 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
825 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
826 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
827 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
828 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
829 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
830 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
831 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
832 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
833 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
834 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
835 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
836 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
837 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
838 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
839 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
840};
841static const unsigned char dh_peer_pub[] = {
842 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
843 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
844 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
845 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
846 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
847 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
848 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
849 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
850 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
851 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
852 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
853 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
854 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
855 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
856 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
857 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
858 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
859 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
860 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
861 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
862 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
863 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
864 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
865 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
866 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
867 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
868 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
869 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
870 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
871 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
872 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
873 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
874};
875
876static const unsigned char dh_secret_expected[] = {
877 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
878 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
879 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
880 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
881 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
882 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
883 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
884 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
885 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
886 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
887 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
888 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
889 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
890 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
891 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
892 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
893 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
894 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
895 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
896 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
897 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
898 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
899 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
900 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
901 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
902 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
903 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
904 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
905 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
906 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
907 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
908 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
909};
910
911static const ST_KAT_PARAM dh_group[] = {
912 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
913 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
914 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
915 ST_KAT_PARAM_END()
916};
917
918/* The host's private key */
919static const ST_KAT_PARAM dh_host_key[] = {
920 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
921 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
922 ST_KAT_PARAM_END()
923};
924
925/* The peer's public key */
926static const ST_KAT_PARAM dh_peer_key[] = {
927 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
928 ST_KAT_PARAM_END()
929};
930#endif /* OPENSSL_NO_DH */
931
932
933#ifndef OPENSSL_NO_EC
934static const char ecdh_curve_name[] = "prime256v1";
935static const unsigned char ecdh_privd[] = {
936 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
937 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
938 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
939 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
940};
941static const unsigned char ecdh_pub[] = {
942 0x04,
943 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
944 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
945 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
946 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
947 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
948 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
949 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
950 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
951};
952static const unsigned char ecdh_peer_pub[] = {
953 0x04,
954 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
955 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
956 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
957 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
958 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
959 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
960 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
961 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
962};
963
964static const ST_KAT_PARAM ecdh_group[] = {
11a1b341 965 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
ec4d1b8f
SL		 966 ST_KAT_PARAM_END()
967};
968static const ST_KAT_PARAM ecdh_host_key[] = {
969 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
970 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
971 ST_KAT_PARAM_END()
972};
973static const ST_KAT_PARAM ecdh_peer_key[] = {
974 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
975 ST_KAT_PARAM_END()
976};
977static const unsigned char ecdh_secret_expected[] = {
978 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
979 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
980 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
981 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
982};
983#endif /* OPENSSL_NO_EC */
984
cbb85bda 985#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
ec4d1b8f
SL		 986static const ST_KAT_KAS st_kat_kas_tests[] =
987{
cbb85bda 988# ifndef OPENSSL_NO_DH
ec4d1b8f
SL		 989 {
990 OSSL_SELF_TEST_DESC_KA_DH,
991 "DH",
992 dh_group,
993 dh_host_key,
994 dh_peer_key,
995 ITM(dh_secret_expected)
996 },
cbb85bda
MC		 997# endif /* OPENSSL_NO_DH */
998# ifndef OPENSSL_NO_EC
ec4d1b8f
SL		 999 {
1000 OSSL_SELF_TEST_DESC_KA_ECDH,
1001 "EC",
1002 ecdh_group,
1003 ecdh_host_key,
1004 ecdh_peer_key,
1005 ITM(ecdh_secret_expected)
1006 },
cbb85bda 1007# endif /* OPENSSL_NO_EC */
ec4d1b8f 1008};
cbb85bda 1009#endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
ec4d1b8f 1010
ec4d1b8f
SL		 1011/* RSA key data */
1012static const unsigned char rsa_n[] = {
1013 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1014 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1015 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1016 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1017 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1018 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1019 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1020 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1021 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1022 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1023 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1024 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1025 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1026 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1027 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1028 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1029 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1030 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1031 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1032 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1033 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1034 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1035 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1036 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1037 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1038 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1039 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1040 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1041 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1042 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1043 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1044 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1045};
1046static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1047static const unsigned char rsa_d[] = {
1048 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1049 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1050 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1051 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1052 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1053 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1054 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1055 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1056 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1057 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1058 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1059 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1060 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1061 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1062 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1063 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1064 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1065 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1066 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1067 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1068 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1069 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1070 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1071 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1072 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1073 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1074 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1075 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1076 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1077 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1078 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1079 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1080};
1081static const unsigned char rsa_p[] = {
1082 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1083 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1084 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1085 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1086 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1087 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1088 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1089 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1090 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1091 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1092 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1093 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1094 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1095 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1096 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1097 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1098};
1099static const unsigned char rsa_q[] = {
1100 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1101 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1102 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1103 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1104 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1105 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1106 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1107 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1108 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1109 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1110 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1111 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1112 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1113 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1114 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1115 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1116};
1117static const unsigned char rsa_dp[] = {
1118 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1119 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1120 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1121 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1122 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1123 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1124 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1125 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1126 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1127 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1128 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1129 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1130 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1131 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1132 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1133 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1134};
1135static const unsigned char rsa_dq[] = {
1136 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1137 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1138 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1139 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1140 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1141 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1142 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1143 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1144 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1145 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1146 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1147 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1148 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1149 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1150 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1151 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1152};
1153static const unsigned char rsa_qInv[] = {
1154 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1155 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1156 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1157 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1158 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1159 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1160 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1161 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1162 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1163 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1164 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1165 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1166 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1167 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1168 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1169 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1170};
1171
4343a418 1172static const ST_KAT_PARAM rsa_crt_key[] = {
ec4d1b8f
SL		 1173 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1174 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1175 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1176 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
1177 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
1178 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
1179 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
1180 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
1181 ST_KAT_PARAM_END()
1182};
1183
4343a418
SL		 1184static const ST_KAT_PARAM rsa_pub_key[] = {
1185 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1186 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1187 ST_KAT_PARAM_END()
1188};
1189
1190static const ST_KAT_PARAM rsa_priv_key[] = {
1191 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1192 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1193 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1194 ST_KAT_PARAM_END()
1195};
1196
1197static const ST_KAT_PARAM rsa_enc_params[] = {
1198 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
1199 OSSL_PKEY_RSA_PAD_MODE_NONE),
1200 ST_KAT_PARAM_END()
1201};
1202
ec4d1b8f
SL		 1203static const unsigned char rsa_expected_sig[256] = {
1204 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1205 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1206 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1207 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1208 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1209 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1210 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1211 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1212 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1213 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1214 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1215 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1216 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1217 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1218 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1219 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1220 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1221 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1222 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1223 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1224 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1225 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1226 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1227 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1228 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1229 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1230 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1231 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1232 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1233 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1234 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1235 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1236};
1237
4343a418
SL		 1238static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1239 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1240 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1241};
1242static const unsigned char rsa_asym_expected_encrypt[256] = {
1243 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1244 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1245 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1246 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1247 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1248 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1249 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1250 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1251 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1252 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1253 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1254 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1255 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1256 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1257 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1258 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1259 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1260 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1261 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1262 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1263 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1264 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1265 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1266 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1267 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1268 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1269 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1270 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1271 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1272 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1273 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1274 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1275};
1276
ec4d1b8f
SL		 1277#ifndef OPENSSL_NO_EC
1278/* ECDSA key data */
1279static const char ecd_curve_name[] = "secp224r1";
1280static const unsigned char ecd_priv[] = {
1281 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1282 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1283 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1284 0x80, 0x93, 0x50, 0x30
1285};
1286static const unsigned char ecd_pub[] = {
1287 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1288 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1289 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1290 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1291 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1292 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1293 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1294 0x82
1295};
1296
1297static const ST_KAT_PARAM ecdsa_key[] = {
11a1b341 1298 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_curve_name),
ec4d1b8f
SL		 1299 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1300 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1301 ST_KAT_PARAM_END()
1302};
1303#endif /* OPENSSL_NO_EC */
1304
1305#ifndef OPENSSL_NO_DSA
1306/* dsa 2048 */
1307static const unsigned char dsa_p[] = {
1308 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1309 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1310 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1311 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1312 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1313 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1314 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1315 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1316 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1317 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1318 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1319 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1320 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1321 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1322 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1323 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1324 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1325 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1326 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1327 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1328 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1329 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1330 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1331 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1332 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1333 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1334 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1335 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1336 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1337 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1338 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1339 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1340};
1341static const unsigned char dsa_q[] = {
1342 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1343 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1344 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1345 0x18, 0x90, 0x28, 0x67
1346};
1347static const unsigned char dsa_g[] = {
1348 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1349 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1350 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1351 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1352 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1353 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1354 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1355 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1356 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1357 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1358 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1359 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1360 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1361 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1362 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1363 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1364 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1365 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1366 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1367 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1368 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1369 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1370 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1371 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1372 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1373 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1374 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1375 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1376 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1377 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1378 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1379 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1380};
1381static const unsigned char dsa_pub[] = {
1382 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1383 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1384 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1385 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1386 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1387 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1388 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1389 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1390 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1391 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1392 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1393 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1394 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1395 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1396 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1397 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1398 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1399 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1400 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1401 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1402 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1403 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1404 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1405 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1406 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1407 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1408 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1409 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1410 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1411 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1412 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1413 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1414};
1415static const unsigned char dsa_priv[] = {
1416 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1417 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1418 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1419 0x40, 0x7e, 0x5c, 0xb7
1420};
1421
1422static const ST_KAT_PARAM dsa_key[] = {
1423 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1424 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1425 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1426 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1427 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1428 ST_KAT_PARAM_END()
1429};
1430#endif /* OPENSSL_NO_DSA */
1431
1432static const ST_KAT_SIGN st_kat_sign_tests[] = {
ec4d1b8f
SL		 1433 {
1434 OSSL_SELF_TEST_DESC_SIGN_RSA,
1435 "RSA",
1436 "SHA-256",
4343a418 1437 rsa_crt_key,
ec4d1b8f
SL		 1438 ITM(rsa_expected_sig)
1439 },
ec4d1b8f
SL		 1440#ifndef OPENSSL_NO_EC
1441 {
1442 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1443 "EC",
1444 "SHA-256",
1445 ecdsa_key,
1446 /*
1447 * The ECDSA signature changes each time due to it using a random k.
1448 * So there is no expected KAT for this case.
1449 */
1450 },
1451#endif /* OPENSSL_NO_EC */
1452#ifndef OPENSSL_NO_DSA
1453 {
1454 OSSL_SELF_TEST_DESC_SIGN_DSA,
1455 "DSA",
1456 "SHA-256",
1457 dsa_key,
1458 /*
1459 * The DSA signature changes each time due to it using a random k.
1460 * So there is no expected KAT for this case.
1461 */
1462 },
1463#endif /* OPENSSL_NO_DSA */
1464};
4343a418
SL		 1465
1466static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
4343a418
SL		 1467 {
1468 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1469 "RSA",
1470 1,
1471 rsa_pub_key,
1472 rsa_enc_params,
1473 ITM(rsa_asym_plaintext_encrypt),
1474 ITM(rsa_asym_expected_encrypt),
1475 },
1476 {
1477 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1478 "RSA",
1479 0,
1480 rsa_priv_key,
1481 rsa_enc_params,
1482 ITM(rsa_asym_expected_encrypt),
1483 ITM(rsa_asym_plaintext_encrypt),
1484 },
1485 {
1486 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1487 "RSA",
1488 0,
1489 rsa_crt_key,
1490 rsa_enc_params,
1491 ITM(rsa_asym_expected_encrypt),
1492 ITM(rsa_asym_plaintext_encrypt),
1493 },
4343a418 1494};
A mirror of the official openssl repository