]>
Commit | Line | Data |
---|---|---|
4f2271d5 SL |
1 | /* |
2 | * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * A set of tests demonstrating uses cases for CAVS/ACVP testing. | |
12 | * | |
13 | * For examples of testing KDF's, Digests, KeyAgreement & DRBG's refer to | |
14 | * providers/fips/self_test_kats.c | |
15 | */ | |
16 | ||
f8e74747 | 17 | #include <string.h> |
4f2271d5 SL |
18 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */ |
19 | #include <openssl/core_names.h> | |
20 | #include <openssl/evp.h> | |
21 | #include <openssl/ec.h> | |
22 | #include <openssl/dh.h> | |
23 | #include <openssl/dsa.h> | |
24 | #include <openssl/rsa.h> | |
25 | #include <openssl/param_build.h> | |
26 | #include <openssl/provider.h> | |
f8e74747 | 27 | #include <openssl/self_test.h> |
4f2271d5 SL |
28 | #include "testutil.h" |
29 | #include "testutil/output.h" | |
30 | #include "acvp_test.inc" | |
31 | #include "internal/nelem.h" | |
32 | ||
4f2271d5 SL |
33 | typedef enum OPTION_choice { |
34 | OPT_ERR = -1, | |
35 | OPT_EOF = 0, | |
36 | OPT_CONFIG_FILE, | |
37 | OPT_TEST_ENUM | |
38 | } OPTION_CHOICE; | |
39 | ||
f8e74747 SL |
40 | typedef struct st_args { |
41 | int enable; | |
42 | int called; | |
43 | } SELF_TEST_ARGS; | |
44 | ||
45 | static OSSL_PROVIDER *prov_null = NULL; | |
b4250010 | 46 | static OSSL_LIB_CTX *libctx = NULL; |
f8e74747 SL |
47 | static SELF_TEST_ARGS self_test_args = { 0 }; |
48 | static OSSL_CALLBACK self_test_events; | |
49 | ||
4f2271d5 SL |
50 | const OPTIONS *test_get_options(void) |
51 | { | |
52 | static const OPTIONS test_options[] = { | |
53 | OPT_TEST_OPTIONS_DEFAULT_USAGE, | |
54 | { "config", OPT_CONFIG_FILE, '<', | |
55 | "The configuration file to use for the libctx" }, | |
56 | { NULL } | |
57 | }; | |
58 | return test_options; | |
59 | } | |
60 | ||
4f2271d5 SL |
61 | static int pkey_get_bn_bytes(EVP_PKEY *pkey, const char *name, |
62 | unsigned char **out, size_t *out_len) | |
63 | { | |
64 | unsigned char *buf = NULL; | |
65 | BIGNUM *bn = NULL; | |
66 | int sz; | |
67 | ||
68 | if (!EVP_PKEY_get_bn_param(pkey, name, &bn)) | |
69 | goto err; | |
70 | sz = BN_num_bytes(bn); | |
71 | buf = OPENSSL_zalloc(sz); | |
72 | if (buf == NULL) | |
73 | goto err; | |
74 | if (!BN_bn2binpad(bn, buf, sz)) | |
75 | goto err; | |
76 | ||
77 | *out_len = sz; | |
78 | *out = buf; | |
79 | BN_free(bn); | |
80 | return 1; | |
81 | err: | |
82 | OPENSSL_free(buf); | |
83 | BN_free(bn); | |
84 | return 0; | |
85 | } | |
4f2271d5 | 86 | |
4f2271d5 SL |
87 | static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name, |
88 | const unsigned char *msg, size_t msg_len, | |
89 | unsigned char **sig_out, size_t *sig_out_len) | |
90 | { | |
91 | int ret = 0; | |
92 | EVP_MD_CTX *md_ctx = NULL; | |
93 | unsigned char *sig = NULL; | |
94 | size_t sig_len; | |
95 | size_t sz = EVP_PKEY_size(pkey); | |
96 | ||
97 | if (!TEST_ptr(sig = OPENSSL_malloc(sz)) | |
98 | || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) | |
d8652be0 MC |
99 | || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, libctx, |
100 | NULL, pkey), 1) | |
4f2271d5 SL |
101 | || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0)) |
102 | goto err; | |
103 | *sig_out = sig; | |
104 | *sig_out_len = sig_len; | |
105 | sig = NULL; | |
106 | ret = 1; | |
107 | err: | |
108 | OPENSSL_free(sig); | |
109 | EVP_MD_CTX_free(md_ctx); | |
110 | return ret; | |
111 | } | |
4f2271d5 SL |
112 | |
113 | #ifndef OPENSSL_NO_EC | |
114 | static int ecdsa_keygen_test(int id) | |
115 | { | |
116 | int ret = 0; | |
117 | EVP_PKEY_CTX *ctx = NULL; | |
118 | EVP_PKEY *pkey = NULL; | |
119 | unsigned char *priv = NULL; | |
120 | unsigned char *pubx = NULL, *puby = NULL; | |
121 | size_t priv_len = 0, pubx_len = 0, puby_len = 0; | |
122 | const struct ecdsa_keygen_st *tst = &ecdsa_keygen_data[id]; | |
123 | ||
f8e74747 SL |
124 | self_test_args.called = 0; |
125 | self_test_args.enable = 1; | |
4f2271d5 SL |
126 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) |
127 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
11a1b341 | 128 | || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx, tst->curve_name)) |
4f2271d5 | 129 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0) |
f8e74747 | 130 | || !TEST_int_eq(self_test_args.called, 3) |
4f2271d5 SL |
131 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv, |
132 | &priv_len)) | |
133 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_X, &pubx, | |
134 | &pubx_len)) | |
135 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_Y, &puby, | |
136 | &puby_len))) | |
137 | goto err; | |
138 | ||
139 | test_output_memory("qy", puby, puby_len); | |
140 | test_output_memory("qx", pubx, pubx_len); | |
141 | test_output_memory("d", priv, priv_len); | |
142 | ret = 1; | |
143 | err: | |
f8e74747 SL |
144 | self_test_args.enable = 0; |
145 | self_test_args.called = 0; | |
4f2271d5 SL |
146 | OPENSSL_clear_free(priv, priv_len); |
147 | OPENSSL_free(pubx); | |
148 | OPENSSL_free(puby); | |
149 | EVP_PKEY_free(pkey); | |
150 | EVP_PKEY_CTX_free(ctx); | |
151 | return ret; | |
152 | } | |
153 | ||
154 | static int ecdsa_create_pkey(EVP_PKEY **pkey, const char *curve_name, | |
155 | const unsigned char *pub, size_t pub_len, | |
156 | int expected) | |
157 | { | |
158 | int ret = 0; | |
159 | EVP_PKEY_CTX *ctx = NULL; | |
160 | OSSL_PARAM_BLD *bld = NULL; | |
161 | OSSL_PARAM *params = NULL; | |
162 | ||
163 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
164 | || (curve_name != NULL | |
165 | && !TEST_true(OSSL_PARAM_BLD_push_utf8_string( | |
11a1b341 | 166 | bld, OSSL_PKEY_PARAM_GROUP_NAME, curve_name, 0) > 0)) |
4f2271d5 SL |
167 | || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, |
168 | OSSL_PKEY_PARAM_PUB_KEY, | |
169 | pub, pub_len) > 0) | |
170 | || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
171 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) | |
172 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
173 | || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), expected)) | |
174 | goto err; | |
175 | ||
176 | ret = 1; | |
177 | err: | |
178 | OSSL_PARAM_BLD_free_params(params); | |
179 | OSSL_PARAM_BLD_free(bld); | |
180 | EVP_PKEY_CTX_free(ctx); | |
181 | return ret; | |
182 | } | |
183 | ||
184 | static int ecdsa_pub_verify_test(int id) | |
185 | { | |
186 | const struct ecdsa_pub_verify_st *tst = &ecdsa_pv_data[id]; | |
187 | ||
188 | int ret = 0; | |
189 | EVP_PKEY_CTX *key_ctx = NULL; | |
190 | EVP_PKEY *pkey = NULL; | |
191 | ||
192 | if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name, | |
193 | tst->pub, tst->pub_len, tst->pass))) | |
194 | goto err; | |
195 | ||
196 | if (tst->pass) { | |
197 | if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
198 | || !TEST_int_eq(EVP_PKEY_public_check(key_ctx), tst->pass)) | |
199 | goto err; | |
200 | } | |
201 | ret = 1; | |
202 | err: | |
203 | EVP_PKEY_free(pkey); | |
204 | EVP_PKEY_CTX_free(key_ctx); | |
205 | return ret; | |
206 | } | |
207 | ||
208 | /* Extract r and s from a ecdsa signature */ | |
209 | static int get_ecdsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len, | |
210 | unsigned char **r, unsigned char **s, | |
211 | size_t *rlen, size_t *slen) | |
212 | { | |
213 | int ret = 0; | |
214 | unsigned char *rbuf = NULL, *sbuf = NULL; | |
215 | size_t r1_len, s1_len; | |
216 | const BIGNUM *r1, *s1; | |
217 | ECDSA_SIG *sign = d2i_ECDSA_SIG(NULL, &sig, sig_len); | |
218 | ||
219 | if (sign == NULL) | |
220 | return 0; | |
221 | r1 = ECDSA_SIG_get0_r(sign); | |
222 | s1 = ECDSA_SIG_get0_s(sign); | |
223 | if (r1 == NULL || s1 == NULL) | |
224 | return 0; | |
225 | ||
226 | r1_len = BN_num_bytes(r1); | |
227 | s1_len = BN_num_bytes(s1); | |
228 | rbuf = OPENSSL_zalloc(r1_len); | |
229 | sbuf = OPENSSL_zalloc(s1_len); | |
230 | if (rbuf == NULL || sbuf == NULL) | |
231 | goto err; | |
232 | if (BN_bn2binpad(r1, rbuf, r1_len) <= 0) | |
233 | goto err; | |
234 | if (BN_bn2binpad(s1, sbuf, s1_len) <= 0) | |
235 | goto err; | |
236 | *r = rbuf; | |
237 | *s = sbuf; | |
238 | *rlen = r1_len; | |
239 | *slen = s1_len; | |
240 | ret = 1; | |
241 | err: | |
242 | if (ret == 0) { | |
243 | OPENSSL_free(rbuf); | |
244 | OPENSSL_free(sbuf); | |
245 | } | |
246 | ECDSA_SIG_free(sign); | |
247 | return ret; | |
248 | } | |
249 | ||
250 | static int ecdsa_siggen_test(int id) | |
251 | { | |
252 | int ret = 0; | |
253 | EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; | |
254 | EVP_PKEY *pkey = NULL; | |
255 | size_t sig_len = 0, rlen = 0, slen = 0; | |
256 | unsigned char *sig = NULL; | |
257 | unsigned char *r = NULL, *s = NULL; | |
258 | const struct ecdsa_siggen_st *tst = &ecdsa_siggen_data[id]; | |
259 | ||
260 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) | |
261 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
11a1b341 | 262 | || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx, tst->curve_name)) |
4f2271d5 SL |
263 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)) |
264 | goto err; | |
265 | ||
266 | if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len, | |
267 | &sig, &sig_len)) | |
268 | || !TEST_true(get_ecdsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen))) | |
269 | goto err; | |
270 | test_output_memory("r", r, rlen); | |
271 | test_output_memory("s", s, slen); | |
272 | ret = 1; | |
273 | err: | |
274 | OPENSSL_free(r); | |
275 | OPENSSL_free(s); | |
276 | OPENSSL_free(sig); | |
277 | EVP_PKEY_free(pkey); | |
278 | EVP_PKEY_CTX_free(key_ctx); | |
279 | EVP_PKEY_CTX_free(ctx); | |
280 | return ret; | |
281 | } | |
282 | ||
283 | static int ecdsa_sigver_test(int id) | |
284 | { | |
285 | int ret = 0; | |
286 | EVP_MD_CTX *md_ctx = NULL; | |
287 | EVP_PKEY *pkey = NULL; | |
288 | ECDSA_SIG *sign = NULL; | |
289 | size_t sig_len; | |
290 | unsigned char *sig = NULL; | |
291 | BIGNUM *rbn = NULL, *sbn = NULL; | |
292 | const struct ecdsa_sigver_st *tst = &ecdsa_sigver_data[id]; | |
293 | ||
294 | if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name, | |
295 | tst->pub, tst->pub_len, 1))) | |
296 | goto err; | |
297 | ||
298 | if (!TEST_ptr(sign = ECDSA_SIG_new()) | |
299 | || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL)) | |
300 | || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL)) | |
301 | || !TEST_true(ECDSA_SIG_set0(sign, rbn, sbn))) | |
302 | goto err; | |
303 | rbn = sbn = NULL; | |
304 | ||
305 | ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0) | |
306 | && TEST_ptr(md_ctx = EVP_MD_CTX_new()) | |
d8652be0 MC |
307 | && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg, |
308 | libctx, NULL, pkey) | |
4f2271d5 SL |
309 | && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len, |
310 | tst->msg, tst->msg_len), tst->pass)); | |
311 | err: | |
312 | BN_free(rbn); | |
313 | BN_free(sbn); | |
314 | OPENSSL_free(sig); | |
315 | ECDSA_SIG_free(sign); | |
316 | EVP_PKEY_free(pkey); | |
317 | EVP_MD_CTX_free(md_ctx); | |
318 | return ret; | |
319 | ||
320 | } | |
321 | #endif /* OPENSSL_NO_EC */ | |
322 | ||
323 | #ifndef OPENSSL_NO_DSA | |
324 | static int pkey_get_octet_bytes(EVP_PKEY *pkey, const char *name, | |
325 | unsigned char **out, size_t *out_len) | |
326 | { | |
327 | size_t len = 0; | |
328 | unsigned char *buf = NULL; | |
329 | ||
330 | if (!EVP_PKEY_get_octet_string_param(pkey, name, NULL, 0, &len)) | |
331 | goto err; | |
332 | ||
333 | buf = OPENSSL_zalloc(len); | |
334 | if (buf == NULL) | |
335 | goto err; | |
336 | ||
337 | if (!EVP_PKEY_get_octet_string_param(pkey, name, buf, len, out_len)) | |
338 | goto err; | |
339 | *out = buf; | |
340 | return 1; | |
341 | err: | |
342 | OPENSSL_free(buf); | |
343 | return 0; | |
344 | } | |
345 | ||
346 | static EVP_PKEY *dsa_paramgen(int L, int N) | |
347 | { | |
348 | EVP_PKEY_CTX *paramgen_ctx = NULL; | |
349 | EVP_PKEY *param_key = NULL; | |
350 | ||
351 | if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) | |
352 | || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx)) | |
353 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, L)) | |
354 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, N)) | |
355 | || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, ¶m_key))) | |
356 | return NULL; | |
357 | EVP_PKEY_CTX_free(paramgen_ctx); | |
358 | return param_key; | |
359 | } | |
360 | ||
361 | static EVP_PKEY *dsa_keygen(int L, int N) | |
362 | { | |
363 | EVP_PKEY *param_key = NULL, *key = NULL; | |
364 | EVP_PKEY_CTX *keygen_ctx = NULL; | |
365 | ||
366 | if (!TEST_ptr(param_key = dsa_paramgen(L, N)) | |
367 | || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key, | |
368 | NULL)) | |
369 | || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0) | |
370 | || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0)) | |
371 | goto err; | |
372 | err: | |
373 | EVP_PKEY_free(param_key); | |
374 | EVP_PKEY_CTX_free(keygen_ctx); | |
375 | return key; | |
376 | } | |
377 | ||
378 | static int dsa_keygen_test(int id) | |
379 | { | |
380 | int ret = 0, i; | |
381 | EVP_PKEY_CTX *paramgen_ctx = NULL, *keygen_ctx = NULL; | |
382 | EVP_PKEY *param_key = NULL, *key = NULL; | |
383 | unsigned char *priv = NULL, *pub = NULL; | |
384 | size_t priv_len = 0, pub_len = 0; | |
385 | const struct dsa_paramgen_st *tst = &dsa_keygen_data[id]; | |
386 | ||
387 | if (!TEST_ptr(param_key = dsa_paramgen(tst->L, tst->N)) | |
388 | || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key, | |
389 | NULL)) | |
390 | || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0)) | |
391 | goto err; | |
392 | for (i = 0; i < 2; ++i) { | |
393 | if (!TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0) | |
394 | || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PRIV_KEY, | |
395 | &priv, &priv_len)) | |
396 | || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PUB_KEY, | |
397 | &pub, &pub_len))) | |
398 | goto err; | |
399 | test_output_memory("y", pub, pub_len); | |
400 | test_output_memory("x", priv, priv_len); | |
401 | EVP_PKEY_free(key); | |
402 | OPENSSL_clear_free(priv, priv_len); | |
403 | OPENSSL_free(pub); | |
404 | key = NULL; | |
405 | pub = priv = NULL; | |
406 | } | |
407 | ret = 1; | |
408 | err: | |
409 | OPENSSL_clear_free(priv, priv_len); | |
410 | OPENSSL_free(pub); | |
411 | EVP_PKEY_free(param_key); | |
412 | EVP_PKEY_free(key); | |
413 | EVP_PKEY_CTX_free(keygen_ctx); | |
414 | EVP_PKEY_CTX_free(paramgen_ctx); | |
415 | return ret; | |
416 | } | |
417 | ||
418 | static int dsa_paramgen_test(int id) | |
419 | { | |
420 | int ret = 0, counter = 0; | |
421 | EVP_PKEY_CTX *paramgen_ctx = NULL; | |
422 | EVP_PKEY *param_key = NULL; | |
423 | unsigned char *p = NULL, *q = NULL, *seed = NULL; | |
424 | size_t plen = 0, qlen = 0, seedlen = 0; | |
425 | const struct dsa_paramgen_st *tst = &dsa_paramgen_data[id]; | |
426 | ||
427 | if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) | |
428 | || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx)) | |
429 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, tst->L)) | |
430 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, tst->N)) | |
431 | || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, ¶m_key)) | |
432 | || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_P, | |
433 | &p, &plen)) | |
434 | || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_Q, | |
435 | &q, &qlen)) | |
436 | || !TEST_true(pkey_get_octet_bytes(param_key, OSSL_PKEY_PARAM_FFC_SEED, | |
437 | &seed, &seedlen)) | |
438 | || !TEST_true(EVP_PKEY_get_int_param(param_key, | |
439 | OSSL_PKEY_PARAM_FFC_PCOUNTER, | |
440 | &counter))) | |
441 | goto err; | |
442 | ||
443 | test_output_memory("p", p, plen); | |
444 | test_output_memory("q", q, qlen); | |
445 | test_output_memory("domainSeed", seed, seedlen); | |
446 | test_printf_stderr("%s: %d\n", "counter", counter); | |
447 | ret = 1; | |
448 | err: | |
449 | OPENSSL_free(p); | |
450 | OPENSSL_free(q); | |
451 | OPENSSL_free(seed); | |
452 | EVP_PKEY_free(param_key); | |
453 | EVP_PKEY_CTX_free(paramgen_ctx); | |
454 | return ret; | |
455 | } | |
456 | ||
457 | static int dsa_create_pkey(EVP_PKEY **pkey, | |
458 | const unsigned char *p, size_t p_len, | |
459 | const unsigned char *q, size_t q_len, | |
460 | const unsigned char *g, size_t g_len, | |
461 | const unsigned char *seed, size_t seed_len, | |
462 | int counter, | |
463 | const char *validate_type, | |
464 | const unsigned char *pub, size_t pub_len, | |
465 | BN_CTX *bn_ctx) | |
466 | { | |
467 | int ret = 0; | |
468 | EVP_PKEY_CTX *ctx = NULL; | |
469 | OSSL_PARAM_BLD *bld = NULL; | |
470 | OSSL_PARAM *params = NULL; | |
471 | BIGNUM *p_bn = NULL, *q_bn = NULL, *g_bn = NULL, *pub_bn = NULL; | |
472 | ||
473 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
474 | || !TEST_ptr(p_bn = BN_CTX_get(bn_ctx)) | |
475 | || !TEST_ptr(BN_bin2bn(p, p_len, p_bn)) | |
476 | || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, | |
477 | OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE, | |
478 | validate_type, 0)) | |
479 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p_bn)) | |
480 | || !TEST_ptr(q_bn = BN_CTX_get(bn_ctx)) | |
481 | || !TEST_ptr(BN_bin2bn(q, q_len, q_bn)) | |
482 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q_bn))) | |
483 | goto err; | |
484 | ||
485 | if (g != NULL) { | |
486 | if (!TEST_ptr(g_bn = BN_CTX_get(bn_ctx)) | |
487 | || !TEST_ptr(BN_bin2bn(g, g_len, g_bn)) | |
488 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, | |
489 | OSSL_PKEY_PARAM_FFC_G, g_bn))) | |
490 | goto err; | |
491 | } | |
492 | if (seed != NULL) { | |
493 | if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, | |
494 | OSSL_PKEY_PARAM_FFC_SEED, seed, seed_len))) | |
495 | goto err; | |
496 | } | |
497 | if (counter != -1) { | |
498 | if (!TEST_true(OSSL_PARAM_BLD_push_int(bld, | |
499 | OSSL_PKEY_PARAM_FFC_PCOUNTER, | |
500 | counter))) | |
501 | goto err; | |
502 | } | |
503 | if (pub != NULL) { | |
504 | if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx)) | |
505 | || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn)) | |
506 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, | |
507 | OSSL_PKEY_PARAM_PUB_KEY, | |
508 | pub_bn))) | |
509 | goto err; | |
510 | } | |
511 | if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
512 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) | |
513 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
514 | || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params))) | |
515 | goto err; | |
516 | ||
517 | ret = 1; | |
518 | err: | |
519 | OSSL_PARAM_BLD_free_params(params); | |
520 | OSSL_PARAM_BLD_free(bld); | |
521 | EVP_PKEY_CTX_free(ctx); | |
522 | return ret; | |
523 | } | |
524 | ||
525 | static int dsa_pqver_test(int id) | |
526 | { | |
527 | int ret = 0; | |
528 | BN_CTX *bn_ctx = NULL; | |
529 | EVP_PKEY_CTX *key_ctx = NULL; | |
530 | EVP_PKEY *param_key = NULL; | |
531 | const struct dsa_pqver_st *tst = &dsa_pqver_data[id]; | |
532 | ||
533 | if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx)) | |
534 | || !TEST_true(dsa_create_pkey(¶m_key, tst->p, tst->p_len, | |
535 | tst->q, tst->q_len, NULL, 0, | |
536 | tst->seed, tst->seed_len, tst->counter, | |
537 | OSSL_FFC_PARAM_VALIDATE_PQ, | |
538 | NULL, 0, | |
539 | bn_ctx)) | |
540 | || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key, | |
541 | NULL)) | |
542 | || !TEST_int_eq(EVP_PKEY_param_check(key_ctx), tst->pass)) | |
543 | goto err; | |
544 | ||
545 | ret = 1; | |
546 | err: | |
547 | BN_CTX_free(bn_ctx); | |
548 | EVP_PKEY_free(param_key); | |
549 | EVP_PKEY_CTX_free(key_ctx); | |
550 | return ret; | |
551 | } | |
552 | ||
553 | /* Extract r and s from a dsa signature */ | |
554 | static int get_dsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len, | |
555 | unsigned char **r, unsigned char **s, | |
556 | size_t *r_len, size_t *s_len) | |
557 | { | |
558 | int ret = 0; | |
559 | unsigned char *rbuf = NULL, *sbuf = NULL; | |
560 | size_t r1_len, s1_len; | |
561 | const BIGNUM *r1, *s1; | |
562 | DSA_SIG *sign = d2i_DSA_SIG(NULL, &sig, sig_len); | |
563 | ||
564 | if (sign == NULL) | |
565 | return 0; | |
566 | DSA_SIG_get0(sign, &r1, &s1); | |
567 | if (r1 == NULL || s1 == NULL) | |
568 | return 0; | |
569 | ||
570 | r1_len = BN_num_bytes(r1); | |
571 | s1_len = BN_num_bytes(s1); | |
572 | rbuf = OPENSSL_zalloc(r1_len); | |
573 | sbuf = OPENSSL_zalloc(s1_len); | |
574 | if (rbuf == NULL || sbuf == NULL) | |
575 | goto err; | |
576 | if (BN_bn2binpad(r1, rbuf, r1_len) <= 0) | |
577 | goto err; | |
578 | if (BN_bn2binpad(s1, sbuf, s1_len) <= 0) | |
579 | goto err; | |
580 | *r = rbuf; | |
581 | *s = sbuf; | |
582 | *r_len = r1_len; | |
583 | *s_len = s1_len; | |
584 | ret = 1; | |
585 | err: | |
586 | if (ret == 0) { | |
587 | OPENSSL_free(rbuf); | |
588 | OPENSSL_free(sbuf); | |
589 | } | |
590 | DSA_SIG_free(sign); | |
591 | return ret; | |
592 | } | |
593 | ||
594 | static int dsa_siggen_test(int id) | |
595 | { | |
596 | int ret = 0; | |
597 | EVP_PKEY *pkey = NULL; | |
598 | unsigned char *sig = NULL, *r = NULL, *s = NULL; | |
599 | size_t sig_len = 0, rlen = 0, slen = 0; | |
600 | const struct dsa_siggen_st *tst = &dsa_siggen_data[id]; | |
601 | ||
602 | if (!TEST_ptr(pkey = dsa_keygen(tst->L, tst->N))) | |
603 | goto err; | |
604 | ||
605 | if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len, | |
606 | &sig, &sig_len)) | |
607 | || !TEST_true(get_dsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen))) | |
608 | goto err; | |
609 | test_output_memory("r", r, rlen); | |
610 | test_output_memory("s", s, slen); | |
611 | ret = 1; | |
612 | err: | |
613 | OPENSSL_free(r); | |
614 | OPENSSL_free(s); | |
615 | OPENSSL_free(sig); | |
616 | EVP_PKEY_free(pkey); | |
617 | return ret; | |
618 | } | |
619 | ||
620 | static int dsa_sigver_test(int id) | |
621 | { | |
622 | int ret = 0; | |
623 | EVP_PKEY_CTX *ctx = NULL; | |
624 | EVP_PKEY *pkey = NULL; | |
625 | DSA_SIG *sign = NULL; | |
626 | size_t sig_len; | |
627 | unsigned char *sig = NULL; | |
628 | BIGNUM *rbn = NULL, *sbn = NULL; | |
629 | EVP_MD *md = NULL; | |
630 | unsigned char digest[EVP_MAX_MD_SIZE]; | |
631 | unsigned int digest_len; | |
632 | BN_CTX *bn_ctx = NULL; | |
633 | const struct dsa_sigver_st *tst = &dsa_sigver_data[id]; | |
634 | ||
635 | if (!TEST_ptr(bn_ctx = BN_CTX_new()) | |
636 | || !TEST_true(dsa_create_pkey(&pkey, tst->p, tst->p_len, | |
637 | tst->q, tst->q_len, tst->g, tst->g_len, | |
638 | NULL, 0, 0, "", tst->pub, tst->pub_len, | |
639 | bn_ctx))) | |
640 | goto err; | |
641 | ||
642 | if (!TEST_ptr(sign = DSA_SIG_new()) | |
643 | || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL)) | |
644 | || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL)) | |
645 | || !TEST_true(DSA_SIG_set0(sign, rbn, sbn))) | |
646 | goto err; | |
647 | rbn = sbn = NULL; | |
648 | ||
649 | if (!TEST_ptr(md = EVP_MD_fetch(libctx, tst->digest_alg, "")) | |
650 | || !TEST_true(EVP_Digest(tst->msg, tst->msg_len, | |
651 | digest, &digest_len, md, NULL))) | |
652 | goto err; | |
653 | ||
654 | if (!TEST_int_gt((sig_len = i2d_DSA_SIG(sign, &sig)), 0) | |
655 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
656 | || !TEST_int_gt(EVP_PKEY_verify_init(ctx), 0) | |
657 | || !TEST_int_eq(EVP_PKEY_verify(ctx, sig, sig_len, digest, digest_len), | |
658 | tst->pass)) | |
659 | goto err; | |
660 | ret = 1; | |
661 | err: | |
662 | EVP_PKEY_CTX_free(ctx); | |
663 | OPENSSL_free(sig); | |
664 | EVP_MD_free(md); | |
665 | DSA_SIG_free(sign); | |
666 | EVP_PKEY_free(pkey); | |
667 | BN_free(rbn); | |
668 | BN_free(sbn); | |
669 | BN_CTX_free(bn_ctx); | |
670 | return ret; | |
671 | } | |
672 | #endif /* OPENSSL_NO_DSA */ | |
673 | ||
674 | ||
675 | /* cipher encrypt/decrypt */ | |
676 | static int cipher_enc(const char *alg, | |
677 | const unsigned char *pt, size_t pt_len, | |
678 | const unsigned char *key, size_t key_len, | |
679 | const unsigned char *iv, size_t iv_len, | |
680 | const unsigned char *ct, size_t ct_len, | |
681 | int enc) | |
682 | { | |
683 | int ret = 0, out_len = 0, len = 0; | |
684 | EVP_CIPHER_CTX *ctx = NULL; | |
685 | EVP_CIPHER *cipher = NULL; | |
686 | unsigned char out[256] = { 0 }; | |
687 | ||
688 | TEST_note("%s : %s", alg, enc ? "encrypt" : "decrypt"); | |
689 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
690 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, "")) | |
691 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc)) | |
692 | || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
693 | || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len)) | |
694 | || !TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len))) | |
695 | goto err; | |
696 | out_len += len; | |
697 | if (!TEST_mem_eq(out, out_len, ct, ct_len)) | |
698 | goto err; | |
699 | ret = 1; | |
700 | err: | |
701 | EVP_CIPHER_free(cipher); | |
702 | EVP_CIPHER_CTX_free(ctx); | |
703 | return ret; | |
704 | } | |
705 | ||
706 | static int cipher_enc_dec_test(int id) | |
707 | { | |
708 | const struct cipher_st *tst = &cipher_enc_data[id]; | |
709 | const int enc = 1; | |
710 | ||
711 | return TEST_true(cipher_enc(tst->alg, tst->pt, tst->pt_len, | |
712 | tst->key, tst->key_len, | |
713 | tst->iv, tst->iv_len, | |
714 | tst->ct, tst->ct_len, enc)) | |
715 | && TEST_true(cipher_enc(tst->alg, tst->ct, tst->ct_len, | |
716 | tst->key, tst->key_len, | |
717 | tst->iv, tst->iv_len, | |
718 | tst->pt, tst->pt_len, !enc)); | |
719 | } | |
720 | ||
721 | static int aes_ccm_enc_dec(const char *alg, | |
722 | const unsigned char *pt, size_t pt_len, | |
723 | const unsigned char *key, size_t key_len, | |
724 | const unsigned char *iv, size_t iv_len, | |
725 | const unsigned char *aad, size_t aad_len, | |
726 | const unsigned char *ct, size_t ct_len, | |
727 | const unsigned char *tag, size_t tag_len, | |
728 | int enc, int pass) | |
729 | { | |
730 | int ret = 0; | |
731 | EVP_CIPHER_CTX *ctx; | |
732 | EVP_CIPHER *cipher = NULL; | |
733 | int out_len, len; | |
734 | unsigned char out[1024]; | |
735 | ||
736 | TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt", | |
737 | pass ? "pass" : "fail"); | |
738 | ||
739 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
740 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, "")) | |
741 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) | |
742 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, | |
743 | NULL)) | |
744 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, | |
745 | enc ? NULL : (void *)tag)) | |
746 | || !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) | |
747 | || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
748 | || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, NULL, pt_len)) | |
749 | || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len)) | |
750 | || !TEST_int_eq(EVP_CipherUpdate(ctx, out, &len, pt, pt_len), pass)) | |
751 | goto err; | |
752 | ||
753 | if (!pass) { | |
754 | ret = 1; | |
755 | goto err; | |
756 | } | |
757 | if (!TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len))) | |
758 | goto err; | |
759 | if (enc) { | |
760 | out_len += len; | |
761 | if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, | |
762 | tag_len, out + out_len)) | |
763 | || !TEST_mem_eq(out, out_len, ct, ct_len) | |
764 | || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len)) | |
765 | goto err; | |
766 | } else { | |
767 | if (!TEST_mem_eq(out, out_len + len, ct, ct_len)) | |
768 | goto err; | |
769 | } | |
770 | ||
771 | ret = 1; | |
772 | err: | |
773 | EVP_CIPHER_free(cipher); | |
774 | EVP_CIPHER_CTX_free(ctx); | |
775 | return ret; | |
776 | } | |
777 | ||
778 | static int aes_ccm_enc_dec_test(int id) | |
779 | { | |
780 | const struct cipher_ccm_st *tst = &aes_ccm_enc_data[id]; | |
781 | ||
782 | /* The tag is on the end of the cipher text */ | |
783 | const size_t tag_len = tst->ct_len - tst->pt_len; | |
784 | const size_t ct_len = tst->ct_len - tag_len; | |
785 | const unsigned char *tag = tst->ct + ct_len; | |
786 | const int enc = 1; | |
787 | const int pass = 1; | |
788 | ||
789 | if (ct_len < 1) | |
790 | return 0; | |
791 | ||
792 | return aes_ccm_enc_dec(tst->alg, tst->pt, tst->pt_len, | |
793 | tst->key, tst->key_len, | |
794 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
795 | tst->ct, ct_len, tag, tag_len, enc, pass) | |
796 | && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len, | |
797 | tst->key, tst->key_len, | |
798 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
799 | tst->pt, tst->pt_len, tag, tag_len, !enc, pass) | |
800 | /* test that it fails if the tag is incorrect */ | |
801 | && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len, | |
802 | tst->key, tst->key_len, | |
803 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
804 | tst->pt, tst->pt_len, | |
805 | tag - 1, tag_len, !enc, !pass); | |
806 | } | |
807 | ||
808 | static int aes_gcm_enc_dec(const char *alg, | |
809 | const unsigned char *pt, size_t pt_len, | |
810 | const unsigned char *key, size_t key_len, | |
811 | const unsigned char *iv, size_t iv_len, | |
812 | const unsigned char *aad, size_t aad_len, | |
813 | const unsigned char *ct, size_t ct_len, | |
814 | const unsigned char *tag, size_t tag_len, | |
815 | int enc, int pass) | |
816 | { | |
817 | int ret = 0; | |
818 | EVP_CIPHER_CTX *ctx; | |
819 | EVP_CIPHER *cipher = NULL; | |
820 | int out_len, len; | |
821 | unsigned char out[1024]; | |
822 | ||
823 | TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt", | |
824 | pass ? "pass" : "fail"); | |
825 | ||
826 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
827 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, "")) | |
828 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) | |
829 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, | |
830 | NULL))) | |
831 | goto err; | |
832 | ||
833 | if (!enc) { | |
834 | if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, | |
835 | (void *)tag))) | |
836 | goto err; | |
837 | } | |
838 | /* | |
839 | * TODO(3.0): The IV should not be set outside the boundary as it is now. | |
840 | * It needs to be fed in via a dummy entropy source for this test. | |
841 | */ | |
842 | if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) | |
843 | || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
844 | || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len)) | |
845 | || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len))) | |
846 | goto err; | |
847 | ||
848 | if (!TEST_int_eq(EVP_CipherFinal_ex(ctx, out + len, &out_len), pass)) | |
849 | goto err; | |
850 | if (!pass) { | |
851 | ret = 1; | |
852 | goto err; | |
853 | } | |
854 | out_len += len; | |
855 | if (enc) { | |
856 | if (!TEST_mem_eq(out, out_len, ct, ct_len) | |
857 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, | |
858 | tag_len, out + out_len)) | |
859 | || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len)) | |
860 | goto err; | |
861 | } else { | |
862 | if (!TEST_mem_eq(out, out_len, ct, ct_len)) | |
863 | goto err; | |
864 | } | |
865 | ||
866 | ret = 1; | |
867 | err: | |
868 | EVP_CIPHER_free(cipher); | |
869 | EVP_CIPHER_CTX_free(ctx); | |
870 | return ret; | |
871 | } | |
872 | ||
873 | static int aes_gcm_enc_dec_test(int id) | |
874 | { | |
875 | const struct cipher_gcm_st *tst = &aes_gcm_enc_data[id]; | |
876 | int enc = 1; | |
877 | int pass = 1; | |
878 | ||
879 | return aes_gcm_enc_dec(tst->alg, tst->pt, tst->pt_len, | |
880 | tst->key, tst->key_len, | |
881 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
882 | tst->ct, tst->ct_len, tst->tag, tst->tag_len, | |
883 | enc, pass) | |
884 | && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len, | |
885 | tst->key, tst->key_len, | |
886 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
887 | tst->pt, tst->pt_len, tst->tag, tst->tag_len, | |
888 | !enc, pass) | |
889 | /* Fail if incorrect tag passed to decrypt */ | |
890 | && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len, | |
891 | tst->key, tst->key_len, | |
892 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
893 | tst->pt, tst->pt_len, tst->aad, tst->tag_len, | |
894 | !enc, !pass); | |
895 | } | |
896 | ||
897 | #ifndef OPENSSL_NO_DH | |
898 | static int dh_create_pkey(EVP_PKEY **pkey, const char *group_name, | |
899 | const unsigned char *pub, size_t pub_len, | |
900 | const unsigned char *priv, size_t priv_len, | |
901 | BN_CTX *bn_ctx, int pass) | |
902 | { | |
903 | int ret = 0; | |
904 | EVP_PKEY_CTX *ctx = NULL; | |
905 | OSSL_PARAM_BLD *bld = NULL; | |
906 | OSSL_PARAM *params = NULL; | |
907 | BIGNUM *pub_bn = NULL, *priv_bn = NULL; | |
908 | ||
909 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
910 | || (group_name != NULL | |
911 | && !TEST_int_gt(OSSL_PARAM_BLD_push_utf8_string( | |
023b188c | 912 | bld, OSSL_PKEY_PARAM_GROUP_NAME, |
4f2271d5 SL |
913 | group_name, 0), 0))) |
914 | goto err; | |
915 | ||
916 | if (pub != NULL) { | |
917 | if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx)) | |
918 | || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn)) | |
919 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, | |
920 | pub_bn))) | |
921 | goto err; | |
922 | } | |
923 | if (priv != NULL) { | |
924 | if (!TEST_ptr(priv_bn = BN_CTX_get(bn_ctx)) | |
925 | || !TEST_ptr(BN_bin2bn(priv, priv_len, priv_bn)) | |
926 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, | |
927 | priv_bn))) | |
928 | goto err; | |
929 | } | |
930 | ||
931 | if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
932 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL)) | |
933 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
934 | || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), pass)) | |
935 | goto err; | |
936 | ||
937 | ret = 1; | |
938 | err: | |
939 | OSSL_PARAM_BLD_free_params(params); | |
940 | OSSL_PARAM_BLD_free(bld); | |
941 | EVP_PKEY_CTX_free(ctx); | |
942 | return ret; | |
943 | } | |
944 | ||
945 | static int dh_safe_prime_keygen_test(int id) | |
946 | { | |
947 | int ret = 0; | |
948 | EVP_PKEY_CTX *ctx = NULL; | |
949 | EVP_PKEY *pkey = NULL; | |
950 | unsigned char *priv = NULL; | |
951 | unsigned char *pub = NULL; | |
952 | size_t priv_len = 0, pub_len = 0; | |
953 | OSSL_PARAM params[2]; | |
954 | const struct dh_safe_prime_keygen_st *tst = &dh_safe_prime_keygen_data[id]; | |
955 | ||
023b188c | 956 | params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, |
4f2271d5 SL |
957 | (char *)tst->group_name, 0); |
958 | params[1] = OSSL_PARAM_construct_end(); | |
959 | ||
960 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL)) | |
961 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
962 | || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params)) | |
963 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0) | |
964 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY, | |
965 | &priv, &priv_len)) | |
966 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PUB_KEY, | |
967 | &pub, &pub_len))) | |
968 | goto err; | |
969 | ||
970 | test_output_memory("x", priv, priv_len); | |
971 | test_output_memory("y", pub, pub_len); | |
972 | ret = 1; | |
973 | err: | |
974 | OPENSSL_clear_free(priv, priv_len); | |
975 | OPENSSL_free(pub); | |
976 | EVP_PKEY_free(pkey); | |
977 | EVP_PKEY_CTX_free(ctx); | |
978 | return ret; | |
979 | } | |
980 | ||
981 | static int dh_safe_prime_keyver_test(int id) | |
982 | { | |
983 | int ret = 0; | |
984 | BN_CTX *bn_ctx = NULL; | |
985 | EVP_PKEY_CTX *key_ctx = NULL; | |
986 | EVP_PKEY *pkey = NULL; | |
987 | const struct dh_safe_prime_keyver_st *tst = &dh_safe_prime_keyver_data[id]; | |
988 | ||
989 | if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx)) | |
990 | || !TEST_true(dh_create_pkey(&pkey, tst->group_name, | |
991 | tst->pub, tst->pub_len, | |
992 | tst->priv, tst->priv_len, bn_ctx, 1)) | |
993 | || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
994 | || !TEST_int_eq(EVP_PKEY_check(key_ctx), tst->pass)) | |
995 | goto err; | |
996 | ||
997 | ret = 1; | |
998 | err: | |
999 | EVP_PKEY_free(pkey); | |
1000 | EVP_PKEY_CTX_free(key_ctx); | |
1001 | BN_CTX_free(bn_ctx); | |
1002 | return ret; | |
1003 | } | |
1004 | #endif /* OPENSSL_NO_DH */ | |
1005 | ||
1006 | ||
4f2271d5 SL |
1007 | static EVP_PKEY *rsa_keygen(int bits) |
1008 | { | |
1009 | EVP_PKEY *key = NULL; | |
1010 | EVP_PKEY_CTX *keygen_ctx = NULL; | |
1011 | ||
1012 | if (!TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) | |
1013 | || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0) | |
1014 | || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(keygen_ctx, bits)) | |
1015 | || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0)) | |
1016 | goto err; | |
1017 | err: | |
1018 | EVP_PKEY_CTX_free(keygen_ctx); | |
1019 | return key; | |
1020 | } | |
1021 | ||
1022 | static int rsa_create_pkey(EVP_PKEY **pkey, | |
1023 | const unsigned char *n, size_t n_len, | |
1024 | const unsigned char *e, size_t e_len, | |
1025 | const unsigned char *d, size_t d_len, | |
1026 | BN_CTX *bn_ctx) | |
1027 | { | |
1028 | int ret = 0; | |
1029 | EVP_PKEY_CTX *ctx = NULL; | |
1030 | OSSL_PARAM_BLD *bld = NULL; | |
1031 | OSSL_PARAM *params = NULL; | |
1032 | BIGNUM *e_bn = NULL, *d_bn = NULL, *n_bn = NULL; | |
1033 | ||
1034 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
1035 | || !TEST_ptr(n_bn = BN_CTX_get(bn_ctx)) | |
1036 | || !TEST_ptr(BN_bin2bn(n, n_len, n_bn)) | |
1037 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n_bn))) | |
1038 | goto err; | |
1039 | ||
1040 | if (e != NULL) { | |
1041 | if (!TEST_ptr(e_bn = BN_CTX_get(bn_ctx)) | |
1042 | || !TEST_ptr(BN_bin2bn(e, e_len, e_bn)) | |
1043 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, | |
1044 | e_bn))) | |
1045 | goto err; | |
1046 | } | |
1047 | if (d != NULL) { | |
1048 | if (!TEST_ptr(d_bn = BN_CTX_get(bn_ctx)) | |
1049 | || !TEST_ptr(BN_bin2bn(d, d_len, d_bn)) | |
1050 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, | |
1051 | d_bn))) | |
1052 | goto err; | |
1053 | } | |
1054 | if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
1055 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) | |
1056 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
1057 | || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params))) | |
1058 | goto err; | |
1059 | ||
1060 | ret = 1; | |
1061 | err: | |
1062 | OSSL_PARAM_BLD_free_params(params); | |
1063 | OSSL_PARAM_BLD_free(bld); | |
1064 | EVP_PKEY_CTX_free(ctx); | |
1065 | return ret; | |
1066 | } | |
1067 | ||
1068 | static int rsa_keygen_test(int id) | |
1069 | { | |
1070 | int ret = 0; | |
1071 | EVP_PKEY_CTX *ctx = NULL; | |
1072 | EVP_PKEY *pkey = NULL; | |
1073 | BIGNUM *e_bn = NULL; | |
1074 | BIGNUM *xp1_bn = NULL, *xp2_bn = NULL, *xp_bn = NULL; | |
1075 | BIGNUM *xq1_bn = NULL, *xq2_bn = NULL, *xq_bn = NULL; | |
1076 | unsigned char *n = NULL, *d = NULL; | |
1077 | unsigned char *p = NULL, *p1 = NULL, *p2 = NULL; | |
1078 | unsigned char *q = NULL, *q1 = NULL, *q2 = NULL; | |
1079 | size_t n_len = 0, d_len = 0; | |
1080 | size_t p_len = 0, p1_len = 0, p2_len = 0; | |
1081 | size_t q_len = 0, q1_len = 0, q2_len = 0; | |
1082 | OSSL_PARAM_BLD *bld = NULL; | |
1083 | OSSL_PARAM *params = NULL; | |
1084 | const struct rsa_keygen_st *tst = &rsa_keygen_data[id]; | |
1085 | ||
1086 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
1087 | || !TEST_ptr(xp1_bn = BN_bin2bn(tst->xp1, tst->xp1_len, NULL)) | |
1088 | || !TEST_ptr(xp2_bn = BN_bin2bn(tst->xp2, tst->xp2_len, NULL)) | |
1089 | || !TEST_ptr(xp_bn = BN_bin2bn(tst->xp, tst->xp_len, NULL)) | |
1090 | || !TEST_ptr(xq1_bn = BN_bin2bn(tst->xq1, tst->xq1_len, NULL)) | |
1091 | || !TEST_ptr(xq2_bn = BN_bin2bn(tst->xq2, tst->xq2_len, NULL)) | |
1092 | || !TEST_ptr(xq_bn = BN_bin2bn(tst->xq, tst->xq_len, NULL)) | |
1093 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP1, | |
1094 | xp1_bn)) | |
1095 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP2, | |
1096 | xp2_bn)) | |
1097 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP, | |
1098 | xp_bn)) | |
1099 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ1, | |
1100 | xq1_bn)) | |
1101 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ2, | |
1102 | xq2_bn)) | |
1103 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ, | |
1104 | xq_bn)) | |
1105 | || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) | |
1106 | goto err; | |
1107 | ||
1108 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) | |
1109 | || !TEST_ptr(e_bn = BN_bin2bn(tst->e, tst->e_len, NULL)) | |
1110 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
1111 | || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params)) | |
1112 | || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, tst->mod)) | |
3786d748 | 1113 | || !TEST_true(EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e_bn)) |
4f2271d5 SL |
1114 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0) |
1115 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P1, | |
1116 | &p1, &p1_len)) | |
1117 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P2, | |
1118 | &p2, &p2_len)) | |
1119 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q1, | |
1120 | &q1, &q1_len)) | |
1121 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q2, | |
1122 | &q2, &q2_len)) | |
1123 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, | |
1124 | &p, &p_len)) | |
1125 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, | |
1126 | &q, &q_len)) | |
1127 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, | |
1128 | &n, &n_len)) | |
1129 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_D, | |
1130 | &d, &d_len))) | |
1131 | goto err; | |
1132 | ||
1133 | if (!TEST_mem_eq(tst->p1, tst->p1_len, p1, p1_len) | |
1134 | || !TEST_mem_eq(tst->p2, tst->p2_len, p2, p2_len) | |
1135 | || !TEST_mem_eq(tst->p, tst->p_len, p, p_len) | |
1136 | || !TEST_mem_eq(tst->q1, tst->q1_len, q1, q1_len) | |
1137 | || !TEST_mem_eq(tst->q2, tst->q2_len, q2, q2_len) | |
1138 | || !TEST_mem_eq(tst->q, tst->q_len, q, q_len) | |
1139 | || !TEST_mem_eq(tst->n, tst->n_len, n, n_len) | |
1140 | || !TEST_mem_eq(tst->d, tst->d_len, d, d_len)) | |
1141 | goto err; | |
1142 | ||
1143 | test_output_memory("p1", p1, p1_len); | |
1144 | test_output_memory("p2", p2, p2_len); | |
1145 | test_output_memory("p", p, p_len); | |
1146 | test_output_memory("q1", q1, q1_len); | |
1147 | test_output_memory("q2", q2, q2_len); | |
1148 | test_output_memory("q", q, q_len); | |
1149 | test_output_memory("n", n, n_len); | |
1150 | test_output_memory("d", d, d_len); | |
1151 | ret = 1; | |
1152 | err: | |
1153 | BN_free(xp1_bn); | |
1154 | BN_free(xp2_bn); | |
1155 | BN_free(xp_bn); | |
1156 | BN_free(xq1_bn); | |
1157 | BN_free(xq2_bn); | |
1158 | BN_free(xq_bn); | |
1159 | BN_free(e_bn); | |
1160 | OPENSSL_free(p1); | |
1161 | OPENSSL_free(p2); | |
1162 | OPENSSL_free(q1); | |
1163 | OPENSSL_free(q2); | |
1164 | OPENSSL_free(p); | |
1165 | OPENSSL_free(q); | |
1166 | OPENSSL_free(n); | |
1167 | OPENSSL_free(d); | |
1168 | EVP_PKEY_free(pkey); | |
1169 | EVP_PKEY_CTX_free(ctx); | |
1170 | OSSL_PARAM_BLD_free_params(params); | |
1171 | OSSL_PARAM_BLD_free(bld); | |
1172 | return ret; | |
1173 | } | |
1174 | ||
1175 | static int rsa_siggen_test(int id) | |
1176 | { | |
1177 | int ret = 0; | |
1178 | EVP_PKEY *pkey = NULL; | |
1179 | unsigned char *sig = NULL, *n = NULL, *e = NULL; | |
1180 | size_t sig_len = 0, n_len = 0, e_len = 0; | |
1181 | OSSL_PARAM params[4], *p; | |
1182 | const struct rsa_siggen_st *tst = &rsa_siggen_data[id]; | |
1183 | ||
1184 | TEST_note("RSA %s signature generation", tst->sig_pad_mode); | |
1185 | ||
1186 | p = params; | |
1187 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, | |
1188 | (char *)tst->sig_pad_mode, 0); | |
1189 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, | |
1190 | (char *)tst->digest_alg, 0); | |
1191 | if (tst->pss_salt_len >= 0) { | |
1192 | int salt_len = tst->pss_salt_len; | |
1193 | ||
1194 | *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, | |
1195 | &salt_len); | |
1196 | } | |
1197 | *p++ = OSSL_PARAM_construct_end(); | |
1198 | ||
1199 | if (!TEST_ptr(pkey = rsa_keygen(tst->mod)) | |
1200 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len)) | |
1201 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len)) | |
1202 | || !TEST_true(sig_gen(pkey, params, tst->digest_alg, | |
1203 | tst->msg, tst->msg_len, | |
1204 | &sig, &sig_len))) | |
1205 | goto err; | |
1206 | test_output_memory("n", n, n_len); | |
1207 | test_output_memory("e", e, e_len); | |
1208 | test_output_memory("sig", sig, sig_len); | |
1209 | ret = 1; | |
1210 | err: | |
1211 | OPENSSL_free(n); | |
1212 | OPENSSL_free(e); | |
1213 | OPENSSL_free(sig); | |
1214 | EVP_PKEY_free(pkey); | |
1215 | return ret; | |
1216 | } | |
1217 | ||
1218 | static int rsa_sigver_test(int id) | |
1219 | { | |
1220 | int ret = 0; | |
1221 | EVP_PKEY_CTX *pkey_ctx = NULL; | |
1222 | EVP_PKEY *pkey = NULL; | |
1223 | EVP_MD_CTX *md_ctx = NULL; | |
1224 | BN_CTX *bn_ctx = NULL; | |
1225 | OSSL_PARAM params[4], *p; | |
1226 | const struct rsa_sigver_st *tst = &rsa_sigver_data[id]; | |
1227 | ||
1228 | TEST_note("RSA %s Signature Verify : expected to %s ", tst->sig_pad_mode, | |
1229 | tst->pass == PASS ? "pass" : "fail"); | |
1230 | ||
1231 | p = params; | |
1232 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, | |
1233 | (char *)tst->sig_pad_mode, 0); | |
1234 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, | |
1235 | (char *)tst->digest_alg, 0); | |
1236 | if (tst->pss_salt_len >= 0) { | |
1237 | int salt_len = tst->pss_salt_len; | |
1238 | ||
1239 | *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, | |
1240 | &salt_len); | |
1241 | } | |
1242 | *p++ = OSSL_PARAM_construct_end(); | |
1243 | ||
1244 | if (!TEST_ptr(bn_ctx = BN_CTX_new()) | |
1245 | || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len, | |
1246 | tst->e, tst->e_len, NULL, 0, bn_ctx)) | |
1247 | || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) | |
d8652be0 MC |
1248 | || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, |
1249 | tst->digest_alg, libctx, NULL, | |
1250 | pkey) | |
4f2271d5 SL |
1251 | || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params)) |
1252 | || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len, | |
1253 | tst->msg, tst->msg_len), tst->pass))) | |
1254 | goto err; | |
1255 | ret = 1; | |
1256 | err: | |
1257 | EVP_PKEY_free(pkey); | |
1258 | BN_CTX_free(bn_ctx); | |
1259 | EVP_MD_CTX_free(md_ctx); | |
1260 | return ret; | |
1261 | } | |
1262 | ||
1263 | static int rsa_decryption_primitive_test(int id) | |
1264 | { | |
1265 | int ret = 0; | |
1266 | EVP_PKEY_CTX *ctx = NULL; | |
1267 | EVP_PKEY *pkey = NULL; | |
1268 | unsigned char pt[2048]; | |
1269 | size_t pt_len = sizeof(pt); | |
1270 | unsigned char *n = NULL, *e = NULL; | |
1271 | size_t n_len = 0, e_len = 0; | |
1272 | BN_CTX *bn_ctx = NULL; | |
1273 | const struct rsa_decrypt_prim_st *tst = &rsa_decrypt_prim_data[id]; | |
1274 | ||
1275 | if (!TEST_ptr(pkey = rsa_keygen(2048)) | |
1276 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len)) | |
1277 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len)) | |
1278 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
1279 | || !TEST_int_gt(EVP_PKEY_decrypt_init(ctx), 0) | |
1280 | || !TEST_int_gt(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), 0)) | |
1281 | goto err; | |
1282 | ||
1283 | test_output_memory("n", n, n_len); | |
1284 | test_output_memory("e", e, e_len); | |
1285 | if (!EVP_PKEY_decrypt(ctx, pt, &pt_len, tst->ct, tst->ct_len)) | |
1286 | TEST_note("Decryption Failed"); | |
1287 | else | |
1288 | test_output_memory("pt", pt, pt_len); | |
1289 | ret = 1; | |
1290 | err: | |
1291 | OPENSSL_free(n); | |
1292 | OPENSSL_free(e); | |
1293 | EVP_PKEY_CTX_free(ctx); | |
1294 | EVP_PKEY_free(pkey); | |
1295 | BN_CTX_free(bn_ctx); | |
1296 | return ret; | |
1297 | } | |
4f2271d5 | 1298 | |
f8e74747 SL |
1299 | static int self_test_events(const OSSL_PARAM params[], void *varg) |
1300 | { | |
1301 | SELF_TEST_ARGS *args = varg; | |
1302 | const OSSL_PARAM *p = NULL; | |
1303 | const char *phase = NULL, *type = NULL, *desc = NULL; | |
1304 | int ret = 0; | |
1305 | ||
1306 | if (!args->enable) | |
1307 | return 1; | |
1308 | ||
1309 | args->called++; | |
1310 | p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_PHASE); | |
1311 | if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) | |
1312 | goto err; | |
1313 | phase = (const char *)p->data; | |
1314 | ||
1315 | p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_DESC); | |
1316 | if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) | |
1317 | goto err; | |
1318 | desc = (const char *)p->data; | |
1319 | ||
1320 | p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_TYPE); | |
1321 | if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) | |
1322 | goto err; | |
1323 | type = (const char *)p->data; | |
1324 | ||
1325 | BIO_printf(bio_out, "%s %s %s\n", phase, desc, type); | |
1326 | ret = 1; | |
1327 | err: | |
1328 | return ret; | |
1329 | } | |
4f2271d5 | 1330 | |
254b5dca P |
1331 | static int drbg_test(int id) |
1332 | { | |
1333 | OSSL_PARAM params[3]; | |
1334 | EVP_RAND *rand = NULL; | |
1335 | EVP_RAND_CTX *ctx = NULL, *parent = NULL; | |
1336 | unsigned char returned_bits[64]; | |
1337 | const size_t returned_bits_len = sizeof(returned_bits); | |
1338 | unsigned int strength = 256; | |
1339 | const struct drbg_st *tst = &drbg_data[id]; | |
1340 | int res = 0; | |
1341 | ||
1342 | /* Create the seed source */ | |
1343 | if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, "TEST-RAND", "-fips")) | |
1344 | || !TEST_ptr(parent = EVP_RAND_CTX_new(rand, NULL))) | |
1345 | goto err; | |
1346 | EVP_RAND_free(rand); | |
1347 | rand = NULL; | |
1348 | ||
1349 | params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength); | |
1350 | params[1] = OSSL_PARAM_construct_end(); | |
1351 | if (!TEST_true(EVP_RAND_set_ctx_params(parent, params))) | |
1352 | goto err; | |
1353 | ||
1354 | /* Get the DRBG */ | |
1355 | if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, tst->drbg_name, "")) | |
1356 | || !TEST_ptr(ctx = EVP_RAND_CTX_new(rand, parent))) | |
1357 | goto err; | |
1358 | ||
1359 | /* Set the DRBG up */ | |
1360 | params[0] = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF, | |
1361 | (int *)&tst->use_df); | |
1362 | params[1] = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER, | |
1363 | (char *)tst->cipher, 0); | |
1364 | params[2] = OSSL_PARAM_construct_end(); | |
1365 | if (!TEST_true(EVP_RAND_set_ctx_params(ctx, params))) | |
1366 | goto err; | |
1367 | ||
1368 | /* Feed in the entropy and nonce */ | |
1369 | params[0] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, | |
1370 | (void *)tst->entropy_input, | |
1371 | tst->entropy_input_len); | |
1372 | params[1] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE, | |
1373 | (void *)tst->nonce, | |
1374 | tst->nonce_len); | |
1375 | params[2] = OSSL_PARAM_construct_end(); | |
1376 | if (!TEST_true(EVP_RAND_set_ctx_params(parent, params))) | |
1377 | goto err; | |
1378 | ||
1379 | /* | |
1380 | * Run the test | |
1381 | * A NULL personalisation string defaults to the built in so something | |
1382 | * non-NULL is needed if there is no personalisation string | |
1383 | */ | |
1384 | if (!TEST_true(EVP_RAND_instantiate(ctx, 0, 0, (void *)"", 0)) | |
1385 | || !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len, | |
1386 | 0, 0, NULL, 0)) | |
1387 | || !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len, | |
1388 | 0, 0, NULL, 0))) | |
1389 | goto err; | |
1390 | ||
1391 | test_output_memory("returned bits", returned_bits, returned_bits_len); | |
1392 | ||
1393 | /* Clean up */ | |
1394 | if (!TEST_true(EVP_RAND_uninstantiate(ctx)) | |
1395 | || !TEST_true(EVP_RAND_uninstantiate(parent))) | |
1396 | goto err; | |
1397 | ||
1398 | /* Verify the output */ | |
1399 | if (!TEST_mem_eq(returned_bits, returned_bits_len, | |
1400 | tst->returned_bits, tst->returned_bits_len)) | |
1401 | goto err; | |
1402 | res = 1; | |
1403 | err: | |
1404 | EVP_RAND_CTX_free(ctx); | |
1405 | EVP_RAND_CTX_free(parent); | |
1406 | EVP_RAND_free(rand); | |
1407 | return res; | |
1408 | } | |
1409 | ||
4f2271d5 SL |
1410 | int setup_tests(void) |
1411 | { | |
1412 | char *config_file = NULL; | |
1413 | ||
1414 | OPTION_CHOICE o; | |
1415 | ||
1416 | while ((o = opt_next()) != OPT_EOF) { | |
1417 | switch (o) { | |
1418 | case OPT_CONFIG_FILE: | |
1419 | config_file = opt_arg(); | |
1420 | break; | |
1421 | case OPT_TEST_CASES: | |
1422 | break; | |
1423 | default: | |
1424 | case OPT_ERR: | |
1425 | return 0; | |
1426 | } | |
1427 | } | |
1428 | ||
bca7ad6e | 1429 | if (!test_get_libctx(&libctx, &prov_null, config_file, NULL, NULL)) |
4f2271d5 | 1430 | return 0; |
4f2271d5 | 1431 | |
f8e74747 | 1432 | OSSL_SELF_TEST_set_callback(libctx, self_test_events, &self_test_args); |
4f2271d5 SL |
1433 | |
1434 | ADD_ALL_TESTS(cipher_enc_dec_test, OSSL_NELEM(cipher_enc_data)); | |
1435 | ADD_ALL_TESTS(aes_ccm_enc_dec_test, OSSL_NELEM(aes_ccm_enc_data)); | |
1436 | ADD_ALL_TESTS(aes_gcm_enc_dec_test, OSSL_NELEM(aes_gcm_enc_data)); | |
1437 | ||
4f2271d5 SL |
1438 | ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data)); |
1439 | ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data)); | |
1440 | ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data)); | |
1441 | ADD_ALL_TESTS(rsa_decryption_primitive_test, | |
1442 | OSSL_NELEM(rsa_decrypt_prim_data)); | |
4f2271d5 SL |
1443 | |
1444 | #ifndef OPENSSL_NO_DH | |
1445 | ADD_ALL_TESTS(dh_safe_prime_keygen_test, | |
1446 | OSSL_NELEM(dh_safe_prime_keygen_data)); | |
1447 | ADD_ALL_TESTS(dh_safe_prime_keyver_test, | |
1448 | OSSL_NELEM(dh_safe_prime_keyver_data)); | |
1449 | #endif /* OPENSSL_NO_DH */ | |
1450 | ||
1451 | #ifndef OPENSSL_NO_DSA | |
1452 | ADD_ALL_TESTS(dsa_keygen_test, OSSL_NELEM(dsa_keygen_data)); | |
1453 | ADD_ALL_TESTS(dsa_paramgen_test, OSSL_NELEM(dsa_paramgen_data)); | |
1454 | ADD_ALL_TESTS(dsa_pqver_test, OSSL_NELEM(dsa_pqver_data)); | |
1455 | ADD_ALL_TESTS(dsa_siggen_test, OSSL_NELEM(dsa_siggen_data)); | |
1456 | ADD_ALL_TESTS(dsa_sigver_test, OSSL_NELEM(dsa_sigver_data)); | |
1457 | #endif /* OPENSSL_NO_DSA */ | |
1458 | ||
1459 | #ifndef OPENSSL_NO_EC | |
1460 | ADD_ALL_TESTS(ecdsa_keygen_test, OSSL_NELEM(ecdsa_keygen_data)); | |
1461 | ADD_ALL_TESTS(ecdsa_pub_verify_test, OSSL_NELEM(ecdsa_pv_data)); | |
1462 | ADD_ALL_TESTS(ecdsa_siggen_test, OSSL_NELEM(ecdsa_siggen_data)); | |
1463 | ADD_ALL_TESTS(ecdsa_sigver_test, OSSL_NELEM(ecdsa_sigver_data)); | |
1464 | #endif /* OPENSSL_NO_EC */ | |
254b5dca P |
1465 | |
1466 | ADD_ALL_TESTS(drbg_test, OSSL_NELEM(drbg_data)); | |
4f2271d5 SL |
1467 | return 1; |
1468 | } | |
1469 | ||
1470 | void cleanup_tests(void) | |
1471 | { | |
1472 | OSSL_PROVIDER_unload(prov_null); | |
b4250010 | 1473 | OSSL_LIB_CTX_free(libctx); |
4f2271d5 | 1474 | } |