]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/dhtest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Ignore -named_curve auto value to improve backwards compatibility
[thirdparty/openssl.git] / test / dhtest.c
CommitLineData
440e5d80
RS		 1/*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6 3 *
440e5d80
RS		 4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
d02b48c6
RE		 8 */
9
10#include <stdio.h>
11#include <stdlib.h>
12#include <string.h>
55f78baf 13
93d02986 14#include "e_os.h"
ec577822
BM		 15#include <openssl/crypto.h>
16#include <openssl/bio.h>
17#include <openssl/bn.h>
b0bb2b91 18#include <openssl/rand.h>
cb78486d 19#include <openssl/err.h>
93d02986 20#include "testutil.h"
f5d7a031 21
cf1b7d96 22#ifdef OPENSSL_NO_DH
f5d7a031
UM		 23int main(int argc, char *argv[])
24{
25 printf("No DH support\n");
0f113f3e 26 return (0);
f5d7a031
UM		 27}
28#else
0f113f3e 29# include <openssl/dh.h>
d02b48c6 30
6d23cf97 31static int cb(int p, int n, BN_GENCB *arg);
d02b48c6 32
0f113f3e
MC		 33static const char rnd_seed[] =
34 "string to make the random number generator think it has entropy";
7d388202 35
93d02986 36static int dh_test(void)
0f113f3e 37{
f562aeda 38 BN_GENCB *_cb = NULL;
0f113f3e
MC		 39 DH *a = NULL;
40 DH *b = NULL;
93d02986 41 const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL;
b84e1226
MC		 42 const BIGNUM *bpub_key = NULL;
43 BIGNUM *bp = NULL, *bg = NULL;
f562aeda
HZ		 44 unsigned char *abuf = NULL;
45 unsigned char *bbuf = NULL;
46 int i, alen, blen, aout, bout;
9d9d2879 47 int ret = 0;
0f113f3e 48
0f113f3e
MC		 49 RAND_seed(rnd_seed, sizeof rnd_seed);
50
93d02986 51 if (!TEST_ptr(_cb = BN_GENCB_new()))
0f113f3e 52 goto err;
93d02986
RS		 53 BN_GENCB_set(_cb, &cb, NULL);
54 if (!TEST_ptr(a = DH_new())
55 || !TEST_true(DH_generate_parameters_ex(a, 64,
56 DH_GENERATOR_5, _cb)))
0f113f3e
MC		 57 goto err;
58
59 if (!DH_check(a, &i))
60 goto err;
9d9d2879
RS		 61 if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
62 || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
63 || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
64 || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR))
0f113f3e
MC		 65 goto err;
66
9d9d2879
RS		 67 DH_get0_pqg(a, &ap, NULL, &ag);
68
93d02986
RS		 69 if (!TEST_ptr(b = DH_new()))
70 goto err;
71
72 if (!TEST_ptr(bp = BN_dup(ap))
73 || !TEST_ptr(bg = BN_dup(ag))
74 || !TEST_true(DH_set0_pqg(b, bp, NULL, bg)))
0f113f3e 75 goto err;
0aeddcfa 76 bp = bg = NULL;
0f113f3e 77
0f113f3e
MC		 78 if (!DH_generate_key(a))
79 goto err;
9d9d2879 80 DH_get0_key(a, &apub_key, NULL);
0f113f3e
MC		 81
82 if (!DH_generate_key(b))
83 goto err;
9d9d2879 84 DH_get0_key(b, &bpub_key, NULL);
0f113f3e
MC		 85
86 alen = DH_size(a);
93d02986 87 if (!TEST_ptr(abuf = OPENSSL_malloc(alen))
9d9d2879 88 || !TEST_true((aout = DH_compute_key(abuf, bpub_key, a)) != -1))
f562aeda
HZ		 89 goto err;
90
0f113f3e 91 blen = DH_size(b);
93d02986 92 if (!TEST_ptr(bbuf = OPENSSL_malloc(blen))
9d9d2879 93 || !TEST_true((bout = DH_compute_key(bbuf, apub_key, b)) != -1))
93d02986 94 goto err;
9d9d2879
RS		 95
96 if (!TEST_true(aout >= 4)
93d02986 97 || !TEST_mem_eq(abuf, aout, bbuf, bout))
f562aeda 98 goto err;
9d9d2879 99
93d02986 100 ret = 1;
0f113f3e 101
93d02986 102 err:
b548a1f1
RS		 103 OPENSSL_free(abuf);
104 OPENSSL_free(bbuf);
d6407083
RS		 105 DH_free(b);
106 DH_free(a);
0aeddcfa
MC		 107 BN_free(bp);
108 BN_free(bg);
23a1d5e9 109 BN_GENCB_free(_cb);
93d02986 110 return ret;
0f113f3e 111}
d02b48c6 112
6d23cf97 113static int cb(int p, int n, BN_GENCB *arg)
0f113f3e 114{
0f113f3e
MC		 115 return 1;
116}
20bee968
DSH		 117
118/* Test data from RFC 5114 */
119
120static const unsigned char dhtest_1024_160_xA[] = {
0f113f3e
MC		 121 0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50,
122 0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E
20bee968 123};
0f113f3e 124
20bee968 125static const unsigned char dhtest_1024_160_yA[] = {
0f113f3e
MC		 126 0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D,
127 0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09,
128 0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76,
129 0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F,
130 0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D,
131 0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A,
132 0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA,
133 0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA,
134 0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01,
135 0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95,
136 0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76
20bee968 137};
0f113f3e 138
20bee968 139static const unsigned char dhtest_1024_160_xB[] = {
0f113f3e
MC		 140 0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8,
141 0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA
20bee968 142};
0f113f3e 143
20bee968 144static const unsigned char dhtest_1024_160_yB[] = {
0f113f3e
MC		 145 0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94,
146 0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66,
147 0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C,
148 0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E,
149 0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3,
150 0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A,
151 0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E,
152 0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26,
153 0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A,
154 0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67,
155 0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE
20bee968 156};
0f113f3e 157
20bee968 158static const unsigned char dhtest_1024_160_Z[] = {
0f113f3e
MC		 159 0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F,
160 0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5,
161 0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3,
162 0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8,
163 0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF,
164 0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13,
165 0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED,
166 0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83,
167 0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0,
168 0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46,
169 0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D
20bee968 170};
0f113f3e 171
20bee968 172static const unsigned char dhtest_2048_224_xA[] = {
0f113f3e
MC		 173 0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7,
174 0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4,
175 0x83, 0x29, 0x4B, 0x0C
20bee968 176};
0f113f3e 177
20bee968 178static const unsigned char dhtest_2048_224_yA[] = {
0f113f3e
MC		 179 0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49,
180 0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0,
181 0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04,
182 0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B,
183 0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1,
184 0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C,
185 0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6,
186 0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43,
187 0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D,
188 0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E,
189 0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9,
190 0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE,
191 0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52,
192 0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3,
193 0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6,
194 0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06,
195 0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52,
196 0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A,
197 0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15,
198 0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB,
199 0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C,
200 0x71, 0x64, 0x8D, 0x6F
20bee968 201};
0f113f3e 202
20bee968 203static const unsigned char dhtest_2048_224_xB[] = {
0f113f3e
MC		 204 0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63,
205 0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15,
206 0x35, 0x3B, 0x75, 0x90
20bee968 207};
0f113f3e 208
20bee968 209static const unsigned char dhtest_2048_224_yB[] = {
0f113f3e
MC		 210 0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44,
211 0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2,
212 0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41,
213 0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1,
214 0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C,
215 0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2,
216 0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE,
217 0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC,
218 0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47,
219 0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03,
220 0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6,
221 0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC,
222 0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A,
223 0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3,
224 0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4,
225 0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17,
226 0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF,
227 0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC,
228 0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7,
229 0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15,
230 0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20,
231 0x02, 0x14, 0x2B, 0x6C
20bee968 232};
0f113f3e 233
20bee968 234static const unsigned char dhtest_2048_224_Z[] = {
0f113f3e
MC		 235 0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03,
236 0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3,
237 0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E,
238 0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C,
239 0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79,
240 0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4,
241 0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2,
242 0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9,
243 0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F,
244 0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B,
245 0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23,
246 0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A,
247 0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8,
248 0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89,
249 0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9,
250 0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF,
251 0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7,
252 0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2,
253 0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2,
254 0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4,
255 0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C,
256 0xF9, 0xF6, 0x38, 0x69
20bee968 257};
0f113f3e 258
20bee968 259static const unsigned char dhtest_2048_256_xA[] = {
0f113f3e
MC		 260 0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61,
261 0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3,
262 0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E
20bee968 263};
0f113f3e 264
20bee968 265static const unsigned char dhtest_2048_256_yA[] = {
0f113f3e
MC		 266 0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41,
267 0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6,
268 0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9,
269 0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE,
270 0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8,
271 0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9,
272 0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50,
273 0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8,
274 0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82,
275 0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC,
276 0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41,
277 0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02,
278 0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA,
279 0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A,
280 0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F,
281 0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3,
282 0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5,
283 0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0,
284 0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A,
285 0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F,
286 0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5,
287 0x7C, 0xA6, 0x7E, 0x29
20bee968 288};
0f113f3e 289
20bee968 290static const unsigned char dhtest_2048_256_xB[] = {
0f113f3e
MC		 291 0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF,
292 0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64,
293 0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D
20bee968 294};
0f113f3e 295
20bee968 296static const unsigned char dhtest_2048_256_yB[] = {
0f113f3e
MC		 297 0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8,
298 0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98,
299 0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7,
300 0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E,
301 0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25,
302 0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05,
303 0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63,
304 0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97,
305 0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F,
306 0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3,
307 0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98,
308 0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A,
309 0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D,
310 0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C,
311 0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5,
312 0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80,
313 0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A,
314 0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44,
315 0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA,
316 0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D,
317 0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53,
318 0x75, 0x7E, 0x19, 0x13
20bee968 319};
0f113f3e 320
20bee968 321static const unsigned char dhtest_2048_256_Z[] = {
0f113f3e
MC		 322 0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17,
323 0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1,
324 0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00,
325 0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE,
326 0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0,
327 0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0,
328 0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED,
329 0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04,
330 0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A,
331 0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C,
332 0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C,
333 0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93,
334 0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38,
335 0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52,
336 0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F,
337 0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9,
338 0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C,
339 0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A,
340 0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3,
341 0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0,
342 0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0,
343 0xC2, 0x6C, 0x5D, 0x7C
20bee968
DSH		 344};
345
e729aac1
MC		 346static const unsigned char dhtest_rfc5114_2048_224_bad_y[] = {
347 0x45, 0x32, 0x5F, 0x51, 0x07, 0xE5, 0xDF, 0x1C, 0xD6, 0x02, 0x82, 0xB3,
348 0x32, 0x8F, 0xA4, 0x0F, 0x87, 0xB8, 0x41, 0xFE, 0xB9, 0x35, 0xDE, 0xAD,
349 0xC6, 0x26, 0x85, 0xB4, 0xFF, 0x94, 0x8C, 0x12, 0x4C, 0xBF, 0x5B, 0x20,
350 0xC4, 0x46, 0xA3, 0x26, 0xEB, 0xA4, 0x25, 0xB7, 0x68, 0x8E, 0xCC, 0x67,
351 0xBA, 0xEA, 0x58, 0xD0, 0xF2, 0xE9, 0xD2, 0x24, 0x72, 0x60, 0xDA, 0x88,
352 0x18, 0x9C, 0xE0, 0x31, 0x6A, 0xAD, 0x50, 0x6D, 0x94, 0x35, 0x8B, 0x83,
353 0x4A, 0x6E, 0xFA, 0x48, 0x73, 0x0F, 0x83, 0x87, 0xFF, 0x6B, 0x66, 0x1F,
354 0xA8, 0x82, 0xC6, 0x01, 0xE5, 0x80, 0xB5, 0xB0, 0x52, 0xD0, 0xE9, 0xD8,
355 0x72, 0xF9, 0x7D, 0x5B, 0x8B, 0xA5, 0x4C, 0xA5, 0x25, 0x95, 0x74, 0xE2,
356 0x7A, 0x61, 0x4E, 0xA7, 0x8F, 0x12, 0xE2, 0xD2, 0x9D, 0x8C, 0x02, 0x70,
357 0x34, 0x44, 0x32, 0xC7, 0xB2, 0xF3, 0xB9, 0xFE, 0x17, 0x2B, 0xD6, 0x1F,
358 0x8B, 0x7E, 0x4A, 0xFA, 0xA3, 0xB5, 0x3E, 0x7A, 0x81, 0x9A, 0x33, 0x66,
359 0x62, 0xA4, 0x50, 0x18, 0x3E, 0xA2, 0x5F, 0x00, 0x07, 0xD8, 0x9B, 0x22,
360 0xE4, 0xEC, 0x84, 0xD5, 0xEB, 0x5A, 0xF3, 0x2A, 0x31, 0x23, 0xD8, 0x44,
361 0x22, 0x2A, 0x8B, 0x37, 0x44, 0xCC, 0xC6, 0x87, 0x4B, 0xBE, 0x50, 0x9D,
362 0x4A, 0xC4, 0x8E, 0x45, 0xCF, 0x72, 0x4D, 0xC0, 0x89, 0xB3, 0x72, 0xED,
363 0x33, 0x2C, 0xBC, 0x7F, 0x16, 0x39, 0x3B, 0xEB, 0xD2, 0xDD, 0xA8, 0x01,
364 0x73, 0x84, 0x62, 0xB9, 0x29, 0xD2, 0xC9, 0x51, 0x32, 0x9E, 0x7A, 0x6A,
365 0xCF, 0xC1, 0x0A, 0xDB, 0x0E, 0xE0, 0x62, 0x77, 0x6F, 0x59, 0x62, 0x72,
366 0x5A, 0x69, 0xA6, 0x5B, 0x70, 0xCA, 0x65, 0xC4, 0x95, 0x6F, 0x9A, 0xC2,
367 0xDF, 0x72, 0x6D, 0xB1, 0x1E, 0x54, 0x7B, 0x51, 0xB4, 0xEF, 0x7F, 0x89,
368 0x93, 0x74, 0x89, 0x59
369};
370
0f113f3e
MC		 371typedef struct {
372 DH *(*get_param) (void);
373 const unsigned char *xA;
374 size_t xA_len;
375 const unsigned char *yA;
376 size_t yA_len;
377 const unsigned char *xB;
378 size_t xB_len;
379 const unsigned char *yB;
380 size_t yB_len;
381 const unsigned char *Z;
382 size_t Z_len;
383} rfc5114_td;
384
385# define make_rfc5114_td(pre) { \
386 DH_get_##pre, \
387 dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \
388 dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \
389 dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \
390 dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \
391 dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \
392 }
20bee968
DSH		 393
394static const rfc5114_td rfctd[] = {
0f113f3e
MC		 395 make_rfc5114_td(1024_160),
396 make_rfc5114_td(2048_224),
397 make_rfc5114_td(2048_256)
20bee968
DSH		 398};
399
93d02986 400static int rfc5114_test(void)
0f113f3e
MC		 401{
402 int i;
f562aeda
HZ		 403 DH *dhA = NULL;
404 DH *dhB = NULL;
405 unsigned char *Z1 = NULL;
406 unsigned char *Z2 = NULL;
407 const rfc5114_td *td = NULL;
0aeddcfa 408 BIGNUM *bady = NULL, *priv_key = NULL, *pub_key = NULL;
b84e1226 409 const BIGNUM *pub_key_tmp;
f562aeda 410
bdcb1a2c 411 for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
f562aeda 412 td = rfctd + i;
0f113f3e 413 /* Set up DH structures setting key components */
93d02986
RS		 414 if (!TEST_ptr(dhA = td->get_param())
415 || !TEST_ptr(dhB = td->get_param()))
0f113f3e
MC		 416 goto bad_err;
417
93d02986
RS		 418 if (!TEST_ptr(priv_key = BN_bin2bn(td->xA, td->xA_len, NULL))
419 || !TEST_ptr(pub_key = BN_bin2bn(td->yA, td->yA_len, NULL))
420 || !TEST_true(DH_set0_key(dhA, pub_key, priv_key)))
0aeddcfa 421 goto bad_err;
0f113f3e 422
93d02986
RS		 423 if (!TEST_ptr(priv_key = BN_bin2bn(td->xB, td->xB_len, NULL))
424 || !TEST_ptr(pub_key = BN_bin2bn(td->yB, td->yB_len, NULL))
425 || !TEST_true( DH_set0_key(dhB, pub_key, priv_key)))
0f113f3e 426 goto bad_err;
0aeddcfa 427 priv_key = pub_key = NULL;
0f113f3e 428
93d02986
RS		 429 if (!TEST_uint_eq(td->Z_len, (size_t)DH_size(dhA))
430 || !TEST_uint_eq(td->Z_len, (size_t)DH_size(dhB)))
0f113f3e
MC		 431 goto err;
432
93d02986
RS		 433 if (!TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA)))
434 || !TEST_ptr(Z2 = OPENSSL_malloc(DH_size(dhB))))
f562aeda 435 goto bad_err;
0f113f3e
MC		 436 /*
437 * Work out shared secrets using both sides and compare with expected
438 * values.
439 */
b84e1226 440 DH_get0_key(dhB, &pub_key_tmp, NULL);
93d02986 441 if (!TEST_int_ne(DH_compute_key(Z1, pub_key_tmp, dhA), -1))
0f113f3e 442 goto bad_err;
b84e1226
MC		 443
444 DH_get0_key(dhA, &pub_key_tmp, NULL);
93d02986 445 if (!TEST_int_ne(DH_compute_key(Z2, pub_key_tmp, dhB), -1))
0f113f3e
MC		 446 goto bad_err;
447
93d02986
RS		 448 if (!TEST_mem_eq(Z1, td->Z_len, td->Z, td->Z_len)
449 || !TEST_mem_eq(Z2, td->Z_len, td->Z, td->Z_len))
0f113f3e 450 goto err;
0f113f3e
MC		 451
452 DH_free(dhA);
e729aac1 453 dhA = NULL;
93d02986 454 DH_free(dhB);
e729aac1 455 dhB = NULL;
93d02986 456 OPENSSL_free(Z1);
e729aac1 457 Z1 = NULL;
93d02986 458 OPENSSL_free(Z2);
e729aac1
MC		 459 Z2 = NULL;
460 }
0f113f3e 461
e729aac1
MC		 462 /* Now i == OSSL_NELEM(rfctd) */
463 /* RFC5114 uses unsafe primes, so now test an invalid y value */
93d02986
RS		 464 if (!TEST_ptr(dhA = DH_get_2048_224())
465 || !TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA))))
e729aac1
MC		 466 goto bad_err;
467
93d02986
RS		 468 if (!TEST_ptr(bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y,
469 sizeof(dhtest_rfc5114_2048_224_bad_y),
470 NULL)))
e729aac1
MC		 471 goto bad_err;
472
473 if (!DH_generate_key(dhA))
474 goto bad_err;
475
476 if (DH_compute_key(Z1, bady, dhA) != -1) {
477 /*
478 * DH_compute_key should fail with -1. If we get here we unexpectedly
479 * allowed an invalid y value
480 */
481 goto err;
0f113f3e 482 }
e729aac1
MC		 483 /* We'll have a stale error on the queue from the above test so clear it */
484 ERR_clear_error();
e729aac1
MC		 485 BN_free(bady);
486 DH_free(dhA);
487 OPENSSL_free(Z1);
0f113f3e 488 return 1;
93d02986 489
0f113f3e 490 bad_err:
e729aac1 491 BN_free(bady);
f562aeda
HZ		 492 DH_free(dhA);
493 DH_free(dhB);
0aeddcfa
MC		 494 BN_free(pub_key);
495 BN_free(priv_key);
f562aeda
HZ		 496 OPENSSL_free(Z1);
497 OPENSSL_free(Z2);
93d02986 498 TEST_error("Initialisation error RFC5114 set %d\n", i + 1);
0f113f3e 499 return 0;
93d02986 500
0f113f3e 501 err:
e729aac1 502 BN_free(bady);
f562aeda
HZ		 503 DH_free(dhA);
504 DH_free(dhB);
505 OPENSSL_free(Z1);
506 OPENSSL_free(Z2);
93d02986 507 TEST_error("Test failed RFC5114 set %d\n", i + 1);
0f113f3e
MC		 508 return 0;
509}
20bee968 510
93d02986
RS		 511
512void register_tests(void)
513{
514 ADD_TEST(dh_test);
515 ADD_TEST(rfc5114_test);
516}
f5d7a031 517#endif
A mirror of the official openssl repository