]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/endecode_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix various typos, repeated words, align some spelling to LDP.
[thirdparty/openssl.git] / test / endecode_test.c
CommitLineData
5a23d78c 1/*
fecb3aae 2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
5a23d78c
RL		 3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
3ecbea6a 10#include <string.h>
ae12eac0 11#include <openssl/core_dispatch.h>
5a23d78c
RL		 12#include <openssl/evp.h>
13#include <openssl/pem.h>
14#include <openssl/rsa.h>
15#include <openssl/x509.h>
c0f39ded 16#include <openssl/core_names.h>
7c664b1f 17#include <openssl/params.h>
c0f39ded 18#include <openssl/param_build.h>
ece9304c
RL		 19#include <openssl/encoder.h>
20#include <openssl/decoder.h>
5a23d78c 21
e2ac846e 22#include "internal/cryptlib.h" /* ossl_assert */
0934cf48 23#include "crypto/pem.h" /* For PVK and "blob" PEM headers */
4f0831b8 24#include "crypto/evp.h" /* For evp_pkey_is_provided() */
e2ac846e 25
20f8bc72 26#include "helpers/predefined_dhparams.h"
5a23d78c
RL		 27#include "testutil.h"
28
7ee992a5
MC		 29#ifdef STATIC_LEGACY
30OSSL_provider_init_fn ossl_legacy_provider_init;
31#endif
32
6511f686
JS		 33/* Extended test macros to allow passing file & line number */
34#define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
35#define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
36#define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
37#define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
38#define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
39#define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
40#define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
41#define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
42#define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
43
a2e145f8
RL		 44#if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
45# define OPENSSL_NO_KEYPARAMS
46#endif
47
169eca60
JS		 48static int default_libctx = 1;
49static int is_fips = 0;
e1289d90 50static int is_fips_3_0_0 = 0;
169eca60
JS		 51
52static OSSL_LIB_CTX *testctx = NULL;
53static OSSL_LIB_CTX *keyctx = NULL;
54static char *testpropq = NULL;
55
56static OSSL_PROVIDER *nullprov = NULL;
57static OSSL_PROVIDER *deflprov = NULL;
58static OSSL_PROVIDER *keyprov = NULL;
59
c0f39ded
SL		 60#ifndef OPENSSL_NO_EC
61static BN_CTX *bnctx = NULL;
62static OSSL_PARAM_BLD *bld_prime_nc = NULL;
63static OSSL_PARAM_BLD *bld_prime = NULL;
64static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
65static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
66
67# ifndef OPENSSL_NO_EC2M
68static OSSL_PARAM_BLD *bld_tri_nc = NULL;
69static OSSL_PARAM_BLD *bld_tri = NULL;
70static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
71static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
72# endif
73#endif
74
a2e145f8 75#ifndef OPENSSL_NO_KEYPARAMS
7c664b1f
RL		 76static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
77{
78 EVP_PKEY *pkey = NULL;
5658470c
DDO		 79 EVP_PKEY_CTX *ctx = NULL;
80
821d6f8c 81# ifndef OPENSSL_NO_DH
1234aa7e
DDO		 82 /*
83 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
84 * for testing only. Use a minimum key size of 2048 for security purposes.
85 */
5658470c 86 if (strcmp(type, "DH") == 0)
169eca60
JS		 87 return get_dh512(keyctx);
88
5658470c 89 if (strcmp(type, "X9.42 DH") == 0)
169eca60 90 return get_dhx512(keyctx);
821d6f8c 91# endif
7c664b1f
RL		 92
93 /*
94 * No real need to check the errors other than for the cascade
95 * effect. |pkey| will simply remain NULL if something goes wrong.
96 */
169eca60 97 (void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL
7c664b1f
RL		 98 && EVP_PKEY_paramgen_init(ctx) > 0
99 && (genparams == NULL
100 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
f9253152 101 && EVP_PKEY_generate(ctx, &pkey) > 0);
7c664b1f
RL		 102 EVP_PKEY_CTX_free(ctx);
103
104 return pkey;
105}
821d6f8c 106#endif
5a23d78c 107
91f2b15f 108#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
7c664b1f 109static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
1251cddf 110 OSSL_PARAM *genparams)
5a23d78c
RL		 111{
112 EVP_PKEY *pkey = NULL;
7c664b1f
RL		 113 EVP_PKEY_CTX *ctx =
114 template != NULL
169eca60
JS		 115 ? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq)
116 : EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq);
5a23d78c
RL		 117
118 /*
119 * No real need to check the errors other than for the cascade
7c664b1f 120 * effect. |pkey| will simply remain NULL if something goes wrong.
5a23d78c
RL		 121 */
122 (void)(ctx != NULL
123 && EVP_PKEY_keygen_init(ctx) > 0
7c664b1f
RL		 124 && (genparams == NULL
125 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
5a23d78c
RL		 126 && EVP_PKEY_keygen(ctx, &pkey) > 0);
127 EVP_PKEY_CTX_free(ctx);
5a23d78c
RL		 128 return pkey;
129}
91f2b15f 130#endif
5a23d78c
RL		 131
132/* Main test driver */
133
6511f686
JS		 134typedef int (encoder)(const char *file, const int line,
135 void **encoded, long *encoded_len,
973a52ce
RL		 136 void *object, int selection,
137 const char *output_type, const char *output_structure,
ae12eac0 138 const char *pass, const char *pcipher);
6511f686
JS		 139typedef int (decoder)(const char *file, const int line,
140 void **object, void *encoded, long encoded_len,
ff1c10d9
RL		 141 const char *input_type, const char *structure_type,
142 const char *keytype, int selection, const char *pass);
6511f686
JS		 143typedef int (tester)(const char *file, const int line,
144 const void *data1, size_t data1_len,
319d0b2b 145 const void *data2, size_t data2_len);
6511f686
JS		 146typedef int (checker)(const char *file, const int line,
147 const char *type, const void *data, size_t data_len);
5a23d78c
RL		 148typedef void (dumper)(const char *label, const void *data, size_t data_len);
149
b565a17d 150#define FLAG_DECODE_WITH_TYPE 0x0001
e8a41459 151#define FLAG_FAIL_IF_FIPS 0x0002
b565a17d 152
6511f686
JS		 153static int test_encode_decode(const char *file, const int line,
154 const char *type, EVP_PKEY *pkey,
973a52ce
RL		 155 int selection, const char *output_type,
156 const char *output_structure,
1251cddf
RL		 157 const char *pass, const char *pcipher,
158 encoder *encode_cb, decoder *decode_cb,
159 tester *test_cb, checker *check_cb,
b565a17d 160 dumper *dump_cb, int flags)
5a23d78c 161{
ece9304c
RL		 162 void *encoded = NULL;
163 long encoded_len = 0;
5a23d78c 164 EVP_PKEY *pkey2 = NULL;
ece9304c
RL		 165 void *encoded2 = NULL;
166 long encoded2_len = 0;
5a23d78c
RL		 167 int ok = 0;
168
ae12eac0
RL		 169 /*
170 * Encode |pkey|, decode the result into |pkey2|, and finish off by
171 * encoding |pkey2| as well. That last encoding is for checking and
172 * dumping purposes.
173 */
6511f686 174 if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
e8a41459
TM		 175 output_type, output_structure, pass, pcipher)))
176 goto end;
177
e1289d90 178 if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips && !is_fips_3_0_0) {
e8a41459
TM		 179 if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
180 encoded_len, output_type, output_structure,
181 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
182 selection, pass)))
183 ok = 1;
184 goto end;
185 }
186
187 if (!TEST_true(check_cb(file, line, type, encoded, encoded_len))
6511f686 188 || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
ff1c10d9 189 output_type, output_structure,
b565a17d 190 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
ff1c10d9 191 selection, pass))
6511f686 192 || !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
973a52ce 193 output_type, output_structure, pass, pcipher)))
ae12eac0
RL		 194 goto end;
195
b565a17d
MC		 196 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
197 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
198 goto end;
199 } else {
200 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
201 goto end;
202 }
5a23d78c
RL		 203
204 /*
ece9304c 205 * Double check the encoding, but only for unprotected keys,
3ecbea6a
RL		 206 * as protected keys have a random component, which makes the output
207 * differ.
5a23d78c 208 */
3ecbea6a 209 if ((pass == NULL && pcipher == NULL)
6511f686 210 && !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
5a23d78c
RL		 211 goto end;
212
213 ok = 1;
214 end:
319d0b2b 215 if (!ok) {
ece9304c 216 if (encoded != NULL && encoded_len != 0)
ae12eac0 217 dump_cb("|pkey| encoded", encoded, encoded_len);
ece9304c 218 if (encoded2 != NULL && encoded2_len != 0)
ae12eac0 219 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
319d0b2b 220 }
5a23d78c 221
ece9304c
RL		 222 OPENSSL_free(encoded);
223 OPENSSL_free(encoded2);
5a23d78c
RL		 224 EVP_PKEY_free(pkey2);
225 return ok;
226}
227
973a52ce 228/* Encoding and decoding methods */
5a23d78c 229
6511f686
JS		 230static int encode_EVP_PKEY_prov(const char *file, const int line,
231 void **encoded, long *encoded_len,
973a52ce
RL		 232 void *object, int selection,
233 const char *output_type,
234 const char *output_structure,
ae12eac0 235 const char *pass, const char *pcipher)
5a23d78c
RL		 236{
237 EVP_PKEY *pkey = object;
ece9304c 238 OSSL_ENCODER_CTX *ectx = NULL;
5a23d78c
RL		 239 BIO *mem_ser = NULL;
240 BUF_MEM *mem_buf = NULL;
3ecbea6a 241 const unsigned char *upass = (const unsigned char *)pass;
5a23d78c
RL		 242 int ok = 0;
243
6511f686 244 if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
fe75766c
TM		 245 output_type,
246 output_structure,
169eca60 247 testpropq))
6511f686 248 || !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
3ecbea6a 249 || (pass != NULL
6511f686 250 && !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
ae12eac0 251 strlen(pass))))
3ecbea6a 252 || (pcipher != NULL
6511f686
JS		 253 && !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
254 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
255 || !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
256 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
257 || !TEST_FL_ptr(*encoded = mem_buf->data)
258 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
5a23d78c
RL		 259 goto end;
260
ece9304c 261 /* Detach the encoded output */
5a23d78c
RL		 262 mem_buf->data = NULL;
263 mem_buf->length = 0;
264 ok = 1;
265 end:
266 BIO_free(mem_ser);
ece9304c 267 OSSL_ENCODER_CTX_free(ectx);
5a23d78c
RL		 268 return ok;
269}
270
6511f686
JS		 271static int decode_EVP_PKEY_prov(const char *file, const int line,
272 void **object, void *encoded, long encoded_len,
ff1c10d9
RL		 273 const char *input_type,
274 const char *structure_type,
275 const char *keytype, int selection,
276 const char *pass)
5a23d78c 277{
b565a17d 278 EVP_PKEY *pkey = NULL, *testpkey = NULL;
ece9304c 279 OSSL_DECODER_CTX *dctx = NULL;
b565a17d 280 BIO *encoded_bio = NULL;
3ecbea6a 281 const unsigned char *upass = (const unsigned char *)pass;
5a23d78c 282 int ok = 0;
b565a17d
MC		 283 int i;
284 const char *badtype;
5a23d78c 285
b565a17d
MC		 286 if (strcmp(input_type, "DER") == 0)
287 badtype = "PEM";
288 else
289 badtype = "DER";
290
6511f686 291 if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
5a23d78c 292 goto end;
b565a17d
MC		 293
294 /*
295 * We attempt the decode 3 times. The first time we provide the expected
296 * starting input type. The second time we provide NULL for the starting
297 * type. The third time we provide a bad starting input type.
298 * The bad starting input type should fail. The other two should succeed
299 * and produce the same result.
300 */
301 for (i = 0; i < 3; i++) {
302 const char *testtype = (i == 0) ? input_type
303 : ((i == 1) ? NULL : badtype);
304
6511f686 305 if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
fe75766c 306 testtype,
ff1c10d9 307 structure_type,
fe75766c
TM		 308 keytype,
309 selection,
169eca60 310 testctx, testpropq))
b565a17d
MC		 311 || (pass != NULL
312 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
6511f686 313 || !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
b565a17d 314 /* We expect to fail when using a bad input type */
6511f686 315 || !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
b565a17d
MC		 316 (i == 2) ? 0 : 1))
317 goto end;
318 OSSL_DECODER_CTX_free(dctx);
319 dctx = NULL;
320
321 if (i == 0) {
322 pkey = testpkey;
323 testpkey = NULL;
324 } else if (i == 1) {
325 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
6511f686 326 if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
b565a17d
MC		 327 goto end;
328 } else {
6511f686 329 if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
b565a17d
MC		 330 goto end;
331 }
332 }
333 }
5a23d78c
RL		 334 ok = 1;
335 *object = pkey;
b565a17d
MC		 336 pkey = NULL;
337
5a23d78c 338 end:
b565a17d
MC		 339 EVP_PKEY_free(pkey);
340 EVP_PKEY_free(testpkey);
341 BIO_free(encoded_bio);
ece9304c 342 OSSL_DECODER_CTX_free(dctx);
5a23d78c
RL		 343 return ok;
344}
345
6511f686
JS		 346static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
347 void **encoded, long *encoded_len,
973a52ce
RL		 348 void *object, ossl_unused int selection,
349 ossl_unused const char *output_type,
350 ossl_unused const char *output_structure,
ae12eac0 351 const char *pass, const char *pcipher)
e2ac846e
RL		 352{
353 EVP_PKEY *pkey = object;
354 EVP_CIPHER *cipher = NULL;
355 BIO *mem_ser = NULL;
356 BUF_MEM *mem_buf = NULL;
357 const unsigned char *upass = (const unsigned char *)pass;
358 size_t passlen = 0;
359 int ok = 0;
360
361 if (pcipher != NULL && pass != NULL) {
362 passlen = strlen(pass);
169eca60 363 if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq)))
e2ac846e
RL		 364 goto end;
365 }
6511f686
JS		 366 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
367 || !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
e2ac846e
RL		 368 cipher,
369 upass, passlen,
370 NULL, NULL))
6511f686
JS		 371 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
372 || !TEST_FL_ptr(*encoded = mem_buf->data)
373 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
e2ac846e
RL		 374 goto end;
375
ece9304c 376 /* Detach the encoded output */
e2ac846e
RL		 377 mem_buf->data = NULL;
378 mem_buf->length = 0;
379 ok = 1;
380 end:
381 BIO_free(mem_ser);
382 EVP_CIPHER_free(cipher);
383 return ok;
384}
385
6511f686
JS		 386static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
387 void **encoded, long *encoded_len,
973a52ce 388 void *object, int selection,
ae12eac0 389 ossl_unused const char *output_type,
973a52ce 390 ossl_unused const char *output_structure,
1251cddf 391 ossl_unused const char *pass,
ae12eac0 392 ossl_unused const char *pcipher)
a7922e20
RL		 393{
394 EVP_PKEY *pkey = object;
395 BIO *mem_ser = NULL;
396 BUF_MEM *mem_buf = NULL;
397 int ok = 0;
398
6511f686 399 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
a7922e20
RL		 400 goto end;
401
973a52ce 402 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
6511f686 403 if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
973a52ce
RL		 404 goto end;
405 } else {
6511f686 406 if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
973a52ce
RL		 407 goto end;
408 }
a7922e20 409
6511f686
JS		 410 if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
411 || !TEST_FL_ptr(*encoded = mem_buf->data)
412 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
a7922e20
RL		 413 goto end;
414
ece9304c 415 /* Detach the encoded output */
a7922e20
RL		 416 mem_buf->data = NULL;
417 mem_buf->length = 0;
418 ok = 1;
419 end:
420 BIO_free(mem_ser);
421 return ok;
422}
423
a7922e20
RL		 424static pem_password_cb pass_pw;
425static int pass_pw(char *buf, int size, int rwflag, void *userdata)
426{
427 OPENSSL_strlcpy(buf, userdata, size);
428 return strlen(userdata);
429}
430
6511f686
JS		 431static int encode_EVP_PKEY_PVK(const char *file, const int line,
432 void **encoded, long *encoded_len,
973a52ce 433 void *object, int selection,
ae12eac0 434 ossl_unused const char *output_type,
973a52ce 435 ossl_unused const char *output_structure,
1251cddf 436 const char *pass,
ae12eac0 437 ossl_unused const char *pcipher)
a7922e20
RL		 438{
439 EVP_PKEY *pkey = object;
440 BIO *mem_ser = NULL;
441 BUF_MEM *mem_buf = NULL;
442 int enc = (pass != NULL);
443 int ok = 0;
444
6511f686 445 if (!TEST_FL_true(ossl_assert((selection
973a52ce 446 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
6511f686 447 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
169eca60
JS		 448 || !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc,
449 pass_pw, (void *)pass, testctx, testpropq), 0)
6511f686
JS		 450 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
451 || !TEST_FL_ptr(*encoded = mem_buf->data)
452 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
a7922e20
RL		 453 goto end;
454
ece9304c 455 /* Detach the encoded output */
a7922e20
RL		 456 mem_buf->data = NULL;
457 mem_buf->length = 0;
458 ok = 1;
459 end:
460 BIO_free(mem_ser);
461 return ok;
462}
a7922e20 463
6511f686
JS		 464static int test_text(const char *file, const int line,
465 const void *data1, size_t data1_len,
319d0b2b
RL		 466 const void *data2, size_t data2_len)
467{
6511f686 468 return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
319d0b2b
RL		 469}
470
6511f686
JS		 471static int test_mem(const char *file, const int line,
472 const void *data1, size_t data1_len,
319d0b2b
RL		 473 const void *data2, size_t data2_len)
474{
6511f686 475 return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
319d0b2b
RL		 476}
477
5a23d78c
RL		 478/* Test cases and their dumpers / checkers */
479
ae12eac0
RL		 480static void collect_name(const char *name, void *arg)
481{
482 char **namelist = arg;
483 char *new_namelist;
484 size_t space;
485
486 space = strlen(name);
487 if (*namelist != NULL)
488 space += strlen(*namelist) + 2 /* for comma and space */;
489 space++; /* for terminating null byte */
490
491 new_namelist = OPENSSL_realloc(*namelist, space);
492 if (new_namelist == NULL)
493 return;
494 if (*namelist != NULL) {
495 strcat(new_namelist, ", ");
496 strcat(new_namelist, name);
497 } else {
498 strcpy(new_namelist, name);
499 }
500 *namelist = new_namelist;
501}
502
5a23d78c
RL		 503static void dump_der(const char *label, const void *data, size_t data_len)
504{
505 test_output_memory(label, data, data_len);
506}
507
508static void dump_pem(const char *label, const void *data, size_t data_len)
509{
510 test_output_string(label, data, data_len - 1);
511}
512
6511f686
JS		 513static int check_unprotected_PKCS8_DER(const char *file, const int line,
514 const char *type,
3ecbea6a 515 const void *data, size_t data_len)
5a23d78c
RL		 516{
517 const unsigned char *datap = data;
518 PKCS8_PRIV_KEY_INFO *p8inf =
519 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
520 int ok = 0;
521
6511f686 522 if (TEST_FL_ptr(p8inf)) {
169eca60 523 EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq);
ae12eac0
RL		 524 char *namelist = NULL;
525
6511f686
JS		 526 if (TEST_FL_ptr(pkey)) {
527 if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
ddf0d149 528 EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist);
ae12eac0
RL		 529 if (namelist != NULL)
530 TEST_note("%s isn't any of %s", type, namelist);
531 OPENSSL_free(namelist);
532 }
4f0831b8 533 ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey));
ae12eac0
RL		 534 EVP_PKEY_free(pkey);
535 }
5a23d78c
RL		 536 }
537 PKCS8_PRIV_KEY_INFO_free(p8inf);
538 return ok;
539}
540
e8a41459 541static int test_unprotected_via_DER(const char *type, EVP_PKEY *key, int fips)
846f96f8 542{
6511f686 543 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 544 OSSL_KEYMGMT_SELECT_KEYPAIR
169eca60 545 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
6a2b8ff3 546 "DER", "PrivateKeyInfo", NULL, NULL,
1251cddf 547 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
ae12eac0 548 test_mem, check_unprotected_PKCS8_DER,
e8a41459 549 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
846f96f8
RL		 550}
551
6511f686
JS		 552static int check_unprotected_PKCS8_PEM(const char *file, const int line,
553 const char *type,
3ecbea6a 554 const void *data, size_t data_len)
5a23d78c 555{
ae12eac0
RL		 556 static const char expected_pem_header[] =
557 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
5a23d78c 558
6511f686 559 return TEST_FL_strn_eq(data, expected_pem_header,
ae12eac0 560 sizeof(expected_pem_header) - 1);
5a23d78c
RL		 561}
562
e8a41459 563static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key, int fips)
5a23d78c 564{
169eca60
JS		 565 return test_encode_decode(__FILE__, __LINE__, type, key,
566 OSSL_KEYMGMT_SELECT_KEYPAIR
567 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
6a2b8ff3 568 "PEM", "PrivateKeyInfo", NULL, NULL,
1251cddf 569 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
ae12eac0 570 test_text, check_unprotected_PKCS8_PEM,
e8a41459 571 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
b565a17d
MC		 572}
573
a2e145f8 574#ifndef OPENSSL_NO_KEYPARAMS
6511f686
JS		 575static int check_params_DER(const char *file, const int line,
576 const char *type, const void *data, size_t data_len)
b565a17d
MC		 577{
578 const unsigned char *datap = data;
579 int ok = 0;
580 int itype = NID_undef;
581 EVP_PKEY *pkey = NULL;
582
583 if (strcmp(type, "DH") == 0)
584 itype = EVP_PKEY_DH;
585 else if (strcmp(type, "X9.42 DH") == 0)
586 itype = EVP_PKEY_DHX;
587 else if (strcmp(type, "DSA") == 0)
588 itype = EVP_PKEY_DSA;
589 else if (strcmp(type, "EC") == 0)
590 itype = EVP_PKEY_EC;
591
592 if (itype != NID_undef) {
593 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
594 ok = (pkey != NULL);
595 EVP_PKEY_free(pkey);
596 }
597
598 return ok;
599}
600
6511f686
JS		 601static int check_params_PEM(const char *file, const int line,
602 const char *type,
603 const void *data, size_t data_len)
b565a17d
MC		 604{
605 static char expected_pem_header[80];
606
607 return
6511f686 608 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
b565a17d
MC		 609 sizeof(expected_pem_header),
610 "-----BEGIN %s PARAMETERS-----", type), 0)
6511f686 611 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
b565a17d
MC		 612}
613
614static int test_params_via_DER(const char *type, EVP_PKEY *key)
615{
6511f686 616 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 617 "DER", "type-specific", NULL, NULL,
b565a17d
MC		 618 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
619 test_mem, check_params_DER,
620 dump_der, FLAG_DECODE_WITH_TYPE);
621}
622
623static int test_params_via_PEM(const char *type, EVP_PKEY *key)
624{
6511f686 625 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 626 "PEM", "type-specific", NULL, NULL,
b565a17d
MC		 627 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
628 test_text, check_params_PEM,
629 dump_pem, 0);
e2ac846e 630}
a2e145f8 631#endif /* !OPENSSL_NO_KEYPARAMS */
e2ac846e 632
6511f686
JS		 633static int check_unprotected_legacy_PEM(const char *file, const int line,
634 const char *type,
e2ac846e
RL		 635 const void *data, size_t data_len)
636{
ae12eac0 637 static char expected_pem_header[80];
e2ac846e 638
846f96f8 639 return
6511f686 640 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
ae12eac0 641 sizeof(expected_pem_header),
846f96f8 642 "-----BEGIN %s PRIVATE KEY-----", type), 0)
6511f686 643 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
e2ac846e
RL		 644}
645
7c664b1f 646static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
846f96f8 647{
169eca60
JS		 648 if (!default_libctx || is_fips)
649 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
650
6511f686 651 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 652 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 653 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 654 "PEM", "type-specific", NULL, NULL,
1251cddf 655 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
ae12eac0 656 test_text, check_unprotected_legacy_PEM,
b565a17d 657 dump_pem, 0);
3ecbea6a
RL		 658}
659
6511f686
JS		 660static int check_MSBLOB(const char *file, const int line,
661 const char *type, const void *data, size_t data_len)
a7922e20
RL		 662{
663 const unsigned char *datap = data;
664 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
6511f686 665 int ok = TEST_FL_ptr(pkey);
a7922e20
RL		 666
667 EVP_PKEY_free(pkey);
668 return ok;
669}
670
671static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
672{
6511f686 673 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 674 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 675 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 676 "MSBLOB", NULL, NULL, NULL,
1251cddf 677 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
ae12eac0 678 test_mem, check_MSBLOB,
b565a17d 679 dump_der, 0);
a7922e20
RL		 680}
681
6511f686
JS		 682static int check_PVK(const char *file, const int line,
683 const char *type, const void *data, size_t data_len)
a7922e20
RL		 684{
685 const unsigned char *in = data;
686 unsigned int saltlen = 0, keylen = 0;
687 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
688
689 return ok;
690}
691
692static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
693{
6511f686 694 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 695 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 696 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 697 "PVK", NULL, NULL, NULL,
1251cddf 698 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
ae12eac0 699 test_mem, check_PVK,
b565a17d 700 dump_der, 0);
a7922e20 701}
a7922e20 702
3ecbea6a
RL		 703static const char *pass_cipher = "AES-256-CBC";
704static const char *pass = "the holy handgrenade of antioch";
705
6511f686
JS		 706static int check_protected_PKCS8_DER(const char *file, const int line,
707 const char *type,
3ecbea6a
RL		 708 const void *data, size_t data_len)
709{
710 const unsigned char *datap = data;
711 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
6511f686 712 int ok = TEST_FL_ptr(p8);
3ecbea6a
RL		 713
714 X509_SIG_free(p8);
715 return ok;
716}
717
e8a41459 718static int test_protected_via_DER(const char *type, EVP_PKEY *key, int fips)
846f96f8 719{
6511f686 720 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 721 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 722 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
602bfb8b 723 "DER", "EncryptedPrivateKeyInfo",
6a2b8ff3 724 pass, pass_cipher,
1251cddf 725 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
ae12eac0 726 test_mem, check_protected_PKCS8_DER,
e8a41459 727 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
3ecbea6a
RL		 728}
729
6511f686
JS		 730static int check_protected_PKCS8_PEM(const char *file, const int line,
731 const char *type,
3ecbea6a
RL		 732 const void *data, size_t data_len)
733{
ae12eac0
RL		 734 static const char expected_pem_header[] =
735 "-----BEGIN " PEM_STRING_PKCS8 "-----";
3ecbea6a 736
6511f686 737 return TEST_FL_strn_eq(data, expected_pem_header,
ae12eac0 738 sizeof(expected_pem_header) - 1);
3ecbea6a
RL		 739}
740
e8a41459 741static int test_protected_via_PEM(const char *type, EVP_PKEY *key, int fips)
3ecbea6a 742{
6511f686 743 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 744 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 745 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
602bfb8b 746 "PEM", "EncryptedPrivateKeyInfo",
6a2b8ff3 747 pass, pass_cipher,
1251cddf 748 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
ae12eac0 749 test_text, check_protected_PKCS8_PEM,
e8a41459 750 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
e2ac846e
RL		 751}
752
6511f686
JS		 753static int check_protected_legacy_PEM(const char *file, const int line,
754 const char *type,
e2ac846e
RL		 755 const void *data, size_t data_len)
756{
ae12eac0 757 static char expected_pem_header[80];
e2ac846e
RL		 758
759 return
6511f686 760 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
ae12eac0 761 sizeof(expected_pem_header),
846f96f8 762 "-----BEGIN %s PRIVATE KEY-----", type), 0)
6511f686
JS		 763 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
764 && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
e2ac846e
RL		 765}
766
7c664b1f 767static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
e2ac846e 768{
169eca60
JS		 769 if (!default_libctx || is_fips)
770 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
771
6511f686 772 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 773 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 774 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 775 "PEM", "type-specific", pass, pass_cipher,
1251cddf 776 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
ae12eac0 777 test_text, check_protected_legacy_PEM,
b565a17d 778 dump_pem, 0);
846f96f8
RL		 779}
780
2e1bc081 781#ifndef OPENSSL_NO_RC4
a7922e20
RL		 782static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
783{
169eca60
JS		 784 int ret = 0;
785 OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
786 if (lgcyprov == NULL)
787 return TEST_skip("Legacy provider not available");
788
789 ret = test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 790 OSSL_KEYMGMT_SELECT_KEYPAIR
ae12eac0 791 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce 792 "PVK", NULL, pass, NULL,
1251cddf 793 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
b565a17d 794 test_mem, check_PVK, dump_der, 0);
169eca60
JS		 795 OSSL_PROVIDER_unload(lgcyprov);
796 return ret;
a7922e20
RL		 797}
798#endif
799
6511f686
JS		 800static int check_public_DER(const char *file, const int line,
801 const char *type, const void *data, size_t data_len)
3ff8159a
RL		 802{
803 const unsigned char *datap = data;
169eca60 804 EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq);
6511f686 805 int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
3ff8159a
RL		 806
807 EVP_PKEY_free(pkey);
808 return ok;
809}
810
e8a41459 811static int test_public_via_DER(const char *type, EVP_PKEY *key, int fips)
3ff8159a 812{
6511f686 813 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 814 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
169eca60 815 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
973a52ce 816 "DER", "SubjectPublicKeyInfo", NULL, NULL,
1251cddf 817 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
e8a41459
TM		 818 test_mem, check_public_DER, dump_der,
819 fips ? 0 : FLAG_FAIL_IF_FIPS);
3ff8159a
RL		 820}
821
6511f686
JS		 822static int check_public_PEM(const char *file, const int line,
823 const char *type, const void *data, size_t data_len)
3ff8159a 824{
ae12eac0
RL		 825 static const char expected_pem_header[] =
826 "-----BEGIN " PEM_STRING_PUBLIC "-----";
3ff8159a
RL		 827
828 return
6511f686 829 TEST_FL_strn_eq(data, expected_pem_header,
ae12eac0 830 sizeof(expected_pem_header) - 1);
3ff8159a
RL		 831}
832
e8a41459 833static int test_public_via_PEM(const char *type, EVP_PKEY *key, int fips)
3ff8159a 834{
6511f686 835 return test_encode_decode(__FILE__, __LINE__, type, key,
973a52ce 836 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
169eca60 837 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
973a52ce 838 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
1251cddf 839 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
e8a41459
TM		 840 test_text, check_public_PEM, dump_pem,
841 fips ? 0 : FLAG_FAIL_IF_FIPS);
3ff8159a
RL		 842}
843
6511f686
JS		 844static int check_public_MSBLOB(const char *file, const int line,
845 const char *type,
a7922e20
RL		 846 const void *data, size_t data_len)
847{
848 const unsigned char *datap = data;
849 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
6511f686 850 int ok = TEST_FL_ptr(pkey);
a7922e20
RL		 851
852 EVP_PKEY_free(pkey);
853 return ok;
854}
855
856static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
857{
6511f686 858 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
ae12eac0 859 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
973a52ce
RL		 860 "MSBLOB", NULL, NULL, NULL,
861 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
b565a17d 862 test_mem, check_public_MSBLOB, dump_der, 0);
a7922e20 863}
a7922e20 864
7c664b1f 865#define KEYS(KEYTYPE) \
1251cddf 866 static EVP_PKEY *key_##KEYTYPE = NULL
7c664b1f
RL		 867#define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
868 ok = ok \
1251cddf 869 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
7c664b1f
RL		 870#define FREE_KEYS(KEYTYPE) \
871 EVP_PKEY_free(key_##KEYTYPE); \
7c664b1f
RL		 872
873#define DOMAIN_KEYS(KEYTYPE) \
874 static EVP_PKEY *template_##KEYTYPE = NULL; \
1251cddf 875 static EVP_PKEY *key_##KEYTYPE = NULL
7c664b1f
RL		 876#define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
877 ok = ok \
878 && TEST_ptr(template_##KEYTYPE = \
879 make_template(KEYTYPEstr, params)) \
880 && TEST_ptr(key_##KEYTYPE = \
1251cddf 881 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
7c664b1f
RL		 882#define FREE_DOMAIN_KEYS(KEYTYPE) \
883 EVP_PKEY_free(template_##KEYTYPE); \
1251cddf 884 EVP_PKEY_free(key_##KEYTYPE)
7c664b1f 885
e8a41459 886#define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \
7c664b1f
RL		 887 static int test_unprotected_##KEYTYPE##_via_DER(void) \
888 { \
e8a41459 889 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
7c664b1f
RL		 890 } \
891 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
892 { \
e8a41459 893 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
7c664b1f 894 } \
7c664b1f
RL		 895 static int test_protected_##KEYTYPE##_via_DER(void) \
896 { \
e8a41459 897 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
7c664b1f
RL		 898 } \
899 static int test_protected_##KEYTYPE##_via_PEM(void) \
900 { \
e8a41459 901 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
7c664b1f 902 } \
7c664b1f
RL		 903 static int test_public_##KEYTYPE##_via_DER(void) \
904 { \
e8a41459 905 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
7c664b1f
RL		 906 } \
907 static int test_public_##KEYTYPE##_via_PEM(void) \
908 { \
e8a41459 909 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
7c664b1f
RL		 910 }
911
912#define ADD_TEST_SUITE(KEYTYPE) \
913 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
914 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
7c664b1f
RL		 915 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
916 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
7c664b1f
RL		 917 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
918 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
919
b565a17d
MC		 920#define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
921 static int test_params_##KEYTYPE##_via_DER(void) \
922 { \
923 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
924 } \
925 static int test_params_##KEYTYPE##_via_PEM(void) \
926 { \
927 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
928 }
929
930#define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
931 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
932 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
933
bddfea02
RL		 934#define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
935 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
936 { \
1251cddf
RL		 937 return \
938 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
bddfea02
RL		 939 } \
940 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
941 { \
1251cddf
RL		 942 return \
943 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
bddfea02
RL		 944 }
945
2e1bc081
RL		 946#define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
947 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
bddfea02
RL		 948 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
949
2e1bc081 950#define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
a7922e20
RL		 951 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
952 { \
953 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
954 } \
955 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
956 { \
957 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
958 }
959
2e1bc081
RL		 960#define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
961 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
a7922e20
RL		 962 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
963
5faec149 964#define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
a7922e20
RL		 965 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
966 { \
967 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
5faec149
RL		 968 }
969# define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
970 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
971#ifndef OPENSSL_NO_RC4
972# define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
a7922e20
RL		 973 static int test_protected_##KEYTYPE##_via_PVK(void) \
974 { \
975 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
976 }
5faec149 977# define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
a7922e20 978 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
a7922e20
RL		 979#endif
980
7c664b1f
RL		 981#ifndef OPENSSL_NO_DH
982DOMAIN_KEYS(DH);
e8a41459 983IMPLEMENT_TEST_SUITE(DH, "DH", 1)
b565a17d 984IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
31d2daec 985DOMAIN_KEYS(DHX);
e8a41459 986IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1)
b565a17d 987IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
bddfea02
RL		 988/*
989 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
990 * so no legacy tests.
991 */
7c664b1f
RL		 992#endif
993#ifndef OPENSSL_NO_DSA
994DOMAIN_KEYS(DSA);
e8a41459 995IMPLEMENT_TEST_SUITE(DSA, "DSA", 1)
b565a17d 996IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
bddfea02 997IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
a7922e20 998IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
5faec149
RL		 999IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
1000# ifndef OPENSSL_NO_RC4
1001IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
1002# endif
7c664b1f
RL		 1003#endif
1004#ifndef OPENSSL_NO_EC
1005DOMAIN_KEYS(EC);
e8a41459 1006IMPLEMENT_TEST_SUITE(EC, "EC", 1)
b565a17d 1007IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
bddfea02 1008IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
c0f39ded 1009DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
e8a41459 1010IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
bddfea02 1011IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
c0f39ded 1012DOMAIN_KEYS(ECExplicitPrime2G);
e8a41459 1013IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)
bddfea02 1014IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
c0f39ded
SL		 1015# ifndef OPENSSL_NO_EC2M
1016DOMAIN_KEYS(ECExplicitTriNamedCurve);
e8a41459 1017IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
bddfea02 1018IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
c0f39ded 1019DOMAIN_KEYS(ECExplicitTri2G);
e8a41459 1020IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0)
bddfea02 1021IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
c0f39ded 1022# endif
7c664b1f 1023KEYS(ED25519);
e8a41459 1024IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1)
7c664b1f 1025KEYS(ED448);
e8a41459 1026IMPLEMENT_TEST_SUITE(ED448, "ED448", 1)
7c664b1f 1027KEYS(X25519);
e8a41459 1028IMPLEMENT_TEST_SUITE(X25519, "X25519", 1)
7c664b1f 1029KEYS(X448);
e8a41459 1030IMPLEMENT_TEST_SUITE(X448, "X448", 1)
bddfea02
RL		 1031/*
1032 * ED25519, ED448, X25519 and X448 have no support for
1033 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1034 */
7c664b1f
RL		 1035#endif
1036KEYS(RSA);
e8a41459 1037IMPLEMENT_TEST_SUITE(RSA, "RSA", 1)
bddfea02 1038IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
7c664b1f 1039KEYS(RSA_PSS);
e8a41459 1040IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1)
bddfea02
RL		 1041/*
1042 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1043 * so no legacy tests.
1044 */
a7922e20 1045IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
5faec149
RL		 1046IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
1047#ifndef OPENSSL_NO_RC4
1048IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1049#endif
3ff8159a 1050
c0f39ded
SL		 1051#ifndef OPENSSL_NO_EC
1052/* Explicit parameters that match a named curve */
1053static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1054 const unsigned char *gen,
1055 size_t gen_len)
1056{
1057 BIGNUM *a, *b, *prime, *order;
1058
1059 /* Curve prime256v1 */
1060 static const unsigned char prime_data[] = {
1061 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1062 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1063 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1064 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1065 0xff
1066 };
1067 static const unsigned char a_data[] = {
1068 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1069 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1070 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1071 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1072 0xfc
1073 };
1074 static const unsigned char b_data[] = {
1075 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1076 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1077 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1078 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1079 };
1080 static const unsigned char seed[] = {
1081 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1082 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1083 0x81, 0x9f, 0x7e, 0x90
1084 };
1085 static const unsigned char order_data[] = {
1086 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1087 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1088 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1089 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1090 };
1091 return TEST_ptr(a = BN_CTX_get(bnctx))
1092 && TEST_ptr(b = BN_CTX_get(bnctx))
1093 && TEST_ptr(prime = BN_CTX_get(bnctx))
1094 && TEST_ptr(order = BN_CTX_get(bnctx))
1095 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1096 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1097 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1098 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1099 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1100 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1101 0))
1102 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1103 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1104 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1105 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1106 OSSL_PKEY_PARAM_EC_ORDER, order))
1107 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1108 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1109 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1110 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1111 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1112 BN_value_one()));
1113}
1114
1115static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1116{
1117 static const unsigned char prime256v1_gen[] = {
1118 0x04,
1119 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1120 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1121 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1122 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1123 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1124 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1125 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1126 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1127 };
1128 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1129 sizeof(prime256v1_gen));
1130}
1131
1132static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1133{
1134 /* 2G */
1135 static const unsigned char prime256v1_gen2[] = {
1136 0x04,
1137 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1138 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1139 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1140 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1141 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1142 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1143 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1144 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1145 };
1146 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1147 sizeof(prime256v1_gen2));
1148}
1149
1150# ifndef OPENSSL_NO_EC2M
1151static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1152 const unsigned char *gen,
1153 size_t gen_len)
1154{
1155 BIGNUM *a, *b, *poly, *order, *cofactor;
1156 /* sect233k1 characteristic-two-field tpBasis */
1157 static const unsigned char poly_data[] = {
1158 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1159 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1160 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1161 };
1162 static const unsigned char a_data[] = {
1163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1164 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1165 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1166 };
1167 static const unsigned char b_data[] = {
1168 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1169 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1170 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1171 };
1172 static const unsigned char order_data[] = {
1173 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1174 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1175 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1176 };
1177 static const unsigned char cofactor_data[]= {
1178 0x4
1179 };
1180 return TEST_ptr(a = BN_CTX_get(bnctx))
1181 && TEST_ptr(b = BN_CTX_get(bnctx))
1182 && TEST_ptr(poly = BN_CTX_get(bnctx))
1183 && TEST_ptr(order = BN_CTX_get(bnctx))
1184 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1185 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1186 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1187 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1188 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1189 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1190 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1191 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1192 SN_X9_62_characteristic_two_field, 0))
1193 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1194 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1195 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1196 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1197 OSSL_PKEY_PARAM_EC_ORDER, order))
1198 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1199 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1200 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1201 cofactor));
1202}
1203
1204static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1205{
1206 static const unsigned char gen[] = {
1207 0x04,
1208 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1209 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1210 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1211 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1212 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1213 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1214 };
1215 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1216}
1217
1218static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1219{
1220 static const unsigned char gen2[] = {
1221 0x04,
1222 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1223 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1224 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1225 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1226 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1227 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1228 };
1229 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1230}
1231# endif /* OPENSSL_NO_EC2M */
1232#endif /* OPENSSL_NO_EC */
1233
169eca60
JS		 1234typedef enum OPTION_choice {
1235 OPT_ERR = -1,
1236 OPT_EOF = 0,
1237 OPT_CONTEXT,
1238 OPT_RSA_FILE,
1239 OPT_RSA_PSS_FILE,
1240 OPT_CONFIG_FILE,
1241 OPT_PROVIDER_NAME,
1242 OPT_TEST_ENUM
1243} OPTION_CHOICE;
1244
1245const OPTIONS *test_get_options(void)
1246{
1247 static const OPTIONS options[] = {
1248 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1249 { "context", OPT_CONTEXT, '-',
1250 "Explicitly use a non-default library context" },
1251 { "rsa", OPT_RSA_FILE, '<',
1252 "PEM format RSA key file to encode/decode" },
1253 { "pss", OPT_RSA_PSS_FILE, '<',
1254 "PEM format RSA-PSS key file to encode/decode" },
1255 { "config", OPT_CONFIG_FILE, '<',
1256 "The configuration file to use for the library context" },
1257 { "provider", OPT_PROVIDER_NAME, 's',
1258 "The provider to load (The default value is 'default')" },
1259 { NULL }
1260 };
1261 return options;
1262}
91f2b15f 1263
5a23d78c
RL		 1264int setup_tests(void)
1265{
169eca60
JS		 1266 const char *rsa_file = NULL;
1267 const char *rsa_pss_file = NULL;
1268 const char *prov_name = "default";
1269 char *config_file = NULL;
7c664b1f
RL		 1270 int ok = 1;
1271
a7922e20
RL		 1272#ifndef OPENSSL_NO_DSA
1273 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1274 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1275 OSSL_PARAM DSA_params[] = {
1276 OSSL_PARAM_size_t("pbits", &pbits),
1277 OSSL_PARAM_size_t("qbits", &qbits),
1278 OSSL_PARAM_END
1279 };
1280#endif
1281
7c664b1f
RL		 1282#ifndef OPENSSL_NO_EC
1283 static char groupname[] = "prime256v1";
1284 OSSL_PARAM EC_params[] = {
1285 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1286 OSSL_PARAM_END
1287 };
1288#endif
1289
169eca60
JS		 1290 OPTION_CHOICE o;
1291
1292 while ((o = opt_next()) != OPT_EOF) {
1293 switch (o) {
1294 case OPT_CONTEXT:
1295 default_libctx = 0;
1296 break;
1297 case OPT_PROVIDER_NAME:
1298 prov_name = opt_arg();
1299 break;
1300 case OPT_CONFIG_FILE:
1301 config_file = opt_arg();
1302 break;
1303 case OPT_RSA_FILE:
1304 rsa_file = opt_arg();
1305 break;
1306 case OPT_RSA_PSS_FILE:
1307 rsa_pss_file = opt_arg();
1308 break;
1309 case OPT_TEST_CASES:
1310 break;
1311 default:
1312 return 0;
1313 }
91f2b15f 1314 }
169eca60
JS		 1315
1316 if (strcmp(prov_name, "fips") == 0)
1317 is_fips = 1;
1318
1319 if (default_libctx) {
1320 if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name))
1321 return 0;
1322 } else {
1323 if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name))
1324 return 0;
91f2b15f 1325 }
7c664b1f 1326
e1289d90
TM		 1327 /* FIPS(3.0.0): provider imports explicit params but they won't work #17998 */
1328 is_fips_3_0_0 = fips_provider_version_eq(testctx, 3, 0, 0);
1329 if (is_fips_3_0_0 < 0)
1330 return 0;
1331
7ee992a5
MC		 1332#ifdef STATIC_LEGACY
1333 /*
1334 * This test is always statically linked against libcrypto. We must not
1335 * attempt to load legacy.so that might be dynamically linked against
1336 * libcrypto. Instead we use a built-in version of the legacy provider.
1337 */
1338 if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
1339 return 0;
1340#endif
1341
169eca60
JS		 1342 /* Separate provider/ctx for generating the test data */
1343 if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1344 return 0;
1345 if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default")))
1346 return 0;
1347
c0f39ded 1348#ifndef OPENSSL_NO_EC
169eca60 1349 if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx))
c0f39ded
SL		 1350 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1351 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1352 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1353 || !create_ec_explicit_prime_params(bld_prime)
1354 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1355 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1356# ifndef OPENSSL_NO_EC2M
1357 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1358 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1359 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1360 || !create_ec_explicit_trinomial_params(bld_tri)
1361 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1362 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1363# endif
1364 )
1365 return 0;
1366#endif
1367
e2ac846e 1368 TEST_info("Generating keys...");
c0f39ded 1369
7c664b1f 1370#ifndef OPENSSL_NO_DH
91f2b15f 1371 TEST_info("Generating DH keys...");
7c664b1f 1372 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
31d2daec 1373 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
7c664b1f
RL		 1374#endif
1375#ifndef OPENSSL_NO_DSA
91f2b15f 1376 TEST_info("Generating DSA keys...");
a7922e20 1377 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
7c664b1f
RL		 1378#endif
1379#ifndef OPENSSL_NO_EC
91f2b15f 1380 TEST_info("Generating EC keys...");
7c664b1f 1381 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
c0f39ded
SL		 1382 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1383 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1384# ifndef OPENSSL_NO_EC2M
1385 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1386 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1387# endif
7c664b1f
RL		 1388 MAKE_KEYS(ED25519, "ED25519", NULL);
1389 MAKE_KEYS(ED448, "ED448", NULL);
1390 MAKE_KEYS(X25519, "X25519", NULL);
1391 MAKE_KEYS(X448, "X448", NULL);
1392#endif
91f2b15f 1393 TEST_info("Loading RSA key...");
169eca60 1394 ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx));
91f2b15f 1395 TEST_info("Loading RSA_PSS key...");
169eca60 1396 ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx));
91f2b15f 1397 TEST_info("Generating keys done");
5a23d78c 1398
7c664b1f
RL		 1399 if (ok) {
1400#ifndef OPENSSL_NO_DH
1401 ADD_TEST_SUITE(DH);
b565a17d 1402 ADD_TEST_SUITE_PARAMS(DH);
31d2daec 1403 ADD_TEST_SUITE(DHX);
b565a17d 1404 ADD_TEST_SUITE_PARAMS(DHX);
bddfea02
RL		 1405 /*
1406 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1407 * so no legacy tests.
1408 */
7c664b1f
RL		 1409#endif
1410#ifndef OPENSSL_NO_DSA
1411 ADD_TEST_SUITE(DSA);
b565a17d 1412 ADD_TEST_SUITE_PARAMS(DSA);
bddfea02 1413 ADD_TEST_SUITE_LEGACY(DSA);
a7922e20 1414 ADD_TEST_SUITE_MSBLOB(DSA);
5faec149
RL		 1415 ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1416# ifndef OPENSSL_NO_RC4
169eca60 1417 ADD_TEST_SUITE_PROTECTED_PVK(DSA);
5faec149 1418# endif
7c664b1f
RL		 1419#endif
1420#ifndef OPENSSL_NO_EC
1421 ADD_TEST_SUITE(EC);
b565a17d 1422 ADD_TEST_SUITE_PARAMS(EC);
bddfea02 1423 ADD_TEST_SUITE_LEGACY(EC);
c0f39ded 1424 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
bddfea02 1425 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
c0f39ded 1426 ADD_TEST_SUITE(ECExplicitPrime2G);
bddfea02 1427 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
c0f39ded
SL		 1428# ifndef OPENSSL_NO_EC2M
1429 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
bddfea02 1430 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
c0f39ded 1431 ADD_TEST_SUITE(ECExplicitTri2G);
bddfea02 1432 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
c0f39ded 1433# endif
7c664b1f
RL		 1434 ADD_TEST_SUITE(ED25519);
1435 ADD_TEST_SUITE(ED448);
1436 ADD_TEST_SUITE(X25519);
1437 ADD_TEST_SUITE(X448);
bddfea02
RL		 1438 /*
1439 * ED25519, ED448, X25519 and X448 have no support for
1440 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1441 */
7c664b1f
RL		 1442#endif
1443 ADD_TEST_SUITE(RSA);
bddfea02 1444 ADD_TEST_SUITE_LEGACY(RSA);
7c664b1f 1445 ADD_TEST_SUITE(RSA_PSS);
bddfea02
RL		 1446 /*
1447 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1448 * so no legacy tests.
1449 */
a7922e20 1450 ADD_TEST_SUITE_MSBLOB(RSA);
5faec149
RL		 1451 ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1452# ifndef OPENSSL_NO_RC4
169eca60 1453 ADD_TEST_SUITE_PROTECTED_PVK(RSA);
5faec149 1454# endif
7c664b1f 1455 }
5a23d78c
RL		 1456
1457 return 1;
1458}
7c664b1f
RL		 1459
1460void cleanup_tests(void)
1461{
c0f39ded 1462#ifndef OPENSSL_NO_EC
3f883c7c
SL		 1463 OSSL_PARAM_free(ec_explicit_prime_params_nc);
1464 OSSL_PARAM_free(ec_explicit_prime_params_explicit);
c0f39ded
SL		 1465 OSSL_PARAM_BLD_free(bld_prime_nc);
1466 OSSL_PARAM_BLD_free(bld_prime);
1467# ifndef OPENSSL_NO_EC2M
3f883c7c
SL		 1468 OSSL_PARAM_free(ec_explicit_tri_params_nc);
1469 OSSL_PARAM_free(ec_explicit_tri_params_explicit);
c0f39ded
SL		 1470 OSSL_PARAM_BLD_free(bld_tri_nc);
1471 OSSL_PARAM_BLD_free(bld_tri);
1472# endif
1473 BN_CTX_free(bnctx);
1474#endif /* OPENSSL_NO_EC */
1475
7c664b1f
RL		 1476#ifndef OPENSSL_NO_DH
1477 FREE_DOMAIN_KEYS(DH);
31d2daec 1478 FREE_DOMAIN_KEYS(DHX);
7c664b1f
RL		 1479#endif
1480#ifndef OPENSSL_NO_DSA
1481 FREE_DOMAIN_KEYS(DSA);
1482#endif
1483#ifndef OPENSSL_NO_EC
1484 FREE_DOMAIN_KEYS(EC);
c0f39ded
SL		 1485 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1486 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1487# ifndef OPENSSL_NO_EC2M
1488 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1489 FREE_DOMAIN_KEYS(ECExplicitTri2G);
1490# endif
7c664b1f
RL		 1491 FREE_KEYS(ED25519);
1492 FREE_KEYS(ED448);
1493 FREE_KEYS(X25519);
1494 FREE_KEYS(X448);
1495#endif
1496 FREE_KEYS(RSA);
1497 FREE_KEYS(RSA_PSS);
169eca60
JS		 1498
1499 OSSL_PROVIDER_unload(nullprov);
1500 OSSL_PROVIDER_unload(deflprov);
1501 OSSL_PROVIDER_unload(keyprov);
1502 OSSL_LIB_CTX_free(testctx);
1503 OSSL_LIB_CTX_free(keyctx);
7c664b1f 1504}
A mirror of the official openssl repository