]>
Commit | Line | Data |
---|---|---|
5a23d78c | 1 | /* |
a28d06f3 | 2 | * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. |
5a23d78c RL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
3ecbea6a | 10 | #include <string.h> |
ae12eac0 | 11 | #include <openssl/core_dispatch.h> |
5a23d78c RL |
12 | #include <openssl/evp.h> |
13 | #include <openssl/pem.h> | |
14 | #include <openssl/rsa.h> | |
15 | #include <openssl/x509.h> | |
c0f39ded | 16 | #include <openssl/core_names.h> |
7c664b1f | 17 | #include <openssl/params.h> |
c0f39ded | 18 | #include <openssl/param_build.h> |
ece9304c RL |
19 | #include <openssl/encoder.h> |
20 | #include <openssl/decoder.h> | |
5a23d78c | 21 | |
e2ac846e | 22 | #include "internal/cryptlib.h" /* ossl_assert */ |
0934cf48 | 23 | #include "crypto/pem.h" /* For PVK and "blob" PEM headers */ |
4f0831b8 | 24 | #include "crypto/evp.h" /* For evp_pkey_is_provided() */ |
e2ac846e | 25 | |
20f8bc72 | 26 | #include "helpers/predefined_dhparams.h" |
5a23d78c RL |
27 | #include "testutil.h" |
28 | ||
6511f686 JS |
29 | /* Extended test macros to allow passing file & line number */ |
30 | #define TEST_FL_ptr(a) test_ptr(file, line, #a, a) | |
31 | #define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n) | |
32 | #define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n) | |
33 | #define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n) | |
34 | #define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b) | |
35 | #define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b) | |
36 | #define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b) | |
37 | #define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b) | |
38 | #define TEST_FL_true(a) test_true(file, line, #a, (a) != 0) | |
39 | ||
a2e145f8 RL |
40 | #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC) |
41 | # define OPENSSL_NO_KEYPARAMS | |
42 | #endif | |
43 | ||
169eca60 JS |
44 | static int default_libctx = 1; |
45 | static int is_fips = 0; | |
46 | ||
47 | static OSSL_LIB_CTX *testctx = NULL; | |
48 | static OSSL_LIB_CTX *keyctx = NULL; | |
49 | static char *testpropq = NULL; | |
50 | ||
51 | static OSSL_PROVIDER *nullprov = NULL; | |
52 | static OSSL_PROVIDER *deflprov = NULL; | |
53 | static OSSL_PROVIDER *keyprov = NULL; | |
54 | ||
c0f39ded SL |
55 | #ifndef OPENSSL_NO_EC |
56 | static BN_CTX *bnctx = NULL; | |
57 | static OSSL_PARAM_BLD *bld_prime_nc = NULL; | |
58 | static OSSL_PARAM_BLD *bld_prime = NULL; | |
59 | static OSSL_PARAM *ec_explicit_prime_params_nc = NULL; | |
60 | static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL; | |
61 | ||
62 | # ifndef OPENSSL_NO_EC2M | |
63 | static OSSL_PARAM_BLD *bld_tri_nc = NULL; | |
64 | static OSSL_PARAM_BLD *bld_tri = NULL; | |
65 | static OSSL_PARAM *ec_explicit_tri_params_nc = NULL; | |
66 | static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL; | |
67 | # endif | |
68 | #endif | |
69 | ||
a2e145f8 | 70 | #ifndef OPENSSL_NO_KEYPARAMS |
7c664b1f RL |
71 | static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams) |
72 | { | |
73 | EVP_PKEY *pkey = NULL; | |
5658470c DDO |
74 | EVP_PKEY_CTX *ctx = NULL; |
75 | ||
821d6f8c | 76 | # ifndef OPENSSL_NO_DH |
1234aa7e DDO |
77 | /* |
78 | * Use 512-bit DH(X) keys with predetermined parameters for efficiency, | |
79 | * for testing only. Use a minimum key size of 2048 for security purposes. | |
80 | */ | |
5658470c | 81 | if (strcmp(type, "DH") == 0) |
169eca60 JS |
82 | return get_dh512(keyctx); |
83 | ||
5658470c | 84 | if (strcmp(type, "X9.42 DH") == 0) |
169eca60 | 85 | return get_dhx512(keyctx); |
821d6f8c | 86 | # endif |
7c664b1f RL |
87 | |
88 | /* | |
89 | * No real need to check the errors other than for the cascade | |
90 | * effect. |pkey| will simply remain NULL if something goes wrong. | |
91 | */ | |
169eca60 | 92 | (void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL |
7c664b1f RL |
93 | && EVP_PKEY_paramgen_init(ctx) > 0 |
94 | && (genparams == NULL | |
95 | || EVP_PKEY_CTX_set_params(ctx, genparams) > 0) | |
f9253152 | 96 | && EVP_PKEY_generate(ctx, &pkey) > 0); |
7c664b1f RL |
97 | EVP_PKEY_CTX_free(ctx); |
98 | ||
99 | return pkey; | |
100 | } | |
821d6f8c | 101 | #endif |
5a23d78c | 102 | |
91f2b15f | 103 | #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) |
7c664b1f | 104 | static EVP_PKEY *make_key(const char *type, EVP_PKEY *template, |
1251cddf | 105 | OSSL_PARAM *genparams) |
5a23d78c RL |
106 | { |
107 | EVP_PKEY *pkey = NULL; | |
7c664b1f RL |
108 | EVP_PKEY_CTX *ctx = |
109 | template != NULL | |
169eca60 JS |
110 | ? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq) |
111 | : EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq); | |
5a23d78c RL |
112 | |
113 | /* | |
114 | * No real need to check the errors other than for the cascade | |
7c664b1f | 115 | * effect. |pkey| will simply remain NULL if something goes wrong. |
5a23d78c RL |
116 | */ |
117 | (void)(ctx != NULL | |
118 | && EVP_PKEY_keygen_init(ctx) > 0 | |
7c664b1f RL |
119 | && (genparams == NULL |
120 | || EVP_PKEY_CTX_set_params(ctx, genparams) > 0) | |
5a23d78c RL |
121 | && EVP_PKEY_keygen(ctx, &pkey) > 0); |
122 | EVP_PKEY_CTX_free(ctx); | |
5a23d78c RL |
123 | return pkey; |
124 | } | |
91f2b15f | 125 | #endif |
5a23d78c RL |
126 | |
127 | /* Main test driver */ | |
128 | ||
6511f686 JS |
129 | typedef int (encoder)(const char *file, const int line, |
130 | void **encoded, long *encoded_len, | |
973a52ce RL |
131 | void *object, int selection, |
132 | const char *output_type, const char *output_structure, | |
ae12eac0 | 133 | const char *pass, const char *pcipher); |
6511f686 JS |
134 | typedef int (decoder)(const char *file, const int line, |
135 | void **object, void *encoded, long encoded_len, | |
ff1c10d9 RL |
136 | const char *input_type, const char *structure_type, |
137 | const char *keytype, int selection, const char *pass); | |
6511f686 JS |
138 | typedef int (tester)(const char *file, const int line, |
139 | const void *data1, size_t data1_len, | |
319d0b2b | 140 | const void *data2, size_t data2_len); |
6511f686 JS |
141 | typedef int (checker)(const char *file, const int line, |
142 | const char *type, const void *data, size_t data_len); | |
5a23d78c RL |
143 | typedef void (dumper)(const char *label, const void *data, size_t data_len); |
144 | ||
b565a17d MC |
145 | #define FLAG_DECODE_WITH_TYPE 0x0001 |
146 | ||
6511f686 JS |
147 | static int test_encode_decode(const char *file, const int line, |
148 | const char *type, EVP_PKEY *pkey, | |
973a52ce RL |
149 | int selection, const char *output_type, |
150 | const char *output_structure, | |
1251cddf RL |
151 | const char *pass, const char *pcipher, |
152 | encoder *encode_cb, decoder *decode_cb, | |
153 | tester *test_cb, checker *check_cb, | |
b565a17d | 154 | dumper *dump_cb, int flags) |
5a23d78c | 155 | { |
ece9304c RL |
156 | void *encoded = NULL; |
157 | long encoded_len = 0; | |
5a23d78c | 158 | EVP_PKEY *pkey2 = NULL; |
ece9304c RL |
159 | void *encoded2 = NULL; |
160 | long encoded2_len = 0; | |
5a23d78c RL |
161 | int ok = 0; |
162 | ||
ae12eac0 RL |
163 | /* |
164 | * Encode |pkey|, decode the result into |pkey2|, and finish off by | |
165 | * encoding |pkey2| as well. That last encoding is for checking and | |
166 | * dumping purposes. | |
167 | */ | |
6511f686 | 168 | if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection, |
973a52ce | 169 | output_type, output_structure, pass, pcipher)) |
6511f686 JS |
170 | || !TEST_true(check_cb(file, line, type, encoded, encoded_len)) |
171 | || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len, | |
ff1c10d9 | 172 | output_type, output_structure, |
b565a17d | 173 | (flags & FLAG_DECODE_WITH_TYPE ? type : NULL), |
ff1c10d9 | 174 | selection, pass)) |
6511f686 | 175 | || !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection, |
973a52ce | 176 | output_type, output_structure, pass, pcipher))) |
ae12eac0 RL |
177 | goto end; |
178 | ||
b565a17d MC |
179 | if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) { |
180 | if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1)) | |
181 | goto end; | |
182 | } else { | |
183 | if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)) | |
184 | goto end; | |
185 | } | |
5a23d78c RL |
186 | |
187 | /* | |
ece9304c | 188 | * Double check the encoding, but only for unprotected keys, |
3ecbea6a RL |
189 | * as protected keys have a random component, which makes the output |
190 | * differ. | |
5a23d78c | 191 | */ |
3ecbea6a | 192 | if ((pass == NULL && pcipher == NULL) |
6511f686 | 193 | && !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len)) |
5a23d78c RL |
194 | goto end; |
195 | ||
196 | ok = 1; | |
197 | end: | |
319d0b2b | 198 | if (!ok) { |
ece9304c | 199 | if (encoded != NULL && encoded_len != 0) |
ae12eac0 | 200 | dump_cb("|pkey| encoded", encoded, encoded_len); |
ece9304c | 201 | if (encoded2 != NULL && encoded2_len != 0) |
ae12eac0 | 202 | dump_cb("|pkey2| encoded", encoded2, encoded2_len); |
319d0b2b | 203 | } |
5a23d78c | 204 | |
ece9304c RL |
205 | OPENSSL_free(encoded); |
206 | OPENSSL_free(encoded2); | |
5a23d78c RL |
207 | EVP_PKEY_free(pkey2); |
208 | return ok; | |
209 | } | |
210 | ||
973a52ce | 211 | /* Encoding and decoding methods */ |
5a23d78c | 212 | |
6511f686 JS |
213 | static int encode_EVP_PKEY_prov(const char *file, const int line, |
214 | void **encoded, long *encoded_len, | |
973a52ce RL |
215 | void *object, int selection, |
216 | const char *output_type, | |
217 | const char *output_structure, | |
ae12eac0 | 218 | const char *pass, const char *pcipher) |
5a23d78c RL |
219 | { |
220 | EVP_PKEY *pkey = object; | |
ece9304c | 221 | OSSL_ENCODER_CTX *ectx = NULL; |
5a23d78c RL |
222 | BIO *mem_ser = NULL; |
223 | BUF_MEM *mem_buf = NULL; | |
3ecbea6a | 224 | const unsigned char *upass = (const unsigned char *)pass; |
5a23d78c RL |
225 | int ok = 0; |
226 | ||
6511f686 | 227 | if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection, |
fe75766c TM |
228 | output_type, |
229 | output_structure, | |
169eca60 | 230 | testpropq)) |
6511f686 | 231 | || !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0) |
3ecbea6a | 232 | || (pass != NULL |
6511f686 | 233 | && !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass, |
ae12eac0 | 234 | strlen(pass)))) |
3ecbea6a | 235 | || (pcipher != NULL |
6511f686 JS |
236 | && !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL))) |
237 | || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())) | |
238 | || !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser)) | |
239 | || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0) | |
240 | || !TEST_FL_ptr(*encoded = mem_buf->data) | |
241 | || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0)) | |
5a23d78c RL |
242 | goto end; |
243 | ||
ece9304c | 244 | /* Detach the encoded output */ |
5a23d78c RL |
245 | mem_buf->data = NULL; |
246 | mem_buf->length = 0; | |
247 | ok = 1; | |
248 | end: | |
249 | BIO_free(mem_ser); | |
ece9304c | 250 | OSSL_ENCODER_CTX_free(ectx); |
5a23d78c RL |
251 | return ok; |
252 | } | |
253 | ||
6511f686 JS |
254 | static int decode_EVP_PKEY_prov(const char *file, const int line, |
255 | void **object, void *encoded, long encoded_len, | |
ff1c10d9 RL |
256 | const char *input_type, |
257 | const char *structure_type, | |
258 | const char *keytype, int selection, | |
259 | const char *pass) | |
5a23d78c | 260 | { |
b565a17d | 261 | EVP_PKEY *pkey = NULL, *testpkey = NULL; |
ece9304c | 262 | OSSL_DECODER_CTX *dctx = NULL; |
b565a17d | 263 | BIO *encoded_bio = NULL; |
3ecbea6a | 264 | const unsigned char *upass = (const unsigned char *)pass; |
5a23d78c | 265 | int ok = 0; |
b565a17d MC |
266 | int i; |
267 | const char *badtype; | |
5a23d78c | 268 | |
b565a17d MC |
269 | if (strcmp(input_type, "DER") == 0) |
270 | badtype = "PEM"; | |
271 | else | |
272 | badtype = "DER"; | |
273 | ||
6511f686 | 274 | if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len))) |
5a23d78c | 275 | goto end; |
b565a17d MC |
276 | |
277 | /* | |
278 | * We attempt the decode 3 times. The first time we provide the expected | |
279 | * starting input type. The second time we provide NULL for the starting | |
280 | * type. The third time we provide a bad starting input type. | |
281 | * The bad starting input type should fail. The other two should succeed | |
282 | * and produce the same result. | |
283 | */ | |
284 | for (i = 0; i < 3; i++) { | |
285 | const char *testtype = (i == 0) ? input_type | |
286 | : ((i == 1) ? NULL : badtype); | |
287 | ||
6511f686 | 288 | if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey, |
fe75766c | 289 | testtype, |
ff1c10d9 | 290 | structure_type, |
fe75766c TM |
291 | keytype, |
292 | selection, | |
169eca60 | 293 | testctx, testpropq)) |
b565a17d MC |
294 | || (pass != NULL |
295 | && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass))) | |
6511f686 | 296 | || !TEST_FL_int_gt(BIO_reset(encoded_bio), 0) |
b565a17d | 297 | /* We expect to fail when using a bad input type */ |
6511f686 | 298 | || !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio), |
b565a17d MC |
299 | (i == 2) ? 0 : 1)) |
300 | goto end; | |
301 | OSSL_DECODER_CTX_free(dctx); | |
302 | dctx = NULL; | |
303 | ||
304 | if (i == 0) { | |
305 | pkey = testpkey; | |
306 | testpkey = NULL; | |
307 | } else if (i == 1) { | |
308 | if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) { | |
6511f686 | 309 | if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1)) |
b565a17d MC |
310 | goto end; |
311 | } else { | |
6511f686 | 312 | if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1)) |
b565a17d MC |
313 | goto end; |
314 | } | |
315 | } | |
316 | } | |
5a23d78c RL |
317 | ok = 1; |
318 | *object = pkey; | |
b565a17d MC |
319 | pkey = NULL; |
320 | ||
5a23d78c | 321 | end: |
b565a17d MC |
322 | EVP_PKEY_free(pkey); |
323 | EVP_PKEY_free(testpkey); | |
324 | BIO_free(encoded_bio); | |
ece9304c | 325 | OSSL_DECODER_CTX_free(dctx); |
5a23d78c RL |
326 | return ok; |
327 | } | |
328 | ||
6511f686 JS |
329 | static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line, |
330 | void **encoded, long *encoded_len, | |
973a52ce RL |
331 | void *object, ossl_unused int selection, |
332 | ossl_unused const char *output_type, | |
333 | ossl_unused const char *output_structure, | |
ae12eac0 | 334 | const char *pass, const char *pcipher) |
e2ac846e RL |
335 | { |
336 | EVP_PKEY *pkey = object; | |
337 | EVP_CIPHER *cipher = NULL; | |
338 | BIO *mem_ser = NULL; | |
339 | BUF_MEM *mem_buf = NULL; | |
340 | const unsigned char *upass = (const unsigned char *)pass; | |
341 | size_t passlen = 0; | |
342 | int ok = 0; | |
343 | ||
344 | if (pcipher != NULL && pass != NULL) { | |
345 | passlen = strlen(pass); | |
169eca60 | 346 | if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq))) |
e2ac846e RL |
347 | goto end; |
348 | } | |
6511f686 JS |
349 | if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())) |
350 | || !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey, | |
e2ac846e RL |
351 | cipher, |
352 | upass, passlen, | |
353 | NULL, NULL)) | |
6511f686 JS |
354 | || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0) |
355 | || !TEST_FL_ptr(*encoded = mem_buf->data) | |
356 | || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0)) | |
e2ac846e RL |
357 | goto end; |
358 | ||
ece9304c | 359 | /* Detach the encoded output */ |
e2ac846e RL |
360 | mem_buf->data = NULL; |
361 | mem_buf->length = 0; | |
362 | ok = 1; | |
363 | end: | |
364 | BIO_free(mem_ser); | |
365 | EVP_CIPHER_free(cipher); | |
366 | return ok; | |
367 | } | |
368 | ||
6511f686 JS |
369 | static int encode_EVP_PKEY_MSBLOB(const char *file, const int line, |
370 | void **encoded, long *encoded_len, | |
973a52ce | 371 | void *object, int selection, |
ae12eac0 | 372 | ossl_unused const char *output_type, |
973a52ce | 373 | ossl_unused const char *output_structure, |
1251cddf | 374 | ossl_unused const char *pass, |
ae12eac0 | 375 | ossl_unused const char *pcipher) |
a7922e20 RL |
376 | { |
377 | EVP_PKEY *pkey = object; | |
378 | BIO *mem_ser = NULL; | |
379 | BUF_MEM *mem_buf = NULL; | |
380 | int ok = 0; | |
381 | ||
6511f686 | 382 | if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))) |
a7922e20 RL |
383 | goto end; |
384 | ||
973a52ce | 385 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { |
6511f686 | 386 | if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0)) |
973a52ce RL |
387 | goto end; |
388 | } else { | |
6511f686 | 389 | if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0)) |
973a52ce RL |
390 | goto end; |
391 | } | |
a7922e20 | 392 | |
6511f686 JS |
393 | if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0) |
394 | || !TEST_FL_ptr(*encoded = mem_buf->data) | |
395 | || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0)) | |
a7922e20 RL |
396 | goto end; |
397 | ||
ece9304c | 398 | /* Detach the encoded output */ |
a7922e20 RL |
399 | mem_buf->data = NULL; |
400 | mem_buf->length = 0; | |
401 | ok = 1; | |
402 | end: | |
403 | BIO_free(mem_ser); | |
404 | return ok; | |
405 | } | |
406 | ||
a7922e20 RL |
407 | static pem_password_cb pass_pw; |
408 | static int pass_pw(char *buf, int size, int rwflag, void *userdata) | |
409 | { | |
410 | OPENSSL_strlcpy(buf, userdata, size); | |
411 | return strlen(userdata); | |
412 | } | |
413 | ||
6511f686 JS |
414 | static int encode_EVP_PKEY_PVK(const char *file, const int line, |
415 | void **encoded, long *encoded_len, | |
973a52ce | 416 | void *object, int selection, |
ae12eac0 | 417 | ossl_unused const char *output_type, |
973a52ce | 418 | ossl_unused const char *output_structure, |
1251cddf | 419 | const char *pass, |
ae12eac0 | 420 | ossl_unused const char *pcipher) |
a7922e20 RL |
421 | { |
422 | EVP_PKEY *pkey = object; | |
423 | BIO *mem_ser = NULL; | |
424 | BUF_MEM *mem_buf = NULL; | |
425 | int enc = (pass != NULL); | |
426 | int ok = 0; | |
427 | ||
6511f686 | 428 | if (!TEST_FL_true(ossl_assert((selection |
973a52ce | 429 | & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)) |
6511f686 | 430 | || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())) |
169eca60 JS |
431 | || !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc, |
432 | pass_pw, (void *)pass, testctx, testpropq), 0) | |
6511f686 JS |
433 | || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0) |
434 | || !TEST_FL_ptr(*encoded = mem_buf->data) | |
435 | || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0)) | |
a7922e20 RL |
436 | goto end; |
437 | ||
ece9304c | 438 | /* Detach the encoded output */ |
a7922e20 RL |
439 | mem_buf->data = NULL; |
440 | mem_buf->length = 0; | |
441 | ok = 1; | |
442 | end: | |
443 | BIO_free(mem_ser); | |
444 | return ok; | |
445 | } | |
a7922e20 | 446 | |
6511f686 JS |
447 | static int test_text(const char *file, const int line, |
448 | const void *data1, size_t data1_len, | |
319d0b2b RL |
449 | const void *data2, size_t data2_len) |
450 | { | |
6511f686 | 451 | return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len); |
319d0b2b RL |
452 | } |
453 | ||
6511f686 JS |
454 | static int test_mem(const char *file, const int line, |
455 | const void *data1, size_t data1_len, | |
319d0b2b RL |
456 | const void *data2, size_t data2_len) |
457 | { | |
6511f686 | 458 | return TEST_FL_mem_eq(data1, data1_len, data2, data2_len); |
319d0b2b RL |
459 | } |
460 | ||
5a23d78c RL |
461 | /* Test cases and their dumpers / checkers */ |
462 | ||
ae12eac0 RL |
463 | static void collect_name(const char *name, void *arg) |
464 | { | |
465 | char **namelist = arg; | |
466 | char *new_namelist; | |
467 | size_t space; | |
468 | ||
469 | space = strlen(name); | |
470 | if (*namelist != NULL) | |
471 | space += strlen(*namelist) + 2 /* for comma and space */; | |
472 | space++; /* for terminating null byte */ | |
473 | ||
474 | new_namelist = OPENSSL_realloc(*namelist, space); | |
475 | if (new_namelist == NULL) | |
476 | return; | |
477 | if (*namelist != NULL) { | |
478 | strcat(new_namelist, ", "); | |
479 | strcat(new_namelist, name); | |
480 | } else { | |
481 | strcpy(new_namelist, name); | |
482 | } | |
483 | *namelist = new_namelist; | |
484 | } | |
485 | ||
5a23d78c RL |
486 | static void dump_der(const char *label, const void *data, size_t data_len) |
487 | { | |
488 | test_output_memory(label, data, data_len); | |
489 | } | |
490 | ||
491 | static void dump_pem(const char *label, const void *data, size_t data_len) | |
492 | { | |
493 | test_output_string(label, data, data_len - 1); | |
494 | } | |
495 | ||
6511f686 JS |
496 | static int check_unprotected_PKCS8_DER(const char *file, const int line, |
497 | const char *type, | |
3ecbea6a | 498 | const void *data, size_t data_len) |
5a23d78c RL |
499 | { |
500 | const unsigned char *datap = data; | |
501 | PKCS8_PRIV_KEY_INFO *p8inf = | |
502 | d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len); | |
503 | int ok = 0; | |
504 | ||
6511f686 | 505 | if (TEST_FL_ptr(p8inf)) { |
169eca60 | 506 | EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq); |
ae12eac0 RL |
507 | char *namelist = NULL; |
508 | ||
6511f686 JS |
509 | if (TEST_FL_ptr(pkey)) { |
510 | if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) { | |
ddf0d149 | 511 | EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist); |
ae12eac0 RL |
512 | if (namelist != NULL) |
513 | TEST_note("%s isn't any of %s", type, namelist); | |
514 | OPENSSL_free(namelist); | |
515 | } | |
4f0831b8 | 516 | ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey)); |
ae12eac0 RL |
517 | EVP_PKEY_free(pkey); |
518 | } | |
5a23d78c RL |
519 | } |
520 | PKCS8_PRIV_KEY_INFO_free(p8inf); | |
521 | return ok; | |
522 | } | |
523 | ||
7c664b1f | 524 | static int test_unprotected_via_DER(const char *type, EVP_PKEY *key) |
846f96f8 | 525 | { |
6511f686 | 526 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 527 | OSSL_KEYMGMT_SELECT_KEYPAIR |
169eca60 | 528 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, |
6a2b8ff3 | 529 | "DER", "PrivateKeyInfo", NULL, NULL, |
1251cddf | 530 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
ae12eac0 | 531 | test_mem, check_unprotected_PKCS8_DER, |
b565a17d | 532 | dump_der, 0); |
846f96f8 RL |
533 | } |
534 | ||
6511f686 JS |
535 | static int check_unprotected_PKCS8_PEM(const char *file, const int line, |
536 | const char *type, | |
3ecbea6a | 537 | const void *data, size_t data_len) |
5a23d78c | 538 | { |
ae12eac0 RL |
539 | static const char expected_pem_header[] = |
540 | "-----BEGIN " PEM_STRING_PKCS8INF "-----"; | |
5a23d78c | 541 | |
6511f686 | 542 | return TEST_FL_strn_eq(data, expected_pem_header, |
ae12eac0 | 543 | sizeof(expected_pem_header) - 1); |
5a23d78c RL |
544 | } |
545 | ||
7c664b1f | 546 | static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key) |
5a23d78c | 547 | { |
169eca60 JS |
548 | return test_encode_decode(__FILE__, __LINE__, type, key, |
549 | OSSL_KEYMGMT_SELECT_KEYPAIR | |
550 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, | |
6a2b8ff3 | 551 | "PEM", "PrivateKeyInfo", NULL, NULL, |
1251cddf | 552 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
ae12eac0 | 553 | test_text, check_unprotected_PKCS8_PEM, |
b565a17d MC |
554 | dump_pem, 0); |
555 | } | |
556 | ||
a2e145f8 | 557 | #ifndef OPENSSL_NO_KEYPARAMS |
6511f686 JS |
558 | static int check_params_DER(const char *file, const int line, |
559 | const char *type, const void *data, size_t data_len) | |
b565a17d MC |
560 | { |
561 | const unsigned char *datap = data; | |
562 | int ok = 0; | |
563 | int itype = NID_undef; | |
564 | EVP_PKEY *pkey = NULL; | |
565 | ||
566 | if (strcmp(type, "DH") == 0) | |
567 | itype = EVP_PKEY_DH; | |
568 | else if (strcmp(type, "X9.42 DH") == 0) | |
569 | itype = EVP_PKEY_DHX; | |
570 | else if (strcmp(type, "DSA") == 0) | |
571 | itype = EVP_PKEY_DSA; | |
572 | else if (strcmp(type, "EC") == 0) | |
573 | itype = EVP_PKEY_EC; | |
574 | ||
575 | if (itype != NID_undef) { | |
576 | pkey = d2i_KeyParams(itype, NULL, &datap, data_len); | |
577 | ok = (pkey != NULL); | |
578 | EVP_PKEY_free(pkey); | |
579 | } | |
580 | ||
581 | return ok; | |
582 | } | |
583 | ||
6511f686 JS |
584 | static int check_params_PEM(const char *file, const int line, |
585 | const char *type, | |
586 | const void *data, size_t data_len) | |
b565a17d MC |
587 | { |
588 | static char expected_pem_header[80]; | |
589 | ||
590 | return | |
6511f686 | 591 | TEST_FL_int_gt(BIO_snprintf(expected_pem_header, |
b565a17d MC |
592 | sizeof(expected_pem_header), |
593 | "-----BEGIN %s PARAMETERS-----", type), 0) | |
6511f686 | 594 | && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header)); |
b565a17d MC |
595 | } |
596 | ||
597 | static int test_params_via_DER(const char *type, EVP_PKEY *key) | |
598 | { | |
6511f686 | 599 | return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 600 | "DER", "type-specific", NULL, NULL, |
b565a17d MC |
601 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
602 | test_mem, check_params_DER, | |
603 | dump_der, FLAG_DECODE_WITH_TYPE); | |
604 | } | |
605 | ||
606 | static int test_params_via_PEM(const char *type, EVP_PKEY *key) | |
607 | { | |
6511f686 | 608 | return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 609 | "PEM", "type-specific", NULL, NULL, |
b565a17d MC |
610 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
611 | test_text, check_params_PEM, | |
612 | dump_pem, 0); | |
e2ac846e | 613 | } |
a2e145f8 | 614 | #endif /* !OPENSSL_NO_KEYPARAMS */ |
e2ac846e | 615 | |
6511f686 JS |
616 | static int check_unprotected_legacy_PEM(const char *file, const int line, |
617 | const char *type, | |
e2ac846e RL |
618 | const void *data, size_t data_len) |
619 | { | |
ae12eac0 | 620 | static char expected_pem_header[80]; |
e2ac846e | 621 | |
846f96f8 | 622 | return |
6511f686 | 623 | TEST_FL_int_gt(BIO_snprintf(expected_pem_header, |
ae12eac0 | 624 | sizeof(expected_pem_header), |
846f96f8 | 625 | "-----BEGIN %s PRIVATE KEY-----", type), 0) |
6511f686 | 626 | && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header)); |
e2ac846e RL |
627 | } |
628 | ||
7c664b1f | 629 | static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key) |
846f96f8 | 630 | { |
169eca60 JS |
631 | if (!default_libctx || is_fips) |
632 | return TEST_skip("Test not available if using a non-default library context or FIPS provider"); | |
633 | ||
6511f686 | 634 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 635 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 636 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 637 | "PEM", "type-specific", NULL, NULL, |
1251cddf | 638 | encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov, |
ae12eac0 | 639 | test_text, check_unprotected_legacy_PEM, |
b565a17d | 640 | dump_pem, 0); |
3ecbea6a RL |
641 | } |
642 | ||
6511f686 JS |
643 | static int check_MSBLOB(const char *file, const int line, |
644 | const char *type, const void *data, size_t data_len) | |
a7922e20 RL |
645 | { |
646 | const unsigned char *datap = data; | |
647 | EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len); | |
6511f686 | 648 | int ok = TEST_FL_ptr(pkey); |
a7922e20 RL |
649 | |
650 | EVP_PKEY_free(pkey); | |
651 | return ok; | |
652 | } | |
653 | ||
654 | static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key) | |
655 | { | |
6511f686 | 656 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 657 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 658 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 659 | "MSBLOB", NULL, NULL, NULL, |
1251cddf | 660 | encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov, |
ae12eac0 | 661 | test_mem, check_MSBLOB, |
b565a17d | 662 | dump_der, 0); |
a7922e20 RL |
663 | } |
664 | ||
6511f686 JS |
665 | static int check_PVK(const char *file, const int line, |
666 | const char *type, const void *data, size_t data_len) | |
a7922e20 RL |
667 | { |
668 | const unsigned char *in = data; | |
669 | unsigned int saltlen = 0, keylen = 0; | |
670 | int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen); | |
671 | ||
672 | return ok; | |
673 | } | |
674 | ||
675 | static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key) | |
676 | { | |
6511f686 | 677 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 678 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 679 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 680 | "PVK", NULL, NULL, NULL, |
1251cddf | 681 | encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov, |
ae12eac0 | 682 | test_mem, check_PVK, |
b565a17d | 683 | dump_der, 0); |
a7922e20 | 684 | } |
a7922e20 | 685 | |
3ecbea6a RL |
686 | static const char *pass_cipher = "AES-256-CBC"; |
687 | static const char *pass = "the holy handgrenade of antioch"; | |
688 | ||
6511f686 JS |
689 | static int check_protected_PKCS8_DER(const char *file, const int line, |
690 | const char *type, | |
3ecbea6a RL |
691 | const void *data, size_t data_len) |
692 | { | |
693 | const unsigned char *datap = data; | |
694 | X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len); | |
6511f686 | 695 | int ok = TEST_FL_ptr(p8); |
3ecbea6a RL |
696 | |
697 | X509_SIG_free(p8); | |
698 | return ok; | |
699 | } | |
700 | ||
7c664b1f | 701 | static int test_protected_via_DER(const char *type, EVP_PKEY *key) |
846f96f8 | 702 | { |
6511f686 | 703 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 704 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 705 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
6a2b8ff3 RL |
706 | "DER", "PrivateKeyInfo", |
707 | pass, pass_cipher, | |
1251cddf | 708 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
ae12eac0 | 709 | test_mem, check_protected_PKCS8_DER, |
b565a17d | 710 | dump_der, 0); |
3ecbea6a RL |
711 | } |
712 | ||
6511f686 JS |
713 | static int check_protected_PKCS8_PEM(const char *file, const int line, |
714 | const char *type, | |
3ecbea6a RL |
715 | const void *data, size_t data_len) |
716 | { | |
ae12eac0 RL |
717 | static const char expected_pem_header[] = |
718 | "-----BEGIN " PEM_STRING_PKCS8 "-----"; | |
3ecbea6a | 719 | |
6511f686 | 720 | return TEST_FL_strn_eq(data, expected_pem_header, |
ae12eac0 | 721 | sizeof(expected_pem_header) - 1); |
3ecbea6a RL |
722 | } |
723 | ||
7c664b1f | 724 | static int test_protected_via_PEM(const char *type, EVP_PKEY *key) |
3ecbea6a | 725 | { |
6511f686 | 726 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 727 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 728 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
6a2b8ff3 RL |
729 | "PEM", "PrivateKeyInfo", |
730 | pass, pass_cipher, | |
1251cddf | 731 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
ae12eac0 | 732 | test_text, check_protected_PKCS8_PEM, |
b565a17d | 733 | dump_pem, 0); |
e2ac846e RL |
734 | } |
735 | ||
6511f686 JS |
736 | static int check_protected_legacy_PEM(const char *file, const int line, |
737 | const char *type, | |
e2ac846e RL |
738 | const void *data, size_t data_len) |
739 | { | |
ae12eac0 | 740 | static char expected_pem_header[80]; |
e2ac846e RL |
741 | |
742 | return | |
6511f686 | 743 | TEST_FL_int_gt(BIO_snprintf(expected_pem_header, |
ae12eac0 | 744 | sizeof(expected_pem_header), |
846f96f8 | 745 | "-----BEGIN %s PRIVATE KEY-----", type), 0) |
6511f686 JS |
746 | && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header)) |
747 | && TEST_FL_ptr(strstr(data, "\nDEK-Info: ")); | |
e2ac846e RL |
748 | } |
749 | ||
7c664b1f | 750 | static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key) |
e2ac846e | 751 | { |
169eca60 JS |
752 | if (!default_libctx || is_fips) |
753 | return TEST_skip("Test not available if using a non-default library context or FIPS provider"); | |
754 | ||
6511f686 | 755 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 756 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 757 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 758 | "PEM", "type-specific", pass, pass_cipher, |
1251cddf | 759 | encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov, |
ae12eac0 | 760 | test_text, check_protected_legacy_PEM, |
b565a17d | 761 | dump_pem, 0); |
846f96f8 RL |
762 | } |
763 | ||
2e1bc081 | 764 | #ifndef OPENSSL_NO_RC4 |
a7922e20 RL |
765 | static int test_protected_via_PVK(const char *type, EVP_PKEY *key) |
766 | { | |
169eca60 JS |
767 | int ret = 0; |
768 | OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy"); | |
769 | if (lgcyprov == NULL) | |
770 | return TEST_skip("Legacy provider not available"); | |
771 | ||
772 | ret = test_encode_decode(__FILE__, __LINE__, type, key, | |
973a52ce | 773 | OSSL_KEYMGMT_SELECT_KEYPAIR |
ae12eac0 | 774 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce | 775 | "PVK", NULL, pass, NULL, |
1251cddf | 776 | encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov, |
b565a17d | 777 | test_mem, check_PVK, dump_der, 0); |
169eca60 JS |
778 | OSSL_PROVIDER_unload(lgcyprov); |
779 | return ret; | |
a7922e20 RL |
780 | } |
781 | #endif | |
782 | ||
6511f686 JS |
783 | static int check_public_DER(const char *file, const int line, |
784 | const char *type, const void *data, size_t data_len) | |
3ff8159a RL |
785 | { |
786 | const unsigned char *datap = data; | |
169eca60 | 787 | EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq); |
6511f686 | 788 | int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type))); |
3ff8159a RL |
789 | |
790 | EVP_PKEY_free(pkey); | |
791 | return ok; | |
792 | } | |
793 | ||
7c664b1f | 794 | static int test_public_via_DER(const char *type, EVP_PKEY *key) |
3ff8159a | 795 | { |
6511f686 | 796 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 797 | OSSL_KEYMGMT_SELECT_PUBLIC_KEY |
169eca60 | 798 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, |
973a52ce | 799 | "DER", "SubjectPublicKeyInfo", NULL, NULL, |
1251cddf | 800 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
b565a17d | 801 | test_mem, check_public_DER, dump_der, 0); |
3ff8159a RL |
802 | } |
803 | ||
6511f686 JS |
804 | static int check_public_PEM(const char *file, const int line, |
805 | const char *type, const void *data, size_t data_len) | |
3ff8159a | 806 | { |
ae12eac0 RL |
807 | static const char expected_pem_header[] = |
808 | "-----BEGIN " PEM_STRING_PUBLIC "-----"; | |
3ff8159a RL |
809 | |
810 | return | |
6511f686 | 811 | TEST_FL_strn_eq(data, expected_pem_header, |
ae12eac0 | 812 | sizeof(expected_pem_header) - 1); |
3ff8159a RL |
813 | } |
814 | ||
7c664b1f | 815 | static int test_public_via_PEM(const char *type, EVP_PKEY *key) |
3ff8159a | 816 | { |
6511f686 | 817 | return test_encode_decode(__FILE__, __LINE__, type, key, |
973a52ce | 818 | OSSL_KEYMGMT_SELECT_PUBLIC_KEY |
169eca60 | 819 | | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS, |
973a52ce | 820 | "PEM", "SubjectPublicKeyInfo", NULL, NULL, |
1251cddf | 821 | encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, |
b565a17d | 822 | test_text, check_public_PEM, dump_pem, 0); |
3ff8159a RL |
823 | } |
824 | ||
6511f686 JS |
825 | static int check_public_MSBLOB(const char *file, const int line, |
826 | const char *type, | |
a7922e20 RL |
827 | const void *data, size_t data_len) |
828 | { | |
829 | const unsigned char *datap = data; | |
830 | EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len); | |
6511f686 | 831 | int ok = TEST_FL_ptr(pkey); |
a7922e20 RL |
832 | |
833 | EVP_PKEY_free(pkey); | |
834 | return ok; | |
835 | } | |
836 | ||
837 | static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) | |
838 | { | |
6511f686 | 839 | return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY |
ae12eac0 | 840 | | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, |
973a52ce RL |
841 | "MSBLOB", NULL, NULL, NULL, |
842 | encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov, | |
b565a17d | 843 | test_mem, check_public_MSBLOB, dump_der, 0); |
a7922e20 | 844 | } |
a7922e20 | 845 | |
7c664b1f | 846 | #define KEYS(KEYTYPE) \ |
1251cddf | 847 | static EVP_PKEY *key_##KEYTYPE = NULL |
7c664b1f RL |
848 | #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \ |
849 | ok = ok \ | |
1251cddf | 850 | && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params)) |
7c664b1f RL |
851 | #define FREE_KEYS(KEYTYPE) \ |
852 | EVP_PKEY_free(key_##KEYTYPE); \ | |
7c664b1f RL |
853 | |
854 | #define DOMAIN_KEYS(KEYTYPE) \ | |
855 | static EVP_PKEY *template_##KEYTYPE = NULL; \ | |
1251cddf | 856 | static EVP_PKEY *key_##KEYTYPE = NULL |
7c664b1f RL |
857 | #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \ |
858 | ok = ok \ | |
859 | && TEST_ptr(template_##KEYTYPE = \ | |
860 | make_template(KEYTYPEstr, params)) \ | |
861 | && TEST_ptr(key_##KEYTYPE = \ | |
1251cddf | 862 | make_key(KEYTYPEstr, template_##KEYTYPE, NULL)) |
7c664b1f RL |
863 | #define FREE_DOMAIN_KEYS(KEYTYPE) \ |
864 | EVP_PKEY_free(template_##KEYTYPE); \ | |
1251cddf | 865 | EVP_PKEY_free(key_##KEYTYPE) |
7c664b1f RL |
866 | |
867 | #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \ | |
868 | static int test_unprotected_##KEYTYPE##_via_DER(void) \ | |
869 | { \ | |
870 | return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \ | |
871 | } \ | |
872 | static int test_unprotected_##KEYTYPE##_via_PEM(void) \ | |
873 | { \ | |
874 | return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ | |
875 | } \ | |
7c664b1f RL |
876 | static int test_protected_##KEYTYPE##_via_DER(void) \ |
877 | { \ | |
878 | return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \ | |
879 | } \ | |
880 | static int test_protected_##KEYTYPE##_via_PEM(void) \ | |
881 | { \ | |
882 | return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ | |
883 | } \ | |
7c664b1f RL |
884 | static int test_public_##KEYTYPE##_via_DER(void) \ |
885 | { \ | |
886 | return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \ | |
887 | } \ | |
888 | static int test_public_##KEYTYPE##_via_PEM(void) \ | |
889 | { \ | |
890 | return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ | |
891 | } | |
892 | ||
893 | #define ADD_TEST_SUITE(KEYTYPE) \ | |
894 | ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \ | |
895 | ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \ | |
7c664b1f RL |
896 | ADD_TEST(test_protected_##KEYTYPE##_via_DER); \ |
897 | ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \ | |
7c664b1f RL |
898 | ADD_TEST(test_public_##KEYTYPE##_via_DER); \ |
899 | ADD_TEST(test_public_##KEYTYPE##_via_PEM) | |
900 | ||
b565a17d MC |
901 | #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \ |
902 | static int test_params_##KEYTYPE##_via_DER(void) \ | |
903 | { \ | |
904 | return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \ | |
905 | } \ | |
906 | static int test_params_##KEYTYPE##_via_PEM(void) \ | |
907 | { \ | |
908 | return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ | |
909 | } | |
910 | ||
911 | #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \ | |
912 | ADD_TEST(test_params_##KEYTYPE##_via_DER); \ | |
913 | ADD_TEST(test_params_##KEYTYPE##_via_PEM) | |
914 | ||
bddfea02 RL |
915 | #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \ |
916 | static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \ | |
917 | { \ | |
1251cddf RL |
918 | return \ |
919 | test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \ | |
bddfea02 RL |
920 | } \ |
921 | static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \ | |
922 | { \ | |
1251cddf RL |
923 | return \ |
924 | test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \ | |
bddfea02 RL |
925 | } |
926 | ||
2e1bc081 RL |
927 | #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \ |
928 | ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \ | |
bddfea02 RL |
929 | ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM) |
930 | ||
2e1bc081 | 931 | #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \ |
a7922e20 RL |
932 | static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \ |
933 | { \ | |
934 | return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \ | |
935 | } \ | |
936 | static int test_public_##KEYTYPE##_via_MSBLOB(void) \ | |
937 | { \ | |
938 | return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \ | |
939 | } | |
940 | ||
2e1bc081 RL |
941 | #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \ |
942 | ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \ | |
a7922e20 RL |
943 | ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB) |
944 | ||
5faec149 | 945 | #define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \ |
a7922e20 RL |
946 | static int test_unprotected_##KEYTYPE##_via_PVK(void) \ |
947 | { \ | |
948 | return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \ | |
5faec149 RL |
949 | } |
950 | # define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \ | |
951 | ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK) | |
952 | #ifndef OPENSSL_NO_RC4 | |
953 | # define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \ | |
a7922e20 RL |
954 | static int test_protected_##KEYTYPE##_via_PVK(void) \ |
955 | { \ | |
956 | return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \ | |
957 | } | |
5faec149 | 958 | # define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \ |
a7922e20 | 959 | ADD_TEST(test_protected_##KEYTYPE##_via_PVK) |
a7922e20 RL |
960 | #endif |
961 | ||
7c664b1f RL |
962 | #ifndef OPENSSL_NO_DH |
963 | DOMAIN_KEYS(DH); | |
964 | IMPLEMENT_TEST_SUITE(DH, "DH") | |
b565a17d | 965 | IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH") |
31d2daec SL |
966 | DOMAIN_KEYS(DHX); |
967 | IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH") | |
b565a17d | 968 | IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH") |
bddfea02 RL |
969 | /* |
970 | * DH has no support for PEM_write_bio_PrivateKey_traditional(), | |
971 | * so no legacy tests. | |
972 | */ | |
7c664b1f RL |
973 | #endif |
974 | #ifndef OPENSSL_NO_DSA | |
975 | DOMAIN_KEYS(DSA); | |
976 | IMPLEMENT_TEST_SUITE(DSA, "DSA") | |
b565a17d | 977 | IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA") |
bddfea02 | 978 | IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA") |
a7922e20 | 979 | IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA") |
5faec149 RL |
980 | IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA") |
981 | # ifndef OPENSSL_NO_RC4 | |
982 | IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA") | |
983 | # endif | |
7c664b1f RL |
984 | #endif |
985 | #ifndef OPENSSL_NO_EC | |
986 | DOMAIN_KEYS(EC); | |
987 | IMPLEMENT_TEST_SUITE(EC, "EC") | |
b565a17d | 988 | IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC") |
bddfea02 | 989 | IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC") |
c0f39ded SL |
990 | DOMAIN_KEYS(ECExplicitPrimeNamedCurve); |
991 | IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC") | |
bddfea02 | 992 | IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC") |
c0f39ded SL |
993 | DOMAIN_KEYS(ECExplicitPrime2G); |
994 | IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC") | |
bddfea02 | 995 | IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC") |
c0f39ded SL |
996 | # ifndef OPENSSL_NO_EC2M |
997 | DOMAIN_KEYS(ECExplicitTriNamedCurve); | |
998 | IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC") | |
bddfea02 | 999 | IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC") |
c0f39ded SL |
1000 | DOMAIN_KEYS(ECExplicitTri2G); |
1001 | IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC") | |
bddfea02 | 1002 | IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC") |
c0f39ded | 1003 | # endif |
7c664b1f RL |
1004 | KEYS(ED25519); |
1005 | IMPLEMENT_TEST_SUITE(ED25519, "ED25519") | |
1006 | KEYS(ED448); | |
1007 | IMPLEMENT_TEST_SUITE(ED448, "ED448") | |
1008 | KEYS(X25519); | |
1009 | IMPLEMENT_TEST_SUITE(X25519, "X25519") | |
1010 | KEYS(X448); | |
1011 | IMPLEMENT_TEST_SUITE(X448, "X448") | |
bddfea02 RL |
1012 | /* |
1013 | * ED25519, ED448, X25519 and X448 have no support for | |
1014 | * PEM_write_bio_PrivateKey_traditional(), so no legacy tests. | |
1015 | */ | |
7c664b1f RL |
1016 | #endif |
1017 | KEYS(RSA); | |
1018 | IMPLEMENT_TEST_SUITE(RSA, "RSA") | |
bddfea02 | 1019 | IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA") |
7c664b1f RL |
1020 | KEYS(RSA_PSS); |
1021 | IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS") | |
bddfea02 RL |
1022 | /* |
1023 | * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(), | |
1024 | * so no legacy tests. | |
1025 | */ | |
a7922e20 | 1026 | IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA") |
5faec149 RL |
1027 | IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA") |
1028 | #ifndef OPENSSL_NO_RC4 | |
1029 | IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA") | |
1030 | #endif | |
3ff8159a | 1031 | |
c0f39ded SL |
1032 | #ifndef OPENSSL_NO_EC |
1033 | /* Explicit parameters that match a named curve */ | |
1034 | static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld, | |
1035 | const unsigned char *gen, | |
1036 | size_t gen_len) | |
1037 | { | |
1038 | BIGNUM *a, *b, *prime, *order; | |
1039 | ||
1040 | /* Curve prime256v1 */ | |
1041 | static const unsigned char prime_data[] = { | |
1042 | 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, | |
1043 | 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1044 | 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, | |
1045 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, | |
1046 | 0xff | |
1047 | }; | |
1048 | static const unsigned char a_data[] = { | |
1049 | 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, | |
1050 | 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1051 | 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, | |
1052 | 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, | |
1053 | 0xfc | |
1054 | }; | |
1055 | static const unsigned char b_data[] = { | |
1056 | 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, | |
1057 | 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc, | |
1058 | 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6, | |
1059 | 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b | |
1060 | }; | |
1061 | static const unsigned char seed[] = { | |
1062 | 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, | |
1063 | 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7, | |
1064 | 0x81, 0x9f, 0x7e, 0x90 | |
1065 | }; | |
1066 | static const unsigned char order_data[] = { | |
1067 | 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, | |
1068 | 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, | |
1069 | 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, | |
1070 | 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51 | |
1071 | }; | |
1072 | return TEST_ptr(a = BN_CTX_get(bnctx)) | |
1073 | && TEST_ptr(b = BN_CTX_get(bnctx)) | |
1074 | && TEST_ptr(prime = BN_CTX_get(bnctx)) | |
1075 | && TEST_ptr(order = BN_CTX_get(bnctx)) | |
1076 | && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime)) | |
1077 | && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a)) | |
1078 | && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b)) | |
1079 | && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order)) | |
1080 | && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, | |
1081 | OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field, | |
1082 | 0)) | |
1083 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime)) | |
1084 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a)) | |
1085 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b)) | |
1086 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, | |
1087 | OSSL_PKEY_PARAM_EC_ORDER, order)) | |
1088 | && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, | |
1089 | OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len)) | |
1090 | && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, | |
1091 | OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed))) | |
1092 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR, | |
1093 | BN_value_one())); | |
1094 | } | |
1095 | ||
1096 | static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld) | |
1097 | { | |
1098 | static const unsigned char prime256v1_gen[] = { | |
1099 | 0x04, | |
1100 | 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, | |
1101 | 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, | |
1102 | 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, | |
1103 | 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, | |
1104 | 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, | |
1105 | 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, | |
1106 | 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, | |
1107 | 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5 | |
1108 | }; | |
1109 | return do_create_ec_explicit_prime_params(bld, prime256v1_gen, | |
1110 | sizeof(prime256v1_gen)); | |
1111 | } | |
1112 | ||
1113 | static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld) | |
1114 | { | |
1115 | /* 2G */ | |
1116 | static const unsigned char prime256v1_gen2[] = { | |
1117 | 0x04, | |
1118 | 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a, | |
1119 | 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3, | |
1120 | 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6, | |
1121 | 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31, | |
1122 | 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21, | |
1123 | 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9, | |
1124 | 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda, | |
1125 | 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55 | |
1126 | }; | |
1127 | return do_create_ec_explicit_prime_params(bld, prime256v1_gen2, | |
1128 | sizeof(prime256v1_gen2)); | |
1129 | } | |
1130 | ||
1131 | # ifndef OPENSSL_NO_EC2M | |
1132 | static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld, | |
1133 | const unsigned char *gen, | |
1134 | size_t gen_len) | |
1135 | { | |
1136 | BIGNUM *a, *b, *poly, *order, *cofactor; | |
1137 | /* sect233k1 characteristic-two-field tpBasis */ | |
1138 | static const unsigned char poly_data[] = { | |
1139 | 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1140 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, | |
1141 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, | |
1142 | }; | |
1143 | static const unsigned char a_data[] = { | |
1144 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1145 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1146 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | |
1147 | }; | |
1148 | static const unsigned char b_data[] = { | |
1149 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1150 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1151 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 | |
1152 | }; | |
1153 | static const unsigned char order_data[] = { | |
1154 | 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
1155 | 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB, | |
1156 | 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF | |
1157 | }; | |
1158 | static const unsigned char cofactor_data[]= { | |
1159 | 0x4 | |
1160 | }; | |
1161 | return TEST_ptr(a = BN_CTX_get(bnctx)) | |
1162 | && TEST_ptr(b = BN_CTX_get(bnctx)) | |
1163 | && TEST_ptr(poly = BN_CTX_get(bnctx)) | |
1164 | && TEST_ptr(order = BN_CTX_get(bnctx)) | |
1165 | && TEST_ptr(cofactor = BN_CTX_get(bnctx)) | |
1166 | && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly)) | |
1167 | && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a)) | |
1168 | && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b)) | |
1169 | && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order)) | |
1170 | && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor)) | |
1171 | && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, | |
1172 | OSSL_PKEY_PARAM_EC_FIELD_TYPE, | |
1173 | SN_X9_62_characteristic_two_field, 0)) | |
1174 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly)) | |
1175 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a)) | |
1176 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b)) | |
1177 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, | |
1178 | OSSL_PKEY_PARAM_EC_ORDER, order)) | |
1179 | && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, | |
1180 | OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len)) | |
1181 | && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR, | |
1182 | cofactor)); | |
1183 | } | |
1184 | ||
1185 | static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld) | |
1186 | { | |
1187 | static const unsigned char gen[] = { | |
1188 | 0x04, | |
1189 | 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2, | |
1190 | 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C, | |
1191 | 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26, | |
1192 | 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A, | |
1193 | 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0, | |
1194 | 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3 | |
1195 | }; | |
1196 | return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen)); | |
1197 | } | |
1198 | ||
1199 | static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld) | |
1200 | { | |
1201 | static const unsigned char gen2[] = { | |
1202 | 0x04, | |
1203 | 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1, | |
1204 | 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0, | |
1205 | 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4, | |
1206 | 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86, | |
1207 | 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29, | |
1208 | 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb | |
1209 | }; | |
1210 | return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2)); | |
1211 | } | |
1212 | # endif /* OPENSSL_NO_EC2M */ | |
1213 | #endif /* OPENSSL_NO_EC */ | |
1214 | ||
169eca60 JS |
1215 | typedef enum OPTION_choice { |
1216 | OPT_ERR = -1, | |
1217 | OPT_EOF = 0, | |
1218 | OPT_CONTEXT, | |
1219 | OPT_RSA_FILE, | |
1220 | OPT_RSA_PSS_FILE, | |
1221 | OPT_CONFIG_FILE, | |
1222 | OPT_PROVIDER_NAME, | |
1223 | OPT_TEST_ENUM | |
1224 | } OPTION_CHOICE; | |
1225 | ||
1226 | const OPTIONS *test_get_options(void) | |
1227 | { | |
1228 | static const OPTIONS options[] = { | |
1229 | OPT_TEST_OPTIONS_DEFAULT_USAGE, | |
1230 | { "context", OPT_CONTEXT, '-', | |
1231 | "Explicitly use a non-default library context" }, | |
1232 | { "rsa", OPT_RSA_FILE, '<', | |
1233 | "PEM format RSA key file to encode/decode" }, | |
1234 | { "pss", OPT_RSA_PSS_FILE, '<', | |
1235 | "PEM format RSA-PSS key file to encode/decode" }, | |
1236 | { "config", OPT_CONFIG_FILE, '<', | |
1237 | "The configuration file to use for the library context" }, | |
1238 | { "provider", OPT_PROVIDER_NAME, 's', | |
1239 | "The provider to load (The default value is 'default')" }, | |
1240 | { NULL } | |
1241 | }; | |
1242 | return options; | |
1243 | } | |
91f2b15f | 1244 | |
5a23d78c RL |
1245 | int setup_tests(void) |
1246 | { | |
169eca60 JS |
1247 | const char *rsa_file = NULL; |
1248 | const char *rsa_pss_file = NULL; | |
1249 | const char *prov_name = "default"; | |
1250 | char *config_file = NULL; | |
7c664b1f RL |
1251 | int ok = 1; |
1252 | ||
a7922e20 RL |
1253 | #ifndef OPENSSL_NO_DSA |
1254 | static size_t qbits = 160; /* PVK only tolerates 160 Q bits */ | |
1255 | static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */ | |
1256 | OSSL_PARAM DSA_params[] = { | |
1257 | OSSL_PARAM_size_t("pbits", &pbits), | |
1258 | OSSL_PARAM_size_t("qbits", &qbits), | |
1259 | OSSL_PARAM_END | |
1260 | }; | |
1261 | #endif | |
1262 | ||
7c664b1f RL |
1263 | #ifndef OPENSSL_NO_EC |
1264 | static char groupname[] = "prime256v1"; | |
1265 | OSSL_PARAM EC_params[] = { | |
1266 | OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1), | |
1267 | OSSL_PARAM_END | |
1268 | }; | |
1269 | #endif | |
1270 | ||
169eca60 JS |
1271 | OPTION_CHOICE o; |
1272 | ||
1273 | while ((o = opt_next()) != OPT_EOF) { | |
1274 | switch (o) { | |
1275 | case OPT_CONTEXT: | |
1276 | default_libctx = 0; | |
1277 | break; | |
1278 | case OPT_PROVIDER_NAME: | |
1279 | prov_name = opt_arg(); | |
1280 | break; | |
1281 | case OPT_CONFIG_FILE: | |
1282 | config_file = opt_arg(); | |
1283 | break; | |
1284 | case OPT_RSA_FILE: | |
1285 | rsa_file = opt_arg(); | |
1286 | break; | |
1287 | case OPT_RSA_PSS_FILE: | |
1288 | rsa_pss_file = opt_arg(); | |
1289 | break; | |
1290 | case OPT_TEST_CASES: | |
1291 | break; | |
1292 | default: | |
1293 | return 0; | |
1294 | } | |
91f2b15f | 1295 | } |
169eca60 JS |
1296 | |
1297 | if (strcmp(prov_name, "fips") == 0) | |
1298 | is_fips = 1; | |
1299 | ||
1300 | if (default_libctx) { | |
1301 | if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name)) | |
1302 | return 0; | |
1303 | } else { | |
1304 | if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name)) | |
1305 | return 0; | |
91f2b15f | 1306 | } |
7c664b1f | 1307 | |
169eca60 JS |
1308 | /* Separate provider/ctx for generating the test data */ |
1309 | if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new())) | |
1310 | return 0; | |
1311 | if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default"))) | |
1312 | return 0; | |
1313 | ||
c0f39ded | 1314 | #ifndef OPENSSL_NO_EC |
169eca60 | 1315 | if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx)) |
c0f39ded SL |
1316 | || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new()) |
1317 | || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new()) | |
1318 | || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc) | |
1319 | || !create_ec_explicit_prime_params(bld_prime) | |
1320 | || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc)) | |
1321 | || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime)) | |
1322 | # ifndef OPENSSL_NO_EC2M | |
1323 | || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new()) | |
1324 | || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new()) | |
1325 | || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc) | |
1326 | || !create_ec_explicit_trinomial_params(bld_tri) | |
1327 | || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc)) | |
1328 | || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri)) | |
1329 | # endif | |
1330 | ) | |
1331 | return 0; | |
1332 | #endif | |
1333 | ||
e2ac846e | 1334 | TEST_info("Generating keys..."); |
c0f39ded | 1335 | |
7c664b1f | 1336 | #ifndef OPENSSL_NO_DH |
91f2b15f | 1337 | TEST_info("Generating DH keys..."); |
7c664b1f | 1338 | MAKE_DOMAIN_KEYS(DH, "DH", NULL); |
31d2daec | 1339 | MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL); |
7c664b1f RL |
1340 | #endif |
1341 | #ifndef OPENSSL_NO_DSA | |
91f2b15f | 1342 | TEST_info("Generating DSA keys..."); |
a7922e20 | 1343 | MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params); |
7c664b1f RL |
1344 | #endif |
1345 | #ifndef OPENSSL_NO_EC | |
91f2b15f | 1346 | TEST_info("Generating EC keys..."); |
7c664b1f | 1347 | MAKE_DOMAIN_KEYS(EC, "EC", EC_params); |
c0f39ded SL |
1348 | MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc); |
1349 | MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit); | |
1350 | # ifndef OPENSSL_NO_EC2M | |
1351 | MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc); | |
1352 | MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit); | |
1353 | # endif | |
7c664b1f RL |
1354 | MAKE_KEYS(ED25519, "ED25519", NULL); |
1355 | MAKE_KEYS(ED448, "ED448", NULL); | |
1356 | MAKE_KEYS(X25519, "X25519", NULL); | |
1357 | MAKE_KEYS(X448, "X448", NULL); | |
1358 | #endif | |
91f2b15f | 1359 | TEST_info("Loading RSA key..."); |
169eca60 | 1360 | ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx)); |
91f2b15f | 1361 | TEST_info("Loading RSA_PSS key..."); |
169eca60 | 1362 | ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx)); |
91f2b15f | 1363 | TEST_info("Generating keys done"); |
5a23d78c | 1364 | |
7c664b1f RL |
1365 | if (ok) { |
1366 | #ifndef OPENSSL_NO_DH | |
1367 | ADD_TEST_SUITE(DH); | |
b565a17d | 1368 | ADD_TEST_SUITE_PARAMS(DH); |
31d2daec | 1369 | ADD_TEST_SUITE(DHX); |
b565a17d | 1370 | ADD_TEST_SUITE_PARAMS(DHX); |
bddfea02 RL |
1371 | /* |
1372 | * DH has no support for PEM_write_bio_PrivateKey_traditional(), | |
1373 | * so no legacy tests. | |
1374 | */ | |
7c664b1f RL |
1375 | #endif |
1376 | #ifndef OPENSSL_NO_DSA | |
1377 | ADD_TEST_SUITE(DSA); | |
b565a17d | 1378 | ADD_TEST_SUITE_PARAMS(DSA); |
bddfea02 | 1379 | ADD_TEST_SUITE_LEGACY(DSA); |
a7922e20 | 1380 | ADD_TEST_SUITE_MSBLOB(DSA); |
5faec149 RL |
1381 | ADD_TEST_SUITE_UNPROTECTED_PVK(DSA); |
1382 | # ifndef OPENSSL_NO_RC4 | |
169eca60 | 1383 | ADD_TEST_SUITE_PROTECTED_PVK(DSA); |
5faec149 | 1384 | # endif |
7c664b1f RL |
1385 | #endif |
1386 | #ifndef OPENSSL_NO_EC | |
1387 | ADD_TEST_SUITE(EC); | |
b565a17d | 1388 | ADD_TEST_SUITE_PARAMS(EC); |
bddfea02 | 1389 | ADD_TEST_SUITE_LEGACY(EC); |
c0f39ded | 1390 | ADD_TEST_SUITE(ECExplicitPrimeNamedCurve); |
bddfea02 | 1391 | ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve); |
c0f39ded | 1392 | ADD_TEST_SUITE(ECExplicitPrime2G); |
bddfea02 | 1393 | ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G); |
c0f39ded SL |
1394 | # ifndef OPENSSL_NO_EC2M |
1395 | ADD_TEST_SUITE(ECExplicitTriNamedCurve); | |
bddfea02 | 1396 | ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve); |
c0f39ded | 1397 | ADD_TEST_SUITE(ECExplicitTri2G); |
bddfea02 | 1398 | ADD_TEST_SUITE_LEGACY(ECExplicitTri2G); |
c0f39ded | 1399 | # endif |
7c664b1f RL |
1400 | ADD_TEST_SUITE(ED25519); |
1401 | ADD_TEST_SUITE(ED448); | |
1402 | ADD_TEST_SUITE(X25519); | |
1403 | ADD_TEST_SUITE(X448); | |
bddfea02 RL |
1404 | /* |
1405 | * ED25519, ED448, X25519 and X448 have no support for | |
1406 | * PEM_write_bio_PrivateKey_traditional(), so no legacy tests. | |
1407 | */ | |
7c664b1f RL |
1408 | #endif |
1409 | ADD_TEST_SUITE(RSA); | |
bddfea02 | 1410 | ADD_TEST_SUITE_LEGACY(RSA); |
7c664b1f | 1411 | ADD_TEST_SUITE(RSA_PSS); |
bddfea02 RL |
1412 | /* |
1413 | * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(), | |
1414 | * so no legacy tests. | |
1415 | */ | |
a7922e20 | 1416 | ADD_TEST_SUITE_MSBLOB(RSA); |
5faec149 RL |
1417 | ADD_TEST_SUITE_UNPROTECTED_PVK(RSA); |
1418 | # ifndef OPENSSL_NO_RC4 | |
169eca60 | 1419 | ADD_TEST_SUITE_PROTECTED_PVK(RSA); |
5faec149 | 1420 | # endif |
7c664b1f | 1421 | } |
5a23d78c RL |
1422 | |
1423 | return 1; | |
1424 | } | |
7c664b1f RL |
1425 | |
1426 | void cleanup_tests(void) | |
1427 | { | |
c0f39ded | 1428 | #ifndef OPENSSL_NO_EC |
3f883c7c SL |
1429 | OSSL_PARAM_free(ec_explicit_prime_params_nc); |
1430 | OSSL_PARAM_free(ec_explicit_prime_params_explicit); | |
c0f39ded SL |
1431 | OSSL_PARAM_BLD_free(bld_prime_nc); |
1432 | OSSL_PARAM_BLD_free(bld_prime); | |
1433 | # ifndef OPENSSL_NO_EC2M | |
3f883c7c SL |
1434 | OSSL_PARAM_free(ec_explicit_tri_params_nc); |
1435 | OSSL_PARAM_free(ec_explicit_tri_params_explicit); | |
c0f39ded SL |
1436 | OSSL_PARAM_BLD_free(bld_tri_nc); |
1437 | OSSL_PARAM_BLD_free(bld_tri); | |
1438 | # endif | |
1439 | BN_CTX_free(bnctx); | |
1440 | #endif /* OPENSSL_NO_EC */ | |
1441 | ||
7c664b1f RL |
1442 | #ifndef OPENSSL_NO_DH |
1443 | FREE_DOMAIN_KEYS(DH); | |
31d2daec | 1444 | FREE_DOMAIN_KEYS(DHX); |
7c664b1f RL |
1445 | #endif |
1446 | #ifndef OPENSSL_NO_DSA | |
1447 | FREE_DOMAIN_KEYS(DSA); | |
1448 | #endif | |
1449 | #ifndef OPENSSL_NO_EC | |
1450 | FREE_DOMAIN_KEYS(EC); | |
c0f39ded SL |
1451 | FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve); |
1452 | FREE_DOMAIN_KEYS(ECExplicitPrime2G); | |
1453 | # ifndef OPENSSL_NO_EC2M | |
1454 | FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve); | |
1455 | FREE_DOMAIN_KEYS(ECExplicitTri2G); | |
1456 | # endif | |
7c664b1f RL |
1457 | FREE_KEYS(ED25519); |
1458 | FREE_KEYS(ED448); | |
1459 | FREE_KEYS(X25519); | |
1460 | FREE_KEYS(X448); | |
1461 | #endif | |
1462 | FREE_KEYS(RSA); | |
1463 | FREE_KEYS(RSA_PSS); | |
169eca60 JS |
1464 | |
1465 | OSSL_PROVIDER_unload(nullprov); | |
1466 | OSSL_PROVIDER_unload(deflprov); | |
1467 | OSSL_PROVIDER_unload(keyprov); | |
1468 | OSSL_LIB_CTX_free(testctx); | |
1469 | OSSL_LIB_CTX_free(keyctx); | |
7c664b1f | 1470 | } |