]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/evp_extra_test.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Simplify the EVP_PKEY_XXX_fromdata_XX methods.
[thirdparty/openssl.git] / test / evp_extra_test.c
CommitLineData
440e5d80 1/*
4333b89f 2 * Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
71ea6b48 3 *
909f1a2e 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
440e5d80
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
71ea6b48
MC		 8 */
9
41bbba53
P		 10/* We need to use some deprecated APIs */
11#define OPENSSL_SUPPRESS_DEPRECATED
12
71ea6b48
MC		 13#include <stdio.h>
14#include <stdlib.h>
bb5f281a 15#include <string.h>
71ea6b48 16#include <openssl/bio.h>
7bb82f92 17#include <openssl/conf.h>
71ea6b48
MC		 18#include <openssl/crypto.h>
19#include <openssl/err.h>
20#include <openssl/evp.h>
71ea6b48 21#include <openssl/x509.h>
4803717f 22#include <openssl/pem.h>
10d5b415 23#include <openssl/kdf.h>
847d0f81 24#include <openssl/provider.h>
9c45222d 25#include <openssl/core_names.h>
f54a4101 26#include <openssl/params.h>
d7e498ac 27#include <openssl/param_build.h>
9c45222d 28#include <openssl/dsa.h>
e295de1d 29#include <openssl/dh.h>
e5bc0ce2 30#include <openssl/aes.h>
d7e498ac 31#include <openssl/decoder.h>
e947a064 32#include <openssl/rsa.h>
adcd8e37 33#include "testutil.h"
176db6dc 34#include "internal/nelem.h"
00bc1ad9 35#include "internal/sizes.h"
25f2138b 36#include "crypto/evp.h"
f0c62c53 37#include "../e_os.h" /* strcasecmp */
71ea6b48 38
b4250010 39static OSSL_LIB_CTX *testctx = NULL;
86dc26ba 40
71ea6b48
MC		 41/*
42 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
43 * should never use this key anywhere but in an example.
44 */
45static const unsigned char kExampleRSAKeyDER[] = {
46 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
47 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
48 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
49 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
50 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
51 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
52 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
53 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
54 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
55 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
56 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
57 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
58 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
59 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
60 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
61 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
62 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
63 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
64 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
65 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
66 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
67 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
68 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
69 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
70 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
71 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
72 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
73 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
74 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
75 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
76 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
77 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
78 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
79 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
80 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
81 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
82 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
83 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
84 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
85 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
86 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
87 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
88 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
89 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
90 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
91 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
92 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
93 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
94 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
95 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
96 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
97};
98
59d0e6c8
MC		 99/*
100* kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
101 * should never use this key anywhere but in an example.
102 */
f650ab47 103#ifndef OPENSSL_NO_DSA
59d0e6c8
MC		 104static const unsigned char kExampleDSAKeyDER[] = {
105 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
106 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
107 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
108 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
109 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
110 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
111 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
112 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
113 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
114 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
115 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
116 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
117 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
118 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
119 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
120 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
121 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
122 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
123 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
124 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
125 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
126 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
127 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
128 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
129 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
130 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
131 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
132 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
133 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
134 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
135 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
136 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
137 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
138 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
139 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
140 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
141 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
142 0x40, 0x48
143};
f650ab47 144#endif
59d0e6c8 145
2aee35d3
PY		 146/*
147 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
148 * components are not correct.
149 */
150static const unsigned char kExampleBadRSAKeyDER[] = {
151 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
152 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
153 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
154 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
155 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
156 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
157 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
158 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
159 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
160 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
161 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
162 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
163 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
164 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
165 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
166 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
167 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
168 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
169 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
170 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
171 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
172 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
173 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
174 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
175 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
176 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
177 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
178 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
179 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
180 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
181 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
182 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
183 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
184 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
185 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
186 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
187 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
188 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
189 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
190 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
191 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
192 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
193 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
194 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
195 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
196 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
197 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
198 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
199 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
200 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
201 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
202 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
203 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
204 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
205 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
206 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
207 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
208 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
209 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
210 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
211 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
212 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
213 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
214 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
215 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
216 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
217 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
218 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
219 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
220 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
221 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
222 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
223 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
224 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
225 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
226 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
227 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
228 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
229 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
230 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
231 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
232 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
233 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
234 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
235 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
236 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
237 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
238 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
239 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
240};
241
71ea6b48
MC		 242static const unsigned char kMsg[] = { 1, 2, 3, 4 };
243
244static const unsigned char kSignature[] = {
245 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
246 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
247 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
248 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
249 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
250 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
251 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
252 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
253 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
254 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
255 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
256};
257
258/*
259 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
260 * PrivateKeyInfo.
261 */
262static const unsigned char kExampleRSAKeyPKCS8[] = {
263 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
264 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
265 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
266 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
267 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
268 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
269 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
270 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
271 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
272 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
273 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
274 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
275 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
276 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
277 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
278 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
279 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
280 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
281 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
282 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
283 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
284 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
285 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
286 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
287 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
288 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
289 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
290 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
291 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
292 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
293 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
294 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
295 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
296 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
297 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
298 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
299 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
300 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
301 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
302 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
303 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
304 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
305 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
306 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
307 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
308 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
309 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
310 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
311 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
312 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
313 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
314 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
315 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
316};
317
a9880362 318#ifndef OPENSSL_NO_EC
71ea6b48
MC		 319/*
320 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
321 * structure.
322 */
323static const unsigned char kExampleECKeyDER[] = {
324 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
325 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
326 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
327 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
328 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
329 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
330 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
331 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
332 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
333 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
334 0xc1,
335};
336
337/*
338 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
339 * structure. The private key is equal to the order and will fail to import
340 */
341static const unsigned char kExampleBadECKeyDER[] = {
342 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
343 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
344 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
345 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
346 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
347 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
348 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
349 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
350 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
351};
b0004708
PY		 352
353/* prime256v1 */
354static const unsigned char kExampleECPubKeyDER[] = {
355 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
356 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
357 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
358 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
359 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
360 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
361 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
362 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
363};
364
5dc40a83 365/*
87762939 366 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
5dc40a83
BE		 367 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
368 */
369static const unsigned char kExampleBadECPubKeyDER[] = {
370 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
371 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
372 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
373 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
374 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
375 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
376 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
377 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
378};
379
b0004708
PY		 380static const unsigned char pExampleECParamDER[] = {
381 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
382};
a9880362 383#endif
71ea6b48 384
adcd8e37
RS		 385typedef struct APK_DATA_st {
386 const unsigned char *kder;
387 size_t size;
5b5eea4b 388 const char *keytype;
adcd8e37 389 int evptype;
2aee35d3 390 int check;
b0004708
PY		 391 int pub_check;
392 int param_check;
393 int type; /* 0 for private, 1 for public, 2 for params */
adcd8e37
RS		 394} APK_DATA;
395
396static APK_DATA keydata[] = {
5b5eea4b
SL		 397 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), "RSA", EVP_PKEY_RSA},
398 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), "RSA", EVP_PKEY_RSA},
aa24cd1b 399#ifndef OPENSSL_NO_EC
5b5eea4b 400 {kExampleECKeyDER, sizeof(kExampleECKeyDER), "EC", EVP_PKEY_EC}
aa24cd1b 401#endif
adcd8e37
RS		 402};
403
2aee35d3 404static APK_DATA keycheckdata[] = {
5b5eea4b
SL		 405 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), "RSA", EVP_PKEY_RSA, 1, 1, 1, 0},
406 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), "RSA", EVP_PKEY_RSA,
e6774a72 407 0, 1, 1, 0},
2aee35d3 408#ifndef OPENSSL_NO_EC
5b5eea4b 409 {kExampleECKeyDER, sizeof(kExampleECKeyDER), "EC", EVP_PKEY_EC, 1, 1, 1, 0},
b0004708 410 /* group is also associated in our pub key */
5b5eea4b
SL		 411 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), "EC", EVP_PKEY_EC, 0, 1, 1, 1},
412 {pExampleECParamDER, sizeof(pExampleECParamDER), "EC", EVP_PKEY_EC, 0, 0, 1, 2}
2aee35d3
PY		 413#endif
414};
415
d7e498ac
RL		 416static EVP_PKEY *load_example_key(const char *keytype,
417 const unsigned char *data, size_t data_len)
71ea6b48 418{
d7e498ac 419 const unsigned char **pdata = &data;
71ea6b48 420 EVP_PKEY *pkey = NULL;
d7e498ac
RL		 421 OSSL_DECODER_CTX *dctx =
422 OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, "DER", NULL, keytype, 0,
423 testctx, NULL);
71ea6b48 424
d7e498ac
RL		 425 /* |pkey| will be NULL on error */
426 (void)OSSL_DECODER_from_data(dctx, pdata, &data_len);
427 OSSL_DECODER_CTX_free(dctx);
428 return pkey;
429}
71ea6b48 430
d7e498ac
RL		 431static EVP_PKEY *load_example_rsa_key(void)
432{
433 return load_example_key("RSA", kExampleRSAKeyDER,
434 sizeof(kExampleRSAKeyDER));
71ea6b48
MC		 435}
436
f650ab47 437#ifndef OPENSSL_NO_DSA
59d0e6c8
MC		 438static EVP_PKEY *load_example_dsa_key(void)
439{
6ed4022c
RL		 440 return load_example_key("DSA", kExampleDSAKeyDER,
441 sizeof(kExampleDSAKeyDER));
59d0e6c8 442}
f650ab47 443#endif
59d0e6c8 444
6d242fa5
MC		 445static EVP_PKEY *load_example_hmac_key(void)
446{
447 EVP_PKEY *pkey = NULL;
448 unsigned char key[] = {
449 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
450 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
451 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
452 };
453
454 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
455 if (!TEST_ptr(pkey))
456 return NULL;
457
458 return pkey;
459}
460
f9e504e8
P		 461static int test_EVP_set_default_properties(void)
462{
b4250010 463 OSSL_LIB_CTX *ctx;
f9e504e8
P		 464 EVP_MD *md = NULL;
465 int res = 0;
466
b4250010 467 if (!TEST_ptr(ctx = OSSL_LIB_CTX_new())
f9e504e8
P		 468 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
469 goto err;
470 EVP_MD_free(md);
471 md = NULL;
472
473 if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
474 || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
475 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
476 goto err;
477 EVP_MD_free(md);
478 md = NULL;
479
480 if (!TEST_true(EVP_set_default_properties(ctx, NULL))
481 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
482 goto err;
483 res = 1;
484err:
485 EVP_MD_free(md);
b4250010 486 OSSL_LIB_CTX_free(ctx);
f9e504e8
P		 487 return res;
488}
489
b8a1272d
MC		 490#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
491static int test_fromdata(char *keytype, OSSL_PARAM *params)
492{
493 EVP_PKEY_CTX *pctx = NULL;
494 EVP_PKEY *pkey = NULL;
495 int testresult = 0;
496
497 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, keytype, NULL)))
498 goto err;
2db985b7
SL		 499 if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
500 || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
501 params), 0))
b8a1272d
MC		 502 goto err;
503
504 if (!TEST_ptr(pkey))
505 goto err;
506
507 testresult = 1;
508 err:
509 EVP_PKEY_free(pkey);
510 EVP_PKEY_CTX_free(pctx);
511
512 return testresult;
513}
514#endif /* !OPENSSL_NO_DH || !OPENSSL_NO_DSA || !OPENSSL_NO_EC */
515
2c04b341 516/*
8a9394c1 517 * Test combinations of private, public, missing and private + public key
2c04b341
JS		 518 * params to ensure they are all accepted
519 */
b8a1272d 520#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA)
2c04b341
JS		 521static int test_EVP_PKEY_ffc_priv_pub(char *keytype)
522{
523 OSSL_PARAM_BLD *bld = NULL;
524 OSSL_PARAM *params = NULL;
525 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
2c04b341
JS		 526 int ret = 0;
527
528 /*
529 * Setup the parameters for our pkey object. For our purposes they don't
530 * have to actually be *valid* parameters. We just need to set something.
531 */
b8a1272d 532 if (!TEST_ptr(p = BN_new())
2c04b341
JS		 533 || !TEST_ptr(q = BN_new())
534 || !TEST_ptr(g = BN_new())
535 || !TEST_ptr(pub = BN_new())
536 || !TEST_ptr(priv = BN_new()))
537 goto err;
538
539 /* Test !priv and !pub */
540 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
541 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
542 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
543 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)))
544 goto err;
545 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
546 goto err;
547
b8a1272d 548 if (!test_fromdata(keytype, params))
2c04b341 549 goto err;
2c04b341
JS		 550 OSSL_PARAM_BLD_free_params(params);
551 OSSL_PARAM_BLD_free(bld);
552
553 /* Test priv and !pub */
554 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
555 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
556 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
557 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
558 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
559 priv)))
560 goto err;
561 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
562 goto err;
563
b8a1272d 564 if (!test_fromdata(keytype, params))
2c04b341 565 goto err;
2c04b341
JS		 566 OSSL_PARAM_BLD_free_params(params);
567 OSSL_PARAM_BLD_free(bld);
568
569 /* Test !priv and pub */
570 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
571 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
572 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
573 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
574 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
575 pub)))
576 goto err;
577 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
578 goto err;
579
b8a1272d 580 if (!test_fromdata(keytype, params))
2c04b341 581 goto err;
2c04b341
JS		 582 OSSL_PARAM_BLD_free_params(params);
583 OSSL_PARAM_BLD_free(bld);
584
585 /* Test priv and pub */
586 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
587 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
588 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
589 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
590 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
591 pub))
592 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
593 priv)))
594 goto err;
595 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
596 goto err;
597
b8a1272d 598 if (!test_fromdata(keytype, params))
2c04b341
JS		 599 goto err;
600
601 ret = 1;
602 err:
2c04b341
JS		 603 OSSL_PARAM_BLD_free_params(params);
604 OSSL_PARAM_BLD_free(bld);
605 BN_free(p);
606 BN_free(q);
607 BN_free(g);
608 BN_free(pub);
609 BN_free(priv);
610
611 return ret;
612}
8a9394c1 613#endif /* !OPENSSL_NO_DH || !OPENSSL_NO_DSA */
2c04b341 614
b8a1272d
MC		 615/*
616 * Test combinations of private, public, missing and private + public key
617 * params to ensure they are all accepted for EC keys
618 */
619#ifndef OPENSSL_NO_EC
620static unsigned char ec_priv[] = {
621 0xe9, 0x25, 0xf7, 0x66, 0x58, 0xa4, 0xdd, 0x99, 0x61, 0xe7, 0xe8, 0x23,
622 0x85, 0xc2, 0xe8, 0x33, 0x27, 0xc5, 0x5c, 0xeb, 0xdb, 0x43, 0x9f, 0xd5,
623 0xf2, 0x5a, 0x75, 0x55, 0xd0, 0x2e, 0x6d, 0x16
624};
625static unsigned char ec_pub[] = {
626 0x04, 0xad, 0x11, 0x90, 0x77, 0x4b, 0x46, 0xee, 0x72, 0x51, 0x15, 0x97,
627 0x4a, 0x6a, 0xa7, 0xaf, 0x59, 0xfa, 0x4b, 0xf2, 0x41, 0xc8, 0x3a, 0x81,
628 0x23, 0xb6, 0x90, 0x04, 0x6c, 0x67, 0x66, 0xd0, 0xdc, 0xf2, 0x15, 0x1d,
629 0x41, 0x61, 0xb7, 0x95, 0x85, 0x38, 0x5a, 0x84, 0x56, 0xe8, 0xb3, 0x0e,
630 0xf5, 0xc6, 0x5d, 0xa4, 0x54, 0x26, 0xb0, 0xf7, 0xa5, 0x4a, 0x33, 0xf1,
631 0x08, 0x09, 0xb8, 0xdb, 0x03
632};
633
634static int test_EC_priv_pub(void)
635{
636 OSSL_PARAM_BLD *bld = NULL;
637 OSSL_PARAM *params = NULL;
638 BIGNUM *priv = NULL;
639 int ret = 0;
640
641 /*
642 * Setup the parameters for our pkey object. For our purposes they don't
643 * have to actually be *valid* parameters. We just need to set something.
644 */
645 if (!TEST_ptr(priv = BN_bin2bn(ec_priv, sizeof(ec_priv), NULL)))
646 goto err;
647
648 /* Test !priv and !pub */
649 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
650 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
651 OSSL_PKEY_PARAM_GROUP_NAME,
652 "P-256", 0)))
653 goto err;
654 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
655 goto err;
656
657 if (!test_fromdata("EC", params))
658 goto err;
659 OSSL_PARAM_BLD_free_params(params);
660 OSSL_PARAM_BLD_free(bld);
661
662 /* Test priv and !pub */
663 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
664 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
665 OSSL_PKEY_PARAM_GROUP_NAME,
666 "P-256", 0))
667 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
668 priv)))
669 goto err;
670 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
671 goto err;
672
673 if (!test_fromdata("EC", params))
674 goto err;
675 OSSL_PARAM_BLD_free_params(params);
676 OSSL_PARAM_BLD_free(bld);
677
678 /* Test !priv and pub */
679 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
680 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
681 OSSL_PKEY_PARAM_GROUP_NAME,
682 "P-256", 0))
683 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
684 OSSL_PKEY_PARAM_PUB_KEY,
685 ec_pub, sizeof(ec_pub))))
686 goto err;
687 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
688 goto err;
689
690 if (!test_fromdata("EC", params))
691 goto err;
692 OSSL_PARAM_BLD_free_params(params);
693 OSSL_PARAM_BLD_free(bld);
694
695 /* Test priv and pub */
696 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
697 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
698 OSSL_PKEY_PARAM_GROUP_NAME,
699 "P-256", 0))
700 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
701 OSSL_PKEY_PARAM_PUB_KEY,
702 ec_pub, sizeof(ec_pub)))
703 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
704 OSSL_PKEY_PARAM_PUB_KEY,
705 ec_pub, sizeof(ec_pub))))
706 goto err;
707 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
708 goto err;
709
710 if (!test_fromdata("EC", params))
711 goto err;
712
713 ret = 1;
714 err:
715 OSSL_PARAM_BLD_free_params(params);
716 OSSL_PARAM_BLD_free(bld);
717 BN_free(priv);
718
719 return ret;
720}
721
722/* Test that using a legacy EC key with only a private key in it works */
723# ifndef OPENSSL_NO_DEPRECATED_3_0
724static int test_EC_priv_only_legacy(void)
725{
726 BIGNUM *priv = NULL;
727 int ret = 0;
728 EC_KEY *eckey = NULL;
729 EVP_PKEY *pkey = NULL;
730 EVP_MD_CTX *ctx = NULL;
731
732 /* Create the low level EC_KEY */
733 if (!TEST_ptr(priv = BN_bin2bn(ec_priv, sizeof(ec_priv), NULL)))
734 goto err;
735
736 eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
737 if (!TEST_ptr(eckey))
738 goto err;
739
740 if (!TEST_true(EC_KEY_set_private_key(eckey, priv)))
741 goto err;
742
743 pkey = EVP_PKEY_new();
744 if (!TEST_ptr(pkey))
745 goto err;
746
747 if (!TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
748 goto err;
749 eckey = NULL;
750
751 ctx = EVP_MD_CTX_new();
752 if (!TEST_ptr(ctx))
753 goto err;
754
755 /*
756 * The EVP_DigestSignInit function should create the key on the provider
757 * side which is sufficient for this test.
758 */
759 if (!TEST_true(EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey)))
760 goto err;
761
762 ret = 1;
763
764 err:
765 EVP_MD_CTX_free(ctx);
766 EVP_PKEY_free(pkey);
767 EC_KEY_free(eckey);
768 BN_free(priv);
769
770 return ret;
771}
772# endif /* OPENSSL_NO_DEPRECATED_3_0 */
773#endif /* OPENSSL_NO_EC */
774
2eb2b4f3
SL		 775static int test_EVP_Enveloped(void)
776{
777 int ret = 0;
778 EVP_CIPHER_CTX *ctx = NULL;
779 EVP_PKEY *keypair = NULL;
780 unsigned char *kek = NULL;
781 unsigned char iv[EVP_MAX_IV_LENGTH];
782 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
783 int len, kek_len, ciphertext_len, plaintext_len;
784 unsigned char ciphertext[32], plaintext[16];
785 const EVP_CIPHER *type = EVP_aes_256_cbc();
786
787 if (!TEST_ptr(keypair = load_example_rsa_key())
788 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
789 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
790 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
791 &keypair, 1))
792 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
793 msg, sizeof(msg)))
794 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
795 &len)))
796 goto err;
797
798 ciphertext_len += len;
799
800 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
801 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
802 ciphertext, ciphertext_len))
803 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
804 goto err;
805
806 plaintext_len += len;
807 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
808 goto err;
809
810 ret = 1;
811err:
812 OPENSSL_free(kek);
813 EVP_PKEY_free(keypair);
814 EVP_CIPHER_CTX_free(ctx);
815 return ret;
816}
817
59d0e6c8 818/*
6d242fa5
MC		 819 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
820 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
821 * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
822 * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
823 * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
824 * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
825 * Test 6: Use an MD BIO to do the Update calls instead (RSA)
826 * Test 7: Use an MD BIO to do the Update calls instead (DSA)
827 * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
59d0e6c8
MC		 828 */
829static int test_EVP_DigestSignInit(int tst)
71ea6b48
MC		 830{
831 int ret = 0;
832 EVP_PKEY *pkey = NULL;
833 unsigned char *sig = NULL;
834 size_t sig_len = 0;
59d0e6c8
MC		 835 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
836 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
837 BIO *mdbio = NULL, *membio = NULL;
838 size_t written;
6d242fa5
MC		 839 const EVP_MD *md;
840 EVP_MD *mdexp = NULL;
59d0e6c8 841
6d242fa5 842 if (tst >= 6) {
59d0e6c8
MC		 843 membio = BIO_new(BIO_s_mem());
844 mdbio = BIO_new(BIO_f_md());
845 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
846 goto out;
847 BIO_push(mdbio, membio);
848 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
849 goto out;
850 } else {
851 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
852 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
853 goto out;
854 }
71ea6b48 855
6d242fa5 856 if (tst == 0 || tst == 3 || tst == 6) {
59d0e6c8
MC		 857 if (!TEST_ptr(pkey = load_example_rsa_key()))
858 goto out;
6d242fa5 859 } else if (tst == 1 || tst == 4 || tst == 7) {
f650ab47 860#ifndef OPENSSL_NO_DSA
59d0e6c8
MC		 861 if (!TEST_ptr(pkey = load_example_dsa_key()))
862 goto out;
f650ab47
MC		 863#else
864 ret = 1;
865 goto out;
866#endif
6d242fa5
MC		 867 } else {
868 if (!TEST_ptr(pkey = load_example_hmac_key()))
869 goto out;
59d0e6c8 870 }
71ea6b48 871
6d242fa5
MC		 872 if (tst >= 3 && tst <= 5)
873 md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
874 else
875 md = EVP_sha256();
876
877 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
71ea6b48 878 goto out;
adcd8e37 879
6d242fa5 880 if (tst >= 6) {
59d0e6c8
MC		 881 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
882 goto out;
883 } else {
884 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
885 goto out;
886 }
887
71ea6b48 888 /* Determine the size of the signature. */
adcd8e37 889 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
0a054d2a 890 || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
adcd8e37 891 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
71ea6b48 892 goto out;
71ea6b48 893
6d242fa5 894 if (tst >= 6) {
59d0e6c8
MC		 895 if (!TEST_int_gt(BIO_reset(mdbio), 0)
896 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
897 goto out;
898 }
899
6d242fa5
MC		 900 /*
901 * Ensure that the signature round-trips (Verification isn't supported for
902 * HMAC via EVP_DigestVerify*)
903 */
904 if (tst != 2 && tst != 5 && tst != 8) {
905 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
906 NULL, pkey)))
59d0e6c8 907 goto out;
6d242fa5
MC		 908
909 if (tst >= 6) {
910 if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
911 goto out;
912 } else {
913 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
914 sizeof(kMsg))))
915 goto out;
916 }
917 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
59d0e6c8
MC		 918 goto out;
919 }
71ea6b48
MC		 920
921 ret = 1;
922
923 out:
59d0e6c8
MC		 924 BIO_free(membio);
925 BIO_free(mdbio);
926 EVP_MD_CTX_free(a_md_ctx);
927 EVP_MD_CTX_free(a_md_ctx_verify);
c5ba2d99 928 EVP_PKEY_free(pkey);
b548a1f1 929 OPENSSL_free(sig);
6d242fa5 930 EVP_MD_free(mdexp);
71ea6b48
MC		 931
932 return ret;
933}
934
935static int test_EVP_DigestVerifyInit(void)
936{
937 int ret = 0;
938 EVP_PKEY *pkey = NULL;
adcd8e37 939 EVP_MD_CTX *md_ctx = NULL;
71ea6b48 940
adcd8e37
RS		 941 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
942 || !TEST_ptr(pkey = load_example_rsa_key()))
943 goto out;
71ea6b48 944
adcd8e37
RS		 945 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
946 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
947 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
948 sizeof(kSignature))))
71ea6b48 949 goto out;
71ea6b48
MC		 950 ret = 1;
951
952 out:
bfb0641f 953 EVP_MD_CTX_free(md_ctx);
c5ba2d99 954 EVP_PKEY_free(pkey);
71ea6b48
MC		 955 return ret;
956}
957
8d8dd09b
TM		 958/*
959 * Test corner cases of EVP_DigestInit/Update/Final API call behavior.
960 */
961static int test_EVP_Digest(void)
962{
963 int ret = 0;
964 EVP_MD_CTX *md_ctx = NULL;
965 unsigned char md[EVP_MAX_MD_SIZE];
966
967 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
968 goto out;
969
970 if (!TEST_true(EVP_DigestInit_ex(md_ctx, EVP_sha256(), NULL))
971 || !TEST_true(EVP_DigestUpdate(md_ctx, kMsg, sizeof(kMsg)))
972 || !TEST_true(EVP_DigestFinal(md_ctx, md, NULL))
973 /* EVP_DigestFinal resets the EVP_MD_CTX. */
974 || !TEST_ptr_eq(EVP_MD_CTX_md(md_ctx), NULL))
975 goto out;
976
977 if (!TEST_true(EVP_DigestInit_ex(md_ctx, EVP_sha256(), NULL))
978 || !TEST_true(EVP_DigestUpdate(md_ctx, kMsg, sizeof(kMsg)))
979 || !TEST_true(EVP_DigestFinal_ex(md_ctx, md, NULL))
980 /* EVP_DigestFinal_ex does not reset the EVP_MD_CTX. */
981 || !TEST_ptr(EVP_MD_CTX_md(md_ctx))
982 /*
983 * EVP_DigestInit_ex with NULL type should work on
984 * pre-initialized context.
985 */
986 || !TEST_true(EVP_DigestInit_ex(md_ctx, NULL, NULL)))
987 goto out;
988
989 if (!TEST_true(EVP_DigestInit_ex(md_ctx, EVP_shake256(), NULL))
990 || !TEST_true(EVP_DigestUpdate(md_ctx, kMsg, sizeof(kMsg)))
991 || !TEST_true(EVP_DigestFinalXOF(md_ctx, md, sizeof(md)))
992 /* EVP_DigestFinalXOF does not reset the EVP_MD_CTX. */
993 || !TEST_ptr(EVP_MD_CTX_md(md_ctx))
994 || !TEST_true(EVP_DigestInit_ex(md_ctx, NULL, NULL)))
995 goto out;
996 ret = 1;
997
998 out:
999 EVP_MD_CTX_free(md_ctx);
1000 return ret;
1001}
1002
adcd8e37 1003static int test_d2i_AutoPrivateKey(int i)
71ea6b48
MC		 1004{
1005 int ret = 0;
1006 const unsigned char *p;
1007 EVP_PKEY *pkey = NULL;
adcd8e37
RS		 1008 const APK_DATA *ak = &keydata[i];
1009 const unsigned char *input = ak->kder;
1010 size_t input_len = ak->size;
1011 int expected_id = ak->evptype;
71ea6b48
MC		 1012
1013 p = input;
adcd8e37
RS		 1014 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1015 || !TEST_ptr_eq(p, input + input_len)
1016 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
71ea6b48 1017 goto done;
71ea6b48
MC		 1018
1019 ret = 1;
1020
1021 done:
c5ba2d99 1022 EVP_PKEY_free(pkey);
71ea6b48
MC		 1023 return ret;
1024}
1025
a9880362 1026#ifndef OPENSSL_NO_EC
cad8347b
SL		 1027
1028static const unsigned char ec_public_sect163k1_validxy[] = {
1029 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
1030 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
1031 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
1032 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
1033 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
1034 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
1035};
1036
1037static const unsigned char ec_public_sect163k1_badx[] = {
1038 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
1039 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
1040 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
1041 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
1042 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
1043 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
1044};
1045
1046static const unsigned char ec_public_sect163k1_bady[] = {
1047 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
1048 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
1049 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
1050 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
1051 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
1052 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
1053};
1054
1055static struct ec_der_pub_keys_st {
1056 const unsigned char *der;
1057 size_t len;
1058 int valid;
1059} ec_der_pub_keys[] = {
1060 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
1061 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
1062 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
1063};
1064
1065/*
1066 * Tests the range of the decoded EC char2 public point.
1067 * See ec_GF2m_simple_oct2point().
1068 */
1069static int test_invalide_ec_char2_pub_range_decode(int id)
1070{
1071 int ret = 0;
5b5eea4b 1072 EVP_PKEY *pkey;
cad8347b 1073
5b5eea4b
SL		 1074 pkey = load_example_key("EC", ec_der_pub_keys[id].der,
1075 ec_der_pub_keys[id].len);
1076
1077 ret = (ec_der_pub_keys[id].valid && TEST_ptr(pkey))
1078 || TEST_ptr_null(pkey);
1079 EVP_PKEY_free(pkey);
cad8347b
SL		 1080 return ret;
1081}
1082
71ea6b48
MC		 1083/* Tests loading a bad key in PKCS8 format */
1084static int test_EVP_PKCS82PKEY(void)
1085{
1086 int ret = 0;
1087 const unsigned char *derp = kExampleBadECKeyDER;
1088 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
1089 EVP_PKEY *pkey = NULL;
1090
adcd8e37
RS		 1091 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
1092 sizeof(kExampleBadECKeyDER))))
1093 goto done;
71ea6b48 1094
adcd8e37
RS		 1095 if (!TEST_ptr_eq(derp,
1096 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
71ea6b48 1097 goto done;
71ea6b48 1098
adcd8e37 1099 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
71ea6b48 1100 goto done;
71ea6b48
MC		 1101
1102 ret = 1;
1103
1104 done:
e0e920b1 1105 PKCS8_PRIV_KEY_INFO_free(p8inf);
c5ba2d99 1106 EVP_PKEY_free(pkey);
71ea6b48
MC		 1107
1108 return ret;
1109}
a9880362 1110#endif
71ea6b48 1111
29c49b25
RL		 1112/* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */
1113static int test_privatekey_to_pkcs8(void)
1114{
1115 EVP_PKEY *pkey = NULL;
1116 BIO *membio = NULL;
1117 char *membuf = NULL;
e2cc68c8 1118 long membuf_len = 0;
29c49b25
RL		 1119 int ok = 0;
1120
1121 if (!TEST_ptr(membio = BIO_new(BIO_s_mem()))
1122 || !TEST_ptr(pkey = load_example_rsa_key())
1123 || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL,
1124 NULL, 0, NULL, NULL),
1125 0)
e2cc68c8
SL		 1126 || !TEST_int_gt(membuf_len = BIO_get_mem_data(membio, &membuf), 0)
1127 || !TEST_ptr(membuf)
1128 || !TEST_mem_eq(membuf, (size_t)membuf_len,
29c49b25
RL		 1129 kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8))
1130 /*
1131 * We try to write PEM as well, just to see that it doesn't err, but
1132 * assume that the result is correct.
1133 */
1134 || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL,
1135 NULL, 0, NULL, NULL),
1136 0))
1137 goto done;
1138
1139 ok = 1;
1140 done:
1141 EVP_PKEY_free(pkey);
1142 BIO_free_all(membio);
1143 return ok;
1144}
1145
f0c62c53
RL		 1146#ifndef OPENSSL_NO_EC
1147static const struct {
1148 int encoding;
1149 const char *encoding_name;
1150} ec_encodings[] = {
1151 { OPENSSL_EC_EXPLICIT_CURVE, OSSL_PKEY_EC_ENCODING_EXPLICIT },
1152 { OPENSSL_EC_NAMED_CURVE, OSSL_PKEY_EC_ENCODING_GROUP }
1153};
1154
1155static int ec_export_get_encoding_cb(const OSSL_PARAM params[], void *arg)
1156{
1157 const OSSL_PARAM *p;
1158 const char *enc_name = NULL;
1159 int *enc = arg;
1160 size_t i;
1161
1162 *enc = -1;
1163
1164 if (!TEST_ptr(p = OSSL_PARAM_locate_const(params,
1165 OSSL_PKEY_PARAM_EC_ENCODING))
1166 || !TEST_true(OSSL_PARAM_get_utf8_string_ptr(p, &enc_name)))
1167 return 0;
1168
1169 for (i = 0; i < OSSL_NELEM(ec_encodings); i++) {
1170 if (strcasecmp(enc_name, ec_encodings[i].encoding_name) == 0) {
1171 *enc = ec_encodings[i].encoding;
1172 break;
1173 }
1174 }
1175
1176 return (*enc != -1);
1177}
1178
1179static int test_EC_keygen_with_enc(int idx)
1180{
1181 EVP_PKEY *params = NULL, *key = NULL;
1182 EVP_PKEY_CTX *pctx = NULL, *kctx = NULL;
1183 int enc;
1184 int ret = 0;
1185
1186 enc = ec_encodings[idx].encoding;
1187
1188 /* Create key parameters */
1189 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "EC", NULL))
1190 || !TEST_true(EVP_PKEY_paramgen_init(pctx))
1191 || !TEST_true(EVP_PKEY_CTX_set_group_name(pctx, "P-256"))
1192 || !TEST_true(EVP_PKEY_CTX_set_ec_param_enc(pctx, enc))
1193 || !TEST_true(EVP_PKEY_paramgen(pctx, &params))
1194 || !TEST_ptr(params))
1195 goto done;
1196
1197 /* Create key */
1198 if (!TEST_ptr(kctx = EVP_PKEY_CTX_new_from_pkey(testctx, params, NULL))
1199 || !TEST_true(EVP_PKEY_keygen_init(kctx))
1200 || !TEST_true(EVP_PKEY_keygen(kctx, &key))
1201 || !TEST_ptr(key))
1202 goto done;
1203
1204 /* Check that the encoding got all the way into the key */
1205 if (!TEST_true(evp_keymgmt_util_export(key, OSSL_KEYMGMT_SELECT_ALL,
1206 ec_export_get_encoding_cb, &enc))
1207 || !TEST_int_eq(enc, ec_encodings[idx].encoding))
1208 goto done;
1209
1210 ret = 1;
1211 done:
1212 EVP_PKEY_free(key);
1213 EVP_PKEY_free(params);
1214 EVP_PKEY_CTX_free(kctx);
1215 EVP_PKEY_CTX_free(pctx);
1216 return ret;
1217}
1218#endif
1219
f844f9eb 1220#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
ddb634fe 1221
a6c4cb84
JL		 1222static int test_EVP_SM2_verify(void)
1223{
a6c4cb84 1224 const char *pubkey =
d0b79f86
PY		 1225 "-----BEGIN PUBLIC KEY-----\n"
1226 "MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEp1KLWq1ZE2jmoAnnBJE1LBGxVr18\n"
1227 "YvvqECWCpXfAQ9qUJ+UmthnUPf0iM3SaXKHe6PlLIDyNlWMWb9RUh/yU3g==\n"
1228 "-----END PUBLIC KEY-----\n";
a6c4cb84
JL		 1229
1230 const char *msg = "message digest";
1231 const char *id = "ALICE123@YAHOO.COM";
1232
1233 const uint8_t signature[] = {
d0b79f86
PY		 1234 0x30, 0x44, 0x02, 0x20, 0x5b, 0xdb, 0xab, 0x81, 0x4f, 0xbb,
1235 0x8b, 0x69, 0xb1, 0x05, 0x9c, 0x99, 0x3b, 0xb2, 0x45, 0x06,
1236 0x4a, 0x30, 0x15, 0x59, 0x84, 0xcd, 0xee, 0x30, 0x60, 0x36,
1237 0x57, 0x87, 0xef, 0x5c, 0xd0, 0xbe, 0x02, 0x20, 0x43, 0x8d,
1238 0x1f, 0xc7, 0x77, 0x72, 0x39, 0xbb, 0x72, 0xe1, 0xfd, 0x07,
1239 0x58, 0xd5, 0x82, 0xc8, 0x2d, 0xba, 0x3b, 0x2c, 0x46, 0x24,
1240 0xe3, 0x50, 0xff, 0x04, 0xc7, 0xa0, 0x71, 0x9f, 0xa4, 0x70
a6c4cb84
JL		 1241 };
1242
1243 int rc = 0;
1244 BIO *bio = NULL;
1245 EVP_PKEY *pkey = NULL;
1246 EVP_MD_CTX *mctx = NULL;
1247 EVP_PKEY_CTX *pctx = NULL;
1248
1249 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
1250 if (!TEST_true(bio != NULL))
1251 goto done;
1252
1253 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
1254 if (!TEST_true(pkey != NULL))
1255 goto done;
1256
8a288609 1257 if (!TEST_true(EVP_PKEY_is_a(pkey, "SM2")))
a6c4cb84
JL		 1258 goto done;
1259
1260 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
1261 goto done;
1262
1263 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
1264 goto done;
1265
a6c4cb84
JL		 1266 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
1267
1268 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
1269 goto done;
1270
d0b79f86
PY		 1271 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, id, strlen(id)), 0))
1272 goto done;
1273
a6c4cb84
JL		 1274 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
1275 goto done;
1276
1277 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
1278 goto done;
1279 rc = 1;
1280
1281 done:
1282 BIO_free(bio);
1283 EVP_PKEY_free(pkey);
1284 EVP_PKEY_CTX_free(pctx);
1285 EVP_MD_CTX_free(mctx);
1286 return rc;
1287}
1288
ddb634fe
JL		 1289static int test_EVP_SM2(void)
1290{
1291 int ret = 0;
1292 EVP_PKEY *pkey = NULL;
bfb56a97 1293 EVP_PKEY *pkeyparams = NULL;
ddb634fe
JL		 1294 EVP_PKEY_CTX *pctx = NULL;
1295 EVP_PKEY_CTX *kctx = NULL;
4803717f 1296 EVP_PKEY_CTX *sctx = NULL;
ddb634fe
JL		 1297 size_t sig_len = 0;
1298 unsigned char *sig = NULL;
1299 EVP_MD_CTX *md_ctx = NULL;
1300 EVP_MD_CTX *md_ctx_verify = NULL;
1301 EVP_PKEY_CTX *cctx = NULL;
1302
1303 uint8_t ciphertext[128];
1304 size_t ctext_len = sizeof(ciphertext);
1305
1306 uint8_t plaintext[8];
1307 size_t ptext_len = sizeof(plaintext);
1308
4803717f
PY		 1309 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
1310
bfb56a97
MC		 1311 OSSL_PARAM sparams[2] = {OSSL_PARAM_END, OSSL_PARAM_END};
1312 OSSL_PARAM gparams[2] = {OSSL_PARAM_END, OSSL_PARAM_END};
1313 int i;
1314 char mdname[20];
1315
d0b79f86 1316 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);
ddb634fe
JL		 1317 if (!TEST_ptr(pctx))
1318 goto done;
1319
1320 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
1321 goto done;
1322
d0b79f86 1323 /* TODO is this even needed? */
ddb634fe
JL		 1324 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
1325 goto done;
1326
bfb56a97 1327 if (!TEST_true(EVP_PKEY_paramgen(pctx, &pkeyparams)))
ddb634fe
JL		 1328 goto done;
1329
bfb56a97 1330 kctx = EVP_PKEY_CTX_new(pkeyparams, NULL);
ddb634fe
JL		 1331 if (!TEST_ptr(kctx))
1332 goto done;
1333
1334 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
1335 goto done;
1336
1337 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
1338 goto done;
1339
ddb634fe
JL		 1340 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
1341 goto done;
1342
1343 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
1344 goto done;
1345
4803717f
PY		 1346 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
1347 goto done;
1348
1349 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
1350 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
1351
d0b79f86 1352 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
4803717f
PY		 1353 goto done;
1354
d0b79f86 1355 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
ddb634fe
JL		 1356 goto done;
1357
1358 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
1359 goto done;
1360
1361 /* Determine the size of the signature. */
1362 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
1363 goto done;
1364
ddb634fe
JL		 1365 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
1366 goto done;
1367
1368 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
1369 goto done;
1370
1371 /* Ensure that the signature round-trips. */
1372
1373 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
1374 goto done;
1375
d0b79f86
PY		 1376 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1377 goto done;
1378
ddb634fe
JL		 1379 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
1380 goto done;
1381
1382 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
1383 goto done;
1384
1385 /* now check encryption/decryption */
1386
bfb56a97
MC		 1387 gparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_DIGEST,
1388 mdname, sizeof(mdname));
1389 for (i = 0; i < 2; i++) {
1390 EVP_PKEY_CTX_free(cctx);
ddb634fe 1391
bfb56a97
MC		 1392 sparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_DIGEST,
1393 i == 0 ? "SM3" : "SHA2-256",
1394 0);
ddb634fe 1395
bfb56a97
MC		 1396 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
1397 goto done;
ddb634fe 1398
bfb56a97
MC		 1399 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
1400 goto done;
ddb634fe 1401
bfb56a97
MC		 1402 if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))
1403 goto done;
ddb634fe 1404
bfb56a97
MC		 1405 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg,
1406 sizeof(kMsg))))
1407 goto done;
ddb634fe 1408
bfb56a97
MC		 1409 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
1410 goto done;
1411
1412 if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))
1413 goto done;
1414
1415 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext,
1416 ctext_len)))
1417 goto done;
1418
1419 if (!TEST_true(EVP_PKEY_CTX_get_params(cctx, gparams)))
1420 goto done;
1421
1422 /* Test we're still using the digest we think we are */
1423 if (i == 0 && !TEST_int_eq(strcmp(mdname, "SM3"), 0))
1424 goto done;
1425 if (i == 1 && !TEST_int_eq(strcmp(mdname, "SHA2-256"), 0))
1426 goto done;
1427
1428 if (!TEST_true(ptext_len == sizeof(kMsg)))
1429 goto done;
1430
1431 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
1432 goto done;
1433 }
ddb634fe
JL		 1434
1435 ret = 1;
1436done:
1437 EVP_PKEY_CTX_free(pctx);
1438 EVP_PKEY_CTX_free(kctx);
4803717f 1439 EVP_PKEY_CTX_free(sctx);
ddb634fe
JL		 1440 EVP_PKEY_CTX_free(cctx);
1441 EVP_PKEY_free(pkey);
bfb56a97 1442 EVP_PKEY_free(pkeyparams);
ddb634fe
JL		 1443 EVP_MD_CTX_free(md_ctx);
1444 EVP_MD_CTX_free(md_ctx_verify);
1445 OPENSSL_free(sig);
1446 return ret;
1447}
1448
1449#endif
1450
bb5f281a
MC		 1451static struct keys_st {
1452 int type;
1453 char *priv;
1454 char *pub;
1455} keys[] = {
1456 {
1457 EVP_PKEY_HMAC, "0123456789", NULL
1458 }, {
1459 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
1460 }, {
1461 EVP_PKEY_SIPHASH, "0123456789012345", NULL
896dcb80
MC		 1462 },
1463#ifndef OPENSSL_NO_EC
1464 {
bb5f281a
MC		 1465 EVP_PKEY_X25519, "01234567890123456789012345678901",
1466 "abcdefghijklmnopqrstuvwxyzabcdef"
1467 }, {
1468 EVP_PKEY_ED25519, "01234567890123456789012345678901",
1469 "abcdefghijklmnopqrstuvwxyzabcdef"
1470 }, {
1471 EVP_PKEY_X448,
1472 "01234567890123456789012345678901234567890123456789012345",
1473 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
1474 }, {
1475 EVP_PKEY_ED448,
1476 "012345678901234567890123456789012345678901234567890123456",
1477 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
1478 }
896dcb80 1479#endif
bb5f281a
MC		 1480};
1481
86dc26ba 1482static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
bb5f281a
MC		 1483{
1484 int ret = 0;
1485 unsigned char buf[80];
1486 unsigned char *in;
1487 size_t inlen, len = 0;
1488 EVP_PKEY *pkey;
1489
1490 /* Check if this algorithm supports public keys */
1491 if (keys[tst].pub == NULL)
1492 return 1;
1493
1494 memset(buf, 0, sizeof(buf));
1495
1496 if (pub) {
1497 inlen = strlen(keys[tst].pub);
1498 in = (unsigned char *)keys[tst].pub;
86dc26ba 1499 if (uselibctx) {
d8652be0 1500 pkey = EVP_PKEY_new_raw_public_key_ex(
86dc26ba
MC		 1501 testctx,
1502 OBJ_nid2sn(keys[tst].type),
1503 NULL,
1504 in,
1505 inlen);
1506 } else {
1507 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
1508 NULL,
1509 in,
1510 inlen);
1511 }
bb5f281a
MC		 1512 } else {
1513 inlen = strlen(keys[tst].priv);
1514 in = (unsigned char *)keys[tst].priv;
86dc26ba 1515 if (uselibctx) {
d8652be0 1516 pkey = EVP_PKEY_new_raw_private_key_ex(
86dc26ba
MC		 1517 testctx, OBJ_nid2sn(keys[tst].type),
1518 NULL,
1519 in,
1520 inlen);
1521 } else {
1522 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1523 NULL,
1524 in,
1525 inlen);
1526 }
bb5f281a
MC		 1527 }
1528
1529 if (!TEST_ptr(pkey)
1530 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1531 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1532 || !TEST_true(len == inlen)
1533 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1534 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1535 || !TEST_mem_eq(in, inlen, buf, len))
1536 goto done;
1537
1538 ret = 1;
1539 done:
1540 EVP_PKEY_free(pkey);
1541 return ret;
1542}
1543
1544static int test_set_get_raw_keys(int tst)
1545{
86dc26ba
MC		 1546 return test_set_get_raw_keys_int(tst, 0, 0)
1547 && test_set_get_raw_keys_int(tst, 0, 1)
1548 && test_set_get_raw_keys_int(tst, 1, 0)
1549 && test_set_get_raw_keys_int(tst, 1, 1);
bb5f281a
MC		 1550}
1551
41bbba53 1552#ifndef OPENSSL_NO_DEPRECATED_3_0
2aee35d3
PY		 1553static int pkey_custom_check(EVP_PKEY *pkey)
1554{
1555 return 0xbeef;
1556}
1557
b0004708
PY		 1558static int pkey_custom_pub_check(EVP_PKEY *pkey)
1559{
1560 return 0xbeef;
1561}
1562
1563static int pkey_custom_param_check(EVP_PKEY *pkey)
1564{
1565 return 0xbeef;
1566}
1567
2aee35d3 1568static EVP_PKEY_METHOD *custom_pmeth;
41bbba53 1569#endif
2aee35d3
PY		 1570
1571static int test_EVP_PKEY_check(int i)
1572{
1573 int ret = 0;
2aee35d3
PY		 1574 EVP_PKEY *pkey = NULL;
1575 EVP_PKEY_CTX *ctx = NULL;
41bbba53 1576#ifndef OPENSSL_NO_DEPRECATED_3_0
2aee35d3 1577 EVP_PKEY_CTX *ctx2 = NULL;
41bbba53 1578#endif
2aee35d3
PY		 1579 const APK_DATA *ak = &keycheckdata[i];
1580 const unsigned char *input = ak->kder;
1581 size_t input_len = ak->size;
1582 int expected_id = ak->evptype;
1583 int expected_check = ak->check;
b0004708
PY		 1584 int expected_pub_check = ak->pub_check;
1585 int expected_param_check = ak->param_check;
1586 int type = ak->type;
b0004708 1587
5b5eea4b
SL		 1588 if (!TEST_ptr(pkey = load_example_key(ak->keytype, input, input_len)))
1589 goto done;
1590 if (type == 0
1591 && !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1592 goto done;
2aee35d3
PY		 1593
1594 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1595 goto done;
1596
b0004708
PY		 1597 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1598 goto done;
1599
1600 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1601 goto done;
1602
1603 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1604 goto done;
2aee35d3 1605
41bbba53 1606#ifndef OPENSSL_NO_DEPRECATED_3_0
2aee35d3
PY		 1607 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1608 /* assign the pkey directly, as an internal test */
1609 EVP_PKEY_up_ref(pkey);
1610 ctx2->pkey = pkey;
1611
1612 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1613 goto done;
1614
b0004708
PY		 1615 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1616 goto done;
1617
1618 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1619 goto done;
41bbba53 1620#endif
b0004708 1621
2aee35d3
PY		 1622 ret = 1;
1623
1624 done:
1625 EVP_PKEY_CTX_free(ctx);
41bbba53 1626#ifndef OPENSSL_NO_DEPRECATED_3_0
2aee35d3 1627 EVP_PKEY_CTX_free(ctx2);
41bbba53 1628#endif
2aee35d3
PY		 1629 EVP_PKEY_free(pkey);
1630 return ret;
1631}
1632
fab8fde3 1633#ifndef OPENSSL_NO_CMAC
e5bc0ce2
MC		 1634static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
1635{
1636 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
1637 const char msg[] = "Hello World";
1638 size_t maclen;
1639 int ret = 1;
1640
1641 if (!TEST_ptr(mdctx)
1642 || !TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey))
1643 || !TEST_true(EVP_DigestSignUpdate(mdctx, msg, sizeof(msg)))
1644 || !TEST_true(EVP_DigestSignFinal(mdctx, mac, &maclen))
1645 || !TEST_size_t_eq(maclen, AES_BLOCK_SIZE))
1646 ret = 0;
1647
1648 EVP_MD_CTX_free(mdctx);
1649
1650 return ret;
1651}
a87820e1
RL		 1652static int test_CMAC_keygen(void)
1653{
e5bc0ce2
MC		 1654 static unsigned char key[] = {
1655 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1656 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1657 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
1658 };
a87820e1
RL		 1659 /*
1660 * This is a legacy method for CMACs, but should still work.
1661 * This verifies that it works without an ENGINE.
1662 */
1663 EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
1664 int ret = 0;
e5bc0ce2 1665 EVP_PKEY *pkey = NULL;
a3d267f1
RS		 1666 unsigned char mac[AES_BLOCK_SIZE];
1667# if !defined(OPENSSL_NO_DEPRECATED_3_0)
1668 unsigned char mac2[AES_BLOCK_SIZE];
1669# endif
e5bc0ce2
MC		 1670
1671 /* Test a CMAC key created using the "generated" method */
1672 if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1673 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1674 EVP_PKEY_CTRL_CIPHER,
1675 0, (void *)EVP_aes_256_ecb()), 0)
1676 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1677 EVP_PKEY_CTRL_SET_MAC_KEY,
1678 sizeof(key), (void *)key), 0)
1679 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)
1680 || !TEST_ptr(pkey)
1681 || !TEST_true(get_cmac_val(pkey, mac)))
1682 goto done;
a87820e1 1683
a3d267f1 1684# if !defined(OPENSSL_NO_DEPRECATED_3_0)
e5bc0ce2
MC		 1685 EVP_PKEY_free(pkey);
1686
1687 /*
1688 * Test a CMAC key using the direct method, and compare with the mac
1689 * created above.
1690 */
1691 pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), EVP_aes_256_ecb());
1692 if (!TEST_ptr(pkey)
1693 || !TEST_true(get_cmac_val(pkey, mac2))
1694 || !TEST_mem_eq(mac, sizeof(mac), mac2, sizeof(mac2)))
a87820e1 1695 goto done;
a3d267f1 1696# endif
e5bc0ce2 1697
a87820e1
RL		 1698 ret = 1;
1699
1700 done:
e5bc0ce2 1701 EVP_PKEY_free(pkey);
a87820e1
RL		 1702 EVP_PKEY_CTX_free(kctx);
1703 return ret;
1704}
fab8fde3 1705#endif
a87820e1 1706
10d5b415
MC		 1707static int test_HKDF(void)
1708{
1709 EVP_PKEY_CTX *pctx;
1710 unsigned char out[20];
1711 size_t outlen;
1712 int i, ret = 0;
1713 unsigned char salt[] = "0123456789";
1714 unsigned char key[] = "012345678901234567890123456789";
1715 unsigned char info[] = "infostring";
1716 const unsigned char expected[] = {
1717 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1718 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1719 };
1720 size_t expectedlen = sizeof(expected);
1721
1722 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1723 goto done;
1724
1725 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1726 for (i = 0; i < 2; i++) {
1727 outlen = sizeof(out);
1728 memset(out, 0, outlen);
1729
1730 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1731 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1732 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1733 sizeof(salt) - 1), 0)
1734 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1735 sizeof(key) - 1), 0)
1736 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1737 sizeof(info) - 1), 0)
1738 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1739 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1740 goto done;
1741 }
1742
1743 ret = 1;
1744
1745 done:
1746 EVP_PKEY_CTX_free(pctx);
1747
1748 return ret;
1749}
1750
2cd3ebc7
BK		 1751static int test_emptyikm_HKDF(void)
1752{
1753 EVP_PKEY_CTX *pctx;
1754 unsigned char out[20];
1755 size_t outlen;
1756 int ret = 0;
1757 unsigned char salt[] = "9876543210";
1758 unsigned char key[] = "";
1759 unsigned char info[] = "stringinfo";
1760 const unsigned char expected[] = {
1761 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47,
1762 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30
1763 };
1764 size_t expectedlen = sizeof(expected);
1765
1766 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1767 goto done;
1768
1769 outlen = sizeof(out);
1770 memset(out, 0, outlen);
1771
1772 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1773 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1774 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1775 sizeof(salt) - 1), 0)
1776 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1777 sizeof(key) - 1), 0)
1778 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1779 sizeof(info) - 1), 0)
1780 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1781 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1782 goto done;
1783
1784 ret = 1;
1785
1786 done:
1787 EVP_PKEY_CTX_free(pctx);
1788
1789 return ret;
1790}
1791
5dc40a83
BE		 1792#ifndef OPENSSL_NO_EC
1793static int test_X509_PUBKEY_inplace(void)
1794{
1795 int ret = 0;
1796 X509_PUBKEY *xp = NULL;
1797 const unsigned char *p = kExampleECPubKeyDER;
1798 size_t input_len = sizeof(kExampleECPubKeyDER);
1799
1800 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1801 goto done;
1802
1803 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1804 goto done;
1805
1806 p = kExampleBadECPubKeyDER;
1807 input_len = sizeof(kExampleBadECPubKeyDER);
1808
1809 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1810 goto done;
1811
1812 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1813 goto done;
1814
1815 ret = 1;
1816
1817done:
1818 X509_PUBKEY_free(xp);
1819 return ret;
1820}
7bb82f92 1821#endif /* OPENSSL_NO_EC */
784883fc 1822
9c45222d 1823/* Test getting and setting parameters on an EVP_PKEY_CTX */
f54a4101 1824static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
9c45222d 1825{
9a071fef 1826 EVP_MD_CTX *mdctx = NULL;
9c45222d 1827 EVP_PKEY_CTX *ctx = NULL;
9c45222d 1828 const OSSL_PARAM *params;
00bc1ad9 1829 OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
9c45222d
MC		 1830 int ret = 0;
1831 const EVP_MD *md;
00bc1ad9 1832 char mdname[OSSL_MAX_NAME_SIZE];
9a071fef 1833 char ssl3ms[48];
9c45222d 1834
9c45222d
MC		 1835 /* Initialise a sign operation */
1836 ctx = EVP_PKEY_CTX_new(pkey, NULL);
9c45222d 1837 if (!TEST_ptr(ctx)
c9c4a356 1838 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
9c45222d
MC		 1839 goto err;
1840
1841 /*
f54a4101 1842 * We should be able to query the parameters now.
9c45222d
MC		 1843 */
1844 params = EVP_PKEY_CTX_settable_params(ctx);
1845 if (!TEST_ptr(params)
0cb3f4f9
RL		 1846 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1847 OSSL_SIGNATURE_PARAM_DIGEST)))
9c45222d
MC		 1848 goto err;
1849
9c45222d
MC		 1850 params = EVP_PKEY_CTX_gettable_params(ctx);
1851 if (!TEST_ptr(params)
0cb3f4f9
RL		 1852 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1853 OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
0cb3f4f9
RL		 1854 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1855 OSSL_SIGNATURE_PARAM_DIGEST)))
9c45222d
MC		 1856 goto err;
1857
1858 /*
1859 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1860 * EVP_PKEY_CTX_get_params()
1861 */
00bc1ad9
RL		 1862 strcpy(mdname, "SHA512");
1863 param_md = param;
1864 *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1865 mdname, 0);
9c45222d
MC		 1866 *param++ = OSSL_PARAM_construct_end();
1867
1868 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1869 goto err;
1870
00bc1ad9
RL		 1871 mdname[0] = '\0';
1872 *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1873 mdname, sizeof(mdname));
9c45222d 1874 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
00bc1ad9 1875 || !TEST_str_eq(mdname, "SHA512"))
9c45222d
MC		 1876 goto err;
1877
1878 /*
1879 * Test the TEST_PKEY_CTX_set_signature_md() and
1880 * TEST_PKEY_CTX_get_signature_md() functions
1881 */
1882 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1883 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1884 || !TEST_ptr_eq(md, EVP_sha256()))
1885 goto err;
1886
9a071fef
MC		 1887 /*
1888 * Test getting MD parameters via an associated EVP_PKEY_CTX
1889 */
1890 mdctx = EVP_MD_CTX_new();
1891 if (!TEST_ptr(mdctx)
d8652be0
MC		 1892 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, NULL,
1893 pkey)))
9a071fef
MC		 1894 goto err;
1895
1896 /*
1897 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1898 * able to obtain the digest's settable parameters from the provider.
1899 */
1900 params = EVP_MD_CTX_settable_params(mdctx);
1901 if (!TEST_ptr(params)
1902 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1903 /* The final key should be NULL */
1904 || !TEST_ptr_null(params[1].key))
1905 goto err;
1906
1907 param = ourparams;
1908 memset(ssl3ms, 0, sizeof(ssl3ms));
1909 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1910 ssl3ms, sizeof(ssl3ms));
1911 *param++ = OSSL_PARAM_construct_end();
1912
1913 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1914 goto err;
1915
9c45222d
MC		 1916 ret = 1;
1917
1918 err:
9a071fef 1919 EVP_MD_CTX_free(mdctx);
9c45222d 1920 EVP_PKEY_CTX_free(ctx);
f54a4101
RL		 1921
1922 return ret;
1923}
1924
1925#ifndef OPENSSL_NO_DSA
1926static int test_DSA_get_set_params(void)
1927{
6ed4022c
RL		 1928 OSSL_PARAM_BLD *bld = NULL;
1929 OSSL_PARAM *params = NULL;
f54a4101 1930 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
6ed4022c 1931 EVP_PKEY_CTX *pctx = NULL;
f54a4101
RL		 1932 EVP_PKEY *pkey = NULL;
1933 int ret = 0;
1934
1935 /*
1936 * Setup the parameters for our DSA object. For our purposes they don't
1937 * have to actually be *valid* parameters. We just need to set something.
1938 */
6ed4022c
RL		 1939 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "DSA", NULL))
1940 || !TEST_ptr(bld = OSSL_PARAM_BLD_new())
1941 || !TEST_ptr(p = BN_new())
1942 || !TEST_ptr(q = BN_new())
1943 || !TEST_ptr(g = BN_new())
1944 || !TEST_ptr(pub = BN_new())
1945 || !TEST_ptr(priv = BN_new()))
1946 goto err;
1947 if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1948 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1949 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1950 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1951 pub))
1952 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1953 priv)))
1954 goto err;
1955 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
f54a4101 1956 goto err;
f54a4101 1957
2db985b7
SL		 1958 if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
1959 || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
1960 params), 0))
f54a4101
RL		 1961 goto err;
1962
6ed4022c
RL		 1963 if (!TEST_ptr(pkey))
1964 goto err;
f54a4101
RL		 1965
1966 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1967
1968 err:
9c45222d 1969 EVP_PKEY_free(pkey);
6ed4022c
RL		 1970 EVP_PKEY_CTX_free(pctx);
1971 OSSL_PARAM_BLD_free_params(params);
1972 OSSL_PARAM_BLD_free(bld);
9c45222d
MC		 1973 BN_free(p);
1974 BN_free(q);
1975 BN_free(g);
cd32a0f5
RL		 1976 BN_free(pub);
1977 BN_free(priv);
9c45222d
MC		 1978
1979 return ret;
1980}
2c04b341
JS		 1981
1982/*
8a9394c1 1983 * Test combinations of private, public, missing and private + public key
2c04b341
JS		 1984 * params to ensure they are all accepted
1985 */
1986static int test_DSA_priv_pub(void)
1987{
1988 return test_EVP_PKEY_ffc_priv_pub("DSA");
1989}
1990
1991#endif /* !OPENSSL_NO_DSA */
9c45222d 1992
f54a4101
RL		 1993static int test_RSA_get_set_params(void)
1994{
d7e498ac
RL		 1995 OSSL_PARAM_BLD *bld = NULL;
1996 OSSL_PARAM *params = NULL;
f54a4101 1997 BIGNUM *n = NULL, *e = NULL, *d = NULL;
d7e498ac 1998 EVP_PKEY_CTX *pctx = NULL;
f54a4101
RL		 1999 EVP_PKEY *pkey = NULL;
2000 int ret = 0;
2001
2002 /*
2003 * Setup the parameters for our RSA object. For our purposes they don't
2004 * have to actually be *valid* parameters. We just need to set something.
2005 */
d7e498ac
RL		 2006 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "RSA", NULL))
2007 || !TEST_ptr(bld = OSSL_PARAM_BLD_new())
2008 || !TEST_ptr(n = BN_new())
2009 || !TEST_ptr(e = BN_new())
2010 || !TEST_ptr(d = BN_new()))
2011 goto err;
2012 if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
2013 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
2014 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d)))
2015 goto err;
2016 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
f54a4101 2017 goto err;
f54a4101 2018
2db985b7
SL		 2019 if (!TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0)
2020 || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_KEYPAIR,
2021 params), 0))
f54a4101
RL		 2022 goto err;
2023
d7e498ac
RL		 2024 if (!TEST_ptr(pkey))
2025 goto err;
f54a4101
RL		 2026
2027 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
2028
2029 err:
2030 EVP_PKEY_free(pkey);
d7e498ac
RL		 2031 EVP_PKEY_CTX_free(pctx);
2032 OSSL_PARAM_BLD_free_params(params);
2033 OSSL_PARAM_BLD_free(bld);
f54a4101
RL		 2034 BN_free(n);
2035 BN_free(e);
2036 BN_free(d);
2037
2038 return ret;
2039}
2040
b4be6937
MC		 2041#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2042static int test_decrypt_null_chunks(void)
2043{
2044 EVP_CIPHER_CTX* ctx = NULL;
2045 const unsigned char key[32] = {
2046 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
2047 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
2048 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
2049 };
2050 unsigned char iv[12] = {
2051 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
2052 };
2053 unsigned char msg[] = "It was the best of times, it was the worst of times";
2054 unsigned char ciphertext[80];
2055 unsigned char plaintext[80];
2056 /* We initialise tmp to a non zero value on purpose */
2057 int ctlen, ptlen, tmp = 99;
2058 int ret = 0;
2059 const int enc_offset = 10, dec_offset = 20;
2060
2061 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
2062 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
2063 key, iv))
2064 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
2065 enc_offset))
2066 /* Deliberate add a zero length update */
2067 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
2068 0))
2069 || !TEST_int_eq(tmp, 0)
2070 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
2071 msg + enc_offset,
2072 sizeof(msg) - enc_offset))
2073 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
2074 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
2075 || !TEST_int_eq(tmp, 0))
2076 goto err;
2077
2078 /* Deliberately initialise tmp to a non zero value */
2079 tmp = 99;
2080 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
2081 iv))
2082 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
2083 dec_offset))
2084 /*
2085 * Deliberately add a zero length update. We also deliberately do
2086 * this at a different offset than for encryption.
2087 */
2088 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
2089 0))
2090 || !TEST_int_eq(tmp, 0)
2091 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
2092 ciphertext + dec_offset,
2093 ctlen - dec_offset))
2094 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
2095 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
2096 || !TEST_int_eq(tmp, 0)
2097 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
2098 goto err;
2099
2100 ret = 1;
2101 err:
2102 EVP_CIPHER_CTX_free(ctx);
2103 return ret;
2104}
2105#endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
2106
2c04b341
JS		 2107#ifndef OPENSSL_NO_DH
2108/*
8a9394c1 2109 * Test combinations of private, public, missing and private + public key
2c04b341
JS		 2110 * params to ensure they are all accepted
2111 */
2112static int test_DH_priv_pub(void)
2113{
2114 return test_EVP_PKEY_ffc_priv_pub("DH");
2115}
2116
2117# ifndef OPENSSL_NO_DEPRECATED_3_0
e295de1d
MC		 2118static int test_EVP_PKEY_set1_DH(void)
2119{
ca2bf555
SL		 2120 DH *x942dh = NULL, *noqdh = NULL;
2121 EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
e295de1d 2122 int ret = 0;
ca2bf555
SL		 2123 BIGNUM *p, *g = NULL;
2124
2125 if (!TEST_ptr(p = BN_new())
2126 || !TEST_ptr(g = BN_new())
2127 || !BN_set_word(p, 9999)
2128 || !BN_set_word(g, 2)
2129 || !TEST_ptr(noqdh = DH_new())
2130 || !DH_set0_pqg(noqdh, p, NULL, g))
2131 goto err;
2132 p = g = NULL;
e295de1d
MC		 2133
2134 x942dh = DH_get_2048_256();
e295de1d
MC		 2135 pkey1 = EVP_PKEY_new();
2136 pkey2 = EVP_PKEY_new();
2137 if (!TEST_ptr(x942dh)
ca2bf555 2138 || !TEST_ptr(noqdh)
e295de1d
MC		 2139 || !TEST_ptr(pkey1)
2140 || !TEST_ptr(pkey2))
2141 goto err;
2142
2143 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
2144 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
2145 goto err;
2146
ca2bf555 2147 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh))
e295de1d
MC		 2148 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
2149 goto err;
2150
2151 ret = 1;
2152 err:
ca2bf555
SL		 2153 BN_free(p);
2154 BN_free(g);
e295de1d
MC		 2155 EVP_PKEY_free(pkey1);
2156 EVP_PKEY_free(pkey2);
2157 DH_free(x942dh);
ca2bf555 2158 DH_free(noqdh);
e295de1d
MC		 2159
2160 return ret;
2161}
2c04b341
JS		 2162# endif /* !OPENSSL_NO_DEPRECATED_3_0 */
2163#endif /* !OPENSSL_NO_DH */
e295de1d 2164
8a5cb596
RL		 2165/*
2166 * We test what happens with an empty template. For the sake of this test,
2167 * the template must be ignored, and we know that's the case for RSA keys
2168 * (this might arguably be a misfeature, but that's what we currently do,
2169 * even in provider code, since that's how the legacy RSA implementation
2170 * does things)
2171 */
2172static int test_keygen_with_empty_template(int n)
2173{
2174 EVP_PKEY_CTX *ctx = NULL;
2175 EVP_PKEY *pkey = NULL;
2176 EVP_PKEY *tkey = NULL;
2177 int ret = 0;
2178
2179 switch (n) {
2180 case 0:
2181 /* We do test with no template at all as well */
2182 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)))
2183 goto err;
2184 break;
2185 case 1:
2186 /* Here we create an empty RSA key that serves as our template */
2187 if (!TEST_ptr(tkey = EVP_PKEY_new())
2188 || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA))
2189 || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL)))
2190 goto err;
2191 break;
2192 }
2193
2194 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
2195 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
2196 goto err;
2197
2198 ret = 1;
2199 err:
2200 EVP_PKEY_CTX_free(ctx);
2201 EVP_PKEY_free(pkey);
2202 EVP_PKEY_free(tkey);
2203 return ret;
2204}
2205
5ddec6a7
MC		 2206/*
2207 * Test that we fail if we attempt to use an algorithm that is not available
08497fc6
RL		 2208 * in the current library context (unless we are using an algorithm that
2209 * should be made available via legacy codepaths).
2210 *
2211 * 0: RSA
2212 * 1: SM2
5ddec6a7
MC		 2213 */
2214static int test_pkey_ctx_fail_without_provider(int tst)
2215{
b4250010 2216 OSSL_LIB_CTX *tmpctx = OSSL_LIB_CTX_new();
5ddec6a7
MC		 2217 OSSL_PROVIDER *nullprov = NULL;
2218 EVP_PKEY_CTX *pctx = NULL;
08497fc6
RL		 2219 const char *keytype = NULL;
2220 int expect_null = 0;
5ddec6a7
MC		 2221 int ret = 0;
2222
2223 if (!TEST_ptr(tmpctx))
2224 goto err;
2225
2226 nullprov = OSSL_PROVIDER_load(tmpctx, "null");
2227 if (!TEST_ptr(nullprov))
2228 goto err;
2229
5ddec6a7 2230 /*
08497fc6
RL		 2231 * We check for certain algos in the null provider.
2232 * If an algo is expected to have a provider keymgmt, contructing an
2233 * EVP_PKEY_CTX is expected to fail (return NULL).
2234 * Otherwise, if it's expected to have legacy support, contructing an
2235 * EVP_PKEY_CTX is expected to succeed (return non-NULL).
5ddec6a7 2236 */
08497fc6
RL		 2237 switch (tst) {
2238 case 0:
2239 keytype = "RSA";
2240 expect_null = 1;
2241 break;
2242 case 1:
2243 keytype = "SM2";
d0b79f86 2244 expect_null = 1;
08497fc6
RL		 2245#ifdef OPENSSL_NO_EC
2246 TEST_info("EC disable, skipping SM2 check...");
2247 goto end;
2248#endif
2249#ifdef OPENSSL_NO_SM2
2250 TEST_info("SM2 disable, skipping SM2 check...");
2251 goto end;
2252#endif
2253 break;
2254 default:
2255 TEST_error("No test for case %d", tst);
2256 goto err;
2257 }
2258
2259 pctx = EVP_PKEY_CTX_new_from_name(tmpctx, keytype, "");
2260 if (expect_null ? !TEST_ptr_null(pctx) : !TEST_ptr(pctx))
5ddec6a7
MC		 2261 goto err;
2262
08497fc6
RL		 2263#if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_SM2)
2264 end:
2265#endif
5ddec6a7
MC		 2266 ret = 1;
2267
2268 err:
2269 EVP_PKEY_CTX_free(pctx);
2270 OSSL_PROVIDER_unload(nullprov);
b4250010 2271 OSSL_LIB_CTX_free(tmpctx);
5ddec6a7
MC		 2272 return ret;
2273}
2274
1c19ff3c
P		 2275static int test_rand_agglomeration(void)
2276{
2277 EVP_RAND *rand;
2278 EVP_RAND_CTX *ctx;
2279 OSSL_PARAM params[3], *p = params;
2280 int res;
2281 unsigned int step = 7;
2282 static unsigned char seed[] = "It does not matter how slowly you go "
2283 "as long as you do not stop.";
2284 unsigned char out[sizeof(seed)];
2285
2286 if (!TEST_int_ne(sizeof(seed) % step, 0)
2287 || !TEST_ptr(rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL)))
2288 return 0;
2289 ctx = EVP_RAND_CTX_new(rand, NULL);
2290 EVP_RAND_free(rand);
2291 if (!TEST_ptr(ctx))
2292 return 0;
2293
2294 memset(out, 0, sizeof(out));
2295 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
2296 seed, sizeof(seed));
0d4460d2 2297 *p++ = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_MAX_REQUEST, &step);
1c19ff3c
P		 2298 *p = OSSL_PARAM_construct_end();
2299 res = TEST_true(EVP_RAND_set_ctx_params(ctx, params))
2300 && TEST_true(EVP_RAND_generate(ctx, out, sizeof(out), 0, 1, NULL, 0))
2301 && TEST_mem_eq(seed, sizeof(seed), out, sizeof(out));
2302 EVP_RAND_CTX_free(ctx);
2303 return res;
2304}
2305
440b852a
BK		 2306/*
2307 * Test that we correctly return the original or "running" IV after
2308 * an encryption operation.
2309 * Run multiple times for some different relevant algorithms/modes.
2310 */
2311static int test_evp_iv(int idx)
2312{
2313 int ret = 0;
2314 EVP_CIPHER_CTX *ctx = NULL;
2315 unsigned char key[16] = {0x4c, 0x43, 0xdb, 0xdd, 0x42, 0x73, 0x47, 0xd1,
2316 0xe5, 0x62, 0x7d, 0xcd, 0x4d, 0x76, 0x4d, 0x57};
2317 unsigned char init_iv[EVP_MAX_IV_LENGTH] =
2318 {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82,
2319 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34};
2320 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8,
2321 9, 10, 11, 12, 13, 14, 15, 16 };
2322 unsigned char ciphertext[32], oiv[16], iv[16];
2323 unsigned char *ref_iv;
2324 unsigned char cbc_state[16] = {0x10, 0x2f, 0x05, 0xcc, 0xc2, 0x55, 0x72, 0xb9,
2325 0x88, 0xe6, 0x4a, 0x17, 0x10, 0x74, 0x22, 0x5e};
2326
2327 unsigned char ofb_state[16] = {0x76, 0xe6, 0x66, 0x61, 0xd0, 0x8a, 0xe4, 0x64,
2328 0xdd, 0x66, 0xbf, 0x00, 0xf0, 0xe3, 0x6f, 0xfd};
2329 unsigned char gcm_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2330 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2331 unsigned char ccm_state[7] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98};
2332#ifndef OPENSSL_NO_OCB
2333 unsigned char ocb_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2334 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2335#endif
2336 int len = sizeof(ciphertext);
2337 size_t ivlen, ref_len;
2338 const EVP_CIPHER *type = NULL;
2339
2340 switch(idx) {
2341 case 0:
2342 type = EVP_aes_128_cbc();
2343 /* FALLTHROUGH */
2344 case 5:
2345 type = (type != NULL) ? type :
2346 EVP_CIPHER_fetch(testctx, "aes-128-cbc", NULL);
2347 ref_iv = cbc_state;
2348 ref_len = sizeof(cbc_state);
2349 break;
2350 case 1:
2351 type = EVP_aes_128_ofb();
2352 /* FALLTHROUGH */
2353 case 6:
2354 type = (type != NULL) ? type :
2355 EVP_CIPHER_fetch(testctx, "aes-128-ofb", NULL);
2356 ref_iv = ofb_state;
2357 ref_len = sizeof(ofb_state);
2358 break;
2359 case 2:
2360 type = EVP_aes_128_gcm();
2361 /* FALLTHROUGH */
2362 case 7:
2363 type = (type != NULL) ? type :
2364 EVP_CIPHER_fetch(testctx, "aes-128-gcm", NULL);
2365 ref_iv = gcm_state;
2366 ref_len = sizeof(gcm_state);
2367 break;
2368 case 3:
2369 type = EVP_aes_128_ccm();
2370 /* FALLTHROUGH */
2371 case 8:
2372 type = (type != NULL) ? type :
2373 EVP_CIPHER_fetch(testctx, "aes-128-ccm", NULL);
2374 ref_iv = ccm_state;
2375 ref_len = sizeof(ccm_state);
2376 break;
2377#ifdef OPENSSL_NO_OCB
2378 case 4:
2379 case 9:
2380 return 1;
2381#else
2382 case 4:
2383 type = EVP_aes_128_ocb();
2384 /* FALLTHROUGH */
2385 case 9:
2386 type = (type != NULL) ? type :
2387 EVP_CIPHER_fetch(testctx, "aes-128-ocb", NULL);
2388 ref_iv = ocb_state;
2389 ref_len = sizeof(ocb_state);
2390 break;
2391#endif
2392 default:
2393 return 0;
2394 }
2395
2396 if (!TEST_ptr(type)
2397 || !TEST_ptr((ctx = EVP_CIPHER_CTX_new()))
2398 || !TEST_true(EVP_EncryptInit_ex(ctx, type, NULL, key, init_iv))
2399 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &len, msg,
2400 (int)sizeof(msg)))
0d83b7b9
TM		 2401 || !TEST_true(EVP_CIPHER_CTX_get_original_iv(ctx, oiv, sizeof(oiv)))
2402 || !TEST_true(EVP_CIPHER_CTX_get_updated_iv(ctx, iv, sizeof(iv)))
440b852a
BK		 2403 || !TEST_true(EVP_EncryptFinal_ex(ctx, ciphertext, &len)))
2404 goto err;
2405 ivlen = EVP_CIPHER_CTX_iv_length(ctx);
2406 if (!TEST_mem_eq(init_iv, ivlen, oiv, ivlen)
2407 || !TEST_mem_eq(ref_iv, ref_len, iv, ivlen))
2408 goto err;
2409
2410 ret = 1;
2411err:
2412 EVP_CIPHER_CTX_free(ctx);
2413 if (idx >= 5)
2414 EVP_CIPHER_free((EVP_CIPHER *)type);
2415 return ret;
2416}
2417
e947a064
DB		 2418static int test_EVP_rsa_pss_with_keygen_bits(void)
2419{
2420 int ret;
2421 OSSL_PROVIDER *provider;
2422 EVP_PKEY_CTX *ctx;
2423 EVP_PKEY *pkey;
2424 const EVP_MD *md;
2425 pkey = NULL;
2426 ret = 0;
2427 provider = OSSL_PROVIDER_load(NULL, "default");
2428 md = EVP_get_digestbyname("sha256");
2429
2430 ret = TEST_ptr((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA_PSS, NULL)))
2431 && TEST_true(EVP_PKEY_keygen_init(ctx))
2432 && TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 512), 0)
2433 && TEST_true(EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md))
2434 && TEST_true(EVP_PKEY_keygen(ctx, &pkey));
2435
2436 EVP_PKEY_free(pkey);
2437 EVP_PKEY_CTX_free(ctx);
2438 OSSL_PROVIDER_unload(provider);
2439 return ret;
2440}
2441
2442
ad887416 2443int setup_tests(void)
71ea6b48 2444{
b4250010 2445 testctx = OSSL_LIB_CTX_new();
86dc26ba
MC		 2446
2447 if (!TEST_ptr(testctx))
2448 return 0;
2449
f9e504e8 2450 ADD_TEST(test_EVP_set_default_properties);
6d242fa5 2451 ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
adcd8e37 2452 ADD_TEST(test_EVP_DigestVerifyInit);
8d8dd09b 2453 ADD_TEST(test_EVP_Digest);
2eb2b4f3 2454 ADD_TEST(test_EVP_Enveloped);
ad887416 2455 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
29c49b25 2456 ADD_TEST(test_privatekey_to_pkcs8);
a9880362 2457#ifndef OPENSSL_NO_EC
adcd8e37 2458 ADD_TEST(test_EVP_PKCS82PKEY);
ddb634fe 2459#endif
f0c62c53
RL		 2460#ifndef OPENSSL_NO_EC
2461 ADD_ALL_TESTS(test_EC_keygen_with_enc, OSSL_NELEM(ec_encodings));
2462#endif
f844f9eb 2463#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
ddb634fe 2464 ADD_TEST(test_EVP_SM2);
a6c4cb84 2465 ADD_TEST(test_EVP_SM2_verify);
a9880362 2466#endif
bb5f281a 2467 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
41bbba53 2468#ifndef OPENSSL_NO_DEPRECATED_3_0
2aee35d3
PY		 2469 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
2470 if (!TEST_ptr(custom_pmeth))
2471 return 0;
2472 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
b0004708
PY		 2473 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
2474 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
2aee35d3
PY		 2475 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
2476 return 0;
41bbba53 2477#endif
2aee35d3 2478 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
fab8fde3 2479#ifndef OPENSSL_NO_CMAC
a87820e1 2480 ADD_TEST(test_CMAC_keygen);
fab8fde3 2481#endif
10d5b415 2482 ADD_TEST(test_HKDF);
2cd3ebc7 2483 ADD_TEST(test_emptyikm_HKDF);
5dc40a83
BE		 2484#ifndef OPENSSL_NO_EC
2485 ADD_TEST(test_X509_PUBKEY_inplace);
cad8347b
SL		 2486 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
2487 OSSL_NELEM(ec_der_pub_keys));
5dc40a83 2488#endif
8d0f8c81 2489#ifndef OPENSSL_NO_DSA
f54a4101 2490 ADD_TEST(test_DSA_get_set_params);
2c04b341 2491 ADD_TEST(test_DSA_priv_pub);
b4be6937 2492#endif
f54a4101 2493 ADD_TEST(test_RSA_get_set_params);
b4be6937
MC		 2494#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2495 ADD_TEST(test_decrypt_null_chunks);
8d0f8c81 2496#endif
2c04b341
JS		 2497#ifndef OPENSSL_NO_DH
2498 ADD_TEST(test_DH_priv_pub);
2499# ifndef OPENSSL_NO_DEPRECATED_3_0
e295de1d 2500 ADD_TEST(test_EVP_PKEY_set1_DH);
2c04b341 2501# endif
b8a1272d
MC		 2502#endif
2503#ifndef OPENSSL_NO_EC
2504 ADD_TEST(test_EC_priv_pub);
2505# ifndef OPENSSL_NO_DEPRECATED_3_0
2506 ADD_TEST(test_EC_priv_only_legacy);
2507# endif
501fcfb8 2508#endif
8a5cb596 2509 ADD_ALL_TESTS(test_keygen_with_empty_template, 2);
5ddec6a7 2510 ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
e295de1d 2511
1c19ff3c 2512 ADD_TEST(test_rand_agglomeration);
440b852a 2513 ADD_ALL_TESTS(test_evp_iv, 10);
e947a064 2514 ADD_TEST(test_EVP_rsa_pss_with_keygen_bits);
1c19ff3c 2515
ad887416 2516 return 1;
71ea6b48 2517}
86dc26ba
MC		 2518
2519void cleanup_tests(void)
2520{
b4250010 2521 OSSL_LIB_CTX_free(testctx);
86dc26ba 2522}
A mirror of the official openssl repository