]>
Commit | Line | Data |
---|---|---|
5ccada09 | 1 | # |
aff636a4 | 2 | # Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. |
5ccada09 SL |
3 | # |
4 | # Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | # this file except in compliance with the License. You can obtain a copy | |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
9 | # Tests start with one of these keywords | |
10 | # Cipher Decrypt Derive Digest Encoding KDF MAC PBE | |
11 | # PrivPubKeyPair Sign Verify VerifyRecover | |
12 | # and continue until a blank line. Lines starting with a pound sign are ignored. | |
13 | # The keyword Availablein must appear before the test name if needed. | |
14 | ||
15 | # Public key algorithm tests | |
16 | ||
17 | # Private keys used for PKEY operations. | |
18 | ||
19 | # EC P-256 key | |
20 | ||
21 | PrivateKey=P-256 | |
22 | -----BEGIN PRIVATE KEY----- | |
23 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw | |
24 | +RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH | |
25 | +JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ | |
26 | -----END PRIVATE KEY----- | |
27 | ||
28 | # EC public key for above | |
29 | ||
30 | PublicKey=P-256-PUBLIC | |
31 | -----BEGIN PUBLIC KEY----- | |
32 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl | |
33 | x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== | |
34 | -----END PUBLIC KEY----- | |
35 | ||
36 | PrivPubKeyPair = P-256:P-256-PUBLIC | |
37 | ||
38 | Title = ECDSA tests | |
39 | ||
40 | Verify = P-256 | |
41 | Ctrl = digest:SHA1 | |
42 | Input = "0123456789ABCDEF1234" | |
43 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 | |
44 | ||
45 | # Digest too long | |
46 | Verify = P-256 | |
47 | Ctrl = digest:SHA1 | |
48 | Input = "0123456789ABCDEF12345" | |
49 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 | |
50 | Result = VERIFY_ERROR | |
51 | ||
52 | # Digest too short | |
53 | Verify = P-256 | |
54 | Ctrl = digest:SHA1 | |
55 | Input = "0123456789ABCDEF123" | |
56 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 | |
57 | Result = VERIFY_ERROR | |
58 | ||
59 | # Digest invalid | |
60 | Verify = P-256 | |
61 | Ctrl = digest:SHA1 | |
62 | Input = "0123456789ABCDEF1235" | |
63 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 | |
64 | Result = VERIFY_ERROR | |
65 | ||
66 | # Invalid signature | |
67 | Verify = P-256 | |
68 | Ctrl = digest:SHA1 | |
69 | Input = "0123456789ABCDEF1234" | |
70 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7 | |
71 | Result = VERIFY_ERROR | |
72 | ||
73 | # Garbage after signature | |
74 | Availablein = default | |
75 | Verify = P-256 | |
76 | Ctrl = digest:SHA1 | |
77 | Input = "0123456789ABCDEF1234" | |
78 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800 | |
79 | Result = VERIFY_ERROR | |
80 | ||
81 | # BER signature | |
82 | Verify = P-256 | |
83 | Ctrl = digest:SHA1 | |
84 | Input = "0123456789ABCDEF1234" | |
85 | Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 | |
86 | Result = VERIFY_ERROR | |
87 | ||
88 | Verify = P-256-PUBLIC | |
89 | Ctrl = digest:SHA1 | |
90 | Input = "0123456789ABCDEF1234" | |
91 | Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 | |
92 | ||
5ccada09 SL |
93 | Title = DigestSign and DigestVerify |
94 | ||
95 | DigestVerify = SHA256 | |
96 | Key = P-256-PUBLIC | |
97 | Input = "Hello World" | |
98 | Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 | |
99 | ||
5ccada09 SL |
100 | # Oneshot tests |
101 | OneShotDigestVerify = SHA256 | |
102 | Key = P-256-PUBLIC | |
103 | Input = "Hello World" | |
104 | Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 | |
0645110e | 105 | |
28332028 SL |
106 | # Test that mdsize != tbssize fails |
107 | Sign = P-256 | |
108 | Ctrl = digest:SHA256 | |
109 | Input = "0123456789ABCDEF1234" | |
110 | Result = KEYOP_ERROR | |
111 | ||
0645110e SL |
112 | PrivateKey = P-256_NAMED_CURVE_EXPLICIT |
113 | -----BEGIN PRIVATE KEY----- | |
114 | MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB | |
115 | AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA | |
116 | ///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV | |
117 | AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg | |
118 | 9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A | |
119 | AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgiUTxtr5vLVjj | |
120 | 0BOXUa/4r82DJ30QoupYS/wlilW4gWehRANCAATM0n3q2UaDyaQ7OxzJM3B6prhW | |
121 | 3ev1gTwRBduzqqlwd54AUSgI+pjttW8zrWNitO8H1sf59MPWOESKxNtZ1+Nl | |
122 | -----END PRIVATE KEY----- | |
123 | ||
124 | PrivateKey = EC_EXPLICIT | |
125 | -----BEGIN PRIVATE KEY----- | |
126 | MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB | |
127 | AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA | |
128 | ///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV | |
129 | AMSdNgiG5wSTamZ44ROdJreBn36QBEEE5JcIvn36opqjEm/k59Al40rBAxWM2TPG | |
130 | l0L13Je51zHpfXQ9Z2o7IQicMXP4wSfJ0qCgg2bgydqoxlYrlLGuVQIhAP////8A | |
131 | AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgec92jwduadCk | |
132 | OjoNRI+YT5Be5TkzZXzYCyTLkMOikDmhRANCAATtECEhQbLEaiUj/Wu0qjcr81lL | |
133 | 46dx5zYgArz/iaSNJ3W80oO+F7v04jlQ7wxQzg96R0bwKiMeq5CcW9ZFt6xg | |
134 | -----END PRIVATE KEY----- | |
135 | ||
136 | PrivateKey = B-163 | |
137 | -----BEGIN PRIVATE KEY----- | |
138 | MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K | |
139 | DnVlDgChLgMsAAQB1qZ00fPIct+QN8skv1XIHtBNp3EGLytJV0tsAUTYtGhtrzRj | |
140 | e3GzYyg= | |
141 | -----END PRIVATE KEY----- | |
142 | ||
143 | PrivateKey = secp256k1 | |
144 | -----BEGIN PRIVATE KEY----- | |
145 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgsLpFV9joHc0bisyV53XL | |
146 | mrG6/Gu6ZaHoXtKP/VFX44ehRANCAARLYWGgp5nP4N8guypLSbYGCVN6ZPCnWW4x | |
147 | srYkcpdbxr4neRT3zC62keCKgPbJf5SIHkJ2Tcaw6hVSrBOUFtix | |
148 | -----END PRIVATE KEY----- | |
149 | ||
150 | Title = FIPS tests | |
151 | ||
152 | # Test that a nist curve with < 112 bits is allowed in fips mode for verifying | |
153 | DigestVerify = SHA256 | |
154 | Key = B-163 | |
155 | Input = "Hello World" | |
156 | Output = 302e0215027bb891747468b4b59ca2a2bf8f42d29d08866cf5021502cc311b25e9a2168e42240b07a6071070f687eb3b | |
157 | ||
158 | # Test that a nist curve with SHA3 is allowed in fips mode | |
159 | # The sign will get a mismatch error since the output signature changes on each run | |
160 | DigestSign = SHA3-512 | |
161 | Key = P-256 | |
162 | Input = "Hello World" | |
163 | Result = SIGNATURE_MISMATCH | |
164 | ||
165 | # Test that a explicit curve that is a named curve is allowed in fips mode | |
166 | DigestVerify = SHA256 | |
167 | Key = P-256_NAMED_CURVE_EXPLICIT | |
168 | Input = "Hello World" | |
169 | Output = 30450220796fcf472882ed5779226dcd0217b9d2b9acfe4fa2fb0109c8ee63c63adc1033022100e306c69f7e31b9a5d54eb12ba813cddf4de4af933e4f6cea38a0817d9d831d91 | |
170 | ||
171 | Title = FIPS Negative tests (using different curves and digests) | |
172 | ||
173 | # Test that a explicit curve is not allowed in fips mode | |
174 | Availablein = fips | |
175 | DigestVerify = SHA256 | |
7a810fac | 176 | Securitycheck = 1 |
0645110e SL |
177 | Key = EC_EXPLICIT |
178 | Input = "Hello World" | |
179 | Result = DIGESTVERIFYINIT_ERROR | |
180 | ||
181 | # Test that a curve with < 112 bits is not allowed in fips mode for signing | |
182 | Availablein = fips | |
183 | DigestSign = SHA3-512 | |
7a810fac | 184 | Securitycheck = 1 |
0645110e SL |
185 | Key = B-163 |
186 | Input = "Hello World" | |
187 | Result = DIGESTSIGNINIT_ERROR | |
188 | ||
189 | # Test that a non nist curve is not allowed in fips mode | |
190 | Availablein = fips | |
191 | DigestSign = SHA3-512 | |
7a810fac | 192 | Securitycheck = 1 |
0645110e SL |
193 | Key = secp256k1 |
194 | Input = "Hello World" | |
195 | Result = DIGESTSIGNINIT_ERROR | |
28332028 SL |
196 | |
197 | # Test that SHA1 is not allowed in fips mode for signing | |
198 | Availablein = fips | |
199 | DigestSign = SHA1 | |
200 | Securitycheck = 1 | |
201 | Key = B-163 | |
202 | Input = "Hello World" | |
203 | Result = DIGESTSIGNINIT_ERROR | |
204 | ||
205 | # Test that SHA1 is not allowed in fips mode for signing | |
206 | Availablein = fips | |
207 | Sign = P-256 | |
38e12964 | 208 | Securitycheck = 1 |
28332028 SL |
209 | Ctrl = digest:SHA1 |
210 | Input = "0123456789ABCDEF1234" | |
211 | Result = PKEY_CTRL_ERROR | |
6a2ab4a9 TM |
212 | |
213 | # Invalid non-approved digest | |
214 | Availablein = fips | |
215 | DigestVerify = MD5 | |
216 | Securitycheck = 1 | |
217 | Key = P-256-PUBLIC | |
218 | Result = DIGESTVERIFYINIT_ERROR |