2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) ((void *)&x), sizeof(x)
12 #define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21 #define ST_KAT_PARAM_UTF8CHAR(name, data) \
22 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
23 #define ST_KAT_PARAM_INT(name, i) \
24 { name, OSSL_PARAM_INTEGER, ITM(i) }
26 /* used to store raw parameters for keys and algorithms */
27 typedef struct st_kat_param_st {
28 const char *name; /* an OSSL_PARAM name */
29 size_t type; /* the type associated with the data */
30 const void *data; /* unsigned char [], or char [] depending on the type */
31 size_t data_len; /* the length of the data */
34 typedef struct st_kat_st {
36 const char *algorithm;
37 const unsigned char *pt;
39 const unsigned char *expected;
43 #define CIPHER_MODE_ENCRYPT 1
44 #define CIPHER_MODE_DECRYPT 2
45 #define CIPHER_MODE_ALL (CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT)
47 typedef ST_KAT ST_KAT_DIGEST;
48 typedef struct st_kat_cipher_st {
51 const unsigned char *key;
53 const unsigned char *iv;
55 const unsigned char *aad;
57 const unsigned char *tag;
61 typedef struct st_kat_kdf_st {
63 const char *algorithm;
64 const ST_KAT_PARAM *params;
65 const unsigned char *expected;
69 typedef struct st_kat_drbg_st {
71 const char *algorithm;
72 const char *param_name;
74 const unsigned char *entropyin;
76 const unsigned char *nonce;
78 const unsigned char *persstr;
80 const unsigned char *entropyinpr1;
81 size_t entropyinpr1len;
82 const unsigned char *entropyinpr2;
83 size_t entropyinpr2len;
84 const unsigned char *entropyaddin1;
85 size_t entropyaddin1len;
86 const unsigned char *entropyaddin2;
87 size_t entropyaddin2len;
88 const unsigned char *expected;
92 typedef struct st_kat_kas_st {
94 const char *algorithm;
96 const ST_KAT_PARAM *key_group;
97 const ST_KAT_PARAM *key_host_data;
98 const ST_KAT_PARAM *key_peer_data;
100 const unsigned char *expected;
104 typedef struct st_kat_sign_st {
106 const char *algorithm;
107 const char *mdalgorithm;
108 const ST_KAT_PARAM *key;
109 const unsigned char *sig_expected; /* Set to NULL if this value changes */
110 size_t sig_expected_len;
113 typedef struct st_kat_asym_cipher_st {
115 const char *algorithm;
117 const ST_KAT_PARAM *key;
118 const ST_KAT_PARAM *postinit;
119 const unsigned char *in;
121 const unsigned char *expected;
123 } ST_KAT_ASYM_CIPHER;
125 /*- DIGEST TEST DATA */
126 static const unsigned char sha1_pt[] = "abc";
127 static const unsigned char sha1_digest[] = {
128 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
129 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
132 static const unsigned char sha512_pt[] = "abc";
133 static const unsigned char sha512_digest[] = {
134 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
135 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
136 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
137 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
138 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
139 0xA5, 0x4C, 0xA4, 0x9F
141 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
142 static const unsigned char sha3_256_digest[] = {
143 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
144 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
145 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
148 static const ST_KAT_DIGEST st_kat_digest_tests[] =
151 OSSL_SELF_TEST_DESC_MD_SHA1,
157 OSSL_SELF_TEST_DESC_MD_SHA2,
163 OSSL_SELF_TEST_DESC_MD_SHA3,
166 ITM(sha3_256_digest),
171 /*- CIPHER TEST DATA */
174 static const unsigned char des_ede3_cbc_pt[] = {
175 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
176 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
177 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
178 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
180 static const unsigned char des_ede3_cbc_key[] = {
181 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
182 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
183 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
185 static const unsigned char des_ede3_cbc_iv[] = {
186 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
188 static const unsigned char des_ede3_cbc_ct[] = {
189 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
190 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
191 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
192 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
195 /* AES-256 GCM test data */
196 static const unsigned char aes_256_gcm_key[] = {
197 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
198 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
199 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
200 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
202 static const unsigned char aes_256_gcm_iv[] = {
203 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
204 0xe9, 0x02, 0xf2, 0x1a
206 static const unsigned char aes_256_gcm_pt[] = {
207 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
208 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
210 static const unsigned char aes_256_gcm_aad[] = {
211 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
212 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
214 static const unsigned char aes_256_gcm_ct[] = {
215 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
216 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
218 static const unsigned char aes_256_gcm_tag[] = {
219 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
220 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
223 /* AES-ECB test data */
224 static const unsigned char aes_128_ecb_key[] = {
225 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3,
226 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
228 static const unsigned char aes_128_ecb_pt[] = {
229 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
230 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
232 static const unsigned char aes_128_ecb_ct[] = {
233 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0,
234 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
237 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
238 #ifndef OPENSSL_NO_DES
241 OSSL_SELF_TEST_DESC_CIPHER_TDES,
243 ITM(des_ede3_cbc_pt),
246 CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
247 ITM(des_ede3_cbc_key),
248 ITM(des_ede3_cbc_iv),
253 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
258 CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
259 ITM(aes_256_gcm_key),
261 ITM(aes_256_gcm_aad),
266 OSSL_SELF_TEST_DESC_CIPHER_AES_ECB,
276 static const char hkdf_digest[] = "SHA256";
277 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
278 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
279 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
281 static const ST_KAT_PARAM hkdf_params[] = {
282 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
283 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
284 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
285 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
288 static const unsigned char hkdf_expected[] = {
289 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
293 static const char sskdf_digest[] = "SHA224";
294 static const unsigned char sskdf_secret[] = {
295 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
296 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
297 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
298 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
299 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
300 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
301 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
303 static const unsigned char sskdf_otherinfo[] = {
304 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
305 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
306 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
307 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
308 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
309 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
311 static const unsigned char sskdf_expected[] = {
312 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
313 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
315 static const ST_KAT_PARAM sskdf_params[] = {
316 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
317 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
318 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
322 static const char x942kdf_digest[] = "SHA1";
323 static const char x942kdf_cekalg[] = "AES-128-WRAP";
324 static const unsigned char x942kdf_secret[] = {
325 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
326 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
327 0x10, 0x11, 0x12, 0x13
329 static const unsigned char x942kdf_expected[] = {
330 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
331 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
333 static const ST_KAT_PARAM x942kdf_params[] = {
334 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
335 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
336 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
340 static const char x963kdf_digest[] = "SHA256";
341 static const unsigned char x963kdf_otherinfo[] = {
342 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
343 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
345 static const unsigned char x963kdf_secret[] = {
346 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
347 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
348 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
350 static const unsigned char x963kdf_expected[] = {
351 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
352 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
353 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
354 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
356 static const ST_KAT_PARAM x963kdf_params[] = {
357 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
358 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
359 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
363 static const char pbkdf2_digest[] = "SHA256";
364 static const unsigned char pbkdf2_password[] = {
365 0x70, 0x61, 0x73, 0x73, 0x00, 0x77, 0x6f, 0x72,
368 static const unsigned char pbkdf2_salt[] = {
369 0x73, 0x61, 0x00, 0x6c, 0x74
371 static const unsigned char pbkdf2_expected[] = {
372 0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
373 0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
375 static int pbkdf2_iterations = 4096;
376 static int pbkdf2_pkcs5 = 1;
377 static const ST_KAT_PARAM pbkdf2_params[] = {
378 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
379 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
380 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
381 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
382 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
386 static const char sshkdf_digest[] = "SHA1";
387 static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
388 static const unsigned char sshkdf_key[] = {
389 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
390 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
391 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
392 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
393 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
394 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
395 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
396 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
397 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
398 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
399 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
400 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
401 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
402 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
403 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
404 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
405 0xfb, 0xa9, 0x4a, 0x59,
407 static const unsigned char sshkdf_xcghash[] = {
408 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
409 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
410 0xdc, 0x88, 0x92, 0x45,
412 static const unsigned char sshkdf_session_id[] = {
413 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
414 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
415 0xdc, 0x88, 0x92, 0x45,
417 static const unsigned char sshkdf_expected[] = {
418 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
420 static const ST_KAT_PARAM sshkdf_params[] = {
421 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
422 ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
423 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
424 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
425 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
429 static const char tls12prf_digest[] = "SHA256";
430 static const unsigned char tls12prf_secret[] = {
431 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
432 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
433 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
434 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
435 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
436 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
438 static const unsigned char tls12prf_seed[] = {
439 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
440 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
441 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
442 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
443 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
444 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
445 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
446 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
447 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
449 static const unsigned char tls12prf_expected[] = {
450 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
451 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
452 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
453 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
454 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
455 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
456 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
457 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
458 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
459 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
460 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
461 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
462 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
463 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
464 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
465 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
467 static const ST_KAT_PARAM tls12prf_params[] = {
468 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
469 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
470 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
474 static const char kbkdf_digest[] = "SHA256";
475 static const char kbkdf_mac[] = "HMAC";
476 static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
477 static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
478 static unsigned char kbkdf_key[] = {
479 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
480 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
482 static unsigned char kbkdf_expected[] = {
483 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
484 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
485 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
486 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
488 static const ST_KAT_PARAM kbkdf_params[] = {
489 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
490 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
491 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
492 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
493 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
497 static const char tls13_kdf_digest[] = "SHA256";
498 static int tls13_kdf_extract_mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY;
499 static int tls13_kdf_expand_mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY;
500 static const unsigned char tls13_kdf_prefix[] = {
501 0x74, 0x6C, 0x73, 0x31, 0x33, 0x20 /* "tls13 " */
503 static const unsigned char tls13_kdf_client_early_secret_label[] = {
504 0x63, 0x20, 0x65, 0x20, 0x74, 0x72, 0x61, 0x66,
505 0x66, 0x69, 0x63 /* "c e traffic"*/
507 static const unsigned char tls13_kdf_psk[] = {
508 0xF8, 0xAF, 0x6A, 0xEA, 0x2D, 0x39, 0x7B, 0xAF,
509 0x29, 0x48, 0xA2, 0x5B, 0x28, 0x34, 0x20, 0x06,
510 0x92, 0xCF, 0xF1, 0x7E, 0xEE, 0x91, 0x65, 0xE4,
511 0xE2, 0x7B, 0xAB, 0xEE, 0x9E, 0xDE, 0xFD, 0x05
513 static const unsigned char tls13_kdf_client_hello_hash[] = {
514 0x7c, 0x92, 0xf6, 0x8b, 0xd5, 0xbf, 0x36, 0x38,
515 0xea, 0x33, 0x8a, 0x64, 0x94, 0x72, 0x2e, 0x1b,
516 0x44, 0x12, 0x7e, 0x1b, 0x7e, 0x8a, 0xad, 0x53,
517 0x5f, 0x23, 0x22, 0xa6, 0x44, 0xff, 0x22, 0xb3
520 static const unsigned char tls13_kdf_early_secret[] = {
521 0x15, 0x3B, 0x63, 0x94, 0xA9, 0xC0, 0x3C, 0xF3,
522 0xF5, 0xAC, 0xCC, 0x6E, 0x45, 0x5A, 0x76, 0x93,
523 0x28, 0x11, 0x38, 0xA1, 0xBC, 0xFA, 0x38, 0x03,
524 0xC2, 0x67, 0x35, 0xDD, 0x11, 0x94, 0xD2, 0x16
526 static const unsigned char tls13_kdf_client_early_traffic_secret[] = {
527 0xC8, 0x05, 0x83, 0xA9, 0x0E, 0x99, 0x5C, 0x48,
528 0x96, 0x00, 0x49, 0x2A, 0x5D, 0xA6, 0x42, 0xE6,
529 0xB1, 0xF6, 0x79, 0xBA, 0x67, 0x48, 0x28, 0x79,
530 0x2D, 0xF0, 0x87, 0xB9, 0x39, 0x63, 0x61, 0x71
532 static const ST_KAT_PARAM tls13_kdf_early_secret_params[] = {
533 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_extract_mode),
534 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
535 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_psk),
538 static const ST_KAT_PARAM tls13_kdf_client_early_secret_params[] = {
539 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_expand_mode),
540 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
541 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_early_secret),
542 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_DATA, tls13_kdf_client_hello_hash),
543 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PREFIX, tls13_kdf_prefix),
544 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_LABEL,
545 tls13_kdf_client_early_secret_label),
549 static const ST_KAT_KDF st_kat_kdf_tests[] =
552 OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT,
553 OSSL_KDF_NAME_TLS1_3_KDF,
554 tls13_kdf_early_secret_params,
555 ITM(tls13_kdf_early_secret)
558 OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND,
559 OSSL_KDF_NAME_TLS1_3_KDF,
560 tls13_kdf_client_early_secret_params,
561 ITM(tls13_kdf_client_early_traffic_secret)
564 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
565 OSSL_KDF_NAME_TLS1_PRF,
567 ITM(tls12prf_expected)
570 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
571 OSSL_KDF_NAME_PBKDF2,
576 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
577 OSSL_KDF_NAME_SSHKDF,
582 OSSL_SELF_TEST_DESC_KDF_KBKDF,
588 OSSL_SELF_TEST_DESC_KDF_HKDF,
594 OSSL_SELF_TEST_DESC_KDF_SSKDF,
600 OSSL_SELF_TEST_DESC_KDF_X963KDF,
601 OSSL_KDF_NAME_X963KDF,
603 ITM(x963kdf_expected)
606 OSSL_SELF_TEST_DESC_KDF_X942KDF,
607 OSSL_KDF_NAME_X942KDF_ASN1,
609 ITM(x942kdf_expected)
614 * DRBG test vectors are a small subset of
615 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
616 * Using the folder drbgvectors_pr_true
617 * Generated for CAVS 14.3.
624 * [PredictionResistance = True]
625 * [EntropyInputLen = 256]
627 * [PersonalizationStringLen = 256]
628 * [AdditionalInputLen = 256]
629 * [ReturnedBitsLen = 1024]
633 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
634 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
635 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
636 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
638 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
639 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
640 0xf0, 0xe5, 0x07, 0x1f
642 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
643 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
644 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
645 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
647 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
648 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
649 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
650 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
652 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
653 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
654 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
655 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
657 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
658 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
659 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
660 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
662 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
663 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
664 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
665 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
667 static const unsigned char drbg_hash_sha256_pr_expected[] = {
668 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
669 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
670 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
671 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
672 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
673 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
674 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
675 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
676 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
677 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
678 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
685 * [PredictionResistance = True]
686 * [EntropyInputLen = 128]
688 * [PersonalizationStringLen = 128]
689 * [AdditionalInputLen = 128]
690 * [ReturnedBitsLen = 512]
694 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
695 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
696 0x43, 0xdf, 0xf8, 0x18
698 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
699 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
701 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
702 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
703 0x37, 0x3c, 0x5c, 0x0b
705 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
706 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
707 0xc4, 0x2c, 0xe8, 0x10
709 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
710 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
711 0x08, 0xf7, 0xa5, 0x01
713 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
714 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
715 0x23, 0x6d, 0xad, 0x1d
717 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
718 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
719 0xbc, 0x59, 0x31, 0x8c
721 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
722 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
723 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
724 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
725 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
726 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
727 0x23, 0xc5, 0x1f, 0x68
734 * [PredictionResistance = True]
735 * [EntropyInputLen = 128]
737 * [PersonalizationStringLen = 128]
738 * [AdditionalInputLen = 128]
739 * [ReturnedBitsLen = 640]
743 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
744 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
745 0x79, 0x9e, 0xe5, 0xd8
747 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
748 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
750 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
751 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
752 0xa9, 0x31, 0x3d, 0xd7
754 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
755 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
756 0x5f, 0x22, 0xc6, 0xa4
758 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
759 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
760 0x2d, 0x1a, 0xf7, 0xa6
762 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
763 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
764 0xc1, 0x8c, 0xd9, 0xd7
766 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
767 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
768 0xa1, 0x37, 0x12, 0x0c
770 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
771 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
772 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
773 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
774 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
775 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
776 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
777 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
780 static const ST_KAT_DRBG st_kat_drbg_tests[] =
783 OSSL_SELF_TEST_DESC_DRBG_HASH,
784 "HASH-DRBG", "digest", "SHA256",
785 ITM(drbg_hash_sha256_pr_entropyin),
786 ITM(drbg_hash_sha256_pr_nonce),
787 ITM(drbg_hash_sha256_pr_persstr),
788 ITM(drbg_hash_sha256_pr_entropyinpr0),
789 ITM(drbg_hash_sha256_pr_entropyinpr1),
790 ITM(drbg_hash_sha256_pr_addin0),
791 ITM(drbg_hash_sha256_pr_addin1),
792 ITM(drbg_hash_sha256_pr_expected)
795 OSSL_SELF_TEST_DESC_DRBG_CTR,
796 "CTR-DRBG", "cipher", "AES-128-CTR",
797 ITM(drbg_ctr_aes128_pr_df_entropyin),
798 ITM(drbg_ctr_aes128_pr_df_nonce),
799 ITM(drbg_ctr_aes128_pr_df_persstr),
800 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
801 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
802 ITM(drbg_ctr_aes128_pr_df_addin0),
803 ITM(drbg_ctr_aes128_pr_df_addin1),
804 ITM(drbg_ctr_aes128_pr_df_expected)
807 OSSL_SELF_TEST_DESC_DRBG_HMAC,
808 "HMAC-DRBG", "digest", "SHA1",
809 ITM(drbg_hmac_sha1_pr_entropyin),
810 ITM(drbg_hmac_sha1_pr_nonce),
811 ITM(drbg_hmac_sha1_pr_persstr),
812 ITM(drbg_hmac_sha1_pr_entropyinpr0),
813 ITM(drbg_hmac_sha1_pr_entropyinpr1),
814 ITM(drbg_hmac_sha1_pr_addin0),
815 ITM(drbg_hmac_sha1_pr_addin1),
816 ITM(drbg_hmac_sha1_pr_expected)
820 /* KEY EXCHANGE TEST DATA */
822 #ifndef OPENSSL_NO_DH
824 static const unsigned char dh_p[] = {
825 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
826 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
827 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
828 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
829 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
830 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
831 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
832 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
833 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
834 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
835 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
836 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
837 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
838 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
839 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
840 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
841 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
842 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
843 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
844 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
845 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
846 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
847 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
848 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
849 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
850 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
851 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
852 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
853 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
854 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
855 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
856 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
858 static const unsigned char dh_q[] = {
859 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
860 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
861 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
862 0x11, 0xac, 0xb5, 0x7d
864 static const unsigned char dh_g[] = {
865 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
866 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
867 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
868 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
869 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
870 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
871 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
872 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
873 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
874 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
875 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
876 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
877 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
878 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
879 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
880 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
881 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
882 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
883 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
884 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
885 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
886 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
887 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
888 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
889 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
890 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
891 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
892 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
893 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
894 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
895 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
896 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
898 static const unsigned char dh_priv[] = {
899 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
900 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
901 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
902 0x40, 0xb8, 0xfc, 0xe6
904 static const unsigned char dh_pub[] = {
905 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
906 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
907 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
908 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
909 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
910 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
911 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
912 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
913 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
914 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
915 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
916 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
917 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
918 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
919 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
920 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
921 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
922 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
923 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
924 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
925 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
926 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
927 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
928 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
929 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
930 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
931 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
932 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
933 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
934 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
935 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
936 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
938 static const unsigned char dh_peer_pub[] = {
939 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
940 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
941 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
942 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
943 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
944 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
945 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
946 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
947 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
948 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
949 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
950 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
951 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
952 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
953 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
954 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
955 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
956 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
957 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
958 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
959 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
960 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
961 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
962 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
963 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
964 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
965 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
966 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
967 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
968 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
969 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
970 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
973 static const unsigned char dh_secret_expected[] = {
974 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
975 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
976 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
977 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
978 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
979 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
980 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
981 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
982 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
983 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
984 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
985 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
986 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
987 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
988 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
989 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
990 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
991 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
992 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
993 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
994 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
995 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
996 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
997 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
998 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
999 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
1000 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
1001 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
1002 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
1003 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
1004 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
1005 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
1008 static const ST_KAT_PARAM dh_group[] = {
1009 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
1010 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
1011 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
1015 /* The host's private key */
1016 static const ST_KAT_PARAM dh_host_key[] = {
1017 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
1018 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
1022 /* The peer's public key */
1023 static const ST_KAT_PARAM dh_peer_key[] = {
1024 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
1027 #endif /* OPENSSL_NO_DH */
1030 #ifndef OPENSSL_NO_EC
1031 static const char ecdh_curve_name[] = "prime256v1";
1032 static const unsigned char ecdh_privd[] = {
1033 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1034 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1035 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1036 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1038 static const unsigned char ecdh_pub[] = {
1040 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1041 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1042 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1043 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1044 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1045 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1046 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1047 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1049 static const unsigned char ecdh_peer_pub[] = {
1051 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
1052 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
1053 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
1054 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
1055 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
1056 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
1057 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
1058 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
1061 static const ST_KAT_PARAM ecdh_group[] = {
1062 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
1065 static const ST_KAT_PARAM ecdh_host_key[] = {
1066 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
1067 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
1070 static const ST_KAT_PARAM ecdh_peer_key[] = {
1071 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
1074 static const unsigned char ecdh_secret_expected[] = {
1075 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
1076 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
1077 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
1078 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
1080 #endif /* OPENSSL_NO_EC */
1082 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
1083 static const ST_KAT_KAS st_kat_kas_tests[] =
1085 # ifndef OPENSSL_NO_DH
1087 OSSL_SELF_TEST_DESC_KA_DH,
1092 ITM(dh_secret_expected)
1094 # endif /* OPENSSL_NO_DH */
1095 # ifndef OPENSSL_NO_EC
1097 OSSL_SELF_TEST_DESC_KA_ECDH,
1102 ITM(ecdh_secret_expected)
1104 # endif /* OPENSSL_NO_EC */
1106 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1109 static const unsigned char rsa_n[] = {
1110 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1111 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1112 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1113 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1114 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1115 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1116 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1117 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1118 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1119 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1120 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1121 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1122 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1123 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1124 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1125 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1126 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1127 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1128 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1129 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1130 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1131 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1132 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1133 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1134 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1135 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1136 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1137 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1138 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1139 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1140 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1141 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1143 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1144 static const unsigned char rsa_d[] = {
1145 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1146 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1147 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1148 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1149 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1150 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1151 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1152 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1153 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1154 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1155 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1156 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1157 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1158 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1159 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1160 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1161 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1162 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1163 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1164 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1165 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1166 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1167 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1168 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1169 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1170 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1171 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1172 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1173 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1174 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1175 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1176 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1178 static const unsigned char rsa_p[] = {
1179 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1180 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1181 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1182 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1183 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1184 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1185 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1186 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1187 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1188 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1189 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1190 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1191 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1192 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1193 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1194 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1196 static const unsigned char rsa_q[] = {
1197 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1198 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1199 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1200 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1201 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1202 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1203 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1204 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1205 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1206 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1207 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1208 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1209 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1210 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1211 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1212 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1214 static const unsigned char rsa_dp[] = {
1215 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1216 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1217 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1218 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1219 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1220 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1221 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1222 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1223 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1224 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1225 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1226 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1227 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1228 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1229 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1230 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1232 static const unsigned char rsa_dq[] = {
1233 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1234 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1235 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1236 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1237 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1238 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1239 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1240 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1241 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1242 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1243 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1244 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1245 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1246 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1247 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1248 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1250 static const unsigned char rsa_qInv[] = {
1251 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1252 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1253 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1254 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1255 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1256 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1257 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1258 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1259 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1260 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1261 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1262 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1263 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1264 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1265 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1266 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1269 static const ST_KAT_PARAM rsa_crt_key[] = {
1270 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1271 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1272 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1273 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
1274 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
1275 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
1276 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
1277 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
1281 static const ST_KAT_PARAM rsa_pub_key[] = {
1282 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1283 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1287 static const ST_KAT_PARAM rsa_priv_key[] = {
1288 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1289 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1290 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1295 * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
1296 * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
1297 * HP/UX PA-RISC compilers.
1299 static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
1301 static const ST_KAT_PARAM rsa_enc_params[] = {
1302 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
1306 static const unsigned char rsa_expected_sig[256] = {
1307 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1308 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1309 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1310 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1311 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1312 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1313 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1314 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1315 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1316 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1317 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1318 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1319 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1320 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1321 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1322 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1323 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1324 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1325 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1326 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1327 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1328 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1329 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1330 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1331 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1332 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1333 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1334 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1335 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1336 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1337 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1338 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1341 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1342 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1343 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1345 static const unsigned char rsa_asym_expected_encrypt[256] = {
1346 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1347 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1348 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1349 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1350 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1351 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1352 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1353 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1354 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1355 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1356 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1357 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1358 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1359 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1360 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1361 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1362 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1363 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1364 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1365 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1366 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1367 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1368 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1369 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1370 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1371 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1372 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1373 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1374 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1375 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1376 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1377 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1380 #ifndef OPENSSL_NO_EC
1381 /* ECDSA key data */
1382 static const char ecd_prime_curve_name[] = "secp224r1";
1383 static const unsigned char ecd_prime_priv[] = {
1384 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1385 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1386 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1387 0x80, 0x93, 0x50, 0x30
1389 static const unsigned char ecd_prime_pub[] = {
1390 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1391 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1392 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1393 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1394 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1395 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1396 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1399 static const ST_KAT_PARAM ecdsa_prime_key[] = {
1400 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name),
1401 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub),
1402 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),
1406 # ifndef OPENSSL_NO_EC2M
1407 static const char ecd_bin_curve_name[] = "sect233r1";
1408 static const unsigned char ecd_bin_priv[] = {
1409 0x00, 0x6d, 0xd6, 0x39, 0x9d, 0x2a, 0xa2, 0xc8,
1410 0x8c, 0xfc, 0x7b, 0x80, 0x66, 0xaa, 0xe1, 0xaa,
1411 0xba, 0xee, 0xcb, 0xfd, 0xc9, 0xe5, 0x36, 0x38,
1412 0x2e, 0xf7, 0x37, 0x6d, 0xd3, 0x20
1414 static const unsigned char ecd_bin_pub[] = {
1415 0x04, 0x00, 0x06, 0xe2, 0x56, 0xf7, 0x37, 0xf9,
1416 0xea, 0xb6, 0xd1, 0x0f, 0x59, 0xfa, 0x23, 0xc3,
1417 0x93, 0xa8, 0xb2, 0x26, 0xe2, 0x5c, 0x08, 0xbe,
1418 0x63, 0x49, 0x26, 0xdc, 0xc7, 0x1e, 0x6f, 0x01,
1419 0x32, 0x3b, 0xe6, 0x54, 0x8d, 0xc1, 0x13, 0x3e,
1420 0x54, 0xb2, 0x66, 0x89, 0xb2, 0x82, 0x0a, 0x72,
1421 0x02, 0xa8, 0xe9, 0x6f, 0x54, 0xfd, 0x3a, 0x6b,
1422 0x99, 0xb6, 0x8f, 0x80, 0x46
1424 static const ST_KAT_PARAM ecdsa_bin_key[] = {
1425 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_bin_curve_name),
1426 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_bin_pub),
1427 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_bin_priv),
1430 # endif /* OPENSSL_NO_EC2M */
1431 #endif /* OPENSSL_NO_EC */
1433 #ifndef OPENSSL_NO_DSA
1435 static const unsigned char dsa_p[] = {
1436 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1437 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1438 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1439 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1440 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1441 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1442 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1443 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1444 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1445 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1446 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1447 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1448 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1449 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1450 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1451 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1452 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1453 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1454 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1455 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1456 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1457 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1458 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1459 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1460 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1461 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1462 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1463 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1464 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1465 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1466 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1467 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1469 static const unsigned char dsa_q[] = {
1470 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1471 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1472 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1473 0x18, 0x90, 0x28, 0x67
1475 static const unsigned char dsa_g[] = {
1476 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1477 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1478 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1479 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1480 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1481 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1482 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1483 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1484 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1485 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1486 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1487 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1488 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1489 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1490 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1491 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1492 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1493 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1494 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1495 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1496 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1497 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1498 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1499 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1500 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1501 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1502 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1503 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1504 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1505 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1506 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1507 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1509 static const unsigned char dsa_pub[] = {
1510 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1511 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1512 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1513 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1514 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1515 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1516 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1517 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1518 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1519 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1520 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1521 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1522 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1523 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1524 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1525 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1526 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1527 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1528 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1529 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1530 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1531 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1532 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1533 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1534 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1535 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1536 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1537 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1538 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1539 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1540 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1541 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1543 static const unsigned char dsa_priv[] = {
1544 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1545 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1546 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1547 0x40, 0x7e, 0x5c, 0xb7
1550 static const ST_KAT_PARAM dsa_key[] = {
1551 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1552 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1553 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1554 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1555 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1558 #endif /* OPENSSL_NO_DSA */
1560 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1562 OSSL_SELF_TEST_DESC_SIGN_RSA,
1566 ITM(rsa_expected_sig)
1568 #ifndef OPENSSL_NO_EC
1570 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1575 * The ECDSA signature changes each time due to it using a random k.
1576 * So there is no expected KAT for this case.
1579 # ifndef OPENSSL_NO_EC2M
1581 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1586 * The ECDSA signature changes each time due to it using a random k.
1587 * So there is no expected KAT for this case.
1591 #endif /* OPENSSL_NO_EC */
1592 #ifndef OPENSSL_NO_DSA
1594 OSSL_SELF_TEST_DESC_SIGN_DSA,
1599 * The DSA signature changes each time due to it using a random k.
1600 * So there is no expected KAT for this case.
1603 #endif /* OPENSSL_NO_DSA */
1606 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1608 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1613 ITM(rsa_asym_plaintext_encrypt),
1614 ITM(rsa_asym_expected_encrypt),
1617 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1622 ITM(rsa_asym_expected_encrypt),
1623 ITM(rsa_asym_plaintext_encrypt),
1626 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1631 ITM(rsa_asym_expected_encrypt),
1632 ITM(rsa_asym_plaintext_encrypt),
projects / thirdparty / openssl.git / blob