2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) ((void *)&x), sizeof(x)
12 #define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21 #define ST_KAT_PARAM_UTF8CHAR(name, data) \
22 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
23 #define ST_KAT_PARAM_INT(name, i) \
24 { name, OSSL_PARAM_INTEGER, ITM(i) }
26 /* used to store raw parameters for keys and algorithms */
27 typedef struct st_kat_param_st {
28 const char *name; /* an OSSL_PARAM name */
29 size_t type; /* the type associated with the data */
30 const void *data; /* unsigned char [], or char [] depending on the type */
31 size_t data_len; /* the length of the data */
34 typedef struct st_kat_st {
36 const char *algorithm;
37 const unsigned char *pt;
39 const unsigned char *expected;
43 #define CIPHER_MODE_ENCRYPT 1
44 #define CIPHER_MODE_DECRYPT 2
45 #define CIPHER_MODE_ALL (CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT)
47 typedef ST_KAT ST_KAT_DIGEST;
48 typedef struct st_kat_cipher_st {
51 const unsigned char *key;
53 const unsigned char *iv;
55 const unsigned char *aad;
57 const unsigned char *tag;
61 typedef struct st_kat_kdf_st {
63 const char *algorithm;
64 const ST_KAT_PARAM *params;
65 const unsigned char *expected;
69 typedef struct st_kat_drbg_st {
71 const char *algorithm;
72 const char *param_name;
74 const unsigned char *entropyin;
76 const unsigned char *nonce;
78 const unsigned char *persstr;
80 const unsigned char *entropyinpr1;
81 size_t entropyinpr1len;
82 const unsigned char *entropyinpr2;
83 size_t entropyinpr2len;
84 const unsigned char *entropyaddin1;
85 size_t entropyaddin1len;
86 const unsigned char *entropyaddin2;
87 size_t entropyaddin2len;
88 const unsigned char *expected;
92 typedef struct st_kat_kas_st {
94 const char *algorithm;
96 const ST_KAT_PARAM *key_group;
97 const ST_KAT_PARAM *key_host_data;
98 const ST_KAT_PARAM *key_peer_data;
100 const unsigned char *expected;
104 typedef struct st_kat_sign_st {
106 const char *algorithm;
107 const char *mdalgorithm;
108 const ST_KAT_PARAM *key;
109 const unsigned char *entropy;
111 const unsigned char *nonce;
113 const unsigned char *persstr;
115 const unsigned char *sig_expected; /* Set to NULL if this value changes */
116 size_t sig_expected_len;
119 typedef struct st_kat_asym_cipher_st {
121 const char *algorithm;
123 const ST_KAT_PARAM *key;
124 const ST_KAT_PARAM *postinit;
125 const unsigned char *in;
127 const unsigned char *expected;
129 } ST_KAT_ASYM_CIPHER;
131 /*- DIGEST TEST DATA */
132 static const unsigned char sha1_pt[] = "abc";
133 static const unsigned char sha1_digest[] = {
134 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
135 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
138 static const unsigned char sha512_pt[] = "abc";
139 static const unsigned char sha512_digest[] = {
140 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
141 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
142 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
143 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
144 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
145 0xA5, 0x4C, 0xA4, 0x9F
147 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
148 static const unsigned char sha3_256_digest[] = {
149 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
150 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
151 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
154 static const ST_KAT_DIGEST st_kat_digest_tests[] =
157 OSSL_SELF_TEST_DESC_MD_SHA1,
163 OSSL_SELF_TEST_DESC_MD_SHA2,
169 OSSL_SELF_TEST_DESC_MD_SHA3,
172 ITM(sha3_256_digest),
177 /*- CIPHER TEST DATA */
180 static const unsigned char des_ede3_cbc_pt[] = {
181 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
182 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
183 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
184 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
186 static const unsigned char des_ede3_cbc_key[] = {
187 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
188 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
189 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
191 static const unsigned char des_ede3_cbc_iv[] = {
192 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
194 static const unsigned char des_ede3_cbc_ct[] = {
195 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
196 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
197 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
198 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
201 /* AES-256 GCM test data */
202 static const unsigned char aes_256_gcm_key[] = {
203 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
204 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
205 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
206 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
208 static const unsigned char aes_256_gcm_iv[] = {
209 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
210 0xe9, 0x02, 0xf2, 0x1a
212 static const unsigned char aes_256_gcm_pt[] = {
213 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
214 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
216 static const unsigned char aes_256_gcm_aad[] = {
217 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
218 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
220 static const unsigned char aes_256_gcm_ct[] = {
221 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
222 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
224 static const unsigned char aes_256_gcm_tag[] = {
225 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
226 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
229 /* AES-ECB test data */
230 static const unsigned char aes_128_ecb_key[] = {
231 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3,
232 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
234 static const unsigned char aes_128_ecb_pt[] = {
235 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
236 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
238 static const unsigned char aes_128_ecb_ct[] = {
239 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0,
240 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
243 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
246 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
251 CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
252 ITM(aes_256_gcm_key),
254 ITM(aes_256_gcm_aad),
259 OSSL_SELF_TEST_DESC_CIPHER_AES_ECB,
269 static const char hkdf_digest[] = "SHA256";
270 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
271 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
272 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
274 static const ST_KAT_PARAM hkdf_params[] = {
275 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
276 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
277 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
278 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
281 static const unsigned char hkdf_expected[] = {
282 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
286 static const char sskdf_digest[] = "SHA224";
287 static const unsigned char sskdf_secret[] = {
288 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
289 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
290 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
291 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
292 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
293 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
294 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
296 static const unsigned char sskdf_otherinfo[] = {
297 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
298 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
299 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
300 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
301 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
302 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
304 static const unsigned char sskdf_expected[] = {
305 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
306 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
308 static const ST_KAT_PARAM sskdf_params[] = {
309 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
310 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
311 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
315 static const char x942kdf_digest[] = "SHA1";
316 static const char x942kdf_cekalg[] = "AES-128-WRAP";
317 static const unsigned char x942kdf_secret[] = {
318 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
319 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
320 0x10, 0x11, 0x12, 0x13
322 static const unsigned char x942kdf_expected[] = {
323 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
324 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
326 static const ST_KAT_PARAM x942kdf_params[] = {
327 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
328 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
329 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
333 static const char x963kdf_digest[] = "SHA256";
334 static const unsigned char x963kdf_otherinfo[] = {
335 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
336 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
338 static const unsigned char x963kdf_secret[] = {
339 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
340 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
341 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
343 static const unsigned char x963kdf_expected[] = {
344 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
345 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
346 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
347 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
349 static const ST_KAT_PARAM x963kdf_params[] = {
350 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
351 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
352 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
356 static const char pbkdf2_digest[] = "SHA256";
358 * Input parameters from RFC 6070, vector 5 (because it is the only one with
359 * a salt >= 16 bytes, which NIST SP 800-132 section 5.1 requires). The
360 * expected output is taken from
361 * https://github.com/brycx/Test-Vector-Generation/blob/master/PBKDF2/pbkdf2-hmac-sha2-test-vectors.md,
362 * which ran these test vectors with SHA-256.
364 static const unsigned char pbkdf2_password[] = {
365 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x50, 0x41, 0x53, 0x53,
366 0x57, 0x4f, 0x52, 0x44, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64
368 static const unsigned char pbkdf2_salt[] = {
369 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74,
370 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54,
371 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74
373 static const unsigned char pbkdf2_expected[] = {
374 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f, 0x32, 0xd8, 0x14, 0xb8,
375 0x11, 0x6e, 0x84, 0xcf, 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
378 static int pbkdf2_iterations = 4096;
379 static int pbkdf2_pkcs5 = 0;
380 static const ST_KAT_PARAM pbkdf2_params[] = {
381 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
382 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
383 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
384 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
385 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
389 static const char sshkdf_digest[] = "SHA1";
390 static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
391 static const unsigned char sshkdf_key[] = {
392 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
393 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
394 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
395 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
396 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
397 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
398 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
399 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
400 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
401 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
402 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
403 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
404 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
405 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
406 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
407 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
408 0xfb, 0xa9, 0x4a, 0x59,
410 static const unsigned char sshkdf_xcghash[] = {
411 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
412 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
413 0xdc, 0x88, 0x92, 0x45,
415 static const unsigned char sshkdf_session_id[] = {
416 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
417 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
418 0xdc, 0x88, 0x92, 0x45,
420 static const unsigned char sshkdf_expected[] = {
421 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
423 static const ST_KAT_PARAM sshkdf_params[] = {
424 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
425 ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
426 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
427 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
428 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
432 static const char tls12prf_digest[] = "SHA256";
433 static const unsigned char tls12prf_secret[] = {
434 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
435 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
436 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
437 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
438 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
439 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
441 static const unsigned char tls12prf_seed[] = {
442 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
443 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
444 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
445 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
446 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
447 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
448 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
449 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
450 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
452 static const unsigned char tls12prf_expected[] = {
453 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
454 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
455 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
456 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
457 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
458 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
459 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
460 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
461 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
462 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
463 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
464 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
465 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
466 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
467 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
468 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
470 static const ST_KAT_PARAM tls12prf_params[] = {
471 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
472 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
473 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
477 static const char kbkdf_digest[] = "SHA256";
478 static const char kbkdf_mac[] = "HMAC";
479 static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
480 static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
481 static unsigned char kbkdf_key[] = {
482 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
483 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
485 static unsigned char kbkdf_expected[] = {
486 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
487 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
488 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
489 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
491 static const ST_KAT_PARAM kbkdf_params[] = {
492 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
493 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
494 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
495 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
496 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
500 static const char kbkdf_kmac_mac[] = "KMAC128";
501 static unsigned char kbkdf_kmac_label[] = {
502 0xB5, 0xB5, 0xF3, 0x71, 0x9F, 0xBE, 0x5B, 0x3D,
503 0x7B, 0x8D, 0x05, 0xA1, 0xD3, 0x25, 0x19, 0x50,
505 static unsigned char kbkdf_kmac_context[] = {
506 0x36, 0x60, 0x0E, 0xF3, 0xC3, 0x70, 0xB5, 0xEF,
507 0x58, 0xBE, 0xF1, 0xBA, 0x1C, 0xF2, 0x74, 0xCB,
509 static unsigned char kbkdf_kmac_key[] = {
510 0xB2, 0x51, 0x4C, 0xC1, 0xD5, 0xCD, 0x7B, 0x6B,
511 0xA3, 0x3C, 0x90, 0x05, 0xBD, 0xAC, 0x32, 0x2A,
513 static unsigned char kbkdf_kmac_expected[] = {
514 0xB1, 0x58, 0xEE, 0xB1, 0x34, 0xA4, 0xDD, 0x9D,
515 0xAC, 0x52, 0xBD, 0x9E, 0x30, 0xE8, 0x0D, 0x76,
516 0x42, 0x57, 0x01, 0x89, 0x5F, 0x82, 0x74, 0xB9,
517 0xEB, 0x3E, 0x84, 0xD8, 0xA5, 0xDE, 0x6E, 0x54,
519 static const ST_KAT_PARAM kbkdf_kmac_params[] = {
520 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_kmac_mac),
521 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_kmac_key),
522 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_kmac_label),
523 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_kmac_context),
527 static const char tls13_kdf_digest[] = "SHA256";
528 static int tls13_kdf_extract_mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY;
529 static int tls13_kdf_expand_mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY;
530 static const unsigned char tls13_kdf_prefix[] = {
531 0x74, 0x6C, 0x73, 0x31, 0x33, 0x20 /* "tls13 " */
533 static const unsigned char tls13_kdf_client_early_secret_label[] = {
534 0x63, 0x20, 0x65, 0x20, 0x74, 0x72, 0x61, 0x66,
535 0x66, 0x69, 0x63 /* "c e traffic"*/
537 static const unsigned char tls13_kdf_psk[] = {
538 0xF8, 0xAF, 0x6A, 0xEA, 0x2D, 0x39, 0x7B, 0xAF,
539 0x29, 0x48, 0xA2, 0x5B, 0x28, 0x34, 0x20, 0x06,
540 0x92, 0xCF, 0xF1, 0x7E, 0xEE, 0x91, 0x65, 0xE4,
541 0xE2, 0x7B, 0xAB, 0xEE, 0x9E, 0xDE, 0xFD, 0x05
543 static const unsigned char tls13_kdf_client_hello_hash[] = {
544 0x7c, 0x92, 0xf6, 0x8b, 0xd5, 0xbf, 0x36, 0x38,
545 0xea, 0x33, 0x8a, 0x64, 0x94, 0x72, 0x2e, 0x1b,
546 0x44, 0x12, 0x7e, 0x1b, 0x7e, 0x8a, 0xad, 0x53,
547 0x5f, 0x23, 0x22, 0xa6, 0x44, 0xff, 0x22, 0xb3
550 static const unsigned char tls13_kdf_early_secret[] = {
551 0x15, 0x3B, 0x63, 0x94, 0xA9, 0xC0, 0x3C, 0xF3,
552 0xF5, 0xAC, 0xCC, 0x6E, 0x45, 0x5A, 0x76, 0x93,
553 0x28, 0x11, 0x38, 0xA1, 0xBC, 0xFA, 0x38, 0x03,
554 0xC2, 0x67, 0x35, 0xDD, 0x11, 0x94, 0xD2, 0x16
556 static const unsigned char tls13_kdf_client_early_traffic_secret[] = {
557 0xC8, 0x05, 0x83, 0xA9, 0x0E, 0x99, 0x5C, 0x48,
558 0x96, 0x00, 0x49, 0x2A, 0x5D, 0xA6, 0x42, 0xE6,
559 0xB1, 0xF6, 0x79, 0xBA, 0x67, 0x48, 0x28, 0x79,
560 0x2D, 0xF0, 0x87, 0xB9, 0x39, 0x63, 0x61, 0x71
562 static const ST_KAT_PARAM tls13_kdf_early_secret_params[] = {
563 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_extract_mode),
564 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
565 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_psk),
568 static const ST_KAT_PARAM tls13_kdf_client_early_secret_params[] = {
569 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_expand_mode),
570 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
571 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_early_secret),
572 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_DATA, tls13_kdf_client_hello_hash),
573 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PREFIX, tls13_kdf_prefix),
574 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_LABEL,
575 tls13_kdf_client_early_secret_label),
579 static const ST_KAT_KDF st_kat_kdf_tests[] =
582 OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT,
583 OSSL_KDF_NAME_TLS1_3_KDF,
584 tls13_kdf_early_secret_params,
585 ITM(tls13_kdf_early_secret)
588 OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND,
589 OSSL_KDF_NAME_TLS1_3_KDF,
590 tls13_kdf_client_early_secret_params,
591 ITM(tls13_kdf_client_early_traffic_secret)
594 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
595 OSSL_KDF_NAME_TLS1_PRF,
597 ITM(tls12prf_expected)
600 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
601 OSSL_KDF_NAME_PBKDF2,
606 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
607 OSSL_KDF_NAME_SSHKDF,
612 OSSL_SELF_TEST_DESC_KDF_KBKDF,
618 OSSL_SELF_TEST_DESC_KDF_KBKDF_KMAC,
621 ITM(kbkdf_kmac_expected)
624 OSSL_SELF_TEST_DESC_KDF_HKDF,
630 OSSL_SELF_TEST_DESC_KDF_SSKDF,
636 OSSL_SELF_TEST_DESC_KDF_X963KDF,
637 OSSL_KDF_NAME_X963KDF,
639 ITM(x963kdf_expected)
642 OSSL_SELF_TEST_DESC_KDF_X942KDF,
643 OSSL_KDF_NAME_X942KDF_ASN1,
645 ITM(x942kdf_expected)
650 * DRBG test vectors are a small subset of
651 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
652 * Using the folder drbgvectors_pr_true
653 * Generated for CAVS 14.3.
660 * [PredictionResistance = True]
661 * [EntropyInputLen = 256]
663 * [PersonalizationStringLen = 256]
664 * [AdditionalInputLen = 256]
665 * [ReturnedBitsLen = 1024]
669 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
670 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
671 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
672 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
674 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
675 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
676 0xf0, 0xe5, 0x07, 0x1f
678 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
679 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
680 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
681 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
683 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
684 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
685 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
686 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
688 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
689 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
690 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
691 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
693 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
694 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
695 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
696 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
698 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
699 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
700 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
701 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
703 static const unsigned char drbg_hash_sha256_pr_expected[] = {
704 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
705 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
706 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
707 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
708 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
709 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
710 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
711 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
712 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
713 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
714 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
721 * [PredictionResistance = True]
722 * [EntropyInputLen = 128]
724 * [PersonalizationStringLen = 128]
725 * [AdditionalInputLen = 128]
726 * [ReturnedBitsLen = 512]
730 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
731 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
732 0x43, 0xdf, 0xf8, 0x18
734 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
735 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
737 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
738 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
739 0x37, 0x3c, 0x5c, 0x0b
741 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
742 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
743 0xc4, 0x2c, 0xe8, 0x10
745 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
746 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
747 0x08, 0xf7, 0xa5, 0x01
749 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
750 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
751 0x23, 0x6d, 0xad, 0x1d
753 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
754 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
755 0xbc, 0x59, 0x31, 0x8c
757 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
758 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
759 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
760 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
761 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
762 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
763 0x23, 0xc5, 0x1f, 0x68
770 * [PredictionResistance = True]
771 * [EntropyInputLen = 128]
773 * [PersonalizationStringLen = 128]
774 * [AdditionalInputLen = 128]
775 * [ReturnedBitsLen = 640]
779 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
780 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
781 0x79, 0x9e, 0xe5, 0xd8
783 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
784 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
786 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
787 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
788 0xa9, 0x31, 0x3d, 0xd7
790 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
791 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
792 0x5f, 0x22, 0xc6, 0xa4
794 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
795 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
796 0x2d, 0x1a, 0xf7, 0xa6
798 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
799 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
800 0xc1, 0x8c, 0xd9, 0xd7
802 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
803 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
804 0xa1, 0x37, 0x12, 0x0c
806 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
807 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
808 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
809 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
810 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
811 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
812 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
813 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
816 static const ST_KAT_DRBG st_kat_drbg_tests[] =
819 OSSL_SELF_TEST_DESC_DRBG_HASH,
820 "HASH-DRBG", "digest", "SHA256",
821 ITM(drbg_hash_sha256_pr_entropyin),
822 ITM(drbg_hash_sha256_pr_nonce),
823 ITM(drbg_hash_sha256_pr_persstr),
824 ITM(drbg_hash_sha256_pr_entropyinpr0),
825 ITM(drbg_hash_sha256_pr_entropyinpr1),
826 ITM(drbg_hash_sha256_pr_addin0),
827 ITM(drbg_hash_sha256_pr_addin1),
828 ITM(drbg_hash_sha256_pr_expected)
831 OSSL_SELF_TEST_DESC_DRBG_CTR,
832 "CTR-DRBG", "cipher", "AES-128-CTR",
833 ITM(drbg_ctr_aes128_pr_df_entropyin),
834 ITM(drbg_ctr_aes128_pr_df_nonce),
835 ITM(drbg_ctr_aes128_pr_df_persstr),
836 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
837 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
838 ITM(drbg_ctr_aes128_pr_df_addin0),
839 ITM(drbg_ctr_aes128_pr_df_addin1),
840 ITM(drbg_ctr_aes128_pr_df_expected)
843 OSSL_SELF_TEST_DESC_DRBG_HMAC,
844 "HMAC-DRBG", "digest", "SHA1",
845 ITM(drbg_hmac_sha1_pr_entropyin),
846 ITM(drbg_hmac_sha1_pr_nonce),
847 ITM(drbg_hmac_sha1_pr_persstr),
848 ITM(drbg_hmac_sha1_pr_entropyinpr0),
849 ITM(drbg_hmac_sha1_pr_entropyinpr1),
850 ITM(drbg_hmac_sha1_pr_addin0),
851 ITM(drbg_hmac_sha1_pr_addin1),
852 ITM(drbg_hmac_sha1_pr_expected)
856 /* KEY EXCHANGE TEST DATA */
858 #ifndef OPENSSL_NO_DH
860 static const unsigned char dh_p[] = {
861 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
862 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
863 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
864 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
865 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
866 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
867 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
868 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
869 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
870 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
871 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
872 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
873 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
874 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
875 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
876 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
877 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
878 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
879 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
880 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
881 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
882 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
883 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
884 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
885 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
886 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
887 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
888 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
889 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
890 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
891 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
892 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
894 static const unsigned char dh_q[] = {
895 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
896 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
897 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
898 0x11, 0xac, 0xb5, 0x7d
900 static const unsigned char dh_g[] = {
901 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
902 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
903 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
904 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
905 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
906 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
907 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
908 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
909 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
910 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
911 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
912 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
913 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
914 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
915 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
916 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
917 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
918 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
919 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
920 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
921 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
922 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
923 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
924 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
925 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
926 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
927 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
928 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
929 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
930 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
931 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
932 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
934 static const unsigned char dh_priv[] = {
935 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
936 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
937 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
938 0x40, 0xb8, 0xfc, 0xe6
940 static const unsigned char dh_pub[] = {
941 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
942 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
943 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
944 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
945 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
946 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
947 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
948 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
949 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
950 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
951 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
952 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
953 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
954 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
955 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
956 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
957 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
958 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
959 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
960 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
961 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
962 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
963 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
964 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
965 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
966 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
967 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
968 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
969 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
970 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
971 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
972 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
974 static const unsigned char dh_peer_pub[] = {
975 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
976 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
977 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
978 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
979 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
980 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
981 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
982 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
983 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
984 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
985 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
986 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
987 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
988 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
989 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
990 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
991 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
992 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
993 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
994 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
995 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
996 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
997 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
998 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
999 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
1000 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
1001 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
1002 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
1003 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
1004 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
1005 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
1006 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
1009 static const unsigned char dh_secret_expected[] = {
1010 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
1011 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
1012 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
1013 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
1014 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
1015 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
1016 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
1017 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
1018 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
1019 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
1020 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
1021 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
1022 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
1023 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
1024 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
1025 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
1026 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
1027 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
1028 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
1029 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
1030 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
1031 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
1032 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
1033 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
1034 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
1035 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
1036 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
1037 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
1038 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
1039 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
1040 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
1041 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
1044 static const ST_KAT_PARAM dh_group[] = {
1045 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
1046 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
1047 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
1051 /* The host's private key */
1052 static const ST_KAT_PARAM dh_host_key[] = {
1053 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
1054 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
1058 /* The peer's public key */
1059 static const ST_KAT_PARAM dh_peer_key[] = {
1060 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
1063 #endif /* OPENSSL_NO_DH */
1066 #ifndef OPENSSL_NO_EC
1067 static const char ecdh_curve_name[] = "prime256v1";
1068 static const unsigned char ecdh_privd[] = {
1069 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1070 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1071 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1072 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1074 static const unsigned char ecdh_pub[] = {
1076 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1077 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1078 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1079 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1080 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1081 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1082 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1083 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1085 static const unsigned char ecdh_peer_pub[] = {
1087 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
1088 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
1089 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
1090 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
1091 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
1092 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
1093 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
1094 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
1097 static const ST_KAT_PARAM ecdh_group[] = {
1098 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
1101 static const ST_KAT_PARAM ecdh_host_key[] = {
1102 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
1103 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
1106 static const ST_KAT_PARAM ecdh_peer_key[] = {
1107 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
1110 static const unsigned char ecdh_secret_expected[] = {
1111 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
1112 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
1113 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
1114 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
1116 #endif /* OPENSSL_NO_EC */
1118 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
1119 static const ST_KAT_KAS st_kat_kas_tests[] =
1121 # ifndef OPENSSL_NO_DH
1123 OSSL_SELF_TEST_DESC_KA_DH,
1128 ITM(dh_secret_expected)
1130 # endif /* OPENSSL_NO_DH */
1131 # ifndef OPENSSL_NO_EC
1133 OSSL_SELF_TEST_DESC_KA_ECDH,
1138 ITM(ecdh_secret_expected)
1140 # endif /* OPENSSL_NO_EC */
1142 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1145 static const unsigned char rsa_n[] = {
1146 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1147 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1148 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1149 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1150 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1151 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1152 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1153 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1154 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1155 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1156 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1157 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1158 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1159 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1160 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1161 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1162 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1163 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1164 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1165 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1166 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1167 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1168 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1169 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1170 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1171 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1172 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1173 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1174 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1175 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1176 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1177 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1179 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1180 static const unsigned char rsa_d[] = {
1181 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1182 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1183 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1184 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1185 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1186 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1187 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1188 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1189 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1190 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1191 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1192 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1193 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1194 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1195 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1196 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1197 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1198 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1199 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1200 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1201 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1202 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1203 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1204 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1205 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1206 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1207 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1208 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1209 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1210 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1211 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1212 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1214 static const unsigned char rsa_p[] = {
1215 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1216 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1217 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1218 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1219 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1220 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1221 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1222 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1223 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1224 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1225 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1226 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1227 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1228 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1229 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1230 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1232 static const unsigned char rsa_q[] = {
1233 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1234 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1235 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1236 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1237 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1238 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1239 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1240 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1241 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1242 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1243 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1244 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1245 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1246 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1247 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1248 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1250 static const unsigned char rsa_dp[] = {
1251 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1252 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1253 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1254 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1255 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1256 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1257 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1258 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1259 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1260 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1261 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1262 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1263 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1264 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1265 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1266 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1268 static const unsigned char rsa_dq[] = {
1269 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1270 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1271 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1272 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1273 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1274 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1275 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1276 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1277 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1278 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1279 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1280 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1281 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1282 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1283 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1284 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1286 static const unsigned char rsa_qInv[] = {
1287 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1288 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1289 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1290 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1291 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1292 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1293 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1294 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1295 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1296 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1297 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1298 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1299 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1300 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1301 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1302 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1305 static const ST_KAT_PARAM rsa_crt_key[] = {
1306 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1307 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1308 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1309 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p),
1310 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q),
1311 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp),
1312 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq),
1313 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv),
1317 static const ST_KAT_PARAM rsa_pub_key[] = {
1318 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1319 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1323 static const ST_KAT_PARAM rsa_priv_key[] = {
1324 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1325 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1326 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1331 * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
1332 * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
1333 * HP/UX PA-RISC compilers.
1335 static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
1337 static const ST_KAT_PARAM rsa_enc_params[] = {
1338 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
1342 static const unsigned char rsa_expected_sig[256] = {
1343 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1344 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1345 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1346 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1347 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1348 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1349 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1350 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1351 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1352 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1353 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1354 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1355 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1356 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1357 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1358 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1359 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1360 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1361 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1362 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1363 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1364 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1365 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1366 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1367 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1368 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1369 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1370 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1371 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1372 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1373 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1374 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1377 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1378 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1379 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1381 static const unsigned char rsa_asym_expected_encrypt[256] = {
1382 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1383 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1384 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1385 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1386 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1387 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1388 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1389 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1390 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1391 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1392 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1393 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1394 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1395 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1396 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1397 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1398 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1399 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1400 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1401 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1402 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1403 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1404 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1405 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1406 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1407 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1408 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1409 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1410 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1411 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1412 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1413 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1416 #ifndef OPENSSL_NO_EC
1417 /* ECDSA key data */
1418 static const char ecd_prime_curve_name[] = "secp224r1";
1419 static const unsigned char ecd_prime_priv[] = {
1420 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1421 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1422 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1423 0x80, 0x93, 0x50, 0x30
1425 static const unsigned char ecd_prime_pub[] = {
1426 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1427 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1428 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1429 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1430 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1431 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1432 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1435 static const unsigned char ecdsa_prime_expected_sig[] = {
1436 0x30, 0x3d, 0x02, 0x1d, 0x00, 0xd2, 0x4a, 0xc9,
1437 0x4f, 0xaf, 0xdb, 0x62, 0xfc, 0x41, 0x4a, 0x81,
1438 0x2a, 0x9f, 0xcf, 0xa3, 0xda, 0xfe, 0xa3, 0x49,
1439 0xbd, 0xea, 0xbf, 0x2a, 0x51, 0xb4, 0x0b, 0xc3,
1440 0xbc, 0x02, 0x1c, 0x7f, 0x30, 0xb7, 0xad, 0xab,
1441 0x09, 0x6e, 0x3c, 0xad, 0x7f, 0xf9, 0x5e, 0xaa,
1442 0xe2, 0x38, 0xe5, 0x29, 0x16, 0xc4, 0xc8, 0x77,
1443 0xa1, 0xf8, 0x60, 0x77, 0x39, 0x7a, 0xec
1445 static const ST_KAT_PARAM ecdsa_prime_key[] = {
1446 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name),
1447 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub),
1448 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),
1452 # ifndef OPENSSL_NO_EC2M
1453 static const char ecd_bin_curve_name[] = "sect233r1";
1454 static const unsigned char ecd_bin_priv[] = {
1455 0x00, 0x6d, 0xd6, 0x39, 0x9d, 0x2a, 0xa2, 0xc8,
1456 0x8c, 0xfc, 0x7b, 0x80, 0x66, 0xaa, 0xe1, 0xaa,
1457 0xba, 0xee, 0xcb, 0xfd, 0xc9, 0xe5, 0x36, 0x38,
1458 0x2e, 0xf7, 0x37, 0x6d, 0xd3, 0x20
1460 static const unsigned char ecd_bin_pub[] = {
1461 0x04, 0x00, 0x06, 0xe2, 0x56, 0xf7, 0x37, 0xf9,
1462 0xea, 0xb6, 0xd1, 0x0f, 0x59, 0xfa, 0x23, 0xc3,
1463 0x93, 0xa8, 0xb2, 0x26, 0xe2, 0x5c, 0x08, 0xbe,
1464 0x63, 0x49, 0x26, 0xdc, 0xc7, 0x1e, 0x6f, 0x01,
1465 0x32, 0x3b, 0xe6, 0x54, 0x8d, 0xc1, 0x13, 0x3e,
1466 0x54, 0xb2, 0x66, 0x89, 0xb2, 0x82, 0x0a, 0x72,
1467 0x02, 0xa8, 0xe9, 0x6f, 0x54, 0xfd, 0x3a, 0x6b,
1468 0x99, 0xb6, 0x8f, 0x80, 0x46
1470 static const unsigned char ecdsa_bin_expected_sig[] = {
1471 0x30, 0x3f, 0x02, 0x1d, 0x08, 0x11, 0x7c, 0xcd,
1472 0xf4, 0xa1, 0x31, 0x9a, 0xc1, 0xfd, 0x50, 0x0e,
1473 0x5d, 0xa9, 0xb6, 0x0e, 0x95, 0x49, 0xe1, 0xbd,
1474 0x44, 0xe3, 0x5b, 0xa9, 0x35, 0x94, 0xa5, 0x2f,
1475 0xae, 0x02, 0x1e, 0x00, 0xe3, 0xba, 0xb8, 0x8f,
1476 0x4b, 0x05, 0x76, 0x88, 0x1e, 0x49, 0xd6, 0x62,
1477 0x76, 0xd3, 0x22, 0x4d, 0xa3, 0x7b, 0x04, 0xcc,
1478 0xfa, 0x7b, 0x41, 0x9b, 0x8c, 0xaf, 0x1b, 0x6d,
1481 static const ST_KAT_PARAM ecdsa_bin_key[] = {
1482 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_bin_curve_name),
1483 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_bin_pub),
1484 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_bin_priv),
1487 # endif /* OPENSSL_NO_EC2M */
1488 #endif /* OPENSSL_NO_EC */
1490 #ifndef OPENSSL_NO_DSA
1492 static const unsigned char dsa_p[] = {
1493 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1494 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1495 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1496 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1497 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1498 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1499 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1500 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1501 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1502 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1503 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1504 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1505 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1506 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1507 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1508 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1509 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1510 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1511 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1512 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1513 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1514 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1515 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1516 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1517 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1518 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1519 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1520 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1521 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1522 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1523 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1524 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1526 static const unsigned char dsa_q[] = {
1527 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1528 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1529 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1530 0x18, 0x90, 0x28, 0x67
1532 static const unsigned char dsa_g[] = {
1533 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1534 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1535 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1536 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1537 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1538 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1539 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1540 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1541 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1542 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1543 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1544 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1545 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1546 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1547 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1548 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1549 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1550 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1551 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1552 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1553 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1554 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1555 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1556 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1557 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1558 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1559 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1560 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1561 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1562 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1563 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1564 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1566 static const unsigned char dsa_pub[] = {
1567 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1568 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1569 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1570 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1571 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1572 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1573 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1574 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1575 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1576 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1577 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1578 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1579 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1580 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1581 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1582 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1583 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1584 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1585 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1586 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1587 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1588 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1589 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1590 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1591 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1592 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1593 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1594 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1595 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1596 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1597 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1598 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1600 static const unsigned char dsa_priv[] = {
1601 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1602 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1603 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1604 0x40, 0x7e, 0x5c, 0xb7
1606 static const unsigned char dsa_expected_sig[] = {
1607 0x30, 0x3c, 0x02, 0x1c, 0x70, 0xa4, 0x77, 0xb6,
1608 0x02, 0xb5, 0xd3, 0x07, 0x21, 0x22, 0x2d, 0xe3,
1609 0x4f, 0x7d, 0xfd, 0xfd, 0x6b, 0x4f, 0x03, 0x27,
1610 0x4c, 0xd3, 0xb2, 0x8c, 0x7c, 0xc5, 0xc4, 0xdf,
1611 0x02, 0x1c, 0x11, 0x52, 0x65, 0x16, 0x9f, 0xbd,
1612 0x4c, 0xe5, 0xab, 0xb2, 0x01, 0xd0, 0x7a, 0x30,
1613 0x5c, 0xc5, 0xba, 0x22, 0xc6, 0x62, 0x7e, 0xa6,
1614 0x7d, 0x98, 0x96, 0xc9, 0x77, 0x00
1617 static const ST_KAT_PARAM dsa_key[] = {
1618 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1619 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1620 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1621 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1622 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1625 #endif /* OPENSSL_NO_DSA */
1627 /* Hash DRBG inputs for signature KATs */
1628 static const unsigned char sig_kat_entropyin[] = {
1629 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
1630 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
1631 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
1633 static const unsigned char sig_kat_nonce[] = {
1634 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
1635 0xf0, 0xe5, 0x07, 0x1f
1637 static const unsigned char sig_kat_persstr[] = {
1638 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
1639 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
1640 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
1643 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1645 OSSL_SELF_TEST_DESC_SIGN_RSA,
1649 ITM(sig_kat_entropyin),
1651 ITM(sig_kat_persstr),
1652 ITM(rsa_expected_sig)
1654 #ifndef OPENSSL_NO_EC
1656 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1660 ITM(sig_kat_entropyin),
1662 ITM(sig_kat_persstr),
1663 ITM(ecdsa_prime_expected_sig)
1665 # ifndef OPENSSL_NO_EC2M
1667 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1671 ITM(sig_kat_entropyin),
1673 ITM(sig_kat_persstr),
1674 ITM(ecdsa_bin_expected_sig)
1677 #endif /* OPENSSL_NO_EC */
1678 #ifndef OPENSSL_NO_DSA
1680 OSSL_SELF_TEST_DESC_SIGN_DSA,
1684 ITM(sig_kat_entropyin),
1686 ITM(sig_kat_persstr),
1687 ITM(dsa_expected_sig)
1689 #endif /* OPENSSL_NO_DSA */
1692 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1694 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1699 ITM(rsa_asym_plaintext_encrypt),
1700 ITM(rsa_asym_expected_encrypt),
1703 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1708 ITM(rsa_asym_expected_encrypt),
1709 ITM(rsa_asym_plaintext_encrypt),
1712 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1717 ITM(rsa_asym_expected_encrypt),
1718 ITM(rsa_asym_plaintext_encrypt),
projects / thirdparty / openssl.git / blob