2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* Macros to build Self test data */
11 #define ITM(x) x, sizeof(x)
12 #define ITM_STR(x) x, (sizeof(x) - 1)
14 #define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15 #define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17 #define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19 #define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
22 /* used to store raw parameters for keys and algorithms */
23 typedef struct st_kat_param_st {
24 const char *name; /* an OSSL_PARAM name */
25 size_t type; /* the type associated with the data */
26 const void *data; /* unsigned char [], or char [] depending on the type */
27 size_t data_len; /* the length of the data */
30 typedef struct st_kat_st {
32 const char *algorithm;
33 const unsigned char *pt;
35 const unsigned char *expected;
39 typedef ST_KAT ST_KAT_DIGEST;
40 typedef struct st_kat_cipher_st {
42 const unsigned char *key;
44 const unsigned char *iv;
46 const unsigned char *aad;
48 const unsigned char *tag;
52 typedef struct st_kat_kdf_st {
54 const char *algorithm;
55 const ST_KAT_PARAM *params;
56 const unsigned char *expected;
60 typedef struct st_kat_drbg_st {
62 const char *algorithm;
63 const char *param_name;
65 const unsigned char *entropyin;
67 const unsigned char *nonce;
69 const unsigned char *persstr;
71 const unsigned char *entropyinpr1;
72 size_t entropyinpr1len;
73 const unsigned char *entropyinpr2;
74 size_t entropyinpr2len;
75 const unsigned char *entropyaddin1;
76 size_t entropyaddin1len;
77 const unsigned char *entropyaddin2;
78 size_t entropyaddin2len;
79 const unsigned char *expected;
83 typedef struct st_kat_kas_st {
85 const char *algorithm;
87 const ST_KAT_PARAM *key_group;
88 const ST_KAT_PARAM *key_host_data;
89 const ST_KAT_PARAM *key_peer_data;
91 const unsigned char *expected;
95 typedef struct st_kat_sign_st {
97 const char *algorithm;
98 const char *mdalgorithm;
99 const ST_KAT_PARAM *key;
100 const unsigned char *sig_expected; /* Set to NULL if this value changes */
101 size_t sig_expected_len;
104 typedef struct st_kat_asym_cipher_st {
106 const char *algorithm;
108 const ST_KAT_PARAM *key;
109 const ST_KAT_PARAM *postinit;
110 const unsigned char *in;
112 const unsigned char *expected;
114 } ST_KAT_ASYM_CIPHER;
116 /*- DIGEST TEST DATA */
117 static const unsigned char sha1_pt[] = "abc";
118 static const unsigned char sha1_digest[] = {
119 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
120 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
123 static const unsigned char sha512_pt[] = "abc";
124 static const unsigned char sha512_digest[] = {
125 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
126 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
127 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
128 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
129 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
130 0xA5, 0x4C, 0xA4, 0x9F
132 static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
133 static const unsigned char sha3_256_digest[] = {
134 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
135 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
136 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
139 static const ST_KAT_DIGEST st_kat_digest_tests[] =
142 OSSL_SELF_TEST_DESC_MD_SHA1,
148 OSSL_SELF_TEST_DESC_MD_SHA2,
154 OSSL_SELF_TEST_DESC_MD_SHA3,
157 ITM(sha3_256_digest),
162 /*- CIPHER TEST DATA */
165 static const unsigned char des_ede3_cbc_pt[] = {
166 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
167 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
168 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
169 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
171 static const unsigned char des_ede3_cbc_key[] = {
172 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
173 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
174 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
176 static const unsigned char des_ede3_cbc_iv[] = {
177 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
179 static const unsigned char des_ede3_cbc_ct[] = {
180 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
181 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
182 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
183 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
186 /* AES-256 GCM test data */
187 static const unsigned char aes_256_gcm_key[] = {
188 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
189 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
190 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
191 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
193 static const unsigned char aes_256_gcm_iv[] = {
194 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
195 0xe9, 0x02, 0xf2, 0x1a
197 static const unsigned char aes_256_gcm_pt[] = {
198 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
199 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
201 static const unsigned char aes_256_gcm_aad[] = {
202 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
203 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
205 static const unsigned char aes_256_gcm_ct[] = {
206 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
207 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
209 static const unsigned char aes_256_gcm_tag[] = {
210 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
211 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
214 static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
215 #ifndef OPENSSL_NO_DES
218 OSSL_SELF_TEST_DESC_CIPHER_TDES,
220 ITM(des_ede3_cbc_pt),
223 ITM(des_ede3_cbc_key),
224 ITM(des_ede3_cbc_iv),
229 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
234 ITM(aes_256_gcm_key),
236 ITM(aes_256_gcm_aad),
241 static const char hkdf_digest[] = "SHA256";
242 static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
243 static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
244 static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
246 static const ST_KAT_PARAM hkdf_params[] = {
247 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
248 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
249 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
250 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
253 static const unsigned char hkdf_expected[] = {
254 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
258 static const char sskdf_digest[] = "SHA224";
259 static const unsigned char sskdf_secret[] = {
260 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
261 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
262 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
263 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
264 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
265 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
266 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
268 static const unsigned char sskdf_otherinfo[] = {
269 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
270 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
271 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
272 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
273 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
274 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
276 static const unsigned char sskdf_expected[] = {
277 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
278 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
280 static const ST_KAT_PARAM sskdf_params[] = {
281 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
282 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
283 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
287 static const ST_KAT_KDF st_kat_kdf_tests[] =
290 OSSL_SELF_TEST_DESC_KDF_HKDF,
296 OSSL_SELF_TEST_DESC_KDF_SSKDF,
304 * DRBG test vectors are a small subset of
305 * https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
306 * Using the folder drbgvectors_pr_true
307 * Generated for CAVS 14.3.
314 * [PredictionResistance = True]
315 * [EntropyInputLen = 256]
317 * [PersonalizationStringLen = 256]
318 * [AdditionalInputLen = 256]
319 * [ReturnedBitsLen = 1024]
323 static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
324 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
325 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
326 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
328 static const unsigned char drbg_hash_sha256_pr_nonce[] = {
329 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
330 0xf0, 0xe5, 0x07, 0x1f
332 static const unsigned char drbg_hash_sha256_pr_persstr[] = {
333 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
334 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
335 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
337 static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
338 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
339 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
340 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
342 static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
343 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
344 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
345 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
347 static const unsigned char drbg_hash_sha256_pr_addin0[] = {
348 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
349 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
350 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
352 static const unsigned char drbg_hash_sha256_pr_addin1[] = {
353 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
354 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
355 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
357 static const unsigned char drbg_hash_sha256_pr_expected[] = {
358 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
359 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
360 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
361 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
362 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
363 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
364 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
365 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
366 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
367 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
368 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
375 * [PredictionResistance = True]
376 * [EntropyInputLen = 128]
378 * [PersonalizationStringLen = 128]
379 * [AdditionalInputLen = 128]
380 * [ReturnedBitsLen = 512]
384 static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
385 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
386 0x43, 0xdf, 0xf8, 0x18
388 static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
389 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
391 static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
392 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
393 0x37, 0x3c, 0x5c, 0x0b
395 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
396 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
397 0xc4, 0x2c, 0xe8, 0x10
399 static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
400 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
401 0x08, 0xf7, 0xa5, 0x01
403 static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
404 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
405 0x23, 0x6d, 0xad, 0x1d
407 static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
408 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
409 0xbc, 0x59, 0x31, 0x8c
411 static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
412 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
413 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
414 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
415 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
416 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
417 0x23, 0xc5, 0x1f, 0x68
424 * [PredictionResistance = True]
425 * [EntropyInputLen = 128]
427 * [PersonalizationStringLen = 128]
428 * [AdditionalInputLen = 128]
429 * [ReturnedBitsLen = 640]
433 static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
434 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
435 0x79, 0x9e, 0xe5, 0xd8
437 static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
438 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
440 static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
441 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
442 0xa9, 0x31, 0x3d, 0xd7
444 static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
445 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
446 0x5f, 0x22, 0xc6, 0xa4
448 static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
449 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
450 0x2d, 0x1a, 0xf7, 0xa6
452 static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
453 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
454 0xc1, 0x8c, 0xd9, 0xd7
456 static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
457 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
458 0xa1, 0x37, 0x12, 0x0c
460 static const unsigned char drbg_hmac_sha1_pr_expected[] = {
461 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
462 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
463 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
464 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
465 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
466 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
467 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
470 static const ST_KAT_DRBG st_kat_drbg_tests[] =
473 OSSL_SELF_TEST_DESC_DRBG_HASH,
474 "HASH-DRBG", "digest", "SHA256",
475 ITM(drbg_hash_sha256_pr_entropyin),
476 ITM(drbg_hash_sha256_pr_nonce),
477 ITM(drbg_hash_sha256_pr_persstr),
478 ITM(drbg_hash_sha256_pr_entropyinpr0),
479 ITM(drbg_hash_sha256_pr_entropyinpr1),
480 ITM(drbg_hash_sha256_pr_addin0),
481 ITM(drbg_hash_sha256_pr_addin1),
482 ITM(drbg_hash_sha256_pr_expected)
485 OSSL_SELF_TEST_DESC_DRBG_CTR,
486 "CTR-DRBG", "cipher", "AES-128-CTR",
487 ITM(drbg_ctr_aes128_pr_df_entropyin),
488 ITM(drbg_ctr_aes128_pr_df_nonce),
489 ITM(drbg_ctr_aes128_pr_df_persstr),
490 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
491 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
492 ITM(drbg_ctr_aes128_pr_df_addin0),
493 ITM(drbg_ctr_aes128_pr_df_addin1),
494 ITM(drbg_ctr_aes128_pr_df_expected)
497 OSSL_SELF_TEST_DESC_DRBG_HMAC,
498 "HMAC-DRBG", "digest", "SHA1",
499 ITM(drbg_hmac_sha1_pr_entropyin),
500 ITM(drbg_hmac_sha1_pr_nonce),
501 ITM(drbg_hmac_sha1_pr_persstr),
502 ITM(drbg_hmac_sha1_pr_entropyinpr0),
503 ITM(drbg_hmac_sha1_pr_entropyinpr1),
504 ITM(drbg_hmac_sha1_pr_addin0),
505 ITM(drbg_hmac_sha1_pr_addin1),
506 ITM(drbg_hmac_sha1_pr_expected)
510 /* KEY EXCHANGE TEST DATA */
512 #ifndef OPENSSL_NO_DH
514 static const unsigned char dh_p[] = {
515 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
516 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
517 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
518 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
519 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
520 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
521 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
522 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
523 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
524 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
525 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
526 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
527 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
528 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
529 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
530 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
531 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
532 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
533 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
534 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
535 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
536 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
537 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
538 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
539 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
540 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
541 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
542 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
543 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
544 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
545 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
546 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
548 static const unsigned char dh_q[] = {
549 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
550 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
551 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
552 0x11, 0xac, 0xb5, 0x7d
554 static const unsigned char dh_g[] = {
555 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
556 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
557 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
558 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
559 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
560 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
561 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
562 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
563 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
564 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
565 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
566 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
567 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
568 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
569 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
570 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
571 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
572 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
573 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
574 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
575 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
576 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
577 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
578 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
579 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
580 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
581 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
582 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
583 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
584 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
585 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
586 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
588 static const unsigned char dh_priv[] = {
589 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
590 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
591 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
592 0x40, 0xb8, 0xfc, 0xe6
594 static const unsigned char dh_pub[] = {
595 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
596 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
597 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
598 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
599 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
600 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
601 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
602 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
603 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
604 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
605 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
606 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
607 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
608 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
609 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
610 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
611 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
612 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
613 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
614 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
615 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
616 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
617 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
618 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
619 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
620 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
621 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
622 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
623 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
624 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
625 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
626 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
628 static const unsigned char dh_peer_pub[] = {
629 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
630 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
631 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
632 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
633 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
634 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
635 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
636 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
637 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
638 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
639 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
640 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
641 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
642 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
643 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
644 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
645 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
646 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
647 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
648 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
649 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
650 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
651 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
652 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
653 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
654 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
655 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
656 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
657 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
658 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
659 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
660 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
663 static const unsigned char dh_secret_expected[] = {
664 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
665 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
666 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
667 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
668 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
669 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
670 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
671 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
672 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
673 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
674 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
675 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
676 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
677 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
678 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
679 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
680 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
681 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
682 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
683 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
684 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
685 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
686 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
687 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
688 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
689 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
690 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
691 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
692 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
693 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
694 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
695 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
698 static const ST_KAT_PARAM dh_group[] = {
699 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
700 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
701 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
705 /* The host's private key */
706 static const ST_KAT_PARAM dh_host_key[] = {
707 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
708 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
712 /* The peer's public key */
713 static const ST_KAT_PARAM dh_peer_key[] = {
714 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
717 #endif /* OPENSSL_NO_DH */
720 #ifndef OPENSSL_NO_EC
721 static const char ecdh_curve_name[] = "prime256v1";
722 static const unsigned char ecdh_privd[] = {
723 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
724 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
725 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
726 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
728 static const unsigned char ecdh_pub[] = {
730 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
731 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
732 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
733 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
734 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
735 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
736 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
737 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
739 static const unsigned char ecdh_peer_pub[] = {
741 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
742 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
743 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
744 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
745 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
746 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
747 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
748 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
751 static const ST_KAT_PARAM ecdh_group[] = {
752 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
755 static const ST_KAT_PARAM ecdh_host_key[] = {
756 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
757 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
760 static const ST_KAT_PARAM ecdh_peer_key[] = {
761 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
764 static const unsigned char ecdh_secret_expected[] = {
765 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
766 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
767 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
768 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
770 #endif /* OPENSSL_NO_EC */
772 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
773 static const ST_KAT_KAS st_kat_kas_tests[] =
775 # ifndef OPENSSL_NO_DH
777 OSSL_SELF_TEST_DESC_KA_DH,
782 ITM(dh_secret_expected)
784 # endif /* OPENSSL_NO_DH */
785 # ifndef OPENSSL_NO_EC
787 OSSL_SELF_TEST_DESC_KA_ECDH,
792 ITM(ecdh_secret_expected)
794 # endif /* OPENSSL_NO_EC */
796 #endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
798 #if !defined(OPENSSL_NO_RSA)
800 static const unsigned char rsa_n[] = {
801 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
802 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
803 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
804 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
805 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
806 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
807 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
808 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
809 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
810 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
811 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
812 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
813 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
814 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
815 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
816 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
817 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
818 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
819 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
820 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
821 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
822 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
823 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
824 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
825 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
826 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
827 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
828 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
829 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
830 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
831 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
832 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
834 static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
835 static const unsigned char rsa_d[] = {
836 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
837 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
838 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
839 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
840 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
841 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
842 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
843 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
844 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
845 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
846 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
847 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
848 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
849 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
850 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
851 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
852 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
853 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
854 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
855 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
856 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
857 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
858 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
859 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
860 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
861 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
862 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
863 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
864 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
865 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
866 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
867 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
869 static const unsigned char rsa_p[] = {
870 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
871 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
872 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
873 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
874 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
875 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
876 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
877 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
878 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
879 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
880 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
881 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
882 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
883 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
884 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
885 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
887 static const unsigned char rsa_q[] = {
888 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
889 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
890 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
891 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
892 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
893 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
894 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
895 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
896 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
897 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
898 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
899 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
900 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
901 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
902 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
903 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
905 static const unsigned char rsa_dp[] = {
906 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
907 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
908 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
909 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
910 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
911 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
912 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
913 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
914 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
915 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
916 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
917 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
918 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
919 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
920 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
921 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
923 static const unsigned char rsa_dq[] = {
924 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
925 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
926 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
927 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
928 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
929 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
930 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
931 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
932 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
933 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
934 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
935 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
936 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
937 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
938 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
939 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
941 static const unsigned char rsa_qInv[] = {
942 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
943 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
944 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
945 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
946 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
947 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
948 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
949 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
950 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
951 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
952 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
953 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
954 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
955 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
956 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
957 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
960 static const ST_KAT_PARAM rsa_crt_key[] = {
961 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
962 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
963 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
964 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p),
965 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q),
966 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp),
967 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq),
968 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv),
972 static const ST_KAT_PARAM rsa_pub_key[] = {
973 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
974 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
978 static const ST_KAT_PARAM rsa_priv_key[] = {
979 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
980 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
981 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
985 static const ST_KAT_PARAM rsa_enc_params[] = {
986 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE,
987 OSSL_PKEY_RSA_PAD_MODE_NONE),
991 static const unsigned char rsa_expected_sig[256] = {
992 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
993 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
994 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
995 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
996 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
997 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
998 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
999 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1000 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1001 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1002 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1003 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1004 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1005 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1006 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1007 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1008 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1009 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1010 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1011 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1012 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1013 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1014 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1015 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1016 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1017 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1018 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1019 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1020 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1021 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1022 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1023 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1026 static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1027 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1028 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1030 static const unsigned char rsa_asym_expected_encrypt[256] = {
1031 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1032 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1033 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1034 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1035 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1036 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1037 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1038 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1039 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1040 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1041 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1042 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1043 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1044 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1045 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1046 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1047 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1048 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1049 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1050 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1051 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1052 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1053 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1054 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1055 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1056 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1057 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1058 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1059 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1060 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1061 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1062 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1065 #endif /* OPENSSL_NO_RSA */
1067 #ifndef OPENSSL_NO_EC
1068 /* ECDSA key data */
1069 static const char ecd_curve_name[] = "secp224r1";
1070 static const unsigned char ecd_priv[] = {
1071 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1072 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1073 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1074 0x80, 0x93, 0x50, 0x30
1076 static const unsigned char ecd_pub[] = {
1077 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1078 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1079 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1080 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1081 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1082 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1083 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1087 static const ST_KAT_PARAM ecdsa_key[] = {
1088 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_curve_name),
1089 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_pub),
1090 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_priv),
1093 #endif /* OPENSSL_NO_EC */
1095 #ifndef OPENSSL_NO_DSA
1097 static const unsigned char dsa_p[] = {
1098 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1099 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1100 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1101 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1102 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1103 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1104 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1105 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1106 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1107 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1108 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1109 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1110 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1111 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1112 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1113 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1114 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1115 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1116 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1117 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1118 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1119 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1120 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1121 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1122 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1123 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1124 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1125 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1126 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1127 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1128 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1129 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1131 static const unsigned char dsa_q[] = {
1132 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1133 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1134 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1135 0x18, 0x90, 0x28, 0x67
1137 static const unsigned char dsa_g[] = {
1138 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1139 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1140 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1141 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1142 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1143 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1144 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1145 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1146 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1147 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1148 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1149 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1150 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1151 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1152 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1153 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1154 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1155 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1156 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1157 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1158 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1159 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1160 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1161 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1162 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1163 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1164 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1165 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1166 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1167 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1168 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1169 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1171 static const unsigned char dsa_pub[] = {
1172 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1173 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1174 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1175 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1176 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1177 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1178 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1179 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1180 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1181 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1182 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1183 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1184 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1185 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1186 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1187 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1188 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1189 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1190 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1191 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1192 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1193 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1194 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1195 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1196 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1197 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1198 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1199 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1200 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1201 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1202 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1203 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1205 static const unsigned char dsa_priv[] = {
1206 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1207 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1208 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1209 0x40, 0x7e, 0x5c, 0xb7
1212 static const ST_KAT_PARAM dsa_key[] = {
1213 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1214 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1215 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1216 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1217 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1220 #endif /* OPENSSL_NO_DSA */
1222 static const ST_KAT_SIGN st_kat_sign_tests[] = {
1223 #ifndef OPENSSL_NO_RSA
1225 OSSL_SELF_TEST_DESC_SIGN_RSA,
1229 ITM(rsa_expected_sig)
1231 #endif /* OPENSSL_NO_RSA */
1232 #ifndef OPENSSL_NO_EC
1234 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1239 * The ECDSA signature changes each time due to it using a random k.
1240 * So there is no expected KAT for this case.
1243 #endif /* OPENSSL_NO_EC */
1244 #ifndef OPENSSL_NO_DSA
1246 OSSL_SELF_TEST_DESC_SIGN_DSA,
1251 * The DSA signature changes each time due to it using a random k.
1252 * So there is no expected KAT for this case.
1255 #endif /* OPENSSL_NO_DSA */
1258 static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1259 #ifndef OPENSSL_NO_RSA
1261 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1266 ITM(rsa_asym_plaintext_encrypt),
1267 ITM(rsa_asym_expected_encrypt),
1270 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1275 ITM(rsa_asym_expected_encrypt),
1276 ITM(rsa_asym_plaintext_encrypt),
1279 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1284 ITM(rsa_asym_expected_encrypt),
1285 ITM(rsa_asym_plaintext_encrypt),
1287 #endif /* OPENSSL_NO_RSA */