]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/acvp_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Make EVP_PKEY_CTX_[get|set]_ec_paramgen_curve_name more generic
[thirdparty/openssl.git] / test / acvp_test.c
1 /*
2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * A set of tests demonstrating uses cases for CAVS/ACVP testing.
12 *
13 * For examples of testing KDF's, Digests, KeyAgreement & DRBG's refer to
14 * providers/fips/self_test_kats.c
15 */
16
17 #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */
18 #include <openssl/core_names.h>
19 #include <openssl/evp.h>
20 #include <openssl/ec.h>
21 #include <openssl/dh.h>
22 #include <openssl/dsa.h>
23 #include <openssl/rsa.h>
24 #include <openssl/param_build.h>
25 #include <openssl/provider.h>
26 #include "testutil.h"
27 #include "testutil/output.h"
28 #include "acvp_test.inc"
29 #include "internal/nelem.h"
30
31 static OSSL_PROVIDER *prov_null = NULL;
32 static OPENSSL_CTX *libctx = NULL;
33
34 typedef enum OPTION_choice {
35 OPT_ERR = -1,
36 OPT_EOF = 0,
37 OPT_CONFIG_FILE,
38 OPT_TEST_ENUM
39 } OPTION_CHOICE;
40
41 const OPTIONS *test_get_options(void)
42 {
43 static const OPTIONS test_options[] = {
44 OPT_TEST_OPTIONS_DEFAULT_USAGE,
45 { "config", OPT_CONFIG_FILE, '<',
46 "The configuration file to use for the libctx" },
47 { NULL }
48 };
49 return test_options;
50 }
51
52 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \
53 || !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
54 static int pkey_get_bn_bytes(EVP_PKEY *pkey, const char *name,
55 unsigned char **out, size_t *out_len)
56 {
57 unsigned char *buf = NULL;
58 BIGNUM *bn = NULL;
59 int sz;
60
61 if (!EVP_PKEY_get_bn_param(pkey, name, &bn))
62 goto err;
63 sz = BN_num_bytes(bn);
64 buf = OPENSSL_zalloc(sz);
65 if (buf == NULL)
66 goto err;
67 if (!BN_bn2binpad(bn, buf, sz))
68 goto err;
69
70 *out_len = sz;
71 *out = buf;
72 BN_free(bn);
73 return 1;
74 err:
75 OPENSSL_free(buf);
76 BN_free(bn);
77 return 0;
78 }
79 #endif
80
81 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \
82 || !defined(OPENSSL_NO_RSA)
83 static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name,
84 const unsigned char *msg, size_t msg_len,
85 unsigned char **sig_out, size_t *sig_out_len)
86 {
87 int ret = 0;
88 EVP_MD_CTX *md_ctx = NULL;
89 unsigned char *sig = NULL;
90 size_t sig_len;
91 size_t sz = EVP_PKEY_size(pkey);
92
93 if (!TEST_ptr(sig = OPENSSL_malloc(sz))
94 || !TEST_ptr(md_ctx = EVP_MD_CTX_new())
95 || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, NULL,
96 pkey, libctx), 1)
97 || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0))
98 goto err;
99 *sig_out = sig;
100 *sig_out_len = sig_len;
101 sig = NULL;
102 ret = 1;
103 err:
104 OPENSSL_free(sig);
105 EVP_MD_CTX_free(md_ctx);
106 return ret;
107 }
108 #endif
109
110 #ifndef OPENSSL_NO_EC
111 static int ecdsa_keygen_test(int id)
112 {
113 int ret = 0;
114 EVP_PKEY_CTX *ctx = NULL;
115 EVP_PKEY *pkey = NULL;
116 unsigned char *priv = NULL;
117 unsigned char *pubx = NULL, *puby = NULL;
118 size_t priv_len = 0, pubx_len = 0, puby_len = 0;
119 const struct ecdsa_keygen_st *tst = &ecdsa_keygen_data[id];
120
121 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL))
122 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
123 || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx, tst->curve_name))
124 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)
125 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv,
126 &priv_len))
127 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_X, &pubx,
128 &pubx_len))
129 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_Y, &puby,
130 &puby_len)))
131 goto err;
132
133 test_output_memory("qy", puby, puby_len);
134 test_output_memory("qx", pubx, pubx_len);
135 test_output_memory("d", priv, priv_len);
136 ret = 1;
137 err:
138 OPENSSL_clear_free(priv, priv_len);
139 OPENSSL_free(pubx);
140 OPENSSL_free(puby);
141 EVP_PKEY_free(pkey);
142 EVP_PKEY_CTX_free(ctx);
143 return ret;
144 }
145
146 static int ecdsa_create_pkey(EVP_PKEY **pkey, const char *curve_name,
147 const unsigned char *pub, size_t pub_len,
148 int expected)
149 {
150 int ret = 0;
151 EVP_PKEY_CTX *ctx = NULL;
152 OSSL_PARAM_BLD *bld = NULL;
153 OSSL_PARAM *params = NULL;
154
155 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
156 || (curve_name != NULL
157 && !TEST_true(OSSL_PARAM_BLD_push_utf8_string(
158 bld, OSSL_PKEY_PARAM_GROUP_NAME, curve_name, 0) > 0))
159 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
160 OSSL_PKEY_PARAM_PUB_KEY,
161 pub, pub_len) > 0)
162 || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
163 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL))
164 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
165 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), expected))
166 goto err;
167
168 ret = 1;
169 err:
170 OSSL_PARAM_BLD_free_params(params);
171 OSSL_PARAM_BLD_free(bld);
172 EVP_PKEY_CTX_free(ctx);
173 return ret;
174 }
175
176 static int ecdsa_pub_verify_test(int id)
177 {
178 const struct ecdsa_pub_verify_st *tst = &ecdsa_pv_data[id];
179
180 int ret = 0;
181 EVP_PKEY_CTX *key_ctx = NULL;
182 EVP_PKEY *pkey = NULL;
183
184 if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name,
185 tst->pub, tst->pub_len, tst->pass)))
186 goto err;
187
188 if (tst->pass) {
189 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
190 || !TEST_int_eq(EVP_PKEY_public_check(key_ctx), tst->pass))
191 goto err;
192 }
193 ret = 1;
194 err:
195 EVP_PKEY_free(pkey);
196 EVP_PKEY_CTX_free(key_ctx);
197 return ret;
198 }
199
200 /* Extract r and s from a ecdsa signature */
201 static int get_ecdsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len,
202 unsigned char **r, unsigned char **s,
203 size_t *rlen, size_t *slen)
204 {
205 int ret = 0;
206 unsigned char *rbuf = NULL, *sbuf = NULL;
207 size_t r1_len, s1_len;
208 const BIGNUM *r1, *s1;
209 ECDSA_SIG *sign = d2i_ECDSA_SIG(NULL, &sig, sig_len);
210
211 if (sign == NULL)
212 return 0;
213 r1 = ECDSA_SIG_get0_r(sign);
214 s1 = ECDSA_SIG_get0_s(sign);
215 if (r1 == NULL || s1 == NULL)
216 return 0;
217
218 r1_len = BN_num_bytes(r1);
219 s1_len = BN_num_bytes(s1);
220 rbuf = OPENSSL_zalloc(r1_len);
221 sbuf = OPENSSL_zalloc(s1_len);
222 if (rbuf == NULL || sbuf == NULL)
223 goto err;
224 if (BN_bn2binpad(r1, rbuf, r1_len) <= 0)
225 goto err;
226 if (BN_bn2binpad(s1, sbuf, s1_len) <= 0)
227 goto err;
228 *r = rbuf;
229 *s = sbuf;
230 *rlen = r1_len;
231 *slen = s1_len;
232 ret = 1;
233 err:
234 if (ret == 0) {
235 OPENSSL_free(rbuf);
236 OPENSSL_free(sbuf);
237 }
238 ECDSA_SIG_free(sign);
239 return ret;
240 }
241
242 static int ecdsa_siggen_test(int id)
243 {
244 int ret = 0;
245 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
246 EVP_PKEY *pkey = NULL;
247 size_t sig_len = 0, rlen = 0, slen = 0;
248 unsigned char *sig = NULL;
249 unsigned char *r = NULL, *s = NULL;
250 const struct ecdsa_siggen_st *tst = &ecdsa_siggen_data[id];
251
252 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL))
253 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
254 || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx, tst->curve_name))
255 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
256 goto err;
257
258 if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len,
259 &sig, &sig_len))
260 || !TEST_true(get_ecdsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen)))
261 goto err;
262 test_output_memory("r", r, rlen);
263 test_output_memory("s", s, slen);
264 ret = 1;
265 err:
266 OPENSSL_free(r);
267 OPENSSL_free(s);
268 OPENSSL_free(sig);
269 EVP_PKEY_free(pkey);
270 EVP_PKEY_CTX_free(key_ctx);
271 EVP_PKEY_CTX_free(ctx);
272 return ret;
273 }
274
275 static int ecdsa_sigver_test(int id)
276 {
277 int ret = 0;
278 EVP_MD_CTX *md_ctx = NULL;
279 EVP_PKEY *pkey = NULL;
280 ECDSA_SIG *sign = NULL;
281 size_t sig_len;
282 unsigned char *sig = NULL;
283 BIGNUM *rbn = NULL, *sbn = NULL;
284 const struct ecdsa_sigver_st *tst = &ecdsa_sigver_data[id];
285
286 if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name,
287 tst->pub, tst->pub_len, 1)))
288 goto err;
289
290 if (!TEST_ptr(sign = ECDSA_SIG_new())
291 || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL))
292 || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL))
293 || !TEST_true(ECDSA_SIG_set0(sign, rbn, sbn)))
294 goto err;
295 rbn = sbn = NULL;
296
297 ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0)
298 && TEST_ptr(md_ctx = EVP_MD_CTX_new())
299 && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg,
300 NULL, pkey, libctx)
301 && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len,
302 tst->msg, tst->msg_len), tst->pass));
303 err:
304 BN_free(rbn);
305 BN_free(sbn);
306 OPENSSL_free(sig);
307 ECDSA_SIG_free(sign);
308 EVP_PKEY_free(pkey);
309 EVP_MD_CTX_free(md_ctx);
310 return ret;
311
312 }
313 #endif /* OPENSSL_NO_EC */
314
315 #ifndef OPENSSL_NO_DSA
316 static int pkey_get_octet_bytes(EVP_PKEY *pkey, const char *name,
317 unsigned char **out, size_t *out_len)
318 {
319 size_t len = 0;
320 unsigned char *buf = NULL;
321
322 if (!EVP_PKEY_get_octet_string_param(pkey, name, NULL, 0, &len))
323 goto err;
324
325 buf = OPENSSL_zalloc(len);
326 if (buf == NULL)
327 goto err;
328
329 if (!EVP_PKEY_get_octet_string_param(pkey, name, buf, len, out_len))
330 goto err;
331 *out = buf;
332 return 1;
333 err:
334 OPENSSL_free(buf);
335 return 0;
336 }
337
338 static EVP_PKEY *dsa_paramgen(int L, int N)
339 {
340 EVP_PKEY_CTX *paramgen_ctx = NULL;
341 EVP_PKEY *param_key = NULL;
342
343 if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
344 || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx))
345 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, L))
346 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, N))
347 || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, &param_key)))
348 return NULL;
349 EVP_PKEY_CTX_free(paramgen_ctx);
350 return param_key;
351 }
352
353 static EVP_PKEY *dsa_keygen(int L, int N)
354 {
355 EVP_PKEY *param_key = NULL, *key = NULL;
356 EVP_PKEY_CTX *keygen_ctx = NULL;
357
358 if (!TEST_ptr(param_key = dsa_paramgen(L, N))
359 || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key,
360 NULL))
361 || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0)
362 || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0))
363 goto err;
364 err:
365 EVP_PKEY_free(param_key);
366 EVP_PKEY_CTX_free(keygen_ctx);
367 return key;
368 }
369
370 static int dsa_keygen_test(int id)
371 {
372 int ret = 0, i;
373 EVP_PKEY_CTX *paramgen_ctx = NULL, *keygen_ctx = NULL;
374 EVP_PKEY *param_key = NULL, *key = NULL;
375 unsigned char *priv = NULL, *pub = NULL;
376 size_t priv_len = 0, pub_len = 0;
377 const struct dsa_paramgen_st *tst = &dsa_keygen_data[id];
378
379 if (!TEST_ptr(param_key = dsa_paramgen(tst->L, tst->N))
380 || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key,
381 NULL))
382 || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0))
383 goto err;
384 for (i = 0; i < 2; ++i) {
385 if (!TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0)
386 || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PRIV_KEY,
387 &priv, &priv_len))
388 || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PUB_KEY,
389 &pub, &pub_len)))
390 goto err;
391 test_output_memory("y", pub, pub_len);
392 test_output_memory("x", priv, priv_len);
393 EVP_PKEY_free(key);
394 OPENSSL_clear_free(priv, priv_len);
395 OPENSSL_free(pub);
396 key = NULL;
397 pub = priv = NULL;
398 }
399 ret = 1;
400 err:
401 OPENSSL_clear_free(priv, priv_len);
402 OPENSSL_free(pub);
403 EVP_PKEY_free(param_key);
404 EVP_PKEY_free(key);
405 EVP_PKEY_CTX_free(keygen_ctx);
406 EVP_PKEY_CTX_free(paramgen_ctx);
407 return ret;
408 }
409
410 static int dsa_paramgen_test(int id)
411 {
412 int ret = 0, counter = 0;
413 EVP_PKEY_CTX *paramgen_ctx = NULL;
414 EVP_PKEY *param_key = NULL;
415 unsigned char *p = NULL, *q = NULL, *seed = NULL;
416 size_t plen = 0, qlen = 0, seedlen = 0;
417 const struct dsa_paramgen_st *tst = &dsa_paramgen_data[id];
418
419 if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
420 || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx))
421 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, tst->L))
422 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, tst->N))
423 || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, &param_key))
424 || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_P,
425 &p, &plen))
426 || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_Q,
427 &q, &qlen))
428 || !TEST_true(pkey_get_octet_bytes(param_key, OSSL_PKEY_PARAM_FFC_SEED,
429 &seed, &seedlen))
430 || !TEST_true(EVP_PKEY_get_int_param(param_key,
431 OSSL_PKEY_PARAM_FFC_PCOUNTER,
432 &counter)))
433 goto err;
434
435 test_output_memory("p", p, plen);
436 test_output_memory("q", q, qlen);
437 test_output_memory("domainSeed", seed, seedlen);
438 test_printf_stderr("%s: %d\n", "counter", counter);
439 ret = 1;
440 err:
441 OPENSSL_free(p);
442 OPENSSL_free(q);
443 OPENSSL_free(seed);
444 EVP_PKEY_free(param_key);
445 EVP_PKEY_CTX_free(paramgen_ctx);
446 return ret;
447 }
448
449 static int dsa_create_pkey(EVP_PKEY **pkey,
450 const unsigned char *p, size_t p_len,
451 const unsigned char *q, size_t q_len,
452 const unsigned char *g, size_t g_len,
453 const unsigned char *seed, size_t seed_len,
454 int counter,
455 const char *validate_type,
456 const unsigned char *pub, size_t pub_len,
457 BN_CTX *bn_ctx)
458 {
459 int ret = 0;
460 EVP_PKEY_CTX *ctx = NULL;
461 OSSL_PARAM_BLD *bld = NULL;
462 OSSL_PARAM *params = NULL;
463 BIGNUM *p_bn = NULL, *q_bn = NULL, *g_bn = NULL, *pub_bn = NULL;
464
465 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
466 || !TEST_ptr(p_bn = BN_CTX_get(bn_ctx))
467 || !TEST_ptr(BN_bin2bn(p, p_len, p_bn))
468 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
469 OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE,
470 validate_type, 0))
471 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p_bn))
472 || !TEST_ptr(q_bn = BN_CTX_get(bn_ctx))
473 || !TEST_ptr(BN_bin2bn(q, q_len, q_bn))
474 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q_bn)))
475 goto err;
476
477 if (g != NULL) {
478 if (!TEST_ptr(g_bn = BN_CTX_get(bn_ctx))
479 || !TEST_ptr(BN_bin2bn(g, g_len, g_bn))
480 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld,
481 OSSL_PKEY_PARAM_FFC_G, g_bn)))
482 goto err;
483 }
484 if (seed != NULL) {
485 if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
486 OSSL_PKEY_PARAM_FFC_SEED, seed, seed_len)))
487 goto err;
488 }
489 if (counter != -1) {
490 if (!TEST_true(OSSL_PARAM_BLD_push_int(bld,
491 OSSL_PKEY_PARAM_FFC_PCOUNTER,
492 counter)))
493 goto err;
494 }
495 if (pub != NULL) {
496 if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx))
497 || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn))
498 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld,
499 OSSL_PKEY_PARAM_PUB_KEY,
500 pub_bn)))
501 goto err;
502 }
503 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
504 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
505 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
506 || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params)))
507 goto err;
508
509 ret = 1;
510 err:
511 OSSL_PARAM_BLD_free_params(params);
512 OSSL_PARAM_BLD_free(bld);
513 EVP_PKEY_CTX_free(ctx);
514 return ret;
515 }
516
517 static int dsa_pqver_test(int id)
518 {
519 int ret = 0;
520 BN_CTX *bn_ctx = NULL;
521 EVP_PKEY_CTX *key_ctx = NULL;
522 EVP_PKEY *param_key = NULL;
523 const struct dsa_pqver_st *tst = &dsa_pqver_data[id];
524
525 if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx))
526 || !TEST_true(dsa_create_pkey(&param_key, tst->p, tst->p_len,
527 tst->q, tst->q_len, NULL, 0,
528 tst->seed, tst->seed_len, tst->counter,
529 OSSL_FFC_PARAM_VALIDATE_PQ,
530 NULL, 0,
531 bn_ctx))
532 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key,
533 NULL))
534 || !TEST_int_eq(EVP_PKEY_param_check(key_ctx), tst->pass))
535 goto err;
536
537 ret = 1;
538 err:
539 BN_CTX_free(bn_ctx);
540 EVP_PKEY_free(param_key);
541 EVP_PKEY_CTX_free(key_ctx);
542 return ret;
543 }
544
545 /* Extract r and s from a dsa signature */
546 static int get_dsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len,
547 unsigned char **r, unsigned char **s,
548 size_t *r_len, size_t *s_len)
549 {
550 int ret = 0;
551 unsigned char *rbuf = NULL, *sbuf = NULL;
552 size_t r1_len, s1_len;
553 const BIGNUM *r1, *s1;
554 DSA_SIG *sign = d2i_DSA_SIG(NULL, &sig, sig_len);
555
556 if (sign == NULL)
557 return 0;
558 DSA_SIG_get0(sign, &r1, &s1);
559 if (r1 == NULL || s1 == NULL)
560 return 0;
561
562 r1_len = BN_num_bytes(r1);
563 s1_len = BN_num_bytes(s1);
564 rbuf = OPENSSL_zalloc(r1_len);
565 sbuf = OPENSSL_zalloc(s1_len);
566 if (rbuf == NULL || sbuf == NULL)
567 goto err;
568 if (BN_bn2binpad(r1, rbuf, r1_len) <= 0)
569 goto err;
570 if (BN_bn2binpad(s1, sbuf, s1_len) <= 0)
571 goto err;
572 *r = rbuf;
573 *s = sbuf;
574 *r_len = r1_len;
575 *s_len = s1_len;
576 ret = 1;
577 err:
578 if (ret == 0) {
579 OPENSSL_free(rbuf);
580 OPENSSL_free(sbuf);
581 }
582 DSA_SIG_free(sign);
583 return ret;
584 }
585
586 static int dsa_siggen_test(int id)
587 {
588 int ret = 0;
589 EVP_PKEY *pkey = NULL;
590 unsigned char *sig = NULL, *r = NULL, *s = NULL;
591 size_t sig_len = 0, rlen = 0, slen = 0;
592 const struct dsa_siggen_st *tst = &dsa_siggen_data[id];
593
594 if (!TEST_ptr(pkey = dsa_keygen(tst->L, tst->N)))
595 goto err;
596
597 if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len,
598 &sig, &sig_len))
599 || !TEST_true(get_dsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen)))
600 goto err;
601 test_output_memory("r", r, rlen);
602 test_output_memory("s", s, slen);
603 ret = 1;
604 err:
605 OPENSSL_free(r);
606 OPENSSL_free(s);
607 OPENSSL_free(sig);
608 EVP_PKEY_free(pkey);
609 return ret;
610 }
611
612 static int dsa_sigver_test(int id)
613 {
614 int ret = 0;
615 EVP_PKEY_CTX *ctx = NULL;
616 EVP_PKEY *pkey = NULL;
617 DSA_SIG *sign = NULL;
618 size_t sig_len;
619 unsigned char *sig = NULL;
620 BIGNUM *rbn = NULL, *sbn = NULL;
621 EVP_MD *md = NULL;
622 unsigned char digest[EVP_MAX_MD_SIZE];
623 unsigned int digest_len;
624 BN_CTX *bn_ctx = NULL;
625 const struct dsa_sigver_st *tst = &dsa_sigver_data[id];
626
627 if (!TEST_ptr(bn_ctx = BN_CTX_new())
628 || !TEST_true(dsa_create_pkey(&pkey, tst->p, tst->p_len,
629 tst->q, tst->q_len, tst->g, tst->g_len,
630 NULL, 0, 0, "", tst->pub, tst->pub_len,
631 bn_ctx)))
632 goto err;
633
634 if (!TEST_ptr(sign = DSA_SIG_new())
635 || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL))
636 || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL))
637 || !TEST_true(DSA_SIG_set0(sign, rbn, sbn)))
638 goto err;
639 rbn = sbn = NULL;
640
641 if (!TEST_ptr(md = EVP_MD_fetch(libctx, tst->digest_alg, ""))
642 || !TEST_true(EVP_Digest(tst->msg, tst->msg_len,
643 digest, &digest_len, md, NULL)))
644 goto err;
645
646 if (!TEST_int_gt((sig_len = i2d_DSA_SIG(sign, &sig)), 0)
647 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
648 || !TEST_int_gt(EVP_PKEY_verify_init(ctx), 0)
649 || !TEST_int_eq(EVP_PKEY_verify(ctx, sig, sig_len, digest, digest_len),
650 tst->pass))
651 goto err;
652 ret = 1;
653 err:
654 EVP_PKEY_CTX_free(ctx);
655 OPENSSL_free(sig);
656 EVP_MD_free(md);
657 DSA_SIG_free(sign);
658 EVP_PKEY_free(pkey);
659 BN_free(rbn);
660 BN_free(sbn);
661 BN_CTX_free(bn_ctx);
662 return ret;
663 }
664 #endif /* OPENSSL_NO_DSA */
665
666
667 /* cipher encrypt/decrypt */
668 static int cipher_enc(const char *alg,
669 const unsigned char *pt, size_t pt_len,
670 const unsigned char *key, size_t key_len,
671 const unsigned char *iv, size_t iv_len,
672 const unsigned char *ct, size_t ct_len,
673 int enc)
674 {
675 int ret = 0, out_len = 0, len = 0;
676 EVP_CIPHER_CTX *ctx = NULL;
677 EVP_CIPHER *cipher = NULL;
678 unsigned char out[256] = { 0 };
679
680 TEST_note("%s : %s", alg, enc ? "encrypt" : "decrypt");
681 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
682 || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, ""))
683 || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc))
684 || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))
685 || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len))
686 || !TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len)))
687 goto err;
688 out_len += len;
689 if (!TEST_mem_eq(out, out_len, ct, ct_len))
690 goto err;
691 ret = 1;
692 err:
693 EVP_CIPHER_free(cipher);
694 EVP_CIPHER_CTX_free(ctx);
695 return ret;
696 }
697
698 static int cipher_enc_dec_test(int id)
699 {
700 const struct cipher_st *tst = &cipher_enc_data[id];
701 const int enc = 1;
702
703 return TEST_true(cipher_enc(tst->alg, tst->pt, tst->pt_len,
704 tst->key, tst->key_len,
705 tst->iv, tst->iv_len,
706 tst->ct, tst->ct_len, enc))
707 && TEST_true(cipher_enc(tst->alg, tst->ct, tst->ct_len,
708 tst->key, tst->key_len,
709 tst->iv, tst->iv_len,
710 tst->pt, tst->pt_len, !enc));
711 }
712
713 static int aes_ccm_enc_dec(const char *alg,
714 const unsigned char *pt, size_t pt_len,
715 const unsigned char *key, size_t key_len,
716 const unsigned char *iv, size_t iv_len,
717 const unsigned char *aad, size_t aad_len,
718 const unsigned char *ct, size_t ct_len,
719 const unsigned char *tag, size_t tag_len,
720 int enc, int pass)
721 {
722 int ret = 0;
723 EVP_CIPHER_CTX *ctx;
724 EVP_CIPHER *cipher = NULL;
725 int out_len, len;
726 unsigned char out[1024];
727
728 TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt",
729 pass ? "pass" : "fail");
730
731 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
732 || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, ""))
733 || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
734 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len,
735 NULL))
736 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len,
737 enc ? NULL : (void *)tag))
738 || !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
739 || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))
740 || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, NULL, pt_len))
741 || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len))
742 || !TEST_int_eq(EVP_CipherUpdate(ctx, out, &len, pt, pt_len), pass))
743 goto err;
744
745 if (!pass) {
746 ret = 1;
747 goto err;
748 }
749 if (!TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len)))
750 goto err;
751 if (enc) {
752 out_len += len;
753 if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
754 tag_len, out + out_len))
755 || !TEST_mem_eq(out, out_len, ct, ct_len)
756 || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len))
757 goto err;
758 } else {
759 if (!TEST_mem_eq(out, out_len + len, ct, ct_len))
760 goto err;
761 }
762
763 ret = 1;
764 err:
765 EVP_CIPHER_free(cipher);
766 EVP_CIPHER_CTX_free(ctx);
767 return ret;
768 }
769
770 static int aes_ccm_enc_dec_test(int id)
771 {
772 const struct cipher_ccm_st *tst = &aes_ccm_enc_data[id];
773
774 /* The tag is on the end of the cipher text */
775 const size_t tag_len = tst->ct_len - tst->pt_len;
776 const size_t ct_len = tst->ct_len - tag_len;
777 const unsigned char *tag = tst->ct + ct_len;
778 const int enc = 1;
779 const int pass = 1;
780
781 if (ct_len < 1)
782 return 0;
783
784 return aes_ccm_enc_dec(tst->alg, tst->pt, tst->pt_len,
785 tst->key, tst->key_len,
786 tst->iv, tst->iv_len, tst->aad, tst->aad_len,
787 tst->ct, ct_len, tag, tag_len, enc, pass)
788 && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len,
789 tst->key, tst->key_len,
790 tst->iv, tst->iv_len, tst->aad, tst->aad_len,
791 tst->pt, tst->pt_len, tag, tag_len, !enc, pass)
792 /* test that it fails if the tag is incorrect */
793 && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len,
794 tst->key, tst->key_len,
795 tst->iv, tst->iv_len, tst->aad, tst->aad_len,
796 tst->pt, tst->pt_len,
797 tag - 1, tag_len, !enc, !pass);
798 }
799
800 static int aes_gcm_enc_dec(const char *alg,
801 const unsigned char *pt, size_t pt_len,
802 const unsigned char *key, size_t key_len,
803 const unsigned char *iv, size_t iv_len,
804 const unsigned char *aad, size_t aad_len,
805 const unsigned char *ct, size_t ct_len,
806 const unsigned char *tag, size_t tag_len,
807 int enc, int pass)
808 {
809 int ret = 0;
810 EVP_CIPHER_CTX *ctx;
811 EVP_CIPHER *cipher = NULL;
812 int out_len, len;
813 unsigned char out[1024];
814
815 TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt",
816 pass ? "pass" : "fail");
817
818 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
819 || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, ""))
820 || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
821 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len,
822 NULL)))
823 goto err;
824
825 if (!enc) {
826 if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len,
827 (void *)tag)))
828 goto err;
829 }
830 /*
831 * TODO(3.0): The IV should not be set outside the boundary as it is now.
832 * It needs to be fed in via a dummy entropy source for this test.
833 */
834 if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
835 || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))
836 || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len))
837 || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len)))
838 goto err;
839
840 if (!TEST_int_eq(EVP_CipherFinal_ex(ctx, out + len, &out_len), pass))
841 goto err;
842 if (!pass) {
843 ret = 1;
844 goto err;
845 }
846 out_len += len;
847 if (enc) {
848 if (!TEST_mem_eq(out, out_len, ct, ct_len)
849 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
850 tag_len, out + out_len))
851 || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len))
852 goto err;
853 } else {
854 if (!TEST_mem_eq(out, out_len, ct, ct_len))
855 goto err;
856 }
857
858 ret = 1;
859 err:
860 EVP_CIPHER_free(cipher);
861 EVP_CIPHER_CTX_free(ctx);
862 return ret;
863 }
864
865 static int aes_gcm_enc_dec_test(int id)
866 {
867 const struct cipher_gcm_st *tst = &aes_gcm_enc_data[id];
868 int enc = 1;
869 int pass = 1;
870
871 return aes_gcm_enc_dec(tst->alg, tst->pt, tst->pt_len,
872 tst->key, tst->key_len,
873 tst->iv, tst->iv_len, tst->aad, tst->aad_len,
874 tst->ct, tst->ct_len, tst->tag, tst->tag_len,
875 enc, pass)
876 && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len,
877 tst->key, tst->key_len,
878 tst->iv, tst->iv_len, tst->aad, tst->aad_len,
879 tst->pt, tst->pt_len, tst->tag, tst->tag_len,
880 !enc, pass)
881 /* Fail if incorrect tag passed to decrypt */
882 && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len,
883 tst->key, tst->key_len,
884 tst->iv, tst->iv_len, tst->aad, tst->aad_len,
885 tst->pt, tst->pt_len, tst->aad, tst->tag_len,
886 !enc, !pass);
887 }
888
889 #ifndef OPENSSL_NO_DH
890 static int dh_create_pkey(EVP_PKEY **pkey, const char *group_name,
891 const unsigned char *pub, size_t pub_len,
892 const unsigned char *priv, size_t priv_len,
893 BN_CTX *bn_ctx, int pass)
894 {
895 int ret = 0;
896 EVP_PKEY_CTX *ctx = NULL;
897 OSSL_PARAM_BLD *bld = NULL;
898 OSSL_PARAM *params = NULL;
899 BIGNUM *pub_bn = NULL, *priv_bn = NULL;
900
901 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
902 || (group_name != NULL
903 && !TEST_int_gt(OSSL_PARAM_BLD_push_utf8_string(
904 bld, OSSL_PKEY_PARAM_DH_GROUP,
905 group_name, 0), 0)))
906 goto err;
907
908 if (pub != NULL) {
909 if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx))
910 || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn))
911 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
912 pub_bn)))
913 goto err;
914 }
915 if (priv != NULL) {
916 if (!TEST_ptr(priv_bn = BN_CTX_get(bn_ctx))
917 || !TEST_ptr(BN_bin2bn(priv, priv_len, priv_bn))
918 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
919 priv_bn)))
920 goto err;
921 }
922
923 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
924 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL))
925 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
926 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), pass))
927 goto err;
928
929 ret = 1;
930 err:
931 OSSL_PARAM_BLD_free_params(params);
932 OSSL_PARAM_BLD_free(bld);
933 EVP_PKEY_CTX_free(ctx);
934 return ret;
935 }
936
937 static int dh_safe_prime_keygen_test(int id)
938 {
939 int ret = 0;
940 EVP_PKEY_CTX *ctx = NULL;
941 EVP_PKEY *pkey = NULL;
942 unsigned char *priv = NULL;
943 unsigned char *pub = NULL;
944 size_t priv_len = 0, pub_len = 0;
945 OSSL_PARAM params[2];
946 const struct dh_safe_prime_keygen_st *tst = &dh_safe_prime_keygen_data[id];
947
948 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_DH_GROUP,
949 (char *)tst->group_name, 0);
950 params[1] = OSSL_PARAM_construct_end();
951
952 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL))
953 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
954 || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params))
955 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)
956 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY,
957 &priv, &priv_len))
958 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PUB_KEY,
959 &pub, &pub_len)))
960 goto err;
961
962 test_output_memory("x", priv, priv_len);
963 test_output_memory("y", pub, pub_len);
964 ret = 1;
965 err:
966 OPENSSL_clear_free(priv, priv_len);
967 OPENSSL_free(pub);
968 EVP_PKEY_free(pkey);
969 EVP_PKEY_CTX_free(ctx);
970 return ret;
971 }
972
973 static int dh_safe_prime_keyver_test(int id)
974 {
975 int ret = 0;
976 BN_CTX *bn_ctx = NULL;
977 EVP_PKEY_CTX *key_ctx = NULL;
978 EVP_PKEY *pkey = NULL;
979 const struct dh_safe_prime_keyver_st *tst = &dh_safe_prime_keyver_data[id];
980
981 if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx))
982 || !TEST_true(dh_create_pkey(&pkey, tst->group_name,
983 tst->pub, tst->pub_len,
984 tst->priv, tst->priv_len, bn_ctx, 1))
985 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
986 || !TEST_int_eq(EVP_PKEY_check(key_ctx), tst->pass))
987 goto err;
988
989 ret = 1;
990 err:
991 EVP_PKEY_free(pkey);
992 EVP_PKEY_CTX_free(key_ctx);
993 BN_CTX_free(bn_ctx);
994 return ret;
995 }
996 #endif /* OPENSSL_NO_DH */
997
998
999 #ifndef OPENSSL_NO_RSA
1000 static EVP_PKEY *rsa_keygen(int bits)
1001 {
1002 EVP_PKEY *key = NULL;
1003 EVP_PKEY_CTX *keygen_ctx = NULL;
1004
1005 if (!TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL))
1006 || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0)
1007 || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(keygen_ctx, bits))
1008 || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0))
1009 goto err;
1010 err:
1011 EVP_PKEY_CTX_free(keygen_ctx);
1012 return key;
1013 }
1014
1015 static int rsa_create_pkey(EVP_PKEY **pkey,
1016 const unsigned char *n, size_t n_len,
1017 const unsigned char *e, size_t e_len,
1018 const unsigned char *d, size_t d_len,
1019 BN_CTX *bn_ctx)
1020 {
1021 int ret = 0;
1022 EVP_PKEY_CTX *ctx = NULL;
1023 OSSL_PARAM_BLD *bld = NULL;
1024 OSSL_PARAM *params = NULL;
1025 BIGNUM *e_bn = NULL, *d_bn = NULL, *n_bn = NULL;
1026
1027 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1028 || !TEST_ptr(n_bn = BN_CTX_get(bn_ctx))
1029 || !TEST_ptr(BN_bin2bn(n, n_len, n_bn))
1030 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n_bn)))
1031 goto err;
1032
1033 if (e != NULL) {
1034 if (!TEST_ptr(e_bn = BN_CTX_get(bn_ctx))
1035 || !TEST_ptr(BN_bin2bn(e, e_len, e_bn))
1036 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E,
1037 e_bn)))
1038 goto err;
1039 }
1040 if (d != NULL) {
1041 if (!TEST_ptr(d_bn = BN_CTX_get(bn_ctx))
1042 || !TEST_ptr(BN_bin2bn(d, d_len, d_bn))
1043 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D,
1044 d_bn)))
1045 goto err;
1046 }
1047 if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
1048 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL))
1049 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1050 || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params)))
1051 goto err;
1052
1053 ret = 1;
1054 err:
1055 OSSL_PARAM_BLD_free_params(params);
1056 OSSL_PARAM_BLD_free(bld);
1057 EVP_PKEY_CTX_free(ctx);
1058 return ret;
1059 }
1060
1061 static int rsa_keygen_test(int id)
1062 {
1063 int ret = 0;
1064 EVP_PKEY_CTX *ctx = NULL;
1065 EVP_PKEY *pkey = NULL;
1066 BIGNUM *e_bn = NULL;
1067 BIGNUM *xp1_bn = NULL, *xp2_bn = NULL, *xp_bn = NULL;
1068 BIGNUM *xq1_bn = NULL, *xq2_bn = NULL, *xq_bn = NULL;
1069 unsigned char *n = NULL, *d = NULL;
1070 unsigned char *p = NULL, *p1 = NULL, *p2 = NULL;
1071 unsigned char *q = NULL, *q1 = NULL, *q2 = NULL;
1072 size_t n_len = 0, d_len = 0;
1073 size_t p_len = 0, p1_len = 0, p2_len = 0;
1074 size_t q_len = 0, q1_len = 0, q2_len = 0;
1075 OSSL_PARAM_BLD *bld = NULL;
1076 OSSL_PARAM *params = NULL;
1077 const struct rsa_keygen_st *tst = &rsa_keygen_data[id];
1078
1079 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1080 || !TEST_ptr(xp1_bn = BN_bin2bn(tst->xp1, tst->xp1_len, NULL))
1081 || !TEST_ptr(xp2_bn = BN_bin2bn(tst->xp2, tst->xp2_len, NULL))
1082 || !TEST_ptr(xp_bn = BN_bin2bn(tst->xp, tst->xp_len, NULL))
1083 || !TEST_ptr(xq1_bn = BN_bin2bn(tst->xq1, tst->xq1_len, NULL))
1084 || !TEST_ptr(xq2_bn = BN_bin2bn(tst->xq2, tst->xq2_len, NULL))
1085 || !TEST_ptr(xq_bn = BN_bin2bn(tst->xq, tst->xq_len, NULL))
1086 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP1,
1087 xp1_bn))
1088 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP2,
1089 xp2_bn))
1090 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP,
1091 xp_bn))
1092 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ1,
1093 xq1_bn))
1094 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ2,
1095 xq2_bn))
1096 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ,
1097 xq_bn))
1098 || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
1099 goto err;
1100
1101 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL))
1102 || !TEST_ptr(e_bn = BN_bin2bn(tst->e, tst->e_len, NULL))
1103 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1104 || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params))
1105 || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, tst->mod))
1106 || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, e_bn))
1107 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)
1108 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P1,
1109 &p1, &p1_len))
1110 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P2,
1111 &p2, &p2_len))
1112 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q1,
1113 &q1, &q1_len))
1114 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q2,
1115 &q2, &q2_len))
1116 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1,
1117 &p, &p_len))
1118 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2,
1119 &q, &q_len))
1120 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N,
1121 &n, &n_len))
1122 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_D,
1123 &d, &d_len)))
1124 goto err;
1125
1126 if (!TEST_mem_eq(tst->p1, tst->p1_len, p1, p1_len)
1127 || !TEST_mem_eq(tst->p2, tst->p2_len, p2, p2_len)
1128 || !TEST_mem_eq(tst->p, tst->p_len, p, p_len)
1129 || !TEST_mem_eq(tst->q1, tst->q1_len, q1, q1_len)
1130 || !TEST_mem_eq(tst->q2, tst->q2_len, q2, q2_len)
1131 || !TEST_mem_eq(tst->q, tst->q_len, q, q_len)
1132 || !TEST_mem_eq(tst->n, tst->n_len, n, n_len)
1133 || !TEST_mem_eq(tst->d, tst->d_len, d, d_len))
1134 goto err;
1135
1136 test_output_memory("p1", p1, p1_len);
1137 test_output_memory("p2", p2, p2_len);
1138 test_output_memory("p", p, p_len);
1139 test_output_memory("q1", q1, q1_len);
1140 test_output_memory("q2", q2, q2_len);
1141 test_output_memory("q", q, q_len);
1142 test_output_memory("n", n, n_len);
1143 test_output_memory("d", d, d_len);
1144 ret = 1;
1145 err:
1146 BN_free(xp1_bn);
1147 BN_free(xp2_bn);
1148 BN_free(xp_bn);
1149 BN_free(xq1_bn);
1150 BN_free(xq2_bn);
1151 BN_free(xq_bn);
1152 BN_free(e_bn);
1153 OPENSSL_free(p1);
1154 OPENSSL_free(p2);
1155 OPENSSL_free(q1);
1156 OPENSSL_free(q2);
1157 OPENSSL_free(p);
1158 OPENSSL_free(q);
1159 OPENSSL_free(n);
1160 OPENSSL_free(d);
1161 EVP_PKEY_free(pkey);
1162 EVP_PKEY_CTX_free(ctx);
1163 OSSL_PARAM_BLD_free_params(params);
1164 OSSL_PARAM_BLD_free(bld);
1165 return ret;
1166 }
1167
1168 static int rsa_siggen_test(int id)
1169 {
1170 int ret = 0;
1171 EVP_PKEY *pkey = NULL;
1172 unsigned char *sig = NULL, *n = NULL, *e = NULL;
1173 size_t sig_len = 0, n_len = 0, e_len = 0;
1174 OSSL_PARAM params[4], *p;
1175 const struct rsa_siggen_st *tst = &rsa_siggen_data[id];
1176
1177 TEST_note("RSA %s signature generation", tst->sig_pad_mode);
1178
1179 p = params;
1180 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
1181 (char *)tst->sig_pad_mode, 0);
1182 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1183 (char *)tst->digest_alg, 0);
1184 if (tst->pss_salt_len >= 0) {
1185 int salt_len = tst->pss_salt_len;
1186
1187 *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN,
1188 &salt_len);
1189 }
1190 *p++ = OSSL_PARAM_construct_end();
1191
1192 if (!TEST_ptr(pkey = rsa_keygen(tst->mod))
1193 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len))
1194 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len))
1195 || !TEST_true(sig_gen(pkey, params, tst->digest_alg,
1196 tst->msg, tst->msg_len,
1197 &sig, &sig_len)))
1198 goto err;
1199 test_output_memory("n", n, n_len);
1200 test_output_memory("e", e, e_len);
1201 test_output_memory("sig", sig, sig_len);
1202 ret = 1;
1203 err:
1204 OPENSSL_free(n);
1205 OPENSSL_free(e);
1206 OPENSSL_free(sig);
1207 EVP_PKEY_free(pkey);
1208 return ret;
1209 }
1210
1211 static int rsa_sigver_test(int id)
1212 {
1213 int ret = 0;
1214 EVP_PKEY_CTX *pkey_ctx = NULL;
1215 EVP_PKEY *pkey = NULL;
1216 EVP_MD_CTX *md_ctx = NULL;
1217 BN_CTX *bn_ctx = NULL;
1218 OSSL_PARAM params[4], *p;
1219 const struct rsa_sigver_st *tst = &rsa_sigver_data[id];
1220
1221 TEST_note("RSA %s Signature Verify : expected to %s ", tst->sig_pad_mode,
1222 tst->pass == PASS ? "pass" : "fail");
1223
1224 p = params;
1225 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
1226 (char *)tst->sig_pad_mode, 0);
1227 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1228 (char *)tst->digest_alg, 0);
1229 if (tst->pss_salt_len >= 0) {
1230 int salt_len = tst->pss_salt_len;
1231
1232 *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN,
1233 &salt_len);
1234 }
1235 *p++ = OSSL_PARAM_construct_end();
1236
1237 if (!TEST_ptr(bn_ctx = BN_CTX_new())
1238 || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len,
1239 tst->e, tst->e_len, NULL, 0, bn_ctx))
1240 || !TEST_ptr(md_ctx = EVP_MD_CTX_new())
1241 || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, tst->digest_alg,
1242 NULL, pkey, libctx)
1243 || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params))
1244 || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len,
1245 tst->msg, tst->msg_len), tst->pass)))
1246 goto err;
1247 ret = 1;
1248 err:
1249 EVP_PKEY_free(pkey);
1250 BN_CTX_free(bn_ctx);
1251 EVP_MD_CTX_free(md_ctx);
1252 return ret;
1253 }
1254
1255 static int rsa_decryption_primitive_test(int id)
1256 {
1257 int ret = 0;
1258 EVP_PKEY_CTX *ctx = NULL;
1259 EVP_PKEY *pkey = NULL;
1260 unsigned char pt[2048];
1261 size_t pt_len = sizeof(pt);
1262 unsigned char *n = NULL, *e = NULL;
1263 size_t n_len = 0, e_len = 0;
1264 BN_CTX *bn_ctx = NULL;
1265 const struct rsa_decrypt_prim_st *tst = &rsa_decrypt_prim_data[id];
1266
1267 if (!TEST_ptr(pkey = rsa_keygen(2048))
1268 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len))
1269 || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len))
1270 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
1271 || !TEST_int_gt(EVP_PKEY_decrypt_init(ctx), 0)
1272 || !TEST_int_gt(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), 0))
1273 goto err;
1274
1275 test_output_memory("n", n, n_len);
1276 test_output_memory("e", e, e_len);
1277 if (!EVP_PKEY_decrypt(ctx, pt, &pt_len, tst->ct, tst->ct_len))
1278 TEST_note("Decryption Failed");
1279 else
1280 test_output_memory("pt", pt, pt_len);
1281 ret = 1;
1282 err:
1283 OPENSSL_free(n);
1284 OPENSSL_free(e);
1285 EVP_PKEY_CTX_free(ctx);
1286 EVP_PKEY_free(pkey);
1287 BN_CTX_free(bn_ctx);
1288 return ret;
1289 }
1290 #endif /* OPENSSL_NO_RSA */
1291
1292
1293 int setup_tests(void)
1294 {
1295 char *config_file = NULL;
1296
1297 OPTION_CHOICE o;
1298
1299 while ((o = opt_next()) != OPT_EOF) {
1300 switch (o) {
1301 case OPT_CONFIG_FILE:
1302 config_file = opt_arg();
1303 break;
1304 case OPT_TEST_CASES:
1305 break;
1306 default:
1307 case OPT_ERR:
1308 return 0;
1309 }
1310 }
1311
1312 prov_null = OSSL_PROVIDER_load(NULL, "null");
1313 if (prov_null == NULL) {
1314 opt_printf_stderr("Failed to load null provider into default libctx\n");
1315 return 0;
1316 }
1317
1318 libctx = OPENSSL_CTX_new();
1319 if (libctx == NULL
1320 || !OPENSSL_CTX_load_config(libctx, config_file)) {
1321 opt_printf_stderr("Failed to load config\n");
1322 return 0;
1323 }
1324
1325 ADD_ALL_TESTS(cipher_enc_dec_test, OSSL_NELEM(cipher_enc_data));
1326 ADD_ALL_TESTS(aes_ccm_enc_dec_test, OSSL_NELEM(aes_ccm_enc_data));
1327 ADD_ALL_TESTS(aes_gcm_enc_dec_test, OSSL_NELEM(aes_gcm_enc_data));
1328
1329 #ifndef OPENSSL_NO_RSA
1330 ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data));
1331 ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data));
1332 ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data));
1333 ADD_ALL_TESTS(rsa_decryption_primitive_test,
1334 OSSL_NELEM(rsa_decrypt_prim_data));
1335 #endif /* OPENSSL_NO_RSA */
1336
1337 #ifndef OPENSSL_NO_DH
1338 ADD_ALL_TESTS(dh_safe_prime_keygen_test,
1339 OSSL_NELEM(dh_safe_prime_keygen_data));
1340 ADD_ALL_TESTS(dh_safe_prime_keyver_test,
1341 OSSL_NELEM(dh_safe_prime_keyver_data));
1342 #endif /* OPENSSL_NO_DH */
1343
1344 #ifndef OPENSSL_NO_DSA
1345 ADD_ALL_TESTS(dsa_keygen_test, OSSL_NELEM(dsa_keygen_data));
1346 ADD_ALL_TESTS(dsa_paramgen_test, OSSL_NELEM(dsa_paramgen_data));
1347 ADD_ALL_TESTS(dsa_pqver_test, OSSL_NELEM(dsa_pqver_data));
1348 ADD_ALL_TESTS(dsa_siggen_test, OSSL_NELEM(dsa_siggen_data));
1349 ADD_ALL_TESTS(dsa_sigver_test, OSSL_NELEM(dsa_sigver_data));
1350 #endif /* OPENSSL_NO_DSA */
1351
1352 #ifndef OPENSSL_NO_EC
1353 ADD_ALL_TESTS(ecdsa_keygen_test, OSSL_NELEM(ecdsa_keygen_data));
1354 ADD_ALL_TESTS(ecdsa_pub_verify_test, OSSL_NELEM(ecdsa_pv_data));
1355 ADD_ALL_TESTS(ecdsa_siggen_test, OSSL_NELEM(ecdsa_siggen_data));
1356 ADD_ALL_TESTS(ecdsa_sigver_test, OSSL_NELEM(ecdsa_sigver_data));
1357 #endif /* OPENSSL_NO_EC */
1358 return 1;
1359 }
1360
1361 void cleanup_tests(void)
1362 {
1363 OSSL_PROVIDER_unload(prov_null);
1364 OPENSSL_CTX_free(libctx);
1365 }
A mirror of the official openssl repository