2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * A set of tests demonstrating uses cases for CAVS/ACVP testing.
13 * For examples of testing KDF's, Digests, KeyAgreement & DRBG's refer to
14 * providers/fips/self_test_kats.c
17 #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */
18 #include <openssl/core_names.h>
19 #include <openssl/evp.h>
20 #include <openssl/ec.h>
21 #include <openssl/dh.h>
22 #include <openssl/dsa.h>
23 #include <openssl/rsa.h>
24 #include <openssl/param_build.h>
25 #include <openssl/provider.h>
27 #include "testutil/output.h"
28 #include "acvp_test.inc"
29 #include "internal/nelem.h"
31 static OSSL_PROVIDER
*prov_null
= NULL
;
32 static OPENSSL_CTX
*libctx
= NULL
;
34 typedef enum OPTION_choice
{
41 const OPTIONS
*test_get_options(void)
43 static const OPTIONS test_options
[] = {
44 OPT_TEST_OPTIONS_DEFAULT_USAGE
,
45 { "config", OPT_CONFIG_FILE
, '<',
46 "The configuration file to use for the libctx" },
52 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \
53 || !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
54 static int pkey_get_bn_bytes(EVP_PKEY
*pkey
, const char *name
,
55 unsigned char **out
, size_t *out_len
)
57 unsigned char *buf
= NULL
;
61 if (!EVP_PKEY_get_bn_param(pkey
, name
, &bn
))
63 sz
= BN_num_bytes(bn
);
64 buf
= OPENSSL_zalloc(sz
);
67 if (!BN_bn2binpad(bn
, buf
, sz
))
81 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \
82 || !defined(OPENSSL_NO_RSA)
83 static int sig_gen(EVP_PKEY
*pkey
, OSSL_PARAM
*params
, const char *digest_name
,
84 const unsigned char *msg
, size_t msg_len
,
85 unsigned char **sig_out
, size_t *sig_out_len
)
88 EVP_MD_CTX
*md_ctx
= NULL
;
89 unsigned char *sig
= NULL
;
91 size_t sz
= EVP_PKEY_size(pkey
);
93 if (!TEST_ptr(sig
= OPENSSL_malloc(sz
))
94 || !TEST_ptr(md_ctx
= EVP_MD_CTX_new())
95 || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx
, NULL
, digest_name
, NULL
,
97 || !TEST_int_gt(EVP_DigestSign(md_ctx
, sig
, &sig_len
, msg
, msg_len
), 0))
100 *sig_out_len
= sig_len
;
105 EVP_MD_CTX_free(md_ctx
);
110 #ifndef OPENSSL_NO_EC
111 static int ecdsa_keygen_test(int id
)
114 EVP_PKEY_CTX
*ctx
= NULL
;
115 EVP_PKEY
*pkey
= NULL
;
116 unsigned char *priv
= NULL
;
117 unsigned char *pubx
= NULL
, *puby
= NULL
;
118 size_t priv_len
= 0, pubx_len
= 0, puby_len
= 0;
119 const struct ecdsa_keygen_st
*tst
= &ecdsa_keygen_data
[id
];
121 if (!TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "EC", NULL
))
122 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx
), 0)
123 || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx
, tst
->curve_name
))
124 || !TEST_int_gt(EVP_PKEY_keygen(ctx
, &pkey
), 0)
125 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_PRIV_KEY
, &priv
,
127 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_EC_PUB_X
, &pubx
,
129 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_EC_PUB_Y
, &puby
,
133 test_output_memory("qy", puby
, puby_len
);
134 test_output_memory("qx", pubx
, pubx_len
);
135 test_output_memory("d", priv
, priv_len
);
138 OPENSSL_clear_free(priv
, priv_len
);
142 EVP_PKEY_CTX_free(ctx
);
146 static int ecdsa_create_pkey(EVP_PKEY
**pkey
, const char *curve_name
,
147 const unsigned char *pub
, size_t pub_len
,
151 EVP_PKEY_CTX
*ctx
= NULL
;
152 OSSL_PARAM_BLD
*bld
= NULL
;
153 OSSL_PARAM
*params
= NULL
;
155 if (!TEST_ptr(bld
= OSSL_PARAM_BLD_new())
156 || (curve_name
!= NULL
157 && !TEST_true(OSSL_PARAM_BLD_push_utf8_string(
158 bld
, OSSL_PKEY_PARAM_GROUP_NAME
, curve_name
, 0) > 0))
159 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
160 OSSL_PKEY_PARAM_PUB_KEY
,
162 || !TEST_ptr(params
= OSSL_PARAM_BLD_to_param(bld
))
163 || !TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "EC", NULL
))
164 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx
))
165 || !TEST_int_eq(EVP_PKEY_fromdata(ctx
, pkey
, params
), expected
))
170 OSSL_PARAM_BLD_free_params(params
);
171 OSSL_PARAM_BLD_free(bld
);
172 EVP_PKEY_CTX_free(ctx
);
176 static int ecdsa_pub_verify_test(int id
)
178 const struct ecdsa_pub_verify_st
*tst
= &ecdsa_pv_data
[id
];
181 EVP_PKEY_CTX
*key_ctx
= NULL
;
182 EVP_PKEY
*pkey
= NULL
;
184 if (!TEST_true(ecdsa_create_pkey(&pkey
, tst
->curve_name
,
185 tst
->pub
, tst
->pub_len
, tst
->pass
)))
189 if (!TEST_ptr(key_ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, pkey
, ""))
190 || !TEST_int_eq(EVP_PKEY_public_check(key_ctx
), tst
->pass
))
196 EVP_PKEY_CTX_free(key_ctx
);
200 /* Extract r and s from a ecdsa signature */
201 static int get_ecdsa_sig_rs_bytes(const unsigned char *sig
, size_t sig_len
,
202 unsigned char **r
, unsigned char **s
,
203 size_t *rlen
, size_t *slen
)
206 unsigned char *rbuf
= NULL
, *sbuf
= NULL
;
207 size_t r1_len
, s1_len
;
208 const BIGNUM
*r1
, *s1
;
209 ECDSA_SIG
*sign
= d2i_ECDSA_SIG(NULL
, &sig
, sig_len
);
213 r1
= ECDSA_SIG_get0_r(sign
);
214 s1
= ECDSA_SIG_get0_s(sign
);
215 if (r1
== NULL
|| s1
== NULL
)
218 r1_len
= BN_num_bytes(r1
);
219 s1_len
= BN_num_bytes(s1
);
220 rbuf
= OPENSSL_zalloc(r1_len
);
221 sbuf
= OPENSSL_zalloc(s1_len
);
222 if (rbuf
== NULL
|| sbuf
== NULL
)
224 if (BN_bn2binpad(r1
, rbuf
, r1_len
) <= 0)
226 if (BN_bn2binpad(s1
, sbuf
, s1_len
) <= 0)
238 ECDSA_SIG_free(sign
);
242 static int ecdsa_siggen_test(int id
)
245 EVP_PKEY_CTX
*ctx
= NULL
, *key_ctx
= NULL
;
246 EVP_PKEY
*pkey
= NULL
;
247 size_t sig_len
= 0, rlen
= 0, slen
= 0;
248 unsigned char *sig
= NULL
;
249 unsigned char *r
= NULL
, *s
= NULL
;
250 const struct ecdsa_siggen_st
*tst
= &ecdsa_siggen_data
[id
];
252 if (!TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "EC", NULL
))
253 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx
), 0)
254 || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx
, tst
->curve_name
))
255 || !TEST_int_gt(EVP_PKEY_keygen(ctx
, &pkey
), 0))
258 if (!TEST_true(sig_gen(pkey
, NULL
, tst
->digest_alg
, tst
->msg
, tst
->msg_len
,
260 || !TEST_true(get_ecdsa_sig_rs_bytes(sig
, sig_len
, &r
, &s
, &rlen
, &slen
)))
262 test_output_memory("r", r
, rlen
);
263 test_output_memory("s", s
, slen
);
270 EVP_PKEY_CTX_free(key_ctx
);
271 EVP_PKEY_CTX_free(ctx
);
275 static int ecdsa_sigver_test(int id
)
278 EVP_MD_CTX
*md_ctx
= NULL
;
279 EVP_PKEY
*pkey
= NULL
;
280 ECDSA_SIG
*sign
= NULL
;
282 unsigned char *sig
= NULL
;
283 BIGNUM
*rbn
= NULL
, *sbn
= NULL
;
284 const struct ecdsa_sigver_st
*tst
= &ecdsa_sigver_data
[id
];
286 if (!TEST_true(ecdsa_create_pkey(&pkey
, tst
->curve_name
,
287 tst
->pub
, tst
->pub_len
, 1)))
290 if (!TEST_ptr(sign
= ECDSA_SIG_new())
291 || !TEST_ptr(rbn
= BN_bin2bn(tst
->r
, tst
->r_len
, NULL
))
292 || !TEST_ptr(sbn
= BN_bin2bn(tst
->s
, tst
->s_len
, NULL
))
293 || !TEST_true(ECDSA_SIG_set0(sign
, rbn
, sbn
)))
297 ret
= TEST_int_gt((sig_len
= i2d_ECDSA_SIG(sign
, &sig
)), 0)
298 && TEST_ptr(md_ctx
= EVP_MD_CTX_new())
299 && TEST_true(EVP_DigestVerifyInit_ex(md_ctx
, NULL
, tst
->digest_alg
,
301 && TEST_int_eq(EVP_DigestVerify(md_ctx
, sig
, sig_len
,
302 tst
->msg
, tst
->msg_len
), tst
->pass
));
307 ECDSA_SIG_free(sign
);
309 EVP_MD_CTX_free(md_ctx
);
313 #endif /* OPENSSL_NO_EC */
315 #ifndef OPENSSL_NO_DSA
316 static int pkey_get_octet_bytes(EVP_PKEY
*pkey
, const char *name
,
317 unsigned char **out
, size_t *out_len
)
320 unsigned char *buf
= NULL
;
322 if (!EVP_PKEY_get_octet_string_param(pkey
, name
, NULL
, 0, &len
))
325 buf
= OPENSSL_zalloc(len
);
329 if (!EVP_PKEY_get_octet_string_param(pkey
, name
, buf
, len
, out_len
))
338 static EVP_PKEY
*dsa_paramgen(int L
, int N
)
340 EVP_PKEY_CTX
*paramgen_ctx
= NULL
;
341 EVP_PKEY
*param_key
= NULL
;
343 if (!TEST_ptr(paramgen_ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "DSA", NULL
))
344 || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx
))
345 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx
, L
))
346 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx
, N
))
347 || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx
, ¶m_key
)))
349 EVP_PKEY_CTX_free(paramgen_ctx
);
353 static EVP_PKEY
*dsa_keygen(int L
, int N
)
355 EVP_PKEY
*param_key
= NULL
, *key
= NULL
;
356 EVP_PKEY_CTX
*keygen_ctx
= NULL
;
358 if (!TEST_ptr(param_key
= dsa_paramgen(L
, N
))
359 || !TEST_ptr(keygen_ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, param_key
,
361 || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx
), 0)
362 || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx
, &key
), 0))
365 EVP_PKEY_free(param_key
);
366 EVP_PKEY_CTX_free(keygen_ctx
);
370 static int dsa_keygen_test(int id
)
373 EVP_PKEY_CTX
*paramgen_ctx
= NULL
, *keygen_ctx
= NULL
;
374 EVP_PKEY
*param_key
= NULL
, *key
= NULL
;
375 unsigned char *priv
= NULL
, *pub
= NULL
;
376 size_t priv_len
= 0, pub_len
= 0;
377 const struct dsa_paramgen_st
*tst
= &dsa_keygen_data
[id
];
379 if (!TEST_ptr(param_key
= dsa_paramgen(tst
->L
, tst
->N
))
380 || !TEST_ptr(keygen_ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, param_key
,
382 || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx
), 0))
384 for (i
= 0; i
< 2; ++i
) {
385 if (!TEST_int_gt(EVP_PKEY_keygen(keygen_ctx
, &key
), 0)
386 || !TEST_true(pkey_get_bn_bytes(key
, OSSL_PKEY_PARAM_PRIV_KEY
,
388 || !TEST_true(pkey_get_bn_bytes(key
, OSSL_PKEY_PARAM_PUB_KEY
,
391 test_output_memory("y", pub
, pub_len
);
392 test_output_memory("x", priv
, priv_len
);
394 OPENSSL_clear_free(priv
, priv_len
);
401 OPENSSL_clear_free(priv
, priv_len
);
403 EVP_PKEY_free(param_key
);
405 EVP_PKEY_CTX_free(keygen_ctx
);
406 EVP_PKEY_CTX_free(paramgen_ctx
);
410 static int dsa_paramgen_test(int id
)
412 int ret
= 0, counter
= 0;
413 EVP_PKEY_CTX
*paramgen_ctx
= NULL
;
414 EVP_PKEY
*param_key
= NULL
;
415 unsigned char *p
= NULL
, *q
= NULL
, *seed
= NULL
;
416 size_t plen
= 0, qlen
= 0, seedlen
= 0;
417 const struct dsa_paramgen_st
*tst
= &dsa_paramgen_data
[id
];
419 if (!TEST_ptr(paramgen_ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "DSA", NULL
))
420 || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx
))
421 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx
, tst
->L
))
422 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx
, tst
->N
))
423 || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx
, ¶m_key
))
424 || !TEST_true(pkey_get_bn_bytes(param_key
, OSSL_PKEY_PARAM_FFC_P
,
426 || !TEST_true(pkey_get_bn_bytes(param_key
, OSSL_PKEY_PARAM_FFC_Q
,
428 || !TEST_true(pkey_get_octet_bytes(param_key
, OSSL_PKEY_PARAM_FFC_SEED
,
430 || !TEST_true(EVP_PKEY_get_int_param(param_key
,
431 OSSL_PKEY_PARAM_FFC_PCOUNTER
,
435 test_output_memory("p", p
, plen
);
436 test_output_memory("q", q
, qlen
);
437 test_output_memory("domainSeed", seed
, seedlen
);
438 test_printf_stderr("%s: %d\n", "counter", counter
);
444 EVP_PKEY_free(param_key
);
445 EVP_PKEY_CTX_free(paramgen_ctx
);
449 static int dsa_create_pkey(EVP_PKEY
**pkey
,
450 const unsigned char *p
, size_t p_len
,
451 const unsigned char *q
, size_t q_len
,
452 const unsigned char *g
, size_t g_len
,
453 const unsigned char *seed
, size_t seed_len
,
455 const char *validate_type
,
456 const unsigned char *pub
, size_t pub_len
,
460 EVP_PKEY_CTX
*ctx
= NULL
;
461 OSSL_PARAM_BLD
*bld
= NULL
;
462 OSSL_PARAM
*params
= NULL
;
463 BIGNUM
*p_bn
= NULL
, *q_bn
= NULL
, *g_bn
= NULL
, *pub_bn
= NULL
;
465 if (!TEST_ptr(bld
= OSSL_PARAM_BLD_new())
466 || !TEST_ptr(p_bn
= BN_CTX_get(bn_ctx
))
467 || !TEST_ptr(BN_bin2bn(p
, p_len
, p_bn
))
468 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
469 OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE
,
471 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_FFC_P
, p_bn
))
472 || !TEST_ptr(q_bn
= BN_CTX_get(bn_ctx
))
473 || !TEST_ptr(BN_bin2bn(q
, q_len
, q_bn
))
474 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_FFC_Q
, q_bn
)))
478 if (!TEST_ptr(g_bn
= BN_CTX_get(bn_ctx
))
479 || !TEST_ptr(BN_bin2bn(g
, g_len
, g_bn
))
480 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
481 OSSL_PKEY_PARAM_FFC_G
, g_bn
)))
485 if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
486 OSSL_PKEY_PARAM_FFC_SEED
, seed
, seed_len
)))
490 if (!TEST_true(OSSL_PARAM_BLD_push_int(bld
,
491 OSSL_PKEY_PARAM_FFC_PCOUNTER
,
496 if (!TEST_ptr(pub_bn
= BN_CTX_get(bn_ctx
))
497 || !TEST_ptr(BN_bin2bn(pub
, pub_len
, pub_bn
))
498 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
499 OSSL_PKEY_PARAM_PUB_KEY
,
503 if (!TEST_ptr(params
= OSSL_PARAM_BLD_to_param(bld
))
504 || !TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "DSA", NULL
))
505 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx
))
506 || !TEST_true(EVP_PKEY_fromdata(ctx
, pkey
, params
)))
511 OSSL_PARAM_BLD_free_params(params
);
512 OSSL_PARAM_BLD_free(bld
);
513 EVP_PKEY_CTX_free(ctx
);
517 static int dsa_pqver_test(int id
)
520 BN_CTX
*bn_ctx
= NULL
;
521 EVP_PKEY_CTX
*key_ctx
= NULL
;
522 EVP_PKEY
*param_key
= NULL
;
523 const struct dsa_pqver_st
*tst
= &dsa_pqver_data
[id
];
525 if (!TEST_ptr(bn_ctx
= BN_CTX_new_ex(libctx
))
526 || !TEST_true(dsa_create_pkey(¶m_key
, tst
->p
, tst
->p_len
,
527 tst
->q
, tst
->q_len
, NULL
, 0,
528 tst
->seed
, tst
->seed_len
, tst
->counter
,
529 OSSL_FFC_PARAM_VALIDATE_PQ
,
532 || !TEST_ptr(key_ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, param_key
,
534 || !TEST_int_eq(EVP_PKEY_param_check(key_ctx
), tst
->pass
))
540 EVP_PKEY_free(param_key
);
541 EVP_PKEY_CTX_free(key_ctx
);
545 /* Extract r and s from a dsa signature */
546 static int get_dsa_sig_rs_bytes(const unsigned char *sig
, size_t sig_len
,
547 unsigned char **r
, unsigned char **s
,
548 size_t *r_len
, size_t *s_len
)
551 unsigned char *rbuf
= NULL
, *sbuf
= NULL
;
552 size_t r1_len
, s1_len
;
553 const BIGNUM
*r1
, *s1
;
554 DSA_SIG
*sign
= d2i_DSA_SIG(NULL
, &sig
, sig_len
);
558 DSA_SIG_get0(sign
, &r1
, &s1
);
559 if (r1
== NULL
|| s1
== NULL
)
562 r1_len
= BN_num_bytes(r1
);
563 s1_len
= BN_num_bytes(s1
);
564 rbuf
= OPENSSL_zalloc(r1_len
);
565 sbuf
= OPENSSL_zalloc(s1_len
);
566 if (rbuf
== NULL
|| sbuf
== NULL
)
568 if (BN_bn2binpad(r1
, rbuf
, r1_len
) <= 0)
570 if (BN_bn2binpad(s1
, sbuf
, s1_len
) <= 0)
586 static int dsa_siggen_test(int id
)
589 EVP_PKEY
*pkey
= NULL
;
590 unsigned char *sig
= NULL
, *r
= NULL
, *s
= NULL
;
591 size_t sig_len
= 0, rlen
= 0, slen
= 0;
592 const struct dsa_siggen_st
*tst
= &dsa_siggen_data
[id
];
594 if (!TEST_ptr(pkey
= dsa_keygen(tst
->L
, tst
->N
)))
597 if (!TEST_true(sig_gen(pkey
, NULL
, tst
->digest_alg
, tst
->msg
, tst
->msg_len
,
599 || !TEST_true(get_dsa_sig_rs_bytes(sig
, sig_len
, &r
, &s
, &rlen
, &slen
)))
601 test_output_memory("r", r
, rlen
);
602 test_output_memory("s", s
, slen
);
612 static int dsa_sigver_test(int id
)
615 EVP_PKEY_CTX
*ctx
= NULL
;
616 EVP_PKEY
*pkey
= NULL
;
617 DSA_SIG
*sign
= NULL
;
619 unsigned char *sig
= NULL
;
620 BIGNUM
*rbn
= NULL
, *sbn
= NULL
;
622 unsigned char digest
[EVP_MAX_MD_SIZE
];
623 unsigned int digest_len
;
624 BN_CTX
*bn_ctx
= NULL
;
625 const struct dsa_sigver_st
*tst
= &dsa_sigver_data
[id
];
627 if (!TEST_ptr(bn_ctx
= BN_CTX_new())
628 || !TEST_true(dsa_create_pkey(&pkey
, tst
->p
, tst
->p_len
,
629 tst
->q
, tst
->q_len
, tst
->g
, tst
->g_len
,
630 NULL
, 0, 0, "", tst
->pub
, tst
->pub_len
,
634 if (!TEST_ptr(sign
= DSA_SIG_new())
635 || !TEST_ptr(rbn
= BN_bin2bn(tst
->r
, tst
->r_len
, NULL
))
636 || !TEST_ptr(sbn
= BN_bin2bn(tst
->s
, tst
->s_len
, NULL
))
637 || !TEST_true(DSA_SIG_set0(sign
, rbn
, sbn
)))
641 if (!TEST_ptr(md
= EVP_MD_fetch(libctx
, tst
->digest_alg
, ""))
642 || !TEST_true(EVP_Digest(tst
->msg
, tst
->msg_len
,
643 digest
, &digest_len
, md
, NULL
)))
646 if (!TEST_int_gt((sig_len
= i2d_DSA_SIG(sign
, &sig
)), 0)
647 || !TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, pkey
, ""))
648 || !TEST_int_gt(EVP_PKEY_verify_init(ctx
), 0)
649 || !TEST_int_eq(EVP_PKEY_verify(ctx
, sig
, sig_len
, digest
, digest_len
),
654 EVP_PKEY_CTX_free(ctx
);
664 #endif /* OPENSSL_NO_DSA */
667 /* cipher encrypt/decrypt */
668 static int cipher_enc(const char *alg
,
669 const unsigned char *pt
, size_t pt_len
,
670 const unsigned char *key
, size_t key_len
,
671 const unsigned char *iv
, size_t iv_len
,
672 const unsigned char *ct
, size_t ct_len
,
675 int ret
= 0, out_len
= 0, len
= 0;
676 EVP_CIPHER_CTX
*ctx
= NULL
;
677 EVP_CIPHER
*cipher
= NULL
;
678 unsigned char out
[256] = { 0 };
680 TEST_note("%s : %s", alg
, enc
? "encrypt" : "decrypt");
681 if (!TEST_ptr(ctx
= EVP_CIPHER_CTX_new())
682 || !TEST_ptr(cipher
= EVP_CIPHER_fetch(libctx
, alg
, ""))
683 || !TEST_true(EVP_CipherInit_ex(ctx
, cipher
, NULL
, key
, iv
, enc
))
684 || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx
, 0))
685 || !TEST_true(EVP_CipherUpdate(ctx
, out
, &len
, pt
, pt_len
))
686 || !TEST_true(EVP_CipherFinal_ex(ctx
, out
+ len
, &out_len
)))
689 if (!TEST_mem_eq(out
, out_len
, ct
, ct_len
))
693 EVP_CIPHER_free(cipher
);
694 EVP_CIPHER_CTX_free(ctx
);
698 static int cipher_enc_dec_test(int id
)
700 const struct cipher_st
*tst
= &cipher_enc_data
[id
];
703 return TEST_true(cipher_enc(tst
->alg
, tst
->pt
, tst
->pt_len
,
704 tst
->key
, tst
->key_len
,
705 tst
->iv
, tst
->iv_len
,
706 tst
->ct
, tst
->ct_len
, enc
))
707 && TEST_true(cipher_enc(tst
->alg
, tst
->ct
, tst
->ct_len
,
708 tst
->key
, tst
->key_len
,
709 tst
->iv
, tst
->iv_len
,
710 tst
->pt
, tst
->pt_len
, !enc
));
713 static int aes_ccm_enc_dec(const char *alg
,
714 const unsigned char *pt
, size_t pt_len
,
715 const unsigned char *key
, size_t key_len
,
716 const unsigned char *iv
, size_t iv_len
,
717 const unsigned char *aad
, size_t aad_len
,
718 const unsigned char *ct
, size_t ct_len
,
719 const unsigned char *tag
, size_t tag_len
,
724 EVP_CIPHER
*cipher
= NULL
;
726 unsigned char out
[1024];
728 TEST_note("%s : %s : expected to %s", alg
, enc
? "encrypt" : "decrypt",
729 pass
? "pass" : "fail");
731 if (!TEST_ptr(ctx
= EVP_CIPHER_CTX_new())
732 || !TEST_ptr(cipher
= EVP_CIPHER_fetch(libctx
, alg
, ""))
733 || !TEST_true(EVP_CipherInit_ex(ctx
, cipher
, NULL
, NULL
, NULL
, enc
))
734 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_IVLEN
, iv_len
,
736 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_TAG
, tag_len
,
737 enc
? NULL
: (void *)tag
))
738 || !TEST_true(EVP_CipherInit_ex(ctx
, NULL
, NULL
, key
, iv
, enc
))
739 || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx
, 0))
740 || !TEST_true(EVP_CipherUpdate(ctx
, NULL
, &len
, NULL
, pt_len
))
741 || !TEST_true(EVP_CipherUpdate(ctx
, NULL
, &len
, aad
, aad_len
))
742 || !TEST_int_eq(EVP_CipherUpdate(ctx
, out
, &len
, pt
, pt_len
), pass
))
749 if (!TEST_true(EVP_CipherFinal_ex(ctx
, out
+ len
, &out_len
)))
753 if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_GET_TAG
,
754 tag_len
, out
+ out_len
))
755 || !TEST_mem_eq(out
, out_len
, ct
, ct_len
)
756 || !TEST_mem_eq(out
+ out_len
, tag_len
, tag
, tag_len
))
759 if (!TEST_mem_eq(out
, out_len
+ len
, ct
, ct_len
))
765 EVP_CIPHER_free(cipher
);
766 EVP_CIPHER_CTX_free(ctx
);
770 static int aes_ccm_enc_dec_test(int id
)
772 const struct cipher_ccm_st
*tst
= &aes_ccm_enc_data
[id
];
774 /* The tag is on the end of the cipher text */
775 const size_t tag_len
= tst
->ct_len
- tst
->pt_len
;
776 const size_t ct_len
= tst
->ct_len
- tag_len
;
777 const unsigned char *tag
= tst
->ct
+ ct_len
;
784 return aes_ccm_enc_dec(tst
->alg
, tst
->pt
, tst
->pt_len
,
785 tst
->key
, tst
->key_len
,
786 tst
->iv
, tst
->iv_len
, tst
->aad
, tst
->aad_len
,
787 tst
->ct
, ct_len
, tag
, tag_len
, enc
, pass
)
788 && aes_ccm_enc_dec(tst
->alg
, tst
->ct
, ct_len
,
789 tst
->key
, tst
->key_len
,
790 tst
->iv
, tst
->iv_len
, tst
->aad
, tst
->aad_len
,
791 tst
->pt
, tst
->pt_len
, tag
, tag_len
, !enc
, pass
)
792 /* test that it fails if the tag is incorrect */
793 && aes_ccm_enc_dec(tst
->alg
, tst
->ct
, ct_len
,
794 tst
->key
, tst
->key_len
,
795 tst
->iv
, tst
->iv_len
, tst
->aad
, tst
->aad_len
,
796 tst
->pt
, tst
->pt_len
,
797 tag
- 1, tag_len
, !enc
, !pass
);
800 static int aes_gcm_enc_dec(const char *alg
,
801 const unsigned char *pt
, size_t pt_len
,
802 const unsigned char *key
, size_t key_len
,
803 const unsigned char *iv
, size_t iv_len
,
804 const unsigned char *aad
, size_t aad_len
,
805 const unsigned char *ct
, size_t ct_len
,
806 const unsigned char *tag
, size_t tag_len
,
811 EVP_CIPHER
*cipher
= NULL
;
813 unsigned char out
[1024];
815 TEST_note("%s : %s : expected to %s", alg
, enc
? "encrypt" : "decrypt",
816 pass
? "pass" : "fail");
818 if (!TEST_ptr(ctx
= EVP_CIPHER_CTX_new())
819 || !TEST_ptr(cipher
= EVP_CIPHER_fetch(libctx
, alg
, ""))
820 || !TEST_true(EVP_CipherInit_ex(ctx
, cipher
, NULL
, NULL
, NULL
, enc
))
821 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_IVLEN
, iv_len
,
826 if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_SET_TAG
, tag_len
,
831 * TODO(3.0): The IV should not be set outside the boundary as it is now.
832 * It needs to be fed in via a dummy entropy source for this test.
834 if (!TEST_true(EVP_CipherInit_ex(ctx
, NULL
, NULL
, key
, iv
, enc
))
835 || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx
, 0))
836 || !TEST_true(EVP_CipherUpdate(ctx
, NULL
, &len
, aad
, aad_len
))
837 || !TEST_true(EVP_CipherUpdate(ctx
, out
, &len
, pt
, pt_len
)))
840 if (!TEST_int_eq(EVP_CipherFinal_ex(ctx
, out
+ len
, &out_len
), pass
))
848 if (!TEST_mem_eq(out
, out_len
, ct
, ct_len
)
849 || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx
, EVP_CTRL_AEAD_GET_TAG
,
850 tag_len
, out
+ out_len
))
851 || !TEST_mem_eq(out
+ out_len
, tag_len
, tag
, tag_len
))
854 if (!TEST_mem_eq(out
, out_len
, ct
, ct_len
))
860 EVP_CIPHER_free(cipher
);
861 EVP_CIPHER_CTX_free(ctx
);
865 static int aes_gcm_enc_dec_test(int id
)
867 const struct cipher_gcm_st
*tst
= &aes_gcm_enc_data
[id
];
871 return aes_gcm_enc_dec(tst
->alg
, tst
->pt
, tst
->pt_len
,
872 tst
->key
, tst
->key_len
,
873 tst
->iv
, tst
->iv_len
, tst
->aad
, tst
->aad_len
,
874 tst
->ct
, tst
->ct_len
, tst
->tag
, tst
->tag_len
,
876 && aes_gcm_enc_dec(tst
->alg
, tst
->ct
, tst
->ct_len
,
877 tst
->key
, tst
->key_len
,
878 tst
->iv
, tst
->iv_len
, tst
->aad
, tst
->aad_len
,
879 tst
->pt
, tst
->pt_len
, tst
->tag
, tst
->tag_len
,
881 /* Fail if incorrect tag passed to decrypt */
882 && aes_gcm_enc_dec(tst
->alg
, tst
->ct
, tst
->ct_len
,
883 tst
->key
, tst
->key_len
,
884 tst
->iv
, tst
->iv_len
, tst
->aad
, tst
->aad_len
,
885 tst
->pt
, tst
->pt_len
, tst
->aad
, tst
->tag_len
,
889 #ifndef OPENSSL_NO_DH
890 static int dh_create_pkey(EVP_PKEY
**pkey
, const char *group_name
,
891 const unsigned char *pub
, size_t pub_len
,
892 const unsigned char *priv
, size_t priv_len
,
893 BN_CTX
*bn_ctx
, int pass
)
896 EVP_PKEY_CTX
*ctx
= NULL
;
897 OSSL_PARAM_BLD
*bld
= NULL
;
898 OSSL_PARAM
*params
= NULL
;
899 BIGNUM
*pub_bn
= NULL
, *priv_bn
= NULL
;
901 if (!TEST_ptr(bld
= OSSL_PARAM_BLD_new())
902 || (group_name
!= NULL
903 && !TEST_int_gt(OSSL_PARAM_BLD_push_utf8_string(
904 bld
, OSSL_PKEY_PARAM_DH_GROUP
,
909 if (!TEST_ptr(pub_bn
= BN_CTX_get(bn_ctx
))
910 || !TEST_ptr(BN_bin2bn(pub
, pub_len
, pub_bn
))
911 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_PUB_KEY
,
916 if (!TEST_ptr(priv_bn
= BN_CTX_get(bn_ctx
))
917 || !TEST_ptr(BN_bin2bn(priv
, priv_len
, priv_bn
))
918 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_PRIV_KEY
,
923 if (!TEST_ptr(params
= OSSL_PARAM_BLD_to_param(bld
))
924 || !TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "DH", NULL
))
925 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx
))
926 || !TEST_int_eq(EVP_PKEY_fromdata(ctx
, pkey
, params
), pass
))
931 OSSL_PARAM_BLD_free_params(params
);
932 OSSL_PARAM_BLD_free(bld
);
933 EVP_PKEY_CTX_free(ctx
);
937 static int dh_safe_prime_keygen_test(int id
)
940 EVP_PKEY_CTX
*ctx
= NULL
;
941 EVP_PKEY
*pkey
= NULL
;
942 unsigned char *priv
= NULL
;
943 unsigned char *pub
= NULL
;
944 size_t priv_len
= 0, pub_len
= 0;
945 OSSL_PARAM params
[2];
946 const struct dh_safe_prime_keygen_st
*tst
= &dh_safe_prime_keygen_data
[id
];
948 params
[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_DH_GROUP
,
949 (char *)tst
->group_name
, 0);
950 params
[1] = OSSL_PARAM_construct_end();
952 if (!TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "DH", NULL
))
953 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx
), 0)
954 || !TEST_true(EVP_PKEY_CTX_set_params(ctx
, params
))
955 || !TEST_int_gt(EVP_PKEY_keygen(ctx
, &pkey
), 0)
956 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_PRIV_KEY
,
958 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_PUB_KEY
,
962 test_output_memory("x", priv
, priv_len
);
963 test_output_memory("y", pub
, pub_len
);
966 OPENSSL_clear_free(priv
, priv_len
);
969 EVP_PKEY_CTX_free(ctx
);
973 static int dh_safe_prime_keyver_test(int id
)
976 BN_CTX
*bn_ctx
= NULL
;
977 EVP_PKEY_CTX
*key_ctx
= NULL
;
978 EVP_PKEY
*pkey
= NULL
;
979 const struct dh_safe_prime_keyver_st
*tst
= &dh_safe_prime_keyver_data
[id
];
981 if (!TEST_ptr(bn_ctx
= BN_CTX_new_ex(libctx
))
982 || !TEST_true(dh_create_pkey(&pkey
, tst
->group_name
,
983 tst
->pub
, tst
->pub_len
,
984 tst
->priv
, tst
->priv_len
, bn_ctx
, 1))
985 || !TEST_ptr(key_ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, pkey
, ""))
986 || !TEST_int_eq(EVP_PKEY_check(key_ctx
), tst
->pass
))
992 EVP_PKEY_CTX_free(key_ctx
);
996 #endif /* OPENSSL_NO_DH */
999 #ifndef OPENSSL_NO_RSA
1000 static EVP_PKEY
*rsa_keygen(int bits
)
1002 EVP_PKEY
*key
= NULL
;
1003 EVP_PKEY_CTX
*keygen_ctx
= NULL
;
1005 if (!TEST_ptr(keygen_ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "RSA", NULL
))
1006 || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx
), 0)
1007 || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(keygen_ctx
, bits
))
1008 || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx
, &key
), 0))
1011 EVP_PKEY_CTX_free(keygen_ctx
);
1015 static int rsa_create_pkey(EVP_PKEY
**pkey
,
1016 const unsigned char *n
, size_t n_len
,
1017 const unsigned char *e
, size_t e_len
,
1018 const unsigned char *d
, size_t d_len
,
1022 EVP_PKEY_CTX
*ctx
= NULL
;
1023 OSSL_PARAM_BLD
*bld
= NULL
;
1024 OSSL_PARAM
*params
= NULL
;
1025 BIGNUM
*e_bn
= NULL
, *d_bn
= NULL
, *n_bn
= NULL
;
1027 if (!TEST_ptr(bld
= OSSL_PARAM_BLD_new())
1028 || !TEST_ptr(n_bn
= BN_CTX_get(bn_ctx
))
1029 || !TEST_ptr(BN_bin2bn(n
, n_len
, n_bn
))
1030 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_N
, n_bn
)))
1034 if (!TEST_ptr(e_bn
= BN_CTX_get(bn_ctx
))
1035 || !TEST_ptr(BN_bin2bn(e
, e_len
, e_bn
))
1036 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_E
,
1041 if (!TEST_ptr(d_bn
= BN_CTX_get(bn_ctx
))
1042 || !TEST_ptr(BN_bin2bn(d
, d_len
, d_bn
))
1043 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_D
,
1047 if (!TEST_ptr(params
= OSSL_PARAM_BLD_to_param(bld
))
1048 || !TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "RSA", NULL
))
1049 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx
))
1050 || !TEST_true(EVP_PKEY_fromdata(ctx
, pkey
, params
)))
1055 OSSL_PARAM_BLD_free_params(params
);
1056 OSSL_PARAM_BLD_free(bld
);
1057 EVP_PKEY_CTX_free(ctx
);
1061 static int rsa_keygen_test(int id
)
1064 EVP_PKEY_CTX
*ctx
= NULL
;
1065 EVP_PKEY
*pkey
= NULL
;
1066 BIGNUM
*e_bn
= NULL
;
1067 BIGNUM
*xp1_bn
= NULL
, *xp2_bn
= NULL
, *xp_bn
= NULL
;
1068 BIGNUM
*xq1_bn
= NULL
, *xq2_bn
= NULL
, *xq_bn
= NULL
;
1069 unsigned char *n
= NULL
, *d
= NULL
;
1070 unsigned char *p
= NULL
, *p1
= NULL
, *p2
= NULL
;
1071 unsigned char *q
= NULL
, *q1
= NULL
, *q2
= NULL
;
1072 size_t n_len
= 0, d_len
= 0;
1073 size_t p_len
= 0, p1_len
= 0, p2_len
= 0;
1074 size_t q_len
= 0, q1_len
= 0, q2_len
= 0;
1075 OSSL_PARAM_BLD
*bld
= NULL
;
1076 OSSL_PARAM
*params
= NULL
;
1077 const struct rsa_keygen_st
*tst
= &rsa_keygen_data
[id
];
1079 if (!TEST_ptr(bld
= OSSL_PARAM_BLD_new())
1080 || !TEST_ptr(xp1_bn
= BN_bin2bn(tst
->xp1
, tst
->xp1_len
, NULL
))
1081 || !TEST_ptr(xp2_bn
= BN_bin2bn(tst
->xp2
, tst
->xp2_len
, NULL
))
1082 || !TEST_ptr(xp_bn
= BN_bin2bn(tst
->xp
, tst
->xp_len
, NULL
))
1083 || !TEST_ptr(xq1_bn
= BN_bin2bn(tst
->xq1
, tst
->xq1_len
, NULL
))
1084 || !TEST_ptr(xq2_bn
= BN_bin2bn(tst
->xq2
, tst
->xq2_len
, NULL
))
1085 || !TEST_ptr(xq_bn
= BN_bin2bn(tst
->xq
, tst
->xq_len
, NULL
))
1086 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_TEST_XP1
,
1088 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_TEST_XP2
,
1090 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_TEST_XP
,
1092 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_TEST_XQ1
,
1094 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_TEST_XQ2
,
1096 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_RSA_TEST_XQ
,
1098 || !TEST_ptr(params
= OSSL_PARAM_BLD_to_param(bld
)))
1101 if (!TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_name(libctx
, "RSA", NULL
))
1102 || !TEST_ptr(e_bn
= BN_bin2bn(tst
->e
, tst
->e_len
, NULL
))
1103 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx
), 0)
1104 || !TEST_true(EVP_PKEY_CTX_set_params(ctx
, params
))
1105 || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx
, tst
->mod
))
1106 || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx
, e_bn
))
1107 || !TEST_int_gt(EVP_PKEY_keygen(ctx
, &pkey
), 0)
1108 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_TEST_P1
,
1110 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_TEST_P2
,
1112 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_TEST_Q1
,
1114 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_TEST_Q2
,
1116 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_FACTOR1
,
1118 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_FACTOR2
,
1120 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_N
,
1122 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_D
,
1126 if (!TEST_mem_eq(tst
->p1
, tst
->p1_len
, p1
, p1_len
)
1127 || !TEST_mem_eq(tst
->p2
, tst
->p2_len
, p2
, p2_len
)
1128 || !TEST_mem_eq(tst
->p
, tst
->p_len
, p
, p_len
)
1129 || !TEST_mem_eq(tst
->q1
, tst
->q1_len
, q1
, q1_len
)
1130 || !TEST_mem_eq(tst
->q2
, tst
->q2_len
, q2
, q2_len
)
1131 || !TEST_mem_eq(tst
->q
, tst
->q_len
, q
, q_len
)
1132 || !TEST_mem_eq(tst
->n
, tst
->n_len
, n
, n_len
)
1133 || !TEST_mem_eq(tst
->d
, tst
->d_len
, d
, d_len
))
1136 test_output_memory("p1", p1
, p1_len
);
1137 test_output_memory("p2", p2
, p2_len
);
1138 test_output_memory("p", p
, p_len
);
1139 test_output_memory("q1", q1
, q1_len
);
1140 test_output_memory("q2", q2
, q2_len
);
1141 test_output_memory("q", q
, q_len
);
1142 test_output_memory("n", n
, n_len
);
1143 test_output_memory("d", d
, d_len
);
1161 EVP_PKEY_free(pkey
);
1162 EVP_PKEY_CTX_free(ctx
);
1163 OSSL_PARAM_BLD_free_params(params
);
1164 OSSL_PARAM_BLD_free(bld
);
1168 static int rsa_siggen_test(int id
)
1171 EVP_PKEY
*pkey
= NULL
;
1172 unsigned char *sig
= NULL
, *n
= NULL
, *e
= NULL
;
1173 size_t sig_len
= 0, n_len
= 0, e_len
= 0;
1174 OSSL_PARAM params
[4], *p
;
1175 const struct rsa_siggen_st
*tst
= &rsa_siggen_data
[id
];
1177 TEST_note("RSA %s signature generation", tst
->sig_pad_mode
);
1180 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE
,
1181 (char *)tst
->sig_pad_mode
, 0);
1182 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST
,
1183 (char *)tst
->digest_alg
, 0);
1184 if (tst
->pss_salt_len
>= 0) {
1185 int salt_len
= tst
->pss_salt_len
;
1187 *p
++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN
,
1190 *p
++ = OSSL_PARAM_construct_end();
1192 if (!TEST_ptr(pkey
= rsa_keygen(tst
->mod
))
1193 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_N
, &n
, &n_len
))
1194 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_E
, &e
, &e_len
))
1195 || !TEST_true(sig_gen(pkey
, params
, tst
->digest_alg
,
1196 tst
->msg
, tst
->msg_len
,
1199 test_output_memory("n", n
, n_len
);
1200 test_output_memory("e", e
, e_len
);
1201 test_output_memory("sig", sig
, sig_len
);
1207 EVP_PKEY_free(pkey
);
1211 static int rsa_sigver_test(int id
)
1214 EVP_PKEY_CTX
*pkey_ctx
= NULL
;
1215 EVP_PKEY
*pkey
= NULL
;
1216 EVP_MD_CTX
*md_ctx
= NULL
;
1217 BN_CTX
*bn_ctx
= NULL
;
1218 OSSL_PARAM params
[4], *p
;
1219 const struct rsa_sigver_st
*tst
= &rsa_sigver_data
[id
];
1221 TEST_note("RSA %s Signature Verify : expected to %s ", tst
->sig_pad_mode
,
1222 tst
->pass
== PASS
? "pass" : "fail");
1225 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE
,
1226 (char *)tst
->sig_pad_mode
, 0);
1227 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST
,
1228 (char *)tst
->digest_alg
, 0);
1229 if (tst
->pss_salt_len
>= 0) {
1230 int salt_len
= tst
->pss_salt_len
;
1232 *p
++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN
,
1235 *p
++ = OSSL_PARAM_construct_end();
1237 if (!TEST_ptr(bn_ctx
= BN_CTX_new())
1238 || !TEST_true(rsa_create_pkey(&pkey
, tst
->n
, tst
->n_len
,
1239 tst
->e
, tst
->e_len
, NULL
, 0, bn_ctx
))
1240 || !TEST_ptr(md_ctx
= EVP_MD_CTX_new())
1241 || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx
, &pkey_ctx
, tst
->digest_alg
,
1243 || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx
, params
))
1244 || !TEST_int_eq(EVP_DigestVerify(md_ctx
, tst
->sig
, tst
->sig_len
,
1245 tst
->msg
, tst
->msg_len
), tst
->pass
)))
1249 EVP_PKEY_free(pkey
);
1250 BN_CTX_free(bn_ctx
);
1251 EVP_MD_CTX_free(md_ctx
);
1255 static int rsa_decryption_primitive_test(int id
)
1258 EVP_PKEY_CTX
*ctx
= NULL
;
1259 EVP_PKEY
*pkey
= NULL
;
1260 unsigned char pt
[2048];
1261 size_t pt_len
= sizeof(pt
);
1262 unsigned char *n
= NULL
, *e
= NULL
;
1263 size_t n_len
= 0, e_len
= 0;
1264 BN_CTX
*bn_ctx
= NULL
;
1265 const struct rsa_decrypt_prim_st
*tst
= &rsa_decrypt_prim_data
[id
];
1267 if (!TEST_ptr(pkey
= rsa_keygen(2048))
1268 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_N
, &n
, &n_len
))
1269 || !TEST_true(pkey_get_bn_bytes(pkey
, OSSL_PKEY_PARAM_RSA_E
, &e
, &e_len
))
1270 || !TEST_ptr(ctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, pkey
, ""))
1271 || !TEST_int_gt(EVP_PKEY_decrypt_init(ctx
), 0)
1272 || !TEST_int_gt(EVP_PKEY_CTX_set_rsa_padding(ctx
, RSA_NO_PADDING
), 0))
1275 test_output_memory("n", n
, n_len
);
1276 test_output_memory("e", e
, e_len
);
1277 if (!EVP_PKEY_decrypt(ctx
, pt
, &pt_len
, tst
->ct
, tst
->ct_len
))
1278 TEST_note("Decryption Failed");
1280 test_output_memory("pt", pt
, pt_len
);
1285 EVP_PKEY_CTX_free(ctx
);
1286 EVP_PKEY_free(pkey
);
1287 BN_CTX_free(bn_ctx
);
1290 #endif /* OPENSSL_NO_RSA */
1293 int setup_tests(void)
1295 char *config_file
= NULL
;
1299 while ((o
= opt_next()) != OPT_EOF
) {
1301 case OPT_CONFIG_FILE
:
1302 config_file
= opt_arg();
1304 case OPT_TEST_CASES
:
1312 prov_null
= OSSL_PROVIDER_load(NULL
, "null");
1313 if (prov_null
== NULL
) {
1314 opt_printf_stderr("Failed to load null provider into default libctx\n");
1318 libctx
= OPENSSL_CTX_new();
1320 || !OPENSSL_CTX_load_config(libctx
, config_file
)) {
1321 opt_printf_stderr("Failed to load config\n");
1325 ADD_ALL_TESTS(cipher_enc_dec_test
, OSSL_NELEM(cipher_enc_data
));
1326 ADD_ALL_TESTS(aes_ccm_enc_dec_test
, OSSL_NELEM(aes_ccm_enc_data
));
1327 ADD_ALL_TESTS(aes_gcm_enc_dec_test
, OSSL_NELEM(aes_gcm_enc_data
));
1329 #ifndef OPENSSL_NO_RSA
1330 ADD_ALL_TESTS(rsa_keygen_test
, OSSL_NELEM(rsa_keygen_data
));
1331 ADD_ALL_TESTS(rsa_siggen_test
, OSSL_NELEM(rsa_siggen_data
));
1332 ADD_ALL_TESTS(rsa_sigver_test
, OSSL_NELEM(rsa_sigver_data
));
1333 ADD_ALL_TESTS(rsa_decryption_primitive_test
,
1334 OSSL_NELEM(rsa_decrypt_prim_data
));
1335 #endif /* OPENSSL_NO_RSA */
1337 #ifndef OPENSSL_NO_DH
1338 ADD_ALL_TESTS(dh_safe_prime_keygen_test
,
1339 OSSL_NELEM(dh_safe_prime_keygen_data
));
1340 ADD_ALL_TESTS(dh_safe_prime_keyver_test
,
1341 OSSL_NELEM(dh_safe_prime_keyver_data
));
1342 #endif /* OPENSSL_NO_DH */
1344 #ifndef OPENSSL_NO_DSA
1345 ADD_ALL_TESTS(dsa_keygen_test
, OSSL_NELEM(dsa_keygen_data
));
1346 ADD_ALL_TESTS(dsa_paramgen_test
, OSSL_NELEM(dsa_paramgen_data
));
1347 ADD_ALL_TESTS(dsa_pqver_test
, OSSL_NELEM(dsa_pqver_data
));
1348 ADD_ALL_TESTS(dsa_siggen_test
, OSSL_NELEM(dsa_siggen_data
));
1349 ADD_ALL_TESTS(dsa_sigver_test
, OSSL_NELEM(dsa_sigver_data
));
1350 #endif /* OPENSSL_NO_DSA */
1352 #ifndef OPENSSL_NO_EC
1353 ADD_ALL_TESTS(ecdsa_keygen_test
, OSSL_NELEM(ecdsa_keygen_data
));
1354 ADD_ALL_TESTS(ecdsa_pub_verify_test
, OSSL_NELEM(ecdsa_pv_data
));
1355 ADD_ALL_TESTS(ecdsa_siggen_test
, OSSL_NELEM(ecdsa_siggen_data
));
1356 ADD_ALL_TESTS(ecdsa_sigver_test
, OSSL_NELEM(ecdsa_sigver_data
));
1357 #endif /* OPENSSL_NO_EC */
1361 void cleanup_tests(void)
1363 OSSL_PROVIDER_unload(prov_null
);
1364 OPENSSL_CTX_free(libctx
);