2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
25 #include "predefined_dhparams.h"
29 static BN_CTX
*bnctx
= NULL
;
30 static OSSL_PARAM_BLD
*bld_prime_nc
= NULL
;
31 static OSSL_PARAM_BLD
*bld_prime
= NULL
;
32 static OSSL_PARAM
*ec_explicit_prime_params_nc
= NULL
;
33 static OSSL_PARAM
*ec_explicit_prime_params_explicit
= NULL
;
35 # ifndef OPENSSL_NO_EC2M
36 static OSSL_PARAM_BLD
*bld_tri_nc
= NULL
;
37 static OSSL_PARAM_BLD
*bld_tri
= NULL
;
38 static OSSL_PARAM
*ec_explicit_tri_params_nc
= NULL
;
39 static OSSL_PARAM
*ec_explicit_tri_params_explicit
= NULL
;
43 static EVP_PKEY
*make_template(const char *type
, OSSL_PARAM
*genparams
)
45 EVP_PKEY
*pkey
= NULL
;
46 EVP_PKEY_CTX
*ctx
= NULL
;
49 /* use DH(X) keys with predetermined parameters for efficiency */
50 if (strcmp(type
, "DH") == 0)
51 return get_dh512(NULL
);
52 if (strcmp(type
, "X9.42 DH") == 0)
53 return get_dhx512(NULL
);
57 * No real need to check the errors other than for the cascade
58 * effect. |pkey| will simply remain NULL if something goes wrong.
60 (void)((ctx
= EVP_PKEY_CTX_new_from_name(NULL
, type
, NULL
)) != NULL
61 && EVP_PKEY_paramgen_init(ctx
) > 0
63 || EVP_PKEY_CTX_set_params(ctx
, genparams
) > 0)
64 && EVP_PKEY_gen(ctx
, &pkey
) > 0);
65 EVP_PKEY_CTX_free(ctx
);
70 static EVP_PKEY
*make_key(const char *type
, EVP_PKEY
*template,
71 OSSL_PARAM
*genparams
)
73 EVP_PKEY
*pkey
= NULL
;
76 ? EVP_PKEY_CTX_new(template, NULL
)
77 : EVP_PKEY_CTX_new_from_name(NULL
, type
, NULL
);
80 * No real need to check the errors other than for the cascade
81 * effect. |pkey| will simply remain NULL if something goes wrong.
84 && EVP_PKEY_keygen_init(ctx
) > 0
86 || EVP_PKEY_CTX_set_params(ctx
, genparams
) > 0)
87 && EVP_PKEY_keygen(ctx
, &pkey
) > 0);
88 EVP_PKEY_CTX_free(ctx
);
92 /* Main test driver */
95 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
96 * and __LINE__ as first two arguments, and have them use the lower case
97 * functions, such as test_strn_eq(), rather than the uppercase macros
98 * (TEST_strn2_eq(), for example).
101 typedef int (encoder
)(void **encoded
, long *encoded_len
,
102 void *object
, int selection
,
103 const char *output_type
, const char *output_structure
,
104 const char *pass
, const char *pcipher
);
105 typedef int (decoder
)(void **object
, void *encoded
, long encoded_len
,
106 const char *keytype
, const char *input_type
,
107 int selection
, const char *pass
);
108 typedef int (tester
)(const void *data1
, size_t data1_len
,
109 const void *data2
, size_t data2_len
);
110 typedef int (checker
)(const char *type
, const void *data
, size_t data_len
);
111 typedef void (dumper
)(const char *label
, const void *data
, size_t data_len
);
113 #define FLAG_DECODE_WITH_TYPE 0x0001
115 static int test_encode_decode(const char *type
, EVP_PKEY
*pkey
,
116 int selection
, const char *output_type
,
117 const char *output_structure
,
118 const char *pass
, const char *pcipher
,
119 encoder
*encode_cb
, decoder
*decode_cb
,
120 tester
*test_cb
, checker
*check_cb
,
121 dumper
*dump_cb
, int flags
)
123 void *encoded
= NULL
;
124 long encoded_len
= 0;
125 EVP_PKEY
*pkey2
= NULL
;
126 void *encoded2
= NULL
;
127 long encoded2_len
= 0;
131 * Encode |pkey|, decode the result into |pkey2|, and finish off by
132 * encoding |pkey2| as well. That last encoding is for checking and
135 if (!TEST_true(encode_cb(&encoded
, &encoded_len
, pkey
, selection
,
136 output_type
, output_structure
, pass
, pcipher
))
137 || !TEST_true(check_cb(type
, encoded
, encoded_len
))
138 || !TEST_true(decode_cb((void **)&pkey2
, encoded
, encoded_len
,
139 (flags
& FLAG_DECODE_WITH_TYPE
? type
: NULL
),
140 output_type
, selection
, pass
))
141 || !TEST_true(encode_cb(&encoded2
, &encoded2_len
, pkey2
, selection
,
142 output_type
, output_structure
, pass
, pcipher
)))
145 if (selection
== OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) {
146 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey
, pkey2
), 1))
149 if (!TEST_int_eq(EVP_PKEY_eq(pkey
, pkey2
), 1))
154 * Double check the encoding, but only for unprotected keys,
155 * as protected keys have a random component, which makes the output
158 if ((pass
== NULL
&& pcipher
== NULL
)
159 && !test_cb(encoded
, encoded_len
, encoded2
, encoded2_len
))
165 if (encoded
!= NULL
&& encoded_len
!= 0)
166 dump_cb("|pkey| encoded", encoded
, encoded_len
);
167 if (encoded2
!= NULL
&& encoded2_len
!= 0)
168 dump_cb("|pkey2| encoded", encoded2
, encoded2_len
);
171 OPENSSL_free(encoded
);
172 OPENSSL_free(encoded2
);
173 EVP_PKEY_free(pkey2
);
177 /* Encoding and decoding methods */
179 static int encode_EVP_PKEY_prov(void **encoded
, long *encoded_len
,
180 void *object
, int selection
,
181 const char *output_type
,
182 const char *output_structure
,
183 const char *pass
, const char *pcipher
)
185 EVP_PKEY
*pkey
= object
;
186 OSSL_ENCODER_CTX
*ectx
= NULL
;
188 BUF_MEM
*mem_buf
= NULL
;
189 const unsigned char *upass
= (const unsigned char *)pass
;
192 if (!TEST_ptr(ectx
= OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey
, selection
,
196 || !TEST_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx
), 0)
198 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx
, upass
,
201 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx
, pcipher
, NULL
)))
202 || !TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
203 || !TEST_true(OSSL_ENCODER_to_bio(ectx
, mem_ser
))
204 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
205 || !TEST_ptr(*encoded
= mem_buf
->data
)
206 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
209 /* Detach the encoded output */
210 mem_buf
->data
= NULL
;
215 OSSL_ENCODER_CTX_free(ectx
);
219 static int decode_EVP_PKEY_prov(void **object
, void *encoded
, long encoded_len
,
220 const char *keytype
, const char *input_type
,
221 int selection
, const char *pass
)
223 EVP_PKEY
*pkey
= NULL
, *testpkey
= NULL
;
224 OSSL_DECODER_CTX
*dctx
= NULL
;
225 BIO
*encoded_bio
= NULL
;
226 const unsigned char *upass
= (const unsigned char *)pass
;
231 if (strcmp(input_type
, "DER") == 0)
236 if (!TEST_ptr(encoded_bio
= BIO_new_mem_buf(encoded
, encoded_len
)))
240 * We attempt the decode 3 times. The first time we provide the expected
241 * starting input type. The second time we provide NULL for the starting
242 * type. The third time we provide a bad starting input type.
243 * The bad starting input type should fail. The other two should succeed
244 * and produce the same result.
246 for (i
= 0; i
< 3; i
++) {
247 const char *testtype
= (i
== 0) ? input_type
248 : ((i
== 1) ? NULL
: badtype
);
250 if (!TEST_ptr(dctx
= OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey
,
257 && !OSSL_DECODER_CTX_set_passphrase(dctx
, upass
, strlen(pass
)))
258 || !TEST_int_gt(BIO_reset(encoded_bio
), 0)
259 /* We expect to fail when using a bad input type */
260 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx
, encoded_bio
),
263 OSSL_DECODER_CTX_free(dctx
);
270 if (selection
== OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) {
271 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey
, testpkey
), 1))
274 if (!TEST_int_eq(EVP_PKEY_eq(pkey
, testpkey
), 1))
285 EVP_PKEY_free(testpkey
);
286 BIO_free(encoded_bio
);
287 OSSL_DECODER_CTX_free(dctx
);
291 static int encode_EVP_PKEY_legacy_PEM(void **encoded
, long *encoded_len
,
292 void *object
, ossl_unused
int selection
,
293 ossl_unused
const char *output_type
,
294 ossl_unused
const char *output_structure
,
295 const char *pass
, const char *pcipher
)
297 EVP_PKEY
*pkey
= object
;
298 EVP_CIPHER
*cipher
= NULL
;
300 BUF_MEM
*mem_buf
= NULL
;
301 const unsigned char *upass
= (const unsigned char *)pass
;
305 if (pcipher
!= NULL
&& pass
!= NULL
) {
306 passlen
= strlen(pass
);
307 if (!TEST_ptr(cipher
= EVP_CIPHER_fetch(NULL
, pcipher
, NULL
)))
310 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
311 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser
, pkey
,
315 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
316 || !TEST_ptr(*encoded
= mem_buf
->data
)
317 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
320 /* Detach the encoded output */
321 mem_buf
->data
= NULL
;
326 EVP_CIPHER_free(cipher
);
330 #ifndef OPENSSL_NO_DSA
331 static int encode_EVP_PKEY_MSBLOB(void **encoded
, long *encoded_len
,
332 void *object
, int selection
,
333 ossl_unused
const char *output_type
,
334 ossl_unused
const char *output_structure
,
335 ossl_unused
const char *pass
,
336 ossl_unused
const char *pcipher
)
338 EVP_PKEY
*pkey
= object
;
340 BUF_MEM
*mem_buf
= NULL
;
343 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem())))
346 if ((selection
& OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0) {
347 if (!TEST_int_ge(i2b_PrivateKey_bio(mem_ser
, pkey
), 0))
350 if (!TEST_int_ge(i2b_PublicKey_bio(mem_ser
, pkey
), 0))
354 if (!TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
355 || !TEST_ptr(*encoded
= mem_buf
->data
)
356 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
359 /* Detach the encoded output */
360 mem_buf
->data
= NULL
;
368 # ifndef OPENSSL_NO_RC4
369 static pem_password_cb pass_pw
;
370 static int pass_pw(char *buf
, int size
, int rwflag
, void *userdata
)
372 OPENSSL_strlcpy(buf
, userdata
, size
);
373 return strlen(userdata
);
376 static int encode_EVP_PKEY_PVK(void **encoded
, long *encoded_len
,
377 void *object
, int selection
,
378 ossl_unused
const char *output_type
,
379 ossl_unused
const char *output_structure
,
381 ossl_unused
const char *pcipher
)
383 EVP_PKEY
*pkey
= object
;
385 BUF_MEM
*mem_buf
= NULL
;
386 int enc
= (pass
!= NULL
);
389 if (!TEST_true(ossl_assert((selection
390 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0))
391 || !TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
392 || !TEST_int_ge(i2b_PVK_bio(mem_ser
, pkey
, enc
,
393 pass_pw
, (void *)pass
), 0)
394 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
395 || !TEST_ptr(*encoded
= mem_buf
->data
)
396 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
399 /* Detach the encoded output */
400 mem_buf
->data
= NULL
;
410 static int test_text(const void *data1
, size_t data1_len
,
411 const void *data2
, size_t data2_len
)
413 return TEST_strn2_eq(data1
, data1_len
, data2
, data2_len
);
416 static int test_mem(const void *data1
, size_t data1_len
,
417 const void *data2
, size_t data2_len
)
419 return TEST_mem_eq(data1
, data1_len
, data2
, data2_len
);
422 /* Test cases and their dumpers / checkers */
424 static void collect_name(const char *name
, void *arg
)
426 char **namelist
= arg
;
430 space
= strlen(name
);
431 if (*namelist
!= NULL
)
432 space
+= strlen(*namelist
) + 2 /* for comma and space */;
433 space
++; /* for terminating null byte */
435 new_namelist
= OPENSSL_realloc(*namelist
, space
);
436 if (new_namelist
== NULL
)
438 if (*namelist
!= NULL
) {
439 strcat(new_namelist
, ", ");
440 strcat(new_namelist
, name
);
442 strcpy(new_namelist
, name
);
444 *namelist
= new_namelist
;
447 static void dump_der(const char *label
, const void *data
, size_t data_len
)
449 test_output_memory(label
, data
, data_len
);
452 static void dump_pem(const char *label
, const void *data
, size_t data_len
)
454 test_output_string(label
, data
, data_len
- 1);
457 static int check_unprotected_PKCS8_DER(const char *type
,
458 const void *data
, size_t data_len
)
460 const unsigned char *datap
= data
;
461 PKCS8_PRIV_KEY_INFO
*p8inf
=
462 d2i_PKCS8_PRIV_KEY_INFO(NULL
, &datap
, data_len
);
465 if (TEST_ptr(p8inf
)) {
466 EVP_PKEY
*pkey
= EVP_PKCS82PKEY(p8inf
);
467 char *namelist
= NULL
;
469 if (TEST_ptr(pkey
)) {
470 if (!(ok
= TEST_true(EVP_PKEY_is_a(pkey
, type
)))) {
471 EVP_PKEY_typenames_do_all(pkey
, collect_name
, &namelist
);
472 if (namelist
!= NULL
)
473 TEST_note("%s isn't any of %s", type
, namelist
);
474 OPENSSL_free(namelist
);
479 PKCS8_PRIV_KEY_INFO_free(p8inf
);
483 static int test_unprotected_via_DER(const char *type
, EVP_PKEY
*key
)
485 return test_encode_decode(type
, key
,
486 OSSL_KEYMGMT_SELECT_KEYPAIR
487 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
488 "DER", "pkcs8", NULL
, NULL
,
489 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
490 test_mem
, check_unprotected_PKCS8_DER
,
494 static int check_unprotected_PKCS8_PEM(const char *type
,
495 const void *data
, size_t data_len
)
497 static const char expected_pem_header
[] =
498 "-----BEGIN " PEM_STRING_PKCS8INF
"-----";
500 return TEST_strn_eq(data
, expected_pem_header
,
501 sizeof(expected_pem_header
) - 1);
504 static int test_unprotected_via_PEM(const char *type
, EVP_PKEY
*key
)
506 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_KEYPAIR
507 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
508 "PEM", "pkcs8", NULL
, NULL
,
509 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
510 test_text
, check_unprotected_PKCS8_PEM
,
514 static int check_params_DER(const char *type
, const void *data
, size_t data_len
)
516 const unsigned char *datap
= data
;
518 int itype
= NID_undef
;
519 EVP_PKEY
*pkey
= NULL
;
521 if (strcmp(type
, "DH") == 0)
523 else if (strcmp(type
, "X9.42 DH") == 0)
524 itype
= EVP_PKEY_DHX
;
525 else if (strcmp(type
, "DSA") == 0)
526 itype
= EVP_PKEY_DSA
;
527 else if (strcmp(type
, "EC") == 0)
530 if (itype
!= NID_undef
) {
531 pkey
= d2i_KeyParams(itype
, NULL
, &datap
, data_len
);
539 static int check_params_PEM(const char *type
,
540 const void *data
, size_t data_len
)
542 static char expected_pem_header
[80];
545 TEST_int_gt(BIO_snprintf(expected_pem_header
,
546 sizeof(expected_pem_header
),
547 "-----BEGIN %s PARAMETERS-----", type
), 0)
548 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
));
551 static int test_params_via_DER(const char *type
, EVP_PKEY
*key
)
553 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
554 "DER", "type-specific", NULL
, NULL
,
555 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
556 test_mem
, check_params_DER
,
557 dump_der
, FLAG_DECODE_WITH_TYPE
);
560 static int test_params_via_PEM(const char *type
, EVP_PKEY
*key
)
562 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
563 "PEM", "type-specific", NULL
, NULL
,
564 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
565 test_text
, check_params_PEM
,
569 static int check_unprotected_legacy_PEM(const char *type
,
570 const void *data
, size_t data_len
)
572 static char expected_pem_header
[80];
575 TEST_int_gt(BIO_snprintf(expected_pem_header
,
576 sizeof(expected_pem_header
),
577 "-----BEGIN %s PRIVATE KEY-----", type
), 0)
578 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
));
581 static int test_unprotected_via_legacy_PEM(const char *type
, EVP_PKEY
*key
)
583 return test_encode_decode(type
, key
,
584 OSSL_KEYMGMT_SELECT_KEYPAIR
585 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
586 "PEM", "type-specific", NULL
, NULL
,
587 encode_EVP_PKEY_legacy_PEM
, decode_EVP_PKEY_prov
,
588 test_text
, check_unprotected_legacy_PEM
,
592 #ifndef OPENSSL_NO_DSA
593 static int check_MSBLOB(const char *type
, const void *data
, size_t data_len
)
595 const unsigned char *datap
= data
;
596 EVP_PKEY
*pkey
= b2i_PrivateKey(&datap
, data_len
);
597 int ok
= TEST_ptr(pkey
);
603 static int test_unprotected_via_MSBLOB(const char *type
, EVP_PKEY
*key
)
605 return test_encode_decode(type
, key
,
606 OSSL_KEYMGMT_SELECT_KEYPAIR
607 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
608 "MSBLOB", NULL
, NULL
, NULL
,
609 encode_EVP_PKEY_MSBLOB
, decode_EVP_PKEY_prov
,
610 test_mem
, check_MSBLOB
,
614 # ifndef OPENSSL_NO_RC4
615 static int check_PVK(const char *type
, const void *data
, size_t data_len
)
617 const unsigned char *in
= data
;
618 unsigned int saltlen
= 0, keylen
= 0;
619 int ok
= ossl_do_PVK_header(&in
, data_len
, 0, &saltlen
, &keylen
);
624 static int test_unprotected_via_PVK(const char *type
, EVP_PKEY
*key
)
626 return test_encode_decode(type
, key
,
627 OSSL_KEYMGMT_SELECT_KEYPAIR
628 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
629 "PVK", NULL
, NULL
, NULL
,
630 encode_EVP_PKEY_PVK
, decode_EVP_PKEY_prov
,
637 static const char *pass_cipher
= "AES-256-CBC";
638 static const char *pass
= "the holy handgrenade of antioch";
640 static int check_protected_PKCS8_DER(const char *type
,
641 const void *data
, size_t data_len
)
643 const unsigned char *datap
= data
;
644 X509_SIG
*p8
= d2i_X509_SIG(NULL
, &datap
, data_len
);
645 int ok
= TEST_ptr(p8
);
651 static int test_protected_via_DER(const char *type
, EVP_PKEY
*key
)
653 return test_encode_decode(type
, key
,
654 OSSL_KEYMGMT_SELECT_KEYPAIR
655 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
656 "DER", "pkcs8", pass
, pass_cipher
,
657 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
658 test_mem
, check_protected_PKCS8_DER
,
662 static int check_protected_PKCS8_PEM(const char *type
,
663 const void *data
, size_t data_len
)
665 static const char expected_pem_header
[] =
666 "-----BEGIN " PEM_STRING_PKCS8
"-----";
668 return TEST_strn_eq(data
, expected_pem_header
,
669 sizeof(expected_pem_header
) - 1);
672 static int test_protected_via_PEM(const char *type
, EVP_PKEY
*key
)
674 return test_encode_decode(type
, key
,
675 OSSL_KEYMGMT_SELECT_KEYPAIR
676 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
677 "PEM", "pkcs8", pass
, pass_cipher
,
678 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
679 test_text
, check_protected_PKCS8_PEM
,
683 static int check_protected_legacy_PEM(const char *type
,
684 const void *data
, size_t data_len
)
686 static char expected_pem_header
[80];
689 TEST_int_gt(BIO_snprintf(expected_pem_header
,
690 sizeof(expected_pem_header
),
691 "-----BEGIN %s PRIVATE KEY-----", type
), 0)
692 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
))
693 && TEST_ptr(strstr(data
, "\nDEK-Info: "));
696 static int test_protected_via_legacy_PEM(const char *type
, EVP_PKEY
*key
)
698 return test_encode_decode(type
, key
,
699 OSSL_KEYMGMT_SELECT_KEYPAIR
700 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
701 "PEM", "type-specific", pass
, pass_cipher
,
702 encode_EVP_PKEY_legacy_PEM
, decode_EVP_PKEY_prov
,
703 test_text
, check_protected_legacy_PEM
,
707 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
708 static int test_protected_via_PVK(const char *type
, EVP_PKEY
*key
)
710 return test_encode_decode(type
, key
,
711 OSSL_KEYMGMT_SELECT_KEYPAIR
712 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
713 "PVK", NULL
, pass
, NULL
,
714 encode_EVP_PKEY_PVK
, decode_EVP_PKEY_prov
,
715 test_mem
, check_PVK
, dump_der
, 0);
719 static int check_public_DER(const char *type
, const void *data
, size_t data_len
)
721 const unsigned char *datap
= data
;
722 EVP_PKEY
*pkey
= d2i_PUBKEY(NULL
, &datap
, data_len
);
723 int ok
= (TEST_ptr(pkey
) && TEST_true(EVP_PKEY_is_a(pkey
, type
)));
729 static int test_public_via_DER(const char *type
, EVP_PKEY
*key
)
731 return test_encode_decode(type
, key
,
732 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
733 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
734 "DER", "SubjectPublicKeyInfo", NULL
, NULL
,
735 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
736 test_mem
, check_public_DER
, dump_der
, 0);
739 static int check_public_PEM(const char *type
, const void *data
, size_t data_len
)
741 static const char expected_pem_header
[] =
742 "-----BEGIN " PEM_STRING_PUBLIC
"-----";
745 TEST_strn_eq(data
, expected_pem_header
,
746 sizeof(expected_pem_header
) - 1);
749 static int test_public_via_PEM(const char *type
, EVP_PKEY
*key
)
751 return test_encode_decode(type
, key
,
752 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
753 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
754 "PEM", "SubjectPublicKeyInfo", NULL
, NULL
,
755 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
756 test_text
, check_public_PEM
, dump_pem
, 0);
759 #ifndef OPENSSL_NO_DSA
760 static int check_public_MSBLOB(const char *type
,
761 const void *data
, size_t data_len
)
763 const unsigned char *datap
= data
;
764 EVP_PKEY
*pkey
= b2i_PublicKey(&datap
, data_len
);
765 int ok
= TEST_ptr(pkey
);
771 static int test_public_via_MSBLOB(const char *type
, EVP_PKEY
*key
)
773 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
774 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
775 "MSBLOB", NULL
, NULL
, NULL
,
776 encode_EVP_PKEY_MSBLOB
, decode_EVP_PKEY_prov
,
777 test_mem
, check_public_MSBLOB
, dump_der
, 0);
781 #define KEYS(KEYTYPE) \
782 static EVP_PKEY *key_##KEYTYPE = NULL
783 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
785 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
786 #define FREE_KEYS(KEYTYPE) \
787 EVP_PKEY_free(key_##KEYTYPE); \
789 #define DOMAIN_KEYS(KEYTYPE) \
790 static EVP_PKEY *template_##KEYTYPE = NULL; \
791 static EVP_PKEY *key_##KEYTYPE = NULL
792 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
794 && TEST_ptr(template_##KEYTYPE = \
795 make_template(KEYTYPEstr, params)) \
796 && TEST_ptr(key_##KEYTYPE = \
797 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
798 #define FREE_DOMAIN_KEYS(KEYTYPE) \
799 EVP_PKEY_free(template_##KEYTYPE); \
800 EVP_PKEY_free(key_##KEYTYPE)
802 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
803 static int test_unprotected_##KEYTYPE##_via_DER(void) \
805 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
807 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
809 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
811 static int test_protected_##KEYTYPE##_via_DER(void) \
813 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
815 static int test_protected_##KEYTYPE##_via_PEM(void) \
817 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
819 static int test_public_##KEYTYPE##_via_DER(void) \
821 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
823 static int test_public_##KEYTYPE##_via_PEM(void) \
825 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
828 #define ADD_TEST_SUITE(KEYTYPE) \
829 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
830 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
831 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
832 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
833 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
834 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
836 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
837 static int test_params_##KEYTYPE##_via_DER(void) \
839 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
841 static int test_params_##KEYTYPE##_via_PEM(void) \
843 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
846 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
847 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
848 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
850 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
851 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
854 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
856 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
859 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
862 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
863 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
864 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
866 #ifndef OPENSSL_NO_DSA
867 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
868 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
870 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
872 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
874 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
877 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
878 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
879 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
881 # ifndef OPENSSL_NO_RC4
882 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
883 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
885 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
887 static int test_protected_##KEYTYPE##_via_PVK(void) \
889 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
892 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
893 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
894 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
898 #ifndef OPENSSL_NO_DH
900 IMPLEMENT_TEST_SUITE(DH
, "DH")
901 IMPLEMENT_TEST_SUITE_PARAMS(DH
, "DH")
903 IMPLEMENT_TEST_SUITE(DHX
, "X9.42 DH")
904 IMPLEMENT_TEST_SUITE_PARAMS(DHX
, "X9.42 DH")
906 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
907 * so no legacy tests.
910 #ifndef OPENSSL_NO_DSA
912 IMPLEMENT_TEST_SUITE(DSA
, "DSA")
913 IMPLEMENT_TEST_SUITE_PARAMS(DSA
, "DSA")
914 IMPLEMENT_TEST_SUITE_LEGACY(DSA
, "DSA")
915 IMPLEMENT_TEST_SUITE_MSBLOB(DSA
, "DSA")
916 # ifndef OPENSSL_NO_RC4
917 IMPLEMENT_TEST_SUITE_PVK(DSA
, "DSA")
920 #ifndef OPENSSL_NO_EC
922 IMPLEMENT_TEST_SUITE(EC
, "EC")
923 IMPLEMENT_TEST_SUITE_PARAMS(EC
, "EC")
924 IMPLEMENT_TEST_SUITE_LEGACY(EC
, "EC")
925 DOMAIN_KEYS(ECExplicitPrimeNamedCurve
);
926 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve
, "EC")
927 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve
, "EC")
928 DOMAIN_KEYS(ECExplicitPrime2G
);
929 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G
, "EC")
930 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G
, "EC")
931 # ifndef OPENSSL_NO_EC2M
932 DOMAIN_KEYS(ECExplicitTriNamedCurve
);
933 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve
, "EC")
934 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve
, "EC")
935 DOMAIN_KEYS(ECExplicitTri2G
);
936 IMPLEMENT_TEST_SUITE(ECExplicitTri2G
, "EC")
937 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G
, "EC")
940 IMPLEMENT_TEST_SUITE(ED25519
, "ED25519")
942 IMPLEMENT_TEST_SUITE(ED448
, "ED448")
944 IMPLEMENT_TEST_SUITE(X25519
, "X25519")
946 IMPLEMENT_TEST_SUITE(X448
, "X448")
948 * ED25519, ED448, X25519 and X448 have no support for
949 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
953 IMPLEMENT_TEST_SUITE(RSA
, "RSA")
954 IMPLEMENT_TEST_SUITE_LEGACY(RSA
, "RSA")
956 IMPLEMENT_TEST_SUITE(RSA_PSS
, "RSA-PSS")
958 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
959 * so no legacy tests.
961 #ifndef OPENSSL_NO_DSA
962 IMPLEMENT_TEST_SUITE_MSBLOB(RSA
, "RSA")
963 # ifndef OPENSSL_NO_RC4
964 IMPLEMENT_TEST_SUITE_PVK(RSA
, "RSA")
968 #ifndef OPENSSL_NO_EC
969 /* Explicit parameters that match a named curve */
970 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD
*bld
,
971 const unsigned char *gen
,
974 BIGNUM
*a
, *b
, *prime
, *order
;
976 /* Curve prime256v1 */
977 static const unsigned char prime_data
[] = {
978 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
979 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
980 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
981 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
984 static const unsigned char a_data
[] = {
985 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
986 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
987 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
988 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
991 static const unsigned char b_data
[] = {
992 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
993 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
994 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
995 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
997 static const unsigned char seed
[] = {
998 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
999 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1000 0x81, 0x9f, 0x7e, 0x90
1002 static const unsigned char order_data
[] = {
1003 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1004 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1005 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1006 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1008 return TEST_ptr(a
= BN_CTX_get(bnctx
))
1009 && TEST_ptr(b
= BN_CTX_get(bnctx
))
1010 && TEST_ptr(prime
= BN_CTX_get(bnctx
))
1011 && TEST_ptr(order
= BN_CTX_get(bnctx
))
1012 && TEST_ptr(BN_bin2bn(prime_data
, sizeof(prime_data
), prime
))
1013 && TEST_ptr(BN_bin2bn(a_data
, sizeof(a_data
), a
))
1014 && TEST_ptr(BN_bin2bn(b_data
, sizeof(b_data
), b
))
1015 && TEST_ptr(BN_bin2bn(order_data
, sizeof(order_data
), order
))
1016 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
1017 OSSL_PKEY_PARAM_EC_FIELD_TYPE
, SN_X9_62_prime_field
,
1019 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_P
, prime
))
1020 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_A
, a
))
1021 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_B
, b
))
1022 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
1023 OSSL_PKEY_PARAM_EC_ORDER
, order
))
1024 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1025 OSSL_PKEY_PARAM_EC_GENERATOR
, gen
, gen_len
))
1026 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1027 OSSL_PKEY_PARAM_EC_SEED
, seed
, sizeof(seed
)))
1028 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_COFACTOR
,
1032 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD
*bld
)
1034 static const unsigned char prime256v1_gen
[] = {
1036 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1037 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1038 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1039 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1040 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1041 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1042 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1043 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1045 return do_create_ec_explicit_prime_params(bld
, prime256v1_gen
,
1046 sizeof(prime256v1_gen
));
1049 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD
*bld
)
1052 static const unsigned char prime256v1_gen2
[] = {
1054 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1055 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1056 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1057 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1058 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1059 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1060 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1061 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1063 return do_create_ec_explicit_prime_params(bld
, prime256v1_gen2
,
1064 sizeof(prime256v1_gen2
));
1067 # ifndef OPENSSL_NO_EC2M
1068 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD
*bld
,
1069 const unsigned char *gen
,
1072 BIGNUM
*a
, *b
, *poly
, *order
, *cofactor
;
1073 /* sect233k1 characteristic-two-field tpBasis */
1074 static const unsigned char poly_data
[] = {
1075 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1076 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1077 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1079 static const unsigned char a_data
[] = {
1080 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1081 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1082 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1084 static const unsigned char b_data
[] = {
1085 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1086 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1087 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1089 static const unsigned char order_data
[] = {
1090 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1091 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1092 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1094 static const unsigned char cofactor_data
[]= {
1097 return TEST_ptr(a
= BN_CTX_get(bnctx
))
1098 && TEST_ptr(b
= BN_CTX_get(bnctx
))
1099 && TEST_ptr(poly
= BN_CTX_get(bnctx
))
1100 && TEST_ptr(order
= BN_CTX_get(bnctx
))
1101 && TEST_ptr(cofactor
= BN_CTX_get(bnctx
))
1102 && TEST_ptr(BN_bin2bn(poly_data
, sizeof(poly_data
), poly
))
1103 && TEST_ptr(BN_bin2bn(a_data
, sizeof(a_data
), a
))
1104 && TEST_ptr(BN_bin2bn(b_data
, sizeof(b_data
), b
))
1105 && TEST_ptr(BN_bin2bn(order_data
, sizeof(order_data
), order
))
1106 && TEST_ptr(BN_bin2bn(cofactor_data
, sizeof(cofactor_data
), cofactor
))
1107 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
1108 OSSL_PKEY_PARAM_EC_FIELD_TYPE
,
1109 SN_X9_62_characteristic_two_field
, 0))
1110 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_P
, poly
))
1111 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_A
, a
))
1112 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_B
, b
))
1113 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
1114 OSSL_PKEY_PARAM_EC_ORDER
, order
))
1115 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1116 OSSL_PKEY_PARAM_EC_GENERATOR
, gen
, gen_len
))
1117 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_COFACTOR
,
1121 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD
*bld
)
1123 static const unsigned char gen
[] = {
1125 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1126 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1127 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1128 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1129 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1130 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1132 return do_create_ec_explicit_trinomial_params(bld
, gen
, sizeof(gen
));
1135 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD
*bld
)
1137 static const unsigned char gen2
[] = {
1139 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1140 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1141 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1142 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1143 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1144 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1146 return do_create_ec_explicit_trinomial_params(bld
, gen2
, sizeof(gen2
));
1148 # endif /* OPENSSL_NO_EC2M */
1149 #endif /* OPENSSL_NO_EC */
1151 int setup_tests(void)
1155 #ifndef OPENSSL_NO_DSA
1156 static size_t qbits
= 160; /* PVK only tolerates 160 Q bits */
1157 static size_t pbits
= 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1158 OSSL_PARAM DSA_params
[] = {
1159 OSSL_PARAM_size_t("pbits", &pbits
),
1160 OSSL_PARAM_size_t("qbits", &qbits
),
1165 #ifndef OPENSSL_NO_EC
1166 static char groupname
[] = "prime256v1";
1167 OSSL_PARAM EC_params
[] = {
1168 OSSL_PARAM_utf8_string("group", groupname
, sizeof(groupname
) - 1),
1173 /* 7 is the default magic number */
1174 static unsigned int rsapss_min_saltlen
= 7;
1175 OSSL_PARAM RSA_PSS_params
[] = {
1176 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen
),
1180 #ifndef OPENSSL_NO_EC
1181 if (!TEST_ptr(bnctx
= BN_CTX_new_ex(NULL
))
1182 || !TEST_ptr(bld_prime_nc
= OSSL_PARAM_BLD_new())
1183 || !TEST_ptr(bld_prime
= OSSL_PARAM_BLD_new())
1184 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc
)
1185 || !create_ec_explicit_prime_params(bld_prime
)
1186 || !TEST_ptr(ec_explicit_prime_params_nc
= OSSL_PARAM_BLD_to_param(bld_prime_nc
))
1187 || !TEST_ptr(ec_explicit_prime_params_explicit
= OSSL_PARAM_BLD_to_param(bld_prime
))
1188 # ifndef OPENSSL_NO_EC2M
1189 || !TEST_ptr(bld_tri_nc
= OSSL_PARAM_BLD_new())
1190 || !TEST_ptr(bld_tri
= OSSL_PARAM_BLD_new())
1191 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc
)
1192 || !create_ec_explicit_trinomial_params(bld_tri
)
1193 || !TEST_ptr(ec_explicit_tri_params_nc
= OSSL_PARAM_BLD_to_param(bld_tri_nc
))
1194 || !TEST_ptr(ec_explicit_tri_params_explicit
= OSSL_PARAM_BLD_to_param(bld_tri
))
1200 TEST_info("Generating keys...");
1202 #ifndef OPENSSL_NO_DH
1203 MAKE_DOMAIN_KEYS(DH
, "DH", NULL
);
1204 MAKE_DOMAIN_KEYS(DHX
, "X9.42 DH", NULL
);
1205 TEST_info("Generating keys...DH done");
1207 #ifndef OPENSSL_NO_DSA
1208 MAKE_DOMAIN_KEYS(DSA
, "DSA", DSA_params
);
1209 TEST_info("Generating keys...DSA done");
1211 #ifndef OPENSSL_NO_EC
1212 MAKE_DOMAIN_KEYS(EC
, "EC", EC_params
);
1213 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve
, "EC", ec_explicit_prime_params_nc
);
1214 MAKE_DOMAIN_KEYS(ECExplicitPrime2G
, "EC", ec_explicit_prime_params_explicit
);
1215 # ifndef OPENSSL_NO_EC2M
1216 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve
, "EC", ec_explicit_tri_params_nc
);
1217 MAKE_DOMAIN_KEYS(ECExplicitTri2G
, "EC", ec_explicit_tri_params_explicit
);
1219 MAKE_KEYS(ED25519
, "ED25519", NULL
);
1220 MAKE_KEYS(ED448
, "ED448", NULL
);
1221 MAKE_KEYS(X25519
, "X25519", NULL
);
1222 MAKE_KEYS(X448
, "X448", NULL
);
1223 TEST_info("Generating keys...EC done");
1225 MAKE_KEYS(RSA
, "RSA", NULL
);
1226 TEST_info("Generating keys...RSA done");
1227 MAKE_KEYS(RSA_PSS
, "RSA-PSS", RSA_PSS_params
);
1228 TEST_info("Generating keys...RSA_PSS done");
1231 #ifndef OPENSSL_NO_DH
1233 ADD_TEST_SUITE_PARAMS(DH
);
1234 ADD_TEST_SUITE(DHX
);
1235 ADD_TEST_SUITE_PARAMS(DHX
);
1237 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1238 * so no legacy tests.
1241 #ifndef OPENSSL_NO_DSA
1242 ADD_TEST_SUITE(DSA
);
1243 ADD_TEST_SUITE_PARAMS(DSA
);
1244 ADD_TEST_SUITE_LEGACY(DSA
);
1245 ADD_TEST_SUITE_MSBLOB(DSA
);
1246 # ifndef OPENSSL_NO_RC4
1247 ADD_TEST_SUITE_PVK(DSA
);
1250 #ifndef OPENSSL_NO_EC
1252 ADD_TEST_SUITE_PARAMS(EC
);
1253 ADD_TEST_SUITE_LEGACY(EC
);
1254 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve
);
1255 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve
);
1256 ADD_TEST_SUITE(ECExplicitPrime2G
);
1257 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G
);
1258 # ifndef OPENSSL_NO_EC2M
1259 ADD_TEST_SUITE(ECExplicitTriNamedCurve
);
1260 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve
);
1261 ADD_TEST_SUITE(ECExplicitTri2G
);
1262 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G
);
1264 ADD_TEST_SUITE(ED25519
);
1265 ADD_TEST_SUITE(ED448
);
1266 ADD_TEST_SUITE(X25519
);
1267 ADD_TEST_SUITE(X448
);
1269 * ED25519, ED448, X25519 and X448 have no support for
1270 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1273 ADD_TEST_SUITE(RSA
);
1274 ADD_TEST_SUITE_LEGACY(RSA
);
1275 ADD_TEST_SUITE(RSA_PSS
);
1277 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1278 * so no legacy tests.
1280 #ifndef OPENSSL_NO_DSA
1281 ADD_TEST_SUITE_MSBLOB(RSA
);
1282 # ifndef OPENSSL_NO_RC4
1283 ADD_TEST_SUITE_PVK(RSA
);
1291 void cleanup_tests(void)
1293 #ifndef OPENSSL_NO_EC
1294 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc
);
1295 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit
);
1296 OSSL_PARAM_BLD_free(bld_prime_nc
);
1297 OSSL_PARAM_BLD_free(bld_prime
);
1298 # ifndef OPENSSL_NO_EC2M
1299 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc
);
1300 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit
);
1301 OSSL_PARAM_BLD_free(bld_tri_nc
);
1302 OSSL_PARAM_BLD_free(bld_tri
);
1305 #endif /* OPENSSL_NO_EC */
1307 #ifndef OPENSSL_NO_DH
1308 FREE_DOMAIN_KEYS(DH
);
1309 FREE_DOMAIN_KEYS(DHX
);
1311 #ifndef OPENSSL_NO_DSA
1312 FREE_DOMAIN_KEYS(DSA
);
1314 #ifndef OPENSSL_NO_EC
1315 FREE_DOMAIN_KEYS(EC
);
1316 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve
);
1317 FREE_DOMAIN_KEYS(ECExplicitPrime2G
);
1318 # ifndef OPENSSL_NO_EC2M
1319 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve
);
1320 FREE_DOMAIN_KEYS(ECExplicitTri2G
);