]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/endecode_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix BIO_get_new_index() to return an error when it is exhausted.
[thirdparty/openssl.git] / test / endecode_test.c
1 /*
2 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
21
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
24 #include "crypto/evp.h" /* For evp_pkey_is_provided() */
25
26 #include "helpers/predefined_dhparams.h"
27 #include "testutil.h"
28
29 #ifdef STATIC_LEGACY
30 OSSL_provider_init_fn ossl_legacy_provider_init;
31 #endif
32
33 /* Extended test macros to allow passing file & line number */
34 #define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
35 #define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
36 #define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
37 #define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
38 #define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
39 #define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
40 #define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
41 #define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
42 #define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
43
44 #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
45 # define OPENSSL_NO_KEYPARAMS
46 #endif
47
48 static int default_libctx = 1;
49 static int is_fips = 0;
50 static int is_fips_3_0_0 = 0;
51
52 static OSSL_LIB_CTX *testctx = NULL;
53 static OSSL_LIB_CTX *keyctx = NULL;
54 static char *testpropq = NULL;
55
56 static OSSL_PROVIDER *nullprov = NULL;
57 static OSSL_PROVIDER *deflprov = NULL;
58 static OSSL_PROVIDER *keyprov = NULL;
59
60 #ifndef OPENSSL_NO_EC
61 static BN_CTX *bnctx = NULL;
62 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
63 static OSSL_PARAM_BLD *bld_prime = NULL;
64 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
65 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
66
67 # ifndef OPENSSL_NO_EC2M
68 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
69 static OSSL_PARAM_BLD *bld_tri = NULL;
70 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
71 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
72 # endif
73 #endif
74
75 #ifndef OPENSSL_NO_KEYPARAMS
76 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
77 {
78 EVP_PKEY *pkey = NULL;
79 EVP_PKEY_CTX *ctx = NULL;
80
81 # ifndef OPENSSL_NO_DH
82 /*
83 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
84 * for testing only. Use a minimum key size of 2048 for security purposes.
85 */
86 if (strcmp(type, "DH") == 0)
87 return get_dh512(keyctx);
88
89 if (strcmp(type, "X9.42 DH") == 0)
90 return get_dhx512(keyctx);
91 # endif
92
93 /*
94 * No real need to check the errors other than for the cascade
95 * effect. |pkey| will simply remain NULL if something goes wrong.
96 */
97 (void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL
98 && EVP_PKEY_paramgen_init(ctx) > 0
99 && (genparams == NULL
100 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
101 && EVP_PKEY_generate(ctx, &pkey) > 0);
102 EVP_PKEY_CTX_free(ctx);
103
104 return pkey;
105 }
106 #endif
107
108 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
109 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
110 OSSL_PARAM *genparams)
111 {
112 EVP_PKEY *pkey = NULL;
113 EVP_PKEY_CTX *ctx =
114 template != NULL
115 ? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq)
116 : EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq);
117
118 /*
119 * No real need to check the errors other than for the cascade
120 * effect. |pkey| will simply remain NULL if something goes wrong.
121 */
122 (void)(ctx != NULL
123 && EVP_PKEY_keygen_init(ctx) > 0
124 && (genparams == NULL
125 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
126 && EVP_PKEY_keygen(ctx, &pkey) > 0);
127 EVP_PKEY_CTX_free(ctx);
128 return pkey;
129 }
130 #endif
131
132 /* Main test driver */
133
134 typedef int (encoder)(const char *file, const int line,
135 void **encoded, long *encoded_len,
136 void *object, int selection,
137 const char *output_type, const char *output_structure,
138 const char *pass, const char *pcipher);
139 typedef int (decoder)(const char *file, const int line,
140 void **object, void *encoded, long encoded_len,
141 const char *input_type, const char *structure_type,
142 const char *keytype, int selection, const char *pass);
143 typedef int (tester)(const char *file, const int line,
144 const void *data1, size_t data1_len,
145 const void *data2, size_t data2_len);
146 typedef int (checker)(const char *file, const int line,
147 const char *type, const void *data, size_t data_len);
148 typedef void (dumper)(const char *label, const void *data, size_t data_len);
149
150 #define FLAG_DECODE_WITH_TYPE 0x0001
151 #define FLAG_FAIL_IF_FIPS 0x0002
152
153 static int test_encode_decode(const char *file, const int line,
154 const char *type, EVP_PKEY *pkey,
155 int selection, const char *output_type,
156 const char *output_structure,
157 const char *pass, const char *pcipher,
158 encoder *encode_cb, decoder *decode_cb,
159 tester *test_cb, checker *check_cb,
160 dumper *dump_cb, int flags)
161 {
162 void *encoded = NULL;
163 long encoded_len = 0;
164 EVP_PKEY *pkey2 = NULL;
165 EVP_PKEY *pkey3 = NULL;
166 void *encoded2 = NULL;
167 long encoded2_len = 0;
168 int ok = 0;
169
170 /*
171 * Encode |pkey|, decode the result into |pkey2|, and finish off by
172 * encoding |pkey2| as well. That last encoding is for checking and
173 * dumping purposes.
174 */
175 if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
176 output_type, output_structure, pass, pcipher)))
177 goto end;
178
179 if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips && !is_fips_3_0_0) {
180 if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
181 encoded_len, output_type, output_structure,
182 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
183 selection, pass)))
184 ok = 1;
185 goto end;
186 }
187
188 if (!TEST_true(check_cb(file, line, type, encoded, encoded_len))
189 || !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
190 output_type, output_structure,
191 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
192 selection, pass))
193 || ((output_structure == NULL
194 || strcmp(output_structure, "type-specific") != 0)
195 && !TEST_true(decode_cb(file, line, (void **)&pkey3, encoded, encoded_len,
196 output_type, output_structure,
197 (flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
198 0, pass)))
199 || !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
200 output_type, output_structure, pass, pcipher)))
201 goto end;
202
203 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
204 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1)
205 || (pkey3 != NULL
206 && !TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey3), 1)))
207 goto end;
208 } else {
209 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)
210 || (pkey3 != NULL
211 && !TEST_int_eq(EVP_PKEY_eq(pkey, pkey3), 1)))
212 goto end;
213 }
214
215 /*
216 * Double check the encoding, but only for unprotected keys,
217 * as protected keys have a random component, which makes the output
218 * differ.
219 */
220 if ((pass == NULL && pcipher == NULL)
221 && !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
222 goto end;
223
224 ok = 1;
225 end:
226 if (!ok) {
227 if (encoded != NULL && encoded_len != 0)
228 dump_cb("|pkey| encoded", encoded, encoded_len);
229 if (encoded2 != NULL && encoded2_len != 0)
230 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
231 }
232
233 OPENSSL_free(encoded);
234 OPENSSL_free(encoded2);
235 EVP_PKEY_free(pkey2);
236 EVP_PKEY_free(pkey3);
237 return ok;
238 }
239
240 /* Encoding and decoding methods */
241
242 static int encode_EVP_PKEY_prov(const char *file, const int line,
243 void **encoded, long *encoded_len,
244 void *object, int selection,
245 const char *output_type,
246 const char *output_structure,
247 const char *pass, const char *pcipher)
248 {
249 EVP_PKEY *pkey = object;
250 OSSL_ENCODER_CTX *ectx = NULL;
251 BIO *mem_ser = NULL;
252 BUF_MEM *mem_buf = NULL;
253 const unsigned char *upass = (const unsigned char *)pass;
254 int ok = 0;
255
256 if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
257 output_type,
258 output_structure,
259 testpropq))
260 || !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
261 || (pass != NULL
262 && !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
263 strlen(pass))))
264 || (pcipher != NULL
265 && !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
266 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
267 || !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
268 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
269 || !TEST_FL_ptr(*encoded = mem_buf->data)
270 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
271 goto end;
272
273 /* Detach the encoded output */
274 mem_buf->data = NULL;
275 mem_buf->length = 0;
276 ok = 1;
277 end:
278 BIO_free(mem_ser);
279 OSSL_ENCODER_CTX_free(ectx);
280 return ok;
281 }
282
283 static int decode_EVP_PKEY_prov(const char *file, const int line,
284 void **object, void *encoded, long encoded_len,
285 const char *input_type,
286 const char *structure_type,
287 const char *keytype, int selection,
288 const char *pass)
289 {
290 EVP_PKEY *pkey = NULL, *testpkey = NULL;
291 OSSL_DECODER_CTX *dctx = NULL;
292 BIO *encoded_bio = NULL;
293 const unsigned char *upass = (const unsigned char *)pass;
294 int ok = 0;
295 int i;
296 const char *badtype;
297
298 if (strcmp(input_type, "DER") == 0)
299 badtype = "PEM";
300 else
301 badtype = "DER";
302
303 if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
304 goto end;
305
306 /*
307 * We attempt the decode 3 times. The first time we provide the expected
308 * starting input type. The second time we provide NULL for the starting
309 * type. The third time we provide a bad starting input type.
310 * The bad starting input type should fail. The other two should succeed
311 * and produce the same result.
312 */
313 for (i = 0; i < 3; i++) {
314 const char *testtype = (i == 0) ? input_type
315 : ((i == 1) ? NULL : badtype);
316
317 if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
318 testtype,
319 structure_type,
320 keytype,
321 selection,
322 testctx, testpropq))
323 || (pass != NULL
324 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
325 || !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
326 /* We expect to fail when using a bad input type */
327 || !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
328 (i == 2) ? 0 : 1))
329 goto end;
330 OSSL_DECODER_CTX_free(dctx);
331 dctx = NULL;
332
333 if (i == 0) {
334 pkey = testpkey;
335 testpkey = NULL;
336 } else if (i == 1) {
337 if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
338 if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
339 goto end;
340 } else {
341 if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
342 goto end;
343 }
344 }
345 }
346 ok = 1;
347 *object = pkey;
348 pkey = NULL;
349
350 end:
351 EVP_PKEY_free(pkey);
352 EVP_PKEY_free(testpkey);
353 BIO_free(encoded_bio);
354 OSSL_DECODER_CTX_free(dctx);
355 return ok;
356 }
357
358 static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
359 void **encoded, long *encoded_len,
360 void *object, ossl_unused int selection,
361 ossl_unused const char *output_type,
362 ossl_unused const char *output_structure,
363 const char *pass, const char *pcipher)
364 {
365 EVP_PKEY *pkey = object;
366 EVP_CIPHER *cipher = NULL;
367 BIO *mem_ser = NULL;
368 BUF_MEM *mem_buf = NULL;
369 const unsigned char *upass = (const unsigned char *)pass;
370 size_t passlen = 0;
371 int ok = 0;
372
373 if (pcipher != NULL && pass != NULL) {
374 passlen = strlen(pass);
375 if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq)))
376 goto end;
377 }
378 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
379 || !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
380 cipher,
381 upass, passlen,
382 NULL, NULL))
383 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
384 || !TEST_FL_ptr(*encoded = mem_buf->data)
385 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
386 goto end;
387
388 /* Detach the encoded output */
389 mem_buf->data = NULL;
390 mem_buf->length = 0;
391 ok = 1;
392 end:
393 BIO_free(mem_ser);
394 EVP_CIPHER_free(cipher);
395 return ok;
396 }
397
398 static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
399 void **encoded, long *encoded_len,
400 void *object, int selection,
401 ossl_unused const char *output_type,
402 ossl_unused const char *output_structure,
403 ossl_unused const char *pass,
404 ossl_unused const char *pcipher)
405 {
406 EVP_PKEY *pkey = object;
407 BIO *mem_ser = NULL;
408 BUF_MEM *mem_buf = NULL;
409 int ok = 0;
410
411 if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
412 goto end;
413
414 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
415 if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
416 goto end;
417 } else {
418 if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
419 goto end;
420 }
421
422 if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
423 || !TEST_FL_ptr(*encoded = mem_buf->data)
424 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
425 goto end;
426
427 /* Detach the encoded output */
428 mem_buf->data = NULL;
429 mem_buf->length = 0;
430 ok = 1;
431 end:
432 BIO_free(mem_ser);
433 return ok;
434 }
435
436 static pem_password_cb pass_pw;
437 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
438 {
439 OPENSSL_strlcpy(buf, userdata, size);
440 return strlen(userdata);
441 }
442
443 static int encode_EVP_PKEY_PVK(const char *file, const int line,
444 void **encoded, long *encoded_len,
445 void *object, int selection,
446 ossl_unused const char *output_type,
447 ossl_unused const char *output_structure,
448 const char *pass,
449 ossl_unused const char *pcipher)
450 {
451 EVP_PKEY *pkey = object;
452 BIO *mem_ser = NULL;
453 BUF_MEM *mem_buf = NULL;
454 int enc = (pass != NULL);
455 int ok = 0;
456
457 if (!TEST_FL_true(ossl_assert((selection
458 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
459 || !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
460 || !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc,
461 pass_pw, (void *)pass, testctx, testpropq), 0)
462 || !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
463 || !TEST_FL_ptr(*encoded = mem_buf->data)
464 || !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
465 goto end;
466
467 /* Detach the encoded output */
468 mem_buf->data = NULL;
469 mem_buf->length = 0;
470 ok = 1;
471 end:
472 BIO_free(mem_ser);
473 return ok;
474 }
475
476 static int test_text(const char *file, const int line,
477 const void *data1, size_t data1_len,
478 const void *data2, size_t data2_len)
479 {
480 return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
481 }
482
483 static int test_mem(const char *file, const int line,
484 const void *data1, size_t data1_len,
485 const void *data2, size_t data2_len)
486 {
487 return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
488 }
489
490 /* Test cases and their dumpers / checkers */
491
492 static void collect_name(const char *name, void *arg)
493 {
494 char **namelist = arg;
495 char *new_namelist;
496 size_t space;
497
498 space = strlen(name);
499 if (*namelist != NULL)
500 space += strlen(*namelist) + 2 /* for comma and space */;
501 space++; /* for terminating null byte */
502
503 new_namelist = OPENSSL_realloc(*namelist, space);
504 if (new_namelist == NULL)
505 return;
506 if (*namelist != NULL) {
507 strcat(new_namelist, ", ");
508 strcat(new_namelist, name);
509 } else {
510 strcpy(new_namelist, name);
511 }
512 *namelist = new_namelist;
513 }
514
515 static void dump_der(const char *label, const void *data, size_t data_len)
516 {
517 test_output_memory(label, data, data_len);
518 }
519
520 static void dump_pem(const char *label, const void *data, size_t data_len)
521 {
522 test_output_string(label, data, data_len - 1);
523 }
524
525 static int check_unprotected_PKCS8_DER(const char *file, const int line,
526 const char *type,
527 const void *data, size_t data_len)
528 {
529 const unsigned char *datap = data;
530 PKCS8_PRIV_KEY_INFO *p8inf =
531 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
532 int ok = 0;
533
534 if (TEST_FL_ptr(p8inf)) {
535 EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq);
536 char *namelist = NULL;
537
538 if (TEST_FL_ptr(pkey)) {
539 if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
540 EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist);
541 if (namelist != NULL)
542 TEST_note("%s isn't any of %s", type, namelist);
543 OPENSSL_free(namelist);
544 }
545 ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey));
546 EVP_PKEY_free(pkey);
547 }
548 }
549 PKCS8_PRIV_KEY_INFO_free(p8inf);
550 return ok;
551 }
552
553 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key, int fips)
554 {
555 return test_encode_decode(__FILE__, __LINE__, type, key,
556 OSSL_KEYMGMT_SELECT_KEYPAIR
557 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
558 "DER", "PrivateKeyInfo", NULL, NULL,
559 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
560 test_mem, check_unprotected_PKCS8_DER,
561 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
562 }
563
564 static int check_unprotected_PKCS8_PEM(const char *file, const int line,
565 const char *type,
566 const void *data, size_t data_len)
567 {
568 static const char expected_pem_header[] =
569 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
570
571 return TEST_FL_strn_eq(data, expected_pem_header,
572 sizeof(expected_pem_header) - 1);
573 }
574
575 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key, int fips)
576 {
577 return test_encode_decode(__FILE__, __LINE__, type, key,
578 OSSL_KEYMGMT_SELECT_KEYPAIR
579 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
580 "PEM", "PrivateKeyInfo", NULL, NULL,
581 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
582 test_text, check_unprotected_PKCS8_PEM,
583 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
584 }
585
586 #ifndef OPENSSL_NO_KEYPARAMS
587 static int check_params_DER(const char *file, const int line,
588 const char *type, const void *data, size_t data_len)
589 {
590 const unsigned char *datap = data;
591 int ok = 0;
592 int itype = NID_undef;
593 EVP_PKEY *pkey = NULL;
594
595 if (strcmp(type, "DH") == 0)
596 itype = EVP_PKEY_DH;
597 else if (strcmp(type, "X9.42 DH") == 0)
598 itype = EVP_PKEY_DHX;
599 else if (strcmp(type, "DSA") == 0)
600 itype = EVP_PKEY_DSA;
601 else if (strcmp(type, "EC") == 0)
602 itype = EVP_PKEY_EC;
603
604 if (itype != NID_undef) {
605 pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
606 ok = (pkey != NULL);
607 EVP_PKEY_free(pkey);
608 }
609
610 return ok;
611 }
612
613 static int check_params_PEM(const char *file, const int line,
614 const char *type,
615 const void *data, size_t data_len)
616 {
617 static char expected_pem_header[80];
618
619 return
620 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
621 sizeof(expected_pem_header),
622 "-----BEGIN %s PARAMETERS-----", type), 0)
623 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
624 }
625
626 static int test_params_via_DER(const char *type, EVP_PKEY *key)
627 {
628 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
629 "DER", "type-specific", NULL, NULL,
630 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
631 test_mem, check_params_DER,
632 dump_der, FLAG_DECODE_WITH_TYPE);
633 }
634
635 static int test_params_via_PEM(const char *type, EVP_PKEY *key)
636 {
637 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
638 "PEM", "type-specific", NULL, NULL,
639 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
640 test_text, check_params_PEM,
641 dump_pem, 0);
642 }
643 #endif /* !OPENSSL_NO_KEYPARAMS */
644
645 static int check_unprotected_legacy_PEM(const char *file, const int line,
646 const char *type,
647 const void *data, size_t data_len)
648 {
649 static char expected_pem_header[80];
650
651 return
652 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
653 sizeof(expected_pem_header),
654 "-----BEGIN %s PRIVATE KEY-----", type), 0)
655 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
656 }
657
658 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
659 {
660 if (!default_libctx || is_fips)
661 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
662
663 return test_encode_decode(__FILE__, __LINE__, type, key,
664 OSSL_KEYMGMT_SELECT_KEYPAIR
665 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
666 "PEM", "type-specific", NULL, NULL,
667 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
668 test_text, check_unprotected_legacy_PEM,
669 dump_pem, 0);
670 }
671
672 static int check_MSBLOB(const char *file, const int line,
673 const char *type, const void *data, size_t data_len)
674 {
675 const unsigned char *datap = data;
676 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
677 int ok = TEST_FL_ptr(pkey);
678
679 EVP_PKEY_free(pkey);
680 return ok;
681 }
682
683 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
684 {
685 return test_encode_decode(__FILE__, __LINE__, type, key,
686 OSSL_KEYMGMT_SELECT_KEYPAIR
687 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
688 "MSBLOB", NULL, NULL, NULL,
689 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
690 test_mem, check_MSBLOB,
691 dump_der, 0);
692 }
693
694 static int check_PVK(const char *file, const int line,
695 const char *type, const void *data, size_t data_len)
696 {
697 const unsigned char *in = data;
698 unsigned int saltlen = 0, keylen = 0;
699 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
700
701 return ok;
702 }
703
704 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
705 {
706 return test_encode_decode(__FILE__, __LINE__, type, key,
707 OSSL_KEYMGMT_SELECT_KEYPAIR
708 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
709 "PVK", NULL, NULL, NULL,
710 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
711 test_mem, check_PVK,
712 dump_der, 0);
713 }
714
715 static const char *pass_cipher = "AES-256-CBC";
716 static const char *pass = "the holy handgrenade of antioch";
717
718 static int check_protected_PKCS8_DER(const char *file, const int line,
719 const char *type,
720 const void *data, size_t data_len)
721 {
722 const unsigned char *datap = data;
723 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
724 int ok = TEST_FL_ptr(p8);
725
726 X509_SIG_free(p8);
727 return ok;
728 }
729
730 static int test_protected_via_DER(const char *type, EVP_PKEY *key, int fips)
731 {
732 return test_encode_decode(__FILE__, __LINE__, type, key,
733 OSSL_KEYMGMT_SELECT_KEYPAIR
734 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
735 "DER", "EncryptedPrivateKeyInfo",
736 pass, pass_cipher,
737 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
738 test_mem, check_protected_PKCS8_DER,
739 dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
740 }
741
742 static int check_protected_PKCS8_PEM(const char *file, const int line,
743 const char *type,
744 const void *data, size_t data_len)
745 {
746 static const char expected_pem_header[] =
747 "-----BEGIN " PEM_STRING_PKCS8 "-----";
748
749 return TEST_FL_strn_eq(data, expected_pem_header,
750 sizeof(expected_pem_header) - 1);
751 }
752
753 static int test_protected_via_PEM(const char *type, EVP_PKEY *key, int fips)
754 {
755 return test_encode_decode(__FILE__, __LINE__, type, key,
756 OSSL_KEYMGMT_SELECT_KEYPAIR
757 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
758 "PEM", "EncryptedPrivateKeyInfo",
759 pass, pass_cipher,
760 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
761 test_text, check_protected_PKCS8_PEM,
762 dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
763 }
764
765 static int check_protected_legacy_PEM(const char *file, const int line,
766 const char *type,
767 const void *data, size_t data_len)
768 {
769 static char expected_pem_header[80];
770
771 return
772 TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
773 sizeof(expected_pem_header),
774 "-----BEGIN %s PRIVATE KEY-----", type), 0)
775 && TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
776 && TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
777 }
778
779 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
780 {
781 if (!default_libctx || is_fips)
782 return TEST_skip("Test not available if using a non-default library context or FIPS provider");
783
784 return test_encode_decode(__FILE__, __LINE__, type, key,
785 OSSL_KEYMGMT_SELECT_KEYPAIR
786 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
787 "PEM", "type-specific", pass, pass_cipher,
788 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
789 test_text, check_protected_legacy_PEM,
790 dump_pem, 0);
791 }
792
793 #ifndef OPENSSL_NO_RC4
794 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
795 {
796 int ret = 0;
797 OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
798 if (lgcyprov == NULL)
799 return TEST_skip("Legacy provider not available");
800
801 ret = test_encode_decode(__FILE__, __LINE__, type, key,
802 OSSL_KEYMGMT_SELECT_KEYPAIR
803 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
804 "PVK", NULL, pass, NULL,
805 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
806 test_mem, check_PVK, dump_der, 0);
807 OSSL_PROVIDER_unload(lgcyprov);
808 return ret;
809 }
810 #endif
811
812 static int check_public_DER(const char *file, const int line,
813 const char *type, const void *data, size_t data_len)
814 {
815 const unsigned char *datap = data;
816 EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq);
817 int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
818
819 EVP_PKEY_free(pkey);
820 return ok;
821 }
822
823 static int test_public_via_DER(const char *type, EVP_PKEY *key, int fips)
824 {
825 return test_encode_decode(__FILE__, __LINE__, type, key,
826 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
827 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
828 "DER", "SubjectPublicKeyInfo", NULL, NULL,
829 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
830 test_mem, check_public_DER, dump_der,
831 fips ? 0 : FLAG_FAIL_IF_FIPS);
832 }
833
834 static int check_public_PEM(const char *file, const int line,
835 const char *type, const void *data, size_t data_len)
836 {
837 static const char expected_pem_header[] =
838 "-----BEGIN " PEM_STRING_PUBLIC "-----";
839
840 return
841 TEST_FL_strn_eq(data, expected_pem_header,
842 sizeof(expected_pem_header) - 1);
843 }
844
845 static int test_public_via_PEM(const char *type, EVP_PKEY *key, int fips)
846 {
847 return test_encode_decode(__FILE__, __LINE__, type, key,
848 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
849 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
850 "PEM", "SubjectPublicKeyInfo", NULL, NULL,
851 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
852 test_text, check_public_PEM, dump_pem,
853 fips ? 0 : FLAG_FAIL_IF_FIPS);
854 }
855
856 static int check_public_MSBLOB(const char *file, const int line,
857 const char *type,
858 const void *data, size_t data_len)
859 {
860 const unsigned char *datap = data;
861 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
862 int ok = TEST_FL_ptr(pkey);
863
864 EVP_PKEY_free(pkey);
865 return ok;
866 }
867
868 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
869 {
870 return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
871 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
872 "MSBLOB", NULL, NULL, NULL,
873 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
874 test_mem, check_public_MSBLOB, dump_der, 0);
875 }
876
877 #define KEYS(KEYTYPE) \
878 static EVP_PKEY *key_##KEYTYPE = NULL
879 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
880 ok = ok \
881 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
882 #define FREE_KEYS(KEYTYPE) \
883 EVP_PKEY_free(key_##KEYTYPE); \
884
885 #define DOMAIN_KEYS(KEYTYPE) \
886 static EVP_PKEY *template_##KEYTYPE = NULL; \
887 static EVP_PKEY *key_##KEYTYPE = NULL
888 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
889 ok = ok \
890 && TEST_ptr(template_##KEYTYPE = \
891 make_template(KEYTYPEstr, params)) \
892 && TEST_ptr(key_##KEYTYPE = \
893 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
894 #define FREE_DOMAIN_KEYS(KEYTYPE) \
895 EVP_PKEY_free(template_##KEYTYPE); \
896 EVP_PKEY_free(key_##KEYTYPE)
897
898 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \
899 static int test_unprotected_##KEYTYPE##_via_DER(void) \
900 { \
901 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
902 } \
903 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
904 { \
905 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
906 } \
907 static int test_protected_##KEYTYPE##_via_DER(void) \
908 { \
909 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
910 } \
911 static int test_protected_##KEYTYPE##_via_PEM(void) \
912 { \
913 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
914 } \
915 static int test_public_##KEYTYPE##_via_DER(void) \
916 { \
917 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
918 } \
919 static int test_public_##KEYTYPE##_via_PEM(void) \
920 { \
921 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
922 }
923
924 #define ADD_TEST_SUITE(KEYTYPE) \
925 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
926 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
927 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
928 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
929 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
930 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
931
932 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
933 static int test_params_##KEYTYPE##_via_DER(void) \
934 { \
935 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
936 } \
937 static int test_params_##KEYTYPE##_via_PEM(void) \
938 { \
939 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
940 }
941
942 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
943 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
944 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
945
946 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
947 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
948 { \
949 return \
950 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
951 } \
952 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
953 { \
954 return \
955 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
956 }
957
958 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
959 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
960 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
961
962 #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
963 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
964 { \
965 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
966 } \
967 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
968 { \
969 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
970 }
971
972 #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
973 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
974 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
975
976 #define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
977 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
978 { \
979 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
980 }
981 # define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
982 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
983 #ifndef OPENSSL_NO_RC4
984 # define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
985 static int test_protected_##KEYTYPE##_via_PVK(void) \
986 { \
987 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
988 }
989 # define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
990 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
991 #endif
992
993 #ifndef OPENSSL_NO_DH
994 DOMAIN_KEYS(DH);
995 IMPLEMENT_TEST_SUITE(DH, "DH", 1)
996 IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
997 DOMAIN_KEYS(DHX);
998 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1)
999 IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
1000 /*
1001 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1002 * so no legacy tests.
1003 */
1004 #endif
1005 #ifndef OPENSSL_NO_DSA
1006 DOMAIN_KEYS(DSA);
1007 IMPLEMENT_TEST_SUITE(DSA, "DSA", 1)
1008 IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
1009 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
1010 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
1011 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
1012 # ifndef OPENSSL_NO_RC4
1013 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
1014 # endif
1015 #endif
1016 #ifndef OPENSSL_NO_EC
1017 DOMAIN_KEYS(EC);
1018 IMPLEMENT_TEST_SUITE(EC, "EC", 1)
1019 IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
1020 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
1021 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1022 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
1023 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
1024 DOMAIN_KEYS(ECExplicitPrime2G);
1025 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)
1026 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
1027 # ifndef OPENSSL_NO_EC2M
1028 DOMAIN_KEYS(ECExplicitTriNamedCurve);
1029 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
1030 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
1031 DOMAIN_KEYS(ECExplicitTri2G);
1032 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0)
1033 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
1034 # endif
1035 KEYS(ED25519);
1036 IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1)
1037 KEYS(ED448);
1038 IMPLEMENT_TEST_SUITE(ED448, "ED448", 1)
1039 KEYS(X25519);
1040 IMPLEMENT_TEST_SUITE(X25519, "X25519", 1)
1041 KEYS(X448);
1042 IMPLEMENT_TEST_SUITE(X448, "X448", 1)
1043 /*
1044 * ED25519, ED448, X25519 and X448 have no support for
1045 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1046 */
1047 #endif
1048 KEYS(RSA);
1049 IMPLEMENT_TEST_SUITE(RSA, "RSA", 1)
1050 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
1051 KEYS(RSA_PSS);
1052 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1)
1053 /*
1054 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1055 * so no legacy tests.
1056 */
1057 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
1058 IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
1059 #ifndef OPENSSL_NO_RC4
1060 IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1061 #endif
1062
1063 #ifndef OPENSSL_NO_EC
1064 /* Explicit parameters that match a named curve */
1065 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1066 const unsigned char *gen,
1067 size_t gen_len)
1068 {
1069 BIGNUM *a, *b, *prime, *order;
1070
1071 /* Curve prime256v1 */
1072 static const unsigned char prime_data[] = {
1073 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1074 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1075 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1076 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1077 0xff
1078 };
1079 static const unsigned char a_data[] = {
1080 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1081 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1082 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1083 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1084 0xfc
1085 };
1086 static const unsigned char b_data[] = {
1087 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1088 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1089 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1090 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1091 };
1092 static const unsigned char seed[] = {
1093 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1094 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1095 0x81, 0x9f, 0x7e, 0x90
1096 };
1097 static const unsigned char order_data[] = {
1098 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1099 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1100 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1101 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1102 };
1103 return TEST_ptr(a = BN_CTX_get(bnctx))
1104 && TEST_ptr(b = BN_CTX_get(bnctx))
1105 && TEST_ptr(prime = BN_CTX_get(bnctx))
1106 && TEST_ptr(order = BN_CTX_get(bnctx))
1107 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1108 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1109 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1110 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1111 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1112 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1113 0))
1114 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1115 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1116 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1117 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1118 OSSL_PKEY_PARAM_EC_ORDER, order))
1119 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1120 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1121 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1122 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1123 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1124 BN_value_one()));
1125 }
1126
1127 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1128 {
1129 static const unsigned char prime256v1_gen[] = {
1130 0x04,
1131 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1132 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1133 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1134 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1135 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1136 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1137 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1138 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1139 };
1140 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1141 sizeof(prime256v1_gen));
1142 }
1143
1144 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1145 {
1146 /* 2G */
1147 static const unsigned char prime256v1_gen2[] = {
1148 0x04,
1149 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1150 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1151 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1152 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1153 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1154 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1155 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1156 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1157 };
1158 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1159 sizeof(prime256v1_gen2));
1160 }
1161
1162 # ifndef OPENSSL_NO_EC2M
1163 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1164 const unsigned char *gen,
1165 size_t gen_len)
1166 {
1167 BIGNUM *a, *b, *poly, *order, *cofactor;
1168 /* sect233k1 characteristic-two-field tpBasis */
1169 static const unsigned char poly_data[] = {
1170 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1171 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1172 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1173 };
1174 static const unsigned char a_data[] = {
1175 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1176 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1177 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1178 };
1179 static const unsigned char b_data[] = {
1180 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1181 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1182 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1183 };
1184 static const unsigned char order_data[] = {
1185 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1186 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1187 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1188 };
1189 static const unsigned char cofactor_data[]= {
1190 0x4
1191 };
1192 return TEST_ptr(a = BN_CTX_get(bnctx))
1193 && TEST_ptr(b = BN_CTX_get(bnctx))
1194 && TEST_ptr(poly = BN_CTX_get(bnctx))
1195 && TEST_ptr(order = BN_CTX_get(bnctx))
1196 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
1197 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1198 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1199 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1200 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1201 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1202 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1203 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1204 SN_X9_62_characteristic_two_field, 0))
1205 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1206 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1207 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1208 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1209 OSSL_PKEY_PARAM_EC_ORDER, order))
1210 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1211 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1212 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1213 cofactor));
1214 }
1215
1216 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1217 {
1218 static const unsigned char gen[] = {
1219 0x04,
1220 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1221 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1222 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1223 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1224 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1225 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1226 };
1227 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1228 }
1229
1230 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1231 {
1232 static const unsigned char gen2[] = {
1233 0x04,
1234 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1235 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1236 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1237 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1238 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1239 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1240 };
1241 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1242 }
1243 # endif /* OPENSSL_NO_EC2M */
1244 #endif /* OPENSSL_NO_EC */
1245
1246 typedef enum OPTION_choice {
1247 OPT_ERR = -1,
1248 OPT_EOF = 0,
1249 OPT_CONTEXT,
1250 OPT_RSA_FILE,
1251 OPT_RSA_PSS_FILE,
1252 OPT_CONFIG_FILE,
1253 OPT_PROVIDER_NAME,
1254 OPT_TEST_ENUM
1255 } OPTION_CHOICE;
1256
1257 const OPTIONS *test_get_options(void)
1258 {
1259 static const OPTIONS options[] = {
1260 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1261 { "context", OPT_CONTEXT, '-',
1262 "Explicitly use a non-default library context" },
1263 { "rsa", OPT_RSA_FILE, '<',
1264 "PEM format RSA key file to encode/decode" },
1265 { "pss", OPT_RSA_PSS_FILE, '<',
1266 "PEM format RSA-PSS key file to encode/decode" },
1267 { "config", OPT_CONFIG_FILE, '<',
1268 "The configuration file to use for the library context" },
1269 { "provider", OPT_PROVIDER_NAME, 's',
1270 "The provider to load (The default value is 'default')" },
1271 { NULL }
1272 };
1273 return options;
1274 }
1275
1276 int setup_tests(void)
1277 {
1278 const char *rsa_file = NULL;
1279 const char *rsa_pss_file = NULL;
1280 const char *prov_name = "default";
1281 char *config_file = NULL;
1282 int ok = 1;
1283
1284 #ifndef OPENSSL_NO_DSA
1285 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1286 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1287 OSSL_PARAM DSA_params[] = {
1288 OSSL_PARAM_size_t("pbits", &pbits),
1289 OSSL_PARAM_size_t("qbits", &qbits),
1290 OSSL_PARAM_END
1291 };
1292 #endif
1293
1294 #ifndef OPENSSL_NO_EC
1295 static char groupname[] = "prime256v1";
1296 OSSL_PARAM EC_params[] = {
1297 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1298 OSSL_PARAM_END
1299 };
1300 #endif
1301
1302 OPTION_CHOICE o;
1303
1304 while ((o = opt_next()) != OPT_EOF) {
1305 switch (o) {
1306 case OPT_CONTEXT:
1307 default_libctx = 0;
1308 break;
1309 case OPT_PROVIDER_NAME:
1310 prov_name = opt_arg();
1311 break;
1312 case OPT_CONFIG_FILE:
1313 config_file = opt_arg();
1314 break;
1315 case OPT_RSA_FILE:
1316 rsa_file = opt_arg();
1317 break;
1318 case OPT_RSA_PSS_FILE:
1319 rsa_pss_file = opt_arg();
1320 break;
1321 case OPT_TEST_CASES:
1322 break;
1323 default:
1324 return 0;
1325 }
1326 }
1327
1328 if (strcmp(prov_name, "fips") == 0)
1329 is_fips = 1;
1330
1331 if (default_libctx) {
1332 if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name))
1333 return 0;
1334 } else {
1335 if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name))
1336 return 0;
1337 }
1338
1339 /* FIPS(3.0.0): provider imports explicit params but they won't work #17998 */
1340 is_fips_3_0_0 = fips_provider_version_eq(testctx, 3, 0, 0);
1341 if (is_fips_3_0_0 < 0)
1342 return 0;
1343
1344 #ifdef STATIC_LEGACY
1345 /*
1346 * This test is always statically linked against libcrypto. We must not
1347 * attempt to load legacy.so that might be dynamically linked against
1348 * libcrypto. Instead we use a built-in version of the legacy provider.
1349 */
1350 if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
1351 return 0;
1352 #endif
1353
1354 /* Separate provider/ctx for generating the test data */
1355 if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1356 return 0;
1357 if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default")))
1358 return 0;
1359
1360 #ifndef OPENSSL_NO_EC
1361 if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx))
1362 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1363 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1364 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1365 || !create_ec_explicit_prime_params(bld_prime)
1366 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1367 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1368 # ifndef OPENSSL_NO_EC2M
1369 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1370 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1371 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1372 || !create_ec_explicit_trinomial_params(bld_tri)
1373 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1374 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1375 # endif
1376 )
1377 return 0;
1378 #endif
1379
1380 TEST_info("Generating keys...");
1381
1382 #ifndef OPENSSL_NO_DH
1383 TEST_info("Generating DH keys...");
1384 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1385 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1386 #endif
1387 #ifndef OPENSSL_NO_DSA
1388 TEST_info("Generating DSA keys...");
1389 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1390 #endif
1391 #ifndef OPENSSL_NO_EC
1392 TEST_info("Generating EC keys...");
1393 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1394 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1395 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1396 # ifndef OPENSSL_NO_EC2M
1397 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1398 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1399 # endif
1400 MAKE_KEYS(ED25519, "ED25519", NULL);
1401 MAKE_KEYS(ED448, "ED448", NULL);
1402 MAKE_KEYS(X25519, "X25519", NULL);
1403 MAKE_KEYS(X448, "X448", NULL);
1404 #endif
1405 TEST_info("Loading RSA key...");
1406 ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx));
1407 TEST_info("Loading RSA_PSS key...");
1408 ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx));
1409 TEST_info("Generating keys done");
1410
1411 if (ok) {
1412 #ifndef OPENSSL_NO_DH
1413 ADD_TEST_SUITE(DH);
1414 ADD_TEST_SUITE_PARAMS(DH);
1415 ADD_TEST_SUITE(DHX);
1416 ADD_TEST_SUITE_PARAMS(DHX);
1417 /*
1418 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1419 * so no legacy tests.
1420 */
1421 #endif
1422 #ifndef OPENSSL_NO_DSA
1423 ADD_TEST_SUITE(DSA);
1424 ADD_TEST_SUITE_PARAMS(DSA);
1425 ADD_TEST_SUITE_LEGACY(DSA);
1426 ADD_TEST_SUITE_MSBLOB(DSA);
1427 ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1428 # ifndef OPENSSL_NO_RC4
1429 ADD_TEST_SUITE_PROTECTED_PVK(DSA);
1430 # endif
1431 #endif
1432 #ifndef OPENSSL_NO_EC
1433 ADD_TEST_SUITE(EC);
1434 ADD_TEST_SUITE_PARAMS(EC);
1435 ADD_TEST_SUITE_LEGACY(EC);
1436 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1437 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1438 ADD_TEST_SUITE(ECExplicitPrime2G);
1439 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1440 # ifndef OPENSSL_NO_EC2M
1441 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1442 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1443 ADD_TEST_SUITE(ECExplicitTri2G);
1444 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1445 # endif
1446 ADD_TEST_SUITE(ED25519);
1447 ADD_TEST_SUITE(ED448);
1448 ADD_TEST_SUITE(X25519);
1449 ADD_TEST_SUITE(X448);
1450 /*
1451 * ED25519, ED448, X25519 and X448 have no support for
1452 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1453 */
1454 #endif
1455 ADD_TEST_SUITE(RSA);
1456 ADD_TEST_SUITE_LEGACY(RSA);
1457 ADD_TEST_SUITE(RSA_PSS);
1458 /*
1459 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1460 * so no legacy tests.
1461 */
1462 ADD_TEST_SUITE_MSBLOB(RSA);
1463 ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1464 # ifndef OPENSSL_NO_RC4
1465 ADD_TEST_SUITE_PROTECTED_PVK(RSA);
1466 # endif
1467 }
1468
1469 return 1;
1470 }
1471
1472 void cleanup_tests(void)
1473 {
1474 #ifndef OPENSSL_NO_EC
1475 OSSL_PARAM_free(ec_explicit_prime_params_nc);
1476 OSSL_PARAM_free(ec_explicit_prime_params_explicit);
1477 OSSL_PARAM_BLD_free(bld_prime_nc);
1478 OSSL_PARAM_BLD_free(bld_prime);
1479 # ifndef OPENSSL_NO_EC2M
1480 OSSL_PARAM_free(ec_explicit_tri_params_nc);
1481 OSSL_PARAM_free(ec_explicit_tri_params_explicit);
1482 OSSL_PARAM_BLD_free(bld_tri_nc);
1483 OSSL_PARAM_BLD_free(bld_tri);
1484 # endif
1485 BN_CTX_free(bnctx);
1486 #endif /* OPENSSL_NO_EC */
1487
1488 #ifndef OPENSSL_NO_DH
1489 FREE_DOMAIN_KEYS(DH);
1490 FREE_DOMAIN_KEYS(DHX);
1491 #endif
1492 #ifndef OPENSSL_NO_DSA
1493 FREE_DOMAIN_KEYS(DSA);
1494 #endif
1495 #ifndef OPENSSL_NO_EC
1496 FREE_DOMAIN_KEYS(EC);
1497 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1498 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1499 # ifndef OPENSSL_NO_EC2M
1500 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1501 FREE_DOMAIN_KEYS(ECExplicitTri2G);
1502 # endif
1503 FREE_KEYS(ED25519);
1504 FREE_KEYS(ED448);
1505 FREE_KEYS(X25519);
1506 FREE_KEYS(X448);
1507 #endif
1508 FREE_KEYS(RSA);
1509 FREE_KEYS(RSA_PSS);
1510
1511 OSSL_PROVIDER_unload(nullprov);
1512 OSSL_PROVIDER_unload(deflprov);
1513 OSSL_PROVIDER_unload(keyprov);
1514 OSSL_LIB_CTX_free(testctx);
1515 OSSL_LIB_CTX_free(keyctx);
1516 }
A mirror of the official openssl repository