2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
22 #include "internal/cryptlib.h" /* ossl_assert */
23 #include "crypto/pem.h" /* For PVK and "blob" PEM headers */
25 #include "helpers/predefined_dhparams.h"
28 #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
29 # define OPENSSL_NO_KEYPARAMS
33 static BN_CTX
*bnctx
= NULL
;
34 static OSSL_PARAM_BLD
*bld_prime_nc
= NULL
;
35 static OSSL_PARAM_BLD
*bld_prime
= NULL
;
36 static OSSL_PARAM
*ec_explicit_prime_params_nc
= NULL
;
37 static OSSL_PARAM
*ec_explicit_prime_params_explicit
= NULL
;
39 # ifndef OPENSSL_NO_EC2M
40 static OSSL_PARAM_BLD
*bld_tri_nc
= NULL
;
41 static OSSL_PARAM_BLD
*bld_tri
= NULL
;
42 static OSSL_PARAM
*ec_explicit_tri_params_nc
= NULL
;
43 static OSSL_PARAM
*ec_explicit_tri_params_explicit
= NULL
;
47 #ifndef OPENSSL_NO_KEYPARAMS
48 static EVP_PKEY
*make_template(const char *type
, OSSL_PARAM
*genparams
)
50 EVP_PKEY
*pkey
= NULL
;
51 EVP_PKEY_CTX
*ctx
= NULL
;
53 # ifndef OPENSSL_NO_DH
55 * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
56 * for testing only. Use a minimum key size of 2048 for security purposes.
58 if (strcmp(type
, "DH") == 0)
59 return get_dh512(NULL
);
60 if (strcmp(type
, "X9.42 DH") == 0)
61 return get_dhx512(NULL
);
65 * No real need to check the errors other than for the cascade
66 * effect. |pkey| will simply remain NULL if something goes wrong.
68 (void)((ctx
= EVP_PKEY_CTX_new_from_name(NULL
, type
, NULL
)) != NULL
69 && EVP_PKEY_paramgen_init(ctx
) > 0
71 || EVP_PKEY_CTX_set_params(ctx
, genparams
) > 0)
72 && EVP_PKEY_gen(ctx
, &pkey
) > 0);
73 EVP_PKEY_CTX_free(ctx
);
79 static EVP_PKEY
*make_key(const char *type
, EVP_PKEY
*template,
80 OSSL_PARAM
*genparams
)
82 EVP_PKEY
*pkey
= NULL
;
85 ? EVP_PKEY_CTX_new(template, NULL
)
86 : EVP_PKEY_CTX_new_from_name(NULL
, type
, NULL
);
89 * No real need to check the errors other than for the cascade
90 * effect. |pkey| will simply remain NULL if something goes wrong.
93 && EVP_PKEY_keygen_init(ctx
) > 0
95 || EVP_PKEY_CTX_set_params(ctx
, genparams
) > 0)
96 && EVP_PKEY_keygen(ctx
, &pkey
) > 0);
97 EVP_PKEY_CTX_free(ctx
);
101 /* Main test driver */
104 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
105 * and __LINE__ as first two arguments, and have them use the lower case
106 * functions, such as test_strn_eq(), rather than the uppercase macros
107 * (TEST_strn2_eq(), for example).
110 typedef int (encoder
)(void **encoded
, long *encoded_len
,
111 void *object
, int selection
,
112 const char *output_type
, const char *output_structure
,
113 const char *pass
, const char *pcipher
);
114 typedef int (decoder
)(void **object
, void *encoded
, long encoded_len
,
115 const char *keytype
, const char *input_type
,
116 int selection
, const char *pass
);
117 typedef int (tester
)(const void *data1
, size_t data1_len
,
118 const void *data2
, size_t data2_len
);
119 typedef int (checker
)(const char *type
, const void *data
, size_t data_len
);
120 typedef void (dumper
)(const char *label
, const void *data
, size_t data_len
);
122 #define FLAG_DECODE_WITH_TYPE 0x0001
124 static int test_encode_decode(const char *type
, EVP_PKEY
*pkey
,
125 int selection
, const char *output_type
,
126 const char *output_structure
,
127 const char *pass
, const char *pcipher
,
128 encoder
*encode_cb
, decoder
*decode_cb
,
129 tester
*test_cb
, checker
*check_cb
,
130 dumper
*dump_cb
, int flags
)
132 void *encoded
= NULL
;
133 long encoded_len
= 0;
134 EVP_PKEY
*pkey2
= NULL
;
135 void *encoded2
= NULL
;
136 long encoded2_len
= 0;
140 * Encode |pkey|, decode the result into |pkey2|, and finish off by
141 * encoding |pkey2| as well. That last encoding is for checking and
144 if (!TEST_true(encode_cb(&encoded
, &encoded_len
, pkey
, selection
,
145 output_type
, output_structure
, pass
, pcipher
))
146 || !TEST_true(check_cb(type
, encoded
, encoded_len
))
147 || !TEST_true(decode_cb((void **)&pkey2
, encoded
, encoded_len
,
148 (flags
& FLAG_DECODE_WITH_TYPE
? type
: NULL
),
149 output_type
, selection
, pass
))
150 || !TEST_true(encode_cb(&encoded2
, &encoded2_len
, pkey2
, selection
,
151 output_type
, output_structure
, pass
, pcipher
)))
154 if (selection
== OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) {
155 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey
, pkey2
), 1))
158 if (!TEST_int_eq(EVP_PKEY_eq(pkey
, pkey2
), 1))
163 * Double check the encoding, but only for unprotected keys,
164 * as protected keys have a random component, which makes the output
167 if ((pass
== NULL
&& pcipher
== NULL
)
168 && !test_cb(encoded
, encoded_len
, encoded2
, encoded2_len
))
174 if (encoded
!= NULL
&& encoded_len
!= 0)
175 dump_cb("|pkey| encoded", encoded
, encoded_len
);
176 if (encoded2
!= NULL
&& encoded2_len
!= 0)
177 dump_cb("|pkey2| encoded", encoded2
, encoded2_len
);
180 OPENSSL_free(encoded
);
181 OPENSSL_free(encoded2
);
182 EVP_PKEY_free(pkey2
);
186 /* Encoding and decoding methods */
188 static int encode_EVP_PKEY_prov(void **encoded
, long *encoded_len
,
189 void *object
, int selection
,
190 const char *output_type
,
191 const char *output_structure
,
192 const char *pass
, const char *pcipher
)
194 EVP_PKEY
*pkey
= object
;
195 OSSL_ENCODER_CTX
*ectx
= NULL
;
197 BUF_MEM
*mem_buf
= NULL
;
198 const unsigned char *upass
= (const unsigned char *)pass
;
201 if (!TEST_ptr(ectx
= OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey
, selection
,
205 || !TEST_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx
), 0)
207 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx
, upass
,
210 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx
, pcipher
, NULL
)))
211 || !TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
212 || !TEST_true(OSSL_ENCODER_to_bio(ectx
, mem_ser
))
213 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
214 || !TEST_ptr(*encoded
= mem_buf
->data
)
215 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
218 /* Detach the encoded output */
219 mem_buf
->data
= NULL
;
224 OSSL_ENCODER_CTX_free(ectx
);
228 static int decode_EVP_PKEY_prov(void **object
, void *encoded
, long encoded_len
,
229 const char *keytype
, const char *input_type
,
230 int selection
, const char *pass
)
232 EVP_PKEY
*pkey
= NULL
, *testpkey
= NULL
;
233 OSSL_DECODER_CTX
*dctx
= NULL
;
234 BIO
*encoded_bio
= NULL
;
235 const unsigned char *upass
= (const unsigned char *)pass
;
240 if (strcmp(input_type
, "DER") == 0)
245 if (!TEST_ptr(encoded_bio
= BIO_new_mem_buf(encoded
, encoded_len
)))
249 * We attempt the decode 3 times. The first time we provide the expected
250 * starting input type. The second time we provide NULL for the starting
251 * type. The third time we provide a bad starting input type.
252 * The bad starting input type should fail. The other two should succeed
253 * and produce the same result.
255 for (i
= 0; i
< 3; i
++) {
256 const char *testtype
= (i
== 0) ? input_type
257 : ((i
== 1) ? NULL
: badtype
);
259 if (!TEST_ptr(dctx
= OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey
,
266 && !OSSL_DECODER_CTX_set_passphrase(dctx
, upass
, strlen(pass
)))
267 || !TEST_int_gt(BIO_reset(encoded_bio
), 0)
268 /* We expect to fail when using a bad input type */
269 || !TEST_int_eq(OSSL_DECODER_from_bio(dctx
, encoded_bio
),
272 OSSL_DECODER_CTX_free(dctx
);
279 if (selection
== OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) {
280 if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey
, testpkey
), 1))
283 if (!TEST_int_eq(EVP_PKEY_eq(pkey
, testpkey
), 1))
294 EVP_PKEY_free(testpkey
);
295 BIO_free(encoded_bio
);
296 OSSL_DECODER_CTX_free(dctx
);
300 static int encode_EVP_PKEY_legacy_PEM(void **encoded
, long *encoded_len
,
301 void *object
, ossl_unused
int selection
,
302 ossl_unused
const char *output_type
,
303 ossl_unused
const char *output_structure
,
304 const char *pass
, const char *pcipher
)
306 EVP_PKEY
*pkey
= object
;
307 EVP_CIPHER
*cipher
= NULL
;
309 BUF_MEM
*mem_buf
= NULL
;
310 const unsigned char *upass
= (const unsigned char *)pass
;
314 if (pcipher
!= NULL
&& pass
!= NULL
) {
315 passlen
= strlen(pass
);
316 if (!TEST_ptr(cipher
= EVP_CIPHER_fetch(NULL
, pcipher
, NULL
)))
319 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
320 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser
, pkey
,
324 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
325 || !TEST_ptr(*encoded
= mem_buf
->data
)
326 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
329 /* Detach the encoded output */
330 mem_buf
->data
= NULL
;
335 EVP_CIPHER_free(cipher
);
339 static int encode_EVP_PKEY_MSBLOB(void **encoded
, long *encoded_len
,
340 void *object
, int selection
,
341 ossl_unused
const char *output_type
,
342 ossl_unused
const char *output_structure
,
343 ossl_unused
const char *pass
,
344 ossl_unused
const char *pcipher
)
346 EVP_PKEY
*pkey
= object
;
348 BUF_MEM
*mem_buf
= NULL
;
351 if (!TEST_ptr(mem_ser
= BIO_new(BIO_s_mem())))
354 if ((selection
& OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0) {
355 if (!TEST_int_ge(i2b_PrivateKey_bio(mem_ser
, pkey
), 0))
358 if (!TEST_int_ge(i2b_PublicKey_bio(mem_ser
, pkey
), 0))
362 if (!TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
363 || !TEST_ptr(*encoded
= mem_buf
->data
)
364 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
367 /* Detach the encoded output */
368 mem_buf
->data
= NULL
;
376 static pem_password_cb pass_pw
;
377 static int pass_pw(char *buf
, int size
, int rwflag
, void *userdata
)
379 OPENSSL_strlcpy(buf
, userdata
, size
);
380 return strlen(userdata
);
383 static int encode_EVP_PKEY_PVK(void **encoded
, long *encoded_len
,
384 void *object
, int selection
,
385 ossl_unused
const char *output_type
,
386 ossl_unused
const char *output_structure
,
388 ossl_unused
const char *pcipher
)
390 EVP_PKEY
*pkey
= object
;
392 BUF_MEM
*mem_buf
= NULL
;
393 int enc
= (pass
!= NULL
);
396 if (!TEST_true(ossl_assert((selection
397 & OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0))
398 || !TEST_ptr(mem_ser
= BIO_new(BIO_s_mem()))
399 || !TEST_int_ge(i2b_PVK_bio(mem_ser
, pkey
, enc
,
400 pass_pw
, (void *)pass
), 0)
401 || !TEST_true(BIO_get_mem_ptr(mem_ser
, &mem_buf
) > 0)
402 || !TEST_ptr(*encoded
= mem_buf
->data
)
403 || !TEST_long_gt(*encoded_len
= mem_buf
->length
, 0))
406 /* Detach the encoded output */
407 mem_buf
->data
= NULL
;
415 static int test_text(const void *data1
, size_t data1_len
,
416 const void *data2
, size_t data2_len
)
418 return TEST_strn2_eq(data1
, data1_len
, data2
, data2_len
);
421 static int test_mem(const void *data1
, size_t data1_len
,
422 const void *data2
, size_t data2_len
)
424 return TEST_mem_eq(data1
, data1_len
, data2
, data2_len
);
427 /* Test cases and their dumpers / checkers */
429 static void collect_name(const char *name
, void *arg
)
431 char **namelist
= arg
;
435 space
= strlen(name
);
436 if (*namelist
!= NULL
)
437 space
+= strlen(*namelist
) + 2 /* for comma and space */;
438 space
++; /* for terminating null byte */
440 new_namelist
= OPENSSL_realloc(*namelist
, space
);
441 if (new_namelist
== NULL
)
443 if (*namelist
!= NULL
) {
444 strcat(new_namelist
, ", ");
445 strcat(new_namelist
, name
);
447 strcpy(new_namelist
, name
);
449 *namelist
= new_namelist
;
452 static void dump_der(const char *label
, const void *data
, size_t data_len
)
454 test_output_memory(label
, data
, data_len
);
457 static void dump_pem(const char *label
, const void *data
, size_t data_len
)
459 test_output_string(label
, data
, data_len
- 1);
462 static int check_unprotected_PKCS8_DER(const char *type
,
463 const void *data
, size_t data_len
)
465 const unsigned char *datap
= data
;
466 PKCS8_PRIV_KEY_INFO
*p8inf
=
467 d2i_PKCS8_PRIV_KEY_INFO(NULL
, &datap
, data_len
);
470 if (TEST_ptr(p8inf
)) {
471 EVP_PKEY
*pkey
= EVP_PKCS82PKEY(p8inf
);
472 char *namelist
= NULL
;
474 if (TEST_ptr(pkey
)) {
475 if (!(ok
= TEST_true(EVP_PKEY_is_a(pkey
, type
)))) {
476 EVP_PKEY_typenames_do_all(pkey
, collect_name
, &namelist
);
477 if (namelist
!= NULL
)
478 TEST_note("%s isn't any of %s", type
, namelist
);
479 OPENSSL_free(namelist
);
484 PKCS8_PRIV_KEY_INFO_free(p8inf
);
488 static int test_unprotected_via_DER(const char *type
, EVP_PKEY
*key
)
490 return test_encode_decode(type
, key
,
491 OSSL_KEYMGMT_SELECT_KEYPAIR
492 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
493 "DER", "pkcs8", NULL
, NULL
,
494 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
495 test_mem
, check_unprotected_PKCS8_DER
,
499 static int check_unprotected_PKCS8_PEM(const char *type
,
500 const void *data
, size_t data_len
)
502 static const char expected_pem_header
[] =
503 "-----BEGIN " PEM_STRING_PKCS8INF
"-----";
505 return TEST_strn_eq(data
, expected_pem_header
,
506 sizeof(expected_pem_header
) - 1);
509 static int test_unprotected_via_PEM(const char *type
, EVP_PKEY
*key
)
511 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_KEYPAIR
512 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
513 "PEM", "pkcs8", NULL
, NULL
,
514 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
515 test_text
, check_unprotected_PKCS8_PEM
,
519 #ifndef OPENSSL_NO_KEYPARAMS
520 static int check_params_DER(const char *type
, const void *data
, size_t data_len
)
522 const unsigned char *datap
= data
;
524 int itype
= NID_undef
;
525 EVP_PKEY
*pkey
= NULL
;
527 if (strcmp(type
, "DH") == 0)
529 else if (strcmp(type
, "X9.42 DH") == 0)
530 itype
= EVP_PKEY_DHX
;
531 else if (strcmp(type
, "DSA") == 0)
532 itype
= EVP_PKEY_DSA
;
533 else if (strcmp(type
, "EC") == 0)
536 if (itype
!= NID_undef
) {
537 pkey
= d2i_KeyParams(itype
, NULL
, &datap
, data_len
);
545 static int check_params_PEM(const char *type
,
546 const void *data
, size_t data_len
)
548 static char expected_pem_header
[80];
551 TEST_int_gt(BIO_snprintf(expected_pem_header
,
552 sizeof(expected_pem_header
),
553 "-----BEGIN %s PARAMETERS-----", type
), 0)
554 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
));
557 static int test_params_via_DER(const char *type
, EVP_PKEY
*key
)
559 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
560 "DER", "type-specific", NULL
, NULL
,
561 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
562 test_mem
, check_params_DER
,
563 dump_der
, FLAG_DECODE_WITH_TYPE
);
566 static int test_params_via_PEM(const char *type
, EVP_PKEY
*key
)
568 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
569 "PEM", "type-specific", NULL
, NULL
,
570 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
571 test_text
, check_params_PEM
,
574 #endif /* !OPENSSL_NO_KEYPARAMS */
576 static int check_unprotected_legacy_PEM(const char *type
,
577 const void *data
, size_t data_len
)
579 static char expected_pem_header
[80];
582 TEST_int_gt(BIO_snprintf(expected_pem_header
,
583 sizeof(expected_pem_header
),
584 "-----BEGIN %s PRIVATE KEY-----", type
), 0)
585 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
));
588 static int test_unprotected_via_legacy_PEM(const char *type
, EVP_PKEY
*key
)
590 return test_encode_decode(type
, key
,
591 OSSL_KEYMGMT_SELECT_KEYPAIR
592 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
593 "PEM", "type-specific", NULL
, NULL
,
594 encode_EVP_PKEY_legacy_PEM
, decode_EVP_PKEY_prov
,
595 test_text
, check_unprotected_legacy_PEM
,
599 static int check_MSBLOB(const char *type
, const void *data
, size_t data_len
)
601 const unsigned char *datap
= data
;
602 EVP_PKEY
*pkey
= b2i_PrivateKey(&datap
, data_len
);
603 int ok
= TEST_ptr(pkey
);
609 static int test_unprotected_via_MSBLOB(const char *type
, EVP_PKEY
*key
)
611 return test_encode_decode(type
, key
,
612 OSSL_KEYMGMT_SELECT_KEYPAIR
613 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
614 "MSBLOB", NULL
, NULL
, NULL
,
615 encode_EVP_PKEY_MSBLOB
, decode_EVP_PKEY_prov
,
616 test_mem
, check_MSBLOB
,
620 static int check_PVK(const char *type
, const void *data
, size_t data_len
)
622 const unsigned char *in
= data
;
623 unsigned int saltlen
= 0, keylen
= 0;
624 int ok
= ossl_do_PVK_header(&in
, data_len
, 0, &saltlen
, &keylen
);
629 static int test_unprotected_via_PVK(const char *type
, EVP_PKEY
*key
)
631 return test_encode_decode(type
, key
,
632 OSSL_KEYMGMT_SELECT_KEYPAIR
633 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
634 "PVK", NULL
, NULL
, NULL
,
635 encode_EVP_PKEY_PVK
, decode_EVP_PKEY_prov
,
640 static const char *pass_cipher
= "AES-256-CBC";
641 static const char *pass
= "the holy handgrenade of antioch";
643 static int check_protected_PKCS8_DER(const char *type
,
644 const void *data
, size_t data_len
)
646 const unsigned char *datap
= data
;
647 X509_SIG
*p8
= d2i_X509_SIG(NULL
, &datap
, data_len
);
648 int ok
= TEST_ptr(p8
);
654 static int test_protected_via_DER(const char *type
, EVP_PKEY
*key
)
656 return test_encode_decode(type
, key
,
657 OSSL_KEYMGMT_SELECT_KEYPAIR
658 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
659 "DER", "pkcs8", pass
, pass_cipher
,
660 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
661 test_mem
, check_protected_PKCS8_DER
,
665 static int check_protected_PKCS8_PEM(const char *type
,
666 const void *data
, size_t data_len
)
668 static const char expected_pem_header
[] =
669 "-----BEGIN " PEM_STRING_PKCS8
"-----";
671 return TEST_strn_eq(data
, expected_pem_header
,
672 sizeof(expected_pem_header
) - 1);
675 static int test_protected_via_PEM(const char *type
, EVP_PKEY
*key
)
677 return test_encode_decode(type
, key
,
678 OSSL_KEYMGMT_SELECT_KEYPAIR
679 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
680 "PEM", "pkcs8", pass
, pass_cipher
,
681 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
682 test_text
, check_protected_PKCS8_PEM
,
686 static int check_protected_legacy_PEM(const char *type
,
687 const void *data
, size_t data_len
)
689 static char expected_pem_header
[80];
692 TEST_int_gt(BIO_snprintf(expected_pem_header
,
693 sizeof(expected_pem_header
),
694 "-----BEGIN %s PRIVATE KEY-----", type
), 0)
695 && TEST_strn_eq(data
, expected_pem_header
, strlen(expected_pem_header
))
696 && TEST_ptr(strstr(data
, "\nDEK-Info: "));
699 static int test_protected_via_legacy_PEM(const char *type
, EVP_PKEY
*key
)
701 return test_encode_decode(type
, key
,
702 OSSL_KEYMGMT_SELECT_KEYPAIR
703 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
704 "PEM", "type-specific", pass
, pass_cipher
,
705 encode_EVP_PKEY_legacy_PEM
, decode_EVP_PKEY_prov
,
706 test_text
, check_protected_legacy_PEM
,
710 #ifndef OPENSSL_NO_RC4
711 static int test_protected_via_PVK(const char *type
, EVP_PKEY
*key
)
713 return test_encode_decode(type
, key
,
714 OSSL_KEYMGMT_SELECT_KEYPAIR
715 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
716 "PVK", NULL
, pass
, NULL
,
717 encode_EVP_PKEY_PVK
, decode_EVP_PKEY_prov
,
718 test_mem
, check_PVK
, dump_der
, 0);
722 static int check_public_DER(const char *type
, const void *data
, size_t data_len
)
724 const unsigned char *datap
= data
;
725 EVP_PKEY
*pkey
= d2i_PUBKEY(NULL
, &datap
, data_len
);
726 int ok
= (TEST_ptr(pkey
) && TEST_true(EVP_PKEY_is_a(pkey
, type
)));
732 static int test_public_via_DER(const char *type
, EVP_PKEY
*key
)
734 return test_encode_decode(type
, key
,
735 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
736 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
737 "DER", "SubjectPublicKeyInfo", NULL
, NULL
,
738 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
739 test_mem
, check_public_DER
, dump_der
, 0);
742 static int check_public_PEM(const char *type
, const void *data
, size_t data_len
)
744 static const char expected_pem_header
[] =
745 "-----BEGIN " PEM_STRING_PUBLIC
"-----";
748 TEST_strn_eq(data
, expected_pem_header
,
749 sizeof(expected_pem_header
) - 1);
752 static int test_public_via_PEM(const char *type
, EVP_PKEY
*key
)
754 return test_encode_decode(type
, key
,
755 OSSL_KEYMGMT_SELECT_PUBLIC_KEY
756 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
757 "PEM", "SubjectPublicKeyInfo", NULL
, NULL
,
758 encode_EVP_PKEY_prov
, decode_EVP_PKEY_prov
,
759 test_text
, check_public_PEM
, dump_pem
, 0);
762 static int check_public_MSBLOB(const char *type
,
763 const void *data
, size_t data_len
)
765 const unsigned char *datap
= data
;
766 EVP_PKEY
*pkey
= b2i_PublicKey(&datap
, data_len
);
767 int ok
= TEST_ptr(pkey
);
773 static int test_public_via_MSBLOB(const char *type
, EVP_PKEY
*key
)
775 return test_encode_decode(type
, key
, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
776 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
,
777 "MSBLOB", NULL
, NULL
, NULL
,
778 encode_EVP_PKEY_MSBLOB
, decode_EVP_PKEY_prov
,
779 test_mem
, check_public_MSBLOB
, dump_der
, 0);
782 #define KEYS(KEYTYPE) \
783 static EVP_PKEY *key_##KEYTYPE = NULL
784 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
786 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
787 #define FREE_KEYS(KEYTYPE) \
788 EVP_PKEY_free(key_##KEYTYPE); \
790 #define DOMAIN_KEYS(KEYTYPE) \
791 static EVP_PKEY *template_##KEYTYPE = NULL; \
792 static EVP_PKEY *key_##KEYTYPE = NULL
793 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
795 && TEST_ptr(template_##KEYTYPE = \
796 make_template(KEYTYPEstr, params)) \
797 && TEST_ptr(key_##KEYTYPE = \
798 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
799 #define FREE_DOMAIN_KEYS(KEYTYPE) \
800 EVP_PKEY_free(template_##KEYTYPE); \
801 EVP_PKEY_free(key_##KEYTYPE)
803 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
804 static int test_unprotected_##KEYTYPE##_via_DER(void) \
806 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
808 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
810 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
812 static int test_protected_##KEYTYPE##_via_DER(void) \
814 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
816 static int test_protected_##KEYTYPE##_via_PEM(void) \
818 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
820 static int test_public_##KEYTYPE##_via_DER(void) \
822 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
824 static int test_public_##KEYTYPE##_via_PEM(void) \
826 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
829 #define ADD_TEST_SUITE(KEYTYPE) \
830 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
831 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
832 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
833 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
834 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
835 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
837 #define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
838 static int test_params_##KEYTYPE##_via_DER(void) \
840 return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
842 static int test_params_##KEYTYPE##_via_PEM(void) \
844 return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
847 #define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
848 ADD_TEST(test_params_##KEYTYPE##_via_DER); \
849 ADD_TEST(test_params_##KEYTYPE##_via_PEM)
851 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
852 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
855 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
857 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
860 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
863 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
864 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
865 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
867 #define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
868 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
870 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
872 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
874 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
877 #define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
878 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
879 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
881 #ifndef OPENSSL_NO_RC4
882 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
883 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
885 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
887 static int test_protected_##KEYTYPE##_via_PVK(void) \
889 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
892 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
893 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
894 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
896 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
897 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
899 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
902 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
903 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
906 #ifndef OPENSSL_NO_DH
908 IMPLEMENT_TEST_SUITE(DH
, "DH")
909 IMPLEMENT_TEST_SUITE_PARAMS(DH
, "DH")
911 IMPLEMENT_TEST_SUITE(DHX
, "X9.42 DH")
912 IMPLEMENT_TEST_SUITE_PARAMS(DHX
, "X9.42 DH")
914 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
915 * so no legacy tests.
918 #ifndef OPENSSL_NO_DSA
920 IMPLEMENT_TEST_SUITE(DSA
, "DSA")
921 IMPLEMENT_TEST_SUITE_PARAMS(DSA
, "DSA")
922 IMPLEMENT_TEST_SUITE_LEGACY(DSA
, "DSA")
923 IMPLEMENT_TEST_SUITE_MSBLOB(DSA
, "DSA")
924 IMPLEMENT_TEST_SUITE_PVK(DSA
, "DSA")
926 #ifndef OPENSSL_NO_EC
928 IMPLEMENT_TEST_SUITE(EC
, "EC")
929 IMPLEMENT_TEST_SUITE_PARAMS(EC
, "EC")
930 IMPLEMENT_TEST_SUITE_LEGACY(EC
, "EC")
931 DOMAIN_KEYS(ECExplicitPrimeNamedCurve
);
932 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve
, "EC")
933 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve
, "EC")
934 DOMAIN_KEYS(ECExplicitPrime2G
);
935 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G
, "EC")
936 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G
, "EC")
937 # ifndef OPENSSL_NO_EC2M
938 DOMAIN_KEYS(ECExplicitTriNamedCurve
);
939 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve
, "EC")
940 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve
, "EC")
941 DOMAIN_KEYS(ECExplicitTri2G
);
942 IMPLEMENT_TEST_SUITE(ECExplicitTri2G
, "EC")
943 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G
, "EC")
946 IMPLEMENT_TEST_SUITE(ED25519
, "ED25519")
948 IMPLEMENT_TEST_SUITE(ED448
, "ED448")
950 IMPLEMENT_TEST_SUITE(X25519
, "X25519")
952 IMPLEMENT_TEST_SUITE(X448
, "X448")
954 * ED25519, ED448, X25519 and X448 have no support for
955 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
959 IMPLEMENT_TEST_SUITE(RSA
, "RSA")
960 IMPLEMENT_TEST_SUITE_LEGACY(RSA
, "RSA")
962 IMPLEMENT_TEST_SUITE(RSA_PSS
, "RSA-PSS")
964 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
965 * so no legacy tests.
967 IMPLEMENT_TEST_SUITE_MSBLOB(RSA
, "RSA")
968 IMPLEMENT_TEST_SUITE_PVK(RSA
, "RSA")
970 #ifndef OPENSSL_NO_EC
971 /* Explicit parameters that match a named curve */
972 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD
*bld
,
973 const unsigned char *gen
,
976 BIGNUM
*a
, *b
, *prime
, *order
;
978 /* Curve prime256v1 */
979 static const unsigned char prime_data
[] = {
980 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
981 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
982 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
983 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
986 static const unsigned char a_data
[] = {
987 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
988 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
989 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
990 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
993 static const unsigned char b_data
[] = {
994 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
995 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
996 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
997 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
999 static const unsigned char seed
[] = {
1000 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1001 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1002 0x81, 0x9f, 0x7e, 0x90
1004 static const unsigned char order_data
[] = {
1005 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1006 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1007 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1008 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1010 return TEST_ptr(a
= BN_CTX_get(bnctx
))
1011 && TEST_ptr(b
= BN_CTX_get(bnctx
))
1012 && TEST_ptr(prime
= BN_CTX_get(bnctx
))
1013 && TEST_ptr(order
= BN_CTX_get(bnctx
))
1014 && TEST_ptr(BN_bin2bn(prime_data
, sizeof(prime_data
), prime
))
1015 && TEST_ptr(BN_bin2bn(a_data
, sizeof(a_data
), a
))
1016 && TEST_ptr(BN_bin2bn(b_data
, sizeof(b_data
), b
))
1017 && TEST_ptr(BN_bin2bn(order_data
, sizeof(order_data
), order
))
1018 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
1019 OSSL_PKEY_PARAM_EC_FIELD_TYPE
, SN_X9_62_prime_field
,
1021 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_P
, prime
))
1022 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_A
, a
))
1023 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_B
, b
))
1024 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
1025 OSSL_PKEY_PARAM_EC_ORDER
, order
))
1026 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1027 OSSL_PKEY_PARAM_EC_GENERATOR
, gen
, gen_len
))
1028 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1029 OSSL_PKEY_PARAM_EC_SEED
, seed
, sizeof(seed
)))
1030 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_COFACTOR
,
1034 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD
*bld
)
1036 static const unsigned char prime256v1_gen
[] = {
1038 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1039 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1040 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1041 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1042 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1043 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1044 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1045 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1047 return do_create_ec_explicit_prime_params(bld
, prime256v1_gen
,
1048 sizeof(prime256v1_gen
));
1051 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD
*bld
)
1054 static const unsigned char prime256v1_gen2
[] = {
1056 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1057 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1058 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1059 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1060 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1061 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1062 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1063 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1065 return do_create_ec_explicit_prime_params(bld
, prime256v1_gen2
,
1066 sizeof(prime256v1_gen2
));
1069 # ifndef OPENSSL_NO_EC2M
1070 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD
*bld
,
1071 const unsigned char *gen
,
1074 BIGNUM
*a
, *b
, *poly
, *order
, *cofactor
;
1075 /* sect233k1 characteristic-two-field tpBasis */
1076 static const unsigned char poly_data
[] = {
1077 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1078 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1079 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1081 static const unsigned char a_data
[] = {
1082 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1083 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1084 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1086 static const unsigned char b_data
[] = {
1087 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1088 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1089 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1091 static const unsigned char order_data
[] = {
1092 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1093 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1094 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1096 static const unsigned char cofactor_data
[]= {
1099 return TEST_ptr(a
= BN_CTX_get(bnctx
))
1100 && TEST_ptr(b
= BN_CTX_get(bnctx
))
1101 && TEST_ptr(poly
= BN_CTX_get(bnctx
))
1102 && TEST_ptr(order
= BN_CTX_get(bnctx
))
1103 && TEST_ptr(cofactor
= BN_CTX_get(bnctx
))
1104 && TEST_ptr(BN_bin2bn(poly_data
, sizeof(poly_data
), poly
))
1105 && TEST_ptr(BN_bin2bn(a_data
, sizeof(a_data
), a
))
1106 && TEST_ptr(BN_bin2bn(b_data
, sizeof(b_data
), b
))
1107 && TEST_ptr(BN_bin2bn(order_data
, sizeof(order_data
), order
))
1108 && TEST_ptr(BN_bin2bn(cofactor_data
, sizeof(cofactor_data
), cofactor
))
1109 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld
,
1110 OSSL_PKEY_PARAM_EC_FIELD_TYPE
,
1111 SN_X9_62_characteristic_two_field
, 0))
1112 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_P
, poly
))
1113 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_A
, a
))
1114 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_B
, b
))
1115 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
,
1116 OSSL_PKEY_PARAM_EC_ORDER
, order
))
1117 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld
,
1118 OSSL_PKEY_PARAM_EC_GENERATOR
, gen
, gen_len
))
1119 && TEST_true(OSSL_PARAM_BLD_push_BN(bld
, OSSL_PKEY_PARAM_EC_COFACTOR
,
1123 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD
*bld
)
1125 static const unsigned char gen
[] = {
1127 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1128 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1129 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1130 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1131 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1132 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1134 return do_create_ec_explicit_trinomial_params(bld
, gen
, sizeof(gen
));
1137 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD
*bld
)
1139 static const unsigned char gen2
[] = {
1141 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1142 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1143 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1144 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1145 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1146 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1148 return do_create_ec_explicit_trinomial_params(bld
, gen2
, sizeof(gen2
));
1150 # endif /* OPENSSL_NO_EC2M */
1151 #endif /* OPENSSL_NO_EC */
1153 int setup_tests(void)
1157 #ifndef OPENSSL_NO_DSA
1158 static size_t qbits
= 160; /* PVK only tolerates 160 Q bits */
1159 static size_t pbits
= 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1160 OSSL_PARAM DSA_params
[] = {
1161 OSSL_PARAM_size_t("pbits", &pbits
),
1162 OSSL_PARAM_size_t("qbits", &qbits
),
1167 #ifndef OPENSSL_NO_EC
1168 static char groupname
[] = "prime256v1";
1169 OSSL_PARAM EC_params
[] = {
1170 OSSL_PARAM_utf8_string("group", groupname
, sizeof(groupname
) - 1),
1175 /* 7 is the default magic number */
1176 static unsigned int rsapss_min_saltlen
= 7;
1177 OSSL_PARAM RSA_PSS_params
[] = {
1178 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen
),
1182 #ifndef OPENSSL_NO_EC
1183 if (!TEST_ptr(bnctx
= BN_CTX_new_ex(NULL
))
1184 || !TEST_ptr(bld_prime_nc
= OSSL_PARAM_BLD_new())
1185 || !TEST_ptr(bld_prime
= OSSL_PARAM_BLD_new())
1186 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc
)
1187 || !create_ec_explicit_prime_params(bld_prime
)
1188 || !TEST_ptr(ec_explicit_prime_params_nc
= OSSL_PARAM_BLD_to_param(bld_prime_nc
))
1189 || !TEST_ptr(ec_explicit_prime_params_explicit
= OSSL_PARAM_BLD_to_param(bld_prime
))
1190 # ifndef OPENSSL_NO_EC2M
1191 || !TEST_ptr(bld_tri_nc
= OSSL_PARAM_BLD_new())
1192 || !TEST_ptr(bld_tri
= OSSL_PARAM_BLD_new())
1193 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc
)
1194 || !create_ec_explicit_trinomial_params(bld_tri
)
1195 || !TEST_ptr(ec_explicit_tri_params_nc
= OSSL_PARAM_BLD_to_param(bld_tri_nc
))
1196 || !TEST_ptr(ec_explicit_tri_params_explicit
= OSSL_PARAM_BLD_to_param(bld_tri
))
1202 TEST_info("Generating keys...");
1204 #ifndef OPENSSL_NO_DH
1205 MAKE_DOMAIN_KEYS(DH
, "DH", NULL
);
1206 MAKE_DOMAIN_KEYS(DHX
, "X9.42 DH", NULL
);
1207 TEST_info("Generating keys...DH done");
1209 #ifndef OPENSSL_NO_DSA
1210 MAKE_DOMAIN_KEYS(DSA
, "DSA", DSA_params
);
1211 TEST_info("Generating keys...DSA done");
1213 #ifndef OPENSSL_NO_EC
1214 MAKE_DOMAIN_KEYS(EC
, "EC", EC_params
);
1215 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve
, "EC", ec_explicit_prime_params_nc
);
1216 MAKE_DOMAIN_KEYS(ECExplicitPrime2G
, "EC", ec_explicit_prime_params_explicit
);
1217 # ifndef OPENSSL_NO_EC2M
1218 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve
, "EC", ec_explicit_tri_params_nc
);
1219 MAKE_DOMAIN_KEYS(ECExplicitTri2G
, "EC", ec_explicit_tri_params_explicit
);
1221 MAKE_KEYS(ED25519
, "ED25519", NULL
);
1222 MAKE_KEYS(ED448
, "ED448", NULL
);
1223 MAKE_KEYS(X25519
, "X25519", NULL
);
1224 MAKE_KEYS(X448
, "X448", NULL
);
1225 TEST_info("Generating keys...EC done");
1227 MAKE_KEYS(RSA
, "RSA", NULL
);
1228 TEST_info("Generating keys...RSA done");
1229 MAKE_KEYS(RSA_PSS
, "RSA-PSS", RSA_PSS_params
);
1230 TEST_info("Generating keys...RSA_PSS done");
1233 #ifndef OPENSSL_NO_DH
1235 ADD_TEST_SUITE_PARAMS(DH
);
1236 ADD_TEST_SUITE(DHX
);
1237 ADD_TEST_SUITE_PARAMS(DHX
);
1239 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1240 * so no legacy tests.
1243 #ifndef OPENSSL_NO_DSA
1244 ADD_TEST_SUITE(DSA
);
1245 ADD_TEST_SUITE_PARAMS(DSA
);
1246 ADD_TEST_SUITE_LEGACY(DSA
);
1247 ADD_TEST_SUITE_MSBLOB(DSA
);
1248 ADD_TEST_SUITE_PVK(DSA
);
1250 #ifndef OPENSSL_NO_EC
1252 ADD_TEST_SUITE_PARAMS(EC
);
1253 ADD_TEST_SUITE_LEGACY(EC
);
1254 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve
);
1255 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve
);
1256 ADD_TEST_SUITE(ECExplicitPrime2G
);
1257 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G
);
1258 # ifndef OPENSSL_NO_EC2M
1259 ADD_TEST_SUITE(ECExplicitTriNamedCurve
);
1260 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve
);
1261 ADD_TEST_SUITE(ECExplicitTri2G
);
1262 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G
);
1264 ADD_TEST_SUITE(ED25519
);
1265 ADD_TEST_SUITE(ED448
);
1266 ADD_TEST_SUITE(X25519
);
1267 ADD_TEST_SUITE(X448
);
1269 * ED25519, ED448, X25519 and X448 have no support for
1270 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1273 ADD_TEST_SUITE(RSA
);
1274 ADD_TEST_SUITE_LEGACY(RSA
);
1275 ADD_TEST_SUITE(RSA_PSS
);
1277 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1278 * so no legacy tests.
1280 ADD_TEST_SUITE_MSBLOB(RSA
);
1281 ADD_TEST_SUITE_PVK(RSA
);
1287 void cleanup_tests(void)
1289 #ifndef OPENSSL_NO_EC
1290 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc
);
1291 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit
);
1292 OSSL_PARAM_BLD_free(bld_prime_nc
);
1293 OSSL_PARAM_BLD_free(bld_prime
);
1294 # ifndef OPENSSL_NO_EC2M
1295 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc
);
1296 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit
);
1297 OSSL_PARAM_BLD_free(bld_tri_nc
);
1298 OSSL_PARAM_BLD_free(bld_tri
);
1301 #endif /* OPENSSL_NO_EC */
1303 #ifndef OPENSSL_NO_DH
1304 FREE_DOMAIN_KEYS(DH
);
1305 FREE_DOMAIN_KEYS(DHX
);
1307 #ifndef OPENSSL_NO_DSA
1308 FREE_DOMAIN_KEYS(DSA
);
1310 #ifndef OPENSSL_NO_EC
1311 FREE_DOMAIN_KEYS(EC
);
1312 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve
);
1313 FREE_DOMAIN_KEYS(ECExplicitPrime2G
);
1314 # ifndef OPENSSL_NO_EC2M
1315 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve
);
1316 FREE_DOMAIN_KEYS(ECExplicitTri2G
);