]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/endecode_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
TEST: Adapt applicable tests to the changed OSSL_ENCODER_CTX_new_by_EVP_PKEY()
[thirdparty/openssl.git] / test / endecode_test.c
1 /*
2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <openssl/core_dispatch.h>
12 #include <openssl/evp.h>
13 #include <openssl/pem.h>
14 #include <openssl/rsa.h>
15 #include <openssl/x509.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/param_build.h>
19 #include <openssl/encoder.h>
20 #include <openssl/decoder.h>
21
22 #include "internal/pem.h" /* For PVK and "blob" PEM headers */
23 #include "internal/cryptlib.h" /* ossl_assert */
24
25 #include "testutil.h"
26
27 #ifndef OPENSSL_NO_EC
28 static BN_CTX *bnctx = NULL;
29 static OSSL_PARAM_BLD *bld_prime_nc = NULL;
30 static OSSL_PARAM_BLD *bld_prime = NULL;
31 static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
32 static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
33
34 # ifndef OPENSSL_NO_EC2M
35 static OSSL_PARAM_BLD *bld_tri_nc = NULL;
36 static OSSL_PARAM_BLD *bld_tri = NULL;
37 static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
38 static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
39 # endif
40 #endif
41
42 static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
43 {
44 EVP_PKEY *pkey = NULL;
45 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
46
47 /*
48 * No real need to check the errors other than for the cascade
49 * effect. |pkey| will simply remain NULL if something goes wrong.
50 */
51 (void)(ctx != NULL
52 && EVP_PKEY_paramgen_init(ctx) > 0
53 && (genparams == NULL
54 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
55 && EVP_PKEY_gen(ctx, &pkey) > 0);
56 EVP_PKEY_CTX_free(ctx);
57
58 return pkey;
59 }
60
61 static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
62 OSSL_PARAM *genparams)
63 {
64 EVP_PKEY *pkey = NULL;
65 EVP_PKEY_CTX *ctx =
66 template != NULL
67 ? EVP_PKEY_CTX_new(template, NULL)
68 : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
69
70 /*
71 * No real need to check the errors other than for the cascade
72 * effect. |pkey| will simply remain NULL if something goes wrong.
73 */
74 (void)(ctx != NULL
75 && EVP_PKEY_keygen_init(ctx) > 0
76 && (genparams == NULL
77 || EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
78 && EVP_PKEY_keygen(ctx, &pkey) > 0);
79 EVP_PKEY_CTX_free(ctx);
80 return pkey;
81 }
82
83 /* Main test driver */
84
85 /*
86 * TODO(3.0) For better error output, changed the callbacks to take __FILE__
87 * and __LINE__ as first two arguments, and have them use the lower case
88 * functions, such as test_strn_eq(), rather than the uppercase macros
89 * (TEST_strn2_eq(), for example).
90 */
91
92 typedef int (encoder)(void **encoded, long *encoded_len, void *object,
93 const char *output_type, int selection,
94 const char *pass, const char *pcipher);
95 typedef int (decoder)(void **object, void *encoded, long encoded_len,
96 const char *pass);
97 typedef int (tester)(const void *data1, size_t data1_len,
98 const void *data2, size_t data2_len);
99 typedef int (checker)(const char *type, const void *data, size_t data_len);
100 typedef void (dumper)(const char *label, const void *data, size_t data_len);
101
102 static int test_encode_decode(const char *type, EVP_PKEY *pkey,
103 const char *output_type, int selection,
104 const char *pass, const char *pcipher,
105 encoder *encode_cb, decoder *decode_cb,
106 tester *test_cb, checker *check_cb,
107 dumper *dump_cb)
108 {
109 void *encoded = NULL;
110 long encoded_len = 0;
111 EVP_PKEY *pkey2 = NULL;
112 void *encoded2 = NULL;
113 long encoded2_len = 0;
114 int ok = 0;
115
116 /*
117 * Encode |pkey|, decode the result into |pkey2|, and finish off by
118 * encoding |pkey2| as well. That last encoding is for checking and
119 * dumping purposes.
120 */
121 if (!encode_cb(&encoded, &encoded_len, pkey, output_type, selection,
122 pass, pcipher)
123 || !check_cb(type, encoded, encoded_len)
124 || !decode_cb((void **)&pkey2, encoded, encoded_len, pass)
125 || !encode_cb(&encoded2, &encoded2_len, pkey2, output_type, selection,
126 pass, pcipher))
127 goto end;
128
129 if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
130 goto end;
131
132 /*
133 * Double check the encoding, but only for unprotected keys,
134 * as protected keys have a random component, which makes the output
135 * differ.
136 */
137 if ((pass == NULL && pcipher == NULL)
138 && !test_cb(encoded, encoded_len, encoded2, encoded2_len))
139 goto end;
140
141 ok = 1;
142 end:
143 if (!ok) {
144 if (encoded != NULL && encoded_len != 0)
145 dump_cb("|pkey| encoded", encoded, encoded_len);
146 if (encoded2 != NULL && encoded2_len != 0)
147 dump_cb("|pkey2| encoded", encoded2, encoded2_len);
148 }
149
150 OPENSSL_free(encoded);
151 OPENSSL_free(encoded2);
152 EVP_PKEY_free(pkey2);
153 return ok;
154 }
155
156 /* Encoding and desencoding methods */
157
158 static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len,
159 void *object,
160 const char *output_type, int selection,
161 const char *pass, const char *pcipher)
162 {
163 EVP_PKEY *pkey = object;
164 OSSL_ENCODER_CTX *ectx = NULL;
165 BIO *mem_ser = NULL;
166 BUF_MEM *mem_buf = NULL;
167 const unsigned char *upass = (const unsigned char *)pass;
168 int ok = 0;
169
170 if (!TEST_ptr(ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, output_type,
171 selection,
172 NULL, NULL))
173 || (pass != NULL
174 && !TEST_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
175 strlen(pass))))
176 || (pcipher != NULL
177 && !TEST_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
178 || !TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
179 || !TEST_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
180 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
181 || !TEST_ptr(*encoded = mem_buf->data)
182 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
183 goto end;
184
185 /* Detach the encoded output */
186 mem_buf->data = NULL;
187 mem_buf->length = 0;
188 ok = 1;
189 end:
190 BIO_free(mem_ser);
191 OSSL_ENCODER_CTX_free(ectx);
192 return ok;
193 }
194
195 static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len,
196 const char *pass)
197 {
198 EVP_PKEY *pkey = NULL;
199 OSSL_DECODER_CTX *dctx = NULL;
200 BIO *mem_deser = NULL;
201 const unsigned char *upass = (const unsigned char *)pass;
202 int ok = 0;
203
204 if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL,
205 NULL, NULL))
206 || (pass != NULL
207 && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
208 || !TEST_ptr(mem_deser = BIO_new_mem_buf(encoded, encoded_len))
209 || !TEST_true(OSSL_DECODER_from_bio(dctx, mem_deser)))
210 goto end;
211 ok = 1;
212 *object = pkey;
213 end:
214 BIO_free(mem_deser);
215 OSSL_DECODER_CTX_free(dctx);
216 return ok;
217 }
218
219 static int encode_EVP_PKEY_legacy_PEM(void **encoded, long *encoded_len,
220 void *object,
221 const char *output_type, int selection,
222 const char *pass, const char *pcipher)
223 {
224 EVP_PKEY *pkey = object;
225 EVP_CIPHER *cipher = NULL;
226 BIO *mem_ser = NULL;
227 BUF_MEM *mem_buf = NULL;
228 const unsigned char *upass = (const unsigned char *)pass;
229 size_t passlen = 0;
230 int ok = 0;
231
232 if (pcipher != NULL && pass != NULL) {
233 passlen = strlen(pass);
234 if (!TEST_ptr(cipher = EVP_CIPHER_fetch(NULL, pcipher, NULL)))
235 goto end;
236 }
237 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
238 || !TEST_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
239 cipher,
240 upass, passlen,
241 NULL, NULL))
242 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
243 || !TEST_ptr(*encoded = mem_buf->data)
244 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
245 goto end;
246
247 /* Detach the encoded output */
248 mem_buf->data = NULL;
249 mem_buf->length = 0;
250 ok = 1;
251 end:
252 BIO_free(mem_ser);
253 EVP_CIPHER_free(cipher);
254 return ok;
255 }
256
257 #ifndef OPENSSL_NO_DSA
258 static int encode_EVP_PKEY_MSBLOB(void **encoded, long *encoded_len,
259 void *object,
260 ossl_unused const char *output_type,
261 ossl_unused int selection,
262 ossl_unused const char *pass,
263 ossl_unused const char *pcipher)
264 {
265 EVP_PKEY *pkey = object;
266 BIO *mem_ser = NULL;
267 BUF_MEM *mem_buf = NULL;
268 int ok = 0;
269
270 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
271 || !TEST_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0)
272 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
273 || !TEST_ptr(*encoded = mem_buf->data)
274 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
275 goto end;
276
277 /* Detach the encoded output */
278 mem_buf->data = NULL;
279 mem_buf->length = 0;
280 ok = 1;
281 end:
282 BIO_free(mem_ser);
283 return ok;
284 }
285
286 static int encode_public_EVP_PKEY_MSBLOB(void **encoded,
287 long *encoded_len,
288 void *object,
289 ossl_unused const char *output_type,
290 ossl_unused int selection,
291 ossl_unused const char *pass,
292 ossl_unused const char *pcipher)
293 {
294 EVP_PKEY *pkey = object;
295 BIO *mem_ser = NULL;
296 BUF_MEM *mem_buf = NULL;
297 int ok = 0;
298
299 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
300 || !TEST_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0)
301 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
302 || !TEST_ptr(*encoded = mem_buf->data)
303 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
304 goto end;
305
306 /* Detach the encoded output */
307 mem_buf->data = NULL;
308 mem_buf->length = 0;
309 ok = 1;
310 end:
311 BIO_free(mem_ser);
312 return ok;
313 }
314
315 # ifndef OPENSSL_NO_RC4
316 static pem_password_cb pass_pw;
317 static int pass_pw(char *buf, int size, int rwflag, void *userdata)
318 {
319 OPENSSL_strlcpy(buf, userdata, size);
320 return strlen(userdata);
321 }
322
323 static int encode_EVP_PKEY_PVK(void **encoded, long *encoded_len,
324 void *object,
325 ossl_unused const char *output_type,
326 ossl_unused int selection,
327 const char *pass,
328 ossl_unused const char *pcipher)
329 {
330 EVP_PKEY *pkey = object;
331 BIO *mem_ser = NULL;
332 BUF_MEM *mem_buf = NULL;
333 int enc = (pass != NULL);
334 int ok = 0;
335
336 if (!TEST_ptr(mem_ser = BIO_new(BIO_s_mem()))
337 || !TEST_int_ge(i2b_PVK_bio(mem_ser, pkey, enc,
338 pass_pw, (void *)pass), 0)
339 || !TEST_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
340 || !TEST_ptr(*encoded = mem_buf->data)
341 || !TEST_long_gt(*encoded_len = mem_buf->length, 0))
342 goto end;
343
344 /* Detach the encoded output */
345 mem_buf->data = NULL;
346 mem_buf->length = 0;
347 ok = 1;
348 end:
349 BIO_free(mem_ser);
350 return ok;
351 }
352 # endif
353 #endif
354
355 static int test_text(const void *data1, size_t data1_len,
356 const void *data2, size_t data2_len)
357 {
358 return TEST_strn2_eq(data1, data1_len, data2, data2_len);
359 }
360
361 static int test_mem(const void *data1, size_t data1_len,
362 const void *data2, size_t data2_len)
363 {
364 return TEST_mem_eq(data1, data1_len, data2, data2_len);
365 }
366
367 /* Test cases and their dumpers / checkers */
368
369 static void collect_name(const char *name, void *arg)
370 {
371 char **namelist = arg;
372 char *new_namelist;
373 size_t space;
374
375 space = strlen(name);
376 if (*namelist != NULL)
377 space += strlen(*namelist) + 2 /* for comma and space */;
378 space++; /* for terminating null byte */
379
380 new_namelist = OPENSSL_realloc(*namelist, space);
381 if (new_namelist == NULL)
382 return;
383 if (*namelist != NULL) {
384 strcat(new_namelist, ", ");
385 strcat(new_namelist, name);
386 } else {
387 strcpy(new_namelist, name);
388 }
389 *namelist = new_namelist;
390 }
391
392 static void dump_der(const char *label, const void *data, size_t data_len)
393 {
394 test_output_memory(label, data, data_len);
395 }
396
397 static void dump_pem(const char *label, const void *data, size_t data_len)
398 {
399 test_output_string(label, data, data_len - 1);
400 }
401
402 static int check_unprotected_PKCS8_DER(const char *type,
403 const void *data, size_t data_len)
404 {
405 const unsigned char *datap = data;
406 PKCS8_PRIV_KEY_INFO *p8inf =
407 d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
408 int ok = 0;
409
410 if (TEST_ptr(p8inf)) {
411 EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf);
412 char *namelist = NULL;
413
414 if (TEST_ptr(pkey)) {
415 if (!(ok = TEST_true(EVP_PKEY_is_a(pkey, type)))) {
416 EVP_PKEY_typenames_do_all(pkey, collect_name, &namelist);
417 if (namelist != NULL)
418 TEST_note("%s isn't any of %s", type, namelist);
419 OPENSSL_free(namelist);
420 }
421 EVP_PKEY_free(pkey);
422 }
423 }
424 PKCS8_PRIV_KEY_INFO_free(p8inf);
425 return ok;
426 }
427
428 static int test_unprotected_via_DER(const char *type, EVP_PKEY *key)
429 {
430 return test_encode_decode(type, key,
431 "DER", OSSL_KEYMGMT_SELECT_KEYPAIR
432 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
433 NULL, NULL,
434 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
435 test_mem, check_unprotected_PKCS8_DER,
436 dump_der);
437 }
438
439 static int check_unprotected_PKCS8_PEM(const char *type,
440 const void *data, size_t data_len)
441 {
442 static const char expected_pem_header[] =
443 "-----BEGIN " PEM_STRING_PKCS8INF "-----";
444
445 return TEST_strn_eq(data, expected_pem_header,
446 sizeof(expected_pem_header) - 1);
447 }
448
449 static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key)
450 {
451 return test_encode_decode(type, key,
452 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
453 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
454 NULL, NULL,
455 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
456 test_text, check_unprotected_PKCS8_PEM,
457 dump_pem);
458 }
459
460 static int check_unprotected_legacy_PEM(const char *type,
461 const void *data, size_t data_len)
462 {
463 static char expected_pem_header[80];
464
465 return
466 TEST_int_gt(BIO_snprintf(expected_pem_header,
467 sizeof(expected_pem_header),
468 "-----BEGIN %s PRIVATE KEY-----", type), 0)
469 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
470 }
471
472 static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key)
473 {
474 return test_encode_decode(type, key,
475 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
476 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
477 NULL, NULL,
478 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
479 test_text, check_unprotected_legacy_PEM,
480 dump_pem);
481 }
482
483 #ifndef OPENSSL_NO_DSA
484 static int check_MSBLOB(const char *type, const void *data, size_t data_len)
485 {
486 const unsigned char *datap = data;
487 EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
488 int ok = TEST_ptr(pkey);
489
490 EVP_PKEY_free(pkey);
491 return ok;
492 }
493
494 static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key)
495 {
496 return test_encode_decode(type, key,
497 "MSBLOB", OSSL_KEYMGMT_SELECT_KEYPAIR
498 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
499 NULL, NULL,
500 encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
501 test_mem, check_MSBLOB,
502 dump_der);
503 }
504
505 # ifndef OPENSSL_NO_RC4
506 static int check_PVK(const char *type, const void *data, size_t data_len)
507 {
508 const unsigned char *in = data;
509 unsigned int saltlen = 0, keylen = 0;
510 int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
511
512 return ok;
513 }
514
515 static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key)
516 {
517 return test_encode_decode(type, key,
518 "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR
519 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
520 NULL, NULL,
521 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
522 test_mem, check_PVK,
523 dump_der);
524 }
525 # endif
526 #endif
527
528 static const char *pass_cipher = "AES-256-CBC";
529 static const char *pass = "the holy handgrenade of antioch";
530
531 static int check_protected_PKCS8_DER(const char *type,
532 const void *data, size_t data_len)
533 {
534 const unsigned char *datap = data;
535 X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
536 int ok = TEST_ptr(p8);
537
538 X509_SIG_free(p8);
539 return ok;
540 }
541
542 static int test_protected_via_DER(const char *type, EVP_PKEY *key)
543 {
544 return test_encode_decode(type, key,
545 "DER", OSSL_KEYMGMT_SELECT_KEYPAIR
546 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
547 pass, pass_cipher,
548 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
549 test_mem, check_protected_PKCS8_DER,
550 dump_der);
551 }
552
553 static int check_protected_PKCS8_PEM(const char *type,
554 const void *data, size_t data_len)
555 {
556 static const char expected_pem_header[] =
557 "-----BEGIN " PEM_STRING_PKCS8 "-----";
558
559 return TEST_strn_eq(data, expected_pem_header,
560 sizeof(expected_pem_header) - 1);
561 }
562
563 static int test_protected_via_PEM(const char *type, EVP_PKEY *key)
564 {
565 return test_encode_decode(type, key,
566 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
567 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
568 pass, pass_cipher,
569 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
570 test_text, check_protected_PKCS8_PEM,
571 dump_pem);
572 }
573
574 static int check_protected_legacy_PEM(const char *type,
575 const void *data, size_t data_len)
576 {
577 static char expected_pem_header[80];
578
579 return
580 TEST_int_gt(BIO_snprintf(expected_pem_header,
581 sizeof(expected_pem_header),
582 "-----BEGIN %s PRIVATE KEY-----", type), 0)
583 && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
584 && TEST_ptr(strstr(data, "\nDEK-Info: "));
585 }
586
587 static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key)
588 {
589 return test_encode_decode(type, key,
590 "PEM", OSSL_KEYMGMT_SELECT_KEYPAIR
591 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
592 pass, pass_cipher,
593 encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
594 test_text, check_protected_legacy_PEM,
595 dump_pem);
596 }
597
598 #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
599 static int test_protected_via_PVK(const char *type, EVP_PKEY *key)
600 {
601 return test_encode_decode(type, key,
602 "PVK", OSSL_KEYMGMT_SELECT_KEYPAIR
603 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
604 pass, NULL,
605 encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
606 test_mem, check_PVK, dump_der);
607 }
608 #endif
609
610 static int check_public_DER(const char *type, const void *data, size_t data_len)
611 {
612 const unsigned char *datap = data;
613 EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len);
614 int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, type)));
615
616 EVP_PKEY_free(pkey);
617 return ok;
618 }
619
620 static int test_public_via_DER(const char *type, EVP_PKEY *key)
621 {
622 return test_encode_decode(type, key,
623 "DER", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
624 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
625 NULL, NULL,
626 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
627 test_mem, check_public_DER, dump_der);
628 }
629
630 static int check_public_PEM(const char *type, const void *data, size_t data_len)
631 {
632 static const char expected_pem_header[] =
633 "-----BEGIN " PEM_STRING_PUBLIC "-----";
634
635 return
636 TEST_strn_eq(data, expected_pem_header,
637 sizeof(expected_pem_header) - 1);
638 }
639
640 static int test_public_via_PEM(const char *type, EVP_PKEY *key)
641 {
642 return test_encode_decode(type, key,
643 "PEM", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
644 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
645 NULL, NULL,
646 encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
647 test_text, check_public_PEM, dump_pem);
648 }
649
650 #ifndef OPENSSL_NO_DSA
651 static int check_public_MSBLOB(const char *type,
652 const void *data, size_t data_len)
653 {
654 const unsigned char *datap = data;
655 EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
656 int ok = TEST_ptr(pkey);
657
658 EVP_PKEY_free(pkey);
659 return ok;
660 }
661
662 static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key)
663 {
664 return test_encode_decode(type, key,
665 "MSBLOB", OSSL_KEYMGMT_SELECT_PUBLIC_KEY
666 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
667 NULL, NULL,
668 encode_public_EVP_PKEY_MSBLOB,
669 decode_EVP_PKEY_prov,
670 test_mem, check_public_MSBLOB, dump_der);
671 }
672 #endif
673
674 #define KEYS(KEYTYPE) \
675 static EVP_PKEY *key_##KEYTYPE = NULL
676 #define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
677 ok = ok \
678 && TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
679 #define FREE_KEYS(KEYTYPE) \
680 EVP_PKEY_free(key_##KEYTYPE); \
681
682 #define DOMAIN_KEYS(KEYTYPE) \
683 static EVP_PKEY *template_##KEYTYPE = NULL; \
684 static EVP_PKEY *key_##KEYTYPE = NULL
685 #define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
686 ok = ok \
687 && TEST_ptr(template_##KEYTYPE = \
688 make_template(KEYTYPEstr, params)) \
689 && TEST_ptr(key_##KEYTYPE = \
690 make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
691 #define FREE_DOMAIN_KEYS(KEYTYPE) \
692 EVP_PKEY_free(template_##KEYTYPE); \
693 EVP_PKEY_free(key_##KEYTYPE)
694
695 #define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr) \
696 static int test_unprotected_##KEYTYPE##_via_DER(void) \
697 { \
698 return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
699 } \
700 static int test_unprotected_##KEYTYPE##_via_PEM(void) \
701 { \
702 return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
703 } \
704 static int test_protected_##KEYTYPE##_via_DER(void) \
705 { \
706 return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE); \
707 } \
708 static int test_protected_##KEYTYPE##_via_PEM(void) \
709 { \
710 return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
711 } \
712 static int test_public_##KEYTYPE##_via_DER(void) \
713 { \
714 return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE); \
715 } \
716 static int test_public_##KEYTYPE##_via_PEM(void) \
717 { \
718 return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
719 }
720
721 #define ADD_TEST_SUITE(KEYTYPE) \
722 ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
723 ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
724 ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
725 ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
726 ADD_TEST(test_public_##KEYTYPE##_via_DER); \
727 ADD_TEST(test_public_##KEYTYPE##_via_PEM)
728
729 #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
730 static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
731 { \
732 return \
733 test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
734 } \
735 static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
736 { \
737 return \
738 test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
739 }
740
741 #define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
742 ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
743 ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
744
745 #ifndef OPENSSL_NO_DSA
746 # define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
747 static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
748 { \
749 return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
750 } \
751 static int test_public_##KEYTYPE##_via_MSBLOB(void) \
752 { \
753 return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
754 }
755
756 # define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
757 ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
758 ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
759
760 # ifndef OPENSSL_NO_RC4
761 # define IMPLEMENT_TEST_SUITE_PVK(KEYTYPE, KEYTYPEstr) \
762 static int test_unprotected_##KEYTYPE##_via_PVK(void) \
763 { \
764 return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
765 } \
766 static int test_protected_##KEYTYPE##_via_PVK(void) \
767 { \
768 return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
769 }
770
771 # define ADD_TEST_SUITE_PVK(KEYTYPE) \
772 ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK); \
773 ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
774 # endif
775 #endif
776
777 #ifndef OPENSSL_NO_DH
778 DOMAIN_KEYS(DH);
779 IMPLEMENT_TEST_SUITE(DH, "DH")
780 DOMAIN_KEYS(DHX);
781 IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH")
782 /*
783 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
784 * so no legacy tests.
785 */
786 #endif
787 #ifndef OPENSSL_NO_DSA
788 DOMAIN_KEYS(DSA);
789 IMPLEMENT_TEST_SUITE(DSA, "DSA")
790 IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
791 IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
792 # ifndef OPENSSL_NO_RC4
793 IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA")
794 # endif
795 #endif
796 #ifndef OPENSSL_NO_EC
797 DOMAIN_KEYS(EC);
798 IMPLEMENT_TEST_SUITE(EC, "EC")
799 IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
800 DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
801 IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC")
802 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
803 DOMAIN_KEYS(ECExplicitPrime2G);
804 IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC")
805 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
806 # ifndef OPENSSL_NO_EC2M
807 DOMAIN_KEYS(ECExplicitTriNamedCurve);
808 IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC")
809 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
810 DOMAIN_KEYS(ECExplicitTri2G);
811 IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC")
812 IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
813 # endif
814 KEYS(ED25519);
815 IMPLEMENT_TEST_SUITE(ED25519, "ED25519")
816 KEYS(ED448);
817 IMPLEMENT_TEST_SUITE(ED448, "ED448")
818 KEYS(X25519);
819 IMPLEMENT_TEST_SUITE(X25519, "X25519")
820 KEYS(X448);
821 IMPLEMENT_TEST_SUITE(X448, "X448")
822 /*
823 * ED25519, ED448, X25519 and X448 have no support for
824 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
825 */
826 #endif
827 KEYS(RSA);
828 IMPLEMENT_TEST_SUITE(RSA, "RSA")
829 IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
830 KEYS(RSA_PSS);
831 IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS")
832 /*
833 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
834 * so no legacy tests.
835 */
836 #ifndef OPENSSL_NO_DSA
837 IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
838 # ifndef OPENSSL_NO_RC4
839 IMPLEMENT_TEST_SUITE_PVK(RSA, "RSA")
840 # endif
841 #endif
842
843 #ifndef OPENSSL_NO_EC
844 /* Explicit parameters that match a named curve */
845 static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
846 const unsigned char *gen,
847 size_t gen_len)
848 {
849 BIGNUM *a, *b, *prime, *order;
850
851 /* Curve prime256v1 */
852 static const unsigned char prime_data[] = {
853 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
854 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
855 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
856 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
857 0xff
858 };
859 static const unsigned char a_data[] = {
860 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
861 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
862 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
863 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
864 0xfc
865 };
866 static const unsigned char b_data[] = {
867 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
868 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
869 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
870 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
871 };
872 static const unsigned char seed[] = {
873 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
874 0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
875 0x81, 0x9f, 0x7e, 0x90
876 };
877 static const unsigned char order_data[] = {
878 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
879 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
880 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
881 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
882 };
883 return TEST_ptr(a = BN_CTX_get(bnctx))
884 && TEST_ptr(b = BN_CTX_get(bnctx))
885 && TEST_ptr(prime = BN_CTX_get(bnctx))
886 && TEST_ptr(order = BN_CTX_get(bnctx))
887 && TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
888 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
889 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
890 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
891 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
892 OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
893 0))
894 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
895 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
896 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
897 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
898 OSSL_PKEY_PARAM_EC_ORDER, order))
899 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
900 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
901 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
902 OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
903 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
904 BN_value_one()));
905 }
906
907 static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
908 {
909 static const unsigned char prime256v1_gen[] = {
910 0x04,
911 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
912 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
913 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
914 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
915 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
916 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
917 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
918 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
919 };
920 return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
921 sizeof(prime256v1_gen));
922 }
923
924 static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
925 {
926 /* 2G */
927 static const unsigned char prime256v1_gen2[] = {
928 0x04,
929 0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
930 0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
931 0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
932 0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
933 0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
934 0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
935 0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
936 0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
937 };
938 return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
939 sizeof(prime256v1_gen2));
940 }
941
942 # ifndef OPENSSL_NO_EC2M
943 static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
944 const unsigned char *gen,
945 size_t gen_len)
946 {
947 BIGNUM *a, *b, *poly, *order, *cofactor;
948 /* sect233k1 characteristic-two-field tpBasis */
949 static const unsigned char poly_data[] = {
950 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
951 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
952 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
953 };
954 static const unsigned char a_data[] = {
955 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
956 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
957 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
958 };
959 static const unsigned char b_data[] = {
960 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
961 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
962 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
963 };
964 static const unsigned char order_data[] = {
965 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
966 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
967 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
968 };
969 static const unsigned char cofactor_data[]= {
970 0x4
971 };
972 return TEST_ptr(a = BN_CTX_get(bnctx))
973 && TEST_ptr(b = BN_CTX_get(bnctx))
974 && TEST_ptr(poly = BN_CTX_get(bnctx))
975 && TEST_ptr(order = BN_CTX_get(bnctx))
976 && TEST_ptr(cofactor = BN_CTX_get(bnctx))
977 && TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
978 && TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
979 && TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
980 && TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
981 && TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
982 && TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
983 OSSL_PKEY_PARAM_EC_FIELD_TYPE,
984 SN_X9_62_characteristic_two_field, 0))
985 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
986 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
987 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
988 && TEST_true(OSSL_PARAM_BLD_push_BN(bld,
989 OSSL_PKEY_PARAM_EC_ORDER, order))
990 && TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
991 OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
992 && TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
993 cofactor));
994 }
995
996 static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
997 {
998 static const unsigned char gen[] = {
999 0x04,
1000 0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1001 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1002 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1003 0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1004 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1005 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1006 };
1007 return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1008 }
1009
1010 static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1011 {
1012 static const unsigned char gen2[] = {
1013 0x04,
1014 0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1015 0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1016 0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1017 0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1018 0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1019 0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1020 };
1021 return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1022 }
1023 # endif /* OPENSSL_NO_EC2M */
1024 #endif /* OPENSSL_NO_EC */
1025
1026 int setup_tests(void)
1027 {
1028 int ok = 1;
1029
1030 #ifndef OPENSSL_NO_DSA
1031 static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1032 static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1033 OSSL_PARAM DSA_params[] = {
1034 OSSL_PARAM_size_t("pbits", &pbits),
1035 OSSL_PARAM_size_t("qbits", &qbits),
1036 OSSL_PARAM_END
1037 };
1038 #endif
1039
1040 #ifndef OPENSSL_NO_EC
1041 static char groupname[] = "prime256v1";
1042 OSSL_PARAM EC_params[] = {
1043 OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1044 OSSL_PARAM_END
1045 };
1046 #endif
1047
1048 /* 7 is the default magic number */
1049 static unsigned int rsapss_min_saltlen = 7;
1050 OSSL_PARAM RSA_PSS_params[] = {
1051 OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
1052 OSSL_PARAM_END
1053 };
1054
1055 #ifndef OPENSSL_NO_EC
1056 if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
1057 || !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1058 || !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1059 || !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1060 || !create_ec_explicit_prime_params(bld_prime)
1061 || !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1062 || !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1063 # ifndef OPENSSL_NO_EC2M
1064 || !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1065 || !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1066 || !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1067 || !create_ec_explicit_trinomial_params(bld_tri)
1068 || !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1069 || !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1070 # endif
1071 )
1072 return 0;
1073 #endif
1074
1075 TEST_info("Generating keys...");
1076
1077 #ifndef OPENSSL_NO_DH
1078 MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1079 MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1080 #endif
1081 #ifndef OPENSSL_NO_DSA
1082 MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1083 #endif
1084 #ifndef OPENSSL_NO_EC
1085 MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1086 MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1087 MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1088 # ifndef OPENSSL_NO_EC2M
1089 MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1090 MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1091 # endif
1092 MAKE_KEYS(ED25519, "ED25519", NULL);
1093 MAKE_KEYS(ED448, "ED448", NULL);
1094 MAKE_KEYS(X25519, "X25519", NULL);
1095 MAKE_KEYS(X448, "X448", NULL);
1096 #endif
1097 MAKE_KEYS(RSA, "RSA", NULL);
1098 MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
1099 TEST_info("Generating key... done");
1100
1101 if (ok) {
1102 #ifndef OPENSSL_NO_DH
1103 ADD_TEST_SUITE(DH);
1104 ADD_TEST_SUITE(DHX);
1105 /*
1106 * DH has no support for PEM_write_bio_PrivateKey_traditional(),
1107 * so no legacy tests.
1108 */
1109 #endif
1110 #ifndef OPENSSL_NO_DSA
1111 ADD_TEST_SUITE(DSA);
1112 ADD_TEST_SUITE_LEGACY(DSA);
1113 ADD_TEST_SUITE_MSBLOB(DSA);
1114 # ifndef OPENSSL_NO_RC4
1115 ADD_TEST_SUITE_PVK(DSA);
1116 # endif
1117 #endif
1118 #ifndef OPENSSL_NO_EC
1119 ADD_TEST_SUITE(EC);
1120 ADD_TEST_SUITE_LEGACY(EC);
1121 ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1122 ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1123 ADD_TEST_SUITE(ECExplicitPrime2G);
1124 ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1125 # ifndef OPENSSL_NO_EC2M
1126 ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1127 ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1128 ADD_TEST_SUITE(ECExplicitTri2G);
1129 ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1130 # endif
1131 ADD_TEST_SUITE(ED25519);
1132 ADD_TEST_SUITE(ED448);
1133 ADD_TEST_SUITE(X25519);
1134 ADD_TEST_SUITE(X448);
1135 /*
1136 * ED25519, ED448, X25519 and X448 have no support for
1137 * PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1138 */
1139 #endif
1140 ADD_TEST_SUITE(RSA);
1141 ADD_TEST_SUITE_LEGACY(RSA);
1142 ADD_TEST_SUITE(RSA_PSS);
1143 /*
1144 * RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1145 * so no legacy tests.
1146 */
1147 #ifndef OPENSSL_NO_DSA
1148 ADD_TEST_SUITE_MSBLOB(RSA);
1149 # ifndef OPENSSL_NO_RC4
1150 ADD_TEST_SUITE_PVK(RSA);
1151 # endif
1152 #endif
1153 }
1154
1155 return 1;
1156 }
1157
1158 void cleanup_tests(void)
1159 {
1160 #ifndef OPENSSL_NO_EC
1161 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_nc);
1162 OSSL_PARAM_BLD_free_params(ec_explicit_prime_params_explicit);
1163 OSSL_PARAM_BLD_free(bld_prime_nc);
1164 OSSL_PARAM_BLD_free(bld_prime);
1165 # ifndef OPENSSL_NO_EC2M
1166 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_nc);
1167 OSSL_PARAM_BLD_free_params(ec_explicit_tri_params_explicit);
1168 OSSL_PARAM_BLD_free(bld_tri_nc);
1169 OSSL_PARAM_BLD_free(bld_tri);
1170 # endif
1171 BN_CTX_free(bnctx);
1172 #endif /* OPENSSL_NO_EC */
1173
1174 #ifndef OPENSSL_NO_DH
1175 FREE_DOMAIN_KEYS(DH);
1176 FREE_DOMAIN_KEYS(DHX);
1177 #endif
1178 #ifndef OPENSSL_NO_DSA
1179 FREE_DOMAIN_KEYS(DSA);
1180 #endif
1181 #ifndef OPENSSL_NO_EC
1182 FREE_DOMAIN_KEYS(EC);
1183 FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1184 FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1185 # ifndef OPENSSL_NO_EC2M
1186 FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1187 FREE_DOMAIN_KEYS(ECExplicitTri2G);
1188 # endif
1189 FREE_KEYS(ED25519);
1190 FREE_KEYS(ED448);
1191 FREE_KEYS(X25519);
1192 FREE_KEYS(X448);
1193 #endif
1194 FREE_KEYS(RSA);
1195 FREE_KEYS(RSA_PSS);
1196 }
A mirror of the official openssl repository