]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix safestack issues in conf.h
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /* We need to use some deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <openssl/bio.h>
17 #include <openssl/conf.h>
18 #include <openssl/crypto.h>
19 #include <openssl/err.h>
20 #include <openssl/evp.h>
21 #include <openssl/rsa.h>
22 #include <openssl/x509.h>
23 #include <openssl/pem.h>
24 #include <openssl/kdf.h>
25 #include <openssl/provider.h>
26 #include <openssl/core_names.h>
27 #include <openssl/params.h>
28 #include <openssl/dsa.h>
29 #include <openssl/dh.h>
30 #include <openssl/aes.h>
31 #include "testutil.h"
32 #include "internal/nelem.h"
33 #include "internal/sizes.h"
34 #include "crypto/evp.h"
35 #include "../e_os.h" /* strcasecmp */
36
37 #ifndef OPENSSL_NO_SM2
38 /*
39 * TODO(3.0) remove when provider SM2 keymgmt is implemented and
40 * EVP_PKEY_set_alias_type() works with provider-native keys.
41 */
42 # define TMP_SM2_HACK
43 #endif
44
45 static OPENSSL_CTX *testctx = NULL;
46
47 /*
48 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
49 * should never use this key anywhere but in an example.
50 */
51 static const unsigned char kExampleRSAKeyDER[] = {
52 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
53 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
54 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
55 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
56 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
57 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
58 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
59 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
60 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
61 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
62 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
63 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
64 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
65 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
66 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
67 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
68 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
69 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
70 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
71 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
72 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
73 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
74 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
75 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
76 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
77 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
78 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
79 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
80 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
81 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
82 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
83 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
84 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
85 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
86 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
87 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
88 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
89 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
90 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
91 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
92 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
93 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
94 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
95 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
96 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
97 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
98 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
99 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
100 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
101 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
102 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
103 };
104
105 /*
106 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
107 * should never use this key anywhere but in an example.
108 */
109 #ifndef OPENSSL_NO_DSA
110 static const unsigned char kExampleDSAKeyDER[] = {
111 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
112 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
113 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
114 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
115 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
116 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
117 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
118 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
119 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
120 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
121 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
122 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
123 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
124 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
125 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
126 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
127 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
128 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
129 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
130 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
131 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
132 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
133 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
134 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
135 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
136 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
137 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
138 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
139 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
140 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
141 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
142 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
143 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
144 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
145 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
146 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
147 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
148 0x40, 0x48
149 };
150 #endif
151
152 /*
153 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
154 * components are not correct.
155 */
156 static const unsigned char kExampleBadRSAKeyDER[] = {
157 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
158 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
159 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
160 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
161 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
162 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
163 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
164 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
165 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
166 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
167 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
168 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
169 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
170 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
171 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
172 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
173 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
174 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
175 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
176 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
177 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
178 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
179 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
180 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
181 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
182 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
183 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
184 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
185 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
186 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
187 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
188 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
189 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
190 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
191 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
192 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
193 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
194 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
195 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
196 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
197 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
198 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
199 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
200 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
201 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
202 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
203 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
204 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
205 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
206 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
207 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
208 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
209 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
210 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
211 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
212 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
213 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
214 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
215 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
216 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
217 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
218 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
219 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
220 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
221 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
222 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
223 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
224 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
225 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
226 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
227 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
228 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
229 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
230 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
231 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
232 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
233 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
234 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
235 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
236 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
237 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
238 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
239 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
240 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
241 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
242 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
243 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
244 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
245 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
246 };
247
248 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
249
250 static const unsigned char kSignature[] = {
251 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
252 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
253 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
254 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
255 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
256 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
257 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
258 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
259 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
260 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
261 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
262 };
263
264 /*
265 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
266 * PrivateKeyInfo.
267 */
268 static const unsigned char kExampleRSAKeyPKCS8[] = {
269 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
270 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
271 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
272 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
273 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
274 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
275 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
276 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
277 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
278 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
279 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
280 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
281 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
282 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
283 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
284 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
285 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
286 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
287 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
288 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
289 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
290 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
291 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
292 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
293 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
294 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
295 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
296 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
297 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
298 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
299 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
300 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
301 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
302 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
303 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
304 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
305 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
306 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
307 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
308 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
309 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
310 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
311 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
312 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
313 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
314 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
315 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
316 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
317 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
318 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
319 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
320 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
321 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
322 };
323
324 #ifndef OPENSSL_NO_EC
325 /*
326 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
327 * structure.
328 */
329 static const unsigned char kExampleECKeyDER[] = {
330 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
331 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
332 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
333 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
334 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
335 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
336 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
337 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
338 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
339 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
340 0xc1,
341 };
342
343 /*
344 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
345 * structure. The private key is equal to the order and will fail to import
346 */
347 static const unsigned char kExampleBadECKeyDER[] = {
348 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
349 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
350 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
351 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
352 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
353 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
354 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
355 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
356 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
357 };
358
359 /* prime256v1 */
360 static const unsigned char kExampleECPubKeyDER[] = {
361 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
362 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
363 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
364 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
365 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
366 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
367 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
368 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
369 };
370
371 /*
372 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
373 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
374 */
375 static const unsigned char kExampleBadECPubKeyDER[] = {
376 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
377 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
378 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
379 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
380 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
381 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
382 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
383 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
384 };
385
386 static const unsigned char pExampleECParamDER[] = {
387 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
388 };
389 #endif
390
391 typedef struct APK_DATA_st {
392 const unsigned char *kder;
393 size_t size;
394 int evptype;
395 int check;
396 int pub_check;
397 int param_check;
398 int type; /* 0 for private, 1 for public, 2 for params */
399 } APK_DATA;
400
401 static APK_DATA keydata[] = {
402 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
403 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
404 #ifndef OPENSSL_NO_EC
405 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
406 #endif
407 };
408
409 static APK_DATA keycheckdata[] = {
410 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
411 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
412 0, -2, -2, 0},
413 #ifndef OPENSSL_NO_EC
414 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
415 /* group is also associated in our pub key */
416 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
417 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
418 #endif
419 };
420
421 static EVP_PKEY *load_example_rsa_key(void)
422 {
423 EVP_PKEY *ret = NULL;
424 const unsigned char *derp = kExampleRSAKeyDER;
425 EVP_PKEY *pkey = NULL;
426 RSA *rsa = NULL;
427
428 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
429 return NULL;
430
431 if (!TEST_ptr(pkey = EVP_PKEY_new())
432 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
433 goto end;
434
435 ret = pkey;
436 pkey = NULL;
437
438 end:
439 EVP_PKEY_free(pkey);
440 RSA_free(rsa);
441
442 return ret;
443 }
444
445 #ifndef OPENSSL_NO_DSA
446 static EVP_PKEY *load_example_dsa_key(void)
447 {
448 EVP_PKEY *ret = NULL;
449 const unsigned char *derp = kExampleDSAKeyDER;
450 EVP_PKEY *pkey = NULL;
451 DSA *dsa = NULL;
452
453 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
454 return NULL;
455
456 if (!TEST_ptr(pkey = EVP_PKEY_new())
457 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
458 goto end;
459
460 ret = pkey;
461 pkey = NULL;
462
463 end:
464 EVP_PKEY_free(pkey);
465 DSA_free(dsa);
466
467 return ret;
468 }
469 #endif
470
471 static EVP_PKEY *load_example_hmac_key(void)
472 {
473 EVP_PKEY *pkey = NULL;
474 unsigned char key[] = {
475 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
476 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
477 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
478 };
479
480 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
481 if (!TEST_ptr(pkey))
482 return NULL;
483
484 return pkey;
485 }
486
487 static int test_EVP_set_default_properties(void)
488 {
489 OPENSSL_CTX *ctx;
490 EVP_MD *md = NULL;
491 int res = 0;
492
493 if (!TEST_ptr(ctx = OPENSSL_CTX_new())
494 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
495 goto err;
496 EVP_MD_free(md);
497 md = NULL;
498
499 if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
500 || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
501 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
502 goto err;
503 EVP_MD_free(md);
504 md = NULL;
505
506 if (!TEST_true(EVP_set_default_properties(ctx, NULL))
507 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
508 goto err;
509 res = 1;
510 err:
511 EVP_MD_free(md);
512 OPENSSL_CTX_free(ctx);
513 return res;
514 }
515
516 static int test_EVP_Enveloped(void)
517 {
518 int ret = 0;
519 EVP_CIPHER_CTX *ctx = NULL;
520 EVP_PKEY *keypair = NULL;
521 unsigned char *kek = NULL;
522 unsigned char iv[EVP_MAX_IV_LENGTH];
523 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
524 int len, kek_len, ciphertext_len, plaintext_len;
525 unsigned char ciphertext[32], plaintext[16];
526 const EVP_CIPHER *type = EVP_aes_256_cbc();
527
528 if (!TEST_ptr(keypair = load_example_rsa_key())
529 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
530 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
531 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
532 &keypair, 1))
533 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
534 msg, sizeof(msg)))
535 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
536 &len)))
537 goto err;
538
539 ciphertext_len += len;
540
541 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
542 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
543 ciphertext, ciphertext_len))
544 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
545 goto err;
546
547 plaintext_len += len;
548 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
549 goto err;
550
551 ret = 1;
552 err:
553 OPENSSL_free(kek);
554 EVP_PKEY_free(keypair);
555 EVP_CIPHER_CTX_free(ctx);
556 return ret;
557 }
558
559 /*
560 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
561 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
562 * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
563 * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
564 * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
565 * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
566 * Test 6: Use an MD BIO to do the Update calls instead (RSA)
567 * Test 7: Use an MD BIO to do the Update calls instead (DSA)
568 * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
569 */
570 static int test_EVP_DigestSignInit(int tst)
571 {
572 int ret = 0;
573 EVP_PKEY *pkey = NULL;
574 unsigned char *sig = NULL;
575 size_t sig_len = 0;
576 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
577 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
578 BIO *mdbio = NULL, *membio = NULL;
579 size_t written;
580 const EVP_MD *md;
581 EVP_MD *mdexp = NULL;
582
583 if (tst >= 6) {
584 membio = BIO_new(BIO_s_mem());
585 mdbio = BIO_new(BIO_f_md());
586 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
587 goto out;
588 BIO_push(mdbio, membio);
589 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
590 goto out;
591 } else {
592 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
593 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
594 goto out;
595 }
596
597 if (tst == 0 || tst == 3 || tst == 6) {
598 if (!TEST_ptr(pkey = load_example_rsa_key()))
599 goto out;
600 } else if (tst == 1 || tst == 4 || tst == 7) {
601 #ifndef OPENSSL_NO_DSA
602 if (!TEST_ptr(pkey = load_example_dsa_key()))
603 goto out;
604 #else
605 ret = 1;
606 goto out;
607 #endif
608 } else {
609 if (!TEST_ptr(pkey = load_example_hmac_key()))
610 goto out;
611 }
612
613 if (tst >= 3 && tst <= 5)
614 md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
615 else
616 md = EVP_sha256();
617
618 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
619 goto out;
620
621 if (tst >= 6) {
622 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
623 goto out;
624 } else {
625 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
626 goto out;
627 }
628
629 /* Determine the size of the signature. */
630 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
631 || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
632 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
633 goto out;
634
635 if (tst >= 6) {
636 if (!TEST_int_gt(BIO_reset(mdbio), 0)
637 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
638 goto out;
639 }
640
641 /*
642 * Ensure that the signature round-trips (Verification isn't supported for
643 * HMAC via EVP_DigestVerify*)
644 */
645 if (tst != 2 && tst != 5 && tst != 8) {
646 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
647 NULL, pkey)))
648 goto out;
649
650 if (tst >= 6) {
651 if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
652 goto out;
653 } else {
654 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
655 sizeof(kMsg))))
656 goto out;
657 }
658 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
659 goto out;
660 }
661
662 ret = 1;
663
664 out:
665 BIO_free(membio);
666 BIO_free(mdbio);
667 EVP_MD_CTX_free(a_md_ctx);
668 EVP_MD_CTX_free(a_md_ctx_verify);
669 EVP_PKEY_free(pkey);
670 OPENSSL_free(sig);
671 EVP_MD_free(mdexp);
672
673 return ret;
674 }
675
676 static int test_EVP_DigestVerifyInit(void)
677 {
678 int ret = 0;
679 EVP_PKEY *pkey = NULL;
680 EVP_MD_CTX *md_ctx = NULL;
681
682 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
683 || !TEST_ptr(pkey = load_example_rsa_key()))
684 goto out;
685
686 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
687 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
688 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
689 sizeof(kSignature))))
690 goto out;
691 ret = 1;
692
693 out:
694 EVP_MD_CTX_free(md_ctx);
695 EVP_PKEY_free(pkey);
696 return ret;
697 }
698
699 static int test_d2i_AutoPrivateKey(int i)
700 {
701 int ret = 0;
702 const unsigned char *p;
703 EVP_PKEY *pkey = NULL;
704 const APK_DATA *ak = &keydata[i];
705 const unsigned char *input = ak->kder;
706 size_t input_len = ak->size;
707 int expected_id = ak->evptype;
708
709 p = input;
710 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
711 || !TEST_ptr_eq(p, input + input_len)
712 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
713 goto done;
714
715 ret = 1;
716
717 done:
718 EVP_PKEY_free(pkey);
719 return ret;
720 }
721
722 #ifndef OPENSSL_NO_EC
723
724 static const unsigned char ec_public_sect163k1_validxy[] = {
725 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
726 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
727 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
728 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
729 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
730 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
731 };
732
733 static const unsigned char ec_public_sect163k1_badx[] = {
734 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
735 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
736 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
737 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
738 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
739 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
740 };
741
742 static const unsigned char ec_public_sect163k1_bady[] = {
743 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
744 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
745 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
746 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
747 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
748 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
749 };
750
751 static struct ec_der_pub_keys_st {
752 const unsigned char *der;
753 size_t len;
754 int valid;
755 } ec_der_pub_keys[] = {
756 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
757 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
758 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
759 };
760
761 /*
762 * Tests the range of the decoded EC char2 public point.
763 * See ec_GF2m_simple_oct2point().
764 */
765 static int test_invalide_ec_char2_pub_range_decode(int id)
766 {
767 int ret = 0;
768 BIO *bio = NULL;
769 EC_KEY *eckey = NULL;
770
771 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
772 ec_der_pub_keys[id].len)))
773 goto err;
774 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
775 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
776 || TEST_ptr_null(eckey);
777 err:
778 EC_KEY_free(eckey);
779 BIO_free(bio);
780 return ret;
781 }
782
783 /* Tests loading a bad key in PKCS8 format */
784 static int test_EVP_PKCS82PKEY(void)
785 {
786 int ret = 0;
787 const unsigned char *derp = kExampleBadECKeyDER;
788 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
789 EVP_PKEY *pkey = NULL;
790
791 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
792 sizeof(kExampleBadECKeyDER))))
793 goto done;
794
795 if (!TEST_ptr_eq(derp,
796 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
797 goto done;
798
799 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
800 goto done;
801
802 ret = 1;
803
804 done:
805 PKCS8_PRIV_KEY_INFO_free(p8inf);
806 EVP_PKEY_free(pkey);
807
808 return ret;
809 }
810 #endif
811
812 /* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */
813 static int test_privatekey_to_pkcs8(void)
814 {
815 EVP_PKEY *pkey = NULL;
816 BIO *membio = NULL;
817 char *membuf = NULL;
818 long membuf_len = 0;
819 int ok = 0;
820
821 if (!TEST_ptr(membio = BIO_new(BIO_s_mem()))
822 || !TEST_ptr(pkey = load_example_rsa_key())
823 || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL,
824 NULL, 0, NULL, NULL),
825 0)
826 || !TEST_int_gt(membuf_len = BIO_get_mem_data(membio, &membuf), 0)
827 || !TEST_ptr(membuf)
828 || !TEST_mem_eq(membuf, (size_t)membuf_len,
829 kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8))
830 /*
831 * We try to write PEM as well, just to see that it doesn't err, but
832 * assume that the result is correct.
833 */
834 || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL,
835 NULL, 0, NULL, NULL),
836 0))
837 goto done;
838
839 ok = 1;
840 done:
841 EVP_PKEY_free(pkey);
842 BIO_free_all(membio);
843 return ok;
844 }
845
846 #ifndef OPENSSL_NO_EC
847 static const struct {
848 int encoding;
849 const char *encoding_name;
850 } ec_encodings[] = {
851 { OPENSSL_EC_EXPLICIT_CURVE, OSSL_PKEY_EC_ENCODING_EXPLICIT },
852 { OPENSSL_EC_NAMED_CURVE, OSSL_PKEY_EC_ENCODING_GROUP }
853 };
854
855 static int ec_export_get_encoding_cb(const OSSL_PARAM params[], void *arg)
856 {
857 const OSSL_PARAM *p;
858 const char *enc_name = NULL;
859 int *enc = arg;
860 size_t i;
861
862 *enc = -1;
863
864 if (!TEST_ptr(p = OSSL_PARAM_locate_const(params,
865 OSSL_PKEY_PARAM_EC_ENCODING))
866 || !TEST_true(OSSL_PARAM_get_utf8_string_ptr(p, &enc_name)))
867 return 0;
868
869 for (i = 0; i < OSSL_NELEM(ec_encodings); i++) {
870 if (strcasecmp(enc_name, ec_encodings[i].encoding_name) == 0) {
871 *enc = ec_encodings[i].encoding;
872 break;
873 }
874 }
875
876 return (*enc != -1);
877 }
878
879 static int test_EC_keygen_with_enc(int idx)
880 {
881 EVP_PKEY *params = NULL, *key = NULL;
882 EVP_PKEY_CTX *pctx = NULL, *kctx = NULL;
883 int enc;
884 int ret = 0;
885
886 enc = ec_encodings[idx].encoding;
887
888 /* Create key parameters */
889 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "EC", NULL))
890 || !TEST_true(EVP_PKEY_paramgen_init(pctx))
891 || !TEST_true(EVP_PKEY_CTX_set_group_name(pctx, "P-256"))
892 || !TEST_true(EVP_PKEY_CTX_set_ec_param_enc(pctx, enc))
893 || !TEST_true(EVP_PKEY_paramgen(pctx, &params))
894 || !TEST_ptr(params))
895 goto done;
896
897 /* Create key */
898 if (!TEST_ptr(kctx = EVP_PKEY_CTX_new_from_pkey(testctx, params, NULL))
899 || !TEST_true(EVP_PKEY_keygen_init(kctx))
900 || !TEST_true(EVP_PKEY_keygen(kctx, &key))
901 || !TEST_ptr(key))
902 goto done;
903
904 /* Check that the encoding got all the way into the key */
905 if (!TEST_true(evp_keymgmt_util_export(key, OSSL_KEYMGMT_SELECT_ALL,
906 ec_export_get_encoding_cb, &enc))
907 || !TEST_int_eq(enc, ec_encodings[idx].encoding))
908 goto done;
909
910 ret = 1;
911 done:
912 EVP_PKEY_free(key);
913 EVP_PKEY_free(params);
914 EVP_PKEY_CTX_free(kctx);
915 EVP_PKEY_CTX_free(pctx);
916 return ret;
917 }
918 #endif
919
920 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
921
922 static int test_EVP_SM2_verify(void)
923 {
924 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
925 const char *pubkey =
926 "-----BEGIN PUBLIC KEY-----\n"
927 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
928 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
929 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
930 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
931 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
932 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
933 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
934 "-----END PUBLIC KEY-----\n";
935
936 const char *msg = "message digest";
937 const char *id = "ALICE123@YAHOO.COM";
938
939 const uint8_t signature[] = {
940 0x30, 0x44, 0x02, 0x20,
941
942 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
943 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
944 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
945
946 0x02, 0x20,
947
948 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
949 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
950 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
951 };
952
953 int rc = 0;
954 BIO *bio = NULL;
955 EVP_PKEY *pkey = NULL;
956 EVP_MD_CTX *mctx = NULL;
957 EVP_PKEY_CTX *pctx = NULL;
958
959 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
960 if (!TEST_true(bio != NULL))
961 goto done;
962
963 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
964 if (!TEST_true(pkey != NULL))
965 goto done;
966
967 #ifdef TMP_SM2_HACK
968 if (!TEST_ptr(EVP_PKEY_get0(pkey)))
969 goto done;
970 #endif
971
972 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
973 goto done;
974
975 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
976 goto done;
977
978 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
979 goto done;
980
981 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
982 strlen(id)), 0))
983 goto done;
984
985 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
986
987 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
988 goto done;
989
990 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
991 goto done;
992
993 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
994 goto done;
995 rc = 1;
996
997 done:
998 BIO_free(bio);
999 EVP_PKEY_free(pkey);
1000 EVP_PKEY_CTX_free(pctx);
1001 EVP_MD_CTX_free(mctx);
1002 return rc;
1003 }
1004
1005 static int test_EVP_SM2(void)
1006 {
1007 int ret = 0;
1008 EVP_PKEY *pkey = NULL;
1009 EVP_PKEY *params = NULL;
1010 EVP_PKEY_CTX *pctx = NULL;
1011 EVP_PKEY_CTX *kctx = NULL;
1012 EVP_PKEY_CTX *sctx = NULL;
1013 size_t sig_len = 0;
1014 unsigned char *sig = NULL;
1015 EVP_MD_CTX *md_ctx = NULL;
1016 EVP_MD_CTX *md_ctx_verify = NULL;
1017 EVP_PKEY_CTX *cctx = NULL;
1018
1019 uint8_t ciphertext[128];
1020 size_t ctext_len = sizeof(ciphertext);
1021
1022 uint8_t plaintext[8];
1023 size_t ptext_len = sizeof(plaintext);
1024
1025 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
1026
1027 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
1028 if (!TEST_ptr(pctx))
1029 goto done;
1030
1031 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
1032 goto done;
1033
1034 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
1035 goto done;
1036
1037 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
1038 goto done;
1039
1040 kctx = EVP_PKEY_CTX_new(params, NULL);
1041 if (!TEST_ptr(kctx))
1042 goto done;
1043
1044 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
1045 goto done;
1046
1047 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
1048 goto done;
1049
1050 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
1051 goto done;
1052
1053 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
1054 goto done;
1055
1056 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
1057 goto done;
1058
1059 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
1060 goto done;
1061
1062 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
1063 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
1064
1065 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1066 goto done;
1067
1068 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
1069 goto done;
1070
1071 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
1072 goto done;
1073
1074 /* Determine the size of the signature. */
1075 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
1076 goto done;
1077
1078 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
1079 goto done;
1080
1081 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
1082 goto done;
1083
1084 /* Ensure that the signature round-trips. */
1085
1086 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
1087 goto done;
1088
1089 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
1090 goto done;
1091
1092 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
1093 goto done;
1094
1095 /* now check encryption/decryption */
1096
1097 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
1098 goto done;
1099
1100 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
1101 goto done;
1102
1103 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
1104 goto done;
1105
1106 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
1107 goto done;
1108
1109 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
1110 goto done;
1111
1112 if (!TEST_true(ptext_len == sizeof(kMsg)))
1113 goto done;
1114
1115 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
1116 goto done;
1117
1118 ret = 1;
1119 done:
1120 EVP_PKEY_CTX_free(pctx);
1121 EVP_PKEY_CTX_free(kctx);
1122 EVP_PKEY_CTX_free(sctx);
1123 EVP_PKEY_CTX_free(cctx);
1124 EVP_PKEY_free(pkey);
1125 EVP_PKEY_free(params);
1126 EVP_MD_CTX_free(md_ctx);
1127 EVP_MD_CTX_free(md_ctx_verify);
1128 OPENSSL_free(sig);
1129 return ret;
1130 }
1131
1132 #endif
1133
1134 static struct keys_st {
1135 int type;
1136 char *priv;
1137 char *pub;
1138 } keys[] = {
1139 {
1140 EVP_PKEY_HMAC, "0123456789", NULL
1141 }, {
1142 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
1143 }, {
1144 EVP_PKEY_SIPHASH, "0123456789012345", NULL
1145 },
1146 #ifndef OPENSSL_NO_EC
1147 {
1148 EVP_PKEY_X25519, "01234567890123456789012345678901",
1149 "abcdefghijklmnopqrstuvwxyzabcdef"
1150 }, {
1151 EVP_PKEY_ED25519, "01234567890123456789012345678901",
1152 "abcdefghijklmnopqrstuvwxyzabcdef"
1153 }, {
1154 EVP_PKEY_X448,
1155 "01234567890123456789012345678901234567890123456789012345",
1156 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
1157 }, {
1158 EVP_PKEY_ED448,
1159 "012345678901234567890123456789012345678901234567890123456",
1160 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
1161 }
1162 #endif
1163 };
1164
1165 static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
1166 {
1167 int ret = 0;
1168 unsigned char buf[80];
1169 unsigned char *in;
1170 size_t inlen, len = 0;
1171 EVP_PKEY *pkey;
1172
1173 /* Check if this algorithm supports public keys */
1174 if (keys[tst].pub == NULL)
1175 return 1;
1176
1177 memset(buf, 0, sizeof(buf));
1178
1179 if (pub) {
1180 inlen = strlen(keys[tst].pub);
1181 in = (unsigned char *)keys[tst].pub;
1182 if (uselibctx) {
1183 pkey = EVP_PKEY_new_raw_public_key_with_libctx(
1184 testctx,
1185 OBJ_nid2sn(keys[tst].type),
1186 NULL,
1187 in,
1188 inlen);
1189 } else {
1190 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
1191 NULL,
1192 in,
1193 inlen);
1194 }
1195 } else {
1196 inlen = strlen(keys[tst].priv);
1197 in = (unsigned char *)keys[tst].priv;
1198 if (uselibctx) {
1199 pkey = EVP_PKEY_new_raw_private_key_with_libctx(
1200 testctx, OBJ_nid2sn(keys[tst].type),
1201 NULL,
1202 in,
1203 inlen);
1204 } else {
1205 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1206 NULL,
1207 in,
1208 inlen);
1209 }
1210 }
1211
1212 if (!TEST_ptr(pkey)
1213 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1214 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1215 || !TEST_true(len == inlen)
1216 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1217 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1218 || !TEST_mem_eq(in, inlen, buf, len))
1219 goto done;
1220
1221 ret = 1;
1222 done:
1223 EVP_PKEY_free(pkey);
1224 return ret;
1225 }
1226
1227 static int test_set_get_raw_keys(int tst)
1228 {
1229 return test_set_get_raw_keys_int(tst, 0, 0)
1230 && test_set_get_raw_keys_int(tst, 0, 1)
1231 && test_set_get_raw_keys_int(tst, 1, 0)
1232 && test_set_get_raw_keys_int(tst, 1, 1);
1233 }
1234
1235 #ifndef OPENSSL_NO_DEPRECATED_3_0
1236 static int pkey_custom_check(EVP_PKEY *pkey)
1237 {
1238 return 0xbeef;
1239 }
1240
1241 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1242 {
1243 return 0xbeef;
1244 }
1245
1246 static int pkey_custom_param_check(EVP_PKEY *pkey)
1247 {
1248 return 0xbeef;
1249 }
1250
1251 static EVP_PKEY_METHOD *custom_pmeth;
1252 #endif
1253
1254 static int test_EVP_PKEY_check(int i)
1255 {
1256 int ret = 0;
1257 const unsigned char *p;
1258 EVP_PKEY *pkey = NULL;
1259 #ifndef OPENSSL_NO_EC
1260 EC_KEY *eckey = NULL;
1261 #endif
1262 EVP_PKEY_CTX *ctx = NULL;
1263 #ifndef OPENSSL_NO_DEPRECATED_3_0
1264 EVP_PKEY_CTX *ctx2 = NULL;
1265 #endif
1266 const APK_DATA *ak = &keycheckdata[i];
1267 const unsigned char *input = ak->kder;
1268 size_t input_len = ak->size;
1269 int expected_id = ak->evptype;
1270 int expected_check = ak->check;
1271 int expected_pub_check = ak->pub_check;
1272 int expected_param_check = ak->param_check;
1273 int type = ak->type;
1274 BIO *pubkey = NULL;
1275
1276 p = input;
1277
1278 switch (type) {
1279 case 0:
1280 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1281 || !TEST_ptr_eq(p, input + input_len)
1282 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1283 goto done;
1284 break;
1285 #ifndef OPENSSL_NO_EC
1286 case 1:
1287 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1288 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1289 || !TEST_ptr(pkey = EVP_PKEY_new())
1290 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1291 goto done;
1292 break;
1293 case 2:
1294 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1295 || !TEST_ptr_eq(p, input + input_len)
1296 || !TEST_ptr(pkey = EVP_PKEY_new())
1297 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1298 goto done;
1299 break;
1300 #endif
1301 default:
1302 return 0;
1303 }
1304
1305 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1306 goto done;
1307
1308 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1309 goto done;
1310
1311 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1312 goto done;
1313
1314 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1315 goto done;
1316
1317 #ifndef OPENSSL_NO_DEPRECATED_3_0
1318 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1319 /* assign the pkey directly, as an internal test */
1320 EVP_PKEY_up_ref(pkey);
1321 ctx2->pkey = pkey;
1322
1323 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1324 goto done;
1325
1326 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1327 goto done;
1328
1329 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1330 goto done;
1331 #endif
1332
1333 ret = 1;
1334
1335 done:
1336 EVP_PKEY_CTX_free(ctx);
1337 #ifndef OPENSSL_NO_DEPRECATED_3_0
1338 EVP_PKEY_CTX_free(ctx2);
1339 #endif
1340 EVP_PKEY_free(pkey);
1341 BIO_free(pubkey);
1342 return ret;
1343 }
1344
1345 #ifndef OPENSSL_NO_CMAC
1346 static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
1347 {
1348 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
1349 const char msg[] = "Hello World";
1350 size_t maclen;
1351 int ret = 1;
1352
1353 if (!TEST_ptr(mdctx)
1354 || !TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey))
1355 || !TEST_true(EVP_DigestSignUpdate(mdctx, msg, sizeof(msg)))
1356 || !TEST_true(EVP_DigestSignFinal(mdctx, mac, &maclen))
1357 || !TEST_size_t_eq(maclen, AES_BLOCK_SIZE))
1358 ret = 0;
1359
1360 EVP_MD_CTX_free(mdctx);
1361
1362 return ret;
1363 }
1364 static int test_CMAC_keygen(void)
1365 {
1366 static unsigned char key[] = {
1367 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1368 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1369 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
1370 };
1371 /*
1372 * This is a legacy method for CMACs, but should still work.
1373 * This verifies that it works without an ENGINE.
1374 */
1375 EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
1376 int ret = 0;
1377 EVP_PKEY *pkey = NULL;
1378 unsigned char mac[AES_BLOCK_SIZE], mac2[AES_BLOCK_SIZE];
1379
1380 /* Test a CMAC key created using the "generated" method */
1381 if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1382 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1383 EVP_PKEY_CTRL_CIPHER,
1384 0, (void *)EVP_aes_256_ecb()), 0)
1385 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1386 EVP_PKEY_CTRL_SET_MAC_KEY,
1387 sizeof(key), (void *)key), 0)
1388 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)
1389 || !TEST_ptr(pkey)
1390 || !TEST_true(get_cmac_val(pkey, mac)))
1391 goto done;
1392
1393 EVP_PKEY_free(pkey);
1394
1395 /*
1396 * Test a CMAC key using the direct method, and compare with the mac
1397 * created above.
1398 */
1399 pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), EVP_aes_256_ecb());
1400 if (!TEST_ptr(pkey)
1401 || !TEST_true(get_cmac_val(pkey, mac2))
1402 || !TEST_mem_eq(mac, sizeof(mac), mac2, sizeof(mac2)))
1403 goto done;
1404
1405 ret = 1;
1406
1407 done:
1408 EVP_PKEY_free(pkey);
1409 EVP_PKEY_CTX_free(kctx);
1410 return ret;
1411 }
1412 #endif
1413
1414 static int test_HKDF(void)
1415 {
1416 EVP_PKEY_CTX *pctx;
1417 unsigned char out[20];
1418 size_t outlen;
1419 int i, ret = 0;
1420 unsigned char salt[] = "0123456789";
1421 unsigned char key[] = "012345678901234567890123456789";
1422 unsigned char info[] = "infostring";
1423 const unsigned char expected[] = {
1424 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1425 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1426 };
1427 size_t expectedlen = sizeof(expected);
1428
1429 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1430 goto done;
1431
1432 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1433 for (i = 0; i < 2; i++) {
1434 outlen = sizeof(out);
1435 memset(out, 0, outlen);
1436
1437 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1438 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1439 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1440 sizeof(salt) - 1), 0)
1441 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1442 sizeof(key) - 1), 0)
1443 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1444 sizeof(info) - 1), 0)
1445 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1446 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1447 goto done;
1448 }
1449
1450 ret = 1;
1451
1452 done:
1453 EVP_PKEY_CTX_free(pctx);
1454
1455 return ret;
1456 }
1457
1458 static int test_emptyikm_HKDF(void)
1459 {
1460 EVP_PKEY_CTX *pctx;
1461 unsigned char out[20];
1462 size_t outlen;
1463 int ret = 0;
1464 unsigned char salt[] = "9876543210";
1465 unsigned char key[] = "";
1466 unsigned char info[] = "stringinfo";
1467 const unsigned char expected[] = {
1468 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47,
1469 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30
1470 };
1471 size_t expectedlen = sizeof(expected);
1472
1473 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1474 goto done;
1475
1476 outlen = sizeof(out);
1477 memset(out, 0, outlen);
1478
1479 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1480 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1481 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1482 sizeof(salt) - 1), 0)
1483 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1484 sizeof(key) - 1), 0)
1485 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1486 sizeof(info) - 1), 0)
1487 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1488 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1489 goto done;
1490
1491 ret = 1;
1492
1493 done:
1494 EVP_PKEY_CTX_free(pctx);
1495
1496 return ret;
1497 }
1498
1499 #ifndef OPENSSL_NO_EC
1500 static int test_X509_PUBKEY_inplace(void)
1501 {
1502 int ret = 0;
1503 X509_PUBKEY *xp = NULL;
1504 const unsigned char *p = kExampleECPubKeyDER;
1505 size_t input_len = sizeof(kExampleECPubKeyDER);
1506
1507 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1508 goto done;
1509
1510 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1511 goto done;
1512
1513 p = kExampleBadECPubKeyDER;
1514 input_len = sizeof(kExampleBadECPubKeyDER);
1515
1516 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1517 goto done;
1518
1519 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1520 goto done;
1521
1522 ret = 1;
1523
1524 done:
1525 X509_PUBKEY_free(xp);
1526 return ret;
1527 }
1528 #endif /* OPENSSL_NO_EC */
1529
1530 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1531 static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
1532 {
1533 EVP_MD_CTX *mdctx = NULL;
1534 EVP_PKEY_CTX *ctx = NULL;
1535 const OSSL_PARAM *params;
1536 OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
1537 int ret = 0;
1538 const EVP_MD *md;
1539 char mdname[OSSL_MAX_NAME_SIZE];
1540 char ssl3ms[48];
1541
1542 /* Initialise a sign operation */
1543 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1544 if (!TEST_ptr(ctx)
1545 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1546 goto err;
1547
1548 /*
1549 * We should be able to query the parameters now.
1550 */
1551 params = EVP_PKEY_CTX_settable_params(ctx);
1552 if (!TEST_ptr(params)
1553 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1554 OSSL_SIGNATURE_PARAM_DIGEST)))
1555 goto err;
1556
1557 params = EVP_PKEY_CTX_gettable_params(ctx);
1558 if (!TEST_ptr(params)
1559 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1560 OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
1561 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1562 OSSL_SIGNATURE_PARAM_DIGEST)))
1563 goto err;
1564
1565 /*
1566 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1567 * EVP_PKEY_CTX_get_params()
1568 */
1569 strcpy(mdname, "SHA512");
1570 param_md = param;
1571 *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1572 mdname, 0);
1573 *param++ = OSSL_PARAM_construct_end();
1574
1575 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1576 goto err;
1577
1578 mdname[0] = '\0';
1579 *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1580 mdname, sizeof(mdname));
1581 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1582 || !TEST_str_eq(mdname, "SHA512"))
1583 goto err;
1584
1585 /*
1586 * Test the TEST_PKEY_CTX_set_signature_md() and
1587 * TEST_PKEY_CTX_get_signature_md() functions
1588 */
1589 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1590 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1591 || !TEST_ptr_eq(md, EVP_sha256()))
1592 goto err;
1593
1594 /*
1595 * Test getting MD parameters via an associated EVP_PKEY_CTX
1596 */
1597 mdctx = EVP_MD_CTX_new();
1598 if (!TEST_ptr(mdctx)
1599 || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL,
1600 "SHA1", NULL, NULL,
1601 pkey)))
1602 goto err;
1603
1604 /*
1605 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1606 * able to obtain the digest's settable parameters from the provider.
1607 */
1608 params = EVP_MD_CTX_settable_params(mdctx);
1609 if (!TEST_ptr(params)
1610 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1611 /* The final key should be NULL */
1612 || !TEST_ptr_null(params[1].key))
1613 goto err;
1614
1615 param = ourparams;
1616 memset(ssl3ms, 0, sizeof(ssl3ms));
1617 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1618 ssl3ms, sizeof(ssl3ms));
1619 *param++ = OSSL_PARAM_construct_end();
1620
1621 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1622 goto err;
1623
1624 ret = 1;
1625
1626 err:
1627 EVP_MD_CTX_free(mdctx);
1628 EVP_PKEY_CTX_free(ctx);
1629
1630 return ret;
1631 }
1632
1633 #ifndef OPENSSL_NO_DSA
1634 static int test_DSA_get_set_params(void)
1635 {
1636 DSA *dsa = NULL;
1637 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1638 EVP_PKEY *pkey = NULL;
1639 int ret = 0;
1640
1641 /*
1642 * Setup the parameters for our DSA object. For our purposes they don't
1643 * have to actually be *valid* parameters. We just need to set something.
1644 */
1645 dsa = DSA_new();
1646 p = BN_new();
1647 q = BN_new();
1648 g = BN_new();
1649 pub = BN_new();
1650 priv = BN_new();
1651 if (!TEST_ptr(dsa)
1652 || !TEST_ptr(p)
1653 || !TEST_ptr(q)
1654 || !TEST_ptr(g)
1655 || !TEST_ptr(pub)
1656 || !DSA_set0_pqg(dsa, p, q, g)
1657 || !DSA_set0_key(dsa, pub, priv))
1658 goto err;
1659 p = q = g = pub = priv = NULL;
1660
1661 pkey = EVP_PKEY_new();
1662 if (!TEST_ptr(pkey)
1663 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1664 goto err;
1665
1666 dsa = NULL;
1667
1668 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1669
1670 err:
1671 EVP_PKEY_free(pkey);
1672 DSA_free(dsa);
1673 BN_free(p);
1674 BN_free(q);
1675 BN_free(g);
1676 BN_free(pub);
1677 BN_free(priv);
1678
1679 return ret;
1680 }
1681 #endif
1682
1683 static int test_RSA_get_set_params(void)
1684 {
1685 RSA *rsa = NULL;
1686 BIGNUM *n = NULL, *e = NULL, *d = NULL;
1687 EVP_PKEY *pkey = NULL;
1688 int ret = 0;
1689
1690 /*
1691 * Setup the parameters for our RSA object. For our purposes they don't
1692 * have to actually be *valid* parameters. We just need to set something.
1693 */
1694 rsa = RSA_new();
1695 n = BN_new();
1696 e = BN_new();
1697 d = BN_new();
1698 if (!TEST_ptr(rsa)
1699 || !TEST_ptr(n)
1700 || !TEST_ptr(e)
1701 || !TEST_ptr(d)
1702 || !RSA_set0_key(rsa, n, e, d))
1703 goto err;
1704 n = e = d = NULL;
1705
1706 pkey = EVP_PKEY_new();
1707 if (!TEST_ptr(pkey)
1708 || !TEST_true(EVP_PKEY_assign_RSA(pkey, rsa)))
1709 goto err;
1710
1711 rsa = NULL;
1712
1713 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1714
1715 err:
1716 EVP_PKEY_free(pkey);
1717 RSA_free(rsa);
1718 BN_free(n);
1719 BN_free(e);
1720 BN_free(d);
1721
1722 return ret;
1723 }
1724
1725 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1726 static int test_decrypt_null_chunks(void)
1727 {
1728 EVP_CIPHER_CTX* ctx = NULL;
1729 const unsigned char key[32] = {
1730 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1731 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1732 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1733 };
1734 unsigned char iv[12] = {
1735 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1736 };
1737 unsigned char msg[] = "It was the best of times, it was the worst of times";
1738 unsigned char ciphertext[80];
1739 unsigned char plaintext[80];
1740 /* We initialise tmp to a non zero value on purpose */
1741 int ctlen, ptlen, tmp = 99;
1742 int ret = 0;
1743 const int enc_offset = 10, dec_offset = 20;
1744
1745 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
1746 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
1747 key, iv))
1748 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
1749 enc_offset))
1750 /* Deliberate add a zero length update */
1751 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
1752 0))
1753 || !TEST_int_eq(tmp, 0)
1754 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
1755 msg + enc_offset,
1756 sizeof(msg) - enc_offset))
1757 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
1758 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
1759 || !TEST_int_eq(tmp, 0))
1760 goto err;
1761
1762 /* Deliberately initialise tmp to a non zero value */
1763 tmp = 99;
1764 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
1765 iv))
1766 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
1767 dec_offset))
1768 /*
1769 * Deliberately add a zero length update. We also deliberately do
1770 * this at a different offset than for encryption.
1771 */
1772 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
1773 0))
1774 || !TEST_int_eq(tmp, 0)
1775 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
1776 ciphertext + dec_offset,
1777 ctlen - dec_offset))
1778 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
1779 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
1780 || !TEST_int_eq(tmp, 0)
1781 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
1782 goto err;
1783
1784 ret = 1;
1785 err:
1786 EVP_CIPHER_CTX_free(ctx);
1787 return ret;
1788 }
1789 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1790
1791 #ifndef OPENSSL_NO_DH
1792 static int test_EVP_PKEY_set1_DH(void)
1793 {
1794 DH *x942dh = NULL, *noqdh = NULL;
1795 EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
1796 int ret = 0;
1797 BIGNUM *p, *g = NULL;
1798
1799 if (!TEST_ptr(p = BN_new())
1800 || !TEST_ptr(g = BN_new())
1801 || !BN_set_word(p, 9999)
1802 || !BN_set_word(g, 2)
1803 || !TEST_ptr(noqdh = DH_new())
1804 || !DH_set0_pqg(noqdh, p, NULL, g))
1805 goto err;
1806 p = g = NULL;
1807
1808 x942dh = DH_get_2048_256();
1809 pkey1 = EVP_PKEY_new();
1810 pkey2 = EVP_PKEY_new();
1811 if (!TEST_ptr(x942dh)
1812 || !TEST_ptr(noqdh)
1813 || !TEST_ptr(pkey1)
1814 || !TEST_ptr(pkey2))
1815 goto err;
1816
1817 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
1818 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
1819 goto err;
1820
1821 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh))
1822 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
1823 goto err;
1824
1825 ret = 1;
1826 err:
1827 BN_free(p);
1828 BN_free(g);
1829 EVP_PKEY_free(pkey1);
1830 EVP_PKEY_free(pkey2);
1831 DH_free(x942dh);
1832 DH_free(noqdh);
1833
1834 return ret;
1835 }
1836 #endif
1837
1838 /*
1839 * We test what happens with an empty template. For the sake of this test,
1840 * the template must be ignored, and we know that's the case for RSA keys
1841 * (this might arguably be a misfeature, but that's what we currently do,
1842 * even in provider code, since that's how the legacy RSA implementation
1843 * does things)
1844 */
1845 static int test_keygen_with_empty_template(int n)
1846 {
1847 EVP_PKEY_CTX *ctx = NULL;
1848 EVP_PKEY *pkey = NULL;
1849 EVP_PKEY *tkey = NULL;
1850 int ret = 0;
1851
1852 switch (n) {
1853 case 0:
1854 /* We do test with no template at all as well */
1855 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)))
1856 goto err;
1857 break;
1858 case 1:
1859 /* Here we create an empty RSA key that serves as our template */
1860 if (!TEST_ptr(tkey = EVP_PKEY_new())
1861 || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA))
1862 || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL)))
1863 goto err;
1864 break;
1865 }
1866
1867 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1868 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
1869 goto err;
1870
1871 ret = 1;
1872 err:
1873 EVP_PKEY_CTX_free(ctx);
1874 EVP_PKEY_free(pkey);
1875 EVP_PKEY_free(tkey);
1876 return ret;
1877 }
1878
1879 /*
1880 * Test that we fail if we attempt to use an algorithm that is not available
1881 * in the current library context (unless we are using an algorithm that
1882 * should be made available via legacy codepaths).
1883 *
1884 * 0: RSA
1885 * 1: SM2
1886 */
1887 static int test_pkey_ctx_fail_without_provider(int tst)
1888 {
1889 OPENSSL_CTX *tmpctx = OPENSSL_CTX_new();
1890 OSSL_PROVIDER *nullprov = NULL;
1891 EVP_PKEY_CTX *pctx = NULL;
1892 const char *keytype = NULL;
1893 int expect_null = 0;
1894 int ret = 0;
1895
1896 if (!TEST_ptr(tmpctx))
1897 goto err;
1898
1899 nullprov = OSSL_PROVIDER_load(tmpctx, "null");
1900 if (!TEST_ptr(nullprov))
1901 goto err;
1902
1903 /*
1904 * We check for certain algos in the null provider.
1905 * If an algo is expected to have a provider keymgmt, contructing an
1906 * EVP_PKEY_CTX is expected to fail (return NULL).
1907 * Otherwise, if it's expected to have legacy support, contructing an
1908 * EVP_PKEY_CTX is expected to succeed (return non-NULL).
1909 */
1910 switch (tst) {
1911 case 0:
1912 keytype = "RSA";
1913 expect_null = 1;
1914 break;
1915 case 1:
1916 keytype = "SM2";
1917 expect_null = 0; /* TODO: change to 1 when we have a SM2 keymgmt */
1918 #ifdef OPENSSL_NO_EC
1919 TEST_info("EC disable, skipping SM2 check...");
1920 goto end;
1921 #endif
1922 #ifdef OPENSSL_NO_SM2
1923 TEST_info("SM2 disable, skipping SM2 check...");
1924 goto end;
1925 #endif
1926 break;
1927 default:
1928 TEST_error("No test for case %d", tst);
1929 goto err;
1930 }
1931
1932 pctx = EVP_PKEY_CTX_new_from_name(tmpctx, keytype, "");
1933 if (expect_null ? !TEST_ptr_null(pctx) : !TEST_ptr(pctx))
1934 goto err;
1935
1936 #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_SM2)
1937 end:
1938 #endif
1939 ret = 1;
1940
1941 err:
1942 EVP_PKEY_CTX_free(pctx);
1943 OSSL_PROVIDER_unload(nullprov);
1944 OPENSSL_CTX_free(tmpctx);
1945 return ret;
1946 }
1947
1948 static int test_rand_agglomeration(void)
1949 {
1950 EVP_RAND *rand;
1951 EVP_RAND_CTX *ctx;
1952 OSSL_PARAM params[3], *p = params;
1953 int res;
1954 unsigned int step = 7;
1955 static unsigned char seed[] = "It does not matter how slowly you go "
1956 "as long as you do not stop.";
1957 unsigned char out[sizeof(seed)];
1958
1959 if (!TEST_int_ne(sizeof(seed) % step, 0)
1960 || !TEST_ptr(rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL)))
1961 return 0;
1962 ctx = EVP_RAND_CTX_new(rand, NULL);
1963 EVP_RAND_free(rand);
1964 if (!TEST_ptr(ctx))
1965 return 0;
1966
1967 memset(out, 0, sizeof(out));
1968 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
1969 seed, sizeof(seed));
1970 *p++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_MAX_REQUEST, &step);
1971 *p = OSSL_PARAM_construct_end();
1972 res = TEST_true(EVP_RAND_set_ctx_params(ctx, params))
1973 && TEST_true(EVP_RAND_generate(ctx, out, sizeof(out), 0, 1, NULL, 0))
1974 && TEST_mem_eq(seed, sizeof(seed), out, sizeof(out));
1975 EVP_RAND_CTX_free(ctx);
1976 return res;
1977 }
1978
1979 /*
1980 * Test that we correctly return the original or "running" IV after
1981 * an encryption operation.
1982 * Run multiple times for some different relevant algorithms/modes.
1983 */
1984 static int test_evp_iv(int idx)
1985 {
1986 int ret = 0;
1987 EVP_CIPHER_CTX *ctx = NULL;
1988 unsigned char key[16] = {0x4c, 0x43, 0xdb, 0xdd, 0x42, 0x73, 0x47, 0xd1,
1989 0xe5, 0x62, 0x7d, 0xcd, 0x4d, 0x76, 0x4d, 0x57};
1990 unsigned char init_iv[EVP_MAX_IV_LENGTH] =
1991 {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82,
1992 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34};
1993 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8,
1994 9, 10, 11, 12, 13, 14, 15, 16 };
1995 unsigned char ciphertext[32], oiv[16], iv[16];
1996 unsigned char *ref_iv;
1997 unsigned char cbc_state[16] = {0x10, 0x2f, 0x05, 0xcc, 0xc2, 0x55, 0x72, 0xb9,
1998 0x88, 0xe6, 0x4a, 0x17, 0x10, 0x74, 0x22, 0x5e};
1999
2000 unsigned char ofb_state[16] = {0x76, 0xe6, 0x66, 0x61, 0xd0, 0x8a, 0xe4, 0x64,
2001 0xdd, 0x66, 0xbf, 0x00, 0xf0, 0xe3, 0x6f, 0xfd};
2002 unsigned char gcm_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2003 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2004 unsigned char ccm_state[7] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98};
2005 #ifndef OPENSSL_NO_OCB
2006 unsigned char ocb_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2007 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2008 #endif
2009 int len = sizeof(ciphertext);
2010 size_t ivlen, ref_len;
2011 const EVP_CIPHER *type = NULL;
2012
2013 switch(idx) {
2014 case 0:
2015 type = EVP_aes_128_cbc();
2016 /* FALLTHROUGH */
2017 case 5:
2018 type = (type != NULL) ? type :
2019 EVP_CIPHER_fetch(testctx, "aes-128-cbc", NULL);
2020 ref_iv = cbc_state;
2021 ref_len = sizeof(cbc_state);
2022 break;
2023 case 1:
2024 type = EVP_aes_128_ofb();
2025 /* FALLTHROUGH */
2026 case 6:
2027 type = (type != NULL) ? type :
2028 EVP_CIPHER_fetch(testctx, "aes-128-ofb", NULL);
2029 ref_iv = ofb_state;
2030 ref_len = sizeof(ofb_state);
2031 break;
2032 case 2:
2033 type = EVP_aes_128_gcm();
2034 /* FALLTHROUGH */
2035 case 7:
2036 type = (type != NULL) ? type :
2037 EVP_CIPHER_fetch(testctx, "aes-128-gcm", NULL);
2038 ref_iv = gcm_state;
2039 ref_len = sizeof(gcm_state);
2040 break;
2041 case 3:
2042 type = EVP_aes_128_ccm();
2043 /* FALLTHROUGH */
2044 case 8:
2045 type = (type != NULL) ? type :
2046 EVP_CIPHER_fetch(testctx, "aes-128-ccm", NULL);
2047 ref_iv = ccm_state;
2048 ref_len = sizeof(ccm_state);
2049 break;
2050 #ifdef OPENSSL_NO_OCB
2051 case 4:
2052 case 9:
2053 return 1;
2054 #else
2055 case 4:
2056 type = EVP_aes_128_ocb();
2057 /* FALLTHROUGH */
2058 case 9:
2059 type = (type != NULL) ? type :
2060 EVP_CIPHER_fetch(testctx, "aes-128-ocb", NULL);
2061 ref_iv = ocb_state;
2062 ref_len = sizeof(ocb_state);
2063 break;
2064 #endif
2065 default:
2066 return 0;
2067 }
2068
2069 if (!TEST_ptr(type)
2070 || !TEST_ptr((ctx = EVP_CIPHER_CTX_new()))
2071 || !TEST_true(EVP_EncryptInit_ex(ctx, type, NULL, key, init_iv))
2072 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &len, msg,
2073 (int)sizeof(msg)))
2074 || !TEST_true(EVP_CIPHER_CTX_get_iv(ctx, oiv, sizeof(oiv)))
2075 || !TEST_true(EVP_CIPHER_CTX_get_iv_state(ctx, iv, sizeof(iv)))
2076 || !TEST_true(EVP_EncryptFinal_ex(ctx, ciphertext, &len)))
2077 goto err;
2078 ivlen = EVP_CIPHER_CTX_iv_length(ctx);
2079 if (!TEST_mem_eq(init_iv, ivlen, oiv, ivlen)
2080 || !TEST_mem_eq(ref_iv, ref_len, iv, ivlen))
2081 goto err;
2082
2083 ret = 1;
2084 err:
2085 EVP_CIPHER_CTX_free(ctx);
2086 if (idx >= 5)
2087 EVP_CIPHER_free((EVP_CIPHER *)type);
2088 return ret;
2089 }
2090
2091 int setup_tests(void)
2092 {
2093 testctx = OPENSSL_CTX_new();
2094
2095 if (!TEST_ptr(testctx))
2096 return 0;
2097
2098 ADD_TEST(test_EVP_set_default_properties);
2099 ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
2100 ADD_TEST(test_EVP_DigestVerifyInit);
2101 ADD_TEST(test_EVP_Enveloped);
2102 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
2103 ADD_TEST(test_privatekey_to_pkcs8);
2104 #ifndef OPENSSL_NO_EC
2105 ADD_TEST(test_EVP_PKCS82PKEY);
2106 #endif
2107 #ifndef OPENSSL_NO_EC
2108 ADD_ALL_TESTS(test_EC_keygen_with_enc, OSSL_NELEM(ec_encodings));
2109 #endif
2110 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
2111 ADD_TEST(test_EVP_SM2);
2112 ADD_TEST(test_EVP_SM2_verify);
2113 #endif
2114 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
2115 #ifndef OPENSSL_NO_DEPRECATED_3_0
2116 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
2117 if (!TEST_ptr(custom_pmeth))
2118 return 0;
2119 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
2120 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
2121 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
2122 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
2123 return 0;
2124 #endif
2125 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
2126 #ifndef OPENSSL_NO_CMAC
2127 ADD_TEST(test_CMAC_keygen);
2128 #endif
2129 ADD_TEST(test_HKDF);
2130 ADD_TEST(test_emptyikm_HKDF);
2131 #ifndef OPENSSL_NO_EC
2132 ADD_TEST(test_X509_PUBKEY_inplace);
2133 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
2134 OSSL_NELEM(ec_der_pub_keys));
2135 #endif
2136 #ifndef OPENSSL_NO_DSA
2137 ADD_TEST(test_DSA_get_set_params);
2138 #endif
2139 ADD_TEST(test_RSA_get_set_params);
2140 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2141 ADD_TEST(test_decrypt_null_chunks);
2142 #endif
2143 #ifndef OPENSSL_NO_DH
2144 ADD_TEST(test_EVP_PKEY_set1_DH);
2145 #endif
2146 ADD_ALL_TESTS(test_keygen_with_empty_template, 2);
2147 ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
2148
2149 ADD_TEST(test_rand_agglomeration);
2150 ADD_ALL_TESTS(test_evp_iv, 10);
2151
2152 return 1;
2153 }
2154
2155 void cleanup_tests(void)
2156 {
2157 OPENSSL_CTX_free(testctx);
2158 }
A mirror of the official openssl repository