]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /* We need to use some deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16 #include <openssl/bio.h>
17 #include <openssl/conf.h>
18 #include <openssl/crypto.h>
19 #include <openssl/err.h>
20 #include <openssl/evp.h>
21 #include <openssl/rsa.h>
22 #include <openssl/x509.h>
23 #include <openssl/pem.h>
24 #include <openssl/kdf.h>
25 #include <openssl/provider.h>
26 #include <openssl/core_names.h>
27 #include <openssl/params.h>
28 #include <openssl/dsa.h>
29 #include <openssl/dh.h>
30 #include <openssl/aes.h>
31 #include "testutil.h"
32 #include "internal/nelem.h"
33 #include "internal/sizes.h"
34 #include "crypto/evp.h"
35 #include "../e_os.h" /* strcasecmp */
36
37 static OSSL_LIB_CTX *testctx = NULL;
38
39 /*
40 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
41 * should never use this key anywhere but in an example.
42 */
43 static const unsigned char kExampleRSAKeyDER[] = {
44 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
45 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
46 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
47 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
48 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
49 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
50 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
51 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
52 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
53 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
54 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
55 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
56 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
57 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
58 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
59 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
60 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
61 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
62 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
63 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
64 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
65 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
66 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
67 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
68 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
69 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
70 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
71 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
72 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
73 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
74 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
75 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
76 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
77 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
78 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
79 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
80 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
81 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
82 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
83 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
84 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
85 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
86 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
87 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
88 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
89 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
90 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
91 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
92 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
93 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
94 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
95 };
96
97 /*
98 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
99 * should never use this key anywhere but in an example.
100 */
101 #ifndef OPENSSL_NO_DSA
102 static const unsigned char kExampleDSAKeyDER[] = {
103 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
104 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
105 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
106 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
107 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
108 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
109 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
110 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
111 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
112 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
113 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
114 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
115 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
116 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
117 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
118 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
119 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
120 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
121 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
122 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
123 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
124 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
125 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
126 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
127 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
128 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
129 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
130 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
131 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
132 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
133 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
134 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
135 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
136 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
137 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
138 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
139 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
140 0x40, 0x48
141 };
142 #endif
143
144 /*
145 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
146 * components are not correct.
147 */
148 static const unsigned char kExampleBadRSAKeyDER[] = {
149 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
150 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
151 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
152 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
153 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
154 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
155 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
156 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
157 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
158 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
159 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
160 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
161 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
162 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
163 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
164 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
165 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
166 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
167 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
168 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
169 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
170 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
171 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
172 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
173 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
174 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
175 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
176 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
177 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
178 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
179 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
180 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
181 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
182 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
183 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
184 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
185 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
186 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
187 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
188 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
189 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
190 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
191 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
192 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
193 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
194 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
195 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
196 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
197 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
198 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
199 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
200 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
201 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
202 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
203 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
204 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
205 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
206 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
207 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
208 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
209 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
210 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
211 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
212 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
213 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
214 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
215 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
216 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
217 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
218 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
219 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
220 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
221 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
222 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
223 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
224 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
225 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
226 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
227 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
228 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
229 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
230 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
231 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
232 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
233 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
234 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
235 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
236 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
237 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
238 };
239
240 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
241
242 static const unsigned char kSignature[] = {
243 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
244 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
245 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
246 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
247 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
248 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
249 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
250 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
251 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
252 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
253 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
254 };
255
256 /*
257 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
258 * PrivateKeyInfo.
259 */
260 static const unsigned char kExampleRSAKeyPKCS8[] = {
261 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
262 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
263 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
264 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
265 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
266 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
267 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
268 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
269 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
270 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
271 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
272 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
273 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
274 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
275 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
276 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
277 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
278 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
279 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
280 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
281 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
282 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
283 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
284 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
285 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
286 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
287 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
288 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
289 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
290 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
291 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
292 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
293 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
294 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
295 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
296 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
297 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
298 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
299 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
300 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
301 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
302 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
303 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
304 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
305 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
306 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
307 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
308 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
309 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
310 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
311 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
312 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
313 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
314 };
315
316 #ifndef OPENSSL_NO_EC
317 /*
318 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
319 * structure.
320 */
321 static const unsigned char kExampleECKeyDER[] = {
322 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
323 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
324 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
325 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
326 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
327 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
328 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
329 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
330 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
331 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
332 0xc1,
333 };
334
335 /*
336 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
337 * structure. The private key is equal to the order and will fail to import
338 */
339 static const unsigned char kExampleBadECKeyDER[] = {
340 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
341 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
342 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
343 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
344 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
345 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
346 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
347 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
348 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
349 };
350
351 /* prime256v1 */
352 static const unsigned char kExampleECPubKeyDER[] = {
353 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
354 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
355 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
356 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
357 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
358 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
359 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
360 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
361 };
362
363 /*
364 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
365 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
366 */
367 static const unsigned char kExampleBadECPubKeyDER[] = {
368 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
369 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
370 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
371 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
372 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
373 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
374 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
375 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
376 };
377
378 static const unsigned char pExampleECParamDER[] = {
379 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
380 };
381 #endif
382
383 typedef struct APK_DATA_st {
384 const unsigned char *kder;
385 size_t size;
386 int evptype;
387 int check;
388 int pub_check;
389 int param_check;
390 int type; /* 0 for private, 1 for public, 2 for params */
391 } APK_DATA;
392
393 static APK_DATA keydata[] = {
394 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
395 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
396 #ifndef OPENSSL_NO_EC
397 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
398 #endif
399 };
400
401 static APK_DATA keycheckdata[] = {
402 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
403 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
404 0, -2, -2, 0},
405 #ifndef OPENSSL_NO_EC
406 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
407 /* group is also associated in our pub key */
408 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
409 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
410 #endif
411 };
412
413 static EVP_PKEY *load_example_rsa_key(void)
414 {
415 EVP_PKEY *ret = NULL;
416 const unsigned char *derp = kExampleRSAKeyDER;
417 EVP_PKEY *pkey = NULL;
418 RSA *rsa = NULL;
419
420 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
421 return NULL;
422
423 if (!TEST_ptr(pkey = EVP_PKEY_new())
424 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
425 goto end;
426
427 ret = pkey;
428 pkey = NULL;
429
430 end:
431 EVP_PKEY_free(pkey);
432 RSA_free(rsa);
433
434 return ret;
435 }
436
437 #ifndef OPENSSL_NO_DSA
438 static EVP_PKEY *load_example_dsa_key(void)
439 {
440 EVP_PKEY *ret = NULL;
441 const unsigned char *derp = kExampleDSAKeyDER;
442 EVP_PKEY *pkey = NULL;
443 DSA *dsa = NULL;
444
445 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
446 return NULL;
447
448 if (!TEST_ptr(pkey = EVP_PKEY_new())
449 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
450 goto end;
451
452 ret = pkey;
453 pkey = NULL;
454
455 end:
456 EVP_PKEY_free(pkey);
457 DSA_free(dsa);
458
459 return ret;
460 }
461 #endif
462
463 static EVP_PKEY *load_example_hmac_key(void)
464 {
465 EVP_PKEY *pkey = NULL;
466 unsigned char key[] = {
467 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
468 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
469 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
470 };
471
472 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
473 if (!TEST_ptr(pkey))
474 return NULL;
475
476 return pkey;
477 }
478
479 static int test_EVP_set_default_properties(void)
480 {
481 OSSL_LIB_CTX *ctx;
482 EVP_MD *md = NULL;
483 int res = 0;
484
485 if (!TEST_ptr(ctx = OSSL_LIB_CTX_new())
486 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
487 goto err;
488 EVP_MD_free(md);
489 md = NULL;
490
491 if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
492 || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
493 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
494 goto err;
495 EVP_MD_free(md);
496 md = NULL;
497
498 if (!TEST_true(EVP_set_default_properties(ctx, NULL))
499 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
500 goto err;
501 res = 1;
502 err:
503 EVP_MD_free(md);
504 OSSL_LIB_CTX_free(ctx);
505 return res;
506 }
507
508 static int test_EVP_Enveloped(void)
509 {
510 int ret = 0;
511 EVP_CIPHER_CTX *ctx = NULL;
512 EVP_PKEY *keypair = NULL;
513 unsigned char *kek = NULL;
514 unsigned char iv[EVP_MAX_IV_LENGTH];
515 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
516 int len, kek_len, ciphertext_len, plaintext_len;
517 unsigned char ciphertext[32], plaintext[16];
518 const EVP_CIPHER *type = EVP_aes_256_cbc();
519
520 if (!TEST_ptr(keypair = load_example_rsa_key())
521 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
522 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
523 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
524 &keypair, 1))
525 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
526 msg, sizeof(msg)))
527 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
528 &len)))
529 goto err;
530
531 ciphertext_len += len;
532
533 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
534 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
535 ciphertext, ciphertext_len))
536 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
537 goto err;
538
539 plaintext_len += len;
540 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
541 goto err;
542
543 ret = 1;
544 err:
545 OPENSSL_free(kek);
546 EVP_PKEY_free(keypair);
547 EVP_CIPHER_CTX_free(ctx);
548 return ret;
549 }
550
551 /*
552 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
553 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
554 * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
555 * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
556 * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
557 * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
558 * Test 6: Use an MD BIO to do the Update calls instead (RSA)
559 * Test 7: Use an MD BIO to do the Update calls instead (DSA)
560 * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
561 */
562 static int test_EVP_DigestSignInit(int tst)
563 {
564 int ret = 0;
565 EVP_PKEY *pkey = NULL;
566 unsigned char *sig = NULL;
567 size_t sig_len = 0;
568 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
569 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
570 BIO *mdbio = NULL, *membio = NULL;
571 size_t written;
572 const EVP_MD *md;
573 EVP_MD *mdexp = NULL;
574
575 if (tst >= 6) {
576 membio = BIO_new(BIO_s_mem());
577 mdbio = BIO_new(BIO_f_md());
578 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
579 goto out;
580 BIO_push(mdbio, membio);
581 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
582 goto out;
583 } else {
584 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
585 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
586 goto out;
587 }
588
589 if (tst == 0 || tst == 3 || tst == 6) {
590 if (!TEST_ptr(pkey = load_example_rsa_key()))
591 goto out;
592 } else if (tst == 1 || tst == 4 || tst == 7) {
593 #ifndef OPENSSL_NO_DSA
594 if (!TEST_ptr(pkey = load_example_dsa_key()))
595 goto out;
596 #else
597 ret = 1;
598 goto out;
599 #endif
600 } else {
601 if (!TEST_ptr(pkey = load_example_hmac_key()))
602 goto out;
603 }
604
605 if (tst >= 3 && tst <= 5)
606 md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
607 else
608 md = EVP_sha256();
609
610 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
611 goto out;
612
613 if (tst >= 6) {
614 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
615 goto out;
616 } else {
617 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
618 goto out;
619 }
620
621 /* Determine the size of the signature. */
622 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
623 || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
624 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
625 goto out;
626
627 if (tst >= 6) {
628 if (!TEST_int_gt(BIO_reset(mdbio), 0)
629 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
630 goto out;
631 }
632
633 /*
634 * Ensure that the signature round-trips (Verification isn't supported for
635 * HMAC via EVP_DigestVerify*)
636 */
637 if (tst != 2 && tst != 5 && tst != 8) {
638 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
639 NULL, pkey)))
640 goto out;
641
642 if (tst >= 6) {
643 if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
644 goto out;
645 } else {
646 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
647 sizeof(kMsg))))
648 goto out;
649 }
650 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
651 goto out;
652 }
653
654 ret = 1;
655
656 out:
657 BIO_free(membio);
658 BIO_free(mdbio);
659 EVP_MD_CTX_free(a_md_ctx);
660 EVP_MD_CTX_free(a_md_ctx_verify);
661 EVP_PKEY_free(pkey);
662 OPENSSL_free(sig);
663 EVP_MD_free(mdexp);
664
665 return ret;
666 }
667
668 static int test_EVP_DigestVerifyInit(void)
669 {
670 int ret = 0;
671 EVP_PKEY *pkey = NULL;
672 EVP_MD_CTX *md_ctx = NULL;
673
674 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
675 || !TEST_ptr(pkey = load_example_rsa_key()))
676 goto out;
677
678 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
679 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
680 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
681 sizeof(kSignature))))
682 goto out;
683 ret = 1;
684
685 out:
686 EVP_MD_CTX_free(md_ctx);
687 EVP_PKEY_free(pkey);
688 return ret;
689 }
690
691 static int test_d2i_AutoPrivateKey(int i)
692 {
693 int ret = 0;
694 const unsigned char *p;
695 EVP_PKEY *pkey = NULL;
696 const APK_DATA *ak = &keydata[i];
697 const unsigned char *input = ak->kder;
698 size_t input_len = ak->size;
699 int expected_id = ak->evptype;
700
701 p = input;
702 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
703 || !TEST_ptr_eq(p, input + input_len)
704 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
705 goto done;
706
707 ret = 1;
708
709 done:
710 EVP_PKEY_free(pkey);
711 return ret;
712 }
713
714 #ifndef OPENSSL_NO_EC
715
716 static const unsigned char ec_public_sect163k1_validxy[] = {
717 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
718 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
719 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
720 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
721 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
722 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
723 };
724
725 static const unsigned char ec_public_sect163k1_badx[] = {
726 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
727 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
728 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
729 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
730 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
731 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
732 };
733
734 static const unsigned char ec_public_sect163k1_bady[] = {
735 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
736 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
737 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
738 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
739 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
740 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
741 };
742
743 static struct ec_der_pub_keys_st {
744 const unsigned char *der;
745 size_t len;
746 int valid;
747 } ec_der_pub_keys[] = {
748 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
749 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
750 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
751 };
752
753 /*
754 * Tests the range of the decoded EC char2 public point.
755 * See ec_GF2m_simple_oct2point().
756 */
757 static int test_invalide_ec_char2_pub_range_decode(int id)
758 {
759 int ret = 0;
760 BIO *bio = NULL;
761 EC_KEY *eckey = NULL;
762
763 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
764 ec_der_pub_keys[id].len)))
765 goto err;
766 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
767 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
768 || TEST_ptr_null(eckey);
769 err:
770 EC_KEY_free(eckey);
771 BIO_free(bio);
772 return ret;
773 }
774
775 /* Tests loading a bad key in PKCS8 format */
776 static int test_EVP_PKCS82PKEY(void)
777 {
778 int ret = 0;
779 const unsigned char *derp = kExampleBadECKeyDER;
780 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
781 EVP_PKEY *pkey = NULL;
782
783 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
784 sizeof(kExampleBadECKeyDER))))
785 goto done;
786
787 if (!TEST_ptr_eq(derp,
788 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
789 goto done;
790
791 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
792 goto done;
793
794 ret = 1;
795
796 done:
797 PKCS8_PRIV_KEY_INFO_free(p8inf);
798 EVP_PKEY_free(pkey);
799
800 return ret;
801 }
802 #endif
803
804 /* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */
805 static int test_privatekey_to_pkcs8(void)
806 {
807 EVP_PKEY *pkey = NULL;
808 BIO *membio = NULL;
809 char *membuf = NULL;
810 long membuf_len = 0;
811 int ok = 0;
812
813 if (!TEST_ptr(membio = BIO_new(BIO_s_mem()))
814 || !TEST_ptr(pkey = load_example_rsa_key())
815 || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL,
816 NULL, 0, NULL, NULL),
817 0)
818 || !TEST_int_gt(membuf_len = BIO_get_mem_data(membio, &membuf), 0)
819 || !TEST_ptr(membuf)
820 || !TEST_mem_eq(membuf, (size_t)membuf_len,
821 kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8))
822 /*
823 * We try to write PEM as well, just to see that it doesn't err, but
824 * assume that the result is correct.
825 */
826 || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL,
827 NULL, 0, NULL, NULL),
828 0))
829 goto done;
830
831 ok = 1;
832 done:
833 EVP_PKEY_free(pkey);
834 BIO_free_all(membio);
835 return ok;
836 }
837
838 #ifndef OPENSSL_NO_EC
839 static const struct {
840 int encoding;
841 const char *encoding_name;
842 } ec_encodings[] = {
843 { OPENSSL_EC_EXPLICIT_CURVE, OSSL_PKEY_EC_ENCODING_EXPLICIT },
844 { OPENSSL_EC_NAMED_CURVE, OSSL_PKEY_EC_ENCODING_GROUP }
845 };
846
847 static int ec_export_get_encoding_cb(const OSSL_PARAM params[], void *arg)
848 {
849 const OSSL_PARAM *p;
850 const char *enc_name = NULL;
851 int *enc = arg;
852 size_t i;
853
854 *enc = -1;
855
856 if (!TEST_ptr(p = OSSL_PARAM_locate_const(params,
857 OSSL_PKEY_PARAM_EC_ENCODING))
858 || !TEST_true(OSSL_PARAM_get_utf8_string_ptr(p, &enc_name)))
859 return 0;
860
861 for (i = 0; i < OSSL_NELEM(ec_encodings); i++) {
862 if (strcasecmp(enc_name, ec_encodings[i].encoding_name) == 0) {
863 *enc = ec_encodings[i].encoding;
864 break;
865 }
866 }
867
868 return (*enc != -1);
869 }
870
871 static int test_EC_keygen_with_enc(int idx)
872 {
873 EVP_PKEY *params = NULL, *key = NULL;
874 EVP_PKEY_CTX *pctx = NULL, *kctx = NULL;
875 int enc;
876 int ret = 0;
877
878 enc = ec_encodings[idx].encoding;
879
880 /* Create key parameters */
881 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "EC", NULL))
882 || !TEST_true(EVP_PKEY_paramgen_init(pctx))
883 || !TEST_true(EVP_PKEY_CTX_set_group_name(pctx, "P-256"))
884 || !TEST_true(EVP_PKEY_CTX_set_ec_param_enc(pctx, enc))
885 || !TEST_true(EVP_PKEY_paramgen(pctx, &params))
886 || !TEST_ptr(params))
887 goto done;
888
889 /* Create key */
890 if (!TEST_ptr(kctx = EVP_PKEY_CTX_new_from_pkey(testctx, params, NULL))
891 || !TEST_true(EVP_PKEY_keygen_init(kctx))
892 || !TEST_true(EVP_PKEY_keygen(kctx, &key))
893 || !TEST_ptr(key))
894 goto done;
895
896 /* Check that the encoding got all the way into the key */
897 if (!TEST_true(evp_keymgmt_util_export(key, OSSL_KEYMGMT_SELECT_ALL,
898 ec_export_get_encoding_cb, &enc))
899 || !TEST_int_eq(enc, ec_encodings[idx].encoding))
900 goto done;
901
902 ret = 1;
903 done:
904 EVP_PKEY_free(key);
905 EVP_PKEY_free(params);
906 EVP_PKEY_CTX_free(kctx);
907 EVP_PKEY_CTX_free(pctx);
908 return ret;
909 }
910 #endif
911
912 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
913
914 static int test_EVP_SM2_verify(void)
915 {
916 const char *pubkey =
917 "-----BEGIN PUBLIC KEY-----\n"
918 "MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEp1KLWq1ZE2jmoAnnBJE1LBGxVr18\n"
919 "YvvqECWCpXfAQ9qUJ+UmthnUPf0iM3SaXKHe6PlLIDyNlWMWb9RUh/yU3g==\n"
920 "-----END PUBLIC KEY-----\n";
921
922 const char *msg = "message digest";
923 const char *id = "ALICE123@YAHOO.COM";
924
925 const uint8_t signature[] = {
926 0x30, 0x44, 0x02, 0x20, 0x5b, 0xdb, 0xab, 0x81, 0x4f, 0xbb,
927 0x8b, 0x69, 0xb1, 0x05, 0x9c, 0x99, 0x3b, 0xb2, 0x45, 0x06,
928 0x4a, 0x30, 0x15, 0x59, 0x84, 0xcd, 0xee, 0x30, 0x60, 0x36,
929 0x57, 0x87, 0xef, 0x5c, 0xd0, 0xbe, 0x02, 0x20, 0x43, 0x8d,
930 0x1f, 0xc7, 0x77, 0x72, 0x39, 0xbb, 0x72, 0xe1, 0xfd, 0x07,
931 0x58, 0xd5, 0x82, 0xc8, 0x2d, 0xba, 0x3b, 0x2c, 0x46, 0x24,
932 0xe3, 0x50, 0xff, 0x04, 0xc7, 0xa0, 0x71, 0x9f, 0xa4, 0x70
933 };
934
935 int rc = 0;
936 BIO *bio = NULL;
937 EVP_PKEY *pkey = NULL;
938 EVP_MD_CTX *mctx = NULL;
939 EVP_PKEY_CTX *pctx = NULL;
940
941 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
942 if (!TEST_true(bio != NULL))
943 goto done;
944
945 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
946 if (!TEST_true(pkey != NULL))
947 goto done;
948
949 if (!TEST_true(EVP_PKEY_is_a(pkey, "SM2")))
950 goto done;
951
952 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
953 goto done;
954
955 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
956 goto done;
957
958 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
959
960 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
961 goto done;
962
963 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, id, strlen(id)), 0))
964 goto done;
965
966 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
967 goto done;
968
969 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
970 goto done;
971 rc = 1;
972
973 done:
974 BIO_free(bio);
975 EVP_PKEY_free(pkey);
976 EVP_PKEY_CTX_free(pctx);
977 EVP_MD_CTX_free(mctx);
978 return rc;
979 }
980
981 static int test_EVP_SM2(void)
982 {
983 int ret = 0;
984 EVP_PKEY *pkey = NULL;
985 EVP_PKEY *pkeyparams = NULL;
986 EVP_PKEY_CTX *pctx = NULL;
987 EVP_PKEY_CTX *kctx = NULL;
988 EVP_PKEY_CTX *sctx = NULL;
989 size_t sig_len = 0;
990 unsigned char *sig = NULL;
991 EVP_MD_CTX *md_ctx = NULL;
992 EVP_MD_CTX *md_ctx_verify = NULL;
993 EVP_PKEY_CTX *cctx = NULL;
994
995 uint8_t ciphertext[128];
996 size_t ctext_len = sizeof(ciphertext);
997
998 uint8_t plaintext[8];
999 size_t ptext_len = sizeof(plaintext);
1000
1001 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
1002
1003 OSSL_PARAM sparams[2] = {OSSL_PARAM_END, OSSL_PARAM_END};
1004 OSSL_PARAM gparams[2] = {OSSL_PARAM_END, OSSL_PARAM_END};
1005 int i;
1006 char mdname[20];
1007
1008 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);
1009 if (!TEST_ptr(pctx))
1010 goto done;
1011
1012 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
1013 goto done;
1014
1015 /* TODO is this even needed? */
1016 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
1017 goto done;
1018
1019 if (!TEST_true(EVP_PKEY_paramgen(pctx, &pkeyparams)))
1020 goto done;
1021
1022 kctx = EVP_PKEY_CTX_new(pkeyparams, NULL);
1023 if (!TEST_ptr(kctx))
1024 goto done;
1025
1026 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
1027 goto done;
1028
1029 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
1030 goto done;
1031
1032 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
1033 goto done;
1034
1035 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
1036 goto done;
1037
1038 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
1039 goto done;
1040
1041 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
1042 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
1043
1044 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
1045 goto done;
1046
1047 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1048 goto done;
1049
1050 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
1051 goto done;
1052
1053 /* Determine the size of the signature. */
1054 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
1055 goto done;
1056
1057 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
1058 goto done;
1059
1060 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
1061 goto done;
1062
1063 /* Ensure that the signature round-trips. */
1064
1065 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
1066 goto done;
1067
1068 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
1069 goto done;
1070
1071 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
1072 goto done;
1073
1074 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
1075 goto done;
1076
1077 /* now check encryption/decryption */
1078
1079 gparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_DIGEST,
1080 mdname, sizeof(mdname));
1081 for (i = 0; i < 2; i++) {
1082 EVP_PKEY_CTX_free(cctx);
1083
1084 sparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_ASYM_CIPHER_PARAM_DIGEST,
1085 i == 0 ? "SM3" : "SHA2-256",
1086 0);
1087
1088 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
1089 goto done;
1090
1091 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
1092 goto done;
1093
1094 if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))
1095 goto done;
1096
1097 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg,
1098 sizeof(kMsg))))
1099 goto done;
1100
1101 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
1102 goto done;
1103
1104 if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))
1105 goto done;
1106
1107 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext,
1108 ctext_len)))
1109 goto done;
1110
1111 if (!TEST_true(EVP_PKEY_CTX_get_params(cctx, gparams)))
1112 goto done;
1113
1114 /* Test we're still using the digest we think we are */
1115 if (i == 0 && !TEST_int_eq(strcmp(mdname, "SM3"), 0))
1116 goto done;
1117 if (i == 1 && !TEST_int_eq(strcmp(mdname, "SHA2-256"), 0))
1118 goto done;
1119
1120 if (!TEST_true(ptext_len == sizeof(kMsg)))
1121 goto done;
1122
1123 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
1124 goto done;
1125 }
1126
1127 ret = 1;
1128 done:
1129 EVP_PKEY_CTX_free(pctx);
1130 EVP_PKEY_CTX_free(kctx);
1131 EVP_PKEY_CTX_free(sctx);
1132 EVP_PKEY_CTX_free(cctx);
1133 EVP_PKEY_free(pkey);
1134 EVP_PKEY_free(pkeyparams);
1135 EVP_MD_CTX_free(md_ctx);
1136 EVP_MD_CTX_free(md_ctx_verify);
1137 OPENSSL_free(sig);
1138 return ret;
1139 }
1140
1141 #endif
1142
1143 static struct keys_st {
1144 int type;
1145 char *priv;
1146 char *pub;
1147 } keys[] = {
1148 {
1149 EVP_PKEY_HMAC, "0123456789", NULL
1150 }, {
1151 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
1152 }, {
1153 EVP_PKEY_SIPHASH, "0123456789012345", NULL
1154 },
1155 #ifndef OPENSSL_NO_EC
1156 {
1157 EVP_PKEY_X25519, "01234567890123456789012345678901",
1158 "abcdefghijklmnopqrstuvwxyzabcdef"
1159 }, {
1160 EVP_PKEY_ED25519, "01234567890123456789012345678901",
1161 "abcdefghijklmnopqrstuvwxyzabcdef"
1162 }, {
1163 EVP_PKEY_X448,
1164 "01234567890123456789012345678901234567890123456789012345",
1165 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
1166 }, {
1167 EVP_PKEY_ED448,
1168 "012345678901234567890123456789012345678901234567890123456",
1169 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
1170 }
1171 #endif
1172 };
1173
1174 static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
1175 {
1176 int ret = 0;
1177 unsigned char buf[80];
1178 unsigned char *in;
1179 size_t inlen, len = 0;
1180 EVP_PKEY *pkey;
1181
1182 /* Check if this algorithm supports public keys */
1183 if (keys[tst].pub == NULL)
1184 return 1;
1185
1186 memset(buf, 0, sizeof(buf));
1187
1188 if (pub) {
1189 inlen = strlen(keys[tst].pub);
1190 in = (unsigned char *)keys[tst].pub;
1191 if (uselibctx) {
1192 pkey = EVP_PKEY_new_raw_public_key_ex(
1193 testctx,
1194 OBJ_nid2sn(keys[tst].type),
1195 NULL,
1196 in,
1197 inlen);
1198 } else {
1199 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
1200 NULL,
1201 in,
1202 inlen);
1203 }
1204 } else {
1205 inlen = strlen(keys[tst].priv);
1206 in = (unsigned char *)keys[tst].priv;
1207 if (uselibctx) {
1208 pkey = EVP_PKEY_new_raw_private_key_ex(
1209 testctx, OBJ_nid2sn(keys[tst].type),
1210 NULL,
1211 in,
1212 inlen);
1213 } else {
1214 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1215 NULL,
1216 in,
1217 inlen);
1218 }
1219 }
1220
1221 if (!TEST_ptr(pkey)
1222 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1223 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1224 || !TEST_true(len == inlen)
1225 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1226 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1227 || !TEST_mem_eq(in, inlen, buf, len))
1228 goto done;
1229
1230 ret = 1;
1231 done:
1232 EVP_PKEY_free(pkey);
1233 return ret;
1234 }
1235
1236 static int test_set_get_raw_keys(int tst)
1237 {
1238 return test_set_get_raw_keys_int(tst, 0, 0)
1239 && test_set_get_raw_keys_int(tst, 0, 1)
1240 && test_set_get_raw_keys_int(tst, 1, 0)
1241 && test_set_get_raw_keys_int(tst, 1, 1);
1242 }
1243
1244 #ifndef OPENSSL_NO_DEPRECATED_3_0
1245 static int pkey_custom_check(EVP_PKEY *pkey)
1246 {
1247 return 0xbeef;
1248 }
1249
1250 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1251 {
1252 return 0xbeef;
1253 }
1254
1255 static int pkey_custom_param_check(EVP_PKEY *pkey)
1256 {
1257 return 0xbeef;
1258 }
1259
1260 static EVP_PKEY_METHOD *custom_pmeth;
1261 #endif
1262
1263 static int test_EVP_PKEY_check(int i)
1264 {
1265 int ret = 0;
1266 const unsigned char *p;
1267 EVP_PKEY *pkey = NULL;
1268 #ifndef OPENSSL_NO_EC
1269 EC_KEY *eckey = NULL;
1270 #endif
1271 EVP_PKEY_CTX *ctx = NULL;
1272 #ifndef OPENSSL_NO_DEPRECATED_3_0
1273 EVP_PKEY_CTX *ctx2 = NULL;
1274 #endif
1275 const APK_DATA *ak = &keycheckdata[i];
1276 const unsigned char *input = ak->kder;
1277 size_t input_len = ak->size;
1278 int expected_id = ak->evptype;
1279 int expected_check = ak->check;
1280 int expected_pub_check = ak->pub_check;
1281 int expected_param_check = ak->param_check;
1282 int type = ak->type;
1283 BIO *pubkey = NULL;
1284
1285 p = input;
1286
1287 switch (type) {
1288 case 0:
1289 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1290 || !TEST_ptr_eq(p, input + input_len)
1291 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1292 goto done;
1293 break;
1294 #ifndef OPENSSL_NO_EC
1295 case 1:
1296 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1297 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1298 || !TEST_ptr(pkey = EVP_PKEY_new())
1299 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1300 goto done;
1301 break;
1302 case 2:
1303 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1304 || !TEST_ptr_eq(p, input + input_len)
1305 || !TEST_ptr(pkey = EVP_PKEY_new())
1306 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1307 goto done;
1308 break;
1309 #endif
1310 default:
1311 return 0;
1312 }
1313
1314 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1315 goto done;
1316
1317 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1318 goto done;
1319
1320 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1321 goto done;
1322
1323 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1324 goto done;
1325
1326 #ifndef OPENSSL_NO_DEPRECATED_3_0
1327 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1328 /* assign the pkey directly, as an internal test */
1329 EVP_PKEY_up_ref(pkey);
1330 ctx2->pkey = pkey;
1331
1332 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1333 goto done;
1334
1335 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1336 goto done;
1337
1338 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1339 goto done;
1340 #endif
1341
1342 ret = 1;
1343
1344 done:
1345 EVP_PKEY_CTX_free(ctx);
1346 #ifndef OPENSSL_NO_DEPRECATED_3_0
1347 EVP_PKEY_CTX_free(ctx2);
1348 #endif
1349 EVP_PKEY_free(pkey);
1350 BIO_free(pubkey);
1351 return ret;
1352 }
1353
1354 #ifndef OPENSSL_NO_CMAC
1355 static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
1356 {
1357 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
1358 const char msg[] = "Hello World";
1359 size_t maclen;
1360 int ret = 1;
1361
1362 if (!TEST_ptr(mdctx)
1363 || !TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, pkey))
1364 || !TEST_true(EVP_DigestSignUpdate(mdctx, msg, sizeof(msg)))
1365 || !TEST_true(EVP_DigestSignFinal(mdctx, mac, &maclen))
1366 || !TEST_size_t_eq(maclen, AES_BLOCK_SIZE))
1367 ret = 0;
1368
1369 EVP_MD_CTX_free(mdctx);
1370
1371 return ret;
1372 }
1373 static int test_CMAC_keygen(void)
1374 {
1375 static unsigned char key[] = {
1376 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1377 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1378 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
1379 };
1380 /*
1381 * This is a legacy method for CMACs, but should still work.
1382 * This verifies that it works without an ENGINE.
1383 */
1384 EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
1385 int ret = 0;
1386 EVP_PKEY *pkey = NULL;
1387 unsigned char mac[AES_BLOCK_SIZE], mac2[AES_BLOCK_SIZE];
1388
1389 /* Test a CMAC key created using the "generated" method */
1390 if (!TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1391 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1392 EVP_PKEY_CTRL_CIPHER,
1393 0, (void *)EVP_aes_256_ecb()), 0)
1394 || !TEST_int_gt(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1395 EVP_PKEY_CTRL_SET_MAC_KEY,
1396 sizeof(key), (void *)key), 0)
1397 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)
1398 || !TEST_ptr(pkey)
1399 || !TEST_true(get_cmac_val(pkey, mac)))
1400 goto done;
1401
1402 EVP_PKEY_free(pkey);
1403
1404 /*
1405 * Test a CMAC key using the direct method, and compare with the mac
1406 * created above.
1407 */
1408 pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), EVP_aes_256_ecb());
1409 if (!TEST_ptr(pkey)
1410 || !TEST_true(get_cmac_val(pkey, mac2))
1411 || !TEST_mem_eq(mac, sizeof(mac), mac2, sizeof(mac2)))
1412 goto done;
1413
1414 ret = 1;
1415
1416 done:
1417 EVP_PKEY_free(pkey);
1418 EVP_PKEY_CTX_free(kctx);
1419 return ret;
1420 }
1421 #endif
1422
1423 static int test_HKDF(void)
1424 {
1425 EVP_PKEY_CTX *pctx;
1426 unsigned char out[20];
1427 size_t outlen;
1428 int i, ret = 0;
1429 unsigned char salt[] = "0123456789";
1430 unsigned char key[] = "012345678901234567890123456789";
1431 unsigned char info[] = "infostring";
1432 const unsigned char expected[] = {
1433 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1434 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1435 };
1436 size_t expectedlen = sizeof(expected);
1437
1438 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1439 goto done;
1440
1441 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1442 for (i = 0; i < 2; i++) {
1443 outlen = sizeof(out);
1444 memset(out, 0, outlen);
1445
1446 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1447 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1448 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1449 sizeof(salt) - 1), 0)
1450 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1451 sizeof(key) - 1), 0)
1452 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1453 sizeof(info) - 1), 0)
1454 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1455 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1456 goto done;
1457 }
1458
1459 ret = 1;
1460
1461 done:
1462 EVP_PKEY_CTX_free(pctx);
1463
1464 return ret;
1465 }
1466
1467 static int test_emptyikm_HKDF(void)
1468 {
1469 EVP_PKEY_CTX *pctx;
1470 unsigned char out[20];
1471 size_t outlen;
1472 int ret = 0;
1473 unsigned char salt[] = "9876543210";
1474 unsigned char key[] = "";
1475 unsigned char info[] = "stringinfo";
1476 const unsigned char expected[] = {
1477 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47,
1478 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30
1479 };
1480 size_t expectedlen = sizeof(expected);
1481
1482 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1483 goto done;
1484
1485 outlen = sizeof(out);
1486 memset(out, 0, outlen);
1487
1488 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1489 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1490 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1491 sizeof(salt) - 1), 0)
1492 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1493 sizeof(key) - 1), 0)
1494 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1495 sizeof(info) - 1), 0)
1496 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1497 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1498 goto done;
1499
1500 ret = 1;
1501
1502 done:
1503 EVP_PKEY_CTX_free(pctx);
1504
1505 return ret;
1506 }
1507
1508 #ifndef OPENSSL_NO_EC
1509 static int test_X509_PUBKEY_inplace(void)
1510 {
1511 int ret = 0;
1512 X509_PUBKEY *xp = NULL;
1513 const unsigned char *p = kExampleECPubKeyDER;
1514 size_t input_len = sizeof(kExampleECPubKeyDER);
1515
1516 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1517 goto done;
1518
1519 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1520 goto done;
1521
1522 p = kExampleBadECPubKeyDER;
1523 input_len = sizeof(kExampleBadECPubKeyDER);
1524
1525 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1526 goto done;
1527
1528 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1529 goto done;
1530
1531 ret = 1;
1532
1533 done:
1534 X509_PUBKEY_free(xp);
1535 return ret;
1536 }
1537 #endif /* OPENSSL_NO_EC */
1538
1539 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1540 static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
1541 {
1542 EVP_MD_CTX *mdctx = NULL;
1543 EVP_PKEY_CTX *ctx = NULL;
1544 const OSSL_PARAM *params;
1545 OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
1546 int ret = 0;
1547 const EVP_MD *md;
1548 char mdname[OSSL_MAX_NAME_SIZE];
1549 char ssl3ms[48];
1550
1551 /* Initialise a sign operation */
1552 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1553 if (!TEST_ptr(ctx)
1554 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1555 goto err;
1556
1557 /*
1558 * We should be able to query the parameters now.
1559 */
1560 params = EVP_PKEY_CTX_settable_params(ctx);
1561 if (!TEST_ptr(params)
1562 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1563 OSSL_SIGNATURE_PARAM_DIGEST)))
1564 goto err;
1565
1566 params = EVP_PKEY_CTX_gettable_params(ctx);
1567 if (!TEST_ptr(params)
1568 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1569 OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
1570 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1571 OSSL_SIGNATURE_PARAM_DIGEST)))
1572 goto err;
1573
1574 /*
1575 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1576 * EVP_PKEY_CTX_get_params()
1577 */
1578 strcpy(mdname, "SHA512");
1579 param_md = param;
1580 *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1581 mdname, 0);
1582 *param++ = OSSL_PARAM_construct_end();
1583
1584 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1585 goto err;
1586
1587 mdname[0] = '\0';
1588 *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1589 mdname, sizeof(mdname));
1590 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1591 || !TEST_str_eq(mdname, "SHA512"))
1592 goto err;
1593
1594 /*
1595 * Test the TEST_PKEY_CTX_set_signature_md() and
1596 * TEST_PKEY_CTX_get_signature_md() functions
1597 */
1598 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1599 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1600 || !TEST_ptr_eq(md, EVP_sha256()))
1601 goto err;
1602
1603 /*
1604 * Test getting MD parameters via an associated EVP_PKEY_CTX
1605 */
1606 mdctx = EVP_MD_CTX_new();
1607 if (!TEST_ptr(mdctx)
1608 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, NULL,
1609 pkey)))
1610 goto err;
1611
1612 /*
1613 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1614 * able to obtain the digest's settable parameters from the provider.
1615 */
1616 params = EVP_MD_CTX_settable_params(mdctx);
1617 if (!TEST_ptr(params)
1618 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1619 /* The final key should be NULL */
1620 || !TEST_ptr_null(params[1].key))
1621 goto err;
1622
1623 param = ourparams;
1624 memset(ssl3ms, 0, sizeof(ssl3ms));
1625 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1626 ssl3ms, sizeof(ssl3ms));
1627 *param++ = OSSL_PARAM_construct_end();
1628
1629 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1630 goto err;
1631
1632 ret = 1;
1633
1634 err:
1635 EVP_MD_CTX_free(mdctx);
1636 EVP_PKEY_CTX_free(ctx);
1637
1638 return ret;
1639 }
1640
1641 #ifndef OPENSSL_NO_DSA
1642 static int test_DSA_get_set_params(void)
1643 {
1644 DSA *dsa = NULL;
1645 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1646 EVP_PKEY *pkey = NULL;
1647 int ret = 0;
1648
1649 /*
1650 * Setup the parameters for our DSA object. For our purposes they don't
1651 * have to actually be *valid* parameters. We just need to set something.
1652 */
1653 dsa = DSA_new();
1654 p = BN_new();
1655 q = BN_new();
1656 g = BN_new();
1657 pub = BN_new();
1658 priv = BN_new();
1659 if (!TEST_ptr(dsa)
1660 || !TEST_ptr(p)
1661 || !TEST_ptr(q)
1662 || !TEST_ptr(g)
1663 || !TEST_ptr(pub)
1664 || !DSA_set0_pqg(dsa, p, q, g)
1665 || !DSA_set0_key(dsa, pub, priv))
1666 goto err;
1667 p = q = g = pub = priv = NULL;
1668
1669 pkey = EVP_PKEY_new();
1670 if (!TEST_ptr(pkey)
1671 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1672 goto err;
1673
1674 dsa = NULL;
1675
1676 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1677
1678 err:
1679 EVP_PKEY_free(pkey);
1680 DSA_free(dsa);
1681 BN_free(p);
1682 BN_free(q);
1683 BN_free(g);
1684 BN_free(pub);
1685 BN_free(priv);
1686
1687 return ret;
1688 }
1689 #endif
1690
1691 static int test_RSA_get_set_params(void)
1692 {
1693 RSA *rsa = NULL;
1694 BIGNUM *n = NULL, *e = NULL, *d = NULL;
1695 EVP_PKEY *pkey = NULL;
1696 int ret = 0;
1697
1698 /*
1699 * Setup the parameters for our RSA object. For our purposes they don't
1700 * have to actually be *valid* parameters. We just need to set something.
1701 */
1702 rsa = RSA_new();
1703 n = BN_new();
1704 e = BN_new();
1705 d = BN_new();
1706 if (!TEST_ptr(rsa)
1707 || !TEST_ptr(n)
1708 || !TEST_ptr(e)
1709 || !TEST_ptr(d)
1710 || !RSA_set0_key(rsa, n, e, d))
1711 goto err;
1712 n = e = d = NULL;
1713
1714 pkey = EVP_PKEY_new();
1715 if (!TEST_ptr(pkey)
1716 || !TEST_true(EVP_PKEY_assign_RSA(pkey, rsa)))
1717 goto err;
1718
1719 rsa = NULL;
1720
1721 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1722
1723 err:
1724 EVP_PKEY_free(pkey);
1725 RSA_free(rsa);
1726 BN_free(n);
1727 BN_free(e);
1728 BN_free(d);
1729
1730 return ret;
1731 }
1732
1733 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1734 static int test_decrypt_null_chunks(void)
1735 {
1736 EVP_CIPHER_CTX* ctx = NULL;
1737 const unsigned char key[32] = {
1738 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1739 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1740 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1741 };
1742 unsigned char iv[12] = {
1743 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1744 };
1745 unsigned char msg[] = "It was the best of times, it was the worst of times";
1746 unsigned char ciphertext[80];
1747 unsigned char plaintext[80];
1748 /* We initialise tmp to a non zero value on purpose */
1749 int ctlen, ptlen, tmp = 99;
1750 int ret = 0;
1751 const int enc_offset = 10, dec_offset = 20;
1752
1753 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
1754 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
1755 key, iv))
1756 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
1757 enc_offset))
1758 /* Deliberate add a zero length update */
1759 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
1760 0))
1761 || !TEST_int_eq(tmp, 0)
1762 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
1763 msg + enc_offset,
1764 sizeof(msg) - enc_offset))
1765 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
1766 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
1767 || !TEST_int_eq(tmp, 0))
1768 goto err;
1769
1770 /* Deliberately initialise tmp to a non zero value */
1771 tmp = 99;
1772 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
1773 iv))
1774 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
1775 dec_offset))
1776 /*
1777 * Deliberately add a zero length update. We also deliberately do
1778 * this at a different offset than for encryption.
1779 */
1780 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
1781 0))
1782 || !TEST_int_eq(tmp, 0)
1783 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
1784 ciphertext + dec_offset,
1785 ctlen - dec_offset))
1786 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
1787 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
1788 || !TEST_int_eq(tmp, 0)
1789 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
1790 goto err;
1791
1792 ret = 1;
1793 err:
1794 EVP_CIPHER_CTX_free(ctx);
1795 return ret;
1796 }
1797 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1798
1799 #ifndef OPENSSL_NO_DH
1800 static int test_EVP_PKEY_set1_DH(void)
1801 {
1802 DH *x942dh = NULL, *noqdh = NULL;
1803 EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
1804 int ret = 0;
1805 BIGNUM *p, *g = NULL;
1806
1807 if (!TEST_ptr(p = BN_new())
1808 || !TEST_ptr(g = BN_new())
1809 || !BN_set_word(p, 9999)
1810 || !BN_set_word(g, 2)
1811 || !TEST_ptr(noqdh = DH_new())
1812 || !DH_set0_pqg(noqdh, p, NULL, g))
1813 goto err;
1814 p = g = NULL;
1815
1816 x942dh = DH_get_2048_256();
1817 pkey1 = EVP_PKEY_new();
1818 pkey2 = EVP_PKEY_new();
1819 if (!TEST_ptr(x942dh)
1820 || !TEST_ptr(noqdh)
1821 || !TEST_ptr(pkey1)
1822 || !TEST_ptr(pkey2))
1823 goto err;
1824
1825 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
1826 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
1827 goto err;
1828
1829 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh))
1830 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
1831 goto err;
1832
1833 ret = 1;
1834 err:
1835 BN_free(p);
1836 BN_free(g);
1837 EVP_PKEY_free(pkey1);
1838 EVP_PKEY_free(pkey2);
1839 DH_free(x942dh);
1840 DH_free(noqdh);
1841
1842 return ret;
1843 }
1844 #endif
1845
1846 /*
1847 * We test what happens with an empty template. For the sake of this test,
1848 * the template must be ignored, and we know that's the case for RSA keys
1849 * (this might arguably be a misfeature, but that's what we currently do,
1850 * even in provider code, since that's how the legacy RSA implementation
1851 * does things)
1852 */
1853 static int test_keygen_with_empty_template(int n)
1854 {
1855 EVP_PKEY_CTX *ctx = NULL;
1856 EVP_PKEY *pkey = NULL;
1857 EVP_PKEY *tkey = NULL;
1858 int ret = 0;
1859
1860 switch (n) {
1861 case 0:
1862 /* We do test with no template at all as well */
1863 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)))
1864 goto err;
1865 break;
1866 case 1:
1867 /* Here we create an empty RSA key that serves as our template */
1868 if (!TEST_ptr(tkey = EVP_PKEY_new())
1869 || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA))
1870 || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL)))
1871 goto err;
1872 break;
1873 }
1874
1875 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1876 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
1877 goto err;
1878
1879 ret = 1;
1880 err:
1881 EVP_PKEY_CTX_free(ctx);
1882 EVP_PKEY_free(pkey);
1883 EVP_PKEY_free(tkey);
1884 return ret;
1885 }
1886
1887 /*
1888 * Test that we fail if we attempt to use an algorithm that is not available
1889 * in the current library context (unless we are using an algorithm that
1890 * should be made available via legacy codepaths).
1891 *
1892 * 0: RSA
1893 * 1: SM2
1894 */
1895 static int test_pkey_ctx_fail_without_provider(int tst)
1896 {
1897 OSSL_LIB_CTX *tmpctx = OSSL_LIB_CTX_new();
1898 OSSL_PROVIDER *nullprov = NULL;
1899 EVP_PKEY_CTX *pctx = NULL;
1900 const char *keytype = NULL;
1901 int expect_null = 0;
1902 int ret = 0;
1903
1904 if (!TEST_ptr(tmpctx))
1905 goto err;
1906
1907 nullprov = OSSL_PROVIDER_load(tmpctx, "null");
1908 if (!TEST_ptr(nullprov))
1909 goto err;
1910
1911 /*
1912 * We check for certain algos in the null provider.
1913 * If an algo is expected to have a provider keymgmt, contructing an
1914 * EVP_PKEY_CTX is expected to fail (return NULL).
1915 * Otherwise, if it's expected to have legacy support, contructing an
1916 * EVP_PKEY_CTX is expected to succeed (return non-NULL).
1917 */
1918 switch (tst) {
1919 case 0:
1920 keytype = "RSA";
1921 expect_null = 1;
1922 break;
1923 case 1:
1924 keytype = "SM2";
1925 expect_null = 1;
1926 #ifdef OPENSSL_NO_EC
1927 TEST_info("EC disable, skipping SM2 check...");
1928 goto end;
1929 #endif
1930 #ifdef OPENSSL_NO_SM2
1931 TEST_info("SM2 disable, skipping SM2 check...");
1932 goto end;
1933 #endif
1934 break;
1935 default:
1936 TEST_error("No test for case %d", tst);
1937 goto err;
1938 }
1939
1940 pctx = EVP_PKEY_CTX_new_from_name(tmpctx, keytype, "");
1941 if (expect_null ? !TEST_ptr_null(pctx) : !TEST_ptr(pctx))
1942 goto err;
1943
1944 #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_SM2)
1945 end:
1946 #endif
1947 ret = 1;
1948
1949 err:
1950 EVP_PKEY_CTX_free(pctx);
1951 OSSL_PROVIDER_unload(nullprov);
1952 OSSL_LIB_CTX_free(tmpctx);
1953 return ret;
1954 }
1955
1956 static int test_rand_agglomeration(void)
1957 {
1958 EVP_RAND *rand;
1959 EVP_RAND_CTX *ctx;
1960 OSSL_PARAM params[3], *p = params;
1961 int res;
1962 unsigned int step = 7;
1963 static unsigned char seed[] = "It does not matter how slowly you go "
1964 "as long as you do not stop.";
1965 unsigned char out[sizeof(seed)];
1966
1967 if (!TEST_int_ne(sizeof(seed) % step, 0)
1968 || !TEST_ptr(rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL)))
1969 return 0;
1970 ctx = EVP_RAND_CTX_new(rand, NULL);
1971 EVP_RAND_free(rand);
1972 if (!TEST_ptr(ctx))
1973 return 0;
1974
1975 memset(out, 0, sizeof(out));
1976 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
1977 seed, sizeof(seed));
1978 *p++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_MAX_REQUEST, &step);
1979 *p = OSSL_PARAM_construct_end();
1980 res = TEST_true(EVP_RAND_set_ctx_params(ctx, params))
1981 && TEST_true(EVP_RAND_generate(ctx, out, sizeof(out), 0, 1, NULL, 0))
1982 && TEST_mem_eq(seed, sizeof(seed), out, sizeof(out));
1983 EVP_RAND_CTX_free(ctx);
1984 return res;
1985 }
1986
1987 /*
1988 * Test that we correctly return the original or "running" IV after
1989 * an encryption operation.
1990 * Run multiple times for some different relevant algorithms/modes.
1991 */
1992 static int test_evp_iv(int idx)
1993 {
1994 int ret = 0;
1995 EVP_CIPHER_CTX *ctx = NULL;
1996 unsigned char key[16] = {0x4c, 0x43, 0xdb, 0xdd, 0x42, 0x73, 0x47, 0xd1,
1997 0xe5, 0x62, 0x7d, 0xcd, 0x4d, 0x76, 0x4d, 0x57};
1998 unsigned char init_iv[EVP_MAX_IV_LENGTH] =
1999 {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98, 0x82,
2000 0x5a, 0x55, 0x91, 0x81, 0x42, 0xa8, 0x89, 0x34};
2001 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8,
2002 9, 10, 11, 12, 13, 14, 15, 16 };
2003 unsigned char ciphertext[32], oiv[16], iv[16];
2004 unsigned char *ref_iv;
2005 unsigned char cbc_state[16] = {0x10, 0x2f, 0x05, 0xcc, 0xc2, 0x55, 0x72, 0xb9,
2006 0x88, 0xe6, 0x4a, 0x17, 0x10, 0x74, 0x22, 0x5e};
2007
2008 unsigned char ofb_state[16] = {0x76, 0xe6, 0x66, 0x61, 0xd0, 0x8a, 0xe4, 0x64,
2009 0xdd, 0x66, 0xbf, 0x00, 0xf0, 0xe3, 0x6f, 0xfd};
2010 unsigned char gcm_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2011 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2012 unsigned char ccm_state[7] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b, 0x98};
2013 #ifndef OPENSSL_NO_OCB
2014 unsigned char ocb_state[12] = {0x57, 0x71, 0x7d, 0xad, 0xdb, 0x9b,
2015 0x98, 0x82, 0x5a, 0x55, 0x91, 0x81};
2016 #endif
2017 int len = sizeof(ciphertext);
2018 size_t ivlen, ref_len;
2019 const EVP_CIPHER *type = NULL;
2020
2021 switch(idx) {
2022 case 0:
2023 type = EVP_aes_128_cbc();
2024 /* FALLTHROUGH */
2025 case 5:
2026 type = (type != NULL) ? type :
2027 EVP_CIPHER_fetch(testctx, "aes-128-cbc", NULL);
2028 ref_iv = cbc_state;
2029 ref_len = sizeof(cbc_state);
2030 break;
2031 case 1:
2032 type = EVP_aes_128_ofb();
2033 /* FALLTHROUGH */
2034 case 6:
2035 type = (type != NULL) ? type :
2036 EVP_CIPHER_fetch(testctx, "aes-128-ofb", NULL);
2037 ref_iv = ofb_state;
2038 ref_len = sizeof(ofb_state);
2039 break;
2040 case 2:
2041 type = EVP_aes_128_gcm();
2042 /* FALLTHROUGH */
2043 case 7:
2044 type = (type != NULL) ? type :
2045 EVP_CIPHER_fetch(testctx, "aes-128-gcm", NULL);
2046 ref_iv = gcm_state;
2047 ref_len = sizeof(gcm_state);
2048 break;
2049 case 3:
2050 type = EVP_aes_128_ccm();
2051 /* FALLTHROUGH */
2052 case 8:
2053 type = (type != NULL) ? type :
2054 EVP_CIPHER_fetch(testctx, "aes-128-ccm", NULL);
2055 ref_iv = ccm_state;
2056 ref_len = sizeof(ccm_state);
2057 break;
2058 #ifdef OPENSSL_NO_OCB
2059 case 4:
2060 case 9:
2061 return 1;
2062 #else
2063 case 4:
2064 type = EVP_aes_128_ocb();
2065 /* FALLTHROUGH */
2066 case 9:
2067 type = (type != NULL) ? type :
2068 EVP_CIPHER_fetch(testctx, "aes-128-ocb", NULL);
2069 ref_iv = ocb_state;
2070 ref_len = sizeof(ocb_state);
2071 break;
2072 #endif
2073 default:
2074 return 0;
2075 }
2076
2077 if (!TEST_ptr(type)
2078 || !TEST_ptr((ctx = EVP_CIPHER_CTX_new()))
2079 || !TEST_true(EVP_EncryptInit_ex(ctx, type, NULL, key, init_iv))
2080 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &len, msg,
2081 (int)sizeof(msg)))
2082 || !TEST_true(EVP_CIPHER_CTX_get_iv(ctx, oiv, sizeof(oiv)))
2083 || !TEST_true(EVP_CIPHER_CTX_get_iv_state(ctx, iv, sizeof(iv)))
2084 || !TEST_true(EVP_EncryptFinal_ex(ctx, ciphertext, &len)))
2085 goto err;
2086 ivlen = EVP_CIPHER_CTX_iv_length(ctx);
2087 if (!TEST_mem_eq(init_iv, ivlen, oiv, ivlen)
2088 || !TEST_mem_eq(ref_iv, ref_len, iv, ivlen))
2089 goto err;
2090
2091 ret = 1;
2092 err:
2093 EVP_CIPHER_CTX_free(ctx);
2094 if (idx >= 5)
2095 EVP_CIPHER_free((EVP_CIPHER *)type);
2096 return ret;
2097 }
2098
2099 int setup_tests(void)
2100 {
2101 testctx = OSSL_LIB_CTX_new();
2102
2103 if (!TEST_ptr(testctx))
2104 return 0;
2105
2106 ADD_TEST(test_EVP_set_default_properties);
2107 ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
2108 ADD_TEST(test_EVP_DigestVerifyInit);
2109 ADD_TEST(test_EVP_Enveloped);
2110 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
2111 ADD_TEST(test_privatekey_to_pkcs8);
2112 #ifndef OPENSSL_NO_EC
2113 ADD_TEST(test_EVP_PKCS82PKEY);
2114 #endif
2115 #ifndef OPENSSL_NO_EC
2116 ADD_ALL_TESTS(test_EC_keygen_with_enc, OSSL_NELEM(ec_encodings));
2117 #endif
2118 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
2119 ADD_TEST(test_EVP_SM2);
2120 ADD_TEST(test_EVP_SM2_verify);
2121 #endif
2122 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
2123 #ifndef OPENSSL_NO_DEPRECATED_3_0
2124 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
2125 if (!TEST_ptr(custom_pmeth))
2126 return 0;
2127 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
2128 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
2129 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
2130 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
2131 return 0;
2132 #endif
2133 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
2134 #ifndef OPENSSL_NO_CMAC
2135 ADD_TEST(test_CMAC_keygen);
2136 #endif
2137 ADD_TEST(test_HKDF);
2138 ADD_TEST(test_emptyikm_HKDF);
2139 #ifndef OPENSSL_NO_EC
2140 ADD_TEST(test_X509_PUBKEY_inplace);
2141 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
2142 OSSL_NELEM(ec_der_pub_keys));
2143 #endif
2144 #ifndef OPENSSL_NO_DSA
2145 ADD_TEST(test_DSA_get_set_params);
2146 #endif
2147 ADD_TEST(test_RSA_get_set_params);
2148 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2149 ADD_TEST(test_decrypt_null_chunks);
2150 #endif
2151 #ifndef OPENSSL_NO_DH
2152 ADD_TEST(test_EVP_PKEY_set1_DH);
2153 #endif
2154 ADD_ALL_TESTS(test_keygen_with_empty_template, 2);
2155 ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
2156
2157 ADD_TEST(test_rand_agglomeration);
2158 ADD_ALL_TESTS(test_evp_iv, 10);
2159
2160 return 1;
2161 }
2162
2163 void cleanup_tests(void)
2164 {
2165 OSSL_LIB_CTX_free(testctx);
2166 }
A mirror of the official openssl repository