]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add a test for EVP_Digest[Sign|Verify]* with a BIO MD
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <openssl/bio.h>
14 #include <openssl/conf.h>
15 #include <openssl/crypto.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/rsa.h>
19 #include <openssl/x509.h>
20 #include <openssl/pem.h>
21 #include <openssl/kdf.h>
22 #include <openssl/provider.h>
23 #include <openssl/core_names.h>
24 #include <openssl/dsa.h>
25 #include "testutil.h"
26 #include "internal/nelem.h"
27 #include "crypto/evp.h"
28
29 /*
30 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
31 * should never use this key anywhere but in an example.
32 */
33 static const unsigned char kExampleRSAKeyDER[] = {
34 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
35 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
36 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
37 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
38 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
39 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
40 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
41 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
42 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
43 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
44 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
45 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
46 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
47 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
48 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
49 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
50 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
51 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
52 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
53 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
54 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
55 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
56 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
57 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
58 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
59 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
60 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
61 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
62 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
63 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
64 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
65 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
66 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
67 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
68 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
69 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
70 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
71 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
72 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
73 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
74 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
75 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
76 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
77 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
78 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
79 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
80 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
81 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
82 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
83 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
84 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
85 };
86
87 /*
88 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
89 * should never use this key anywhere but in an example.
90 */
91 static const unsigned char kExampleDSAKeyDER[] = {
92 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
93 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
94 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
95 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
96 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
97 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
98 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
99 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
100 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
101 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
102 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
103 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
104 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
105 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
106 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
107 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
108 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
109 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
110 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
111 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
112 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
113 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
114 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
115 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
116 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
117 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
118 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
119 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
120 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
121 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
122 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
123 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
124 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
125 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
126 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
127 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
128 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
129 0x40, 0x48
130 };
131
132 /*
133 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
134 * components are not correct.
135 */
136 static const unsigned char kExampleBadRSAKeyDER[] = {
137 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
138 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
139 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
140 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
141 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
142 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
143 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
144 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
145 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
146 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
147 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
148 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
149 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
150 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
151 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
152 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
153 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
154 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
155 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
156 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
157 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
158 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
159 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
160 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
161 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
162 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
163 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
164 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
165 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
166 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
167 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
168 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
169 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
170 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
171 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
172 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
173 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
174 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
175 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
176 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
177 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
178 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
179 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
180 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
181 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
182 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
183 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
184 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
185 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
186 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
187 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
188 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
189 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
190 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
191 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
192 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
193 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
194 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
195 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
196 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
197 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
198 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
199 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
200 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
201 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
202 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
203 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
204 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
205 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
206 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
207 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
208 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
209 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
210 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
211 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
212 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
213 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
214 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
215 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
216 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
217 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
218 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
219 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
220 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
221 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
222 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
223 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
224 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
225 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
226 };
227
228 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
229
230 static const unsigned char kSignature[] = {
231 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
232 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
233 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
234 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
235 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
236 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
237 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
238 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
239 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
240 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
241 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
242 };
243
244 /*
245 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
246 * PrivateKeyInfo.
247 */
248 static const unsigned char kExampleRSAKeyPKCS8[] = {
249 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
250 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
251 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
252 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
253 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
254 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
255 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
256 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
257 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
258 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
259 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
260 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
261 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
262 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
263 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
264 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
265 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
266 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
267 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
268 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
269 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
270 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
271 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
272 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
273 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
274 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
275 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
276 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
277 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
278 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
279 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
280 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
281 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
282 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
283 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
284 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
285 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
286 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
287 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
288 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
289 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
290 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
291 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
292 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
293 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
294 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
295 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
296 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
297 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
298 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
299 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
300 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
301 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
302 };
303
304 #ifndef OPENSSL_NO_EC
305 /*
306 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
307 * structure.
308 */
309 static const unsigned char kExampleECKeyDER[] = {
310 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
311 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
312 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
313 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
314 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
315 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
316 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
317 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
318 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
319 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
320 0xc1,
321 };
322
323 /*
324 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
325 * structure. The private key is equal to the order and will fail to import
326 */
327 static const unsigned char kExampleBadECKeyDER[] = {
328 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
329 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
330 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
331 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
332 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
333 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
334 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
335 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
336 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
337 };
338
339 /* prime256v1 */
340 static const unsigned char kExampleECPubKeyDER[] = {
341 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
342 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
343 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
344 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
345 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
346 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
347 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
348 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
349 };
350
351 /*
352 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
353 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
354 */
355 static const unsigned char kExampleBadECPubKeyDER[] = {
356 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
357 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
358 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
359 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
360 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
361 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
362 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
363 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
364 };
365
366 static const unsigned char pExampleECParamDER[] = {
367 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
368 };
369 #endif
370
371 typedef struct APK_DATA_st {
372 const unsigned char *kder;
373 size_t size;
374 int evptype;
375 int check;
376 int pub_check;
377 int param_check;
378 int type; /* 0 for private, 1 for public, 2 for params */
379 } APK_DATA;
380
381 static APK_DATA keydata[] = {
382 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
383 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
384 #ifndef OPENSSL_NO_EC
385 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
386 #endif
387 };
388
389 static APK_DATA keycheckdata[] = {
390 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
391 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
392 0, -2, -2, 0},
393 #ifndef OPENSSL_NO_EC
394 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
395 /* group is also associated in our pub key */
396 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
397 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
398 #endif
399 };
400
401 static EVP_PKEY *load_example_rsa_key(void)
402 {
403 EVP_PKEY *ret = NULL;
404 const unsigned char *derp = kExampleRSAKeyDER;
405 EVP_PKEY *pkey = NULL;
406 RSA *rsa = NULL;
407
408 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
409 return NULL;
410
411 if (!TEST_ptr(pkey = EVP_PKEY_new())
412 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
413 goto end;
414
415 ret = pkey;
416 pkey = NULL;
417
418 end:
419 EVP_PKEY_free(pkey);
420 RSA_free(rsa);
421
422 return ret;
423 }
424
425 static EVP_PKEY *load_example_dsa_key(void)
426 {
427 EVP_PKEY *ret = NULL;
428 const unsigned char *derp = kExampleDSAKeyDER;
429 EVP_PKEY *pkey = NULL;
430 DSA *dsa = NULL;
431
432 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
433 return NULL;
434
435 if (!TEST_ptr(pkey = EVP_PKEY_new())
436 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
437 goto end;
438
439 ret = pkey;
440 pkey = NULL;
441
442 end:
443 EVP_PKEY_free(pkey);
444 DSA_free(dsa);
445
446 return ret;
447 }
448
449
450 static int test_EVP_Enveloped(void)
451 {
452 int ret = 0;
453 EVP_CIPHER_CTX *ctx = NULL;
454 EVP_PKEY *keypair = NULL;
455 unsigned char *kek = NULL;
456 unsigned char iv[EVP_MAX_IV_LENGTH];
457 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
458 int len, kek_len, ciphertext_len, plaintext_len;
459 unsigned char ciphertext[32], plaintext[16];
460 const EVP_CIPHER *type = EVP_aes_256_cbc();
461
462 if (!TEST_ptr(keypair = load_example_rsa_key())
463 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
464 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
465 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
466 &keypair, 1))
467 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
468 msg, sizeof(msg)))
469 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
470 &len)))
471 goto err;
472
473 ciphertext_len += len;
474
475 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
476 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
477 ciphertext, ciphertext_len))
478 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
479 goto err;
480
481 plaintext_len += len;
482 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
483 goto err;
484
485 ret = 1;
486 err:
487 OPENSSL_free(kek);
488 EVP_PKEY_free(keypair);
489 EVP_CIPHER_CTX_free(ctx);
490 return ret;
491 }
492
493 /*
494 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA)
495 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA)
496 * Test 2: Use an MD BIO to do the Update calls instead (RSA)
497 * Test 3: Use an MD BIO to do the Update calls instead (DSA)
498 */
499 static int test_EVP_DigestSignInit(int tst)
500 {
501 int ret = 0;
502 EVP_PKEY *pkey = NULL;
503 unsigned char *sig = NULL;
504 size_t sig_len = 0;
505 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
506 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
507 BIO *mdbio = NULL, *membio = NULL;
508 size_t written;
509
510 if (tst >= 2) {
511 membio = BIO_new(BIO_s_mem());
512 mdbio = BIO_new(BIO_f_md());
513 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
514 goto out;
515 BIO_push(mdbio, membio);
516 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
517 goto out;
518 } else {
519 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
520 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
521 goto out;
522 }
523
524 if (tst == 0 || tst == 2) {
525 if (!TEST_ptr(pkey = load_example_rsa_key()))
526 goto out;
527 } else {
528 if (!TEST_ptr(pkey = load_example_dsa_key()))
529 goto out;
530 }
531
532 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)))
533 goto out;
534
535 if (tst >= 2) {
536 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
537 goto out;
538 } else {
539 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
540 goto out;
541 }
542
543 /* Determine the size of the signature. */
544 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
545 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
546 goto out;
547
548 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
549 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
550 goto out;
551
552 if (tst >= 2) {
553 if (!TEST_int_gt(BIO_reset(mdbio), 0)
554 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
555 goto out;
556 }
557
558 /* Ensure that the signature round-trips. */
559 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
560 NULL, pkey)))
561 goto out;
562
563 if (tst >= 2) {
564 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
565 goto out;
566 } else {
567 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
568 sizeof(kMsg))))
569 goto out;
570 }
571 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
572 goto out;
573
574 ret = 1;
575
576 out:
577 BIO_free(membio);
578 BIO_free(mdbio);
579 EVP_MD_CTX_free(a_md_ctx);
580 EVP_MD_CTX_free(a_md_ctx_verify);
581 EVP_PKEY_free(pkey);
582 OPENSSL_free(sig);
583
584 return ret;
585 }
586
587 static int test_EVP_DigestVerifyInit(void)
588 {
589 int ret = 0;
590 EVP_PKEY *pkey = NULL;
591 EVP_MD_CTX *md_ctx = NULL;
592
593 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
594 || !TEST_ptr(pkey = load_example_rsa_key()))
595 goto out;
596
597 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
598 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
599 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
600 sizeof(kSignature))))
601 goto out;
602 ret = 1;
603
604 out:
605 EVP_MD_CTX_free(md_ctx);
606 EVP_PKEY_free(pkey);
607 return ret;
608 }
609
610 static int test_d2i_AutoPrivateKey(int i)
611 {
612 int ret = 0;
613 const unsigned char *p;
614 EVP_PKEY *pkey = NULL;
615 const APK_DATA *ak = &keydata[i];
616 const unsigned char *input = ak->kder;
617 size_t input_len = ak->size;
618 int expected_id = ak->evptype;
619
620 p = input;
621 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
622 || !TEST_ptr_eq(p, input + input_len)
623 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
624 goto done;
625
626 ret = 1;
627
628 done:
629 EVP_PKEY_free(pkey);
630 return ret;
631 }
632
633 #ifndef OPENSSL_NO_EC
634
635 static const unsigned char ec_public_sect163k1_validxy[] = {
636 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
637 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
638 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
639 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
640 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
641 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
642 };
643
644 static const unsigned char ec_public_sect163k1_badx[] = {
645 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
646 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
647 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
648 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
649 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
650 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
651 };
652
653 static const unsigned char ec_public_sect163k1_bady[] = {
654 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
655 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
656 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
657 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
658 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
659 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
660 };
661
662 static struct ec_der_pub_keys_st {
663 const unsigned char *der;
664 size_t len;
665 int valid;
666 } ec_der_pub_keys[] = {
667 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
668 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
669 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
670 };
671
672 /*
673 * Tests the range of the decoded EC char2 public point.
674 * See ec_GF2m_simple_oct2point().
675 */
676 static int test_invalide_ec_char2_pub_range_decode(int id)
677 {
678 int ret = 0;
679 BIO *bio = NULL;
680 EC_KEY *eckey = NULL;
681
682 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
683 ec_der_pub_keys[id].len)))
684 goto err;
685 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
686 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
687 || TEST_ptr_null(eckey);
688 err:
689 EC_KEY_free(eckey);
690 BIO_free(bio);
691 return ret;
692 }
693
694 /* Tests loading a bad key in PKCS8 format */
695 static int test_EVP_PKCS82PKEY(void)
696 {
697 int ret = 0;
698 const unsigned char *derp = kExampleBadECKeyDER;
699 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
700 EVP_PKEY *pkey = NULL;
701
702 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
703 sizeof(kExampleBadECKeyDER))))
704 goto done;
705
706 if (!TEST_ptr_eq(derp,
707 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
708 goto done;
709
710 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
711 goto done;
712
713 ret = 1;
714
715 done:
716 PKCS8_PRIV_KEY_INFO_free(p8inf);
717 EVP_PKEY_free(pkey);
718
719 return ret;
720 }
721 #endif
722
723 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
724
725 static int test_EVP_SM2_verify(void)
726 {
727 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
728 const char *pubkey =
729 "-----BEGIN PUBLIC KEY-----\n"
730 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
731 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
732 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
733 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
734 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
735 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
736 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
737 "-----END PUBLIC KEY-----\n";
738
739 const char *msg = "message digest";
740 const char *id = "ALICE123@YAHOO.COM";
741
742 const uint8_t signature[] = {
743 0x30, 0x44, 0x02, 0x20,
744
745 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
746 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
747 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
748
749 0x02, 0x20,
750
751 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
752 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
753 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
754 };
755
756 int rc = 0;
757 BIO *bio = NULL;
758 EVP_PKEY *pkey = NULL;
759 EVP_MD_CTX *mctx = NULL;
760 EVP_PKEY_CTX *pctx = NULL;
761
762 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
763 if (!TEST_true(bio != NULL))
764 goto done;
765
766 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
767 if (!TEST_true(pkey != NULL))
768 goto done;
769
770 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
771 goto done;
772
773 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
774 goto done;
775
776 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
777 goto done;
778
779 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
780 strlen(id)), 0))
781 goto done;
782
783 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
784
785 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
786 goto done;
787
788 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
789 goto done;
790
791 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
792 goto done;
793 rc = 1;
794
795 done:
796 BIO_free(bio);
797 EVP_PKEY_free(pkey);
798 EVP_PKEY_CTX_free(pctx);
799 EVP_MD_CTX_free(mctx);
800 return rc;
801 }
802
803 static int test_EVP_SM2(void)
804 {
805 int ret = 0;
806 EVP_PKEY *pkey = NULL;
807 EVP_PKEY *params = NULL;
808 EVP_PKEY_CTX *pctx = NULL;
809 EVP_PKEY_CTX *kctx = NULL;
810 EVP_PKEY_CTX *sctx = NULL;
811 size_t sig_len = 0;
812 unsigned char *sig = NULL;
813 EVP_MD_CTX *md_ctx = NULL;
814 EVP_MD_CTX *md_ctx_verify = NULL;
815 EVP_PKEY_CTX *cctx = NULL;
816
817 uint8_t ciphertext[128];
818 size_t ctext_len = sizeof(ciphertext);
819
820 uint8_t plaintext[8];
821 size_t ptext_len = sizeof(plaintext);
822
823 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
824
825 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
826 if (!TEST_ptr(pctx))
827 goto done;
828
829 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
830 goto done;
831
832 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
833 goto done;
834
835 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
836 goto done;
837
838 kctx = EVP_PKEY_CTX_new(params, NULL);
839 if (!TEST_ptr(kctx))
840 goto done;
841
842 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
843 goto done;
844
845 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
846 goto done;
847
848 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
849 goto done;
850
851 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
852 goto done;
853
854 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
855 goto done;
856
857 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
858 goto done;
859
860 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
861 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
862
863 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
864 goto done;
865
866 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
867 goto done;
868
869 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
870 goto done;
871
872 /* Determine the size of the signature. */
873 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
874 goto done;
875
876 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
877 goto done;
878
879 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
880 goto done;
881
882 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
883 goto done;
884
885 /* Ensure that the signature round-trips. */
886
887 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
888 goto done;
889
890 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
891 goto done;
892
893 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
894 goto done;
895
896 /* now check encryption/decryption */
897
898 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
899 goto done;
900
901 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
902 goto done;
903
904 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
905 goto done;
906
907 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
908 goto done;
909
910 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
911 goto done;
912
913 if (!TEST_true(ptext_len == sizeof(kMsg)))
914 goto done;
915
916 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
917 goto done;
918
919 ret = 1;
920 done:
921 EVP_PKEY_CTX_free(pctx);
922 EVP_PKEY_CTX_free(kctx);
923 EVP_PKEY_CTX_free(sctx);
924 EVP_PKEY_CTX_free(cctx);
925 EVP_PKEY_free(pkey);
926 EVP_PKEY_free(params);
927 EVP_MD_CTX_free(md_ctx);
928 EVP_MD_CTX_free(md_ctx_verify);
929 OPENSSL_free(sig);
930 return ret;
931 }
932
933 #endif
934
935 static struct keys_st {
936 int type;
937 char *priv;
938 char *pub;
939 } keys[] = {
940 {
941 EVP_PKEY_HMAC, "0123456789", NULL
942 }, {
943 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
944 }, {
945 EVP_PKEY_SIPHASH, "0123456789012345", NULL
946 },
947 #ifndef OPENSSL_NO_EC
948 {
949 EVP_PKEY_X25519, "01234567890123456789012345678901",
950 "abcdefghijklmnopqrstuvwxyzabcdef"
951 }, {
952 EVP_PKEY_ED25519, "01234567890123456789012345678901",
953 "abcdefghijklmnopqrstuvwxyzabcdef"
954 }, {
955 EVP_PKEY_X448,
956 "01234567890123456789012345678901234567890123456789012345",
957 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
958 }, {
959 EVP_PKEY_ED448,
960 "012345678901234567890123456789012345678901234567890123456",
961 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
962 }
963 #endif
964 };
965
966 static int test_set_get_raw_keys_int(int tst, int pub)
967 {
968 int ret = 0;
969 unsigned char buf[80];
970 unsigned char *in;
971 size_t inlen, len = 0;
972 EVP_PKEY *pkey;
973
974 /* Check if this algorithm supports public keys */
975 if (keys[tst].pub == NULL)
976 return 1;
977
978 memset(buf, 0, sizeof(buf));
979
980 if (pub) {
981 inlen = strlen(keys[tst].pub);
982 in = (unsigned char *)keys[tst].pub;
983 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
984 NULL,
985 in,
986 inlen);
987 } else {
988 inlen = strlen(keys[tst].priv);
989 in = (unsigned char *)keys[tst].priv;
990 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
991 NULL,
992 in,
993 inlen);
994 }
995
996 if (!TEST_ptr(pkey)
997 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
998 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
999 || !TEST_true(len == inlen)
1000 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1001 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1002 || !TEST_mem_eq(in, inlen, buf, len))
1003 goto done;
1004
1005 ret = 1;
1006 done:
1007 EVP_PKEY_free(pkey);
1008 return ret;
1009 }
1010
1011 static int test_set_get_raw_keys(int tst)
1012 {
1013 return test_set_get_raw_keys_int(tst, 0)
1014 && test_set_get_raw_keys_int(tst, 1);
1015 }
1016
1017 static int pkey_custom_check(EVP_PKEY *pkey)
1018 {
1019 return 0xbeef;
1020 }
1021
1022 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1023 {
1024 return 0xbeef;
1025 }
1026
1027 static int pkey_custom_param_check(EVP_PKEY *pkey)
1028 {
1029 return 0xbeef;
1030 }
1031
1032 static EVP_PKEY_METHOD *custom_pmeth;
1033
1034 static int test_EVP_PKEY_check(int i)
1035 {
1036 int ret = 0;
1037 const unsigned char *p;
1038 EVP_PKEY *pkey = NULL;
1039 #ifndef OPENSSL_NO_EC
1040 EC_KEY *eckey = NULL;
1041 #endif
1042 EVP_PKEY_CTX *ctx = NULL;
1043 EVP_PKEY_CTX *ctx2 = NULL;
1044 const APK_DATA *ak = &keycheckdata[i];
1045 const unsigned char *input = ak->kder;
1046 size_t input_len = ak->size;
1047 int expected_id = ak->evptype;
1048 int expected_check = ak->check;
1049 int expected_pub_check = ak->pub_check;
1050 int expected_param_check = ak->param_check;
1051 int type = ak->type;
1052 BIO *pubkey = NULL;
1053
1054 p = input;
1055
1056 switch (type) {
1057 case 0:
1058 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1059 || !TEST_ptr_eq(p, input + input_len)
1060 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1061 goto done;
1062 break;
1063 #ifndef OPENSSL_NO_EC
1064 case 1:
1065 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1066 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1067 || !TEST_ptr(pkey = EVP_PKEY_new())
1068 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1069 goto done;
1070 break;
1071 case 2:
1072 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1073 || !TEST_ptr_eq(p, input + input_len)
1074 || !TEST_ptr(pkey = EVP_PKEY_new())
1075 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1076 goto done;
1077 break;
1078 #endif
1079 default:
1080 return 0;
1081 }
1082
1083 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1084 goto done;
1085
1086 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1087 goto done;
1088
1089 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1090 goto done;
1091
1092 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1093 goto done;
1094
1095 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1096 /* assign the pkey directly, as an internal test */
1097 EVP_PKEY_up_ref(pkey);
1098 ctx2->pkey = pkey;
1099
1100 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1101 goto done;
1102
1103 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1104 goto done;
1105
1106 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1107 goto done;
1108
1109 ret = 1;
1110
1111 done:
1112 EVP_PKEY_CTX_free(ctx);
1113 EVP_PKEY_CTX_free(ctx2);
1114 EVP_PKEY_free(pkey);
1115 BIO_free(pubkey);
1116 return ret;
1117 }
1118
1119 static int test_HKDF(void)
1120 {
1121 EVP_PKEY_CTX *pctx;
1122 unsigned char out[20];
1123 size_t outlen;
1124 int i, ret = 0;
1125 unsigned char salt[] = "0123456789";
1126 unsigned char key[] = "012345678901234567890123456789";
1127 unsigned char info[] = "infostring";
1128 const unsigned char expected[] = {
1129 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1130 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1131 };
1132 size_t expectedlen = sizeof(expected);
1133
1134 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1135 goto done;
1136
1137 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1138 for (i = 0; i < 2; i++) {
1139 outlen = sizeof(out);
1140 memset(out, 0, outlen);
1141
1142 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1143 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1144 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1145 sizeof(salt) - 1), 0)
1146 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1147 sizeof(key) - 1), 0)
1148 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1149 sizeof(info) - 1), 0)
1150 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1151 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1152 goto done;
1153 }
1154
1155 ret = 1;
1156
1157 done:
1158 EVP_PKEY_CTX_free(pctx);
1159
1160 return ret;
1161 }
1162
1163 #ifndef OPENSSL_NO_EC
1164 static int test_X509_PUBKEY_inplace(void)
1165 {
1166 int ret = 0;
1167 X509_PUBKEY *xp = NULL;
1168 const unsigned char *p = kExampleECPubKeyDER;
1169 size_t input_len = sizeof(kExampleECPubKeyDER);
1170
1171 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1172 goto done;
1173
1174 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1175 goto done;
1176
1177 p = kExampleBadECPubKeyDER;
1178 input_len = sizeof(kExampleBadECPubKeyDER);
1179
1180 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1181 goto done;
1182
1183 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1184 goto done;
1185
1186 ret = 1;
1187
1188 done:
1189 X509_PUBKEY_free(xp);
1190 return ret;
1191 }
1192 #endif /* OPENSSL_NO_EC */
1193
1194 #ifndef OPENSSL_NO_DSA
1195 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1196 static int test_EVP_PKEY_CTX_get_set_params(void)
1197 {
1198 EVP_MD_CTX *mdctx = NULL;
1199 EVP_PKEY_CTX *ctx = NULL;
1200 EVP_SIGNATURE *dsaimpl = NULL;
1201 const OSSL_PARAM *params;
1202 OSSL_PARAM ourparams[2], *param = ourparams;
1203 DSA *dsa = NULL;
1204 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1205 EVP_PKEY *pkey = NULL;
1206 int ret = 0;
1207 const EVP_MD *md;
1208 size_t mdsize = SHA512_DIGEST_LENGTH;
1209 char ssl3ms[48];
1210
1211 /*
1212 * Setup the parameters for our DSA object. For our purposes they don't have
1213 * to actually be *valid* parameters. We just need to set something. We
1214 * don't even need a pub_key/priv_key.
1215 */
1216 dsa = DSA_new();
1217 p = BN_new();
1218 q = BN_new();
1219 g = BN_new();
1220 if (!TEST_ptr(dsa)
1221 || !TEST_ptr(p)
1222 || !TEST_ptr(q)
1223 || !TEST_ptr(g)
1224 || !DSA_set0_pqg(dsa, p, q, g))
1225 goto err;
1226 p = q = g = NULL;
1227
1228 pkey = EVP_PKEY_new();
1229 if (!TEST_ptr(pkey)
1230 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1231 goto err;
1232
1233 dsa = NULL;
1234
1235 /* Initialise a sign operation */
1236 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1237 dsaimpl = EVP_SIGNATURE_fetch(NULL, "DSA", NULL);
1238 if (!TEST_ptr(ctx)
1239 || !TEST_ptr(dsaimpl)
1240 || !TEST_int_gt(EVP_PKEY_sign_init_ex(ctx, dsaimpl), 0))
1241 goto err;
1242
1243 /*
1244 * We should be able to query the parameters now. The default DSA
1245 * implementation supports exactly one parameter - so we expect to see that
1246 * returned and no more.
1247 */
1248 params = EVP_PKEY_CTX_settable_params(ctx);
1249 if (!TEST_ptr(params)
1250 || !TEST_int_eq(strcmp(params[0].key,
1251 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1252 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1253 0)
1254 /* The final key should be NULL */
1255 || !TEST_ptr_null(params[2].key))
1256 goto err;
1257
1258 /* Gettable params are the same as the settable ones */
1259 params = EVP_PKEY_CTX_gettable_params(ctx);
1260 if (!TEST_ptr(params)
1261 || !TEST_int_eq(strcmp(params[0].key,
1262 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1263 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1264 0)
1265 /* The final key should be NULL */
1266 || !TEST_ptr_null(params[2].key))
1267 goto err;
1268
1269 /*
1270 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1271 * EVP_PKEY_CTX_get_params()
1272 */
1273 *param++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE,
1274 &mdsize);
1275 *param++ = OSSL_PARAM_construct_end();
1276
1277 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1278 goto err;
1279
1280 mdsize = 0;
1281 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1282 || !TEST_size_t_eq(mdsize, SHA512_DIGEST_LENGTH))
1283 goto err;
1284
1285 /*
1286 * Test the TEST_PKEY_CTX_set_signature_md() and
1287 * TEST_PKEY_CTX_get_signature_md() functions
1288 */
1289 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1290 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1291 || !TEST_ptr_eq(md, EVP_sha256()))
1292 goto err;
1293
1294 /*
1295 * Test getting MD parameters via an associated EVP_PKEY_CTX
1296 */
1297 mdctx = EVP_MD_CTX_new();
1298 if (!TEST_ptr(mdctx)
1299 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL,
1300 pkey, dsaimpl)))
1301 goto err;
1302
1303 /*
1304 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1305 * able to obtain the digest's settable parameters from the provider.
1306 */
1307 params = EVP_MD_CTX_settable_params(mdctx);
1308 if (!TEST_ptr(params)
1309 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1310 /* The final key should be NULL */
1311 || !TEST_ptr_null(params[1].key))
1312 goto err;
1313
1314 param = ourparams;
1315 memset(ssl3ms, 0, sizeof(ssl3ms));
1316 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1317 ssl3ms, sizeof(ssl3ms));
1318 *param++ = OSSL_PARAM_construct_end();
1319
1320 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1321 goto err;
1322
1323 ret = 1;
1324
1325 err:
1326 EVP_MD_CTX_free(mdctx);
1327 EVP_PKEY_CTX_free(ctx);
1328 EVP_SIGNATURE_free(dsaimpl);
1329 EVP_PKEY_free(pkey);
1330 DSA_free(dsa);
1331 BN_free(p);
1332 BN_free(q);
1333 BN_free(g);
1334
1335 return ret;
1336 }
1337 #endif
1338
1339 int setup_tests(void)
1340 {
1341 ADD_ALL_TESTS(test_EVP_DigestSignInit, 4);
1342 ADD_TEST(test_EVP_DigestVerifyInit);
1343 ADD_TEST(test_EVP_Enveloped);
1344 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1345 #ifndef OPENSSL_NO_EC
1346 ADD_TEST(test_EVP_PKCS82PKEY);
1347 #endif
1348 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
1349 ADD_TEST(test_EVP_SM2);
1350 ADD_TEST(test_EVP_SM2_verify);
1351 #endif
1352 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1353 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1354 if (!TEST_ptr(custom_pmeth))
1355 return 0;
1356 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1357 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1358 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1359 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1360 return 0;
1361 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1362 ADD_TEST(test_HKDF);
1363 #ifndef OPENSSL_NO_EC
1364 ADD_TEST(test_X509_PUBKEY_inplace);
1365 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1366 OSSL_NELEM(ec_der_pub_keys));
1367 #endif
1368 #ifndef OPENSSL_NO_DSA
1369 ADD_TEST(test_EVP_PKEY_CTX_get_set_params);
1370 #endif
1371 return 1;
1372 }
A mirror of the official openssl repository