]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_pkey_provided_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Decoding PKCS#8: separate decoding of encrypted and unencrypted PKCS#8
[thirdparty/openssl.git] / test / evp_pkey_provided_test.c
1 /*
2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/encoder.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
21 #include "testutil.h"
22
23 static char *datadir = NULL;
24
25 /*
26 * Do not change the order of the following defines unless you also
27 * update the for loop bounds used inside test_print_key_using_encoder() and
28 * test_print_key_using_encoder_public().
29 */
30 #define PRIV_TEXT 0
31 #define PRIV_PEM 1
32 #define PRIV_DER 2
33 #define PUB_TEXT 3
34 #define PUB_PEM 4
35 #define PUB_DER 5
36
37 static void stripcr(char *buf, size_t *len)
38 {
39 size_t i;
40 char *curr, *writ;
41
42 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
43 if (*curr == '\r') {
44 (*len)--;
45 continue;
46 }
47 if (curr != writ)
48 *writ = *curr;
49 writ++;
50 }
51 }
52
53 static int compare_with_file(const char *alg, int type, BIO *membio)
54 {
55 char filename[80];
56 BIO *file = NULL;
57 char buf[4096];
58 char *memdata, *fullfile = NULL;
59 const char *suffix;
60 size_t readbytes;
61 int ret = 0;
62 int len;
63 size_t slen;
64
65 switch (type) {
66 case PRIV_TEXT:
67 suffix = "priv.txt";
68 break;
69
70 case PRIV_PEM:
71 suffix = "priv.pem";
72 break;
73
74 case PRIV_DER:
75 suffix = "priv.der";
76 break;
77
78 case PUB_TEXT:
79 suffix = "pub.txt";
80 break;
81
82 case PUB_PEM:
83 suffix = "pub.pem";
84 break;
85
86 case PUB_DER:
87 suffix = "pub.der";
88 break;
89
90 default:
91 TEST_error("Invalid file type");
92 goto err;
93 }
94
95 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
96 fullfile = test_mk_file_path(datadir, filename);
97 if (!TEST_ptr(fullfile))
98 goto err;
99
100 file = BIO_new_file(fullfile, "rb");
101 if (!TEST_ptr(file))
102 goto err;
103
104 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
105 || !TEST_true(BIO_eof(file))
106 || !TEST_size_t_lt(readbytes, sizeof(buf)))
107 goto err;
108
109 len = BIO_get_mem_data(membio, &memdata);
110 if (!TEST_int_gt(len, 0))
111 goto err;
112
113 slen = len;
114 if (type != PRIV_DER && type != PUB_DER) {
115 stripcr(memdata, &slen);
116 stripcr(buf, &readbytes);
117 }
118
119 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
120 goto err;
121
122 ret = 1;
123 err:
124 OPENSSL_free(fullfile);
125 (void)BIO_reset(membio);
126 BIO_free(file);
127 return ret;
128 }
129
130 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
131 {
132 BIO *membio = BIO_new(BIO_s_mem());
133 int ret = 0;
134
135 if (!TEST_ptr(membio))
136 goto err;
137
138 if (/* Output Encrypted private key in PEM form */
139 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
140 (unsigned char *)"pass", 4,
141 NULL, NULL))
142 /* Private key in text form */
143 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
144 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
145 /* Public key in PEM form */
146 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
147 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
148 /* Unencrypted private key in PEM form */
149 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
150 NULL, NULL, 0, NULL, NULL))
151 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
152 goto err;
153
154 ret = 1;
155 err:
156 BIO_free(membio);
157 return ret;
158 }
159
160 static int test_print_key_type_using_encoder(const char *alg, int type,
161 const EVP_PKEY *pk)
162 {
163 const char *output_type, *output_structure;
164 int selection;
165 OSSL_ENCODER_CTX *ctx = NULL;
166 BIO *membio = BIO_new(BIO_s_mem());
167 int ret = 0;
168
169 switch (type) {
170 case PRIV_TEXT:
171 output_type = "TEXT";
172 output_structure = NULL;
173 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
174 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
175 break;
176
177 case PRIV_PEM:
178 output_type = "PEM";
179 output_structure = "PrivateKeyInfo";
180 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
181 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
182 break;
183
184 case PRIV_DER:
185 output_type = "DER";
186 output_structure = "PrivateKeyInfo";
187 selection = OSSL_KEYMGMT_SELECT_KEYPAIR
188 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
189 break;
190
191 case PUB_TEXT:
192 output_type = "TEXT";
193 output_structure = NULL;
194 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
195 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
196 break;
197
198 case PUB_PEM:
199 output_type = "PEM";
200 output_structure = "SubjectPublicKeyInfo";
201 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
202 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
203 break;
204
205 case PUB_DER:
206 output_type = "DER";
207 output_structure = "SubjectPublicKeyInfo";
208 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
209 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
210 break;
211
212 default:
213 TEST_error("Invalid encoding type");
214 goto err;
215 }
216
217 if (!TEST_ptr(membio))
218 goto err;
219
220 /* Make a context, it's valid for several prints */
221 TEST_note("Setting up a OSSL_ENCODER context with passphrase");
222 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
223 output_type,
224 output_structure,
225 NULL))
226 /* Check that this operation is supported */
227 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
228 goto err;
229
230 /* Use no cipher. This should give us an unencrypted PEM */
231 TEST_note("Testing with no encryption");
232 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
233 || !TEST_true(compare_with_file(alg, type, membio)))
234 goto err;
235
236 if (type == PRIV_PEM) {
237 /* Set a passphrase to be used later */
238 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
239 (unsigned char *)"pass",
240 4)))
241 goto err;
242
243 /* Use a valid cipher name */
244 TEST_note("Displaying PEM encrypted with AES-256-CBC");
245 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
246 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
247 goto err;
248
249 /* Use an invalid cipher name, which should generate no output */
250 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
251 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
252 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
253 goto err;
254
255 /* Clear the cipher. This should give us an unencrypted PEM again */
256 TEST_note("Testing with encryption cleared (no encryption)");
257 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
258 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
259 || !TEST_true(compare_with_file(alg, type, membio)))
260 goto err;
261 }
262 ret = 1;
263 err:
264 BIO_free(membio);
265 OSSL_ENCODER_CTX_free(ctx);
266 return ret;
267 }
268
269 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
270 {
271 int i;
272 int ret = 1;
273
274 for (i = PRIV_TEXT; i <= PUB_DER; i++)
275 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
276
277 return ret;
278 }
279
280 #ifndef OPENSSL_NO_EC
281 static int test_print_key_using_encoder_public(const char *alg,
282 const EVP_PKEY *pk)
283 {
284 int i;
285 int ret = 1;
286
287 for (i = PUB_TEXT; i <= PUB_DER; i++)
288 ret = ret && test_print_key_type_using_encoder(alg, i, pk);
289
290 return ret;
291 }
292 #endif
293
294 /* Array indexes used in test_fromdata_rsa */
295 #define N 0
296 #define E 1
297 #define D 2
298 #define P 3
299 #define Q 4
300 #define DP 5
301 #define DQ 6
302 #define QINV 7
303
304 static int test_fromdata_rsa(void)
305 {
306 int ret = 0, i;
307 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
308 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
309 /*
310 * 32-bit RSA key, extracted from this command,
311 * executed with OpenSSL 1.0.2:
312 *
313 * openssl genrsa 32 | openssl rsa -text
314 */
315 static unsigned long key_numbers[] = {
316 0xbc747fc5, /* N */
317 0x10001, /* E */
318 0x7b133399, /* D */
319 0xe963, /* P */
320 0xceb7, /* Q */
321 0x8599, /* DP */
322 0xbd87, /* DQ */
323 0xcc3b, /* QINV */
324 };
325 OSSL_PARAM fromdata_params[] = {
326 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
327 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
328 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
329 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
330 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
331 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
332 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
333 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
334 OSSL_PARAM_END
335 };
336 BIGNUM *bn = BN_new();
337 BIGNUM *bn_from = BN_new();
338
339 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
340 goto err;
341
342 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
343 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
344 fromdata_params)))
345 goto err;
346
347 while (dup_pk == NULL) {
348 ret = 0;
349 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
350 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
351 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
352 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
353 goto err;
354
355 EVP_PKEY_CTX_free(key_ctx);
356 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
357 goto err;
358
359 if (!TEST_true(EVP_PKEY_check(key_ctx))
360 || !TEST_true(EVP_PKEY_public_check(key_ctx))
361 || !TEST_true(EVP_PKEY_private_check(key_ctx))
362 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
363 goto err;
364
365 /* EVP_PKEY_copy_parameters() should fail for RSA */
366 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
367 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
368 goto err;
369 EVP_PKEY_free(copy_pk);
370 copy_pk = NULL;
371
372 ret = test_print_key_using_pem("RSA", pk)
373 && test_print_key_using_encoder("RSA", pk);
374
375 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
376 goto err;
377 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
378 EVP_PKEY_free(pk);
379 pk = dup_pk;
380 if (!ret)
381 goto err;
382 }
383 err:
384 /* for better diagnostics always compare key params */
385 for (i = 0; fromdata_params[i].key != NULL; ++i) {
386 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
387 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
388 || !TEST_BN_eq(bn, bn_from))
389 ret = 0;
390 }
391 BN_free(bn_from);
392 BN_free(bn);
393 EVP_PKEY_free(pk);
394 EVP_PKEY_free(copy_pk);
395 EVP_PKEY_CTX_free(key_ctx);
396 EVP_PKEY_CTX_free(ctx);
397
398 return ret;
399 }
400
401 static int test_evp_pkey_get_bn_param_large(void)
402 {
403 int ret = 0;
404 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
405 EVP_PKEY *pk = NULL;
406 OSSL_PARAM_BLD *bld = NULL;
407 OSSL_PARAM *fromdata_params = NULL;
408 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
409 /*
410 * The buffer size chosen here for n_data larger than the buffer used
411 * internally in EVP_PKEY_get_bn_param.
412 */
413 static unsigned char n_data[2050];
414 static const unsigned char e_data[] = {
415 0x1, 0x00, 0x01
416 };
417 static const unsigned char d_data[]= {
418 0x99, 0x33, 0x13, 0x7b
419 };
420
421 /* N is a large buffer */
422 memset(n_data, 0xCE, sizeof(n_data));
423
424 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
425 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
426 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
427 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
428 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
429 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
430 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
431 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
432 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
433 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
434 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
435 fromdata_params))
436 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
437 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
438 || !TEST_BN_eq(n, n_out))
439 goto err;
440 ret = 1;
441 err:
442 BN_free(n_out);
443 BN_free(n);
444 BN_free(e);
445 BN_free(d);
446 EVP_PKEY_free(pk);
447 EVP_PKEY_CTX_free(key_ctx);
448 EVP_PKEY_CTX_free(ctx);
449 OSSL_PARAM_free(fromdata_params);
450 OSSL_PARAM_BLD_free(bld);
451 return ret;
452 }
453
454
455 #ifndef OPENSSL_NO_DH
456 static int test_fromdata_dh_named_group(void)
457 {
458 int ret = 0;
459 int gindex = 0, pcounter = 0, hindex = 0;
460 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
461 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
462 size_t len;
463 BIGNUM *pub = NULL, *priv = NULL;
464 BIGNUM *pub_out = NULL, *priv_out = NULL;
465 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
466 OSSL_PARAM *fromdata_params = NULL;
467 OSSL_PARAM_BLD *bld = NULL;
468 char name_out[80];
469 unsigned char seed_out[32];
470
471 /*
472 * DH key data was generated using the following:
473 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
474 * -pkeyopt priv_len:224 -text
475 */
476 static const unsigned char priv_data[] = {
477 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
478 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
479 0x87, 0xe8, 0xa9, 0x7b,
480 };
481 static const unsigned char pub_data[] = {
482 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
483 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
484 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
485 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
486 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
487 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
488 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
489 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
490 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
491 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
492 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
493 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
494 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
495 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
496 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
497 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
498 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
499 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
500 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
501 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
502 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
503 0xcf, 0x33, 0x42, 0x83, 0x42
504 };
505 static const char group_name[] = "ffdhe2048";
506 static const long priv_len = 224;
507
508 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
509 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
510 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
511 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
512 OSSL_PKEY_PARAM_GROUP_NAME,
513 group_name, 0))
514 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
515 priv_len))
516 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
517 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
518 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
519 goto err;
520
521 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
522 goto err;
523
524 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
525 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
526 fromdata_params)))
527 goto err;
528
529 while (dup_pk == NULL) {
530 ret = 0;
531 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
532 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
533 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
534 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
535 goto err;
536
537 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
538 OSSL_PKEY_PARAM_GROUP_NAME,
539 name_out,
540 sizeof(name_out),
541 &len))
542 || !TEST_str_eq(name_out, group_name)
543 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
544 &pub_out))
545
546 || !TEST_BN_eq(pub, pub_out)
547 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
548 &priv_out))
549 || !TEST_BN_eq(priv, priv_out)
550 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
551 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
552 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
553 || !TEST_ptr(q)
554 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
555 || !TEST_BN_eq(&ossl_bignum_const_2, g)
556 || !TEST_false(EVP_PKEY_get_bn_param(pk,
557 OSSL_PKEY_PARAM_FFC_COFACTOR,
558 &j))
559 || !TEST_ptr_null(j)
560 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
561 OSSL_PKEY_PARAM_FFC_SEED,
562 seed_out,
563 sizeof(seed_out),
564 &len))
565 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
566 &gindex))
567 || !TEST_int_eq(gindex, -1)
568 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
569 &hindex))
570 || !TEST_int_eq(hindex, 0)
571 || !TEST_true(EVP_PKEY_get_int_param(pk,
572 OSSL_PKEY_PARAM_FFC_PCOUNTER,
573 &pcounter))
574 || !TEST_int_eq(pcounter, -1))
575 goto err;
576 BN_free(p);
577 p = NULL;
578 BN_free(q);
579 q = NULL;
580 BN_free(g);
581 g = NULL;
582 BN_free(j);
583 j = NULL;
584 BN_free(pub_out);
585 pub_out = NULL;
586 BN_free(priv_out);
587 priv_out = NULL;
588
589 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
590 goto err;
591
592 if (!TEST_true(EVP_PKEY_check(key_ctx))
593 || !TEST_true(EVP_PKEY_public_check(key_ctx))
594 || !TEST_true(EVP_PKEY_private_check(key_ctx))
595 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
596 goto err;
597 EVP_PKEY_CTX_free(key_ctx);
598 key_ctx = NULL;
599
600 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
601 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
602 goto err;
603 EVP_PKEY_free(copy_pk);
604 copy_pk = NULL;
605
606 ret = test_print_key_using_pem("DH", pk)
607 && test_print_key_using_encoder("DH", pk);
608
609 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
610 goto err;
611 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
612 EVP_PKEY_free(pk);
613 pk = dup_pk;
614 if (!ret)
615 goto err;
616 }
617 err:
618 BN_free(p);
619 BN_free(q);
620 BN_free(g);
621 BN_free(j);
622 BN_free(pub);
623 BN_free(priv);
624 BN_free(pub_out);
625 BN_free(priv_out);
626 EVP_PKEY_free(copy_pk);
627 EVP_PKEY_free(pk);
628 EVP_PKEY_CTX_free(ctx);
629 EVP_PKEY_CTX_free(key_ctx);
630 OSSL_PARAM_free(fromdata_params);
631 OSSL_PARAM_BLD_free(bld);
632
633 return ret;
634 }
635
636 static int test_fromdata_dh_fips186_4(void)
637 {
638 int ret = 0;
639 int gindex = 0, pcounter = 0, hindex = 0;
640 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
641 EVP_PKEY *pk = NULL, *dup_pk = NULL;
642 size_t len;
643 BIGNUM *pub = NULL, *priv = NULL;
644 BIGNUM *pub_out = NULL, *priv_out = NULL;
645 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
646 OSSL_PARAM_BLD *bld = NULL;
647 OSSL_PARAM *fromdata_params = NULL;
648 char name_out[80];
649 unsigned char seed_out[32];
650
651 /*
652 * DH key data was generated using the following:
653 * openssl genpkey -algorithm DH
654 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
655 */
656 static const unsigned char priv_data[] = {
657 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
658 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
659 0x87, 0xe8, 0xa9, 0x7b,
660 };
661 static const unsigned char pub_data[] = {
662 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
663 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
664 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
665 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
666 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
667 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
668 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
669 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
670 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
671 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
672 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
673 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
674 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
675 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
676 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
677 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
678 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
679 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
680 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
681 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
682 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
683 0x33, 0x42, 0x83, 0x42
684 };
685 static const char group_name[] = "ffdhe2048";
686 static const long priv_len = 224;
687
688
689 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
690 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
691 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
692 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
693 OSSL_PKEY_PARAM_GROUP_NAME,
694 group_name, 0))
695 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
696 priv_len))
697 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
698 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
699 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
700 goto err;
701
702 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
703 goto err;
704
705 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
706 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
707 fromdata_params)))
708 goto err;
709
710 while (dup_pk == NULL) {
711 ret = 0;
712 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
713 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
714 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
715 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
716 goto err;
717
718 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
719 OSSL_PKEY_PARAM_GROUP_NAME,
720 name_out,
721 sizeof(name_out),
722 &len))
723 || !TEST_str_eq(name_out, group_name)
724 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
725 &pub_out))
726 || !TEST_BN_eq(pub, pub_out)
727 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
728 &priv_out))
729 || !TEST_BN_eq(priv, priv_out)
730 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
731 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
732 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
733 || !TEST_ptr(q)
734 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
735 || !TEST_BN_eq(&ossl_bignum_const_2, g)
736 || !TEST_false(EVP_PKEY_get_bn_param(pk,
737 OSSL_PKEY_PARAM_FFC_COFACTOR,
738 &j))
739 || !TEST_ptr_null(j)
740 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
741 OSSL_PKEY_PARAM_FFC_SEED,
742 seed_out,
743 sizeof(seed_out),
744 &len))
745 || !TEST_true(EVP_PKEY_get_int_param(pk,
746 OSSL_PKEY_PARAM_FFC_GINDEX,
747 &gindex))
748 || !TEST_int_eq(gindex, -1)
749 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
750 &hindex))
751 || !TEST_int_eq(hindex, 0)
752 || !TEST_true(EVP_PKEY_get_int_param(pk,
753 OSSL_PKEY_PARAM_FFC_PCOUNTER,
754 &pcounter))
755 || !TEST_int_eq(pcounter, -1))
756 goto err;
757 BN_free(p);
758 p = NULL;
759 BN_free(q);
760 q = NULL;
761 BN_free(g);
762 g = NULL;
763 BN_free(j);
764 j = NULL;
765 BN_free(pub_out);
766 pub_out = NULL;
767 BN_free(priv_out);
768 priv_out = NULL;
769
770 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
771 goto err;
772
773 if (!TEST_true(EVP_PKEY_check(key_ctx))
774 || !TEST_true(EVP_PKEY_public_check(key_ctx))
775 || !TEST_true(EVP_PKEY_private_check(key_ctx))
776 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
777 goto err;
778 EVP_PKEY_CTX_free(key_ctx);
779 key_ctx = NULL;
780
781 ret = test_print_key_using_pem("DH", pk)
782 && test_print_key_using_encoder("DH", pk);
783
784 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
785 goto err;
786 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
787 EVP_PKEY_free(pk);
788 pk = dup_pk;
789 if (!ret)
790 goto err;
791 }
792 err:
793 BN_free(p);
794 BN_free(q);
795 BN_free(g);
796 BN_free(j);
797 BN_free(pub);
798 BN_free(priv);
799 BN_free(pub_out);
800 BN_free(priv_out);
801 EVP_PKEY_free(pk);
802 EVP_PKEY_CTX_free(ctx);
803 EVP_PKEY_CTX_free(key_ctx);
804 OSSL_PARAM_free(fromdata_params);
805 OSSL_PARAM_BLD_free(bld);
806
807 return ret;
808 }
809
810 #endif
811
812
813
814 #ifndef OPENSSL_NO_EC
815 /* Array indexes used in test_fromdata_ecx */
816 # define PRIV_KEY 0
817 # define PUB_KEY 1
818
819 # define X25519_IDX 0
820 # define X448_IDX 1
821 # define ED25519_IDX 2
822 # define ED448_IDX 3
823
824 /*
825 * tst uses indexes 0 ... (3 * 4 - 1)
826 * For the 4 ECX key types (X25519_IDX..ED448_IDX)
827 * 0..3 = public + private key.
828 * 4..7 = private key (This will generate the public key from the private key)
829 * 8..11 = public key
830 */
831 static int test_fromdata_ecx(int tst)
832 {
833 int ret = 0;
834 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
835 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
836 const char *alg = NULL;
837 size_t len;
838 unsigned char out_pub[ED448_KEYLEN];
839 unsigned char out_priv[ED448_KEYLEN];
840 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
841
842 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
843 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
844 /* X25519: Keys from RFC 7748 6.1 */
845 {
846 /* Private Key */
847 {
848 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
849 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
850 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
851 0x2c, 0x2a
852 },
853 /* Public Key */
854 {
855 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
856 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
857 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
858 0x4e, 0x6a
859 }
860 },
861 /* X448: Keys from RFC 7748 6.2 */
862 {
863 /* Private Key */
864 {
865 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
866 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
867 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
868 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
869 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
870 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
871 },
872 /* Public Key */
873 {
874 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
875 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
876 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
877 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
878 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
879 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
880 }
881 },
882 /* ED25519: Keys from RFC 8032 */
883 {
884 /* Private Key */
885 {
886 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
887 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
888 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
889 0x7f, 0x60
890 },
891 /* Public Key */
892 {
893 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
894 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
895 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
896 0x51, 0x1a
897 }
898 },
899 /* ED448: Keys from RFC 8032 */
900 {
901 /* Private Key */
902 {
903 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
904 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
905 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
906 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
907 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
908 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
909 },
910 /* Public Key */
911 {
912 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
913 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
914 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
915 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
916 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
917 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
918 }
919 }
920 };
921 OSSL_PARAM x25519_fromdata_params[] = {
922 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
923 key_numbers[X25519_IDX][PRIV_KEY],
924 X25519_KEYLEN),
925 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
926 key_numbers[X25519_IDX][PUB_KEY],
927 X25519_KEYLEN),
928 OSSL_PARAM_END
929 };
930 OSSL_PARAM x448_fromdata_params[] = {
931 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
932 key_numbers[X448_IDX][PRIV_KEY],
933 X448_KEYLEN),
934 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
935 key_numbers[X448_IDX][PUB_KEY],
936 X448_KEYLEN),
937 OSSL_PARAM_END
938 };
939 OSSL_PARAM ed25519_fromdata_params[] = {
940 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
941 key_numbers[ED25519_IDX][PRIV_KEY],
942 ED25519_KEYLEN),
943 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
944 key_numbers[ED25519_IDX][PUB_KEY],
945 ED25519_KEYLEN),
946 OSSL_PARAM_END
947 };
948 OSSL_PARAM ed448_fromdata_params[] = {
949 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
950 key_numbers[ED448_IDX][PRIV_KEY],
951 ED448_KEYLEN),
952 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
953 key_numbers[ED448_IDX][PUB_KEY],
954 ED448_KEYLEN),
955 OSSL_PARAM_END
956 };
957 OSSL_PARAM *fromdata_params = NULL;
958 int bits = 0, security_bits = 0, size = 0;
959 OSSL_PARAM *orig_fromdata_params = NULL;
960
961 switch (tst & 3) {
962 case X25519_IDX:
963 fromdata_params = x25519_fromdata_params;
964 bits = X25519_BITS;
965 security_bits = X25519_SECURITY_BITS;
966 size = X25519_KEYLEN;
967 alg = "X25519";
968 break;
969
970 case X448_IDX:
971 fromdata_params = x448_fromdata_params;
972 bits = X448_BITS;
973 security_bits = X448_SECURITY_BITS;
974 size = X448_KEYLEN;
975 alg = "X448";
976 break;
977
978 case ED25519_IDX:
979 fromdata_params = ed25519_fromdata_params;
980 bits = ED25519_BITS;
981 security_bits = ED25519_SECURITY_BITS;
982 size = ED25519_SIGSIZE;
983 alg = "ED25519";
984 break;
985
986 case ED448_IDX:
987 fromdata_params = ed448_fromdata_params;
988 bits = ED448_BITS;
989 security_bits = ED448_SECURITY_BITS;
990 size = ED448_SIGSIZE;
991 alg = "ED448";
992 break;
993 default:
994 goto err;
995 }
996
997 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
998 if (!TEST_ptr(ctx))
999 goto err;
1000
1001 orig_fromdata_params = fromdata_params;
1002 if (tst > 7) {
1003 /* public key only */
1004 fromdata_params++;
1005 } else if (tst > 3) {
1006 /* private key only */
1007 params[0] = fromdata_params[0];
1008 params[1] = fromdata_params[2];
1009 fromdata_params = params;
1010 }
1011
1012 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1013 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1014 fromdata_params)))
1015 goto err;
1016
1017 while (dup_pk == NULL) {
1018 ret = 0;
1019 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1020 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1021 || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1022 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1023 goto err;
1024
1025 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1026 goto err;
1027 if (tst <= 7) {
1028 if (!TEST_true(EVP_PKEY_check(ctx2)))
1029 goto err;
1030 if (!TEST_true(EVP_PKEY_get_octet_string_param(
1031 pk, orig_fromdata_params[PRIV_KEY].key,
1032 out_priv, sizeof(out_priv), &len))
1033 || !TEST_mem_eq(out_priv, len,
1034 orig_fromdata_params[PRIV_KEY].data,
1035 orig_fromdata_params[PRIV_KEY].data_size)
1036 || !TEST_true(EVP_PKEY_get_octet_string_param(
1037 pk, orig_fromdata_params[PUB_KEY].key,
1038 out_pub, sizeof(out_pub), &len))
1039 || !TEST_mem_eq(out_pub, len,
1040 orig_fromdata_params[PUB_KEY].data,
1041 orig_fromdata_params[PUB_KEY].data_size))
1042 goto err;
1043 } else {
1044 /* The private key check should fail if there is only a public key */
1045 if (!TEST_true(EVP_PKEY_public_check(ctx2))
1046 || !TEST_false(EVP_PKEY_private_check(ctx2))
1047 || !TEST_false(EVP_PKEY_check(ctx2)))
1048 goto err;
1049 }
1050 EVP_PKEY_CTX_free(ctx2);
1051 ctx2 = NULL;
1052
1053 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1054 /* This should succeed because there are no parameters to copy */
1055 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1056 goto err;
1057 EVP_PKEY_free(copy_pk);
1058 copy_pk = NULL;
1059
1060 if (tst > 7)
1061 ret = test_print_key_using_encoder_public(alg, pk);
1062 else
1063 ret = test_print_key_using_pem(alg, pk)
1064 && test_print_key_using_encoder(alg, pk);
1065
1066 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1067 goto err;
1068 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1069 EVP_PKEY_free(pk);
1070 pk = dup_pk;
1071 if (!ret)
1072 goto err;
1073 }
1074
1075 err:
1076 EVP_PKEY_free(pk);
1077 EVP_PKEY_free(copy_pk);
1078 EVP_PKEY_CTX_free(ctx);
1079 EVP_PKEY_CTX_free(ctx2);
1080
1081 return ret;
1082 }
1083
1084 #define CURVE_NAME 2
1085
1086 static int test_fromdata_ec(void)
1087 {
1088 int ret = 0;
1089 EVP_PKEY_CTX *ctx = NULL;
1090 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1091 OSSL_PARAM_BLD *bld = NULL;
1092 BIGNUM *ec_priv_bn = NULL;
1093 BIGNUM *bn_priv = NULL;
1094 OSSL_PARAM *fromdata_params = NULL;
1095 const char *alg = "EC";
1096 const char *curve = "prime256v1";
1097 /* UNCOMPRESSED FORMAT */
1098 static const unsigned char ec_pub_keydata[] = {
1099 POINT_CONVERSION_UNCOMPRESSED,
1100 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1101 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1102 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1103 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1104 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1105 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1106 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1107 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1108 };
1109 static const unsigned char ec_priv_keydata[] = {
1110 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1111 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1112 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1113 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1114 };
1115 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1116 unsigned char out_pub[sizeof(ec_pub_keydata)];
1117 char out_curve_name[80];
1118 const OSSL_PARAM *gettable = NULL;
1119 size_t len;
1120 EC_GROUP *group = NULL;
1121 BIGNUM *group_a = NULL;
1122 BIGNUM *group_b = NULL;
1123 BIGNUM *group_p = NULL;
1124 BIGNUM *a = NULL;
1125 BIGNUM *b = NULL;
1126 BIGNUM *p = NULL;
1127
1128
1129 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1130 goto err;
1131 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1132 sizeof(ec_priv_keydata), NULL)))
1133 goto err;
1134
1135 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1136 curve, 0) <= 0)
1137 goto err;
1138 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1139 ec_pub_keydata,
1140 sizeof(ec_pub_keydata)) <= 0)
1141 goto err;
1142 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1143 goto err;
1144 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1145 goto err;
1146 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1147 if (!TEST_ptr(ctx))
1148 goto err;
1149
1150 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1151 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1152 fromdata_params)))
1153 goto err;
1154
1155 while (dup_pk == NULL) {
1156 ret = 0;
1157 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1158 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1159 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1160 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1161 goto err;
1162
1163 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1164 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1165 goto err;
1166 EVP_PKEY_free(copy_pk);
1167 copy_pk = NULL;
1168
1169 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1170 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1171 OSSL_PKEY_PARAM_GROUP_NAME))
1172 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1173 OSSL_PKEY_PARAM_PUB_KEY))
1174 || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1175 OSSL_PKEY_PARAM_PRIV_KEY)))
1176 goto err;
1177
1178 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1179 || !TEST_ptr(group_p = BN_new())
1180 || !TEST_ptr(group_a = BN_new())
1181 || !TEST_ptr(group_b = BN_new())
1182 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1183 goto err;
1184
1185 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1186 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1187 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1188 goto err;
1189
1190 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
1191 || !TEST_BN_eq(group_b, b))
1192 goto err;
1193
1194 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1195 out_curve_name,
1196 sizeof(out_curve_name),
1197 &len)
1198 || !TEST_str_eq(out_curve_name, curve)
1199 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1200 out_pub, sizeof(out_pub), &len)
1201 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1202 || !TEST_mem_eq(out_pub + 1, len - 1,
1203 ec_pub_keydata + 1, compressed_sz - 1)
1204 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1205 &bn_priv))
1206 || !TEST_BN_eq(ec_priv_bn, bn_priv))
1207 goto err;
1208 BN_free(bn_priv);
1209 bn_priv = NULL;
1210
1211 ret = test_print_key_using_pem(alg, pk)
1212 && test_print_key_using_encoder(alg, pk);
1213
1214 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1215 goto err;
1216 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1217 EVP_PKEY_free(pk);
1218 pk = dup_pk;
1219 if (!ret)
1220 goto err;
1221 }
1222
1223 err:
1224 EC_GROUP_free(group);
1225 BN_free(group_a);
1226 BN_free(group_b);
1227 BN_free(group_p);
1228 BN_free(a);
1229 BN_free(b);
1230 BN_free(p);
1231 BN_free(bn_priv);
1232 BN_free(ec_priv_bn);
1233 OSSL_PARAM_free(fromdata_params);
1234 OSSL_PARAM_BLD_free(bld);
1235 EVP_PKEY_free(pk);
1236 EVP_PKEY_free(copy_pk);
1237 EVP_PKEY_CTX_free(ctx);
1238 return ret;
1239 }
1240
1241 static int test_ec_dup_no_operation(void)
1242 {
1243 int ret = 0;
1244 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1245 EVP_PKEY *param = NULL, *pkey = NULL;
1246
1247 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1248 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1249 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1250 NID_X9_62_prime256v1), 0)
1251 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1252 || !TEST_ptr(param))
1253 goto err;
1254
1255 EVP_PKEY_CTX_free(pctx);
1256 pctx = NULL;
1257
1258 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1259 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1260 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1261 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1262 goto err;
1263 ret = 1;
1264 err:
1265 EVP_PKEY_free(pkey);
1266 EVP_PKEY_free(param);
1267 EVP_PKEY_CTX_free(ctx);
1268 EVP_PKEY_CTX_free(kctx);
1269 EVP_PKEY_CTX_free(pctx);
1270 return ret;
1271 }
1272
1273 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1274 static int test_ec_dup_keygen_operation(void)
1275 {
1276 int ret = 0;
1277 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
1278 EVP_PKEY *param = NULL, *pkey = NULL;
1279
1280 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1281 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1282 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1283 NID_X9_62_prime256v1), 0)
1284 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1285 || !TEST_ptr(param))
1286 goto err;
1287
1288 EVP_PKEY_CTX_free(pctx);
1289 pctx = NULL;
1290
1291 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1292 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1293 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1294 goto err;
1295 ret = 1;
1296 err:
1297 EVP_PKEY_free(pkey);
1298 EVP_PKEY_free(param);
1299 EVP_PKEY_CTX_free(ctx);
1300 EVP_PKEY_CTX_free(kctx);
1301 EVP_PKEY_CTX_free(pctx);
1302 return ret;
1303 }
1304
1305 #endif /* OPENSSL_NO_EC */
1306
1307 #ifndef OPENSSL_NO_DSA
1308 static int test_fromdata_dsa_fips186_4(void)
1309 {
1310 int ret = 0;
1311 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
1312 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
1313 BIGNUM *pub = NULL, *priv = NULL;
1314 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1315 BIGNUM *pub_out = NULL, *priv_out = NULL;
1316 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1317 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1318 char name_out[80];
1319 unsigned char seed_out[32];
1320 size_t len;
1321 OSSL_PARAM_BLD *bld = NULL;
1322 OSSL_PARAM *fromdata_params = NULL;
1323
1324 /*
1325 * DSA parameter data was generated using the following:
1326 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1327 * -pkeyopt qbits:256 -pkeyopt type:0 \
1328 * -pkeyopt gindex:1 -out dsa_params.pem -text
1329 */
1330 static const unsigned char p_data[] = {
1331 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1332 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1333 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1334 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1335 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1336 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1337 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1338 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1339 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1340 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1341 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1342 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1343 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1344 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1345 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1346 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1347 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1348 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1349 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1350 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1351 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1352 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1353 };
1354 static const unsigned char q_data[] = {
1355 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1356 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1357 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1358 };
1359 static const unsigned char g_data[] = {
1360 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1361 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1362 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1363 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1364 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1365 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1366 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1367 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1368 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1369 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1370 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1371 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1372 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1373 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1374 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1375 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1376 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1377 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1378 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1379 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1380 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1381 0x02, 0x6f, 0x96, 0x36
1382 };
1383 static const unsigned char seed_data[] = {
1384 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1385 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1386 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1387 };
1388 const int gindex = 1;
1389 const int pcounter = 53;
1390 /*
1391 * The keypair was generated using
1392 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1393 * -pkeyopt gindex:1 \
1394 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1395 */
1396 static const unsigned char priv_data[] = {
1397 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1398 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1399 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1400 };
1401 static const unsigned char pub_data[] = {
1402 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1403 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1404 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1405 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1406 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1407 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1408 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1409 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1410 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1411 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1412 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1413 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1414 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1415 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1416 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1417 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1418 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1419 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1420 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1421 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1422 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1423 0x48, 0xd1, 0x8a, 0xbd
1424 };
1425
1426 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1427 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1428 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1429 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1430 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1431 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1432
1433 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1434 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1435 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1436 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1437 OSSL_PKEY_PARAM_FFC_SEED,
1438 seed_data,
1439 sizeof(seed_data)))
1440 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1441 gindex))
1442 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1443 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1444 pcounter))
1445 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1446 pub))
1447 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1448 priv))
1449 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1450 goto err;
1451
1452 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1453 goto err;
1454
1455 if (!TEST_true(EVP_PKEY_fromdata_init(ctx))
1456 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1457 fromdata_params)))
1458 goto err;
1459
1460 while (dup_pk == NULL) {
1461 ret = 0;
1462 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1463 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1464 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1465 || !TEST_false(EVP_PKEY_missing_parameters(pk)))
1466 goto err;
1467
1468 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1469 OSSL_PKEY_PARAM_GROUP_NAME,
1470 name_out,
1471 sizeof(name_out),
1472 &len))
1473 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1474 &pub_out))
1475 || !TEST_BN_eq(pub, pub_out)
1476 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1477 &priv_out))
1478 || !TEST_BN_eq(priv, priv_out)
1479 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1480 &p_out))
1481 || !TEST_BN_eq(p, p_out)
1482 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1483 &q_out))
1484 || !TEST_BN_eq(q, q_out)
1485 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1486 &g_out))
1487 || !TEST_BN_eq(g, g_out)
1488 || !TEST_false(EVP_PKEY_get_bn_param(pk,
1489 OSSL_PKEY_PARAM_FFC_COFACTOR,
1490 &j_out))
1491 || !TEST_ptr_null(j_out)
1492 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1493 OSSL_PKEY_PARAM_FFC_SEED,
1494 seed_out,
1495 sizeof(seed_out),
1496 &len))
1497 || !TEST_true(EVP_PKEY_get_int_param(pk,
1498 OSSL_PKEY_PARAM_FFC_GINDEX,
1499 &gindex_out))
1500 || !TEST_int_eq(gindex, gindex_out)
1501 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1502 &hindex_out))
1503 || !TEST_int_eq(hindex_out, 0)
1504 || !TEST_true(EVP_PKEY_get_int_param(pk,
1505 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1506 &pcounter_out))
1507 || !TEST_int_eq(pcounter, pcounter_out))
1508 goto err;
1509 BN_free(p);
1510 p = NULL;
1511 BN_free(q);
1512 q = NULL;
1513 BN_free(g);
1514 g = NULL;
1515 BN_free(j_out);
1516 j_out = NULL;
1517 BN_free(pub_out);
1518 pub_out = NULL;
1519 BN_free(priv_out);
1520 priv_out = NULL;
1521
1522 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1523 goto err;
1524
1525 if (!TEST_true(EVP_PKEY_check(key_ctx))
1526 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1527 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1528 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1529 goto err;
1530 EVP_PKEY_CTX_free(key_ctx);
1531 key_ctx = NULL;
1532
1533 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1534 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1535 goto err;
1536 EVP_PKEY_free(copy_pk);
1537 copy_pk = NULL;
1538
1539 ret = test_print_key_using_pem("DSA", pk)
1540 && test_print_key_using_encoder("DSA", pk);
1541
1542 if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1543 goto err;
1544 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1545 EVP_PKEY_free(pk);
1546 pk = dup_pk;
1547 if (!ret)
1548 goto err;
1549 }
1550
1551 err:
1552 OSSL_PARAM_free(fromdata_params);
1553 OSSL_PARAM_BLD_free(bld);
1554 BN_free(p);
1555 BN_free(q);
1556 BN_free(g);
1557 BN_free(pub);
1558 BN_free(priv);
1559 BN_free(p_out);
1560 BN_free(q_out);
1561 BN_free(g_out);
1562 BN_free(pub_out);
1563 BN_free(priv_out);
1564 BN_free(j_out);
1565 EVP_PKEY_free(pk);
1566 EVP_PKEY_free(copy_pk);
1567 EVP_PKEY_CTX_free(ctx);
1568 EVP_PKEY_CTX_free(key_ctx);
1569
1570 return ret;
1571 }
1572
1573 static int test_check_dsa(void)
1574 {
1575 int ret = 0;
1576 EVP_PKEY_CTX *ctx = NULL;
1577
1578 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1579 || !TEST_false(EVP_PKEY_check(ctx))
1580 || !TEST_false(EVP_PKEY_public_check(ctx))
1581 || !TEST_false(EVP_PKEY_private_check(ctx))
1582 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1583 goto err;
1584
1585 ret = 1;
1586 err:
1587 EVP_PKEY_CTX_free(ctx);
1588
1589 return ret;
1590 }
1591 #endif /* OPENSSL_NO_DSA */
1592
1593
1594 int setup_tests(void)
1595 {
1596 if (!test_skip_common_options()) {
1597 TEST_error("Error parsing test options\n");
1598 return 0;
1599 }
1600
1601 if (!TEST_ptr(datadir = test_get_argument(0)))
1602 return 0;
1603
1604 ADD_TEST(test_evp_pkey_get_bn_param_large);
1605 ADD_TEST(test_fromdata_rsa);
1606 #ifndef OPENSSL_NO_DH
1607 ADD_TEST(test_fromdata_dh_fips186_4);
1608 ADD_TEST(test_fromdata_dh_named_group);
1609 #endif
1610 #ifndef OPENSSL_NO_DSA
1611 ADD_TEST(test_check_dsa);
1612 ADD_TEST(test_fromdata_dsa_fips186_4);
1613 #endif
1614 #ifndef OPENSSL_NO_EC
1615 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1616 ADD_TEST(test_fromdata_ec);
1617 ADD_TEST(test_ec_dup_no_operation);
1618 ADD_TEST(test_ec_dup_keygen_operation);
1619 #endif
1620 return 1;
1621 }
A mirror of the official openssl repository